Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
[linux-2.6.git] / net / wireless / sme.c
1 /*
2  * SME code for cfg80211's connect emulation.
3  *
4  * Copyright 2009       Johannes Berg <johannes@sipsolutions.net>
5  * Copyright (C) 2009   Intel Corporation. All rights reserved.
6  */
7
8 #include <linux/etherdevice.h>
9 #include <linux/if_arp.h>
10 #include <linux/slab.h>
11 #include <linux/workqueue.h>
12 #include <linux/wireless.h>
13 #include <linux/export.h>
14 #include <net/iw_handler.h>
15 #include <net/cfg80211.h>
16 #include <net/rtnetlink.h>
17 #include "nl80211.h"
18 #include "reg.h"
19
20 struct cfg80211_conn {
21         struct cfg80211_connect_params params;
22         /* these are sub-states of the _CONNECTING sme_state */
23         enum {
24                 CFG80211_CONN_IDLE,
25                 CFG80211_CONN_SCANNING,
26                 CFG80211_CONN_SCAN_AGAIN,
27                 CFG80211_CONN_AUTHENTICATE_NEXT,
28                 CFG80211_CONN_AUTHENTICATING,
29                 CFG80211_CONN_ASSOCIATE_NEXT,
30                 CFG80211_CONN_ASSOCIATING,
31                 CFG80211_CONN_DEAUTH_ASSOC_FAIL,
32         } state;
33         u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
34         u8 *ie;
35         size_t ie_len;
36         bool auto_auth, prev_bssid_valid;
37 };
38
39 static bool cfg80211_is_all_idle(void)
40 {
41         struct cfg80211_registered_device *rdev;
42         struct wireless_dev *wdev;
43         bool is_all_idle = true;
44
45         mutex_lock(&cfg80211_mutex);
46
47         /*
48          * All devices must be idle as otherwise if you are actively
49          * scanning some new beacon hints could be learned and would
50          * count as new regulatory hints.
51          */
52         list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
53                 cfg80211_lock_rdev(rdev);
54                 list_for_each_entry(wdev, &rdev->netdev_list, list) {
55                         wdev_lock(wdev);
56                         if (wdev->sme_state != CFG80211_SME_IDLE)
57                                 is_all_idle = false;
58                         wdev_unlock(wdev);
59                 }
60                 cfg80211_unlock_rdev(rdev);
61         }
62
63         mutex_unlock(&cfg80211_mutex);
64
65         return is_all_idle;
66 }
67
68 static void disconnect_work(struct work_struct *work)
69 {
70         if (!cfg80211_is_all_idle())
71                 return;
72
73         regulatory_hint_disconnect();
74 }
75
76 static DECLARE_WORK(cfg80211_disconnect_work, disconnect_work);
77
78 static int cfg80211_conn_scan(struct wireless_dev *wdev)
79 {
80         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
81         struct cfg80211_scan_request *request;
82         int n_channels, err;
83
84         ASSERT_RTNL();
85         ASSERT_RDEV_LOCK(rdev);
86         ASSERT_WDEV_LOCK(wdev);
87
88         if (rdev->scan_req)
89                 return -EBUSY;
90
91         if (wdev->conn->params.channel) {
92                 n_channels = 1;
93         } else {
94                 enum ieee80211_band band;
95                 n_channels = 0;
96
97                 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
98                         if (!wdev->wiphy->bands[band])
99                                 continue;
100                         n_channels += wdev->wiphy->bands[band]->n_channels;
101                 }
102         }
103         request = kzalloc(sizeof(*request) + sizeof(request->ssids[0]) +
104                           sizeof(request->channels[0]) * n_channels,
105                           GFP_KERNEL);
106         if (!request)
107                 return -ENOMEM;
108
109         if (wdev->conn->params.channel)
110                 request->channels[0] = wdev->conn->params.channel;
111         else {
112                 int i = 0, j;
113                 enum ieee80211_band band;
114                 struct ieee80211_supported_band *bands;
115                 struct ieee80211_channel *channel;
116
117                 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
118                         bands = wdev->wiphy->bands[band];
119                         if (!bands)
120                                 continue;
121                         for (j = 0; j < bands->n_channels; j++) {
122                                 channel = &bands->channels[j];
