mac80211: fix scan vs. interface removal race
[linux-2.6.git] / net / mac80211 / mlme.c
1 /*
2  * BSS client mode implementation
3  * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4  * Copyright 2004, Instant802 Networks, Inc.
5  * Copyright 2005, Devicescape Software, Inc.
6  * Copyright 2006-2007  Jiri Benc <jbenc@suse.cz>
7  * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License version 2 as
11  * published by the Free Software Foundation.
12  */
13
14 #include <linux/delay.h>
15 #include <linux/if_ether.h>
16 #include <linux/skbuff.h>
17 #include <linux/netdevice.h>
18 #include <linux/if_arp.h>
19 #include <linux/wireless.h>
20 #include <linux/random.h>
21 #include <linux/etherdevice.h>
22 #include <linux/rtnetlink.h>
23 #include <net/iw_handler.h>
24 #include <net/mac80211.h>
25 #include <asm/unaligned.h>
26
27 #include "ieee80211_i.h"
28 #include "rate.h"
29 #include "led.h"
30
31 #define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
32 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
33 #define IEEE80211_AUTH_MAX_TRIES 3
34 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
35 #define IEEE80211_ASSOC_MAX_TRIES 3
36 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
37 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
38 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
39 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
40 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
41 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
42
43 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
44 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
45
46 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
47
48
49 /* utils */
50 static int ecw2cw(int ecw)
51 {
52         return (1 << ecw) - 1;
53 }
54
55 static u8 *ieee80211_bss_get_ie(struct ieee80211_sta_bss *bss, u8 ie)
56 {
57         u8 *end, *pos;
58
59         pos = bss->ies;
60         if (pos == NULL)
61                 return NULL;
62         end = pos + bss->ies_len;
63
64         while (pos + 1 < end) {
65                 if (pos + 2 + pos[1] > end)
66                         break;
67                 if (pos[0] == ie)
68                         return pos;
69                 pos += 2 + pos[1];
70         }
71
72         return NULL;
73 }
74
75 static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
76                                       struct ieee80211_supported_band *sband,
77                                       u64 *rates)
78 {
79         int i, j, count;
80         *rates = 0;
81         count = 0;
82         for (i = 0; i < bss->supp_rates_len; i++) {
83                 int rate = (bss->supp_rates[i] & 0x7F) * 5;
84
85                 for (j = 0; j < sband->n_bitrates; j++)
86                         if (sband->bitrates[j].bitrate == rate) {
87                                 *rates |= BIT(j);
88                                 count++;
89                                 break;
90                         }
91         }
92
93         return count;
94 }
95
96 /* frame sending functions */
97 static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
98                                 struct ieee80211_if_sta *ifsta,
99                                 int transaction, u8 *extra, size_t extra_len,
100                                 int encrypt)
101 {
102         struct ieee80211_local *local = sdata->local;
103         struct sk_buff *skb;
104         struct ieee80211_mgmt *mgmt;
105
106         skb = dev_alloc_skb(local->hw.extra_tx_headroom +
107                             sizeof(*mgmt) + 6 + extra_len);
108         if (!skb) {
109                 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
110                        "frame\n", sdata->dev->name);
111                 return;
112         }
113         skb_reserve(skb, local->hw.extra_tx_headroom);
114
115         mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
116         memset(mgmt, 0, 24 + 6);
117         mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
118                                           IEEE80211_STYPE_AUTH);
119         if (encrypt)
120                 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
121         memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
122         memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
123         memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
124         mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
125         mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
126         ifsta->auth_transaction = transaction + 1;
127         mgmt->u.auth.status_code = cpu_to_le16(0);
128         if (extra)
129                 memcpy(skb_put(skb, extra_len), extra, extra_len);
130
131         ieee80211_tx_skb(sdata, skb, encrypt);
132 }
133
134 void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
135                               u8 *ssid, size_t ssid_len)
136 {
137         struct ieee80211_local *local = sdata->local;
138         struct ieee80211_supported_band *sband;
139         struct sk_buff *skb;
140         struct ieee80211_mgmt *mgmt;
141         u8 *pos, *supp_rates, *esupp_rates = NULL;
142         int i;
143
144         skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
145         if (!skb) {
146                 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
147                        "request\n", sdata->dev->name);
148                 return;
149         }
150         skb_reserve(skb, local->hw.extra_tx_headroom);
151
152         mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
153         memset(mgmt, 0, 24);
154         mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
155                                           IEEE80211_STYPE_PROBE_REQ);
156         memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
157         if (dst) {
158                 memcpy(mgmt->da, dst, ETH_ALEN);
159                 memcpy(mgmt->bssid, dst, ETH_ALEN);
160         } else {
161                 memset(mgmt->da, 0xff, ETH_ALEN);
162                 memset(mgmt->bssid, 0xff, ETH_ALEN);
163         }
164         pos = skb_put(skb, 2 + ssid_len);
165         *pos++ = WLAN_EID_SSID;
166         *pos++ = ssid_len;
167         memcpy(pos, ssid, ssid_len);
168
169         supp_rates = skb_put(skb, 2);
170         supp_rates[0] = WLAN_EID_SUPP_RATES;
171         supp_rates[1] = 0;
172         sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
173
174         for (i = 0; i < sband->n_bitrates; i++) {
175                 struct ieee80211_rate *rate = &sband->bitrates[i];
176                 if (esupp_rates) {
177                         pos = skb_put(skb, 1);
178                         esupp_rates[1]++;
179                 } else if (supp_rates[1] == 8) {
180                         esupp_rates = skb_put(skb, 3);
181                         esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
182                         esupp_rates[1] = 1;
183                         pos = &esupp_rates[2];
184                 } else {
185                         pos = skb_put(skb, 1);
186                         supp_rates[1]++;
187                 }
188                 *pos = rate->bitrate / 5;
189         }
190
191         ieee80211_tx_skb(sdata, skb, 0);
192 }
193
194 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
195                                  struct ieee80211_if_sta *ifsta)
196 {
197         struct ieee80211_local *local = sdata->local;
198         struct sk_buff *skb;
199         struct ieee80211_mgmt *mgmt;
200         u8 *pos, *ies, *ht_add_ie;
201         int i, len, count, rates_len, supp_rates_len;
202         u16 capab;
203         struct ieee80211_sta_bss *bss;
204         int wmm = 0;
205         struct ieee80211_supported_band *sband;
206         u64 rates = 0;
207
208         skb = dev_alloc_skb(local->hw.extra_tx_headroom +
209                             sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
210                             ifsta->ssid_len);
211         if (!skb) {
212                 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
213                        "frame\n", sdata->dev->name);
214                 return;
215         }
216         skb_reserve(skb, local->hw.extra_tx_headroom);
217
218         sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
219
220         capab = ifsta->capab;
221
222         if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
223                 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
224                         capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
225                 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
226                         capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
227         }
228
229         bss = ieee80211_rx_bss_get(local, ifsta->bssid,
230                                    local->hw.conf.channel->center_freq,
231                                    ifsta->ssid, ifsta->ssid_len);
232         if (bss) {
233                 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
234                         capab |= WLAN_CAPABILITY_PRIVACY;
235                 if (bss->wmm_used)
236                         wmm = 1;
237
238                 /* get all rates supported by the device and the AP as
239                  * some APs don't like getting a superset of their rates
240                  * in the association request (e.g. D-Link DAP 1353 in
241                  * b-only mode) */
242                 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
243
244                 if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
245                     (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
246                         capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
247
248                 ieee80211_rx_bss_put(local, bss);
249         } else {
250                 rates = ~0;
251                 rates_len = sband->n_bitrates;
252         }
253
254         mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
255         memset(mgmt, 0, 24);
256         memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
257         memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
258         memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
259
260         if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
261                 skb_put(skb, 10);
262                 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
263                                                   IEEE80211_STYPE_REASSOC_REQ);
264                 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
265                 mgmt->u.reassoc_req.listen_interval =
266                                 cpu_to_le16(local->hw.conf.listen_interval);
267                 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
268                        ETH_ALEN);
269         } else {
270                 skb_put(skb, 4);
271                 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
272                                                   IEEE80211_STYPE_ASSOC_REQ);
273                 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
274                 mgmt->u.reassoc_req.listen_interval =
275                                 cpu_to_le16(local->hw.conf.listen_interval);
276         }
277
278         /* SSID */
279         ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
280         *pos++ = WLAN_EID_SSID;
281         *pos++ = ifsta->ssid_len;
282         memcpy(pos, ifsta->ssid, ifsta->ssid_len);
283
284         /* add all rates which were marked to be used above */
285         supp_rates_len = rates_len;
286         if (supp_rates_len > 8)
287                 supp_rates_len = 8;
288
289         len = sband->n_bitrates;
290         pos = skb_put(skb, supp_rates_len + 2);
291         *pos++ = WLAN_EID_SUPP_RATES;
292         *pos++ = supp_rates_len;
293
294         count = 0;
295         for (i = 0; i < sband->n_bitrates; i++) {
296                 if (BIT(i) & rates) {
297                         int rate = sband->bitrates[i].bitrate;
298                         *pos++ = (u8) (rate / 5);
299                         if (++count == 8)
300                                 break;
301                 }
302         }
303
304         if (rates_len > count) {
305                 pos = skb_put(skb, rates_len - count + 2);
306                 *pos++ = WLAN_EID_EXT_SUPP_RATES;
307                 *pos++ = rates_len - count;
308
309                 for (i++; i < sband->n_bitrates; i++) {
310                         if (BIT(i) & rates) {
311                                 int rate = sband->bitrates[i].bitrate;
312                                 *pos++ = (u8) (rate / 5);
313                         }
314                 }
315         }
316
317         if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
318                 /* 1. power capabilities */
319                 pos = skb_put(skb, 4);
320                 *pos++ = WLAN_EID_PWR_CAPABILITY;
321                 *pos++ = 2;
322                 *pos++ = 0; /* min tx power */
323                 *pos++ = local->hw.conf.channel->max_power; /* max tx power */
324
325                 /* 2. supported channels */
326                 /* TODO: get this in reg domain format */
327                 pos = skb_put(skb, 2 * sband->n_channels + 2);
328                 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
329                 *pos++ = 2 * sband->n_channels;
330                 for (i = 0; i < sband->n_channels; i++) {
331                         *pos++ = ieee80211_frequency_to_channel(
332                                         sband->channels[i].center_freq);
333                         *pos++ = 1; /* one channel in the subband*/
334                 }
335         }
336
337         if (ifsta->extra_ie) {
338                 pos = skb_put(skb, ifsta->extra_ie_len);
339                 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
340         }
341
342         if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
343                 pos = skb_put(skb, 9);
344                 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
345                 *pos++ = 7; /* len */
346                 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
347                 *pos++ = 0x50;
348                 *pos++ = 0xf2;
349                 *pos++ = 2; /* WME */
350                 *pos++ = 0; /* WME info */
351                 *pos++ = 1; /* WME ver */
352                 *pos++ = 0;
353         }
354
355         /* wmm support is a must to HT */
356         if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
