mlme.c 122 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
/*
 * BSS client mode implementation
 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

/* TODO:
 * order BSS list by RSSI(?) ("quality of AP")
 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
 *    SSID)
 */
19
#include <linux/delay.h>
20 21 22 23 24 25 26
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/if_arp.h>
#include <linux/wireless.h>
#include <linux/random.h>
#include <linux/etherdevice.h>
27
#include <linux/rtnetlink.h>
28 29 30 31 32
#include <net/iw_handler.h>
#include <asm/types.h>

#include <net/mac80211.h>
#include "ieee80211_i.h"
Johannes Berg's avatar
Johannes Berg committed
33 34
#include "rate.h"
#include "led.h"
35
#include "mesh.h"
36

37
#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
38 39 40 41 42
#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
#define IEEE80211_AUTH_MAX_TRIES 3
#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
#define IEEE80211_ASSOC_MAX_TRIES 3
#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
43
#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
44 45 46 47
#define IEEE80211_PROBE_INTERVAL (60 * HZ)
#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
#define IEEE80211_SCAN_INTERVAL (2 * HZ)
#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
48
#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
49 50 51 52 53 54 55

#define IEEE80211_PROBE_DELAY (HZ / 33)
#define IEEE80211_CHANNEL_TIME (HZ / 33)
#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
56
#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
57 58 59 60 61 62

#define IEEE80211_IBSS_MAX_STA_ENTRIES 128


#define ERP_INFO_USE_PROTECTION BIT(1)

63 64 65 66 67 68
/* mgmt header + 1 byte action code */
#define IEEE80211_MIN_ACTION_SIZE (24 + 1)

#define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
#define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
#define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
69 70
#define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
#define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
71

72 73 74 75 76
/* next values represent the buffer size for A-MPDU frame.
 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
#define IEEE80211_MIN_AMPDU_BUF 0x8
#define IEEE80211_MAX_AMPDU_BUF 0x40

77
static void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
78 79
				     u8 *ssid, size_t ssid_len);
static struct ieee80211_sta_bss *
80
ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
81
		     u8 *ssid, u8 ssid_len);
82
static void ieee80211_rx_bss_put(struct ieee80211_local *local,
83
				 struct ieee80211_sta_bss *bss);
84
static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
85
				   struct ieee80211_if_sta *ifsta);
86 87
static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata);
static int ieee80211_sta_start_scan(struct ieee80211_sub_if_data *sdata,
88
				    u8 *ssid, size_t ssid_len);
89
static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
90
				     struct ieee80211_if_sta *ifsta);
91
static void sta_rx_agg_session_timer_expired(unsigned long data);
92 93


94 95
void ieee802_11_parse_elems(u8 *start, size_t len,
			    struct ieee802_11_elems *elems)
96 97 98 99 100
{
	size_t left = len;
	u8 *pos = start;

	memset(elems, 0, sizeof(*elems));
101 102
	elems->ie_start = start;
	elems->total_len = len;
103 104 105 106 107 108 109 110

	while (left >= 2) {
		u8 id, elen;

		id = *pos++;
		elen = *pos++;
		left -= 2;

111 112
		if (elen > left)
			return;
113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177

