Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ieee80211_softmac.c
Go to the documentation of this file.
1 /* IEEE 802.11 SoftMAC layer
2  * Copyright (c) 2005 Andrea Merello <[email protected]>
3  *
4  * Mostly extracted from the rtl8180-sa2400 driver for the
5  * in-kernel generic ieee802.11 stack.
6  *
7  * Few lines might be stolen from other part of the ieee80211
8  * stack. Copyright who own it's copyright
9  *
10  * WPA code stolen from the ipw2200 driver.
11  * Copyright who own it's copyright.
12  *
13  * released under the GPL
14  */
15 
16 
17 #include "ieee80211.h"
18 
19 #include <linux/random.h>
20 #include <linux/delay.h>
21 #include <linux/slab.h>
22 #include <linux/interrupt.h>
23 #include <asm/uaccess.h>
24 #include <linux/etherdevice.h>
25 
26 #include "dot11d.h"
27 u8 rsn_authen_cipher_suite[16][4] = {
28  {0x00,0x0F,0xAC,0x00}, //Use group key, //Reserved
29  {0x00,0x0F,0xAC,0x01}, //WEP-40 //RSNA default
30  {0x00,0x0F,0xAC,0x02}, //TKIP //NONE //{used just as default}
31  {0x00,0x0F,0xAC,0x03}, //WRAP-historical
32  {0x00,0x0F,0xAC,0x04}, //CCMP
33  {0x00,0x0F,0xAC,0x05}, //WEP-104
34 };
35 
36 short ieee80211_is_54g(const struct ieee80211_network *net)
37 {
38  return (net->rates_ex_len > 0) || (net->rates_len > 4);
39 }
40 
41 short ieee80211_is_shortslot(const struct ieee80211_network *net)
42 {
43  return net->capability & WLAN_CAPABILITY_SHORT_SLOT;
44 }
45 
46 /* returns the total length needed for placing the RATE MFIE
47  * tag and the EXTENDED RATE MFIE tag if needed.
48  * It encludes two bytes per tag for the tag itself and its len
49  */
50 unsigned int ieee80211_MFIE_rate_len(struct ieee80211_device *ieee)
51 {
52  unsigned int rate_len = 0;
53 
54  if (ieee->modulation & IEEE80211_CCK_MODULATION)
55  rate_len = IEEE80211_CCK_RATE_LEN + 2;
56 
57  if (ieee->modulation & IEEE80211_OFDM_MODULATION)
58 
59  rate_len += IEEE80211_OFDM_RATE_LEN + 2;
60 
61  return rate_len;
62 }
63 
64 /* place the MFIE rate, tag to the memory (double) poised.
65  * Then it updates the pointer so that
66  * it points after the new MFIE tag added.
67  */
68 void ieee80211_MFIE_Brate(struct ieee80211_device *ieee, u8 **tag_p)
69 {
70  u8 *tag = *tag_p;
71 
72  if (ieee->modulation & IEEE80211_CCK_MODULATION){
73  *tag++ = MFIE_TYPE_RATES;
74  *tag++ = 4;
75  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_1MB;
76  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_2MB;
77  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_5MB;
78  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_11MB;
79  }
80 
81  /* We may add an option for custom rates that specific HW might support */
82  *tag_p = tag;
83 }
84 
85 void ieee80211_MFIE_Grate(struct ieee80211_device *ieee, u8 **tag_p)
86 {
87  u8 *tag = *tag_p;
88 
89  if (ieee->modulation & IEEE80211_OFDM_MODULATION){
90 
91  *tag++ = MFIE_TYPE_RATES_EX;
92  *tag++ = 8;
93  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_6MB;
94  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_9MB;
95  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_12MB;
96  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_18MB;
97  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_24MB;
98  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_36MB;
99  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_48MB;
100  *tag++ = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_54MB;
101 
102  }
103 
104  /* We may add an option for custom rates that specific HW might support */
105  *tag_p = tag;
106 }
107 
108 
109 void ieee80211_WMM_Info(struct ieee80211_device *ieee, u8 **tag_p) {
110  u8 *tag = *tag_p;
111 
112  *tag++ = MFIE_TYPE_GENERIC; //0
113  *tag++ = 7;
114  *tag++ = 0x00;
115  *tag++ = 0x50;
116  *tag++ = 0xf2;
117  *tag++ = 0x02;//5
118  *tag++ = 0x00;
119  *tag++ = 0x01;
120 #ifdef SUPPORT_USPD
121  if(ieee->current_network.wmm_info & 0x80) {
122  *tag++ = 0x0f|MAX_SP_Len;
123  } else {
124  *tag++ = MAX_SP_Len;
125  }
126 #else
127  *tag++ = MAX_SP_Len;
128 #endif
129  *tag_p = tag;
130 }
131 
132 void ieee80211_TURBO_Info(struct ieee80211_device *ieee, u8 **tag_p) {
133  u8 *tag = *tag_p;
134 
135  *tag++ = MFIE_TYPE_GENERIC; //0
136  *tag++ = 7;
137  *tag++ = 0x00;
138  *tag++ = 0xe0;
139  *tag++ = 0x4c;
140  *tag++ = 0x01;//5
141  *tag++ = 0x02;
142  *tag++ = 0x11;
143  *tag++ = 0x00;
144 
145  *tag_p = tag;
146  printk(KERN_ALERT "This is enable turbo mode IE process\n");
147 }
148 
149 void enqueue_mgmt(struct ieee80211_device *ieee, struct sk_buff *skb)
150 {
151  int nh;
152  nh = (ieee->mgmt_queue_head +1) % MGMT_QUEUE_NUM;
153 
154 /*
155  * if the queue is full but we have newer frames then
156  * just overwrites the oldest.
157  *
158  * if (nh == ieee->mgmt_queue_tail)
159  * return -1;
160  */
161  ieee->mgmt_queue_head = nh;
162  ieee->mgmt_queue_ring[nh] = skb;
163 
164  //return 0;
165 }
166 
167 struct sk_buff *dequeue_mgmt(struct ieee80211_device *ieee)
168 {
169  struct sk_buff *ret;
170 
171  if(ieee->mgmt_queue_tail == ieee->mgmt_queue_head)
172  return NULL;
173 
174  ret = ieee->mgmt_queue_ring[ieee->mgmt_queue_tail];
175 
176  ieee->mgmt_queue_tail =
177  (ieee->mgmt_queue_tail+1) % MGMT_QUEUE_NUM;
178 
179  return ret;
180 }
181 
182 void init_mgmt_queue(struct ieee80211_device *ieee)
183 {
184  ieee->mgmt_queue_tail = ieee->mgmt_queue_head = 0;
185 }
186 
187 
188 void ieee80211_sta_wakeup(struct ieee80211_device *ieee, short nl);
189 
190 inline void softmac_mgmt_xmit(struct sk_buff *skb, struct ieee80211_device *ieee)
191 {
192  unsigned long flags;
193  short single = ieee->softmac_features & IEEE_SOFTMAC_SINGLE_QUEUE;
194  struct ieee80211_hdr_3addr *header=
195  (struct ieee80211_hdr_3addr *) skb->data;
196 
197 
198  spin_lock_irqsave(&ieee->lock, flags);
199 
200  /* called with 2nd param 0, no mgmt lock required */
201  ieee80211_sta_wakeup(ieee,0);
202 
203  if(single){
204  if(ieee->queue_stop){
205 
206  enqueue_mgmt(ieee,skb);
207  }else{
208  header->seq_ctrl = cpu_to_le16(ieee->seq_ctrl[0]<<4);
209 
210  if (ieee->seq_ctrl[0] == 0xFFF)
211  ieee->seq_ctrl[0] = 0;
212  else
213  ieee->seq_ctrl[0]++;
214 
215  /* avoid watchdog triggers */
216  ieee->dev->trans_start = jiffies;
217  ieee->softmac_data_hard_start_xmit(skb,ieee->dev,ieee->basic_rate);
218  }
219 
220  spin_unlock_irqrestore(&ieee->lock, flags);
221  }else{
222  spin_unlock_irqrestore(&ieee->lock, flags);
223  spin_lock_irqsave(&ieee->mgmt_tx_lock, flags);
224 
225  header->seq_ctrl = cpu_to_le16(ieee->seq_ctrl[0] << 4);
226 
227  if (ieee->seq_ctrl[0] == 0xFFF)
228  ieee->seq_ctrl[0] = 0;
229  else
230  ieee->seq_ctrl[0]++;
231 
232  /* avoid watchdog triggers */
233  ieee->dev->trans_start = jiffies;
234  ieee->softmac_hard_start_xmit(skb,ieee->dev);
235 
236  spin_unlock_irqrestore(&ieee->mgmt_tx_lock, flags);
237  }
238 }
239 
240 
241 inline void softmac_ps_mgmt_xmit(struct sk_buff *skb, struct ieee80211_device *ieee)
242 {
243 
244  short single = ieee->softmac_features & IEEE_SOFTMAC_SINGLE_QUEUE;
245  struct ieee80211_hdr_3addr *header =
246  (struct ieee80211_hdr_3addr *) skb->data;
247 
248 
249  if(single){
250 
251  header->seq_ctrl = cpu_to_le16(ieee->seq_ctrl[0] << 4);
252 
253  if (ieee->seq_ctrl[0] == 0xFFF)
254  ieee->seq_ctrl[0] = 0;
255  else
256  ieee->seq_ctrl[0]++;
257 
258  /* avoid watchdog triggers */
259  ieee->dev->trans_start = jiffies;
260  ieee->softmac_data_hard_start_xmit(skb,ieee->dev,ieee->basic_rate);
261 
262  }else{
263 
264  header->seq_ctrl = cpu_to_le16(ieee->seq_ctrl[0] << 4);
265 
266  if (ieee->seq_ctrl[0] == 0xFFF)
267  ieee->seq_ctrl[0] = 0;
268  else
269  ieee->seq_ctrl[0]++;
270 
271  /* avoid watchdog triggers */
272  ieee->dev->trans_start = jiffies;
273  ieee->softmac_hard_start_xmit(skb,ieee->dev);
274 
275  }
276 // dev_kfree_skb_any(skb);//edit by thomas
277 }
278 //by amy for power save
279 inline struct sk_buff *ieee80211_disassociate_skb(
280  struct ieee80211_network *beacon,
281  struct ieee80211_device *ieee,
282  u8 asRsn)
283 {
284  struct sk_buff *skb;
285  struct ieee80211_disassoc_frame *disass;
286 
287  skb = dev_alloc_skb(sizeof(struct ieee80211_disassoc_frame));
288  if (!skb)
289  return NULL;
290 
291  disass = (struct ieee80211_disassoc_frame *) skb_put(skb,sizeof(struct ieee80211_disassoc_frame));
292  disass->header.frame_control = cpu_to_le16(IEEE80211_STYPE_DISASSOC);
293  disass->header.duration_id = 0;
294 
295  memcpy(disass->header.addr1, beacon->bssid, ETH_ALEN);
296  memcpy(disass->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
297  memcpy(disass->header.addr3, beacon->bssid, ETH_ALEN);
298 
299  disass->reasoncode = asRsn;
300  return skb;
301 }
302 void
303 SendDisassociation(
304  struct ieee80211_device *ieee,
305  u8* asSta,
306  u8 asRsn
307 )
308 {
309  struct ieee80211_network *beacon = &ieee->current_network;
310  struct sk_buff *skb;
311  skb = ieee80211_disassociate_skb(beacon,ieee,asRsn);
312  if (skb){
313  softmac_mgmt_xmit(skb, ieee);
314  //dev_kfree_skb_any(skb);//edit by thomas
315  }
316 }
317 
318 //by amy for power save
319 inline struct sk_buff *ieee80211_probe_req(struct ieee80211_device *ieee)
320 {
321  unsigned int len,rate_len;
322  u8 *tag;
323  struct sk_buff *skb;
324  struct ieee80211_probe_request *req;
325 
326  len = ieee->current_network.ssid_len;
327 
328  rate_len = ieee80211_MFIE_rate_len(ieee);
329 
330  skb = dev_alloc_skb(sizeof(struct ieee80211_probe_request) +
331  2 + len + rate_len);
332  if (!skb)
333  return NULL;
334 
335  req = (struct ieee80211_probe_request *) skb_put(skb,sizeof(struct ieee80211_probe_request));
336  req->header.frame_ctl = cpu_to_le16(IEEE80211_STYPE_PROBE_REQ);
337  req->header.duration_id = 0; //FIXME: is this OK ?
338 
339  memset(req->header.addr1, 0xff, ETH_ALEN);
340  memcpy(req->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
341  memset(req->header.addr3, 0xff, ETH_ALEN);
342 
343  tag = (u8 *) skb_put(skb,len+2+rate_len);
344 
345  *tag++ = MFIE_TYPE_SSID;
346  *tag++ = len;
347  memcpy(tag, ieee->current_network.ssid, len);
348  tag += len;
349  ieee80211_MFIE_Brate(ieee,&tag);
350  ieee80211_MFIE_Grate(ieee,&tag);
351 
352  return skb;
353 }
354 
355 struct sk_buff *ieee80211_get_beacon_(struct ieee80211_device *ieee);
356 
357 void ext_ieee80211_send_beacon_wq(struct ieee80211_device *ieee)
358 {
359  struct sk_buff *skb;
360 
361  //unsigned long flags;
362 
363  skb = ieee80211_get_beacon_(ieee);
364 
365  if (skb){
366  softmac_mgmt_xmit(skb, ieee);
367  ieee->softmac_stats.tx_beacons++;
368  dev_kfree_skb_any(skb);//edit by thomas
369  }
370 
371 
372  //printk(KERN_WARNING "[1] beacon sending!\n");
373  ieee->beacon_timer.expires = jiffies +
374  (MSECS( ieee->current_network.beacon_interval -5));
375 
376  //spin_lock_irqsave(&ieee->beacon_lock,flags);
377  if(ieee->beacon_txing)
378  add_timer(&ieee->beacon_timer);
379  //spin_unlock_irqrestore(&ieee->beacon_lock,flags);
380 }
381 
382 void ieee80211_send_beacon(struct ieee80211_device *ieee)
383 {
384  struct sk_buff *skb;
385 
386  //unsigned long flags;
387 
388  skb = ieee80211_get_beacon_(ieee);
389 
390  if (skb){
391  softmac_mgmt_xmit(skb, ieee);
392  ieee->softmac_stats.tx_beacons++;
393  dev_kfree_skb_any(skb);//edit by thomas
394  }
395 
396  //printk(KERN_WARNING "[1] beacon sending!\n");
397  ieee->beacon_timer.expires = jiffies +
398  (MSECS( ieee->current_network.beacon_interval -5));
399 
400  //spin_lock_irqsave(&ieee->beacon_lock,flags);
401  if(ieee->beacon_txing)
402  add_timer(&ieee->beacon_timer);
403  //spin_unlock_irqrestore(&ieee->beacon_lock,flags);
404 }
405 
406 
407 void ieee80211_send_beacon_cb(unsigned long _ieee)
408 {
409  struct ieee80211_device *ieee =
410  (struct ieee80211_device *) _ieee;
411  unsigned long flags;
412 
413  spin_lock_irqsave(&ieee->beacon_lock, flags);
414  ieee80211_send_beacon(ieee);
415  spin_unlock_irqrestore(&ieee->beacon_lock, flags);
416 }
417 
418 void ieee80211_send_probe(struct ieee80211_device *ieee)
419 {
420  struct sk_buff *skb;
421 
422  skb = ieee80211_probe_req(ieee);
423  if (skb){
424  softmac_mgmt_xmit(skb, ieee);
425  ieee->softmac_stats.tx_probe_rq++;
426  //dev_kfree_skb_any(skb);//edit by thomas
427  }
428 }
429 
430 void ieee80211_send_probe_requests(struct ieee80211_device *ieee)
431 {
432  if (ieee->active_scan && (ieee->softmac_features & IEEE_SOFTMAC_PROBERQ)){
433  ieee80211_send_probe(ieee);
434  ieee80211_send_probe(ieee);
435  }
436 }
437 
438 /* this performs syncro scan blocking the caller until all channels
439  * in the allowed channel map has been checked.