357             sband->ht_info.ht_supported &&
358             (ht_add_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_EXTRA_INFO))) {
359                 struct ieee80211_ht_addt_info *ht_add_info =
360                         (struct ieee80211_ht_addt_info *)ht_add_ie;
361                 u16 cap = sband->ht_info.cap;
362                 __le16 tmp;
363                 u32 flags = local->hw.conf.channel->flags;
364
365                 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
366                 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
367                         if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
368                                 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
369                                 cap &= ~IEEE80211_HT_CAP_SGI_40;
370                         }
371                         break;
372                 case IEEE80211_HT_IE_CHA_SEC_BELOW:
373                         if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
374                                 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
375                                 cap &= ~IEEE80211_HT_CAP_SGI_40;
376                         }
377                         break;
378                 }
379
380                 tmp = cpu_to_le16(cap);
381                 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
382                 *pos++ = WLAN_EID_HT_CAPABILITY;
383                 *pos++ = sizeof(struct ieee80211_ht_cap);
384                 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
385                 memcpy(pos, &tmp, sizeof(u16));
386                 pos += sizeof(u16);
387                 /* TODO: needs a define here for << 2 */
388                 *pos++ = sband->ht_info.ampdu_factor |
389                          (sband->ht_info.ampdu_density << 2);
390                 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
391         }
392
393         kfree(ifsta->assocreq_ies);
394         ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
395         ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
396         if (ifsta->assocreq_ies)
397                 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
398
399         ieee80211_tx_skb(sdata, skb, 0);
400 }
401
402
403 static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
404                                            u16 stype, u16 reason)
405 {
406         struct ieee80211_local *local = sdata->local;
407         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
408         struct sk_buff *skb;
409         struct ieee80211_mgmt *mgmt;
410
411         skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
412         if (!skb) {
413                 printk(KERN_DEBUG "%s: failed to allocate buffer for "
414                        "deauth/disassoc frame\n", sdata->dev->name);
415                 return;
416         }
417         skb_reserve(skb, local->hw.extra_tx_headroom);
418
419         mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
420         memset(mgmt, 0, 24);
421         memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
422         memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
423         memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
424         mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
425         skb_put(skb, 2);
426         /* u.deauth.reason_code == u.disassoc.reason_code */
427         mgmt->u.deauth.reason_code = cpu_to_le16(reason);
428
429         ieee80211_tx_skb(sdata, skb, 0);
430 }
431
432 /* MLME */
433 static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
434                                          struct ieee80211_sta_bss *bss)
435 {
436         struct ieee80211_local *local = sdata->local;
437         int i, have_higher_than_11mbit = 0;
438
439         /* cf. IEEE 802.11 9.2.12 */
440         for (i = 0; i < bss->supp_rates_len; i++)
441                 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
442                         have_higher_than_11mbit = 1;
443
444         if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
445             have_higher_than_11mbit)
446                 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
447         else
448                 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
449
450         ieee80211_set_wmm_default(sdata);
451 }
452
453 static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
454                                      struct ieee80211_if_sta *ifsta,
455                                      u8 *wmm_param, size_t wmm_param_len)
456 {
457         struct ieee80211_tx_queue_params params;
458         size_t left;
459         int count;
460         u8 *pos;
461
462         if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
463                 return;
464
465         if (!wmm_param)
466                 return;
467
468         if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
469                 return;
470         count = wmm_param[6] & 0x0f;
471         if (count == ifsta->wmm_last_param_set)
472                 return;
473         ifsta->wmm_last_param_set = count;
474
475         pos = wmm_param + 8;
476         left = wmm_param_len - 8;
477
478         memset(&params, 0, sizeof(params));
479
480         if (!local->ops->conf_tx)
481                 return;
482
483         local->wmm_acm = 0;
484         for (; left >= 4; left -= 4, pos += 4) {
485                 int aci = (pos[0] >> 5) & 0x03;
486                 int acm = (pos[0] >> 4) & 0x01;
487                 int queue;
488
489                 switch (aci) {
490                 case 1:
491                         queue = 3;
492                         if (acm)
493                                 local->wmm_acm |= BIT(0) | BIT(3);
494                         break;
495                 case 2:
496                         queue = 1;
497                         if (acm)
498                                 local->wmm_acm |= BIT(4) | BIT(5);
499                         break;
500                 case 3:
501                         queue = 0;
502                         if (acm)
503                                 local->wmm_acm |= BIT(6) | BIT(7);
504                         break;
505                 case 0:
506                 default:
507                         queue = 2;
508                         if (acm)
509                                 local->wmm_acm |= BIT(1) | BIT(2);
510                         break;
511                 }
512
513                 params.aifs = pos[0] & 0x0f;
514                 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
515                 params.cw_min = ecw2cw(pos[1] & 0x0f);
516                 params.txop = get_unaligned_le16(pos + 2);
517 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
518                 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
519                        "cWmin=%d cWmax=%d txop=%d\n",
520                        local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
521                        params.cw_max, params.txop);
522 #endif
523                 /* TODO: handle ACM (block TX, fallback to next lowest allowed
524                  * AC for now) */
525                 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
526                         printk(KERN_DEBUG "%s: failed to set TX queue "
527                                "parameters for queue %d\n", local->mdev->name, queue);
528                 }
529         }
530 }
531
532 static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
533                                            bool use_protection,
534                                            bool use_short_preamble)
535 {
536         struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
537 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
538         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
539         DECLARE_MAC_BUF(mac);
540 #endif
541         u32 changed = 0;
542
543         if (use_protection != bss_conf->use_cts_prot) {
544 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
545                 if (net_ratelimit()) {
546                         printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
547                                "%s)\n",
548                                sdata->dev->name,
549                                use_protection ? "enabled" : "disabled",
550                                print_mac(mac, ifsta->bssid));
551                 }
552 #endif
553                 bss_conf->use_cts_prot = use_protection;
554                 changed |= BSS_CHANGED_ERP_CTS_PROT;
555         }
556
557         if (use_short_preamble != bss_conf->use_short_preamble) {
558 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
559                 if (net_ratelimit()) {
560                         printk(KERN_DEBUG "%s: switched to %s barker preamble"
561                                " (BSSID=%s)\n",
562                                sdata->dev->name,
563                                use_short_preamble ? "short" : "long",
564                                print_mac(mac, ifsta->bssid));
565                 }
566 #endif
567                 bss_conf->use_short_preamble = use_short_preamble;
568                 changed |= BSS_CHANGED_ERP_PREAMBLE;
569         }
570
571         return changed;
572 }
573
574 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
575                                    u8 erp_value)
576 {
577         bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
578         bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
579
580         return ieee80211_handle_protect_preamb(sdata,
581                         use_protection, use_short_preamble);
582 }
583
584 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
585                                            struct ieee80211_sta_bss *bss)
586 {
587         u32 changed = 0;
588
589         if (bss->has_erp_value)
590                 changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
591         else {
592                 u16 capab = bss->capability;
593                 changed |= ieee80211_handle_protect_preamb(sdata, false,
594                                 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
595         }
596
597         return changed;
598 }
599
600 static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata,
601                                         struct ieee80211_if_sta *ifsta)
602 {
603         union iwreq_data wrqu;
604         memset(&wrqu, 0, sizeof(wrqu));
605         if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
606                 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
607         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
608         wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
609 }
610
611 static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
612                                          struct ieee80211_if_sta *ifsta)
613 {
614         union iwreq_data wrqu;
615
616         if (ifsta->assocreq_ies) {
617                 memset(&wrqu, 0, sizeof(wrqu));
618                 wrqu.data.length = ifsta->assocreq_ies_len;
619                 wireless_send_event(sdata->dev, IWEVASSOCREQIE, &wrqu,
620                                     ifsta->assocreq_ies);
621         }
622         if (ifsta->assocresp_ies) {
623                 memset(&wrqu, 0, sizeof(wrqu));
624                 wrqu.data.length = ifsta->assocresp_ies_len;
625                 wireless_send_event(sdata->dev, IWEVASSOCRESPIE, &wrqu,
626                                     ifsta->assocresp_ies);
627         }
628 }
629
630
631 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
632                                      struct ieee80211_if_sta *ifsta)
633 {
634         struct ieee80211_local *local = sdata->local;
635         struct ieee80211_conf *conf = &local_to_hw(local)->conf;
636         u32 changed = BSS_CHANGED_ASSOC;
637
638         struct ieee80211_sta_bss *bss;
639
640         ifsta->flags |= IEEE80211_STA_ASSOCIATED;
641
642         if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
643                 return;
644
645         bss = ieee80211_rx_bss_get(local, ifsta->bssid,
646                                    conf->channel->center_freq,
647                                    ifsta->ssid, ifsta->ssid_len);
648         if (bss) {
649                 /* set timing information */
650                 sdata->bss_conf.beacon_int = bss->beacon_int;
651                 sdata->bss_conf.timestamp = bss->timestamp;
652                 sdata->bss_conf.dtim_period = bss->dtim_period;
653
654                 changed |= ieee80211_handle_bss_capability(sdata, bss);
655
656                 ieee80211_rx_bss_put(local, bss);
657         }
658
659         if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
660                 changed |= BSS_CHANGED_HT;
661                 sdata->bss_conf.assoc_ht = 1;
662                 sdata->bss_conf.ht_conf = &conf->ht_conf;
663                 sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
664         }
665
666         ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
667         memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
668         ieee80211_sta_send_associnfo(sdata, ifsta);
669
670         ifsta->last_probe = jiffies;
671         ieee80211_led_assoc(local, 1);
672
673         sdata->bss_conf.assoc = 1;
674         ieee80211_bss_info_change_notify(sdata, changed);
675
676         netif_tx_start_all_queues(sdata->dev);
677         netif_carrier_on(sdata->dev);
678
679         ieee80211_sta_send_apinfo(sdata, ifsta);
680 }
681
682 static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
683                                    struct ieee80211_if_sta *ifsta)
684 {
685         DECLARE_MAC_BUF(mac);
686
687         ifsta->direct_probe_tries++;
688         if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
689                 printk(KERN_DEBUG "%s: direct probe to AP %s timed out\n",
690                        sdata->dev->name, print_mac(mac, ifsta->bssid));
691                 ifsta->state = IEEE80211_STA_MLME_DISABLED;
692                 return;
693         }
694
695         printk(KERN_DEBUG "%s: direct probe to AP %s try %d\n",
696                         sdata->dev->name, print_mac(mac, ifsta->bssid),
697                         ifsta->direct_probe_tries);
698
699         ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
700
701         set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);
702
703         /* Direct probe is sent to broadcast address as some APs
704          * will not answer to direct packet in unassociated state.