123                                 if (channel->flags & IEEE80211_CHAN_DISABLED)
124                                         continue;
125                                 request->channels[i++] = channel;
126                         }
127                         request->rates[band] = (1 << bands->n_bitrates) - 1;
128                 }
129                 n_channels = i;
130         }
131         request->n_channels = n_channels;
132         request->ssids = (void *)&request->channels[n_channels];
133         request->n_ssids = 1;
134
135         memcpy(request->ssids[0].ssid, wdev->conn->params.ssid,
136                 wdev->conn->params.ssid_len);
137         request->ssids[0].ssid_len = wdev->conn->params.ssid_len;
138
139         request->dev = wdev->netdev;
140         request->wiphy = &rdev->wiphy;
141
142         rdev->scan_req = request;
143
144         err = rdev->ops->scan(wdev->wiphy, wdev->netdev, request);
145         if (!err) {
146                 wdev->conn->state = CFG80211_CONN_SCANNING;
147                 nl80211_send_scan_start(rdev, wdev->netdev);
148                 dev_hold(wdev->netdev);
149         } else {
150                 rdev->scan_req = NULL;
151                 kfree(request);
152         }
153         return err;
154 }
155
156 static int cfg80211_conn_do_work(struct wireless_dev *wdev)
157 {
158         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
159         struct cfg80211_connect_params *params;
160         const u8 *prev_bssid = NULL;
161         int err;
162
163         ASSERT_WDEV_LOCK(wdev);
164
165         if (!wdev->conn)
166                 return 0;
167
168         params = &wdev->conn->params;
169
170         switch (wdev->conn->state) {
171         case CFG80211_CONN_SCAN_AGAIN:
172                 return cfg80211_conn_scan(wdev);
173         case CFG80211_CONN_AUTHENTICATE_NEXT:
174                 BUG_ON(!rdev->ops->auth);
175                 wdev->conn->state = CFG80211_CONN_AUTHENTICATING;
176                 return __cfg80211_mlme_auth(rdev, wdev->netdev,
177                                             params->channel, params->auth_type,
178                                             params->bssid,
179                                             params->ssid, params->ssid_len,
180                                             NULL, 0,
181                                             params->key, params->key_len,
182                                             params->key_idx, false);
183         case CFG80211_CONN_ASSOCIATE_NEXT:
184                 BUG_ON(!rdev->ops->assoc);
185                 wdev->conn->state = CFG80211_CONN_ASSOCIATING;
186                 if (wdev->conn->prev_bssid_valid)
187                         prev_bssid = wdev->conn->prev_bssid;
188                 err = __cfg80211_mlme_assoc(rdev, wdev->netdev,
189                                             params->channel, params->bssid,
190                                             prev_bssid,
191                                             params->ssid, params->ssid_len,
192                                             params->ie, params->ie_len,
193                                             false, &params->crypto,
194                                             params->flags, &params->ht_capa,
195                                             &params->ht_capa_mask);
196                 if (err)
197                         __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
198                                                NULL, 0,
199                                                WLAN_REASON_DEAUTH_LEAVING,
200                                                false);
201                 return err;
202         case CFG80211_CONN_DEAUTH_ASSOC_FAIL:
203                 __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
204                                        NULL, 0,
205                                        WLAN_REASON_DEAUTH_LEAVING, false);
206                 /* return an error so that we call __cfg80211_connect_result() */
207                 return -EINVAL;
208         default:
209                 return 0;
210         }
211 }
212
213 void cfg80211_conn_work(struct work_struct *work)
214 {
215         struct cfg80211_registered_device *rdev =
216                 container_of(work, struct cfg80211_registered_device, conn_work);