440  */
441 void ieee80211_softmac_scan_syncro(struct ieee80211_device *ieee)
442 {
443  short ch = 0;
444  u8 channel_map[MAX_CHANNEL_NUMBER+1];
445  memcpy(channel_map, GET_DOT11D_INFO(ieee)->channel_map, MAX_CHANNEL_NUMBER+1);
446  down(&ieee->scan_sem);
447 // printk("==================> Sync scan\n");
448 
449  while(1)
450  {
451 
452  do{
453  ch++;
454  if (ch > MAX_CHANNEL_NUMBER)
455  goto out; /* scan completed */
456 
457  }while(!channel_map[ch]);
458  /* this function can be called in two situations
459  * 1- We have switched to ad-hoc mode and we are
460  * performing a complete syncro scan before conclude
461  * there are no interesting cell and to create a
462  * new one. In this case the link state is
463  * IEEE80211_NOLINK until we found an interesting cell.
464  * If so the ieee8021_new_net, called by the RX path
465  * will set the state to IEEE80211_LINKED, so we stop
466  * scanning
467  * 2- We are linked and the root uses run iwlist scan.
468  * So we switch to IEEE80211_LINKED_SCANNING to remember
469  * that we are still logically linked (not interested in
470  * new network events, despite for updating the net list,
471  * but we are temporarily 'unlinked' as the driver shall
472  * not filter RX frames and the channel is changing.
473  * So the only situation in witch are interested is to check
474  * if the state become LINKED because of the #1 situation
475  */
476 
477  if (ieee->state == IEEE80211_LINKED)
478  goto out;
479 
480  ieee->set_chan(ieee->dev, ch);
481 // printk("=====>channel=%d ",ch);
482  if(channel_map[ch] == 1)
483  {
484 // printk("====send probe request\n");
485  ieee80211_send_probe_requests(ieee);
486  }
487  /* this prevent excessive time wait when we
488  * need to wait for a syncro scan to end..
489  */
490  if (ieee->sync_scan_hurryup)
491  goto out;
492 
493 
494  msleep_interruptible_rtl(IEEE80211_SOFTMAC_SCAN_TIME);
495 
496  }
497 out:
498  ieee->sync_scan_hurryup = 0;
499  up(&ieee->scan_sem);
500  if(IS_DOT11D_ENABLE(ieee))
501  DOT11D_ScanComplete(ieee);
502 }
503 
504 void ieee80211_softmac_ips_scan_syncro(struct ieee80211_device *ieee)
505 {
506  int ch;
507  unsigned int watch_dog = 0;
508  u8 channel_map[MAX_CHANNEL_NUMBER+1];
509  memcpy(channel_map, GET_DOT11D_INFO(ieee)->channel_map, MAX_CHANNEL_NUMBER+1);
510  down(&ieee->scan_sem);
511  ch = ieee->current_network.channel;
512 // if(ieee->sync_scan_hurryup)
513 // {
514 
515 // printk("stop scan sync\n");
516 // goto out;
517 // }
518 // printk("=======hh===============>ips scan\n");
519  while(1)
520  {
521  /* this function can be called in two situations
522  * 1- We have switched to ad-hoc mode and we are
523  * performing a complete syncro scan before conclude
524  * there are no interesting cell and to create a
525  * new one. In this case the link state is
526  * IEEE80211_NOLINK until we found an interesting cell.
527  * If so the ieee8021_new_net, called by the RX path
528  * will set the state to IEEE80211_LINKED, so we stop
529  * scanning
530  * 2- We are linked and the root uses run iwlist scan.
531  * So we switch to IEEE80211_LINKED_SCANNING to remember
532  * that we are still logically linked (not interested in
533  * new network events, despite for updating the net list,
534  * but we are temporarily 'unlinked' as the driver shall
535  * not filter RX frames and the channel is changing.
536  * So the only situation in witch are interested is to check
537  * if the state become LINKED because of the #1 situation
538  */
539  if (ieee->state == IEEE80211_LINKED)
540  {
541  goto out;
542  }
543  if(channel_map[ieee->current_network.channel] > 0)
544  {
545  ieee->set_chan(ieee->dev, ieee->current_network.channel);
546 // printk("======>channel=%d ",ieee->current_network.channel);
547  }
548  if(channel_map[ieee->current_network.channel] == 1)
549  {
550 // printk("====send probe request\n");
551  ieee80211_send_probe_requests(ieee);
552  }
553  /* this prevent excessive time wait when we
554  * need to wait for a syncro scan to end..
555  */
556 // if (ieee->sync_scan_hurryup)
557 // goto out;
558 
559  msleep_interruptible_rtl(IEEE80211_SOFTMAC_SCAN_TIME);
560 
561  do{
562  if (watch_dog++ >= MAX_CHANNEL_NUMBER)
563  // if (++watch_dog >= 15);//MAX_CHANNEL_NUMBER) //YJ,modified,080630
564  goto out; /* scan completed */
565 
566  ieee->current_network.channel = (ieee->current_network.channel + 1)%MAX_CHANNEL_NUMBER;
567  }while(!channel_map[ieee->current_network.channel]);
568  }
569 out:
570  //ieee->sync_scan_hurryup = 0;
571  //ieee->set_chan(ieee->dev, ch);
572  //ieee->current_network.channel = ch;
573  ieee->actscanning = false;
574  up(&ieee->scan_sem);
575  if(IS_DOT11D_ENABLE(ieee))
576  DOT11D_ScanComplete(ieee);
577 }
578 
579 void ieee80211_softmac_scan_wq(struct work_struct *work)
580 {
581  struct delayed_work *dwork = to_delayed_work(work);
582  struct ieee80211_device *ieee = container_of(dwork, struct ieee80211_device, softmac_scan_wq);
583  static short watchdog = 0;
584  u8 channel_map[MAX_CHANNEL_NUMBER+1];
585  memcpy(channel_map, GET_DOT11D_INFO(ieee)->channel_map, MAX_CHANNEL_NUMBER+1);
586 // printk("ieee80211_softmac_scan_wq ENABLE_IPS\n");
587 // printk("in %s\n",__func__);
588  down(&ieee->scan_sem);
589 
590  do{
591  ieee->current_network.channel =
592  (ieee->current_network.channel + 1) % MAX_CHANNEL_NUMBER;
593  if (watchdog++ > MAX_CHANNEL_NUMBER)
594  goto out; /* no good chans */
595 
596  }while(!channel_map[ieee->current_network.channel]);
597 
598  //printk("current_network.channel:%d\n", ieee->current_network.channel);
599  if (ieee->scanning == 0 )
600  {
601  printk("error out, scanning = 0\n");
602  goto out;
603  }
604  ieee->set_chan(ieee->dev, ieee->current_network.channel);
605  if(channel_map[ieee->current_network.channel] == 1)
606  ieee80211_send_probe_requests(ieee);
607 
608  queue_delayed_work(ieee->wq, &ieee->softmac_scan_wq, IEEE80211_SOFTMAC_SCAN_TIME);
609  up(&ieee->scan_sem);
610  return;
611 out:
612  ieee->actscanning = false;
613  watchdog = 0;
614  ieee->scanning = 0;
615  up(&ieee->scan_sem);
616 
617  if(IS_DOT11D_ENABLE(ieee))
618  DOT11D_ScanComplete(ieee);
619  return;
620 }
621 
622 void ieee80211_beacons_start(struct ieee80211_device *ieee)
623 {
624  unsigned long flags;
625 
626  spin_lock_irqsave(&ieee->beacon_lock,flags);
627 
628  ieee->beacon_txing = 1;
629  ieee80211_send_beacon(ieee);
630 
631  spin_unlock_irqrestore(&ieee->beacon_lock,flags);
632 }
633 
634 void ieee80211_beacons_stop(struct ieee80211_device *ieee)
635 {
636  unsigned long flags;
637 
638  spin_lock_irqsave(&ieee->beacon_lock,flags);
639 
640  ieee->beacon_txing = 0;
641  del_timer_sync(&ieee->beacon_timer);
642 
643  spin_unlock_irqrestore(&ieee->beacon_lock,flags);
644 
645 }
646 
647 
648 void ieee80211_stop_send_beacons(struct ieee80211_device *ieee)
649 {
650  if(ieee->stop_send_beacons)
651  ieee->stop_send_beacons(ieee->dev);
652  if (ieee->softmac_features & IEEE_SOFTMAC_BEACONS)
653  ieee80211_beacons_stop(ieee);
654 }
655 
656 
657 void ieee80211_start_send_beacons(struct ieee80211_device *ieee)
658 {
659  if(ieee->start_send_beacons)
660  ieee->start_send_beacons(ieee->dev);
661  if(ieee->softmac_features & IEEE_SOFTMAC_BEACONS)
662  ieee80211_beacons_start(ieee);
663 }
664 
665 
666 void ieee80211_softmac_stop_scan(struct ieee80211_device *ieee)
667 {
668 // unsigned long flags;
669 
670  //ieee->sync_scan_hurryup = 1;
671 
672  down(&ieee->scan_sem);
673 // spin_lock_irqsave(&ieee->lock, flags);
674 
675  if (ieee->scanning == 1){
676  ieee->scanning = 0;
677  //del_timer_sync(&ieee->scan_timer);
678  cancel_delayed_work(&ieee->softmac_scan_wq);
679  }
680 
681 // spin_unlock_irqrestore(&ieee->lock, flags);
682  up(&ieee->scan_sem);
683 }
684 
685 void ieee80211_stop_scan(struct ieee80211_device *ieee)
686 {
687  if (ieee->softmac_features & IEEE_SOFTMAC_SCAN)
688  ieee80211_softmac_stop_scan(ieee);
689  else
690  ieee->stop_scan(ieee->dev);
691 }
692 
693 /* called with ieee->lock held */
694 void ieee80211_rtl_start_scan(struct ieee80211_device *ieee)
695 {
696  if(IS_DOT11D_ENABLE(ieee) )
697  {
698  if(IS_COUNTRY_IE_VALID(ieee))
699  {
700  RESET_CIE_WATCHDOG(ieee);
701  }
702  }
703  if (ieee->softmac_features & IEEE_SOFTMAC_SCAN){
704  if (ieee->scanning == 0)
705  {
706  ieee->scanning = 1;
707  //ieee80211_softmac_scan(ieee);
708  // queue_work(ieee->wq, &ieee->softmac_scan_wq);
709  //care this,1203,2007,by lawrence
710 #if 1
711  queue_delayed_work(ieee->wq, &ieee->softmac_scan_wq,0);
712 #endif
713  }
714  }else
715  ieee->start_scan(ieee->dev);
716 
717 }
718 
719 /* called with wx_sem held */
720 void ieee80211_start_scan_syncro(struct ieee80211_device *ieee)
721 {
722  if(IS_DOT11D_ENABLE(ieee) )
723  {
724  if(IS_COUNTRY_IE_VALID(ieee))
725  {
726  RESET_CIE_WATCHDOG(ieee);
727  }
728  }
729  ieee->sync_scan_hurryup = 0;
730 
731  if (ieee->softmac_features & IEEE_SOFTMAC_SCAN)
732  ieee80211_softmac_scan_syncro(ieee);
733  else
734  ieee->scan_syncro(ieee->dev);
735 
736 }
737 
738 inline struct sk_buff *ieee80211_authentication_req(struct ieee80211_network *beacon,
739  struct ieee80211_device *ieee, int challengelen)
740 {
741  struct sk_buff *skb;
742  struct ieee80211_authentication *auth;
743 
744  skb = dev_alloc_skb(sizeof(struct ieee80211_authentication) + challengelen);
745 
746  if (!skb) return NULL;
747 
748  auth = (struct ieee80211_authentication *)
749  skb_put(skb, sizeof(struct ieee80211_authentication));
750 
751  auth->header.frame_ctl = IEEE80211_STYPE_AUTH;
752  if (challengelen) auth->header.frame_ctl |= IEEE80211_FCTL_WEP;
753 
754  auth->header.duration_id = 0x013a; //FIXME
755 
756  memcpy(auth->header.addr1, beacon->bssid, ETH_ALEN);
757  memcpy(auth->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
758  memcpy(auth->header.addr3, beacon->bssid, ETH_ALEN);
759 
760  auth->algorithm = ieee->open_wep ? WLAN_AUTH_OPEN : WLAN_AUTH_SHARED_KEY;
761 
762  auth->transaction = cpu_to_le16(ieee->associate_seq);
763  ieee->associate_seq++;
764 
765  auth->status = cpu_to_le16(WLAN_STATUS_SUCCESS);
766 
767  return skb;
768 
769 }
770 
771 static struct sk_buff* ieee80211_probe_resp(struct ieee80211_device *ieee, u8 *dest)
772 {
773  u8 *tag;
774  int beacon_size;
775  struct ieee80211_probe_response *beacon_buf;
776  struct sk_buff *skb;
777  int encrypt;
778  int atim_len,erp_len;
779  struct ieee80211_crypt_data* crypt;
780 
781  char *ssid = ieee->current_network.ssid;
782  int ssid_len = ieee->current_network.ssid_len;
783  int rate_len = ieee->current_network.rates_len+2;
784  int rate_ex_len = ieee->current_network.rates_ex_len;
785  int wpa_ie_len = ieee->wpa_ie_len;
786  if(rate_ex_len > 0) rate_ex_len+=2;
787 
788  if(ieee->current_network.capability & WLAN_CAPABILITY_IBSS)
789  atim_len = 4;
790  else
791  atim_len = 0;
792 
793  if(ieee80211_is_54g(&ieee->current_network))
794  erp_len = 3;
795  else
796  erp_len = 0;
797 
798  beacon_size = sizeof(struct ieee80211_probe_response)+
799  ssid_len
800  +3 //channel
801  +rate_len
802  +rate_ex_len
803  +atim_len
804  +wpa_ie_len
805  +erp_len;
806 
807  skb = dev_alloc_skb(beacon_size);
808 
809  if (!skb)
810  return NULL;
811 
812  beacon_buf = (struct ieee80211_probe_response*) skb_put(skb, beacon_size);
813 
814  memcpy (beacon_buf->header.addr1, dest,ETH_ALEN);
815  memcpy (beacon_buf->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
816  memcpy (beacon_buf->header.addr3, ieee->current_network.bssid, ETH_ALEN);
817 
818  beacon_buf->header.duration_id = 0; //FIXME
819  beacon_buf->beacon_interval =
820  cpu_to_le16(ieee->current_network.beacon_interval);
821  beacon_buf->capability =
822  cpu_to_le16(ieee->current_network.capability & WLAN_CAPABILITY_IBSS);
823 
824  if(ieee->short_slot && (ieee->current_network.capability & WLAN_CAPABILITY_SHORT_SLOT))
825  beacon_buf->capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_SLOT);
826 
827  crypt = ieee->crypt[ieee->tx_keyidx];
828 
829  encrypt = ieee->host_encrypt && crypt && crypt->ops &&
830  ((0 == strcmp(crypt->ops->name, "WEP")) || wpa_ie_len);
831 
832  if (encrypt)
833  beacon_buf->capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
834 
835 
836  beacon_buf->header.frame_ctl = cpu_to_le16(IEEE80211_STYPE_PROBE_RESP);
837 
838  beacon_buf->info_element.id = MFIE_TYPE_SSID;
839  beacon_buf->info_element.len = ssid_len;
840 
841  tag = (u8*) beacon_buf->info_element.data;
842 
843  memcpy(tag, ssid, ssid_len);
844 
845  tag += ssid_len;
846 
847  *(tag++) = MFIE_TYPE_RATES;
848  *(tag++) = rate_len-2;
849  memcpy(tag,ieee->current_network.rates,rate_len-2);
850  tag+=rate_len-2;
851 
852  *(tag++) = MFIE_TYPE_DS_SET;
853  *(tag++) = 1;
854  *(tag++) = ieee->current_network.channel;
855 
856  if(atim_len){
857  *(tag++) = MFIE_TYPE_IBSS_SET;
858  *(tag++) = 2;
859  *((u16*)(tag)) = cpu_to_le16(ieee->current_network.atim_window);
860  tag+=2;
861  }
862 
863  if(erp_len){
864  *(tag++) = MFIE_TYPE_ERP;
865  *(tag++) = 1;
866  *(tag++) = 0;
867  }
868 
869  if(rate_ex_len){
870  *(tag++) = MFIE_TYPE_RATES_EX;
871  *(tag++) = rate_ex_len-2;
872  memcpy(tag,ieee->current_network.rates_ex,rate_ex_len-2);
873  tag+=rate_ex_len-2;
874  }
875 
876  if (wpa_ie_len)
877  {
878  if (ieee->iw_mode == IW_MODE_ADHOC)
879  {//as Windows will set pairwise key same as the group key which is not allowed in Linux, so set this for IOT issue. WB 2008.07.07
880  memcpy(&ieee->wpa_ie[14], &ieee->wpa_ie[8], 4);
881  }
882 
883  memcpy(tag, ieee->wpa_ie, ieee->wpa_ie_len);
884  }
885 
886  skb->dev = ieee->dev;
887  return skb;
888 }
889 
890 struct sk_buff* ieee80211_assoc_resp(struct ieee80211_device *ieee, u8 *dest)
891 {
892  struct sk_buff *skb;
893  u8* tag;
894 
895  struct ieee80211_crypt_data* crypt;
896  struct ieee80211_assoc_response_frame *assoc;
897  short encrypt;
898 
899  unsigned int rate_len = ieee80211_MFIE_rate_len(ieee);
900  int len = sizeof(struct ieee80211_assoc_response_frame) + rate_len;
901 
902  skb = dev_alloc_skb(len);
903 
904  if (!skb)
905  return NULL;
906 
907  assoc = (struct ieee80211_assoc_response_frame *)
908  skb_put(skb,sizeof(struct ieee80211_assoc_response_frame));
909 
910  assoc->header.frame_control = cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP);
911  memcpy(assoc->header.addr1, dest,ETH_ALEN);
912  memcpy(assoc->header.addr3, ieee->dev->dev_addr, ETH_ALEN);
913  memcpy(assoc->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
914  assoc->capability = cpu_to_le16(ieee->iw_mode == IW_MODE_MASTER ?