705          */
706         ieee80211_send_probe_req(sdata, NULL,
707                                  ifsta->ssid, ifsta->ssid_len);
708
709         mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
710 }
711
712
713 static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
714                                    struct ieee80211_if_sta *ifsta)
715 {
716         DECLARE_MAC_BUF(mac);
717
718         ifsta->auth_tries++;
719         if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
720                 printk(KERN_DEBUG "%s: authentication with AP %s"
721                        " timed out\n",
722                        sdata->dev->name, print_mac(mac, ifsta->bssid));
723                 ifsta->state = IEEE80211_STA_MLME_DISABLED;
724                 return;
725         }
726
727         ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
728         printk(KERN_DEBUG "%s: authenticate with AP %s\n",
729                sdata->dev->name, print_mac(mac, ifsta->bssid));
730
731         ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);
732
733         mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
734 }
735
736 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
737                                    struct ieee80211_if_sta *ifsta, bool deauth,
738                                    bool self_disconnected, u16 reason)
739 {
740         struct ieee80211_local *local = sdata->local;
741         struct sta_info *sta;
742         u32 changed = BSS_CHANGED_ASSOC;
743
744         rcu_read_lock();
745
746         sta = sta_info_get(local, ifsta->bssid);
747         if (!sta) {
748                 rcu_read_unlock();
749                 return;
750         }
751
752         if (deauth) {
753                 ifsta->direct_probe_tries = 0;
754                 ifsta->auth_tries = 0;
755         }
756         ifsta->assoc_scan_tries = 0;
757         ifsta->assoc_tries = 0;
758
759         netif_tx_stop_all_queues(sdata->dev);
760         netif_carrier_off(sdata->dev);
761
762         ieee80211_sta_tear_down_BA_sessions(sdata, sta->addr);
763
764         if (self_disconnected) {
765                 if (deauth)
766                         ieee80211_send_deauth_disassoc(sdata,
767                                 IEEE80211_STYPE_DEAUTH, reason);
768                 else
769                         ieee80211_send_deauth_disassoc(sdata,
770                                 IEEE80211_STYPE_DISASSOC, reason);
771         }
772
773         ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
774         changed |= ieee80211_reset_erp_info(sdata);
775
776         if (sdata->bss_conf.assoc_ht)
777                 changed |= BSS_CHANGED_HT;
778
779         sdata->bss_conf.assoc_ht = 0;
780         sdata->bss_conf.ht_conf = NULL;
781         sdata->bss_conf.ht_bss_conf = NULL;
782
783         ieee80211_led_assoc(local, 0);
784         sdata->bss_conf.assoc = 0;
785
786         ieee80211_sta_send_apinfo(sdata, ifsta);
787
788         if (self_disconnected)
789                 ifsta->state = IEEE80211_STA_MLME_DISABLED;
790
791         sta_info_unlink(&sta);
792
793         rcu_read_unlock();
794
795         sta_info_destroy(sta);
796 }
797
798 static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
799 {
800         if (!sdata || !sdata->default_key ||
801             sdata->default_key->conf.alg != ALG_WEP)
802                 return 0;
803         return 1;
804 }
805
806 static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
807                                       struct ieee80211_if_sta *ifsta)
808 {
809         struct ieee80211_local *local = sdata->local;
810         struct ieee80211_sta_bss *bss;
811         int bss_privacy;
812         int wep_privacy;
813         int privacy_invoked;
814
815         if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
816                 return 0;
817
818         bss = ieee80211_rx_bss_get(local, ifsta->bssid,
819                                    local->hw.conf.channel->center_freq,
820                                    ifsta->ssid, ifsta->ssid_len);
821         if (!bss)
822                 return 0;
823
824         bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
825         wep_privacy = !!ieee80211_sta_wep_configured(sdata);
826         privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
827
828         ieee80211_rx_bss_put(local, bss);
829
830         if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
831                 return 0;
832
833         return 1;
834 }
835
836 static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
837                                 struct ieee80211_if_sta *ifsta)
838 {
839         DECLARE_MAC_BUF(mac);
840
841         ifsta->assoc_tries++;
842         if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
843                 printk(KERN_DEBUG "%s: association with AP %s"
844                        " timed out\n",
845                        sdata->dev->name, print_mac(mac, ifsta->bssid));
846                 ifsta->state = IEEE80211_STA_MLME_DISABLED;
847                 return;
848         }
849
850         ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
851         printk(KERN_DEBUG "%s: associate with AP %s\n",
852                sdata->dev->name, print_mac(mac, ifsta->bssid));
853         if (ieee80211_privacy_mismatch(sdata, ifsta)) {
854                 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
855                        "mixed-cell disabled - abort association\n", sdata->dev->name);
856                 ifsta->state = IEEE80211_STA_MLME_DISABLED;
857                 return;
858         }
859
860         ieee80211_send_assoc(sdata, ifsta);
861
862         mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
863 }
864
865
866 static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
867                                  struct ieee80211_if_sta *ifsta)
868 {
869         struct ieee80211_local *local = sdata->local;
870         struct sta_info *sta;
871         int disassoc;
872         DECLARE_MAC_BUF(mac);
873
874         /* TODO: start monitoring current AP signal quality and number of
875          * missed beacons. Scan other channels every now and then and search
876          * for better APs. */
877         /* TODO: remove expired BSSes */
878
879         ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
880
881         rcu_read_lock();
882
883         sta = sta_info_get(local, ifsta->bssid);
884         if (!sta) {
885                 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
886                        sdata->dev->name, print_mac(mac, ifsta->bssid));
887                 disassoc = 1;
888         } else {
889                 disassoc = 0;
890                 if (time_after(jiffies,
891                                sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
892                         if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
893                                 printk(KERN_DEBUG "%s: No ProbeResp from "
894                                        "current AP %s - assume out of "
895                                        "range\n",
896                                        sdata->dev->name, print_mac(mac, ifsta->bssid));
897                                 disassoc = 1;
898                         } else
899                                 ieee80211_send_probe_req(sdata, ifsta->bssid,
900                                                          local->scan_ssid,
901                                                          local->scan_ssid_len);
902                         ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
903                 } else {
904                         ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
905                         if (time_after(jiffies, ifsta->last_probe +
906                                        IEEE80211_PROBE_INTERVAL)) {
907                                 ifsta->last_probe = jiffies;
908                                 ieee80211_send_probe_req(sdata, ifsta->bssid,
909                                                          ifsta->ssid,
910                                                          ifsta->ssid_len);
911                         }
912                 }
913         }
914
915         rcu_read_unlock();
916
917         if (disassoc)
918                 ieee80211_set_disassoc(sdata, ifsta, true, true,
919                                         WLAN_REASON_PREV_AUTH_NOT_VALID);
920         else
921                 mod_timer(&ifsta->timer, jiffies +
922                                       IEEE80211_MONITORING_INTERVAL);
923 }
924
925
926 static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
927                                      struct ieee80211_if_sta *ifsta)
928 {
929         printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
930         ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
931         ieee80211_associate(sdata, ifsta);
932 }
933
934
935 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
936                                      struct ieee80211_if_sta *ifsta,
937                                      struct ieee80211_mgmt *mgmt,
938                                      size_t len)
939 {
940         u8 *pos;
941         struct ieee802_11_elems elems;
942
943         pos = mgmt->u.auth.variable;
944         ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
945         if (!elems.challenge)
946                 return;
947         ieee80211_send_auth(sdata, ifsta, 3, elems.challenge - 2,
948                             elems.challenge_len + 2, 1);
949 }
950
951 static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
952                                    struct ieee80211_if_sta *ifsta,
953                                    struct ieee80211_mgmt *mgmt,
954                                    size_t len)
955 {
956         u16 auth_alg, auth_transaction, status_code;
957         DECLARE_MAC_BUF(mac);
958
959         if (ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
960             sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
961                 return;
962
963         if (len < 24 + 6)
964                 return;
965
966         if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
967             memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
968                 return;
969
970         if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
971             memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
972                 return;
973
974         auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
975         auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
976         status_code = le16_to_cpu(mgmt->u.auth.status_code);
977
978         if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
979                 /*
980                  * IEEE 802.11 standard does not require authentication in IBSS
981                  * networks and most implementations do not seem to use it.
982                  * However, try to reply to authentication attempts if someone
983                  * has actually implemented this.
