mlme.c 125 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
/*
 * BSS client mode implementation
 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
 * Copyright 2004, Instant802 Networks, Inc.
 * Copyright 2005, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

/* TODO:
 * order BSS list by RSSI(?) ("quality of AP")
 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
 *    SSID)
 */
19
#include <linux/delay.h>
20
21
22
23
24
25
26
#include <linux/if_ether.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/if_arp.h>
#include <linux/wireless.h>
#include <linux/random.h>
#include <linux/etherdevice.h>
27
#include <linux/rtnetlink.h>
28
29
30
31
32
#include <net/iw_handler.h>
#include <asm/types.h>

#include <net/mac80211.h>
#include "ieee80211_i.h"
Johannes Berg's avatar
Johannes Berg committed
33
34
#include "rate.h"
#include "led.h"
35
#include "mesh.h"
36

37
#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
38
39
40
41
42
#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
#define IEEE80211_AUTH_MAX_TRIES 3
#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
#define IEEE80211_ASSOC_MAX_TRIES 3
#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
43
#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
44
45
46
47
#define IEEE80211_PROBE_INTERVAL (60 * HZ)
#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
#define IEEE80211_SCAN_INTERVAL (2 * HZ)
#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
48
#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
49
50
51
52
53
54
55

#define IEEE80211_PROBE_DELAY (HZ / 33)
#define IEEE80211_CHANNEL_TIME (HZ / 33)
#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
56
#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
57
58
59
60
61
62

#define IEEE80211_IBSS_MAX_STA_ENTRIES 128


#define ERP_INFO_USE_PROTECTION BIT(1)

63
64
65
66
67
68
/* mgmt header + 1 byte action code */
#define IEEE80211_MIN_ACTION_SIZE (24 + 1)

#define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
#define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
#define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
69
70
#define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
#define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
71

72
73
74
75
76
/* next values represent the buffer size for A-MPDU frame.
 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
#define IEEE80211_MIN_AMPDU_BUF 0x8
#define IEEE80211_MAX_AMPDU_BUF 0x40

77
static void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
78
79
				     u8 *ssid, size_t ssid_len);
static struct ieee80211_sta_bss *
80
ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
81
		     u8 *ssid, u8 ssid_len);
82
static void ieee80211_rx_bss_put(struct ieee80211_local *local,
83
				 struct ieee80211_sta_bss *bss);
84
static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
85
				   struct ieee80211_if_sta *ifsta);
86
87
static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata);
static int ieee80211_sta_start_scan(struct ieee80211_sub_if_data *sdata,
88
				    u8 *ssid, size_t ssid_len);
89
static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
90
				     struct ieee80211_if_sta *ifsta);
91
static void sta_rx_agg_session_timer_expired(unsigned long data);
92
93


94
95
void ieee802_11_parse_elems(u8 *start, size_t len,
			    struct ieee802_11_elems *elems)
96
97
98
99
100
101
102
103
104
105
106
107
108
{
	size_t left = len;
	u8 *pos = start;

	memset(elems, 0, sizeof(*elems));

	while (left >= 2) {
		u8 id, elen;

		id = *pos++;
		elen = *pos++;
		left -= 2;

109
110
		if (elen > left)
			return;
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175