		switch (id) {
		case WLAN_EID_SSID:
			elems->ssid = pos;
			elems->ssid_len = elen;
			break;
		case WLAN_EID_SUPP_RATES:
			elems->supp_rates = pos;
			elems->supp_rates_len = elen;
			break;
		case WLAN_EID_FH_PARAMS:
			elems->fh_params = pos;
			elems->fh_params_len = elen;
			break;
		case WLAN_EID_DS_PARAMS:
			elems->ds_params = pos;
			elems->ds_params_len = elen;
			break;
		case WLAN_EID_CF_PARAMS:
			elems->cf_params = pos;
			elems->cf_params_len = elen;
			break;
		case WLAN_EID_TIM:
			elems->tim = pos;
			elems->tim_len = elen;
			break;
		case WLAN_EID_IBSS_PARAMS:
			elems->ibss_params = pos;
			elems->ibss_params_len = elen;
			break;
		case WLAN_EID_CHALLENGE:
			elems->challenge = pos;
			elems->challenge_len = elen;
			break;
		case WLAN_EID_WPA:
			if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
			    pos[2] == 0xf2) {
				/* Microsoft OUI (00:50:F2) */
				if (pos[3] == 1) {
					/* OUI Type 1 - WPA IE */
					elems->wpa = pos;
					elems->wpa_len = elen;
				} else if (elen >= 5 && pos[3] == 2) {
					if (pos[4] == 0) {
						elems->wmm_info = pos;
						elems->wmm_info_len = elen;
					} else if (pos[4] == 1) {
						elems->wmm_param = pos;
						elems->wmm_param_len = elen;
					}
				}
			}
			break;
		case WLAN_EID_RSN:
			elems->rsn = pos;
			elems->rsn_len = elen;
			break;
		case WLAN_EID_ERP_INFO:
			elems->erp_info = pos;
			elems->erp_info_len = elen;
			break;
		case WLAN_EID_EXT_SUPP_RATES:
			elems->ext_supp_rates = pos;
			elems->ext_supp_rates_len = elen;
			break;
178 179 180 181 182 183 184 185
		case WLAN_EID_HT_CAPABILITY:
			elems->ht_cap_elem = pos;
			elems->ht_cap_elem_len = elen;
			break;
		case WLAN_EID_HT_EXTRA_INFO:
			elems->ht_info_elem = pos;
			elems->ht_info_elem_len = elen;
			break;
186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209
		case WLAN_EID_MESH_ID:
			elems->mesh_id = pos;
			elems->mesh_id_len = elen;
			break;
		case WLAN_EID_MESH_CONFIG:
			elems->mesh_config = pos;
			elems->mesh_config_len = elen;
			break;
		case WLAN_EID_PEER_LINK:
			elems->peer_link = pos;
			elems->peer_link_len = elen;
			break;
		case WLAN_EID_PREQ:
			elems->preq = pos;
			elems->preq_len = elen;
			break;
		case WLAN_EID_PREP:
			elems->prep = pos;
			elems->prep_len = elen;
			break;
		case WLAN_EID_PERR:
			elems->perr = pos;
			elems->perr_len = elen;
			break;
210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228
		case WLAN_EID_CHANNEL_SWITCH:
			elems->ch_switch_elem = pos;
			elems->ch_switch_elem_len = elen;
			break;
		case WLAN_EID_QUIET:
			if (!elems->quiet_elem) {
				elems->quiet_elem = pos;
				elems->quiet_elem_len = elen;
			}
			elems->num_of_quiet_elem++;
			break;
		case WLAN_EID_COUNTRY:
			elems->country_elem = pos;
			elems->country_elem_len = elen;
			break;
		case WLAN_EID_PWR_CONSTRAINT:
			elems->pwr_constr_elem = pos;
			elems->pwr_constr_elem_len = elen;
			break;
229 230 231 232 233 234 235 236 237 238
		default:
			break;
		}

		left -= elen;
		pos += elen;
	}
}


239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259
static u8 * ieee80211_bss_get_ie(struct ieee80211_sta_bss *bss, u8 ie)
{
	u8 *end, *pos;

	pos = bss->ies;
	if (pos == NULL)
		return NULL;
	end = pos + bss->ies_len;

	while (pos + 1 < end) {
		if (pos + 2 + pos[1] > end)
			break;
		if (pos[0] == ie)
			return pos;
		pos += 2 + pos[1];
	}

	return NULL;
}


260 261
static int ecw2cw(int ecw)
{
262
	return (1 << ecw) - 1;
263 264
}

265

266
static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301
					 struct ieee80211_sta_bss *bss,
					 int ibss)
{
	struct ieee80211_local *local = sdata->local;
	int i, have_higher_than_11mbit = 0;


	/* cf. IEEE 802.11 9.2.12 */
	for (i = 0; i < bss->supp_rates_len; i++)
		if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
			have_higher_than_11mbit = 1;

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
	    have_higher_than_11mbit)
		sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
	else
		sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;


	if (local->ops->conf_tx) {
		struct ieee80211_tx_queue_params qparam;

		memset(&qparam, 0, sizeof(qparam));

		qparam.aifs = 2;

		if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
		    !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
			qparam.cw_min = 31;
		else
			qparam.cw_min = 15;

		qparam.cw_max = 1023;
		qparam.txop = 0;

Johannes Berg's avatar
Johannes Berg committed
302 303
		for (i = 0; i < local_to_hw(local)->queues; i++)
			local->ops->conf_tx(local_to_hw(local), i, &qparam);
304 305 306
	}
}