984                  */
985                 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
986                         return;
987                 ieee80211_send_auth(sdata, ifsta, 2, NULL, 0, 0);
988         }
989
990         if (auth_alg != ifsta->auth_alg ||
991             auth_transaction != ifsta->auth_transaction)
992                 return;
993
994         if (status_code != WLAN_STATUS_SUCCESS) {
995                 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
996                         u8 algs[3];
997                         const int num_algs = ARRAY_SIZE(algs);
998                         int i, pos;
999                         algs[0] = algs[1] = algs[2] = 0xff;
1000                         if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1001                                 algs[0] = WLAN_AUTH_OPEN;
1002                         if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1003                                 algs[1] = WLAN_AUTH_SHARED_KEY;
1004                         if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1005                                 algs[2] = WLAN_AUTH_LEAP;
1006                         if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1007                                 pos = 0;
1008                         else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1009                                 pos = 1;
1010                         else
1011                                 pos = 2;
1012                         for (i = 0; i < num_algs; i++) {
1013                                 pos++;
1014                                 if (pos >= num_algs)
1015                                         pos = 0;
1016                                 if (algs[pos] == ifsta->auth_alg ||
1017                                     algs[pos] == 0xff)
1018                                         continue;
1019                                 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1020                                     !ieee80211_sta_wep_configured(sdata))
1021                                         continue;
1022                                 ifsta->auth_alg = algs[pos];
1023                                 break;
1024                         }
1025                 }
1026                 return;
1027         }
1028
1029         switch (ifsta->auth_alg) {
1030         case WLAN_AUTH_OPEN:
1031         case WLAN_AUTH_LEAP:
1032                 ieee80211_auth_completed(sdata, ifsta);
1033                 break;
1034         case WLAN_AUTH_SHARED_KEY:
1035                 if (ifsta->auth_transaction == 4)
1036                         ieee80211_auth_completed(sdata, ifsta);
1037                 else
1038                         ieee80211_auth_challenge(sdata, ifsta, mgmt, len);
1039                 break;
1040         }
1041 }
1042
1043
1044 static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1045                                      struct ieee80211_if_sta *ifsta,
1046                                      struct ieee80211_mgmt *mgmt,
1047                                      size_t len)
1048 {
1049         u16 reason_code;
1050         DECLARE_MAC_BUF(mac);
1051
1052         if (len < 24 + 2)
1053                 return;
1054
1055         if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
1056                 return;
1057
1058         reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1059
1060         if (ifsta->flags & IEEE80211_STA_AUTHENTICATED)
1061                 printk(KERN_DEBUG "%s: deauthenticated\n", sdata->dev->name);
1062
1063         if (ifsta->state == IEEE80211_STA_MLME_AUTHENTICATE ||
1064             ifsta->state == IEEE80211_STA_MLME_ASSOCIATE ||
1065             ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
1066                 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1067                 mod_timer(&ifsta->timer, jiffies +
1068                                       IEEE80211_RETRY_AUTH_INTERVAL);
1069         }
1070
1071         ieee80211_set_disassoc(sdata, ifsta, true, false, 0);
1072         ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
1073 }
1074
1075
1076 static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1077                                        struct ieee80211_if_sta *ifsta,
1078                                        struct ieee80211_mgmt *mgmt,
1079                                        size_t len)
1080 {
1081         u16 reason_code;
1082         DECLARE_MAC_BUF(mac);
1083
1084         if (len < 24 + 2)
1085                 return;
1086
1087         if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
1088                 return;
1089
1090         reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1091
1092         if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
1093                 printk(KERN_DEBUG "%s: disassociated\n", sdata->dev->name);
1094
1095         if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
1096                 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
1097                 mod_timer(&ifsta->timer, jiffies +
1098                                       IEEE80211_RETRY_AUTH_INTERVAL);
1099         }
1100
1101         ieee80211_set_disassoc(sdata, ifsta, false, false, 0);
1102 }
1103
1104
1105 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1106                                          struct ieee80211_if_sta *ifsta,
1107                                          struct ieee80211_mgmt *mgmt,
1108                                          size_t len,
1109                                          int reassoc)
1110 {
1111         struct ieee80211_local *local = sdata->local;
1112         struct ieee80211_supported_band *sband;
1113         struct sta_info *sta;
1114         u64 rates, basic_rates;
1115         u16 capab_info, status_code, aid;
1116         struct ieee802_11_elems elems;
1117         struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
1118         u8 *pos;
1119         int i, j;
1120         DECLARE_MAC_BUF(mac);
1121         bool have_higher_than_11mbit = false;
1122
1123         /* AssocResp and ReassocResp have identical structure, so process both
1124          * of them in this function. */
1125
1126         if (ifsta->state != IEEE80211_STA_MLME_ASSOCIATE)
1127                 return;
1128
1129         if (len < 24 + 6)
1130                 return;
1131
1132         if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1133                 return;
1134
1135         capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1136         status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1137         aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1138
1139         printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
1140                "status=%d aid=%d)\n",
1141                sdata->dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
1142                capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1143
1144         if (status_code != WLAN_STATUS_SUCCESS) {
1145                 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1146                        sdata->dev->name, status_code);
1147                 /* if this was a reassociation, ensure we try a "full"
1148                  * association next time. This works around some broken APs
1149                  * which do not correctly reject reassociation requests. */
1150                 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1151                 return;
1152         }
1153
1154         if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1155                 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1156                        "set\n", sdata->dev->name, aid);
1157         aid &= ~(BIT(15) | BIT(14));
1158
1159         pos = mgmt->u.assoc_resp.variable;
1160         ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1161
1162         if (!elems.supp_rates) {
1163                 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1164                        sdata->dev->name);
1165                 return;
1166         }
1167
1168         printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
1169         ifsta->aid = aid;
1170         ifsta->ap_capab = capab_info;
1171
1172         kfree(ifsta->assocresp_ies);
1173         ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1174         ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
1175         if (ifsta->assocresp_ies)
1176                 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1177
1178         rcu_read_lock();
1179
1180         /* Add STA entry for the AP */
1181         sta = sta_info_get(local, ifsta->bssid);
1182         if (!sta) {
1183                 struct ieee80211_sta_bss *bss;
1184                 int err;
1185
1186                 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
1187                 if (!sta) {
1188                         printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1189                                " the AP\n", sdata->dev->name);
1190                         rcu_read_unlock();
1191                         return;
1192                 }
1193                 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1194                                            local->hw.conf.channel->center_freq,
1195                                            ifsta->ssid, ifsta->ssid_len);
1196                 if (bss) {
1197                         sta->last_signal = bss->signal;
1198                         sta->last_qual = bss->qual;
1199                         sta->last_noise = bss->noise;
1200                         ieee80211_rx_bss_put(local, bss);
1201                 }
1202
1203                 err = sta_info_insert(sta);
1204                 if (err) {
1205                         printk(KERN_DEBUG "%s: failed to insert STA entry for"
1206                                " the AP (error %d)\n", sdata->dev->name, err);
1207                         rcu_read_unlock();
1208                         return;
1209                 }
1210                 /* update new sta with its last rx activity */
1211                 sta->last_rx = jiffies;
1212         }
1213
1214         /*
1215          * FIXME: Do we really need to update the sta_info's information here?
1216          *        We already know about the AP (we found it in our list) so it
1217          *        should already be filled with the right info, no?
1218          *        As is stands, all this is racy because typically we assume
1219          *        the information that is filled in here (except flags) doesn't
1220          *        change while a STA structure is alive. As such, it should move
1221          *        to between the sta_info_alloc() and sta_info_insert() above.
1222          */
1223
1224         set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
1225                            WLAN_STA_AUTHORIZED);
1226
1227         rates = 0;
1228         basic_rates = 0;
1229         sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1230
1231         for (i = 0; i < elems.supp_rates_len; i++) {
1232                 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1233
1234                 if (rate > 110)
1235                         have_higher_than_11mbit = true;
1236
1237                 for (j = 0; j < sband->n_bitrates; j++) {
1238                         if (sband->bitrates[j].bitrate == rate)
1239                                 rates |= BIT(j);
1240                         if (elems.supp_rates[i] & 0x80)
1241                                 basic_rates |= BIT(j);
1242                 }
1243         }
1244
1245         for (i = 0; i < elems.ext_supp_rates_len; i++) {
1246                 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1247
1248                 if (rate > 110)
1249                         have_higher_than_11mbit = true;
1250
1251                 for (j = 0; j < sband->n_bitrates; j++) {
1252                         if (sband->bitrates[j].bitrate == rate)
1253                                 rates |= BIT(j);
1254                         if (elems.ext_supp_rates[i] & 0x80)
1255                                 basic_rates |= BIT(j);
1256                 }
1257         }
1258
1259         sta->supp_rates[local->hw.conf.channel->band] = rates;
1260         sdata->basic_rates = basic_rates;
1261
1262         /* cf. IEEE 802.11 9.2.12 */
1263         if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
1264             have_higher_than_11mbit)
1265                 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
1266         else
1267                 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
1268
1269         if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
1270             (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
1271                 struct ieee80211_ht_bss_info bss_info;
1272                 ieee80211_ht_cap_ie_to_ht_info(
1273                                 (struct ieee80211_ht_cap *)
1274                                 elems.ht_cap_elem, &sta->ht_info);
1275                 ieee80211_ht_addt_info_ie_to_ht_bss_info(
1276                                 (struct ieee80211_ht_addt_info *)
1277                                 elems.ht_info_elem, &bss_info);
1278                 ieee80211_handle_ht(local, 1, &sta->ht_info, &bss_info);