915  WLAN_CAPABILITY_BSS : WLAN_CAPABILITY_IBSS);
916 
917 
918  if(ieee->short_slot)
919  assoc->capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_SLOT);
920 
921  if (ieee->host_encrypt)
922  crypt = ieee->crypt[ieee->tx_keyidx];
923  else crypt = NULL;
924 
925  encrypt = ( crypt && crypt->ops);
926 
927  if (encrypt)
928  assoc->capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
929 
930  assoc->status = 0;
931  assoc->aid = cpu_to_le16(ieee->assoc_id);
932  if (ieee->assoc_id == 0x2007) ieee->assoc_id=0;
933  else ieee->assoc_id++;
934 
935  tag = (u8*) skb_put(skb, rate_len);
936 
937  ieee80211_MFIE_Brate(ieee, &tag);
938  ieee80211_MFIE_Grate(ieee, &tag);
939 
940  return skb;
941 }
942 
943 struct sk_buff* ieee80211_auth_resp(struct ieee80211_device *ieee,int status, u8 *dest)
944 {
945  struct sk_buff *skb;
946  struct ieee80211_authentication *auth;
947 
948  skb = dev_alloc_skb(sizeof(struct ieee80211_authentication)+1);
949 
950  if (!skb)
951  return NULL;
952 
953  skb->len = sizeof(struct ieee80211_authentication);
954 
955  auth = (struct ieee80211_authentication *)skb->data;
956 
957  auth->status = cpu_to_le16(status);
958  auth->transaction = cpu_to_le16(2);
959  auth->algorithm = cpu_to_le16(WLAN_AUTH_OPEN);
960 
961  memcpy(auth->header.addr3, ieee->dev->dev_addr, ETH_ALEN);
962  memcpy(auth->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
963  memcpy(auth->header.addr1, dest, ETH_ALEN);
964  auth->header.frame_ctl = cpu_to_le16(IEEE80211_STYPE_AUTH);
965  return skb;
966 
967 
968 }
969 
970 struct sk_buff* ieee80211_null_func(struct ieee80211_device *ieee,short pwr)
971 {
972  struct sk_buff *skb;
973  struct ieee80211_hdr_3addr* hdr;
974 
975  skb = dev_alloc_skb(sizeof(struct ieee80211_hdr_3addr));
976 
977  if (!skb)
978  return NULL;
979 
980  hdr = (struct ieee80211_hdr_3addr*)skb_put(skb,sizeof(struct ieee80211_hdr_3addr));
981 
982  memcpy(hdr->addr1, ieee->current_network.bssid, ETH_ALEN);
983  memcpy(hdr->addr2, ieee->dev->dev_addr, ETH_ALEN);
984  memcpy(hdr->addr3, ieee->current_network.bssid, ETH_ALEN);
985 
986  hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
987  IEEE80211_STYPE_NULLFUNC | IEEE80211_FCTL_TODS |
988  (pwr ? IEEE80211_FCTL_PM:0));
989 
990  return skb;
991 
992 
993 }
994 
995 
996 void ieee80211_resp_to_assoc_rq(struct ieee80211_device *ieee, u8* dest)
997 {
998  struct sk_buff *buf = ieee80211_assoc_resp(ieee, dest);
999 
1000  if (buf){
1001  softmac_mgmt_xmit(buf, ieee);
1002  dev_kfree_skb_any(buf);//edit by thomas
1003  }
1004 }
1005 
1006 
1007 void ieee80211_resp_to_auth(struct ieee80211_device *ieee, int s, u8* dest)
1008 {
1009  struct sk_buff *buf = ieee80211_auth_resp(ieee, s, dest);
1010 
1011  if (buf){
1012  softmac_mgmt_xmit(buf, ieee);
1013  dev_kfree_skb_any(buf);//edit by thomas
1014  }
1015 }
1016 
1017 
1018 void ieee80211_resp_to_probe(struct ieee80211_device *ieee, u8 *dest)
1019 {
1020 
1021  struct sk_buff *buf = ieee80211_probe_resp(ieee, dest);
1022 
1023  if (buf) {
1024  softmac_mgmt_xmit(buf, ieee);
1025  dev_kfree_skb_any(buf);//edit by thomas
1026  }
1027 }
1028 
1029 
1030 inline struct sk_buff *ieee80211_association_req(struct ieee80211_network *beacon,struct ieee80211_device *ieee)
1031 {
1032  struct sk_buff *skb;
1033  //unsigned long flags;
1034 
1035  struct ieee80211_assoc_request_frame *hdr;
1036  u8 *tag;
1037  //short info_addr = 0;
1038  //int i;
1039  //u16 suite_count = 0;
1040  //u8 suit_select = 0;
1041  unsigned int wpa_len = beacon->wpa_ie_len;
1042  //struct net_device *dev = ieee->dev;
1043  //union iwreq_data wrqu;
1044  //u8 *buff;
1045  //u8 *p;
1046 #if 1
1047  // for testing purpose
1048  unsigned int rsn_len = beacon->rsn_ie_len;
1049 #else
1050  unsigned int rsn_len = beacon->rsn_ie_len - 4;
1051 #endif
1052  unsigned int rate_len = ieee80211_MFIE_rate_len(ieee);
1053  unsigned int wmm_info_len = beacon->QoS_Enable?9:0;
1054  unsigned int turbo_info_len = beacon->Turbo_Enable?9:0;
1055 
1056  u8 encry_proto = ieee->wpax_type_notify & 0xff;
1057  //u8 pairwise_type = (ieee->wpax_type_notify >> 8) & 0xff;
1058  //u8 authen_type = (ieee->wpax_type_notify >> 16) & 0xff;
1059 
1060  int len = 0;
1061 
1062  //[0] Notify type of encryption: WPA/WPA2
1063  //[1] pair wise type
1064  //[2] authen type
1065  if(ieee->wpax_type_set) {
1066  if (IEEE_PROTO_WPA == encry_proto) {
1067  rsn_len = 0;
1068  } else if (IEEE_PROTO_RSN == encry_proto) {
1069  wpa_len = 0;
1070  }
1071  }
1072  len = sizeof(struct ieee80211_assoc_request_frame)+
1073  + beacon->ssid_len//essid tagged val
1074  + rate_len//rates tagged val
1075  + wpa_len
1076  + rsn_len
1077  + wmm_info_len
1078  + turbo_info_len;
1079 
1080  skb = dev_alloc_skb(len);
1081 
1082  if (!skb)
1083  return NULL;
1084 
1085  hdr = (struct ieee80211_assoc_request_frame *)
1086  skb_put(skb, sizeof(struct ieee80211_assoc_request_frame));
1087 
1088 
1089  hdr->header.frame_control = IEEE80211_STYPE_ASSOC_REQ;
1090  hdr->header.duration_id= 37; //FIXME
1091  memcpy(hdr->header.addr1, beacon->bssid, ETH_ALEN);
1092  memcpy(hdr->header.addr2, ieee->dev->dev_addr, ETH_ALEN);
1093  memcpy(hdr->header.addr3, beacon->bssid, ETH_ALEN);
1094  memcpy(ieee->ap_mac_addr, beacon->bssid, ETH_ALEN);//for HW security, John
1095 
1096  hdr->capability = cpu_to_le16(WLAN_CAPABILITY_BSS);
1097  if (beacon->capability & WLAN_CAPABILITY_PRIVACY )
1098  hdr->capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY);
1099  if (beacon->capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
1100  hdr->capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE);
1101 
1102  if(ieee->short_slot)
1103  hdr->capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_SLOT);
1104 
1105  hdr->listen_interval = 0xa; //FIXME
1106 
1107  hdr->info_element.id = MFIE_TYPE_SSID;
1108 
1109  hdr->info_element.len = beacon->ssid_len;
1110  tag = skb_put(skb, beacon->ssid_len);
1111  memcpy(tag, beacon->ssid, beacon->ssid_len);
1112 
1113  tag = skb_put(skb, rate_len);
1114 
1115  ieee80211_MFIE_Brate(ieee, &tag);
1116  ieee80211_MFIE_Grate(ieee, &tag);
1117 
1118  //add rsn==0 condition for ap's mix security mode(wpa+wpa2), john2007.8.9
1119  //choose AES encryption as default algorithm while using mixed mode
1120 
1121  tag = skb_put(skb,ieee->wpa_ie_len);
1122  memcpy(tag,ieee->wpa_ie,ieee->wpa_ie_len);
1123 
1124  tag = skb_put(skb,wmm_info_len);
1125  if(wmm_info_len) {
1126  ieee80211_WMM_Info(ieee, &tag);
1127  }
1128  tag = skb_put(skb,turbo_info_len);
1129  if(turbo_info_len) {
1130  ieee80211_TURBO_Info(ieee, &tag);
1131  }
1132 
1133  return skb;
1134 }
1135 
1136 void ieee80211_associate_abort(struct ieee80211_device *ieee)
1137 {
1138 
1139  unsigned long flags;
1140  spin_lock_irqsave(&ieee->lock, flags);
1141 
1142  ieee->associate_seq++;
1143 
1144  /* don't scan, and avoid to have the RX path possibly
1145  * try again to associate. Even do not react to AUTH or
1146  * ASSOC response. Just wait for the retry wq to be scheduled.
1147  * Here we will check if there are good nets to associate
1148  * with, so we retry or just get back to NO_LINK and scanning
1149  */
1150  if (ieee->state == IEEE80211_ASSOCIATING_AUTHENTICATING){
1151  IEEE80211_DEBUG_MGMT("Authentication failed\n");
1152  ieee->softmac_stats.no_auth_rs++;
1153  }else{
1154  IEEE80211_DEBUG_MGMT("Association failed\n");
1155  ieee->softmac_stats.no_ass_rs++;
1156  }
1157 
1158  ieee->state = IEEE80211_ASSOCIATING_RETRY;
1159 
1160  queue_delayed_work(ieee->wq, &ieee->associate_retry_wq,IEEE80211_SOFTMAC_ASSOC_RETRY_TIME);
1161 
1162  spin_unlock_irqrestore(&ieee->lock, flags);
1163 }
1164 
1165 void ieee80211_associate_abort_cb(unsigned long dev)
1166 {
1167  ieee80211_associate_abort((struct ieee80211_device *) dev);
1168 }
1169 
1170 
1171 void ieee80211_associate_step1(struct ieee80211_device *ieee)
1172 {
1173  struct ieee80211_network *beacon = &ieee->current_network;
1174  struct sk_buff *skb;
1175 
1176  IEEE80211_DEBUG_MGMT("Stopping scan\n");
1177  ieee->softmac_stats.tx_auth_rq++;
1178  skb=ieee80211_authentication_req(beacon, ieee, 0);
1179  if (!skb){
1180 
1181  ieee80211_associate_abort(ieee);
1182  }
1183  else{
1184  ieee->state = IEEE80211_ASSOCIATING_AUTHENTICATING ;
1185  IEEE80211_DEBUG_MGMT("Sending authentication request\n");
1186  //printk("---Sending authentication request\n");
1187  softmac_mgmt_xmit(skb, ieee);
1188  //BUGON when you try to add_timer twice, using mod_timer may be better, john0709
1189  if(!timer_pending(&ieee->associate_timer)){
1190  ieee->associate_timer.expires = jiffies + (HZ / 2);
1191  add_timer(&ieee->associate_timer);
1192  }
1193  //If call dev_kfree_skb_any,a warning will ocur....