217         struct wireless_dev *wdev;
218         u8 bssid_buf[ETH_ALEN], *bssid = NULL;
219
220         rtnl_lock();
221         cfg80211_lock_rdev(rdev);
222         mutex_lock(&rdev->devlist_mtx);
223
224         list_for_each_entry(wdev, &rdev->netdev_list, list) {
225                 wdev_lock(wdev);
226                 if (!netif_running(wdev->netdev)) {
227                         wdev_unlock(wdev);
228                         continue;
229                 }
230                 if (wdev->sme_state != CFG80211_SME_CONNECTING) {
231                         wdev_unlock(wdev);
232                         continue;
233                 }
234                 if (wdev->conn->params.bssid) {
235                         memcpy(bssid_buf, wdev->conn->params.bssid, ETH_ALEN);
236                         bssid = bssid_buf;
237                 }
238                 if (cfg80211_conn_do_work(wdev))
239                         __cfg80211_connect_result(
240                                         wdev->netdev, bssid,
241                                         NULL, 0, NULL, 0,
242                                         WLAN_STATUS_UNSPECIFIED_FAILURE,
243                                         false, NULL);
244                 wdev_unlock(wdev);
245         }
246
247         mutex_unlock(&rdev->devlist_mtx);
248         cfg80211_unlock_rdev(rdev);
249         rtnl_unlock();
250 }
251
252 static struct cfg80211_bss *cfg80211_get_conn_bss(struct wireless_dev *wdev)
253 {
254         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
255         struct cfg80211_bss *bss;
256         u16 capa = WLAN_CAPABILITY_ESS;
257
258         ASSERT_WDEV_LOCK(wdev);
259
260         if (wdev->conn->params.privacy)
261                 capa |= WLAN_CAPABILITY_PRIVACY;
262
263         bss = cfg80211_get_bss(wdev->wiphy, wdev->conn->params.channel,
264                                wdev->conn->params.bssid,
265                                wdev->conn->params.ssid,
266                                wdev->conn->params.ssid_len,
267                                WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_PRIVACY,
268                                capa);
269         if (!bss)
270                 return NULL;
271
272         memcpy(wdev->conn->bssid, bss->bssid, ETH_ALEN);
273         wdev->conn->params.bssid = wdev->conn->bssid;
274         wdev->conn->params.channel = bss->channel;
275         wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
276         schedule_work(&rdev->conn_work);
277
278         return bss;
279 }
280
281 static void __cfg80211_sme_scan_done(struct net_device *dev)
282 {
283         struct wireless_dev *wdev = dev->ieee80211_ptr;
284         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
285         struct cfg80211_bss *bss;
286
287         ASSERT_WDEV_LOCK(wdev);
288
289         if (wdev->sme_state != CFG80211_SME_CONNECTING)
290                 return;
291
292         if (!wdev->conn)
293                 return;
294
295         if (wdev->conn->state != CFG80211_CONN_SCANNING &&
296             wdev->conn->state != CFG80211_CONN_SCAN_AGAIN)
297                 return;
298
299         bss = cfg80211_get_conn_bss(wdev);
300         if (bss) {
301                 cfg80211_put_bss(bss);
302         } else {
303                 /* not found */
304                 if (wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)
305                         schedule_work(&rdev->conn_work);
306                 else
307                         __cfg80211_connect_result(
308                                         wdev->netdev,
309                                         wdev->conn->params.bssid,
310                                         NULL, 0, NULL, 0,
311                                         WLAN_STATUS_UNSPECIFIED_FAILURE,
312                                         false, NULL);
313         }
314 }
315
316 void cfg80211_sme_scan_done(struct net_device *dev)
317 {
318         struct wireless_dev *wdev = dev->ieee80211_ptr;
319
320         mutex_lock(&wiphy_to_dev(wdev->wiphy)->devlist_mtx);
321         wdev_lock(wdev);
322         __cfg80211_sme_scan_done(dev);
323         wdev_unlock(wdev);
324         mutex_unlock(&wiphy_to_dev(wdev->wiphy)->devlist_mtx);
325 }
326
327 void cfg80211_sme_rx_auth(struct net_device *dev,
328                           const u8 *buf, size_t len)