307
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
308 309 310 311 312 313 314 315
				     struct ieee80211_if_sta *ifsta,
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
	u8 *pos;

316 317 318 319 320 321
	if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
		return;

	if (!wmm_param)
		return;

322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
	count = wmm_param[6] & 0x0f;
	if (count == ifsta->wmm_last_param_set)
		return;
	ifsta->wmm_last_param_set = count;

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	if (!local->ops->conf_tx)
		return;

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
		int queue;

		switch (aci) {
		case 1:
Johannes Berg's avatar
Johannes Berg committed
345
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
346
			if (acm)
347 348 349
				local->wmm_acm |= BIT(0) | BIT(3);
			break;
		case 2:
Johannes Berg's avatar
Johannes Berg committed
350
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
351
			if (acm)
352 353 354
				local->wmm_acm |= BIT(4) | BIT(5);
			break;
		case 3:
Johannes Berg's avatar
Johannes Berg committed
355
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
356
			if (acm)
357 358 359 360
				local->wmm_acm |= BIT(6) | BIT(7);
			break;
		case 0:
		default:
Johannes Berg's avatar
Johannes Berg committed
361
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
362
			if (acm)
363 364 365 366 367 368 369
				local->wmm_acm |= BIT(1) | BIT(2);
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
370
		params.txop = get_unaligned_le16(pos + 2);
371
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
372
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
373
		       "cWmin=%d cWmax=%d txop=%d\n",
374
		       local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
375 376
		       params.cw_max, params.txop);
#endif
377 378 379 380
		/* TODO: handle ACM (block TX, fallback to next lowest allowed
		 * AC for now) */
		if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
			printk(KERN_DEBUG "%s: failed to set TX queue "
381
			       "parameters for queue %d\n", local->mdev->name, queue);
382 383 384 385
		}
	}
}

386 387 388
static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
					   bool use_protection,
					   bool use_short_preamble)
389
{
390
	struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
391
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
392
	struct ieee80211_if_sta *ifsta = &sdata->u.sta;
393
	DECLARE_MAC_BUF(mac);
394
#endif
395
	u32 changed = 0;
396

397
	if (use_protection != bss_conf->use_cts_prot) {
398
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
399 400
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
401
			       "%s)\n",
402
			       sdata->dev->name,
403
			       use_protection ? "enabled" : "disabled",
404
			       print_mac(mac, ifsta->bssid));
405
		}
406
#endif
407 408
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
409
	}
410

411
	if (use_short_preamble != bss_conf->use_short_preamble) {
412
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
413 414
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s barker preamble"
415
			       " (BSSID=%s)\n",
416
			       sdata->dev->name,
417
			       use_short_preamble ? "short" : "long",
418
			       print_mac(mac, ifsta->bssid));
419
		}
420
#endif
421
		bss_conf->use_short_preamble = use_short_preamble;
422
		changed |= BSS_CHANGED_ERP_PREAMBLE;
423
	}
424

425
	return changed;
426 427
}

428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453
static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
				   u8 erp_value)
{
	bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
	bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;

	return ieee80211_handle_protect_preamb(sdata,
			use_protection, use_short_preamble);
}

static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   struct ieee80211_sta_bss *bss)
{
	u32 changed = 0;

	if (bss->has_erp_value)
		changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
	else {
		u16 capab = bss->capability;
		changed |= ieee80211_handle_protect_preamb(sdata, false,
				(capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
	}

	return changed;
}

454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498
int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
				   struct ieee80211_ht_info *ht_info)
{

	if (ht_info == NULL)
		return -EINVAL;

	memset(ht_info, 0, sizeof(*ht_info));

	if (ht_cap_ie) {
		u8 ampdu_info = ht_cap_ie->ampdu_params_info;

		ht_info->ht_supported = 1;
		ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
		ht_info->ampdu_factor =
			ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
		ht_info->ampdu_density =
			(ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
		memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
	} else
		ht_info->ht_supported = 0;

	return 0;
}

int ieee80211_ht_addt_info_ie_to_ht_bss_info(
			struct ieee80211_ht_addt_info *ht_add_info_ie,
			struct ieee80211_ht_bss_info *bss_info)
{
	if (bss_info == NULL)
		return -EINVAL;

	memset(bss_info, 0, sizeof(*bss_info));