1194  //KERNEL: assertion (!atomic_read(&skb->users)) failed at net/core/dev.c (1708)
1195  //So ... 1204 by lawrence.
1196  //printk("\nIn %s,line %d call kfree skb.",__func__,__LINE__);
1197  //dev_kfree_skb_any(skb);//edit by thomas
1198  }
1199 }
1200 
1201 void ieee80211_rtl_auth_challenge(struct ieee80211_device *ieee, u8 *challenge, int chlen)
1202 {
1203  u8 *c;
1204  struct sk_buff *skb;
1205  struct ieee80211_network *beacon = &ieee->current_network;
1206 // int hlen = sizeof(struct ieee80211_authentication);
1207  del_timer_sync(&ieee->associate_timer);
1208  ieee->associate_seq++;
1209  ieee->softmac_stats.tx_auth_rq++;
1210 
1211  skb = ieee80211_authentication_req(beacon, ieee, chlen+2);
1212  if (!skb)
1213  ieee80211_associate_abort(ieee);
1214  else{
1215  c = skb_put(skb, chlen+2);
1216  *(c++) = MFIE_TYPE_CHALLENGE;
1217  *(c++) = chlen;
1218  memcpy(c, challenge, chlen);
1219 
1220  IEEE80211_DEBUG_MGMT("Sending authentication challenge response\n");
1221 
1222  ieee80211_encrypt_fragment(ieee, skb, sizeof(struct ieee80211_hdr_3addr ));
1223 
1224  softmac_mgmt_xmit(skb, ieee);
1225  if (!timer_pending(&ieee->associate_timer)){
1226  //printk("=========>add timer again, to crash\n");
1227  ieee->associate_timer.expires = jiffies + (HZ / 2);
1228  add_timer(&ieee->associate_timer);
1229  }
1230  dev_kfree_skb_any(skb);//edit by thomas
1231  }
1232  kfree(challenge);
1233 }
1234 
1235 void ieee80211_associate_step2(struct ieee80211_device *ieee)
1236 {
1237  struct sk_buff* skb;
1238  struct ieee80211_network *beacon = &ieee->current_network;
1239 
1240  del_timer_sync(&ieee->associate_timer);
1241 
1242  IEEE80211_DEBUG_MGMT("Sending association request\n");
1243  ieee->softmac_stats.tx_ass_rq++;
1244  skb=ieee80211_association_req(beacon, ieee);
1245  if (!skb)
1246  ieee80211_associate_abort(ieee);
1247  else{
1248  softmac_mgmt_xmit(skb, ieee);
1249  if (!timer_pending(&ieee->associate_timer)){
1250  ieee->associate_timer.expires = jiffies + (HZ / 2);
1251  add_timer(&ieee->associate_timer);
1252  }
1253  //dev_kfree_skb_any(skb);//edit by thomas
1254  }
1255 }
1256 
1257 void ieee80211_associate_complete_wq(struct work_struct *work)
1258 {
1259  struct ieee80211_device *ieee = container_of(work, struct ieee80211_device, associate_complete_wq);
1260 
1261  printk(KERN_INFO "Associated successfully\n");
1262  if(ieee80211_is_54g(&ieee->current_network) &&
1263  (ieee->modulation & IEEE80211_OFDM_MODULATION)){
1264 
1265  ieee->rate = 540;
1266  printk(KERN_INFO"Using G rates\n");
1267  }else{
1268  ieee->rate = 110;
1269  printk(KERN_INFO"Using B rates\n");
1270  }
1271  ieee->link_change(ieee->dev);
1272  notify_wx_assoc_event(ieee);
1273  if (ieee->data_hard_resume)
1274  ieee->data_hard_resume(ieee->dev);
1275  netif_carrier_on(ieee->dev);
1276 }
1277 
1278 void ieee80211_associate_complete(struct ieee80211_device *ieee)
1279 {
1280  int i;
1281  del_timer_sync(&ieee->associate_timer);
1282 
1283  for(i = 0; i < 6; i++) {
1284  //ieee->seq_ctrl[i] = 0;
1285  }
1286  ieee->state = IEEE80211_LINKED;
1287  IEEE80211_DEBUG_MGMT("Successfully associated\n");
1288 
1289  queue_work(ieee->wq, &ieee->associate_complete_wq);
1290 }
1291 
1292 void ieee80211_associate_procedure_wq(struct work_struct *work)
1293 {
1294  struct ieee80211_device *ieee = container_of(work, struct ieee80211_device, associate_procedure_wq);
1295 
1296  ieee->sync_scan_hurryup = 1;
1297  down(&ieee->wx_sem);
1298 
1299  if (ieee->data_hard_stop)
1300  ieee->data_hard_stop(ieee->dev);
1301 
1302  ieee80211_stop_scan(ieee);
1303  ieee->set_chan(ieee->dev, ieee->current_network.channel);
1304 
1305  ieee->associate_seq = 1;
1306  ieee80211_associate_step1(ieee);
1307 
1308  up(&ieee->wx_sem);
1309 }
1310 
1311 inline void ieee80211_softmac_new_net(struct ieee80211_device *ieee, struct ieee80211_network *net)
1312 {
1313  u8 tmp_ssid[IW_ESSID_MAX_SIZE+1];
1314  int tmp_ssid_len = 0;
1315 
1316  short apset,ssidset,ssidbroad,apmatch,ssidmatch;
1317 
1318  /* we are interested in new new only if we are not associated
1319  * and we are not associating / authenticating
1320  */
1321  if (ieee->state != IEEE80211_NOLINK)
1322  return;
1323 
1324  if ((ieee->iw_mode == IW_MODE_INFRA) && !(net->capability & WLAN_CAPABILITY_BSS))
1325  return;
1326 
1327  if ((ieee->iw_mode == IW_MODE_ADHOC) && !(net->capability & WLAN_CAPABILITY_IBSS))
1328  return;
1329 
1330 
1331  if (ieee->iw_mode == IW_MODE_INFRA || ieee->iw_mode == IW_MODE_ADHOC){
1332  /* if the user specified the AP MAC, we need also the essid
1333  * This could be obtained by beacons or, if the network does not
1334  * broadcast it, it can be put manually.
1335  */
1336  apset = ieee->wap_set;//(memcmp(ieee->current_network.bssid, zero,ETH_ALEN)!=0 );
1337  ssidset = ieee->ssid_set;//ieee->current_network.ssid[0] != '\0';
1338  ssidbroad = !(net->ssid_len == 0 || net->ssid[0]== '\0');
1339  apmatch = (memcmp(ieee->current_network.bssid, net->bssid, ETH_ALEN)==0);
1340 
1341  if(ieee->current_network.ssid_len != net->ssid_len)
1342  ssidmatch = 0;
1343  else
1344  ssidmatch = (0==strncmp(ieee->current_network.ssid, net->ssid, net->ssid_len));
1345 
1346  //printk("cur: %s, %d, net:%s, %d\n", ieee->current_network.ssid, ieee->current_network.ssid_len, net->ssid, net->ssid_len);
1347  //printk("apset=%d apmatch=%d ssidset=%d ssidbroad=%d ssidmatch=%d\n",apset,apmatch,ssidset,ssidbroad,ssidmatch);
1348 
1349  if ( /* if the user set the AP check if match.
1350  * if the network does not broadcast essid we check the user supplied ANY essid
1351  * if the network does broadcast and the user does not set essid it is OK
1352  * if the network does broadcast and the user did set essid chech if essid match
1353  */
1354  ( apset && apmatch &&
1355  ((ssidset && ssidbroad && ssidmatch) || (ssidbroad && !ssidset) || (!ssidbroad && ssidset)) ) ||
1356  /* if the ap is not set, check that the user set the bssid
1357  * and the network does broadcast and that those two bssid matches
1358  */
1359  (!apset && ssidset && ssidbroad && ssidmatch)
1360  ){
1361 
1362 
1363  /* if the essid is hidden replace it with the
1364  * essid provided by the user.
1365  */
1366  if (!ssidbroad){
1367  strncpy(tmp_ssid, ieee->current_network.ssid, IW_ESSID_MAX_SIZE);
1368  tmp_ssid_len = ieee->current_network.ssid_len;
1369  }
1370  memcpy(&ieee->current_network, net, sizeof(struct ieee80211_network));
1371 
1372  if (!ssidbroad){
1373  strncpy(ieee->current_network.ssid, tmp_ssid, IW_ESSID_MAX_SIZE);
1374  ieee->current_network.ssid_len = tmp_ssid_len;
1375  }
1376  printk(KERN_INFO"Linking with %s: channel is %d\n",ieee->current_network.ssid,ieee->current_network.channel);
1377 
1378  if (ieee->iw_mode == IW_MODE_INFRA){
1379  ieee->state = IEEE80211_ASSOCIATING;
1380  ieee->beinretry = false;
1381  queue_work(ieee->wq, &ieee->associate_procedure_wq);
1382  }else{
1383  if(ieee80211_is_54g(&ieee->current_network) &&
1384  (ieee->modulation & IEEE80211_OFDM_MODULATION)){
1385  ieee->rate = 540;
1386  printk(KERN_INFO"Using G rates\n");
1387  }else{
1388  ieee->rate = 110;
1389  printk(KERN_INFO"Using B rates\n");
1390  }
1391  ieee->state = IEEE80211_LINKED;
1392  ieee->beinretry = false;
1393  }
1394 
1395  }
1396  }
1397 
1398 }
1399 
1400 void ieee80211_softmac_check_all_nets(struct ieee80211_device *ieee)
1401 {
1402  unsigned long flags;
1403  struct ieee80211_network *target;
1404 
1405  spin_lock_irqsave(&ieee->lock, flags);
1406  list_for_each_entry(target, &ieee->network_list, list) {
1407 
1408  /* if the state become different that NOLINK means
1409  * we had found what we are searching for
1410  */
1411 
1412  if (ieee->state != IEEE80211_NOLINK)
1413  break;
1414 
1415  if (ieee->scan_age == 0 || time_after(target->last_scanned + ieee->scan_age, jiffies))
1416  ieee80211_softmac_new_net(ieee, target);
1417  }
1418 
1419  spin_unlock_irqrestore(&ieee->lock, flags);
1420 
1421 }
1422 
1423 
1424 static inline u16 auth_parse(struct sk_buff *skb, u8** challenge, int *chlen)
1425 {
1426  struct ieee80211_authentication *a;
1427  u8 *t;
1428  if (skb->len < (sizeof(struct ieee80211_authentication)-sizeof(struct ieee80211_info_element))){
1429  IEEE80211_DEBUG_MGMT("invalid len in auth resp: %d\n",skb->len);
1430  return 0xcafe;
1431  }
1432  *challenge = NULL;
1433  a = (struct ieee80211_authentication*) skb->data;
1434  if(skb->len > (sizeof(struct ieee80211_authentication) +3)){
1435  t = skb->data + sizeof(struct ieee80211_authentication);
1436 
1437  if(*(t++) == MFIE_TYPE_CHALLENGE){
1438  *chlen = *(t++);
1439  *challenge = kmemdup(t, *chlen, GFP_ATOMIC);
1440  if (!*challenge)
1441  return -ENOMEM;
1442  }
1443  }
1444 
1445  return cpu_to_le16(a->status);
1446 
1447 }
1448 
1449 
1450 int auth_rq_parse(struct sk_buff *skb,u8* dest)
1451 {
1452  struct ieee80211_authentication *a;
1453 
1454  if (skb->len < (sizeof(struct ieee80211_authentication)-sizeof(struct ieee80211_info_element))){
1455  IEEE80211_DEBUG_MGMT("invalid len in auth request: %d\n",skb->len);
1456  return -1;
1457  }
1458  a = (struct ieee80211_authentication*) skb->data;
1459 
1460  memcpy(dest,a->header.addr2, ETH_ALEN);
1461 
1462  if (le16_to_cpu(a->algorithm) != WLAN_AUTH_OPEN)
1463  return WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG;
1464 
1465  return WLAN_STATUS_SUCCESS;
1466 }
1467 
1468 static short probe_rq_parse(struct ieee80211_device *ieee, struct sk_buff *skb, u8 *src)
1469 {
1470  u8 *tag;
1471  u8 *skbend;
1472  u8 *ssid=NULL;
1473  u8 ssidlen = 0;
1474 
1475  struct ieee80211_hdr_3addr *header =
1476  (struct ieee80211_hdr_3addr *) skb->data;
1477 
1478  if (skb->len < sizeof (struct ieee80211_hdr_3addr ))
1479  return -1; /* corrupted */
1480 
1481  memcpy(src,header->addr2, ETH_ALEN);
1482 
1483  skbend = (u8*)skb->data + skb->len;
1484 
1485  tag = skb->data + sizeof (struct ieee80211_hdr_3addr );
1486 
1487  while (tag+1 < skbend){
1488  if (*tag == 0){
1489  ssid = tag+2;
1490  ssidlen = *(tag+1);
1491  break;
1492  }
1493  tag++; /* point to the len field */
1494  tag = tag + *(tag); /* point to the last data byte of the tag */
1495  tag++; /* point to the next tag */
1496  }
1497 
1498  //IEEE80211DMESG("Card MAC address is "MACSTR, MAC2STR(src));
1499  if (ssidlen == 0) return 1;
1500 
1501  if (!ssid) return 1; /* ssid not found in tagged param */
1502  return (!strncmp(ssid, ieee->current_network.ssid, ssidlen));
1503 
1504 }
1505 
1506 int assoc_rq_parse(struct sk_buff *skb,u8* dest)
1507 {
1508  struct ieee80211_assoc_request_frame *a;