329 {
330         struct wireless_dev *wdev = dev->ieee80211_ptr;
331         struct wiphy *wiphy = wdev->wiphy;
332         struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
333         struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
334         u16 status_code = le16_to_cpu(mgmt->u.auth.status_code);
335
336         ASSERT_WDEV_LOCK(wdev);
337
338         /* should only RX auth frames when connecting */
339         if (wdev->sme_state != CFG80211_SME_CONNECTING)
340                 return;
341
342         if (WARN_ON(!wdev->conn))
343                 return;
344
345         if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG &&
346             wdev->conn->auto_auth &&
347             wdev->conn->params.auth_type != NL80211_AUTHTYPE_NETWORK_EAP) {
348                 /* select automatically between only open, shared, leap */
349                 switch (wdev->conn->params.auth_type) {
350                 case NL80211_AUTHTYPE_OPEN_SYSTEM:
351                         if (wdev->connect_keys)
352                                 wdev->conn->params.auth_type =
353                                         NL80211_AUTHTYPE_SHARED_KEY;
354                         else
355                                 wdev->conn->params.auth_type =
356                                         NL80211_AUTHTYPE_NETWORK_EAP;
357                         break;
358                 case NL80211_AUTHTYPE_SHARED_KEY:
359                         wdev->conn->params.auth_type =
360                                 NL80211_AUTHTYPE_NETWORK_EAP;
361                         break;
362                 default:
363                         /* huh? */
364                         wdev->conn->params.auth_type =
365                                 NL80211_AUTHTYPE_OPEN_SYSTEM;
366                         break;
367                 }
368                 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
369                 schedule_work(&rdev->conn_work);
370         } else if (status_code != WLAN_STATUS_SUCCESS) {
371                 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0,
372                                           status_code, false, NULL);
373         } else if (wdev->sme_state == CFG80211_SME_CONNECTING &&
374                  wdev->conn->state == CFG80211_CONN_AUTHENTICATING) {
375                 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
376                 schedule_work(&rdev->conn_work);
377         }
378 }
379
380 bool cfg80211_sme_failed_reassoc(struct wireless_dev *wdev)
381 {
382         struct wiphy *wiphy = wdev->wiphy;
383         struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
384
385         if (WARN_ON(!wdev->conn))
386                 return false;
387
388         if (!wdev->conn->prev_bssid_valid)
389                 return false;
390
391         /*
392          * Some stupid APs don't accept reassoc, so we
393          * need to fall back to trying regular assoc.
394          */
395         wdev->conn->prev_bssid_valid = false;
396         wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
397         schedule_work(&rdev->conn_work);
398
399         return true;
400 }
401
402 void cfg80211_sme_failed_assoc(struct wireless_dev *wdev)
403 {
404         struct wiphy *wiphy = wdev->wiphy;
405         struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
406
407         wdev->conn->state = CFG80211_CONN_DEAUTH_ASSOC_FAIL;
408         schedule_work(&rdev->conn_work);
409 }
410
411 void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
412                                const u8 *req_ie, size_t req_ie_len,
413                                const u8 *resp_ie, size_t resp_ie_len,
414                                u16 status, bool wextev,
415                                struct cfg80211_bss *bss)
416 {
417         struct wireless_dev *wdev = dev->ieee80211_ptr;
418         u8 *country_ie;
419 #ifdef CONFIG_CFG80211_WEXT
420         union iwreq_data wrqu;
421 #endif
422
423         ASSERT_WDEV_LOCK(wdev);
424
425         if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
426                     wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
427                 return;
428
429         if (wdev->sme_state != CFG80211_SME_CONNECTING)
430                 return;
431
432         nl80211_send_connect_result(wiphy_to_dev(wdev->wiphy), dev,