1279         }
1280
1281         rate_control_rate_init(sta, local);
1282
1283         if (elems.wmm_param) {
1284                 set_sta_flags(sta, WLAN_STA_WME);
1285                 rcu_read_unlock();
1286                 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
1287                                          elems.wmm_param_len);
1288         } else
1289                 rcu_read_unlock();
1290
1291         /* set AID and assoc capability,
1292          * ieee80211_set_associated() will tell the driver */
1293         bss_conf->aid = aid;
1294         bss_conf->assoc_capability = capab_info;
1295         ieee80211_set_associated(sdata, ifsta);
1296
1297         ieee80211_associated(sdata, ifsta);
1298 }
1299
1300
1301 static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
1302                                    struct ieee80211_if_sta *ifsta,
1303                                    struct ieee80211_sta_bss *bss)
1304 {
1305         struct ieee80211_local *local = sdata->local;
1306         int res, rates, i, j;
1307         struct sk_buff *skb;
1308         struct ieee80211_mgmt *mgmt;
1309         u8 *pos;
1310         struct ieee80211_supported_band *sband;
1311         union iwreq_data wrqu;
1312
1313         sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1314
1315         /* Remove possible STA entries from other IBSS networks. */
1316         sta_info_flush_delayed(sdata);
1317
1318         if (local->ops->reset_tsf) {
1319                 /* Reset own TSF to allow time synchronization work. */
1320                 local->ops->reset_tsf(local_to_hw(local));
1321         }
1322         memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
1323         res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
1324         if (res)
1325                 return res;
1326
1327         local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
1328
1329         sdata->drop_unencrypted = bss->capability &
1330                 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
1331
1332         res = ieee80211_set_freq(sdata, bss->freq);
1333
1334         if (res)
1335                 return res;
1336
1337         /* Build IBSS probe response */
1338         skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
1339         if (skb) {
1340                 skb_reserve(skb, local->hw.extra_tx_headroom);
1341
1342                 mgmt = (struct ieee80211_mgmt *)
1343                         skb_put(skb, 24 + sizeof(mgmt->u.beacon));
1344                 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
1345                 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1346                                                   IEEE80211_STYPE_PROBE_RESP);
1347                 memset(mgmt->da, 0xff, ETH_ALEN);
1348                 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1349                 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1350                 mgmt->u.beacon.beacon_int =
1351                         cpu_to_le16(local->hw.conf.beacon_int);
1352                 mgmt->u.beacon.timestamp = cpu_to_le64(bss->timestamp);
1353                 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
1354
1355                 pos = skb_put(skb, 2 + ifsta->ssid_len);
1356                 *pos++ = WLAN_EID_SSID;
1357                 *pos++ = ifsta->ssid_len;
1358                 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
1359
1360                 rates = bss->supp_rates_len;
1361                 if (rates > 8)
1362                         rates = 8;
1363                 pos = skb_put(skb, 2 + rates);
1364                 *pos++ = WLAN_EID_SUPP_RATES;
1365                 *pos++ = rates;
1366                 memcpy(pos, bss->supp_rates, rates);
1367
1368                 if (bss->band == IEEE80211_BAND_2GHZ) {
1369                         pos = skb_put(skb, 2 + 1);
1370                         *pos++ = WLAN_EID_DS_PARAMS;
1371                         *pos++ = 1;
1372                         *pos++ = ieee80211_frequency_to_channel(bss->freq);
1373                 }
1374
1375                 pos = skb_put(skb, 2 + 2);
1376                 *pos++ = WLAN_EID_IBSS_PARAMS;
1377                 *pos++ = 2;
1378                 /* FIX: set ATIM window based on scan results */
1379                 *pos++ = 0;
1380                 *pos++ = 0;
1381
1382                 if (bss->supp_rates_len > 8) {
1383                         rates = bss->supp_rates_len - 8;
1384                         pos = skb_put(skb, 2 + rates);
1385                         *pos++ = WLAN_EID_EXT_SUPP_RATES;
1386                         *pos++ = rates;
1387                         memcpy(pos, &bss->supp_rates[8], rates);
1388                 }
1389
1390                 ifsta->probe_resp = skb;
1391
1392                 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
1393         }
1394
1395         rates = 0;
1396         sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1397         for (i = 0; i < bss->supp_rates_len; i++) {
1398                 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
1399                 for (j = 0; j < sband->n_bitrates; j++)
1400                         if (sband->bitrates[j].bitrate == bitrate)
1401                                 rates |= BIT(j);
1402         }
1403         ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
1404
1405         ieee80211_sta_def_wmm_params(sdata, bss);
1406
1407         ifsta->state = IEEE80211_STA_MLME_IBSS_JOINED;
1408         mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1409
1410         memset(&wrqu, 0, sizeof(wrqu));
1411         memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
1412         wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
1413
1414         return res;
1415 }
1416
1417 u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
1418                             struct ieee802_11_elems *elems,
1419                             enum ieee80211_band band)
1420 {
1421         struct ieee80211_supported_band *sband;
1422         struct ieee80211_rate *bitrates;
1423         size_t num_rates;
1424         u64 supp_rates;
1425         int i, j;
1426         sband = local->hw.wiphy->bands[band];
1427
1428         if (!sband) {
1429                 WARN_ON(1);
1430                 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1431         }
1432
1433         bitrates = sband->bitrates;
1434         num_rates = sband->n_bitrates;
1435         supp_rates = 0;
1436         for (i = 0; i < elems->supp_rates_len +
1437                      elems->ext_supp_rates_len; i++) {
1438                 u8 rate = 0;
1439                 int own_rate;
1440                 if (i < elems->supp_rates_len)
1441                         rate = elems->supp_rates[i];
1442                 else if (elems->ext_supp_rates)
1443                         rate = elems->ext_supp_rates
1444                                 [i - elems->supp_rates_len];
1445                 own_rate = 5 * (rate & 0x7f);
1446                 for (j = 0; j < num_rates; j++)
1447                         if (bitrates[j].bitrate == own_rate)
1448                                 supp_rates |= BIT(j);
1449         }
1450         return supp_rates;
1451 }
1452
1453 static u64 ieee80211_sta_get_mandatory_rates(struct ieee80211_local *local,
1454                                         enum ieee80211_band band)
1455 {
1456         struct ieee80211_supported_band *sband;
1457         struct ieee80211_rate *bitrates;
1458         u64 mandatory_rates;
1459         enum ieee80211_rate_flags mandatory_flag;
1460         int i;
1461
1462         sband = local->hw.wiphy->bands[band];
1463         if (!sband) {
1464                 WARN_ON(1);
1465                 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1466         }
1467
1468         if (band == IEEE80211_BAND_2GHZ)
1469                 mandatory_flag = IEEE80211_RATE_MANDATORY_B;
1470         else
1471                 mandatory_flag = IEEE80211_RATE_MANDATORY_A;
1472
1473         bitrates = sband->bitrates;
1474         mandatory_rates = 0;
1475         for (i = 0; i < sband->n_bitrates; i++)
1476                 if (bitrates[i].flags & mandatory_flag)
1477                         mandatory_rates |= BIT(i);
1478         return mandatory_rates;
1479 }
1480
1481 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1482                                   struct ieee80211_mgmt *mgmt,
1483                                   size_t len,
1484                                   struct ieee80211_rx_status *rx_status,
1485                                   struct ieee802_11_elems *elems,
1486                                   bool beacon)
1487 {
1488         struct ieee80211_local *local = sdata->local;
1489         int freq;
1490         struct ieee80211_sta_bss *bss;
1491         struct sta_info *sta;
1492         struct ieee80211_channel *channel;
1493         u64 beacon_timestamp, rx_timestamp;
1494         u64 supp_rates = 0;
1495         enum ieee80211_band band = rx_status->band;
1496         DECLARE_MAC_BUF(mac);
1497         DECLARE_MAC_BUF(mac2);
1498
1499         if (elems->ds_params && elems->ds_params_len == 1)
1500                 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
1501         else
1502                 freq = rx_status->freq;
1503
1504         channel = ieee80211_get_channel(local->hw.wiphy, freq);
1505
1506         if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
1507                 return;
1508
1509         if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems->supp_rates &&
1510             memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1511                 supp_rates = ieee80211_sta_get_rates(local, elems, band);
1512
1513                 rcu_read_lock();
1514
1515                 sta = sta_info_get(local, mgmt->sa);
1516                 if (sta) {
1517                         u64 prev_rates;
1518
1519                         prev_rates = sta->supp_rates[band];
1520                         /* make sure mandatory rates are always added */
1521                         sta->supp_rates[band] = supp_rates |
1522                                 ieee80211_sta_get_mandatory_rates(local, band);
1523
1524 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1525                         if (sta->supp_rates[band] != prev_rates)
1526                                 printk(KERN_DEBUG "%s: updated supp_rates set "
1527                                     "for %s based on beacon info (0x%llx | "
1528                                     "0x%llx -> 0x%llx)\n",
1529                                     sdata->dev->name, print_mac(mac, sta->addr),
1530                                     (unsigned long long) prev_rates,
1531                                     (unsigned long long) supp_rates,
1532                                     (unsigned long long) sta->supp_rates[band]);
1533 #endif
1534                 } else {
1535                         ieee80211_ibss_add_sta(sdata, NULL, mgmt->bssid,
1536                                                mgmt->sa, supp_rates);
1537                 }
1538
1539                 rcu_read_unlock();
1540         }
1541
1542         bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1543                                         freq, beacon);
1544         if (!bss)
1545                 return;
1546
1547         /* was just updated in ieee80211_bss_info_update */
1548         beacon_timestamp = bss->timestamp;
1549
1550         /*
1551          * In STA mode, the remaining parameters should not be overridden
1552          * by beacons because they're not necessarily accurate there.
1553          */
1554         if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1555             bss->last_probe_resp && beacon) {
1556                 ieee80211_rx_bss_put(local, bss);
1557                 return;
1558         }
1559
1560         /* check if we need to merge IBSS */
1561         if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
1562             bss->capability & WLAN_CAPABILITY_IBSS &&
1563             bss->freq == local->oper_channel->center_freq &&
1564             elems->ssid_len == sdata->u.sta.ssid_len &&
1565             memcmp(elems->ssid, sdata->u.sta.ssid,
1566                                 sdata->u.sta.ssid_len) == 0) {
1567                 if (rx_status->flag & RX_FLAG_TSFT) {
1568                         /* in order for correct IBSS merging we need mactime
1569                          *
1570                          * since mactime is defined as the time the first data
1571                          * symbol of the frame hits the PHY, and the timestamp
1572                          * of the beacon is defined as "the time that the data
1573                          * symbol containing the first bit of the timestamp is
1574                          * transmitted to the PHY plus the transmitting STA’s
1575                          * delays through its local PHY from the MAC-PHY
1576                          * interface to its interface with the WM"
1577                          * (802.11 11.1.2) - equals the time this bit arrives at
1578                          * the receiver - we have to take into account the
1579                          * offset between the two.