1509 
1510  if (skb->len < (sizeof(struct ieee80211_assoc_request_frame) -
1511  sizeof(struct ieee80211_info_element))) {
1512 
1513  IEEE80211_DEBUG_MGMT("invalid len in auth request:%d \n", skb->len);
1514  return -1;
1515  }
1516 
1517  a = (struct ieee80211_assoc_request_frame*) skb->data;
1518 
1519  memcpy(dest,a->header.addr2,ETH_ALEN);
1520 
1521  return 0;
1522 }
1523 
1524 static inline u16 assoc_parse(struct sk_buff *skb, int *aid)
1525 {
1526  struct ieee80211_assoc_response_frame *a;
1527  if (skb->len < sizeof(struct ieee80211_assoc_response_frame)){
1528  IEEE80211_DEBUG_MGMT("invalid len in auth resp: %d\n", skb->len);
1529  return 0xcafe;
1530  }
1531 
1532  a = (struct ieee80211_assoc_response_frame*) skb->data;
1533  *aid = le16_to_cpu(a->aid) & 0x3fff;
1534  return le16_to_cpu(a->status);
1535 }
1536 
1537 static inline void
1538 ieee80211_rx_probe_rq(struct ieee80211_device *ieee, struct sk_buff *skb)
1539 {
1540  u8 dest[ETH_ALEN];
1541 
1542  //IEEE80211DMESG("Rx probe");
1543  ieee->softmac_stats.rx_probe_rq++;
1544  //DMESG("Dest is "MACSTR, MAC2STR(dest));
1545  if (probe_rq_parse(ieee, skb, dest)){
1546  //IEEE80211DMESG("Was for me!");
1547  ieee->softmac_stats.tx_probe_rs++;
1548  ieee80211_resp_to_probe(ieee, dest);
1549  }
1550 }
1551 
1552 inline void
1553 ieee80211_rx_auth_rq(struct ieee80211_device *ieee, struct sk_buff *skb)
1554 {
1555  u8 dest[ETH_ALEN];
1556  int status;
1557  //IEEE80211DMESG("Rx probe");
1558  ieee->softmac_stats.rx_auth_rq++;
1559 
1560  status = auth_rq_parse(skb, dest);
1561  if (status != -1) {
1562  ieee80211_resp_to_auth(ieee, status, dest);
1563  }
1564  //DMESG("Dest is "MACSTR, MAC2STR(dest));
1565 
1566 }
1567 
1568  inline void
1569 ieee80211_rx_assoc_rq(struct ieee80211_device *ieee, struct sk_buff *skb)
1570 {
1571 
1572  u8 dest[ETH_ALEN];
1573  //unsigned long flags;
1574 
1575  ieee->softmac_stats.rx_ass_rq++;
1576  if (assoc_rq_parse(skb,dest) != -1){
1577  ieee80211_resp_to_assoc_rq(ieee, dest);
1578  }
1579 
1580  printk(KERN_INFO"New client associated: %pM\n", dest);
1581 }
1582 
1583 
1584 
1585 void ieee80211_sta_ps_send_null_frame(struct ieee80211_device *ieee, short pwr)
1586 {
1587 
1588  struct sk_buff *buf = ieee80211_null_func(ieee, pwr);
1589 
1590  if (buf)
1591  softmac_ps_mgmt_xmit(buf, ieee);
1592 
1593 }
1594 
1595 
1596 short ieee80211_sta_ps_sleep(struct ieee80211_device *ieee, u32 *time_h, u32 *time_l)
1597 {
1598  int timeout = 0;
1599 
1600  u8 dtim;
1601  /*if(ieee->ps == IEEE80211_PS_DISABLED ||
1602  ieee->iw_mode != IW_MODE_INFRA ||
1603  ieee->state != IEEE80211_LINKED)
1604 
1605  return 0;
1606  */
1607  dtim = ieee->current_network.dtim_data;
1608  //printk("DTIM\n");
1609 
1610  if(!(dtim & IEEE80211_DTIM_VALID))
1611  return 0;
1612  else
1613  timeout = ieee->current_network.beacon_interval;
1614 
1615  //printk("VALID\n");
1616  ieee->current_network.dtim_data = IEEE80211_DTIM_INVALID;
1617 
1618  if(dtim & ((IEEE80211_DTIM_UCAST | IEEE80211_DTIM_MBCAST)& ieee->ps))
1619  return 2;
1620 
1621  if(!time_after(jiffies, ieee->dev->trans_start + MSECS(timeout)))
1622  return 0;
1623 
1624  if(!time_after(jiffies, ieee->last_rx_ps_time + MSECS(timeout)))
1625  return 0;
1626 
1627  if((ieee->softmac_features & IEEE_SOFTMAC_SINGLE_QUEUE ) &&
1628  (ieee->mgmt_queue_tail != ieee->mgmt_queue_head))
1629  return 0;
1630 
1631  if(time_l){
1632  *time_l = ieee->current_network.last_dtim_sta_time[0]
1633  + MSECS((ieee->current_network.beacon_interval));
1634  //* ieee->current_network.dtim_period));
1635  //printk("beacon_interval:%x, dtim_period:%x, totol to Msecs:%x, HZ:%x\n", ieee->current_network.beacon_interval, ieee->current_network.dtim_period, MSECS(((ieee->current_network.beacon_interval * ieee->current_network.dtim_period))), HZ);
1636  }
1637 
1638  if(time_h){
1639  *time_h = ieee->current_network.last_dtim_sta_time[1];
1640  if(time_l && *time_l < ieee->current_network.last_dtim_sta_time[0])
1641  *time_h += 1;
1642  }
1643 
1644  return 1;
1645 
1646 
1647 }
1648 
1649 inline void ieee80211_sta_ps(struct ieee80211_device *ieee)
1650 {
1651 
1652  u32 th,tl;
1653  short sleep;
1654 
1655  unsigned long flags,flags2;
1656 
1657  spin_lock_irqsave(&ieee->lock, flags);
1658 
1659  if((ieee->ps == IEEE80211_PS_DISABLED ||
1660 
1661  ieee->iw_mode != IW_MODE_INFRA ||
1662  ieee->state != IEEE80211_LINKED)){
1663 
1664  //#warning CHECK_LOCK_HERE
1665  spin_lock_irqsave(&ieee->mgmt_tx_lock, flags2);
1666 
1667  ieee80211_sta_wakeup(ieee, 1);
1668 
1669  spin_unlock_irqrestore(&ieee->mgmt_tx_lock, flags2);
1670  }
1671 
1672  sleep = ieee80211_sta_ps_sleep(ieee,&th, &tl);
1673 // printk("===>%s,%d[2 wake, 1 sleep, 0 do nothing], ieee->sta_sleep = %d\n",__func__, sleep,ieee->sta_sleep);
1674  /* 2 wake, 1 sleep, 0 do nothing */
1675  if(sleep == 0)
1676  goto out;
1677 
1678  if(sleep == 1){
1679 
1680  if(ieee->sta_sleep == 1)
1681  ieee->enter_sleep_state(ieee->dev,th,tl);
1682 
1683  else if(ieee->sta_sleep == 0){
1684  // printk("send null 1\n");
1685  spin_lock_irqsave(&ieee->mgmt_tx_lock, flags2);
1686 
1687  if(ieee->ps_is_queue_empty(ieee->dev)){
1688 
1689 
1690  ieee->sta_sleep = 2;
1691 
1692  ieee->ps_request_tx_ack(ieee->dev);
1693 
1694  ieee80211_sta_ps_send_null_frame(ieee,1);
1695 
1696  ieee->ps_th = th;
1697  ieee->ps_tl = tl;
1698  }
1699  spin_unlock_irqrestore(&ieee->mgmt_tx_lock, flags2);
1700 
1701  }
1702 
1703 
1704  }else if(sleep == 2){
1705 //#warning CHECK_LOCK_HERE
1706  spin_lock_irqsave(&ieee->mgmt_tx_lock, flags2);
1707 
1708  // printk("send wakeup packet\n");
1709  ieee80211_sta_wakeup(ieee,1);
1710 
1711  spin_unlock_irqrestore(&ieee->mgmt_tx_lock, flags2);
1712  }
1713 
1714 out:
1715  spin_unlock_irqrestore(&ieee->lock, flags);
1716 
1717 }
1718 
1719 void ieee80211_sta_wakeup(struct ieee80211_device *ieee, short nl)
1720 {
1721  if(ieee->sta_sleep == 0){
1722  if(nl){
1723  // printk("Warning: driver is probably failing to report TX ps error\n");
1724  ieee->ps_request_tx_ack(ieee->dev);
1725  ieee80211_sta_ps_send_null_frame(ieee, 0);
1726  }
1727  return;
1728 
1729  }
1730 
1731  if(ieee->sta_sleep == 1)
1732  ieee->sta_wake_up(ieee->dev);
1733 
1734  ieee->sta_sleep = 0;
1735 
1736  if(nl){
1737  ieee->ps_request_tx_ack(ieee->dev);
1738  ieee80211_sta_ps_send_null_frame(ieee, 0);
1739  }
1740 }
1741 
1742 void ieee80211_ps_tx_ack(struct ieee80211_device *ieee, short success)
1743 {
1744  unsigned long flags,flags2;
1745 
1746  spin_lock_irqsave(&ieee->lock, flags);
1747  if(ieee->sta_sleep == 2){
1748  /* Null frame with PS bit set */
1749  if(success){
1750 
1751  // printk("==================> %s::enter sleep state\n",__func__);
1752  ieee->sta_sleep = 1;
1753  ieee->enter_sleep_state(ieee->dev,ieee->ps_th,ieee->ps_tl);
1754  }
1755  /* if the card report not success we can't be sure the AP
1756  * has not RXed so we can't assume the AP believe us awake
1757  */
1758  }
1759  /* 21112005 - tx again null without PS bit if lost */
1760  else {
1761 
1762  if((ieee->sta_sleep == 0) && !success){
1763  spin_lock_irqsave(&ieee->mgmt_tx_lock, flags2);
1764  ieee80211_sta_ps_send_null_frame(ieee, 0);
1765  spin_unlock_irqrestore(&ieee->mgmt_tx_lock, flags2);
1766  }
1767  }
1768  spin_unlock_irqrestore(&ieee->lock, flags);
1769 }
1770 
1771 inline int
1772 ieee80211_rx_frame_softmac(struct ieee80211_device *ieee, struct sk_buff *skb,
1773  struct ieee80211_rx_stats *rx_stats, u16 type,
1774  u16 stype)
1775 {
1776  struct ieee80211_hdr_3addr *header = (struct ieee80211_hdr_3addr *) skb->data;
1777  u16 errcode;
1778  u8* challenge=NULL;
1779  int chlen=0;
1780  int aid=0;
1781  struct ieee80211_assoc_response_frame *assoc_resp;
1782  struct ieee80211_info_element *info_element;
1783 
1784  if(!ieee->proto_started)
1785  return 0;
1786 
1787  if(ieee->sta_sleep || (ieee->ps != IEEE80211_PS_DISABLED &&
1788  ieee->iw_mode == IW_MODE_INFRA &&
1789  ieee->state == IEEE80211_LINKED))
1790 
1791  tasklet_schedule(&ieee->ps_task);
1792 
1793  if (WLAN_FC_GET_STYPE(header->frame_control) != IEEE80211_STYPE_PROBE_RESP &&
1794  WLAN_FC_GET_STYPE(header->frame_control) != IEEE80211_STYPE_BEACON)
1795  ieee->last_rx_ps_time = jiffies;
1796 
1797  switch (WLAN_FC_GET_STYPE(header->frame_control)) {
1798 
1799  case IEEE80211_STYPE_ASSOC_RESP:
1800  case IEEE80211_STYPE_REASSOC_RESP:
1801 
1802  IEEE80211_DEBUG_MGMT("received [RE]ASSOCIATION RESPONSE (%d)\n",
1803  WLAN_FC_GET_STYPE(header->frame_ctl));
1804  if ((ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE) &&
1805  ieee->state == IEEE80211_ASSOCIATING_AUTHENTICATED &&
1806  ieee->iw_mode == IW_MODE_INFRA){
1807  if (0 == (errcode=assoc_parse(skb, &aid))){
1808  u16 left;
1809 
1810  ieee->state=IEEE80211_LINKED;
1811  ieee->assoc_id = aid;
1812  ieee->softmac_stats.rx_ass_ok++;
1813 
1814  //printk(KERN_WARNING "nic_type = %s", (rx_stats->nic_type == 1)?"rtl8187":"rtl8187B");
1815  if(1 == rx_stats->nic_type) //card type is 8187
1816  {
1817  goto associate_complete;
1818  }
1819  assoc_resp = (struct ieee80211_assoc_response_frame*)skb->data;
1820  info_element = &assoc_resp->info_element;
1821  left = skb->len - ((void*)info_element - (void*)assoc_resp);
1822 
1823  while (left >= sizeof(struct ieee80211_info_element_hdr)) {
1824  if (sizeof(struct ieee80211_info_element_hdr) + info_element->len > left) {
1825  printk(KERN_WARNING "[re]associate response error!");
1826  return 1;
1827  }
1828  switch (info_element->id) {
1829  case MFIE_TYPE_GENERIC:
1830  IEEE80211_DEBUG_SCAN("MFIE_TYPE_GENERIC: %d bytes\n", info_element->len);
1831  if (info_element->len >= 8 &&
1832  info_element->data[0] == 0x00 &&
1833  info_element->data[1] == 0x50 &&
1834  info_element->data[2] == 0xf2 &&
1835  info_element->data[3] == 0x02 &&
1836  info_element->data[4] == 0x01) {
1837  // Not care about version at present.
1838  //WMM Parameter Element
1839  memcpy(ieee->current_network.wmm_param,(u8*)(info_element->data\
1840  + 8),(info_element->len - 8));
1841 
1842  if (((ieee->current_network.wmm_info^info_element->data[6])& \
1843  0x0f)||(!ieee->init_wmmparam_flag)) {
1844  // refresh parameter element for current network
1845  // update the register parameter for hardware
1846  ieee->init_wmmparam_flag = 1;
1847  queue_work(ieee->wq, &ieee->wmm_param_update_wq);
1848 
1849  }
1850  //update info_element for current network
1851  ieee->current_network.wmm_info = info_element->data[6];
1852  }
1853  break;
1854  default:
1855  //nothing to do at present!!!
