29 #define MWIFIEX_MAX_CHANNELS_PER_SPECIFIC_SCAN 14
31 #define MWIFIEX_DEF_CHANNELS_PER_SCAN_CMD 4
32 #define MWIFIEX_LIMIT_1_CHANNEL_PER_SCAN_CMD 15
33 #define MWIFIEX_LIMIT_2_CHANNELS_PER_SCAN_CMD 27
34 #define MWIFIEX_LIMIT_3_CHANNELS_PER_SCAN_CMD 35
37 #define CHAN_TLV_MAX_SIZE (sizeof(struct mwifiex_ie_types_header) \
38 + (MWIFIEX_MAX_CHANNELS_PER_SPECIFIC_SCAN \
39 *sizeof(struct mwifiex_chan_scan_param_set)))
42 #define RATE_TLV_MAX_SIZE (sizeof(struct mwifiex_ie_types_rates_param_set) \
43 + HOSTCMD_SUPPORTED_RATES)
47 #define WILDCARD_SSID_TLV_MAX_SIZE \
48 (MWIFIEX_MAX_SSID_LIST_LENGTH * \
49 (sizeof(struct mwifiex_ie_types_wildcard_ssid_params) \
50 + IEEE80211_MAX_SSID_LEN))
53 #define MAX_SCAN_CFG_ALLOC (sizeof(struct mwifiex_scan_cmd_config) \
54 + sizeof(struct mwifiex_ie_types_num_probes) \
55 + sizeof(struct mwifiex_ie_types_htcap) \
58 + WILDCARD_SSID_TLV_MAX_SIZE)
74 { 0x00, 0x50, 0xf2, 0x02 },
75 { 0x00, 0x50, 0xf2, 0x04 },
78 { 0x00, 0x0f, 0xac, 0x02 },
79 { 0x00, 0x0f, 0xac, 0x04 },
89 mwifiex_search_oui_in_ie(
struct ie_body *iebody,
u8 *
oui)
105 iebody = (
struct ie_body *) ((
u8 *) iebody +
109 pr_debug(
"info: %s: OUI is not found in PTK\n", __func__);
132 oui = &mwifiex_rsn_oui[
cipher][0];
133 ret = mwifiex_search_oui_in_ie(iebody, oui);
155 ((*(bss_desc->
bcn_wpa_ie)).vend_hdr.element_id ==
158 oui = &mwifiex_wpa_oui[cipher][0];
159 ret = mwifiex_search_oui_in_ie(iebody, oui);
204 ((*(bss_desc->
bcn_wpa_ie)).vend_hdr.element_id !=
207 ((*(bss_desc->
bcn_rsn_ie)).ieee_hdr.element_id !=
247 " wpa_ie=%#x wpa2_ie=%#x WEP=%s WPA=%s WPA2=%s "
248 "EncMode=%#x privacy=%#x\n", __func__,
251 vend_hdr.element_id : 0,
254 ieee_hdr.element_id : 0,
255 (priv->
sec_info.wep_enabled) ?
"e" :
"d",
256 (priv->
sec_info.wpa_enabled) ?
"e" :
"d",
257 (priv->
sec_info.wpa2_enabled) ?
"e" :
"d",
283 " wpa_ie=%#x wpa2_ie=%#x WEP=%s WPA=%s WPA2=%s "
284 "EncMode=%#x privacy=%#x\n", __func__,
287 vend_hdr.element_id : 0,
290 ieee_hdr.element_id : 0,
291 (priv->
sec_info.wep_enabled) ?
"e" :
"d",
292 (priv->
sec_info.wpa_enabled) ?
"e" :
"d",
293 (priv->
sec_info.wpa2_enabled) ?