		switch (id) {
		case WLAN_EID_SSID:
			elems->ssid = pos;
			elems->ssid_len = elen;
			break;
		case WLAN_EID_SUPP_RATES:
			elems->supp_rates = pos;
			elems->supp_rates_len = elen;
			break;
		case WLAN_EID_FH_PARAMS:
			elems->fh_params = pos;
			elems->fh_params_len = elen;
			break;
		case WLAN_EID_DS_PARAMS:
			elems->ds_params = pos;
			elems->ds_params_len = elen;
			break;
		case WLAN_EID_CF_PARAMS:
			elems->cf_params = pos;
			elems->cf_params_len = elen;
			break;
		case WLAN_EID_TIM:
			elems->tim = pos;
			elems->tim_len = elen;
			break;
		case WLAN_EID_IBSS_PARAMS:
			elems->ibss_params = pos;
			elems->ibss_params_len = elen;
			break;
		case WLAN_EID_CHALLENGE:
			elems->challenge = pos;
			elems->challenge_len = elen;
			break;
		case WLAN_EID_WPA:
			if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
			    pos[2] == 0xf2) {
				/* Microsoft OUI (00:50:F2) */
				if (pos[3] == 1) {
					/* OUI Type 1 - WPA IE */
					elems->wpa = pos;
					elems->wpa_len = elen;
				} else if (elen >= 5 && pos[3] == 2) {
					if (pos[4] == 0) {
						elems->wmm_info = pos;
						elems->wmm_info_len = elen;
					} else if (pos[4] == 1) {
						elems->wmm_param = pos;
						elems->wmm_param_len = elen;
					}
				}
			}
			break;
		case WLAN_EID_RSN:
			elems->rsn = pos;
			elems->rsn_len = elen;
			break;
		case WLAN_EID_ERP_INFO:
			elems->erp_info = pos;
			elems->erp_info_len = elen;
			break;
		case WLAN_EID_EXT_SUPP_RATES:
			elems->ext_supp_rates = pos;
			elems->ext_supp_rates_len = elen;
			break;
176
177
178
179
180
181
182
183
		case WLAN_EID_HT_CAPABILITY:
			elems->ht_cap_elem = pos;
			elems->ht_cap_elem_len = elen;
			break;
		case WLAN_EID_HT_EXTRA_INFO:
			elems->ht_info_elem = pos;
			elems->ht_info_elem_len = elen;
			break;
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
		case WLAN_EID_MESH_ID:
			elems->mesh_id = pos;
			elems->mesh_id_len = elen;
			break;
		case WLAN_EID_MESH_CONFIG:
			elems->mesh_config = pos;
			elems->mesh_config_len = elen;
			break;
		case WLAN_EID_PEER_LINK:
			elems->peer_link = pos;
			elems->peer_link_len = elen;
			break;
		case WLAN_EID_PREQ:
			elems->preq = pos;
			elems->preq_len = elen;
			break;
		case WLAN_EID_PREP:
			elems->prep = pos;
			elems->prep_len = elen;
			break;
		case WLAN_EID_PERR:
			elems->perr = pos;
			elems->perr_len = elen;
			break;
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
		case WLAN_EID_CHANNEL_SWITCH:
			elems->ch_switch_elem = pos;
			elems->ch_switch_elem_len = elen;
			break;
		case WLAN_EID_QUIET:
			if (!elems->quiet_elem) {
				elems->quiet_elem = pos;
				elems->quiet_elem_len = elen;
			}
			elems->num_of_quiet_elem++;
			break;
		case WLAN_EID_COUNTRY:
			elems->country_elem = pos;
			elems->country_elem_len = elen;
			break;
		case WLAN_EID_PWR_CONSTRAINT:
			elems->pwr_constr_elem = pos;
			elems->pwr_constr_elem_len = elen;
			break;
227
228
229
230
231
232
233
234
235
236
237
238
		default:
			break;
		}

		left -= elen;
		pos += elen;
	}
}


static int ecw2cw(int ecw)
{
239
	return (1 << ecw) - 1;
240
241
}

242

243
static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
					 struct ieee80211_sta_bss *bss,
					 int ibss)
{
	struct ieee80211_local *local = sdata->local;
	int i, have_higher_than_11mbit = 0;


	/* cf. IEEE 802.11 9.2.12 */
	for (i = 0; i < bss->supp_rates_len; i++)
		if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
			have_higher_than_11mbit = 1;

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
	    have_higher_than_11mbit)
		sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
	else
		sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;


	if (local->ops->conf_tx) {
		struct ieee80211_tx_queue_params qparam;

		memset(&qparam, 0, sizeof(qparam));

		qparam.aifs = 2;

		if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
		    !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
			qparam.cw_min = 31;
		else
			qparam.cw_min = 15;

		qparam.cw_max = 1023;
		qparam.txop = 0;

Johannes Berg's avatar
Johannes Berg committed
279
280
		for (i = 0; i < local_to_hw(local)->queues; i++)
			local->ops->conf_tx(local_to_hw(local), i, &qparam);
281
282
283
	}
}

284
static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
285
286
287
288
289
290
291
292
				     struct ieee80211_if_sta *ifsta,
				     u8 *wmm_param, size_t wmm_param_len)
{
	struct ieee80211_tx_queue_params params;
	size_t left;
	int count;
	u8 *pos;

293
294
295
296
297
298
	if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
		return;

	if (!wmm_param)
		return;