1856  break;
1857  }
1858 
1859  left -= sizeof(struct ieee80211_info_element_hdr) +
1860  info_element->len;
1861  info_element = (struct ieee80211_info_element *)
1862  &info_element->data[info_element->len];
1863  }
1864  if(!ieee->init_wmmparam_flag) //legacy AP, reset the AC_xx_param register
1865  {
1866  queue_work(ieee->wq,&ieee->wmm_param_update_wq);
1867  ieee->init_wmmparam_flag = 1;//indicate AC_xx_param upated since last associate
1868  }
1869 associate_complete:
1870  ieee80211_associate_complete(ieee);
1871  }else{
1872  ieee->softmac_stats.rx_ass_err++;
1873  IEEE80211_DEBUG_MGMT(
1874  "Association response status code 0x%x\n",
1875  errcode);
1876  ieee80211_associate_abort(ieee);
1877  }
1878  }
1879  break;
1880 
1881  case IEEE80211_STYPE_ASSOC_REQ:
1882  case IEEE80211_STYPE_REASSOC_REQ:
1883 
1884  if ((ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE) &&
1885  ieee->iw_mode == IW_MODE_MASTER)
1886 
1887  ieee80211_rx_assoc_rq(ieee, skb);
1888  break;
1889 
1890  case IEEE80211_STYPE_AUTH:
1891 
1892  if (ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE){
1893  if (ieee->state == IEEE80211_ASSOCIATING_AUTHENTICATING &&
1894  ieee->iw_mode == IW_MODE_INFRA){
1895 
1896  IEEE80211_DEBUG_MGMT("Received authentication response");
1897 
1898  if (0 == (errcode=auth_parse(skb, &challenge, &chlen))){
1899  if(ieee->open_wep || !challenge){
1900  ieee->state = IEEE80211_ASSOCIATING_AUTHENTICATED;
1901  ieee->softmac_stats.rx_auth_rs_ok++;
1902 
1903  ieee80211_associate_step2(ieee);
1904  }else{
1905  ieee80211_rtl_auth_challenge(ieee, challenge, chlen);
1906  }
1907  }else{
1908  ieee->softmac_stats.rx_auth_rs_err++;
1909  IEEE80211_DEBUG_MGMT("Authentication response status code 0x%x",errcode);
1910  ieee80211_associate_abort(ieee);
1911  }
1912 
1913  }else if (ieee->iw_mode == IW_MODE_MASTER){
1914  ieee80211_rx_auth_rq(ieee, skb);
1915  }
1916  }
1917  break;
1918 
1919  case IEEE80211_STYPE_PROBE_REQ:
1920 
1921  if ((ieee->softmac_features & IEEE_SOFTMAC_PROBERS) &&
1922  ((ieee->iw_mode == IW_MODE_ADHOC ||
1923  ieee->iw_mode == IW_MODE_MASTER) &&
1924  ieee->state == IEEE80211_LINKED))
1925 
1926  ieee80211_rx_probe_rq(ieee, skb);
1927  break;
1928 
1929  case IEEE80211_STYPE_DISASSOC:
1930  case IEEE80211_STYPE_DEAUTH:
1931  /* FIXME for now repeat all the association procedure
1932  * both for disassociation and deauthentication
1933  */
1934  if ((ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE) &&
1935  (ieee->state == IEEE80211_LINKED) &&
1936  (ieee->iw_mode == IW_MODE_INFRA) &&
1937  (!memcmp(header->addr2,ieee->current_network.bssid,ETH_ALEN))){
1938  ieee->state = IEEE80211_ASSOCIATING;
1939  ieee->softmac_stats.reassoc++;
1940 
1941  //notify_wx_assoc_event(ieee); //YJ,del,080828, do not notify os here
1942  queue_work(ieee->wq, &ieee->associate_procedure_wq);
1943  }
1944 
1945  break;
1946 
1947  default:
1948  return -1;
1949  break;
1950  }
1951 
1952  //dev_kfree_skb_any(skb);
1953  return 0;
1954 }
1955 
1956 
1957 
1958 /* following are for a simpler TX queue management.
1959  * Instead of using netif_[stop/wake]_queue the driver
1960  * will uses these two function (plus a reset one), that
1961  * will internally uses the kernel netif_* and takes
1962  * care of the ieee802.11 fragmentation.
1963  * So the driver receives a fragment per time and might
1964  * call the stop function when it want without take care
1965  * to have enough room to TX an entire packet.
1966  * This might be useful if each fragment need it's own
1967  * descriptor, thus just keep a total free memory > than
1968  * the max fragmentation threshold is not enough.. If the
1969  * ieee802.11 stack passed a TXB struct then you needed
1970  * to keep N free descriptors where
1971  * N = MAX_PACKET_SIZE / MIN_FRAG_TRESHOLD
1972  * In this way you need just one and the 802.11 stack
1973  * will take care of buffering fragments and pass them to
1974  * to the driver later, when it wakes the queue.
1975  */
1976 
1977 void ieee80211_softmac_xmit(struct ieee80211_txb *txb, struct ieee80211_device *ieee)
1978 {
1979 
1980 
1981  unsigned long flags;
1982  int i;
1983 
1984  spin_lock_irqsave(&ieee->lock,flags);
1985 
1986  /* called with 2nd parm 0, no tx mgmt lock required */
1987  ieee80211_sta_wakeup(ieee,0);
1988 
1989  for(i = 0; i < txb->nr_frags; i++) {
1990 
1991  if (ieee->queue_stop){
1992  ieee->tx_pending.txb = txb;
1993  ieee->tx_pending.frag = i;
1994  goto exit;
1995  }else{
1996  ieee->softmac_data_hard_start_xmit(
1997  txb->fragments[i],
1998  ieee->dev,ieee->rate);
1999  //(i+1)<txb->nr_frags);
2000  ieee->stats.tx_packets++;
2001  ieee->stats.tx_bytes += txb->fragments[i]->len;
2002  ieee->dev->trans_start = jiffies;
2003  }
2004  }
2005 
2006  ieee80211_txb_free(txb);
2007 
2008  exit:
2009  spin_unlock_irqrestore(&ieee->lock,flags);
2010 
2011 }
2012 
2013 /* called with ieee->lock acquired */
2014 void ieee80211_resume_tx(struct ieee80211_device *ieee)
2015 {
2016  int i;
2017  for(i = ieee->tx_pending.frag; i < ieee->tx_pending.txb->nr_frags; i++) {
2018 
2019  if (ieee->queue_stop){
2020  ieee->tx_pending.frag = i;
2021  return;
2022  }else{
2023 
2024  ieee->softmac_data_hard_start_xmit(
2025  ieee->tx_pending.txb->fragments[i],
2026  ieee->dev,ieee->rate);
2027  //(i+1)<ieee->tx_pending.txb->nr_frags);
2028  ieee->stats.tx_packets++;
2029  ieee->dev->trans_start = jiffies;
2030  }
2031  }
2032 
2033 
2034  ieee80211_txb_free(ieee->tx_pending.txb);
2035  ieee->tx_pending.txb = NULL;
2036 }
2037 
2038 
2039 void ieee80211_reset_queue(struct ieee80211_device *ieee)
2040 {
2041  unsigned long flags;
2042 
2043  spin_lock_irqsave(&ieee->lock,flags);
2044  init_mgmt_queue(ieee);
2045  if (ieee->tx_pending.txb){
2046  ieee80211_txb_free(ieee->tx_pending.txb);
2047  ieee->tx_pending.txb = NULL;
2048  }
2049  ieee->queue_stop = 0;
2050  spin_unlock_irqrestore(&ieee->lock,flags);
2051 
2052 }
2053 
2054 void ieee80211_rtl_wake_queue(struct ieee80211_device *ieee)
2055 {
2056 
2057  unsigned long flags;
2058  struct sk_buff *skb;
2059  struct ieee80211_hdr_3addr *header;
2060 
2061  spin_lock_irqsave(&ieee->lock,flags);
2062  if (! ieee->queue_stop) goto exit;
2063 
2064  ieee->queue_stop = 0;
2065 
2066  if(ieee->softmac_features & IEEE_SOFTMAC_SINGLE_QUEUE){
2067  while (!ieee->queue_stop && (skb = dequeue_mgmt(ieee))){
2068 
2069  header = (struct ieee80211_hdr_3addr *) skb->data;
2070 
2071  header->seq_ctrl = cpu_to_le16(ieee->seq_ctrl[0] << 4);
2072 
2073  if (ieee->seq_ctrl[0] == 0xFFF)
2074  ieee->seq_ctrl[0] = 0;
2075  else
2076  ieee->seq_ctrl[0]++;
2077 
2078  //printk(KERN_ALERT "ieee80211_wake_queue \n");
2079  ieee->softmac_data_hard_start_xmit(skb,ieee->dev,ieee->basic_rate);
2080  dev_kfree_skb_any(skb);//edit by thomas
2081  }
2082  }
2083  if (!ieee->queue_stop && ieee->tx_pending.txb)
2084  ieee80211_resume_tx(ieee);
2085 
2086  if (!ieee->queue_stop && netif_queue_stopped(ieee->dev)){
2087  ieee->softmac_stats.swtxawake++;
2088  netif_wake_queue(ieee->dev);
2089  }
2090 
2091 exit :
2092  spin_unlock_irqrestore(&ieee->lock,flags);
2093 }
2094 
2095 
2096 void ieee80211_rtl_stop_queue(struct ieee80211_device *ieee)
2097 {
2098  //unsigned long flags;
2099  //spin_lock_irqsave(&ieee->lock,flags);
2100 
2101  if (! netif_queue_stopped(ieee->dev)){
2102  netif_stop_queue(ieee->dev);
2103  ieee->softmac_stats.swtxstop++;
2104  }
2105  ieee->queue_stop = 1;
2106  //spin_unlock_irqrestore(&ieee->lock,flags);
2107 
2108 }
2109 
2110 
2111 inline void ieee80211_randomize_cell(struct ieee80211_device *ieee)
2112 {
2113 
2114  random_ether_addr(ieee->current_network.bssid);
2115 }
2116 
2117 /* called in user context only */
2118 void ieee80211_start_master_bss(struct ieee80211_device *ieee)
2119 {
2120  ieee->assoc_id = 1;
2121 
2122  if (ieee->current_network.ssid_len == 0){
2123  strncpy(ieee->current_network.ssid,
2124  IEEE80211_DEFAULT_TX_ESSID,
2125  IW_ESSID_MAX_SIZE);
2126 
2127  ieee->current_network.ssid_len = strlen(IEEE80211_DEFAULT_TX_ESSID);
2128  ieee->ssid_set = 1;
2129  }
2130 
2131  memcpy(ieee->current_network.bssid, ieee->dev->dev_addr, ETH_ALEN);
2132 
2133  ieee->set_chan(ieee->dev, ieee->current_network.channel);
2134  ieee->state = IEEE80211_LINKED;
2135  ieee->link_change(ieee->dev);
2136  notify_wx_assoc_event(ieee);
2137 
2138  if (ieee->data_hard_resume)
2139  ieee->data_hard_resume(ieee->dev);
2140 
2141  netif_carrier_on(ieee->dev);
2142 }
2143 
2144 void ieee80211_start_monitor_mode(struct ieee80211_device *ieee)
2145 {
2146  if(ieee->raw_tx){
2147 
2148  if (ieee->data_hard_resume)
2149  ieee->data_hard_resume(ieee->dev);
2150 
2151  netif_carrier_on(ieee->dev);
2152  }
2153 }
2154 
2155 void ieee80211_start_ibss_wq(struct work_struct *work)
2156 {
2157  struct delayed_work *dwork = to_delayed_work(work);
2158  struct ieee80211_device *ieee = container_of(dwork, struct ieee80211_device, start_ibss_wq);
2159 
2160  /* iwconfig mode ad-hoc will schedule this and return
2161  * on the other hand this will block further iwconfig SET
2162  * operations because of the wx_sem hold.
2163  * Anyway some most set operations set a flag to speed-up
2164  * (abort) this wq (when syncro scanning) before sleeping
2165  * on the semaphore
2166  */
2167 
2168  down(&ieee->wx_sem);
2169 
2170 
2171  if (ieee->current_network.ssid_len == 0){
2172  strcpy(ieee->current_network.ssid,IEEE80211_DEFAULT_TX_ESSID);
2173  ieee->current_network.ssid_len = strlen(IEEE80211_DEFAULT_TX_ESSID);
2174  ieee->ssid_set = 1;
2175  }
2176 
2177  /* check if we have this cell in our network list */
2178  ieee80211_softmac_check_all_nets(ieee);
2179 
2180  if(ieee->state == IEEE80211_NOLINK)
2181  ieee->current_network.channel = 10;
2182  /* if not then the state is not linked. Maybe the user switched to
2183  * ad-hoc mode just after being in monitor mode, or just after
2184  * being very few time in managed mode (so the card have had no
2185  * time to scan all the chans..) or we have just run up the iface
2186  * after setting ad-hoc mode. So we have to give another try..
2187  * Here, in ibss mode, should be safe to do this without extra care
2188  * (in bss mode we had to make sure no-one tried to associate when
2189  * we had just checked the ieee->state and we was going to start the
2190  * scan) because in ibss mode the ieee80211_new_net function, when
2191  * finds a good net, just set the ieee->state to IEEE80211_LINKED,
2192  * so, at worst, we waste a bit of time to initiate an unneeded syncro
2193  * scan, that will stop at the first round because it sees the state
2194  * associated.
2195  */
2196  if (ieee->state == IEEE80211_NOLINK)
2197  ieee80211_start_scan_syncro(ieee);
2198 
2199  /* the network definitively is not here.. create a new cell */
2200  if (ieee->state == IEEE80211_NOLINK){
2201  printk("creating new IBSS cell\n");
2202  if(!ieee->wap_set)
2203  ieee80211_randomize_cell(ieee);
2204 
2205  if(ieee->modulation & IEEE80211_CCK_MODULATION){
2206 
2207  ieee->current_network.rates_len = 4;
2208 
2209  ieee->current_network.rates[0] = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_1MB;
2210  ieee->current_network.rates[1] = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_2MB;
2211  ieee->current_network.rates[2] = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_5MB;
2212  ieee->current_network.rates[3] = IEEE80211_BASIC_RATE_MASK | IEEE80211_CCK_RATE_11MB;
2213 
2214  }else
2215  ieee->current_network.rates_len = 0;
2216 
2217  if(ieee->modulation & IEEE80211_OFDM_MODULATION){
2218  ieee->current_network.rates_ex_len = 8;
2219 
2220  ieee->current_network.rates_ex[0] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_6MB;
2221  ieee->current_network.rates_ex[1] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_9MB;
2222  ieee->current_network.rates_ex[2] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_12MB;
2223  ieee->current_network.rates_ex[3] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_18MB;
2224  ieee->current_network.rates_ex[4] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_24MB;
2225  ieee->current_network.rates_ex[5] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_36MB;
2226  ieee->current_network.rates_ex[6] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_48MB;
2227  ieee->current_network.rates_ex[7] = IEEE80211_BASIC_RATE_MASK | IEEE80211_OFDM_RATE_54MB;
2228 
2229  ieee->rate = 540;
2230  }else{
2231  ieee->current_network.rates_ex_len = 0;
2232  ieee->rate = 110;
2233  }
2234 
2235  // By default, WMM function will be disabled in IBSS mode
2236  ieee->current_network.QoS_Enable = 0;
2237 
2238  ieee->current_network.atim_window = 0;
2239  ieee->current_network.capability = WLAN_CAPABILITY_IBSS;
2240  if(ieee->short_slot)
2241  ieee->current_network.capability |= WLAN_CAPABILITY_SHORT_SLOT;
2242 
2243  }
2244 
2245  ieee->state = IEEE80211_LINKED;
2246  ieee->set_chan(ieee->dev, ieee->current_network.channel);
2247  ieee->link_change(ieee->dev);
2248 
2249  notify_wx_assoc_event(ieee);
2250 
2251  ieee80211_start_send_beacons(ieee);
2252  printk(KERN_WARNING "after sending beacon packet!\n");
2253 
2254  if (ieee->data_hard_resume)
2255  ieee->data_hard_resume(ieee->dev);
2256 
2257  netif_carrier_on(ieee->dev);
2258 
2259  up(&ieee->wx_sem);
2260 }
2261 inline void ieee80211_start_ibss(struct ieee80211_device *ieee)
2262 {
2263  queue_delayed_work(ieee->wq, &ieee->start_ibss_wq, 100);
2264 }
2265 
2266 /* this is called only in user context, with wx_sem held */
2267 void ieee80211_start_bss(struct ieee80211_device *ieee)
2268 {
2269  unsigned long flags;
2270  //
2271  // Ref: 802.11d 11.1.3.3
2272  // STA shall not start a BSS unless properly formed Beacon frame including a Country IE.