1580                          * e.g: at 1 MBit that means mactime is 192 usec earlier
1581                          * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
1582                          */
1583                         int rate = local->hw.wiphy->bands[band]->
1584                                         bitrates[rx_status->rate_idx].bitrate;
1585                         rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
1586                 } else if (local && local->ops && local->ops->get_tsf)
1587                         /* second best option: get current TSF */
1588                         rx_timestamp = local->ops->get_tsf(local_to_hw(local));
1589                 else
1590                         /* can't merge without knowing the TSF */
1591                         rx_timestamp = -1LLU;
1592 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1593                 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
1594                        "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
1595                        print_mac(mac, mgmt->sa),
1596                        print_mac(mac2, mgmt->bssid),
1597                        (unsigned long long)rx_timestamp,
1598                        (unsigned long long)beacon_timestamp,
1599                        (unsigned long long)(rx_timestamp - beacon_timestamp),
1600                        jiffies);
1601 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
1602                 if (beacon_timestamp > rx_timestamp) {
1603 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1604                         printk(KERN_DEBUG "%s: beacon TSF higher than "
1605                                "local TSF - IBSS merge with BSSID %s\n",
1606                                sdata->dev->name, print_mac(mac, mgmt->bssid));
1607 #endif
1608                         ieee80211_sta_join_ibss(sdata, &sdata->u.sta, bss);
1609                         ieee80211_ibss_add_sta(sdata, NULL,
1610                                                mgmt->bssid, mgmt->sa,
1611                                                supp_rates);
1612                 }
1613         }
1614
1615         ieee80211_rx_bss_put(local, bss);
1616 }
1617
1618
1619 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1620                                          struct ieee80211_mgmt *mgmt,
1621                                          size_t len,
1622                                          struct ieee80211_rx_status *rx_status)
1623 {
1624         size_t baselen;
1625         struct ieee802_11_elems elems;
1626         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1627
1628         if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
1629                 return; /* ignore ProbeResp to foreign address */
1630
1631         baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
1632         if (baselen > len)
1633                 return;
1634
1635         ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
1636                                 &elems);
1637
1638         ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
1639
1640         /* direct probe may be part of the association flow */
1641         if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
1642                                                         &ifsta->request)) {
1643                 printk(KERN_DEBUG "%s direct probe responded\n",
1644                        sdata->dev->name);
1645                 ieee80211_authenticate(sdata, ifsta);
1646         }
1647 }
1648
1649
1650 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1651                                      struct ieee80211_mgmt *mgmt,
1652                                      size_t len,
1653                                      struct ieee80211_rx_status *rx_status)
1654 {
1655         struct ieee80211_if_sta *ifsta;
1656         size_t baselen;
1657         struct ieee802_11_elems elems;
1658         struct ieee80211_local *local = sdata->local;
1659         struct ieee80211_conf *conf = &local->hw.conf;
1660         u32 changed = 0;
1661
1662         /* Process beacon from the current BSS */
1663         baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1664         if (baselen > len)
1665                 return;
1666
1667         ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
1668
1669         ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
1670
1671         if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
1672                 return;
1673         ifsta = &sdata->u.sta;
1674
1675         if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
1676             memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1677                 return;
1678
1679         ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
1680                                  elems.wmm_param_len);
1681
1682         if (elems.erp_info && elems.erp_info_len >= 1)
1683                 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
1684         else {
1685                 u16 capab = le16_to_cpu(mgmt->u.beacon.capab_info);
1686                 changed |= ieee80211_handle_protect_preamb(sdata, false,
1687                                 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
1688         }
1689
1690         if (elems.ht_cap_elem && elems.ht_info_elem &&
1691             elems.wmm_param && conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
1692                 struct ieee80211_ht_bss_info bss_info;
1693
1694                 ieee80211_ht_addt_info_ie_to_ht_bss_info(
1695                                 (struct ieee80211_ht_addt_info *)
1696                                 elems.ht_info_elem, &bss_info);
1697                 changed |= ieee80211_handle_ht(local, 1, &conf->ht_conf,
1698                                                &bss_info);
1699         }
1700
1701         ieee80211_bss_info_change_notify(sdata, changed);
1702 }
1703
1704
1705 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
1706                                         struct ieee80211_if_sta *ifsta,
1707                                         struct ieee80211_mgmt *mgmt,
1708                                         size_t len,
1709                                         struct ieee80211_rx_status *rx_status)
1710 {
1711         struct ieee80211_local *local = sdata->local;
1712         int tx_last_beacon;
1713         struct sk_buff *skb;
1714         struct ieee80211_mgmt *resp;
1715         u8 *pos, *end;
1716         DECLARE_MAC_BUF(mac);
1717 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1718         DECLARE_MAC_BUF(mac2);
1719         DECLARE_MAC_BUF(mac3);
1720 #endif
1721
1722         if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
1723             ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED ||
1724             len < 24 + 2 || !ifsta->probe_resp)
1725                 return;
1726
1727         if (local->ops->tx_last_beacon)
1728                 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1729         else
1730                 tx_last_beacon = 1;
1731
1732 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1733         printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
1734                "%s (tx_last_beacon=%d)\n",
1735                sdata->dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
1736                print_mac(mac3, mgmt->bssid), tx_last_beacon);
1737 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
1738
1739         if (!tx_last_beacon)
1740                 return;
1741
1742         if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1743             memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1744                 return;
1745
1746         end = ((u8 *) mgmt) + len;
1747         pos = mgmt->u.probe_req.variable;
1748         if (pos[0] != WLAN_EID_SSID ||
1749             pos + 2 + pos[1] > end) {
1750 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1751                 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1752                        "from %s\n",
1753                        sdata->dev->name, print_mac(mac, mgmt->sa));
1754 #endif
1755                 return;
1756         }
1757         if (pos[1] != 0 &&
1758             (pos[1] != ifsta->ssid_len ||
1759              memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1760                 /* Ignore ProbeReq for foreign SSID */
1761                 return;
1762         }
1763
1764         /* Reply with ProbeResp */
1765         skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
1766         if (!skb)
1767                 return;
1768
1769         resp = (struct ieee80211_mgmt *) skb->data;
1770         memcpy(resp->da, mgmt->sa, ETH_ALEN);
1771 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1772         printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
1773                sdata->dev->name, print_mac(mac, resp->da));
1774 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
1775         ieee80211_tx_skb(sdata, skb, 0);
1776 }
1777
1778 void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
1779                            struct ieee80211_rx_status *rx_status)
1780 {
1781         struct ieee80211_local *local = sdata->local;
1782         struct ieee80211_if_sta *ifsta;
1783         struct ieee80211_mgmt *mgmt;
1784         u16 fc;
1785
1786         if (skb->len < 24)
1787                 goto fail;
1788
1789         ifsta = &sdata->u.sta;
1790
1791         mgmt = (struct ieee80211_mgmt *) skb->data;
1792         fc = le16_to_cpu(mgmt->frame_control);
1793
1794         switch (fc & IEEE80211_FCTL_STYPE) {
1795         case IEEE80211_STYPE_PROBE_REQ:
1796         case IEEE80211_STYPE_PROBE_RESP:
1797         case IEEE80211_STYPE_BEACON:
1798                 memcpy(skb->cb, rx_status, sizeof(*rx_status));
1799         case IEEE80211_STYPE_AUTH:
1800         case IEEE80211_STYPE_ASSOC_RESP:
1801         case IEEE80211_STYPE_REASSOC_RESP:
1802         case IEEE80211_STYPE_DEAUTH:
1803         case IEEE80211_STYPE_DISASSOC:
1804                 skb_queue_tail(&ifsta->skb_queue, skb);
1805                 queue_work(local->hw.workqueue, &ifsta->work);
1806                 return;
1807         }
1808
1809  fail:
1810         kfree_skb(skb);
1811 }
1812
1813 static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1814                                          struct sk_buff *skb)
1815 {
1816         struct ieee80211_rx_status *rx_status;
1817         struct ieee80211_if_sta *ifsta;
1818         struct ieee80211_mgmt *mgmt;
1819         u16 fc;
1820
1821         ifsta = &sdata->u.sta;
1822
1823         rx_status = (struct ieee80211_rx_status *) skb->cb;
1824         mgmt = (struct ieee80211_mgmt *) skb->data;
1825         fc = le16_to_cpu(mgmt->frame_control);
1826
1827         switch (fc & IEEE80211_FCTL_STYPE) {
1828         case IEEE80211_STYPE_PROBE_REQ:
1829                 ieee80211_rx_mgmt_probe_req(sdata, ifsta, mgmt, skb->len,
1830                                             rx_status);
1831                 break;
1832         case IEEE80211_STYPE_PROBE_RESP:
1833                 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status);
1834                 break;
1835         case IEEE80211_STYPE_BEACON:
1836                 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
1837                 break;
1838         case IEEE80211_STYPE_AUTH:
1839                 ieee80211_rx_mgmt_auth(sdata, ifsta, mgmt, skb->len);
1840                 break;
1841         case IEEE80211_STYPE_ASSOC_RESP:
1842                 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
1843                 break;
1844         case IEEE80211_STYPE_REASSOC_RESP:
1845                 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
1846                 break;
1847         case IEEE80211_STYPE_DEAUTH:
1848                 ieee80211_rx_mgmt_deauth(sdata, ifsta, mgmt, skb->len);
1849                 break;
1850         case IEEE80211_STYPE_DISASSOC:
1851                 ieee80211_rx_mgmt_disassoc(sdata, ifsta, mgmt, skb->len);
1852                 break;
1853         }
1854
1855         kfree_skb(skb);
1856 }
1857
1858
1859 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
1860 {
1861         struct ieee80211_local *local = sdata->local;
1862         int active = 0;
1863         struct sta_info *sta;
1864
1865         rcu_read_lock();
1866
1867         list_for_each_entry_rcu(sta, &local->sta_list, list) {
1868                 if (sta->sdata == sdata &&
1869                     time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1870                                jiffies)) {
1871                         active++;
1872                         break;
1873                 }
1874         }
1875
1876         rcu_read_unlock();
1877
1878         return active;
1879 }
1880
1881
1882 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata,
1883                                      struct ieee80211_if_sta *ifsta)
1884 {
1885         mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1886
1887         ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
1888         if (ieee80211_sta_active_ibss(sdata))
1889                 return;
1890
1891         printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1892                "IBSS networks with same SSID (merge)\n", sdata->dev->name);
1893         ieee80211_sta_req_scan(sdata, ifsta->ssid, ifsta->ssid_len);
1894 }
1895
1896
1897 void ieee80211_sta_timer(unsigned long data)
1898 {
1899         struct ieee80211_sub_if_data *sdata =
1900                 (struct ieee80211_sub_if_data *) data;
1901         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1902         struct ieee80211_local *local = sdata->local;