299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
	if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
		return;
	count = wmm_param[6] & 0x0f;
	if (count == ifsta->wmm_last_param_set)
		return;
	ifsta->wmm_last_param_set = count;

	pos = wmm_param + 8;
	left = wmm_param_len - 8;

	memset(&params, 0, sizeof(params));

	if (!local->ops->conf_tx)
		return;

	local->wmm_acm = 0;
	for (; left >= 4; left -= 4, pos += 4) {
		int aci = (pos[0] >> 5) & 0x03;
		int acm = (pos[0] >> 4) & 0x01;
		int queue;

		switch (aci) {
		case 1:
Johannes Berg's avatar
Johannes Berg committed
322
			queue = 3;
Johannes Berg's avatar
Johannes Berg committed
323
			if (acm)
324
325
326
				local->wmm_acm |= BIT(0) | BIT(3);
			break;
		case 2:
Johannes Berg's avatar
Johannes Berg committed
327
			queue = 1;
Johannes Berg's avatar
Johannes Berg committed
328
			if (acm)
329
330
331
				local->wmm_acm |= BIT(4) | BIT(5);
			break;
		case 3:
Johannes Berg's avatar
Johannes Berg committed
332
			queue = 0;
Johannes Berg's avatar
Johannes Berg committed
333
			if (acm)
334
335
336
337
				local->wmm_acm |= BIT(6) | BIT(7);
			break;
		case 0:
		default:
Johannes Berg's avatar
Johannes Berg committed
338
			queue = 2;
Johannes Berg's avatar
Johannes Berg committed
339
			if (acm)
340
341
342
343
344
345
346
				local->wmm_acm |= BIT(1) | BIT(2);
			break;
		}

		params.aifs = pos[0] & 0x0f;
		params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
		params.cw_min = ecw2cw(pos[1] & 0x0f);
347
		params.txop = get_unaligned_le16(pos + 2);
348
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
349
		printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
350
		       "cWmin=%d cWmax=%d txop=%d\n",
351
		       local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
352
353
		       params.cw_max, params.txop);
#endif
354
355
356
357
		/* TODO: handle ACM (block TX, fallback to next lowest allowed
		 * AC for now) */
		if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
			printk(KERN_DEBUG "%s: failed to set TX queue "
358
			       "parameters for queue %d\n", local->mdev->name, queue);
359
360
361
362
		}
	}
}

363
364
365
static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
					   bool use_protection,
					   bool use_short_preamble)
366
{
367
	struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
368
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
369
	struct ieee80211_if_sta *ifsta = &sdata->u.sta;
370
	DECLARE_MAC_BUF(mac);
371
#endif
372
	u32 changed = 0;
373

374
	if (use_protection != bss_conf->use_cts_prot) {
375
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
376
377
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
378
			       "%s)\n",
379
			       sdata->dev->name,
380
			       use_protection ? "enabled" : "disabled",
381
			       print_mac(mac, ifsta->bssid));
382
		}
383
#endif
384
385
		bss_conf->use_cts_prot = use_protection;
		changed |= BSS_CHANGED_ERP_CTS_PROT;
386
	}
387

388
	if (use_short_preamble != bss_conf->use_short_preamble) {
389
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
390
391
		if (net_ratelimit()) {
			printk(KERN_DEBUG "%s: switched to %s barker preamble"
392
			       " (BSSID=%s)\n",
393
			       sdata->dev->name,
394
			       use_short_preamble ? "short" : "long",
395
			       print_mac(mac, ifsta->bssid));
396
		}
397
#endif
398
		bss_conf->use_short_preamble = use_short_preamble;
399
		changed |= BSS_CHANGED_ERP_PREAMBLE;
400
	}
401

402
	return changed;
403
404
}

405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
				   u8 erp_value)
{
	bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
	bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;

	return ieee80211_handle_protect_preamb(sdata,
			use_protection, use_short_preamble);
}

static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
					   struct ieee80211_sta_bss *bss)
{
	u32 changed = 0;

	if (bss->has_erp_value)
		changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
	else {
		u16 capab = bss->capability;
		changed |= ieee80211_handle_protect_preamb(sdata, false,
				(capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
	}

	return changed;
}

431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
				   struct ieee80211_ht_info *ht_info)
{

	if (ht_info == NULL)
		return -EINVAL;

	memset(ht_info, 0, sizeof(*ht_info));

	if (ht_cap_ie) {
		u8 ampdu_info = ht_cap_ie->ampdu_params_info;

		ht_info->ht_supported = 1;
		ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
		ht_info->ampdu_factor =
			ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
		ht_info->ampdu_density =
			(ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
		memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
	} else
		ht_info->ht_supported = 0;

	return 0;
}

int ieee80211_ht_addt_info_ie_to_ht_bss_info(
			struct ieee80211_ht_addt_info *ht_add_info_ie,
			struct ieee80211_ht_bss_info *bss_info)
{
	if (bss_info == NULL)
		return -EINVAL;