"e" :
"d",
337 "WEP: wpa_ie=%#x wpa2_ie=%#x "
338 "EncMode=%#x privacy=%#x\n",
342 vend_hdr.element_id : 0,
345 ieee_hdr.element_id : 0,
385 if (priv->
wps.session_enable) {
387 "info: return success directly in WPS period\n");
391 if (mwifiex_is_bss_wapi(priv, bss_desc)) {
392 dev_dbg(adapter->
dev,
"info: return success for WAPI AP\n");
397 if (mwifiex_is_bss_no_sec(priv, bss_desc)) {
400 }
else if (mwifiex_is_bss_static_wep(priv, bss_desc)) {
402 dev_dbg(adapter->
dev,
"info: Disable 11n in WEP mode.\n");
405 }
else if (mwifiex_is_bss_wpa(priv, bss_desc)) {
410 !mwifiex_is_wpa_oui_present(bss_desc,
413 if (mwifiex_is_wpa_oui_present
416 "info: Disable 11n if AES "
417 "is not supported by AP\n");
424 }
else if (mwifiex_is_bss_wpa2(priv, bss_desc)) {
429 !mwifiex_is_rsn_oui_present(bss_desc,
432 if (mwifiex_is_rsn_oui_present
435 "info: Disable 11n if AES "
436 "is not supported by AP\n");
443 }
else if (mwifiex_is_bss_adhoc_aes(priv, bss_desc)) {
446 }
else if (mwifiex_is_bss_dynamic_wep(priv, bss_desc)) {
453 "info: %s: failed: wpa_ie=%#x wpa2_ie=%#x WEP=%s "
454 "WPA=%s WPA2=%s EncMode=%#x privacy=%#x\n", __func__,
456 (*(bss_desc->
bcn_wpa_ie)).vend_hdr.element_id : 0,
458 (*(bss_desc->
bcn_rsn_ie)).ieee_hdr.element_id : 0,
459 (priv->
sec_info.wep_enabled) ?
"e" :
"d",
460 (priv->
sec_info.wpa_enabled) ?
"e" :
"d",
461 (priv->
sec_info.wpa2_enabled) ?
"e" :
"d",
493 if (!priv->
wdev->wiphy->bands[band])
496 sband = priv->
wdev->wiphy->bands[band];
508 chan_list[0].scan_time);
548 u32 max_chan_per_scan,
u8 filtered_scan,
562 if (!scan_cfg_out || !chan_tlv_out || !scan_chan_list) {
564 "info: Scan: Null detect: %p, %p, %p\n",
565 scan_cfg_out, chan_tlv_out, scan_chan_list);
573 tmp_chan_list = scan_chan_list;
582 chan_tlv_out->
header.len = 0;
583 start_chan = tmp_chan_list;
595 while (tlv_idx < max_chan_per_scan &&
599 "info: Scan: Chan(%3d), Radio(%d),"
600 " Mode(%d, %d), Dur(%d)\n",
617 le16_add_cpu(&chan_tlv_out->
header.len,
632 (
sizeof(chan_tlv_out->
header)
648 if (!filtered_scan &&
661 if (!filtered_scan &&
672 " is over limit (%dms), scan skipped\n",
678 priv->
adapter->scan_channels = start_chan;
721 u8 *max_chan_per_scan,
u8 *filtered_scan,
722 u8 *scan_current_only)
753 tlv_pos = scan_cfg_out->
tlv_buf;
757 *filtered_scan =
false;
762 *scan_current_only =
false;
792 for (i = 0; i < user_scan_in->
num_ssids; i++) {
793 ssid_len = user_scan_in->
ssid_list[
i].ssid_len;
798 wildcard_ssid_tlv->
header.type =
801 (
u16) (ssid_len +
sizeof(wildcard_ssid_tlv->
817 user_scan_in->
ssid_list[i].ssid, ssid_len);
819 tlv_pos += (
sizeof(wildcard_ssid_tlv->
header)
822 dev_dbg(adapter->
dev,
"info: scan: ssid[%d]: %s, %d\n",
823 i, wildcard_ssid_tlv->
ssid,
840 if ((i && ssid_filter) ||
842 *filtered_scan =
true;
861 dev_dbg(adapter->
dev,
"info: scan: num_probes = %d\n",
866 num_probes_tlv->
header.len =
870 tlv_pos +=
sizeof(num_probes_tlv->
header) +
876 memset(rates, 0,
sizeof(rates));
884 tlv_pos +=
sizeof(rates_tlv->
header) + rates_size;
886 dev_dbg(adapter->
dev,
"info: SCAN_CMD: Rates size = %d\n", rates_size);
914 if (user_scan_in && user_scan_in->
chan_list[0].chan_number) {
916 dev_dbg(adapter->
dev,
"info: Scan: Using supplied channel list\n");
920 user_scan_in->
chan_list[chan_idx].chan_number;