2273  //
2274  if(IS_DOT11D_ENABLE(ieee) && !IS_COUNTRY_IE_VALID(ieee))
2275  {
2276  if(! ieee->bGlobalDomain)
2277  {
2278  return;
2279  }
2280  }
2281  /* check if we have already found the net we
2282  * are interested in (if any).
2283  * if not (we are disassociated and we are not
2284  * in associating / authenticating phase) start the background scanning.
2285  */
2286  ieee80211_softmac_check_all_nets(ieee);
2287 
2288  /* ensure no-one start an associating process (thus setting
2289  * the ieee->state to ieee80211_ASSOCIATING) while we
2290  * have just cheked it and we are going to enable scan.
2291  * The ieee80211_new_net function is always called with
2292  * lock held (from both ieee80211_softmac_check_all_nets and
2293  * the rx path), so we cannot be in the middle of such function
2294  */
2295  spin_lock_irqsave(&ieee->lock, flags);
2296 
2297 //#ifdef ENABLE_IPS
2298 // printk("start bss ENABLE_IPS\n");
2299 //#else
2300  if (ieee->state == IEEE80211_NOLINK){
2301  ieee->actscanning = true;
2302  ieee80211_rtl_start_scan(ieee);
2303  }
2304 //#endif
2305  spin_unlock_irqrestore(&ieee->lock, flags);
2306 }
2307 
2308 /* called only in userspace context */
2309 void ieee80211_disassociate(struct ieee80211_device *ieee)
2310 {
2311  netif_carrier_off(ieee->dev);
2312 
2313  if (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE)
2314  ieee80211_reset_queue(ieee);
2315 
2316  if (ieee->data_hard_stop)
2317  ieee->data_hard_stop(ieee->dev);
2318 
2319  if(IS_DOT11D_ENABLE(ieee))
2320  Dot11d_Reset(ieee);
2321 
2322  ieee->link_change(ieee->dev);
2323  if (ieee->state == IEEE80211_LINKED)
2324  notify_wx_assoc_event(ieee);
2325  ieee->state = IEEE80211_NOLINK;
2326 
2327 }
2328 void ieee80211_associate_retry_wq(struct work_struct *work)
2329 {
2330  struct delayed_work *dwork = to_delayed_work(work);
2331  struct ieee80211_device *ieee = container_of(dwork, struct ieee80211_device, associate_retry_wq);
2332  unsigned long flags;
2333  down(&ieee->wx_sem);
2334  if(!ieee->proto_started)
2335  goto exit;
2336  if(ieee->state != IEEE80211_ASSOCIATING_RETRY)
2337  goto exit;
2338  /* until we do not set the state to IEEE80211_NOLINK
2339  * there are no possibility to have someone else trying
2340  * to start an association procedure (we get here with
2341  * ieee->state = IEEE80211_ASSOCIATING).
2342  * When we set the state to IEEE80211_NOLINK it is possible
2343  * that the RX path run an attempt to associate, but
2344  * both ieee80211_softmac_check_all_nets and the
2345  * RX path works with ieee->lock held so there are no
2346  * problems. If we are still disassociated then start a scan.
2347  * the lock here is necessary to ensure no one try to start
2348  * an association procedure when we have just checked the
2349  * state and we are going to start the scan.
2350  */
2351  ieee->state = IEEE80211_NOLINK;
2352  ieee->beinretry = true;
2353  ieee80211_softmac_check_all_nets(ieee);
2354 
2355  spin_lock_irqsave(&ieee->lock, flags);
2356 
2357  if(ieee->state == IEEE80211_NOLINK){
2358  ieee->beinretry = false;
2359  ieee->actscanning = true;
2360  ieee80211_rtl_start_scan(ieee);
2361  }
2362  //YJ,add,080828, notify os here
2363  if(ieee->state == IEEE80211_NOLINK)
2364  {
2365  notify_wx_assoc_event(ieee);
2366  }
2367  //YJ,add,080828,end
2368  spin_unlock_irqrestore(&ieee->lock, flags);
2369 
2370 exit:
2371  up(&ieee->wx_sem);
2372 }
2373 
2374 struct sk_buff *ieee80211_get_beacon_(struct ieee80211_device *ieee)
2375 {
2376  u8 broadcast_addr[] = {0xff,0xff,0xff,0xff,0xff,0xff};
2377 
2378  struct sk_buff *skb = NULL;
2379  struct ieee80211_probe_response *b;
2380 
2381  skb = ieee80211_probe_resp(ieee, broadcast_addr);
2382  if (!skb)
2383  return NULL;
2384 
2385  b = (struct ieee80211_probe_response *) skb->data;
2386  b->header.frame_ctl = cpu_to_le16(IEEE80211_STYPE_BEACON);
2387 
2388  return skb;
2389 
2390 }
2391 
2392 struct sk_buff *ieee80211_get_beacon(struct ieee80211_device *ieee)
2393 {
2394  struct sk_buff *skb;
2395  struct ieee80211_probe_response *b;
2396 
2397  skb = ieee80211_get_beacon_(ieee);
2398  if(!skb)
2399  return NULL;
2400 
2401  b = (struct ieee80211_probe_response *) skb->data;
2402  b->header.seq_ctrl = cpu_to_le16(ieee->seq_ctrl[0] << 4);
2403 
2404  if (ieee->seq_ctrl[0] == 0xFFF)
2405  ieee->seq_ctrl[0] = 0;
2406  else
2407  ieee->seq_ctrl[0]++;
2408 
2409  return skb;
2410 }
2411 
2412 void ieee80211_softmac_stop_protocol(struct ieee80211_device *ieee)
2413 {
2414  ieee->sync_scan_hurryup = 1;
2415  down(&ieee->wx_sem);
2416  ieee80211_stop_protocol(ieee);
2417  up(&ieee->wx_sem);
2418 }
2419 
2420 
2421 void ieee80211_stop_protocol(struct ieee80211_device *ieee)
2422 {
2423  if (!ieee->proto_started)
2424  return;
2425 
2426  ieee->proto_started = 0;
2427 
2428  ieee80211_stop_send_beacons(ieee);
2429  if((ieee->iw_mode == IW_MODE_INFRA)&&(ieee->state == IEEE80211_LINKED)) {
2430  SendDisassociation(ieee,NULL,WLAN_REASON_DISASSOC_STA_HAS_LEFT);
2431  }
2432  del_timer_sync(&ieee->associate_timer);
2433  cancel_delayed_work(&ieee->associate_retry_wq);
2434  cancel_delayed_work(&ieee->start_ibss_wq);
2435  ieee80211_stop_scan(ieee);
2436 
2437  ieee80211_disassociate(ieee);
2438 }
2439 
2440 void ieee80211_softmac_start_protocol(struct ieee80211_device *ieee)
2441 {
2442  ieee->sync_scan_hurryup = 0;
2443  down(&ieee->wx_sem);
2444  ieee80211_start_protocol(ieee);
2445  up(&ieee->wx_sem);
2446 }
2447 
2448 void ieee80211_start_protocol(struct ieee80211_device *ieee)
2449 {
2450  short ch = 0;
2451  int i = 0;
2452 
2453  if (ieee->proto_started)
2454  return;
2455 
2456  ieee->proto_started = 1;
2457 
2458  if (ieee->current_network.channel == 0){
2459  do{
2460  ch++;
2461  if (ch > MAX_CHANNEL_NUMBER)
2462  return; /* no channel found */
2463 
2464  }while(!GET_DOT11D_INFO(ieee)->channel_map[ch]);
2465 
2466  ieee->current_network.channel = ch;
2467  }
2468 
2469  if (ieee->current_network.beacon_interval == 0)
2470  ieee->current_network.beacon_interval = 100;
2471  ieee->set_chan(ieee->dev,ieee->current_network.channel);
2472 
2473  for(i = 0; i < 17; i++) {
2474  ieee->last_rxseq_num[i] = -1;
2475  ieee->last_rxfrag_num[i] = -1;
2476  ieee->last_packet_time[i] = 0;
2477  }
2478 
2479  ieee->init_wmmparam_flag = 0;//reinitialize AC_xx_PARAM registers.
2480 
2481 
2482  /* if the user set the MAC of the ad-hoc cell and then
2483  * switch to managed mode, shall we make sure that association
2484  * attempts does not fail just because the user provide the essid
2485  * and the nic is still checking for the AP MAC ??
2486  */
2487  switch (ieee->iw_mode) {
2488  case IW_MODE_AUTO:
2489  ieee->iw_mode = IW_MODE_INFRA;
2490  //not set break here intentionly
2491  case IW_MODE_INFRA:
2492  ieee80211_start_bss(ieee);
2493  break;
2494 
2495  case IW_MODE_ADHOC:
2496  ieee80211_start_ibss(ieee);
2497  break;
2498 
2499  case IW_MODE_MASTER:
2500  ieee80211_start_master_bss(ieee);
2501  break;
2502 
2503  case IW_MODE_MONITOR:
2504  ieee80211_start_monitor_mode(ieee);
2505  break;
2506 
2507  default:
2508  ieee->iw_mode = IW_MODE_INFRA;
2509  ieee80211_start_bss(ieee);
2510  break;
2511  }
2512 }
2513 
2514 
2515 #define DRV_NAME "Ieee80211"
2516 void ieee80211_softmac_init(struct ieee80211_device *ieee)
2517 {
2518  int i;
2519  memset(&ieee->current_network, 0, sizeof(struct ieee80211_network));
2520 
2521  ieee->state = IEEE80211_NOLINK;
2522  ieee->sync_scan_hurryup = 0;
2523  for(i = 0; i < 5; i++) {
2524  ieee->seq_ctrl[i] = 0;
2525  }
2526 
2527  ieee->assoc_id = 0;
2528  ieee->queue_stop = 0;
2529  ieee->scanning = 0;
2530  ieee->softmac_features = 0; //so IEEE2100-like driver are happy
2531  ieee->wap_set = 0;
2532  ieee->ssid_set = 0;
2533  ieee->proto_started = 0;
2534  ieee->basic_rate = IEEE80211_DEFAULT_BASIC_RATE;
2535  ieee->rate = 3;
2536 //#ifdef ENABLE_LPS
2537  ieee->ps = IEEE80211_PS_MBCAST|IEEE80211_PS_UNICAST;
2538 //#else
2539 // ieee->ps = IEEE80211_PS_DISABLED;
2540 //#endif
2541  ieee->sta_sleep = 0;
2542 //by amy
2543  ieee->bInactivePs = false;
2544  ieee->actscanning = false;
2545  ieee->ListenInterval = 2;
2546  ieee->NumRxDataInPeriod = 0; //YJ,add,080828
2547  ieee->NumRxBcnInPeriod = 0; //YJ,add,080828
2548  ieee->NumRxOkTotal = 0;//+by amy 080312
2549  ieee->NumRxUnicast = 0;//YJ,add,080828,for keep alive
2550  ieee->beinretry = false;
2551  ieee->bHwRadioOff = false;
2552 //by amy
2553 
2554  init_mgmt_queue(ieee);
2555 
2556  ieee->tx_pending.txb = NULL;
2557 
2558  init_timer(&ieee->associate_timer);
2559  ieee->associate_timer.data = (unsigned long)ieee;
2560  ieee->associate_timer.function = ieee80211_associate_abort_cb;
2561 
2562  init_timer(&ieee->beacon_timer);
2563  ieee->beacon_timer.data = (unsigned long) ieee;
2564  ieee->beacon_timer.function = ieee80211_send_beacon_cb;
2565 
2566  ieee->wq = create_workqueue(DRV_NAME);
2567 
2568  INIT_DELAYED_WORK(&ieee->start_ibss_wq,(void*) ieee80211_start_ibss_wq);
2569  INIT_WORK(&ieee->associate_complete_wq,(void*) ieee80211_associate_complete_wq);
2570  INIT_WORK(&ieee->associate_procedure_wq,(void*) ieee80211_associate_procedure_wq);
2571  INIT_DELAYED_WORK(&ieee->softmac_scan_wq,(void*) ieee80211_softmac_scan_wq);
2572  INIT_DELAYED_WORK(&ieee->associate_retry_wq,(void*) ieee80211_associate_retry_wq);
2573  INIT_WORK(&ieee->wx_sync_scan_wq,(void*) ieee80211_wx_sync_scan_wq);
2574 // INIT_WORK(&ieee->watch_dog_wq,(void*) ieee80211_watch_dog_wq);
2575 
2576  sema_init(&ieee->wx_sem, 1);
2577  sema_init(&ieee->scan_sem, 1);
2578 
2579  spin_lock_init(&ieee->mgmt_tx_lock);
2580  spin_lock_init(&ieee->beacon_lock);
2581 
2582  tasklet_init(&ieee->ps_task,
2583  (void(*)(unsigned long)) ieee80211_sta_ps,
2584  (unsigned long)ieee);
2585  ieee->pDot11dInfo = kmalloc(sizeof(RT_DOT11D_INFO), GFP_ATOMIC);
2586 }
2587 
2588 void ieee80211_softmac_free(struct ieee80211_device *ieee)
2589 {
2590  down(&ieee->wx_sem);
2591 
2592  del_timer_sync(&ieee->associate_timer);
2593  cancel_delayed_work(&ieee->associate_retry_wq);
2594 
2595 
2596  //add for RF power on power of by lizhaoming 080512
2597  cancel_delayed_work(&ieee->GPIOChangeRFWorkItem);
2598 
2599  destroy_workqueue(ieee->wq);
2600  kfree(ieee->pDot11dInfo);
2601  up(&ieee->wx_sem);
2602 }
2603 
2604 /********************************************************
2605  * Start of WPA code. *
2606  * this is stolen from the ipw2200 driver *
2607  ********************************************************/
2608 
2609 
2610 static int ieee80211_wpa_enable(struct ieee80211_device *ieee, int value)
2611 {
2612  /* This is called when wpa_supplicant loads and closes the driver
2613  * interface. */
2614  printk("%s WPA\n",value ? "enabling" : "disabling");
2615  ieee->wpa_enabled = value;
2616  return 0;
2617 }
2618 
2619 
2620 void ieee80211_wpa_assoc_frame(struct ieee80211_device *ieee, char *wpa_ie, int wpa_ie_len)
2621 {
2622  /* make sure WPA is enabled */
2623  ieee80211_wpa_enable(ieee, 1);
2624 
2625  ieee80211_disassociate(ieee);
2626 }
2627 
2628 
2629 static int ieee80211_wpa_mlme(struct ieee80211_device *ieee, int command, int reason)
2630 {
2631 
2632  int ret = 0;
2633 
2634  switch (command) {
2635  case IEEE_MLME_STA_DEAUTH:
2636  // silently ignore
2637  break;
2638 
2639  case IEEE_MLME_STA_DISASSOC:
2640  ieee80211_disassociate(ieee);
2641  break;
2642 
2643  default:
2644  printk("Unknown MLME request: %d\n", command);
2645  ret = -EOPNOTSUPP;
2646  }
2647 
2648  return ret;
2649 }
2650 
2651 
2652 static int ieee80211_wpa_set_wpa_ie(struct ieee80211_device *ieee,
2653  struct ieee_param *param, int plen)
2654 {
2655  u8 *buf;
2656 
2657  if (param->u.wpa_ie.len > MAX_WPA_IE_LEN ||
2658  (param->u.wpa_ie.len && param->u.wpa_ie.data == NULL))
2659  return -EINVAL;
2660 
2661  if (param->u.wpa_ie.len) {
2662  buf = kmemdup(param->u.wpa_ie.data, param->u.wpa_ie.len,
2663  GFP_KERNEL);
2664  if (buf == NULL)
2665  return -ENOMEM;
2666 
2667  kfree(ieee->wpa_ie);
2668  ieee->wpa_ie = buf;
2669  ieee->wpa_ie_len = param->u.wpa_ie.len;
2670  } else {
2671  kfree(ieee->wpa_ie);
2672  ieee->wpa_ie = NULL;
2673  ieee->wpa_ie_len = 0;
2674  }
2675 
2676  ieee80211_wpa_assoc_frame(ieee, ieee->wpa_ie, ieee->wpa_ie_len);
2677  return 0;
2678 }
2679 
2680 #define AUTH_ALG_OPEN_SYSTEM 0x1
2681 #define AUTH_ALG_SHARED_KEY 0x2
2682 
2683 static int ieee80211_wpa_set_auth_algs(struct ieee80211_device *ieee, int value)
2684 {
2685 
2686  struct ieee80211_security sec = {
2687  .flags = SEC_AUTH_MODE,
2688  };
2689  int ret = 0;
2690 
2691  if (value & AUTH_ALG_SHARED_KEY) {
2692  sec.auth_mode = WLAN_AUTH_SHARED_KEY;
2693  ieee->open_wep = 0;
2694  } else {
2695  sec.auth_mode = WLAN_AUTH_OPEN;
2696  ieee->open_wep = 1;
2697  }
2698 
2699  if (ieee->set_security)
2700  ieee->set_security(ieee->dev, &sec);
2701  else
2702  ret = -EOPNOTSUPP;
2703 
2704  return ret;
2705 }
2706 
2707 static int ieee80211_wpa_set_param(struct ieee80211_device *ieee, u8 name, u32 value)
2708 {
2709  int ret=0;
2710  unsigned long flags;
2711 
2712  switch (name) {
2713  case IEEE_PARAM_WPA_ENABLED:
2714  ret = ieee80211_wpa_enable(ieee, value);
2715  break;
2716 
2717  case IEEE_PARAM_TKIP_COUNTERMEASURES:
2718  ieee->tkip_countermeasures=value;
2719  break;
2720 
2721  case IEEE_PARAM_DROP_UNENCRYPTED: {
2722  /* HACK:
2723  *
2724  * wpa_supplicant calls set_wpa_enabled when the driver
2725  * is loaded and unloaded, regardless of if WPA is being
2726  * used. No other calls are made which can be used to
2727  * determine if encryption will be used or not prior to
2728  * association being expected. If encryption is not being
2729  * used, drop_unencrypted is set to false, else true -- we
2730  * can use this to determine if the CAP_PRIVACY_ON bit should
2731  * be set.