	if (ht_add_info_ie) {
		u16 op_mode;
		op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);

		bss_info->primary_channel = ht_add_info_ie->control_chan;
		bss_info->bss_cap = ht_add_info_ie->ht_param;
		bss_info->bss_op_mode = (u8)(op_mode & 0xff);
	}

	return 0;
}
499

500
static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
501 502 503 504 505 506 507 508 509 510 511
					 struct ieee80211_if_sta *ifsta)
{
	char *buf;
	size_t len;
	int i;
	union iwreq_data wrqu;

	if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
		return;

	buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
512
				ifsta->assocresp_ies_len), GFP_KERNEL);
513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544
	if (!buf)
		return;

	len = sprintf(buf, "ASSOCINFO(");
	if (ifsta->assocreq_ies) {
		len += sprintf(buf + len, "ReqIEs=");
		for (i = 0; i < ifsta->assocreq_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocreq_ies[i]);
		}
	}
	if (ifsta->assocresp_ies) {
		if (ifsta->assocreq_ies)
			len += sprintf(buf + len, " ");
		len += sprintf(buf + len, "RespIEs=");
		for (i = 0; i < ifsta->assocresp_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocresp_ies[i]);
		}
	}
	len += sprintf(buf + len, ")");

	if (len > IW_CUSTOM_MAX) {
		len = sprintf(buf, "ASSOCRESPIE=");
		for (i = 0; i < ifsta->assocresp_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocresp_ies[i]);
		}
	}

	memset(&wrqu, 0, sizeof(wrqu));
	wrqu.data.length = len;
545
	wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
546 547 548 549 550

	kfree(buf);
}


551
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
552
				     struct ieee80211_if_sta *ifsta,
553
				     bool assoc)
554
{
555
	struct ieee80211_local *local = sdata->local;
Tomas Winkler's avatar
Tomas Winkler committed
556
	struct ieee80211_conf *conf = &local_to_hw(local)->conf;
557
	union iwreq_data wrqu;
558
	u32 changed = BSS_CHANGED_ASSOC;
559 560

	if (assoc) {
561
		struct ieee80211_sta_bss *bss;
562 563 564

		ifsta->flags |= IEEE80211_STA_ASSOCIATED;

565
		if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
566
			return;
567

568
		bss = ieee80211_rx_bss_get(local, ifsta->bssid,
Tomas Winkler's avatar
Tomas Winkler committed
569
					   conf->channel->center_freq,
570
					   ifsta->ssid, ifsta->ssid_len);
571
		if (bss) {
572 573 574
			/* set timing information */
			sdata->bss_conf.beacon_int = bss->beacon_int;
			sdata->bss_conf.timestamp = bss->timestamp;
575
			sdata->bss_conf.dtim_period = bss->dtim_period;
576

577
			changed |= ieee80211_handle_bss_capability(sdata, bss);
578

579
			ieee80211_rx_bss_put(local, bss);
580 581
		}

Tomas Winkler's avatar
Tomas Winkler committed
582 583 584 585 586 587 588
		if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
			changed |= BSS_CHANGED_HT;
			sdata->bss_conf.assoc_ht = 1;
			sdata->bss_conf.ht_conf = &conf->ht_conf;
			sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
		}

589
		ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
590 591
		memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
		memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
592
		ieee80211_sta_send_associnfo(sdata, ifsta);
593
	} else {
594 595
		netif_carrier_off(sdata->dev);
		ieee80211_sta_tear_down_BA_sessions(sdata, ifsta->bssid);
596
		ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
597
		changed |= ieee80211_reset_erp_info(sdata);
Tomas Winkler's avatar
Tomas Winkler committed
598 599 600 601 602

		sdata->bss_conf.assoc_ht = 0;
		sdata->bss_conf.ht_conf = NULL;
		sdata->bss_conf.ht_bss_conf = NULL;

603 604 605
		memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
	}
	ifsta->last_probe = jiffies;
606
	ieee80211_led_assoc(local, assoc);
607

608
	sdata->bss_conf.assoc = assoc;
609
	ieee80211_bss_info_change_notify(sdata, changed);
610 611

	if (assoc)
612
		netif_carrier_on(sdata->dev);
613

614
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
615
	wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
616 617
}