433                                     bssid, req_ie, req_ie_len,
434                                     resp_ie, resp_ie_len,
435                                     status, GFP_KERNEL);
436
437 #ifdef CONFIG_CFG80211_WEXT
438         if (wextev) {
439                 if (req_ie && status == WLAN_STATUS_SUCCESS) {
440                         memset(&wrqu, 0, sizeof(wrqu));
441                         wrqu.data.length = req_ie_len;
442                         wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, req_ie);
443                 }
444
445                 if (resp_ie && status == WLAN_STATUS_SUCCESS) {
446                         memset(&wrqu, 0, sizeof(wrqu));
447                         wrqu.data.length = resp_ie_len;
448                         wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, resp_ie);
449                 }
450
451                 memset(&wrqu, 0, sizeof(wrqu));
452                 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
453                 if (bssid && status == WLAN_STATUS_SUCCESS) {
454                         memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
455                         memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN);
456                         wdev->wext.prev_bssid_valid = true;
457                 }
458                 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
459         }
460 #endif
461
462         if (wdev->current_bss) {
463                 cfg80211_unhold_bss(wdev->current_bss);
464                 cfg80211_put_bss(&wdev->current_bss->pub);
465                 wdev->current_bss = NULL;
466         }
467
468         if (wdev->conn)
469                 wdev->conn->state = CFG80211_CONN_IDLE;
470
471         if (status != WLAN_STATUS_SUCCESS) {
472                 wdev->sme_state = CFG80211_SME_IDLE;
473                 if (wdev->conn)
474                         kfree(wdev->conn->ie);
475                 kfree(wdev->conn);
476                 wdev->conn = NULL;
477                 kfree(wdev->connect_keys);
478                 wdev->connect_keys = NULL;
479                 wdev->ssid_len = 0;
480                 return;
481         }
482
483         if (!bss)
484                 bss = cfg80211_get_bss(wdev->wiphy,
485                                        wdev->conn ? wdev->conn->params.channel :
486                                        NULL,
487                                        bssid,
488                                        wdev->ssid, wdev->ssid_len,
489                                        WLAN_CAPABILITY_ESS,
490                                        WLAN_CAPABILITY_ESS);
491
492         if (WARN_ON(!bss))
493                 return;
494
495         cfg80211_hold_bss(bss_from_pub(bss));
496         wdev->current_bss = bss_from_pub(bss);
497
498         wdev->sme_state = CFG80211_SME_CONNECTED;
499         cfg80211_upload_connect_keys(wdev);
500
501         country_ie = (u8 *) ieee80211_bss_get_ie(bss, WLAN_EID_COUNTRY);
502
503         if (!country_ie)
504                 return;
505
506         /*
507          * ieee80211_bss_get_ie() ensures we can access:
508          * - country_ie + 2, the start of the country ie data, and
509          * - and country_ie[1] which is the IE length
510          */
511         regulatory_hint_11d(wdev->wiphy,
512                             bss->channel->band,
513                             country_ie + 2,
514                             country_ie[1]);
515 }
516
517 void cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
518                              const u8 *req_ie, size_t req_ie_len,
519                              const u8 *resp_ie, size_t resp_ie_len,
520                              u16 status, gfp_t gfp)
521 {
522         struct wireless_dev *wdev = dev->ieee80211_ptr;
523         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
524         struct cfg80211_event *ev;
525         unsigned long flags;
526
527         CFG80211_DEV_WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTING);
528
529         ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
530         if (!ev)
531                 return;
532
533         ev->type = EVENT_CONNECT_RESULT;
534         if (bssid)
535                 memcpy(ev->cr.bssid, bssid, ETH_ALEN);
536         if (req_ie_len) {
537                 ev->cr.req_ie = ((u8 *)ev) + sizeof(*ev);