	memset(bss_info, 0, sizeof(*bss_info));

	if (ht_add_info_ie) {
		u16 op_mode;
		op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);

		bss_info->primary_channel = ht_add_info_ie->control_chan;
		bss_info->bss_cap = ht_add_info_ie->ht_param;
		bss_info->bss_op_mode = (u8)(op_mode & 0xff);
	}

	return 0;
}
476

477
static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
478
479
480
481
482
483
484
485
486
487
488
					 struct ieee80211_if_sta *ifsta)
{
	char *buf;
	size_t len;
	int i;
	union iwreq_data wrqu;

	if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
		return;

	buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
489
				ifsta->assocresp_ies_len), GFP_KERNEL);
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
	if (!buf)
		return;

	len = sprintf(buf, "ASSOCINFO(");
	if (ifsta->assocreq_ies) {
		len += sprintf(buf + len, "ReqIEs=");
		for (i = 0; i < ifsta->assocreq_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocreq_ies[i]);
		}
	}
	if (ifsta->assocresp_ies) {
		if (ifsta->assocreq_ies)
			len += sprintf(buf + len, " ");
		len += sprintf(buf + len, "RespIEs=");
		for (i = 0; i < ifsta->assocresp_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocresp_ies[i]);
		}
	}
	len += sprintf(buf + len, ")");

	if (len > IW_CUSTOM_MAX) {
		len = sprintf(buf, "ASSOCRESPIE=");
		for (i = 0; i < ifsta->assocresp_ies_len; i++) {
			len += sprintf(buf + len, "%02x",
				       ifsta->assocresp_ies[i]);
		}
	}

	memset(&wrqu, 0, sizeof(wrqu));
	wrqu.data.length = len;
522
	wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
523
524
525
526
527

	kfree(buf);
}


528
static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
529
				     struct ieee80211_if_sta *ifsta,
530
				     bool assoc)
531
{
532
	struct ieee80211_local *local = sdata->local;
Tomas Winkler's avatar
Tomas Winkler committed
533
	struct ieee80211_conf *conf = &local_to_hw(local)->conf;
534
	union iwreq_data wrqu;
535
	u32 changed = BSS_CHANGED_ASSOC;
536
537

	if (assoc) {
538
		struct ieee80211_sta_bss *bss;
539
540
541

		ifsta->flags |= IEEE80211_STA_ASSOCIATED;

542
		if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
543
			return;
544

545
		bss = ieee80211_rx_bss_get(local, ifsta->bssid,
Tomas Winkler's avatar
Tomas Winkler committed
546
					   conf->channel->center_freq,
547
					   ifsta->ssid, ifsta->ssid_len);
548
		if (bss) {
549
550
551
			/* set timing information */
			sdata->bss_conf.beacon_int = bss->beacon_int;
			sdata->bss_conf.timestamp = bss->timestamp;
552
			sdata->bss_conf.dtim_period = bss->dtim_period;
553

554
			changed |= ieee80211_handle_bss_capability(sdata, bss);
555

556
			ieee80211_rx_bss_put(local, bss);
557
558
		}

Tomas Winkler's avatar
Tomas Winkler committed
559
560
561
562
563
564
565
		if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
			changed |= BSS_CHANGED_HT;
			sdata->bss_conf.assoc_ht = 1;
			sdata->bss_conf.ht_conf = &conf->ht_conf;
			sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
		}

566
		ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
567
568
		memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
		memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
569
		ieee80211_sta_send_associnfo(sdata, ifsta);
570
	} else {
571
572
		netif_carrier_off(sdata->dev);
		ieee80211_sta_tear_down_BA_sessions(sdata, ifsta->bssid);
573
		ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
574
		changed |= ieee80211_reset_erp_info(sdata);
Tomas Winkler's avatar
Tomas Winkler committed
575
576
577
578
579

		sdata->bss_conf.assoc_ht = 0;
		sdata->bss_conf.ht_conf = NULL;
		sdata->bss_conf.ht_bss_conf = NULL;

580
581
582
		memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
	}
	ifsta->last_probe = jiffies;
583
	ieee80211_led_assoc(local, assoc);
584

585
	sdata->bss_conf.assoc = assoc;
586
	ieee80211_bss_info_change_notify(sdata, changed);
587
588

	if (assoc)
589
		netif_carrier_on(sdata->dev);
590

591
	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
592
	wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
593
594
}