618
static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
619 620
				   struct ieee80211_if_sta *ifsta, int deauth)
{
621 622
	if (deauth) {
		ifsta->direct_probe_tries = 0;
623
		ifsta->auth_tries = 0;
624
	}
625
	ifsta->assoc_scan_tries = 0;
626
	ifsta->assoc_tries = 0;
627
	ieee80211_set_associated(sdata, ifsta, 0);
628 629
}

630
void ieee80211_sta_tx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
631
		      int encrypt)
632 633 634 635 636 637
{
	skb->dev = sdata->local->mdev;
	skb_set_mac_header(skb, 0);
	skb_set_network_header(skb, 0);
	skb_set_transport_header(skb, 0);

638 639
	skb->iif = sdata->dev->ifindex;
	skb->do_not_encrypt = !encrypt;
640 641 642 643 644

	dev_queue_xmit(skb);
}


645
static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
646 647 648 649
				struct ieee80211_if_sta *ifsta,
				int transaction, u8 *extra, size_t extra_len,
				int encrypt)
{
650
	struct ieee80211_local *local = sdata->local;
651 652 653 654 655 656 657
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    sizeof(*mgmt) + 6 + extra_len);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
658
		       "frame\n", sdata->dev->name);
659 660 661 662 663 664
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
	memset(mgmt, 0, 24 + 6);
665 666
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_AUTH);
667 668 669
	if (encrypt)
		mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
670
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
671 672 673 674 675 676 677 678
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
	mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
	mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
	ifsta->auth_transaction = transaction + 1;
	mgmt->u.auth.status_code = cpu_to_le16(0);
	if (extra)
		memcpy(skb_put(skb, extra_len), extra, extra_len);

679
	ieee80211_sta_tx(sdata, skb, encrypt);
680 681
}

682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711
static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
				   struct ieee80211_if_sta *ifsta)
{
	DECLARE_MAC_BUF(mac);

	ifsta->direct_probe_tries++;
	if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
		printk(KERN_DEBUG "%s: direct probe to AP %s timed out\n",
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
		return;
	}

	printk(KERN_DEBUG "%s: direct probe to AP %s try %d\n",
			sdata->dev->name, print_mac(mac, ifsta->bssid),
			ifsta->direct_probe_tries);

	ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;

	set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);

	/* Direct probe is sent to broadcast address as some APs
	 * will not answer to direct packet in unassociated state.
	 */
	ieee80211_send_probe_req(sdata, NULL,
				 ifsta->ssid, ifsta->ssid_len);

	mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
}

712

713
static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
714 715
				   struct ieee80211_if_sta *ifsta)
{
716 717
	DECLARE_MAC_BUF(mac);

718 719
	ifsta->auth_tries++;
	if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
720
		printk(KERN_DEBUG "%s: authentication with AP %s"
721
		       " timed out\n",
722
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
723
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
724 725 726
		return;
	}

727
	ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
728
	printk(KERN_DEBUG "%s: authenticate with AP %s\n",
729
	       sdata->dev->name, print_mac(mac, ifsta->bssid));
730

731
	ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);
732 733 734 735

	mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
}

736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755
static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
				      struct ieee80211_supported_band *sband,
				      u64 *rates)
{
	int i, j, count;
	*rates = 0;
	count = 0;
	for (i = 0; i < bss->supp_rates_len; i++) {
		int rate = (bss->supp_rates[i] & 0x7F) * 5;

		for (j = 0; j < sband->n_bitrates; j++)
			if (sband->bitrates[j].bitrate == rate) {
				*rates |= BIT(j);
				count++;
				break;
			}
	}

	return count;
}
756

757
static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
758 759
				 struct ieee80211_if_sta *ifsta)
{
760
	struct ieee80211_local *local = sdata->local;
761 762
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
763
	u8 *pos, *ies, *ht_add_ie;
764
	int i, len, count, rates_len, supp_rates_len;
765 766 767
	u16 capab;
	struct ieee80211_sta_bss *bss;
	int wmm = 0;
768
	struct ieee80211_supported_band *sband;
769
	u64 rates = 0;
770 771 772 773 774 775

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
			    ifsta->ssid_len);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
776
		       "frame\n", sdata->dev->name);
777 778 779 780
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