538                 ev->cr.req_ie_len = req_ie_len;
539                 memcpy((void *)ev->cr.req_ie, req_ie, req_ie_len);
540         }
541         if (resp_ie_len) {
542                 ev->cr.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
543                 ev->cr.resp_ie_len = resp_ie_len;
544                 memcpy((void *)ev->cr.resp_ie, resp_ie, resp_ie_len);
545         }
546         ev->cr.status = status;
547
548         spin_lock_irqsave(&wdev->event_lock, flags);
549         list_add_tail(&ev->list, &wdev->event_list);
550         spin_unlock_irqrestore(&wdev->event_lock, flags);
551         queue_work(cfg80211_wq, &rdev->event_work);
552 }
553 EXPORT_SYMBOL(cfg80211_connect_result);
554
555 void __cfg80211_roamed(struct wireless_dev *wdev,
556                        struct ieee80211_channel *channel,
557                        const u8 *bssid,
558                        const u8 *req_ie, size_t req_ie_len,
559                        const u8 *resp_ie, size_t resp_ie_len)
560 {
561         struct cfg80211_bss *bss;
562 #ifdef CONFIG_CFG80211_WEXT
563         union iwreq_data wrqu;
564 #endif
565
566         ASSERT_WDEV_LOCK(wdev);
567
568         if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
569                     wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
570                 return;
571
572         if (wdev->sme_state != CFG80211_SME_CONNECTED)
573                 return;
574
575         /* internal error -- how did we get to CONNECTED w/o BSS? */
576         if (WARN_ON(!wdev->current_bss)) {
577                 return;
578         }
579
580         cfg80211_unhold_bss(wdev->current_bss);
581         cfg80211_put_bss(&wdev->current_bss->pub);
582         wdev->current_bss = NULL;
583
584         bss = cfg80211_get_bss(wdev->wiphy, channel, bssid,
585                                wdev->ssid, wdev->ssid_len,
586                                WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
587
588         if (WARN_ON(!bss))
589                 return;
590
591         cfg80211_hold_bss(bss_from_pub(bss));
592         wdev->current_bss = bss_from_pub(bss);
593
594         nl80211_send_roamed(wiphy_to_dev(wdev->wiphy), wdev->netdev, bssid,
595                             req_ie, req_ie_len, resp_ie, resp_ie_len,
596                             GFP_KERNEL);
597
598 #ifdef CONFIG_CFG80211_WEXT
599         if (req_ie) {
600                 memset(&wrqu, 0, sizeof(wrqu));
601                 wrqu.data.length = req_ie_len;
602                 wireless_send_event(wdev->netdev, IWEVASSOCREQIE,
603                                     &wrqu, req_ie);
604         }
605
606         if (resp_ie) {
607                 memset(&wrqu, 0, sizeof(wrqu));
608                 wrqu.data.length = resp_ie_len;
609                 wireless_send_event(wdev->netdev, IWEVASSOCRESPIE,
610                                     &wrqu, resp_ie);
611         }
612
613         memset(&wrqu, 0, sizeof(wrqu));
614         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
615         memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
616         memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN);
617         wdev->wext.prev_bssid_valid = true;
618         wireless_send_event(wdev->netdev, SIOCGIWAP, &wrqu, NULL);
619 #endif
620 }
621
622 void cfg80211_roamed(struct net_device *dev,
623                      struct ieee80211_channel *channel,
624                      const u8 *bssid,
625                      const u8 *req_ie, size_t req_ie_len,
626                      const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
627 {
628         struct wireless_dev *wdev = dev->ieee80211_ptr;
629         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
630         struct cfg80211_event *ev;
631         unsigned long flags;
632
633         CFG80211_DEV_WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED);
634
635         ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
636         if (!ev)
637                 return;
638
639         ev->type = EVENT_ROAMED;
640         ev->rm.channel = channel;
641         memcpy(ev->rm.bssid, bssid, ETH_ALEN);
642         ev->rm.req_ie = ((u8 *)ev) + sizeof(*ev);
643         ev->rm.req_ie_len = req_ie_len;
644         memcpy((void *)ev->rm.req_ie, req_ie, req_ie_len);
645         ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