595
static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
596
597
				   struct ieee80211_if_sta *ifsta, int deauth)
{
598
599
	if (deauth) {
		ifsta->direct_probe_tries = 0;
600
		ifsta->auth_tries = 0;
601
	}
602
	ifsta->assoc_scan_tries = 0;
603
	ifsta->assoc_tries = 0;
604
	ieee80211_set_associated(sdata, ifsta, 0);
605
606
}

607
void ieee80211_sta_tx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
608
		      int encrypt)
609
610
611
612
613
614
{
	skb->dev = sdata->local->mdev;
	skb_set_mac_header(skb, 0);
	skb_set_network_header(skb, 0);
	skb_set_transport_header(skb, 0);

615
616
	skb->iif = sdata->dev->ifindex;
	skb->do_not_encrypt = !encrypt;
617
618
619
620
621

	dev_queue_xmit(skb);
}


622
static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
623
624
625
626
				struct ieee80211_if_sta *ifsta,
				int transaction, u8 *extra, size_t extra_len,
				int encrypt)
{
627
	struct ieee80211_local *local = sdata->local;
628
629
630
631
632
633
634
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    sizeof(*mgmt) + 6 + extra_len);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
635
		       "frame\n", sdata->dev->name);
636
637
638
639
640
641
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
	memset(mgmt, 0, 24 + 6);
642
643
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_AUTH);
644
645
646
	if (encrypt)
		mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
647
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
648
649
650
651
652
653
654
655
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
	mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
	mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
	ifsta->auth_transaction = transaction + 1;
	mgmt->u.auth.status_code = cpu_to_le16(0);
	if (extra)
		memcpy(skb_put(skb, extra_len), extra, extra_len);

656
	ieee80211_sta_tx(sdata, skb, encrypt);
657
658
}

659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
				   struct ieee80211_if_sta *ifsta)
{
	DECLARE_MAC_BUF(mac);

	ifsta->direct_probe_tries++;
	if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
		printk(KERN_DEBUG "%s: direct probe to AP %s timed out\n",
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
		return;
	}

	printk(KERN_DEBUG "%s: direct probe to AP %s try %d\n",
			sdata->dev->name, print_mac(mac, ifsta->bssid),
			ifsta->direct_probe_tries);

	ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;

	set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);

	/* Direct probe is sent to broadcast address as some APs
	 * will not answer to direct packet in unassociated state.
	 */
	ieee80211_send_probe_req(sdata, NULL,
				 ifsta->ssid, ifsta->ssid_len);

	mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
}

689

690
static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
691
692
				   struct ieee80211_if_sta *ifsta)
{
693
694
	DECLARE_MAC_BUF(mac);

695
696
	ifsta->auth_tries++;
	if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
697
		printk(KERN_DEBUG "%s: authentication with AP %s"
698
		       " timed out\n",
699
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
700
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
701
702
703
		return;
	}

704
	ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
705
	printk(KERN_DEBUG "%s: authenticate with AP %s\n",
706
	       sdata->dev->name, print_mac(mac, ifsta->bssid));
707

708
	ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);
709
710
711
712

	mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
}

713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
				      struct ieee80211_supported_band *sband,
				      u64 *rates)
{
	int i, j, count;
	*rates = 0;
	count = 0;
	for (i = 0; i < bss->supp_rates_len; i++) {
		int rate = (bss->supp_rates[i] & 0x7F) * 5;

		for (j = 0; j < sband->n_bitrates; j++)
			if (sband->bitrates[j].bitrate == rate) {
				*rates |= BIT(j);
				count++;
				break;
			}
	}

	return count;
}
733

734
static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
735
736
				 struct ieee80211_if_sta *ifsta)
{
737
	struct ieee80211_local *local = sdata->local;
738
739
740
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
	u8 *pos, *ies;
741
	int i, len, count, rates_len, supp_rates_len;
742
743
744
	u16 capab;
	struct ieee80211_sta_bss *bss;
	int wmm = 0;
745
	struct ieee80211_supported_band *sband;
746
	u64 rates = 0;
747
748
749
750
751
752

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
			    ifsta->ssid_len);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
753
		       "frame\n", sdata->dev->name);
754
755
756
757
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

758
759
	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

760
	capab = ifsta->capab;
761
762
763
764
765
766

	if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
		if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
			capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
767
	}
768