781 782
	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

783
	capab = ifsta->capab;
784 785 786 787 788 789

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
790
	}
791

792
	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
793
				   local->hw.conf.channel->center_freq,
794
				   ifsta->ssid, ifsta->ssid_len);
795 796 797
	if (bss) {
		if (bss->capability & WLAN_CAPABILITY_PRIVACY)
			capab |= WLAN_CAPABILITY_PRIVACY;
798
		if (bss->wmm_used)
799
			wmm = 1;
800 801 802 803 804 805 806

		/* get all rates supported by the device and the AP as
		 * some APs don't like getting a superset of their rates
		 * in the association request (e.g. D-Link DAP 1353 in
		 * b-only mode) */
		rates_len = ieee80211_compatible_rates(bss, sband, &rates);

807 808 809 810
		if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
		    (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
			capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;

811
		ieee80211_rx_bss_put(local, bss);
812 813 814
	} else {
		rates = ~0;
		rates_len = sband->n_bitrates;
815 816 817 818 819
	}

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
820
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
821 822
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);

823
	if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
824
		skb_put(skb, 10);
825 826
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_REASSOC_REQ);
827
		mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
828 829
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
830 831 832 833
		memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
		       ETH_ALEN);
	} else {
		skb_put(skb, 4);
834 835
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_ASSOC_REQ);
836
		mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
837 838
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
839 840 841 842 843 844 845 846
	}

	/* SSID */
	ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
	*pos++ = WLAN_EID_SSID;
	*pos++ = ifsta->ssid_len;
	memcpy(pos, ifsta->ssid, ifsta->ssid_len);

847
	/* add all rates which were marked to be used above */
848 849 850 851
	supp_rates_len = rates_len;
	if (supp_rates_len > 8)
		supp_rates_len = 8;

852
	len = sband->n_bitrates;
853
	pos = skb_put(skb, supp_rates_len + 2);
854
	*pos++ = WLAN_EID_SUPP_RATES;
855
	*pos++ = supp_rates_len;
856

857 858 859
	count = 0;
	for (i = 0; i < sband->n_bitrates; i++) {
		if (BIT(i) & rates) {
860
			int rate = sband->bitrates[i].bitrate;
861
			*pos++ = (u8) (rate / 5);
862 863 864 865 866 867 868 869 870 871 872 873 874 875 876
			if (++count == 8)
				break;
		}
	}

	if (count == 8) {
		pos = skb_put(skb, rates_len - count + 2);
		*pos++ = WLAN_EID_EXT_SUPP_RATES;
		*pos++ = rates_len - count;

		for (i++; i < sband->n_bitrates; i++) {
			if (BIT(i) & rates) {
				int rate = sband->bitrates[i].bitrate;
				*pos++ = (u8) (rate / 5);
			}
877 878 879
		}
	}

880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899
	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
		/* 1. power capabilities */
		pos = skb_put(skb, 4);
		*pos++ = WLAN_EID_PWR_CAPABILITY;
		*pos++ = 2;
		*pos++ = 0; /* min tx power */
		*pos++ = local->hw.conf.channel->max_power; /* max tx power */

		/* 2. supported channels */
		/* TODO: get this in reg domain format */
		pos = skb_put(skb, 2 * sband->n_channels + 2);
		*pos++ = WLAN_EID_SUPPORTED_CHANNELS;
		*pos++ = 2 * sband->n_channels;
		for (i = 0; i < sband->n_channels; i++) {
			*pos++ = ieee80211_frequency_to_channel(
					sband->channels[i].center_freq);
			*pos++ = 1; /* one channel in the subband*/
		}
	}

900 901 902 903 904
	if (ifsta->extra_ie) {
		pos = skb_put(skb, ifsta->extra_ie_len);
		memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
	}

905
	if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
906 907 908 909 910 911 912 913 914 915 916
		pos = skb_put(skb, 9);
		*pos++ = WLAN_EID_VENDOR_SPECIFIC;
		*pos++ = 7; /* len */
		*pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
		*pos++ = 0x50;
		*pos++ = 0xf2;
		*pos++ = 2; /* WME */
		*pos++ = 0; /* WME info */
		*pos++ = 1; /* WME ver */
		*pos++ = 0;
	}
917