2732  */
2733  struct ieee80211_security sec = {
2734  .flags = SEC_ENABLED,
2735  .enabled = value,
2736  };
2737  ieee->drop_unencrypted = value;
2738  /* We only change SEC_LEVEL for open mode. Others
2739  * are set by ipw_wpa_set_encryption.
2740  */
2741  if (!value) {
2742  sec.flags |= SEC_LEVEL;
2743  sec.level = SEC_LEVEL_0;
2744  }
2745  else {
2746  sec.flags |= SEC_LEVEL;
2747  sec.level = SEC_LEVEL_1;
2748  }
2749  if (ieee->set_security)
2750  ieee->set_security(ieee->dev, &sec);
2751  break;
2752  }
2753 
2754  case IEEE_PARAM_PRIVACY_INVOKED:
2755  ieee->privacy_invoked=value;
2756  break;
2757 
2758  case IEEE_PARAM_AUTH_ALGS:
2759  ret = ieee80211_wpa_set_auth_algs(ieee, value);
2760  break;
2761 
2762  case IEEE_PARAM_IEEE_802_1X:
2763  ieee->ieee802_1x=value;
2764  break;
2765  case IEEE_PARAM_WPAX_SELECT:
2766  // added for WPA2 mixed mode
2767  //printk(KERN_WARNING "------------------------>wpax value = %x\n", value);
2768  spin_lock_irqsave(&ieee->wpax_suitlist_lock,flags);
2769  ieee->wpax_type_set = 1;
2770  ieee->wpax_type_notify = value;
2771  spin_unlock_irqrestore(&ieee->wpax_suitlist_lock,flags);
2772  break;
2773 
2774  default:
2775  printk("Unknown WPA param: %d\n",name);
2776  ret = -EOPNOTSUPP;
2777  }
2778 
2779  return ret;
2780 }
2781 
2782 /* implementation borrowed from hostap driver */
2783 
2784 static int ieee80211_wpa_set_encryption(struct ieee80211_device *ieee,
2785  struct ieee_param *param, int param_len)
2786 {
2787  int ret = 0;
2788 
2789  struct ieee80211_crypto_ops *ops;
2790  struct ieee80211_crypt_data **crypt;
2791 
2792  struct ieee80211_security sec = {
2793  .flags = 0,
2794  };
2795 
2796  param->u.crypt.err = 0;
2797  param->u.crypt.alg[IEEE_CRYPT_ALG_NAME_LEN - 1] = '\0';
2798 
2799  if (param_len !=
2800  (int) ((char *) param->u.crypt.key - (char *) param) +
2801  param->u.crypt.key_len) {
2802  printk("Len mismatch %d, %d\n", param_len,
2803  param->u.crypt.key_len);
2804  return -EINVAL;
2805  }
2806  if (is_broadcast_ether_addr(param->sta_addr)) {
2807  if (param->u.crypt.idx >= WEP_KEYS)
2808  return -EINVAL;
2809  crypt = &ieee->crypt[param->u.crypt.idx];
2810  } else {
2811  return -EINVAL;
2812  }
2813 
2814  if (strcmp(param->u.crypt.alg, "none") == 0) {
2815  if (crypt) {
2816  sec.enabled = 0;
2817  // FIXME FIXME
2818  //sec.encrypt = 0;
2819  sec.level = SEC_LEVEL_0;
2820  sec.flags |= SEC_ENABLED | SEC_LEVEL;
2821  ieee80211_crypt_delayed_deinit(ieee, crypt);
2822  }
2823  goto done;
2824  }
2825  sec.enabled = 1;
2826 // FIXME FIXME
2827 // sec.encrypt = 1;
2828  sec.flags |= SEC_ENABLED;
2829 
2830  /* IPW HW cannot build TKIP MIC, host decryption still needed. */
2831  if (!(ieee->host_encrypt || ieee->host_decrypt) &&
2832  strcmp(param->u.crypt.alg, "TKIP"))
2833  goto skip_host_crypt;
2834 
2835  ops = ieee80211_get_crypto_ops(param->u.crypt.alg);
2836  if (ops == NULL && strcmp(param->u.crypt.alg, "WEP") == 0)
2837  ops = ieee80211_get_crypto_ops(param->u.crypt.alg);
2838  else if (ops == NULL && strcmp(param->u.crypt.alg, "TKIP") == 0)
2839  ops = ieee80211_get_crypto_ops(param->u.crypt.alg);
2840  else if (ops == NULL && strcmp(param->u.crypt.alg, "CCMP") == 0)
2841  ops = ieee80211_get_crypto_ops(param->u.crypt.alg);
2842  if (ops == NULL) {
2843  printk("unknown crypto alg '%s'\n", param->u.crypt.alg);
2844  param->u.crypt.err = IEEE_CRYPT_ERR_UNKNOWN_ALG;
2845  ret = -EINVAL;
2846  goto done;
2847  }
2848 
2849  if (*crypt == NULL || (*crypt)->ops != ops) {
2850  struct ieee80211_crypt_data *new_crypt;
2851 
2852  ieee80211_crypt_delayed_deinit(ieee, crypt);
2853 
2854  new_crypt = kmalloc(sizeof(*new_crypt), GFP_KERNEL);
2855  if (new_crypt == NULL) {
2856  ret = -ENOMEM;
2857  goto done;
2858  }
2859  memset(new_crypt, 0, sizeof(struct ieee80211_crypt_data));
2860  new_crypt->ops = ops;
2861  if (new_crypt->ops)
2862  new_crypt->priv =
2863  new_crypt->ops->init(param->u.crypt.idx);
2864 
2865  if (new_crypt->priv == NULL) {
2866  kfree(new_crypt);
2867  param->u.crypt.err = IEEE_CRYPT_ERR_CRYPT_INIT_FAILED;
2868  ret = -EINVAL;
2869  goto done;
2870  }
2871 
2872  *crypt = new_crypt;
2873  }
2874 
2875  if (param->u.crypt.key_len > 0 && (*crypt)->ops->set_key &&
2876  (*crypt)->ops->set_key(param->u.crypt.key,
2877  param->u.crypt.key_len, param->u.crypt.seq,
2878  (*crypt)->priv) < 0) {
2879  printk("key setting failed\n");
2880  param->u.crypt.err = IEEE_CRYPT_ERR_KEY_SET_FAILED;
2881  ret = -EINVAL;
2882  goto done;
2883  }
2884 
2885  skip_host_crypt:
2886  if (param->u.crypt.set_tx) {
2887  ieee->tx_keyidx = param->u.crypt.idx;
2888  sec.active_key = param->u.crypt.idx;
2889  sec.flags |= SEC_ACTIVE_KEY;
2890  } else
2891  sec.flags &= ~SEC_ACTIVE_KEY;
2892 
2893  if (param->u.crypt.alg != NULL) {
2894  memcpy(sec.keys[param->u.crypt.idx],
2895  param->u.crypt.key,
2896  param->u.crypt.key_len);
2897  sec.key_sizes[param->u.crypt.idx] = param->u.crypt.key_len;
2898  sec.flags |= (1 << param->u.crypt.idx);
2899 
2900  if (strcmp(param->u.crypt.alg, "WEP") == 0) {
2901  sec.flags |= SEC_LEVEL;
2902  sec.level = SEC_LEVEL_1;
2903  } else if (strcmp(param->u.crypt.alg, "TKIP") == 0) {
2904  sec.flags |= SEC_LEVEL;
2905  sec.level = SEC_LEVEL_2;
2906  } else if (strcmp(param->u.crypt.alg, "CCMP") == 0) {
2907  sec.flags |= SEC_LEVEL;
2908  sec.level = SEC_LEVEL_3;
2909  }
2910  }
2911  done:
2912  if (ieee->set_security)
2913  ieee->set_security(ieee->dev, &sec);
2914 
2915  /* Do not reset port if card is in Managed mode since resetting will
2916  * generate new IEEE 802.11 authentication which may end up in looping
2917  * with IEEE 802.1X. If your hardware requires a reset after WEP
2918  * configuration (for example... Prism2), implement the reset_port in
2919  * the callbacks structures used to initialize the 802.11 stack. */
2920  if (ieee->reset_on_keychange &&
2921  ieee->iw_mode != IW_MODE_INFRA &&
2922  ieee->reset_port &&
2923  ieee->reset_port(ieee->dev)) {
2924  printk("reset_port failed\n");
2925  param->u.crypt.err = IEEE_CRYPT_ERR_CARD_CONF_FAILED;
2926  return -EINVAL;
2927  }
2928 
2929  return ret;
2930 }
2931 
2932 int ieee80211_wpa_supplicant_ioctl(struct ieee80211_device *ieee, struct iw_point *p)
2933 {
2934  struct ieee_param *param;
2935  int ret=0;
2936 
2937  down(&ieee->wx_sem);
2938  //IEEE_DEBUG_INFO("wpa_supplicant: len=%d\n", p->length);
2939 
2940  if (p->length < sizeof(struct ieee_param) || !p->pointer){
2941  ret = -EINVAL;
2942  goto out;
2943  }
2944 
2945  param = kmalloc(p->length, GFP_KERNEL);
2946  if (param == NULL){
2947  ret = -ENOMEM;
2948  goto out;
2949  }
2950  if (copy_from_user(param, p->pointer, p->length)) {
2951  kfree(param);
2952  ret = -EFAULT;
2953  goto out;
2954  }
2955 
2956  switch (param->cmd) {
2957 
2958  case IEEE_CMD_SET_WPA_PARAM:
2959  ret = ieee80211_wpa_set_param(ieee, param->u.wpa_param.name,
2960  param->u.wpa_param.value);
2961  break;
2962 
2963  case IEEE_CMD_SET_WPA_IE:
2964  ret = ieee80211_wpa_set_wpa_ie(ieee, param, p->length);
2965  break;
2966 
2967  case IEEE_CMD_SET_ENCRYPTION:
2968  ret = ieee80211_wpa_set_encryption(ieee, param, p->length);
2969  break;
2970 
2971  case IEEE_CMD_MLME:
2972  ret = ieee80211_wpa_mlme(ieee, param->u.mlme.command,
2973  param->u.mlme.reason_code);
2974  break;
2975 
2976  default:
2977  printk("Unknown WPA supplicant request: %d\n",param->cmd);
2978  ret = -EOPNOTSUPP;
2979  break;
2980  }
2981 
2982  if (ret == 0 && copy_to_user(p->pointer, param, p->length))
2983  ret = -EFAULT;
2984 
2985  kfree(param);
2986 out:
2987  up(&ieee->wx_sem);
2988 
2989  return ret;
2990 }
2991 
2992 void notify_wx_assoc_event(struct ieee80211_device *ieee)
2993 {
2994  union iwreq_data wrqu;
2995  wrqu.ap_addr.sa_family = ARPHRD_ETHER;
2996  if (ieee->state == IEEE80211_LINKED)
2997  memcpy(wrqu.ap_addr.sa_data, ieee->current_network.bssid, ETH_ALEN);
2998  else
2999  memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
3000  wireless_send_event(ieee->dev, SIOCGIWAP, &wrqu, NULL);
3001 }
Generated on Thu Jan 10 2013 14:30:30 for Linux Kernel by   doxygen 1.8.2