769
	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
770
				   local->hw.conf.channel->center_freq,
771
				   ifsta->ssid, ifsta->ssid_len);
772
773
774
	if (bss) {
		if (bss->capability & WLAN_CAPABILITY_PRIVACY)
			capab |= WLAN_CAPABILITY_PRIVACY;
Johannes Berg's avatar
Johannes Berg committed
775
		if (bss->wmm_ie)
776
			wmm = 1;
777
778
779
780
781
782
783

		/* get all rates supported by the device and the AP as
		 * some APs don't like getting a superset of their rates
		 * in the association request (e.g. D-Link DAP 1353 in
		 * b-only mode) */
		rates_len = ieee80211_compatible_rates(bss, sband, &rates);

784
785
786
787
		if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
		    (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
			capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;

788
		ieee80211_rx_bss_put(local, bss);
789
790
791
	} else {
		rates = ~0;
		rates_len = sband->n_bitrates;
792
793
794
795
796
	}

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
797
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
798
799
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);

800
	if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
801
		skb_put(skb, 10);
802
803
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_REASSOC_REQ);
804
		mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
805
806
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
807
808
809
810
		memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
		       ETH_ALEN);
	} else {
		skb_put(skb, 4);
811
812
		mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
						  IEEE80211_STYPE_ASSOC_REQ);
813
		mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
814
815
		mgmt->u.reassoc_req.listen_interval =
				cpu_to_le16(local->hw.conf.listen_interval);
816
817
818
819
820
821
822
823
	}

	/* SSID */
	ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
	*pos++ = WLAN_EID_SSID;
	*pos++ = ifsta->ssid_len;
	memcpy(pos, ifsta->ssid, ifsta->ssid_len);

824
	/* add all rates which were marked to be used above */
825
826
827
828
	supp_rates_len = rates_len;
	if (supp_rates_len > 8)
		supp_rates_len = 8;

829
	len = sband->n_bitrates;
830
	pos = skb_put(skb, supp_rates_len + 2);
831
	*pos++ = WLAN_EID_SUPP_RATES;
832
	*pos++ = supp_rates_len;
833

834
835
836
	count = 0;
	for (i = 0; i < sband->n_bitrates; i++) {
		if (BIT(i) & rates) {
837
			int rate = sband->bitrates[i].bitrate;
838
			*pos++ = (u8) (rate / 5);
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
			if (++count == 8)
				break;
		}
	}

	if (count == 8) {
		pos = skb_put(skb, rates_len - count + 2);
		*pos++ = WLAN_EID_EXT_SUPP_RATES;
		*pos++ = rates_len - count;

		for (i++; i < sband->n_bitrates; i++) {
			if (BIT(i) & rates) {
				int rate = sband->bitrates[i].bitrate;
				*pos++ = (u8) (rate / 5);
			}
854
855
856
		}
	}

857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
	if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
		/* 1. power capabilities */
		pos = skb_put(skb, 4);
		*pos++ = WLAN_EID_PWR_CAPABILITY;
		*pos++ = 2;
		*pos++ = 0; /* min tx power */
		*pos++ = local->hw.conf.channel->max_power; /* max tx power */

		/* 2. supported channels */
		/* TODO: get this in reg domain format */
		pos = skb_put(skb, 2 * sband->n_channels + 2);
		*pos++ = WLAN_EID_SUPPORTED_CHANNELS;
		*pos++ = 2 * sband->n_channels;
		for (i = 0; i < sband->n_channels; i++) {
			*pos++ = ieee80211_frequency_to_channel(
					sband->channels[i].center_freq);
			*pos++ = 1; /* one channel in the subband*/
		}
	}

877
878
879
880
881
	if (ifsta->extra_ie) {
		pos = skb_put(skb, ifsta->extra_ie_len);
		memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
	}

882
	if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
883
884
885
886
887
888
889
890
891
892
893
		pos = skb_put(skb, 9);
		*pos++ = WLAN_EID_VENDOR_SPECIFIC;
		*pos++ = 7; /* len */
		*pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
		*pos++ = 0x50;
		*pos++ = 0xf2;
		*pos++ = 2; /* WME */
		*pos++ = 0; /* WME info */
		*pos++ = 1; /* WME ver */
		*pos++ = 0;
	}
894