918
	/* wmm support is a must to HT */
919
	if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
920 921
	    sband->ht_info.ht_supported &&
	    (ht_add_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_EXTRA_INFO))) {
922
		struct ieee80211_ht_addt_info *ht_add_info =
923
			(struct ieee80211_ht_addt_info *)ht_add_ie;
924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943
		u16 cap = sband->ht_info.cap;
		__le16 tmp;
		u32 flags = local->hw.conf.channel->flags;

		switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
		case IEEE80211_HT_IE_CHA_SEC_ABOVE:
			if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		case IEEE80211_HT_IE_CHA_SEC_BELOW:
			if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		}

		tmp = cpu_to_le16(cap);
944 945 946 947 948 949
		pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
		*pos++ = WLAN_EID_HT_CAPABILITY;
		*pos++ = sizeof(struct ieee80211_ht_cap);
		memset(pos, 0, sizeof(struct ieee80211_ht_cap));
		memcpy(pos, &tmp, sizeof(u16));
		pos += sizeof(u16);
950 951 952 953
		/* TODO: needs a define here for << 2 */
		*pos++ = sband->ht_info.ampdu_factor |
			 (sband->ht_info.ampdu_density << 2);
		memcpy(pos, sband->ht_info.supp_mcs_set, 16);
954
	}
955 956 957

	kfree(ifsta->assocreq_ies);
	ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
958
	ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
959 960 961
	if (ifsta->assocreq_ies)
		memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);

962
	ieee80211_sta_tx(sdata, skb, 0);
963 964 965
}


966
static void ieee80211_send_deauth(struct ieee80211_sub_if_data *sdata,
967 968
				  struct ieee80211_if_sta *ifsta, u16 reason)
{
969
	struct ieee80211_local *local = sdata->local;
970 971 972 973 974 975
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
976
		       "frame\n", sdata->dev->name);
977 978 979 980 981 982 983
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
984
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
985
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
986 987
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_DEAUTH);
988 989 990
	skb_put(skb, 2);
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

991
	ieee80211_sta_tx(sdata, skb, 0);
992 993 994
}


995
static void ieee80211_send_disassoc(struct ieee80211_sub_if_data *sdata,
996 997
				    struct ieee80211_if_sta *ifsta, u16 reason)
{
998
	struct ieee80211_local *local = sdata->local;
999 1000 1001 1002 1003 1004
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
1005
		       "frame\n", sdata->dev->name);
1006 1007 1008 1009 1010 1011 1012
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
1013
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1014
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1015 1016
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_DISASSOC);
1017 1018 1019
	skb_put(skb, 2);
	mgmt->u.disassoc.reason_code = cpu_to_le16(reason);

1020
	ieee80211_sta_tx(sdata, skb, 0);
1021 1022 1023
}


1024
static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
1025 1026
				      struct ieee80211_if_sta *ifsta)
{
1027
	struct ieee80211_local *local = sdata->local;
1028
	struct ieee80211_sta_bss *bss;
1029 1030 1031
	int bss_privacy;
	int wep_privacy;
	int privacy_invoked;
1032

1033
	if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
1034 1035
		return 0;

1036
	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1037
				   local->hw.conf.channel->center_freq,
1038
				   ifsta->ssid, ifsta->ssid_len);
1039 1040 1041
	if (!bss)
		return 0;

1042
	bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
1043
	wep_privacy = !!ieee80211_sta_wep_configured(sdata);
1044
	privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
1045

1046
	ieee80211_rx_bss_put(local, bss);
1047

1048 1049 1050 1051
	if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
		return 0;

	return 1;
1052 1053 1054
}


1055
static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
1056 1057
				struct ieee80211_if_sta *ifsta)
{
1058 1059
	DECLARE_MAC_BUF(mac);

1060 1061
	ifsta->assoc_tries++;
	if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
1062
		printk(KERN_DEBUG "%s: association with AP %s"
1063
		       " timed out\n",
1064
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
1065
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
1066 1067 1068
		return;
	}

1069
	ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
1070
	printk(KERN_DEBUG "%s: associate with AP %s\n",
1071 1072
	       sdata->dev->name, print_mac(mac, ifsta->bssid));
	if (ieee80211_privacy_mismatch(sdata, ifsta)) {
1073
		printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
1074
		       "mixed-cell disabled - abort association\n", sdata->dev->name);
1075
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
1076 1077 1078
		return;
	}

1079
	ieee80211_send_assoc(sdata, ifsta);
1080 1081 1082 1083 1084

	mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
}


1085
static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
1086 1087
				 struct ieee80211_if_sta *ifsta)
{
1088
	struct ieee80211_local *local = sdata->local;
1089 1090
	struct sta_info *sta;
	int disassoc;
1091
	DECLARE_MAC_BUF(mac);
1092 1093 1094 1095 1096 1097