1903
1904         set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
1905         queue_work(local->hw.workqueue, &ifsta->work);
1906 }
1907
1908 static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata,
1909                                      struct ieee80211_if_sta *ifsta)
1910 {
1911         struct ieee80211_local *local = sdata->local;
1912
1913         if (local->ops->reset_tsf) {
1914                 /* Reset own TSF to allow time synchronization work. */
1915                 local->ops->reset_tsf(local_to_hw(local));
1916         }
1917
1918         ifsta->wmm_last_param_set = -1; /* allow any WMM update */
1919
1920
1921         if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1922                 ifsta->auth_alg = WLAN_AUTH_OPEN;
1923         else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1924                 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
1925         else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1926                 ifsta->auth_alg = WLAN_AUTH_LEAP;
1927         else
1928                 ifsta->auth_alg = WLAN_AUTH_OPEN;
1929         ifsta->auth_transaction = -1;
1930         ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
1931         ifsta->assoc_scan_tries = 0;
1932         ifsta->direct_probe_tries = 0;
1933         ifsta->auth_tries = 0;
1934         ifsta->assoc_tries = 0;
1935         netif_tx_stop_all_queues(sdata->dev);
1936         netif_carrier_off(sdata->dev);
1937 }
1938
1939
1940 void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata,
1941                             struct ieee80211_if_sta *ifsta)
1942 {
1943         struct ieee80211_local *local = sdata->local;
1944
1945         if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
1946                 return;
1947
1948         if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
1949                              IEEE80211_STA_AUTO_BSSID_SEL)) &&
1950             (ifsta->flags & (IEEE80211_STA_SSID_SET |
1951                              IEEE80211_STA_AUTO_SSID_SEL))) {
1952
1953                 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED)
1954                         ieee80211_set_disassoc(sdata, ifsta, true, true,
1955                                                WLAN_REASON_DEAUTH_LEAVING);
1956
1957                 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
1958                 queue_work(local->hw.workqueue, &ifsta->work);
1959         }
1960 }
1961
1962 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
1963                                     const char *ssid, int ssid_len)
1964 {
1965         int tmp, hidden_ssid;
1966
1967         if (ssid_len == ifsta->ssid_len &&
1968             !memcmp(ifsta->ssid, ssid, ssid_len))
1969                 return 1;
1970
1971         if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
1972                 return 0;
1973
1974         hidden_ssid = 1;
1975         tmp = ssid_len;
1976         while (tmp--) {
1977                 if (ssid[tmp] != '\0') {
1978                         hidden_ssid = 0;
1979                         break;
1980                 }
1981         }
1982
1983         if (hidden_ssid && ifsta->ssid_len == ssid_len)
1984                 return 1;
1985
1986         if (ssid_len == 1 && ssid[0] == ' ')
1987                 return 1;
1988
1989         return 0;
1990 }
1991
1992 static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata,
1993                                      struct ieee80211_if_sta *ifsta)
1994 {
1995         struct ieee80211_local *local = sdata->local;
1996         struct ieee80211_sta_bss *bss;
1997         struct ieee80211_supported_band *sband;
1998         u8 bssid[ETH_ALEN], *pos;
1999         int i;
2000         int ret;
2001         DECLARE_MAC_BUF(mac);
2002
2003 #if 0
2004         /* Easier testing, use fixed BSSID. */
2005         memset(bssid, 0xfe, ETH_ALEN);
2006 #else
2007         /* Generate random, not broadcast, locally administered BSSID. Mix in
2008          * own MAC address to make sure that devices that do not have proper
2009          * random number generator get different BSSID. */
2010         get_random_bytes(bssid, ETH_ALEN);
2011         for (i = 0; i < ETH_ALEN; i++)
2012                 bssid[i] ^= sdata->dev->dev_addr[i];
2013         bssid[0] &= ~0x01;
2014         bssid[0] |= 0x02;
2015 #endif
2016
2017         printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
2018                sdata->dev->name, print_mac(mac, bssid));
2019
2020         bss = ieee80211_rx_bss_add(local, bssid,
2021                                    local->hw.conf.channel->center_freq,
2022                                    sdata->u.sta.ssid, sdata->u.sta.ssid_len);
2023         if (!bss)
2024                 return -ENOMEM;
2025
2026         bss->band = local->hw.conf.channel->band;
2027         sband = local->hw.wiphy->bands[bss->band];
2028
2029         if (local->hw.conf.beacon_int == 0)
2030                 local->hw.conf.beacon_int = 100;
2031         bss->beacon_int = local->hw.conf.beacon_int;
2032         bss->last_update = jiffies;
2033         bss->capability = WLAN_CAPABILITY_IBSS;
2034
2035         if (sdata->default_key)
2036                 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2037         else
2038                 sdata->drop_unencrypted = 0;
2039
2040         bss->supp_rates_len = sband->n_bitrates;
2041         pos = bss->supp_rates;
2042         for (i = 0; i < sband->n_bitrates; i++) {
2043                 int rate = sband->bitrates[i].bitrate;
2044                 *pos++ = (u8) (rate / 5);
2045         }
2046
2047         ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
2048         ieee80211_rx_bss_put(local, bss);
2049         return ret;
2050 }
2051
2052
2053 static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
2054                                    struct ieee80211_if_sta *ifsta)
2055 {
2056         struct ieee80211_local *local = sdata->local;
2057         struct ieee80211_sta_bss *bss;
2058         int found = 0;
2059         u8 bssid[ETH_ALEN];
2060         int active_ibss;
2061         DECLARE_MAC_BUF(mac);
2062         DECLARE_MAC_BUF(mac2);
2063
2064         if (ifsta->ssid_len == 0)
2065                 return -EINVAL;
2066
2067         active_ibss = ieee80211_sta_active_ibss(sdata);
2068 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2069         printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2070                sdata->dev->name, active_ibss);
2071 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2072         spin_lock_bh(&local->sta_bss_lock);
2073         list_for_each_entry(bss, &local->sta_bss_list, list) {
2074                 if (ifsta->ssid_len != bss->ssid_len ||
2075                     memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2076                     || !(bss->capability & WLAN_CAPABILITY_IBSS))
2077                         continue;
2078 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2079                 printk(KERN_DEBUG "   bssid=%s found\n",
2080                        print_mac(mac, bss->bssid));
2081 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2082                 memcpy(bssid, bss->bssid, ETH_ALEN);
2083                 found = 1;
2084                 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2085                         break;
2086         }
2087         spin_unlock_bh(&local->sta_bss_lock);
2088
2089 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2090         if (found)
2091                 printk(KERN_DEBUG "   sta_find_ibss: selected %s current "
2092                        "%s\n", print_mac(mac, bssid),
2093                        print_mac(mac2, ifsta->bssid));
2094 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2095
2096         if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2097                 int ret;
2098                 int search_freq;
2099
2100                 if (ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
2101                         search_freq = bss->freq;
2102                 else
2103                         search_freq = local->hw.conf.channel->center_freq;
2104
2105                 bss = ieee80211_rx_bss_get(local, bssid, search_freq,
2106                                            ifsta->ssid, ifsta->ssid_len);
2107                 if (!bss)
2108                         goto dont_join;
2109
2110                 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
2111                        " based on configured SSID\n",
2112                        sdata->dev->name, print_mac(mac, bssid));
2113                 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
2114                 ieee80211_rx_bss_put(local, bss);
2115                 return ret;
2116         }
2117
2118 dont_join:
2119 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2120         printk(KERN_DEBUG "   did not try to join ibss\n");
2121 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2122
2123         /* Selected IBSS not found in current scan results - try to scan */
2124         if (ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED &&
2125             !ieee80211_sta_active_ibss(sdata)) {
2126                 mod_timer(&ifsta->timer, jiffies +
2127                                       IEEE80211_IBSS_MERGE_INTERVAL);
2128         } else if (time_after(jiffies, local->last_scan_completed +
2129                               IEEE80211_SCAN_INTERVAL)) {
2130                 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2131                        "join\n", sdata->dev->name);
2132                 return ieee80211_sta_req_scan(sdata, ifsta->ssid,
2133                                               ifsta->ssid_len);
2134         } else if (ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED) {
2135                 int interval = IEEE80211_SCAN_INTERVAL;
2136
2137                 if (time_after(jiffies, ifsta->ibss_join_req +
2138                                IEEE80211_IBSS_JOIN_TIMEOUT)) {
2139                         if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
2140                             (!(local->oper_channel->flags &
2141                                         IEEE80211_CHAN_NO_IBSS)))
2142                                 return ieee80211_sta_create_ibss(sdata, ifsta);
2143                         if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
2144                                 printk(KERN_DEBUG "%s: IBSS not allowed on"
2145                                        " %d MHz\n", sdata->dev->name,
2146                                        local->hw.conf.channel->center_freq);
2147                         }
2148
2149                         /* No IBSS found - decrease scan interval and continue
2150                          * scanning. */
2151                         interval = IEEE80211_SCAN_INTERVAL_SLOW;
2152                 }
2153
2154                 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
2155                 mod_timer(&ifsta->timer, jiffies + interval);
2156                 return 0;
2157         }
2158
2159         return 0;
2160 }
2161
2162
2163 int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
2164 {
2165         struct ieee80211_if_sta *ifsta;
2166         int res;
2167
2168         if (len > IEEE80211_MAX_SSID_LEN)
2169                 return -EINVAL;
2170
2171         ifsta = &sdata->u.sta;
2172
2173         if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) {
2174                 memset(ifsta->ssid, 0, sizeof(ifsta->ssid));
2175                 memcpy(ifsta->ssid, ssid, len);
2176                 ifsta->ssid_len = len;
2177                 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2178
2179                 res = 0;
2180                 /*
2181                  * Hack! MLME code needs to be cleaned up to have different
2182                  * entry points for configuration and internal selection change
2183                  */
2184                 if (netif_running(sdata->dev))
2185                         res = ieee80211_if_config(sdata, IEEE80211_IFCC_SSID);
2186                 if (res) {
2187                         printk(KERN_DEBUG "%s: Failed to config new SSID to "
2188                                "the low-level driver\n", sdata->dev->name);
2189                         return res;
2190                 }
2191         }
2192
2193         if (len)
2194                 ifsta->flags |= IEEE80211_STA_SSID_SET;
2195         else
2196                 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
2197
2198         if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
2199             !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
2200                 ifsta->ibss_join_req = jiffies;
2201                 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
2202                 return ieee80211_sta_find_ibss(sdata, ifsta);
2203         }
2204
2205         return 0;
2206 }
2207
2208
2209 int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
2210 {
2211         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2212         memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
2213         *len = ifsta->ssid_len;
2214         return 0;
2215 }
2216
2217
2218 int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
2219 {
2220         struct ieee80211_if_sta *ifsta;
2221         int res;
2222
2223         ifsta = &sdata->u.sta;
2224
2225         if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2226                 memcpy(ifsta->bssid, bssid, ETH_ALEN);
2227                 res = 0;
2228                 /*
2229                  * Hack! See also ieee80211_sta_set_ssid.