895
	/* wmm support is a must to HT */
896
	if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
	    sband->ht_info.ht_supported && bss->ht_add_ie) {
		struct ieee80211_ht_addt_info *ht_add_info =
			(struct ieee80211_ht_addt_info *)bss->ht_add_ie;
		u16 cap = sband->ht_info.cap;
		__le16 tmp;
		u32 flags = local->hw.conf.channel->flags;

		switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
		case IEEE80211_HT_IE_CHA_SEC_ABOVE:
			if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		case IEEE80211_HT_IE_CHA_SEC_BELOW:
			if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
				cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
				cap &= ~IEEE80211_HT_CAP_SGI_40;
			}
			break;
		}

		tmp = cpu_to_le16(cap);
920
921
922
923
924
925
		pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
		*pos++ = WLAN_EID_HT_CAPABILITY;
		*pos++ = sizeof(struct ieee80211_ht_cap);
		memset(pos, 0, sizeof(struct ieee80211_ht_cap));
		memcpy(pos, &tmp, sizeof(u16));
		pos += sizeof(u16);
926
927
928
929
		/* TODO: needs a define here for << 2 */
		*pos++ = sband->ht_info.ampdu_factor |
			 (sband->ht_info.ampdu_density << 2);
		memcpy(pos, sband->ht_info.supp_mcs_set, 16);
930
	}
931
932
933

	kfree(ifsta->assocreq_ies);
	ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
934
	ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
935
936
937
	if (ifsta->assocreq_ies)
		memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);

938
	ieee80211_sta_tx(sdata, skb, 0);
939
940
941
}


942
static void ieee80211_send_deauth(struct ieee80211_sub_if_data *sdata,
943
944
				  struct ieee80211_if_sta *ifsta, u16 reason)
{
945
	struct ieee80211_local *local = sdata->local;
946
947
948
949
950
951
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
952
		       "frame\n", sdata->dev->name);
953
954
955
956
957
958
959
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
960
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
961
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
962
963
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_DEAUTH);
964
965
966
	skb_put(skb, 2);
	mgmt->u.deauth.reason_code = cpu_to_le16(reason);

967
	ieee80211_sta_tx(sdata, skb, 0);
968
969
970
}


971
static void ieee80211_send_disassoc(struct ieee80211_sub_if_data *sdata,
972
973
				    struct ieee80211_if_sta *ifsta, u16 reason)
{
974
	struct ieee80211_local *local = sdata->local;
975
976
977
978
979
980
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
981
		       "frame\n", sdata->dev->name);
982
983
984
985
986
987
988
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
989
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
990
	memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
991
992
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_DISASSOC);
993
994
995
	skb_put(skb, 2);
	mgmt->u.disassoc.reason_code = cpu_to_le16(reason);

996
	ieee80211_sta_tx(sdata, skb, 0);
997
998
999
}


1000
static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
1001
1002
				      struct ieee80211_if_sta *ifsta)
{
1003
	struct ieee80211_local *local = sdata->local;
1004
	struct ieee80211_sta_bss *bss;
1005
1006
1007
	int bss_privacy;
	int wep_privacy;
	int privacy_invoked;
1008

1009
	if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
1010
1011
		return 0;

1012
	bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1013
				   local->hw.conf.channel->center_freq,
1014
				   ifsta->ssid, ifsta->ssid_len);
1015
1016
1017
	if (!bss)
		return 0;

1018
	bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
1019
	wep_privacy = !!ieee80211_sta_wep_configured(sdata);
1020
	privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
1021

1022
	ieee80211_rx_bss_put(local, bss);
1023

1024
1025
1026
1027
	if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
		return 0;

	return 1;
1028
1029
1030
}


1031
static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
1032
1033
				struct ieee80211_if_sta *ifsta)
{
1034
1035
	DECLARE_MAC_BUF(mac);

1036
1037
	ifsta->assoc_tries++;
	if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
1038
		printk(KERN_DEBUG "%s: association with AP %s"
1039
		       " timed out\n",
1040
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
1041
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
1042
1043
1044
		return;
	}

1045
	ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
1046
	printk(KERN_DEBUG "%s: associate with AP %s\n",
1047
1048
	       sdata->dev->name, print_mac(mac, ifsta->bssid));
	if (ieee80211_privacy_mismatch(sdata, ifsta)) {
1049
		printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
1050
		       "mixed-cell disabled - abort association\n", sdata->dev->name);
1051
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
1052
1053
1054
		return;
	}

1055
	ieee80211_send_assoc(sdata, ifsta);
1056
1057
1058
1059
1060

	mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
}


1061
static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
1062
1063
				 struct ieee80211_if_sta *ifsta)
{
1064
	struct ieee80211_local *local = sdata->local;
1065
1066
	struct sta_info *sta;
	int disassoc;
1067
	DECLARE_MAC_BUF(mac);
1068
1069
1070
1071
1072
1073