	/* TODO: start monitoring current AP signal quality and number of
	 * missed beacons. Scan other channels every now and then and search
	 * for better APs. */
	/* TODO: remove expired BSSes */

1098
	ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
1099

1100 1101
	rcu_read_lock();

1102 1103
	sta = sta_info_get(local, ifsta->bssid);
	if (!sta) {
1104
		printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
1105
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
1106 1107 1108 1109 1110
		disassoc = 1;
	} else {
		disassoc = 0;
		if (time_after(jiffies,
			       sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
1111
			if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
1112
				printk(KERN_DEBUG "%s: No ProbeResp from "
1113
				       "current AP %s - assume out of "
1114
				       "range\n",
1115
				       sdata->dev->name, print_mac(mac, ifsta->bssid));
1116
				disassoc = 1;
1117
				sta_info_unlink(&sta);
1118
			} else
1119
				ieee80211_send_probe_req(sdata, ifsta->bssid,
1120 1121
							 local->scan_ssid,
							 local->scan_ssid_len);
1122
			ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1123
		} else {
1124
			ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1125 1126 1127
			if (time_after(jiffies, ifsta->last_probe +
				       IEEE80211_PROBE_INTERVAL)) {
				ifsta->last_probe = jiffies;
1128
				ieee80211_send_probe_req(sdata, ifsta->bssid,
1129 1130 1131 1132 1133
							 ifsta->ssid,
							 ifsta->ssid_len);
			}
		}
	}
1134 1135 1136

	rcu_read_unlock();

1137
	if (disassoc && sta)
1138 1139
		sta_info_destroy(sta);

1140
	if (disassoc) {
1141
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
1142
		ieee80211_set_associated(sdata, ifsta, 0);
1143 1144 1145 1146 1147 1148 1149
	} else {
		mod_timer(&ifsta->timer, jiffies +
				      IEEE80211_MONITORING_INTERVAL);
	}
}


1150
static void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1151 1152
				     u8 *ssid, size_t ssid_len)
{
1153
	struct ieee80211_local *local = sdata->local;
1154
	struct ieee80211_supported_band *sband;
1155 1156 1157 1158 1159 1160 1161 1162
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
	u8 *pos, *supp_rates, *esupp_rates = NULL;
	int i;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
1163
		       "request\n", sdata->dev->name);
1164 1165 1166 1167 1168 1169
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
1170 1171
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_PROBE_REQ);
1172
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187
	if (dst) {
		memcpy(mgmt->da, dst, ETH_ALEN);
		memcpy(mgmt->bssid, dst, ETH_ALEN);
	} else {
		memset(mgmt->da, 0xff, ETH_ALEN);
		memset(mgmt->bssid, 0xff, ETH_ALEN);
	}
	pos = skb_put(skb, 2 + ssid_len);
	*pos++ = WLAN_EID_SSID;
	*pos++ = ssid_len;
	memcpy(pos, ssid, ssid_len);

	supp_rates = skb_put(skb, 2);
	supp_rates[0] = WLAN_EID_SUPP_RATES;
	supp_rates[1] = 0;
1188 1189 1190 1191
	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	for (i = 0; i < sband->n_bitrates; i++) {
		struct ieee80211_rate *rate = &sband->bitrates[i];
1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203
		if (esupp_rates) {
			pos = skb_put(skb, 1);
			esupp_rates[1]++;
		} else if (supp_rates[1] == 8) {
			esupp_rates = skb_put(skb, 3);
			esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
			esupp_rates[1] = 1;
			pos = &esupp_rates[2];
		} else {
			pos = skb_put(skb, 1);
			supp_rates[1]++;
		}
1204
		*pos = rate->bitrate / 5;
1205 1206
	}

1207
	ieee80211_sta_tx(sdata, skb, 0);
1208 1209 1210
}


1211
static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
1212 1213
{
	if (!sdata || !sdata->default_key ||
1214
	    sdata->default_key->conf.alg != ALG_WEP)
1215 1216 1217 1218 1219
		return 0;
	return 1;
}


1220
static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
1221 1222
				     struct ieee80211_if_sta *ifsta)
{
1223
	printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1224
	ifsta->flags |= IEEE80211_STA_AUTHENTICATED;