2230                  */
2231                 if (netif_running(sdata->dev))
2232                         res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
2233                 if (res) {
2234                         printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2235                                "the low-level driver\n", sdata->dev->name);
2236                         return res;
2237                 }
2238         }
2239
2240         if (is_valid_ether_addr(bssid))
2241                 ifsta->flags |= IEEE80211_STA_BSSID_SET;
2242         else
2243                 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
2244
2245         return 0;
2246 }
2247
2248
2249 int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len)
2250 {
2251         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2252
2253         kfree(ifsta->extra_ie);
2254         if (len == 0) {
2255                 ifsta->extra_ie = NULL;
2256                 ifsta->extra_ie_len = 0;
2257                 return 0;
2258         }
2259         ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
2260         if (!ifsta->extra_ie) {
2261                 ifsta->extra_ie_len = 0;
2262                 return -ENOMEM;
2263         }
2264         memcpy(ifsta->extra_ie, ie, len);
2265         ifsta->extra_ie_len = len;
2266         return 0;
2267 }
2268
2269
2270 struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
2271                                         struct sk_buff *skb, u8 *bssid,
2272                                         u8 *addr, u64 supp_rates)
2273 {
2274         struct ieee80211_local *local = sdata->local;
2275         struct sta_info *sta;
2276         DECLARE_MAC_BUF(mac);
2277         int band = local->hw.conf.channel->band;
2278
2279         /* TODO: Could consider removing the least recently used entry and
2280          * allow new one to be added. */
2281         if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
2282                 if (net_ratelimit()) {
2283                         printk(KERN_DEBUG "%s: No room for a new IBSS STA "
2284                                "entry %s\n", sdata->dev->name, print_mac(mac, addr));
2285                 }
2286                 return NULL;
2287         }
2288
2289         if (compare_ether_addr(bssid, sdata->u.sta.bssid))
2290                 return NULL;
2291
2292 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2293         printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
2294                wiphy_name(local->hw.wiphy), print_mac(mac, addr), sdata->dev->name);
2295 #endif
2296
2297         sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
2298         if (!sta)
2299                 return NULL;
2300
2301         set_sta_flags(sta, WLAN_STA_AUTHORIZED);
2302
2303         /* make sure mandatory rates are always added */
2304         sta->supp_rates[band] = supp_rates |
2305                         ieee80211_sta_get_mandatory_rates(local, band);
2306
2307         rate_control_rate_init(sta, local);
2308
2309         if (sta_info_insert(sta))
2310                 return NULL;
2311
2312         return sta;
2313 }
2314
2315
2316 static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
2317                                      struct ieee80211_if_sta *ifsta)
2318 {
2319         struct ieee80211_local *local = sdata->local;
2320         struct ieee80211_sta_bss *bss, *selected = NULL;
2321         int top_rssi = 0, freq;
2322
2323         spin_lock_bh(&local->sta_bss_lock);
2324         freq = local->oper_channel->center_freq;
2325         list_for_each_entry(bss, &local->sta_bss_list, list) {
2326                 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2327                         continue;
2328
2329                 if ((ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2330                         IEEE80211_STA_AUTO_BSSID_SEL |
2331                         IEEE80211_STA_AUTO_CHANNEL_SEL)) &&
2332                     (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2333                      !!sdata->default_key))
2334                         continue;
2335
2336                 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
2337                     bss->freq != freq)
2338                         continue;
2339
2340                 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
2341                     memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2342                         continue;
2343
2344                 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
2345                     !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2346                         continue;
2347
2348                 if (!selected || top_rssi < bss->signal) {
2349                         selected = bss;
2350                         top_rssi = bss->signal;
2351                 }
2352         }
2353         if (selected)
2354                 atomic_inc(&selected->users);
2355         spin_unlock_bh(&local->sta_bss_lock);
2356
2357         if (selected) {
2358                 ieee80211_set_freq(sdata, selected->freq);
2359                 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
2360                         ieee80211_sta_set_ssid(sdata, selected->ssid,
2361                                                selected->ssid_len);
2362                 ieee80211_sta_set_bssid(sdata, selected->bssid);
2363                 ieee80211_sta_def_wmm_params(sdata, selected);
2364
2365                 /* Send out direct probe if no probe resp was received or
2366                  * the one we have is outdated
2367                  */
2368                 if (!selected->last_probe_resp ||
2369                     time_after(jiffies, selected->last_probe_resp
2370                                         + IEEE80211_SCAN_RESULT_EXPIRE))
2371                         ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2372                 else
2373                         ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
2374
2375                 ieee80211_rx_bss_put(local, selected);
2376                 ieee80211_sta_reset_auth(sdata, ifsta);
2377                 return 0;
2378         } else {
2379                 if (ifsta->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
2380                         ifsta->assoc_scan_tries++;
2381                         if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
2382                                 ieee80211_sta_start_scan(sdata, NULL, 0);
2383                         else
2384                                 ieee80211_sta_start_scan(sdata, ifsta->ssid,
2385                                                          ifsta->ssid_len);
2386                         ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
2387                         set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2388                 } else
2389                         ifsta->state = IEEE80211_STA_MLME_DISABLED;
2390         }
2391         return -1;
2392 }
2393
2394
2395 int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason)
2396 {
2397         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2398
2399         printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
2400                sdata->dev->name, reason);
2401
2402         if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
2403             sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
2404                 return -EINVAL;
2405
2406         ieee80211_set_disassoc(sdata, ifsta, true, true, reason);
2407         return 0;
2408 }
2409
2410
2411 int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2412 {
2413         struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2414
2415         printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
2416                sdata->dev->name, reason);
2417
2418         if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2419                 return -EINVAL;
2420
2421         if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
2422                 return -1;
2423
2424         ieee80211_set_disassoc(sdata, ifsta, false, true, reason);
2425         return 0;
2426 }
2427
2428 void ieee80211_notify_mac(struct ieee80211_hw *hw,
2429                           enum ieee80211_notification_types  notif_type)
2430 {
2431         struct ieee80211_local *local = hw_to_local(hw);
2432         struct ieee80211_sub_if_data *sdata;
2433
2434         switch (notif_type) {
2435         case IEEE80211_NOTIFY_RE_ASSOC:
2436                 rcu_read_lock();
2437                 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2438                         if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2439                                 continue;
2440
2441                         ieee80211_sta_req_auth(sdata, &sdata->u.sta);
2442                 }
2443                 rcu_read_unlock();
2444                 break;
2445         }
2446 }
2447 EXPORT_SYMBOL(ieee80211_notify_mac);
2448
2449 void ieee80211_sta_work(struct work_struct *work)
2450 {
2451         struct ieee80211_sub_if_data *sdata =
2452                 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
2453         struct ieee80211_local *local = sdata->local;
2454         struct ieee80211_if_sta *ifsta;
2455         struct sk_buff *skb;
2456
2457         if (!netif_running(sdata->dev))
2458                 return;
2459
2460         if (local->sta_sw_scanning || local->sta_hw_scanning)
2461                 return;
2462
2463         if (WARN_ON(sdata->vif.type != IEEE80211_IF_TYPE_STA &&
2464                     sdata->vif.type != IEEE80211_IF_TYPE_IBSS))
2465                 return;
2466         ifsta = &sdata->u.sta;
2467
2468         while ((skb = skb_dequeue(&ifsta->skb_queue)))
2469                 ieee80211_sta_rx_queued_mgmt(sdata, skb);
2470
2471         if (ifsta->state != IEEE80211_STA_MLME_DIRECT_PROBE &&
2472             ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
2473             ifsta->state != IEEE80211_STA_MLME_ASSOCIATE &&
2474             test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
2475                 ieee80211_sta_start_scan(sdata, ifsta->scan_ssid, ifsta->scan_ssid_len);
2476                 return;
2477         }
2478
2479         if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
2480                 if (ieee80211_sta_config_auth(sdata, ifsta))
2481                         return;
2482                 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
2483         } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
2484                 return;
2485
2486         switch (ifsta->state) {
2487         case IEEE80211_STA_MLME_DISABLED:
2488                 break;
2489         case IEEE80211_STA_MLME_DIRECT_PROBE:
2490                 ieee80211_direct_probe(sdata, ifsta);
2491                 break;
2492         case IEEE80211_STA_MLME_AUTHENTICATE:
2493                 ieee80211_authenticate(sdata, ifsta);
2494                 break;
2495         case IEEE80211_STA_MLME_ASSOCIATE:
2496                 ieee80211_associate(sdata, ifsta);
2497                 break;
2498         case IEEE80211_STA_MLME_ASSOCIATED:
2499                 ieee80211_associated(sdata, ifsta);
2500                 break;
2501         case IEEE80211_STA_MLME_IBSS_SEARCH:
2502                 ieee80211_sta_find_ibss(sdata, ifsta);
2503                 break;
2504         case IEEE80211_STA_MLME_IBSS_JOINED:
2505                 ieee80211_sta_merge_ibss(sdata, ifsta);
2506                 break;
2507         default:
2508                 WARN_ON(1);
2509                 break;
2510         }
2511
2512         if (ieee80211_privacy_mismatch(sdata, ifsta)) {
2513                 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
2514                        "mixed-cell disabled - disassociate\n", sdata->dev->name);
2515
2516                 ieee80211_set_disassoc(sdata, ifsta, false, true,
2517                                         WLAN_REASON_UNSPECIFIED);
2518         }
2519 }
2520
2521 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
2522 {
2523         if (sdata->vif.type == IEEE80211_IF_TYPE_STA)
2524                 queue_work(sdata->local->hw.workqueue,
2525                            &sdata->u.sta.work);
2526 }
2527
2528 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
2529 {
2530         struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2531         struct ieee80211_if_sta *ifsta;
2532
2533         if (sdata && sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
2534                 ifsta = &sdata->u.sta;
2535                 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
2536                     (!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
2537                     !ieee80211_sta_active_ibss(sdata)))
2538                         ieee80211_sta_find_ibss(sdata, ifsta);
2539         }
2540
2541         /* Restart STA timers */
2542         rcu_read_lock();
2543         list_for_each_entry_rcu(sdata, &local->interfaces, list)
2544                 ieee80211_restart_sta_timer(sdata);
2545         rcu_read_unlock();
2546 }