	/* TODO: start monitoring current AP signal quality and number of
	 * missed beacons. Scan other channels every now and then and search
	 * for better APs. */
	/* TODO: remove expired BSSes */

1074
	ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
1075

1076
1077
	rcu_read_lock();

1078
1079
	sta = sta_info_get(local, ifsta->bssid);
	if (!sta) {
1080
		printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
1081
		       sdata->dev->name, print_mac(mac, ifsta->bssid));
1082
1083
1084
1085
1086
		disassoc = 1;
	} else {
		disassoc = 0;
		if (time_after(jiffies,
			       sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
1087
			if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
1088
				printk(KERN_DEBUG "%s: No ProbeResp from "
1089
				       "current AP %s - assume out of "
1090
				       "range\n",
1091
				       sdata->dev->name, print_mac(mac, ifsta->bssid));
1092
				disassoc = 1;
1093
				sta_info_unlink(&sta);
1094
			} else
1095
				ieee80211_send_probe_req(sdata, ifsta->bssid,
1096
1097
							 local->scan_ssid,
							 local->scan_ssid_len);
1098
			ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1099
		} else {
1100
			ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1101
1102
1103
			if (time_after(jiffies, ifsta->last_probe +
				       IEEE80211_PROBE_INTERVAL)) {
				ifsta->last_probe = jiffies;
1104
				ieee80211_send_probe_req(sdata, ifsta->bssid,
1105
1106
1107
1108
1109
							 ifsta->ssid,
							 ifsta->ssid_len);
			}
		}
	}
1110
1111
1112

	rcu_read_unlock();

1113
	if (disassoc && sta)
1114
1115
		sta_info_destroy(sta);

1116
	if (disassoc) {
1117
		ifsta->state = IEEE80211_STA_MLME_DISABLED;
1118
		ieee80211_set_associated(sdata, ifsta, 0);
1119
1120
1121
1122
1123
1124
1125
	} else {
		mod_timer(&ifsta->timer, jiffies +
				      IEEE80211_MONITORING_INTERVAL);
	}
}


1126
static void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1127
1128
				     u8 *ssid, size_t ssid_len)
{
1129
	struct ieee80211_local *local = sdata->local;
1130
	struct ieee80211_supported_band *sband;
1131
1132
1133
1134
1135
1136
1137
1138
	struct sk_buff *skb;
	struct ieee80211_mgmt *mgmt;
	u8 *pos, *supp_rates, *esupp_rates = NULL;
	int i;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
	if (!skb) {
		printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
1139
		       "request\n", sdata->dev->name);
1140
1141
1142
1143
1144
1145
		return;
	}
	skb_reserve(skb, local->hw.extra_tx_headroom);

	mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
	memset(mgmt, 0, 24);
1146
1147
	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_PROBE_REQ);
1148
	memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
	if (dst) {
		memcpy(mgmt->da, dst, ETH_ALEN);
		memcpy(mgmt->bssid, dst, ETH_ALEN);
	} else {
		memset(mgmt->da, 0xff, ETH_ALEN);
		memset(mgmt->bssid, 0xff, ETH_ALEN);
	}
	pos = skb_put(skb, 2 + ssid_len);
	*pos++ = WLAN_EID_SSID;
	*pos++ = ssid_len;
	memcpy(pos, ssid, ssid_len);

	supp_rates = skb_put(skb, 2);
	supp_rates[0] = WLAN_EID_SUPP_RATES;
	supp_rates[1] = 0;
1164
1165
1166
1167
	sband = local->hw.wiphy->bands[local->hw.conf.channel->band];

	for (i = 0; i < sband->n_bitrates; i++) {
		struct ieee80211_rate *rate = &sband->bitrates[i];
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
		if (esupp_rates) {
			pos = skb_put(skb, 1);
			esupp_rates[1]++;
		} else if (supp_rates[1] == 8) {
			esupp_rates = skb_put(skb, 3);
			esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
			esupp_rates[1] = 1;
			pos = &esupp_rates[2];
		} else {
			pos = skb_put(skb, 1);
			supp_rates[1]++;
		}
1180
		*pos = rate->bitrate / 5;
1181
1182
	}

1183
	ieee80211_sta_tx(sdata, skb, 0);
1184
1185
1186
}


1187
static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
1188
1189
{
	if (!sdata || !sdata->default_key ||
1190
	    sdata->default_key->conf.alg != ALG_WEP)
1191
1192
1193
1194
1195
		return 0;
	return 1;
}