923 channel = user_scan_in->
chan_list[chan_idx].chan_number;
924 (scan_chan_list + chan_idx)->chan_number = channel;
927 user_scan_in->
chan_list[chan_idx].radio_type;
928 (scan_chan_list + chan_idx)->radio_type = radio_type;
930 scan_type = user_scan_in->
chan_list[chan_idx].scan_type;
934 chan_idx)->chan_scan_mode_bitmap
938 chan_idx)->chan_scan_mode_bitmap
941 if (user_scan_in->
chan_list[chan_idx].scan_time) {
942 scan_dur = (
u16) user_scan_in->
943 chan_list[chan_idx].scan_time;
947 else if (*filtered_scan)
953 (scan_chan_list + chan_idx)->min_scan_time =
955 (scan_chan_list + chan_idx)->max_scan_time =
960 if ((chan_idx == 1) &&
961 (user_scan_in->
chan_list[0].chan_number ==
963 *scan_current_only =
true;
965 "info: Scan: Scanning current channel only\n");
970 "info: Scan: Creating full region channel list\n");
971 chan_num = mwifiex_scan_create_channel_list(priv, user_scan_in,
984 *max_chan_per_scan = 1;
986 *max_chan_per_scan = 2;
988 *max_chan_per_scan = 3;
990 *max_chan_per_scan = 4;
1006 u32 tlv_buf_size,
u32 req_tlv_type,
1015 tlv_buf_left = tlv_buf_size;
1018 dev_dbg(adapter->
dev,
"info: SCAN_RESP: tlv_buf_size = %d\n",
1026 if (
sizeof(tlv->
header) + tlv_len > tlv_buf_left) {
1027 dev_err(adapter->
dev,
"SCAN_RESP: TLV buffer corrupt\n");
1031 if (req_tlv_type == tlv_type) {
1034 dev_dbg(adapter->
dev,
"info: SCAN_RESP: TSF "
1035 "timestamp TLV, len = %d\n", tlv_len);
1036 *tlv_data = current_tlv;
1039 dev_dbg(adapter->
dev,
"info: SCAN_RESP: channel"
1040 " band list TLV, len = %d\n", tlv_len);
1041 *tlv_data = current_tlv;
1045 "SCAN_RESP: unhandled TLV = %d\n",
1056 tlv_buf_left -= (
sizeof(tlv->
header) + tlv_len);
1083 u8 found_data_rate_ie;
1086 const u8 wpa_oui[4] = { 0x00, 0x50, 0xf2, 0x01 };
1087 const u8 wmm_oui[4] = { 0x00, 0x50, 0xf2, 0x02 };
1089 found_data_rate_ie =
false;
1095 while (bytes_left >= 2) {
1096 element_id = *current_ptr;
1097 element_len = *(current_ptr + 1);
1100 if (bytes_left < total_ie_len) {
1101 dev_err(adapter->
dev,
"err: InterpretIE: in processing"
1102 " IE, bytes left < IE length\n");
1105 switch (element_id) {
1107 bss_entry->
ssid.ssid_len = element_len;
1108 memcpy(bss_entry->
ssid.ssid, (current_ptr + 2),
1111 "info: InterpretIE: ssid: %-32s\n",
1112 bss_entry->
ssid.ssid);
1120 rate_size = element_len;
1121 found_data_rate_ie =
true;
1161 bss_entry->
erp_flags = *(current_ptr + 2);
1171 if (found_data_rate_ie) {
1172 if ((element_len + rate_size) >
1178 bytes_to_copy = element_len;
1182 memcpy(rate, current_ptr + 2, bytes_to_copy);
1186 memcpy(rate, current_ptr + 2, bytes_to_copy);
1213 memcpy((u8 *) &bss_entry->
wmm_ie,
1214 current_ptr, total_ie_len);
1263 current_ptr += element_len + 2;
1266 bytes_left -= (element_len + 2);
1277 mwifiex_radio_type_to_band(
u8 radio_type)
1279 switch (radio_type) {
1307 u8 scan_current_chan_only;
1308 u8 max_chan_per_scan;
1309 unsigned long flags;
1312 dev_err(adapter->
dev,
"cmd: Scan already in process...\n");
1318 "cmd: Scan is blocked during association...\n");
1328 if (!scan_cfg_out) {
1329 dev_err(adapter->
dev,
"failed to alloc scan_cfg_out\n");
1336 scan_chan_list = kzalloc(buf_size,
GFP_KERNEL);
1337 if (!scan_chan_list) {
1338 dev_err(adapter->
dev,
"failed to alloc scan_chan_list\n");
1339 kfree(scan_cfg_out);
1344 mwifiex_config_scan(priv, user_scan_in, &scan_cfg_out->
config,
1345 &chan_list_out, scan_chan_list, &max_chan_per_scan,
1346 &filtered_scan, &scan_current_chan_only);
1348 ret = mwifiex_scan_channel_list(priv, max_chan_per_scan, filtered_scan,
1349 &scan_cfg_out->
config, chan_list_out,
1371 kfree(scan_cfg_out);
1372 kfree(scan_chan_list);
1404 sizeof(scan_cmd->
bssid));
1411 +
sizeof(scan_cmd->
bssid)
1434 ret = mwifiex_is_network_compatible(priv, bss_desc,
1438 "Incompatible network settings\n");
1448 static int mwifiex_update_curr_bss_params(
struct mwifiex_private *priv,
1453 unsigned long flags;
1543 unsigned long flags;
1555 dev_err(adapter->
dev,
"SCAN_RESP: too many AP returned (%d)\n",
1562 dev_dbg(adapter->
dev,
"info: SCAN_RESP: bss_descript_size %d\n",
1568 "info: SCAN_RESP: returned %d APs before parsing\n",
1579 tlv_buf_size = scan_resp_size - (bytes_left
1585 bss_desc_and_tlv_buffer +
1590 mwifiex_ret_802_11_scan_get_tlv_ptrs(adapter, tlv_data, tlv_buf_size,
1597 mwifiex_ret_802_11_scan_get_tlv_ptrs(adapter, tlv_data, tlv_buf_size,
1602 for (idx = 0; idx < scan_rsp->
number_of_sets && bytes_left; idx++) {
1609 u16 beacon_size = 0;
1613 u16 cap_info_bitmap;
1619 if (bytes_left >=
sizeof(beacon_size)) {
1621 memcpy(&beacon_size, bss_info,
sizeof(beacon_size));
1622 bytes_left -=
sizeof(beacon_size);
1623 bss_info +=
sizeof(beacon_size);
1626 if (!beacon_size || beacon_size > bytes_left) {
1627 bss_info += bytes_left;
1634 current_ptr = bss_info;
1637 bss_info += beacon_size;
1638 bytes_left -= beacon_size;
1640 curr_bcn_bytes = beacon_size;
1648 "InterpretIE: not enough bytes left\n");
1652 current_ptr +=
sizeof(*bcn_param);
1653 curr_bcn_bytes -=
sizeof(*bcn_param);
1658 rssi = (-rssi) * 100;
1659 dev_dbg(adapter->
dev,
"info: InterpretIE: RSSI=%d\n", rssi);
1665 dev_dbg(adapter->
dev,
"info: InterpretIE: capabilities=0x%X\n",
1669 ie_buf = current_ptr;
1670 ie_len = curr_bcn_bytes;
1672 "info: InterpretIE: IELength for this AP = %d\n",
1678 element_id = *current_ptr;
1679 element_len = *(current_ptr + 1);
1680 if (curr_bcn_bytes < element_len +
1683 "%s: bytes left < IE length\n",
1692 current_ptr += element_len +
1694 curr_bcn_bytes -= element_len +
1713 if (chan_band_tlv) {
1716 band = mwifiex_radio_type_to_band(
1723 freq = cfp ? cfp->
freq : 0;
1725 chan = ieee80211_get_channel(priv->
wdev->wiphy, freq);
1729 chan, bssid, timestamp,
1730 cap_info_bitmap, beacon_period,
1733 bss_priv->
band = band;
1734 bss_priv->
fw_tsf = fw_tsf;
1739 mwifiex_update_curr_bss_params(priv,
1744 dev_dbg(adapter->
dev,
"missing BSS channel IE\n");
1756 if (adapter->
curr_cmd->wait_q_enabled) {
1769 "info: %s: sending scan results\n", __func__);
1816 bg_query->
flush = 1;
1829 unsigned long flags;
1850 dev_err(adapter->
dev,
"cmd: Scan already in process...\n");
1856 "cmd: Scan is blocked during association...\n");
1862 dev_err(adapter->
dev,
"failed to alloc scan_cfg\n");
1896 priv->
adapter->scan_wait_q_woken =
false;
1898 if (req_ssid && req_ssid->
ssid_len != 0)
1900 ret = mwifiex_scan_specific_ssid(priv, req_ssid);
1923 int id, ret_len = 0;
1936 if (priv->
vs_ie[
id].mask & vsie_mask) {
1940 vs_param_set->
header.type =
1942 vs_param_set->
header.len =
1984 "failed to alloc curr_bcn_buf\n");