646         ev->rm.resp_ie_len = resp_ie_len;
647         memcpy((void *)ev->rm.resp_ie, resp_ie, resp_ie_len);
648
649         spin_lock_irqsave(&wdev->event_lock, flags);
650         list_add_tail(&ev->list, &wdev->event_list);
651         spin_unlock_irqrestore(&wdev->event_lock, flags);
652         queue_work(cfg80211_wq, &rdev->event_work);
653 }
654 EXPORT_SYMBOL(cfg80211_roamed);
655
656 void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
657                              size_t ie_len, u16 reason, bool from_ap)
658 {
659         struct wireless_dev *wdev = dev->ieee80211_ptr;
660         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
661         int i;
662 #ifdef CONFIG_CFG80211_WEXT
663         union iwreq_data wrqu;
664 #endif
665
666         ASSERT_WDEV_LOCK(wdev);
667
668         if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
669                     wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
670                 return;
671
672         if (wdev->sme_state != CFG80211_SME_CONNECTED)
673                 return;
674
675         if (wdev->current_bss) {
676                 cfg80211_unhold_bss(wdev->current_bss);
677                 cfg80211_put_bss(&wdev->current_bss->pub);
678         }
679
680         wdev->current_bss = NULL;
681         wdev->sme_state = CFG80211_SME_IDLE;
682         wdev->ssid_len = 0;
683
684         if (wdev->conn) {
685                 const u8 *bssid;
686                 int ret;
687
688                 kfree(wdev->conn->ie);
689                 wdev->conn->ie = NULL;
690                 kfree(wdev->conn);
691                 wdev->conn = NULL;
692
693                 /*
694                  * If this disconnect was due to a disassoc, we
695                  * we might still have an auth BSS around. For
696                  * the userspace SME that's currently expected,
697                  * but for the kernel SME (nl80211 CONNECT or
698                  * wireless extensions) we want to clear up all
699                  * state.
700                  */
701                 for (i = 0; i < MAX_AUTH_BSSES; i++) {
702                         if (!wdev->auth_bsses[i])
703                                 continue;
704                         bssid = wdev->auth_bsses[i]->pub.bssid;
705                         ret = __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
706                                                 WLAN_REASON_DEAUTH_LEAVING,
707                                                 false);
708                         WARN(ret, "deauth failed: %d\n", ret);
709                 }
710         }
711
712         nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap);
713
714         /*
715          * Delete all the keys ... pairwise keys can't really
716          * exist any more anyway, but default keys might.
717          */
718         if (rdev->ops->del_key)
719                 for (i = 0; i < 6; i++)
720                         rdev->ops->del_key(wdev->wiphy, dev, i, false, NULL);
721
722 #ifdef CONFIG_CFG80211_WEXT
723         memset(&wrqu, 0, sizeof(wrqu));
724         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
725         wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
726         wdev->wext.connect.ssid_len = 0;
727 #endif
728
729         schedule_work(&cfg80211_disconnect_work);
730 }
731
732 void cfg80211_disconnected(struct net_device *dev, u16 reason,
733                            u8 *ie, size_t ie_len, gfp_t gfp)
734 {
735         struct wireless_dev *wdev = dev->ieee80211_ptr;
736         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
737         struct cfg80211_event *ev;
738         unsigned long flags;
739
740         CFG80211_DEV_WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED);
741
742         ev = kzalloc(sizeof(*ev) + ie_len, gfp);
743         if (!ev)
744                 return;
745
746         ev->type = EVENT_DISCONNECTED;
747         ev->dc.ie = ((u8 *)ev) + sizeof(*ev);
748         ev->dc.ie_len = ie_len;
749         memcpy((void *)ev->dc.ie, ie, ie_len);
750         ev->dc.reason = reason;
751
752         spin_lock_irqsave(&wdev->event_lock, flags);
753         list_add_tail(&ev->list, &wdev->event_list);
754         spin_unlock_irqrestore(&wdev->event_lock, flags);
755         queue_work(cfg80211_wq, &rdev->event_work);
756 }
757 EXPORT_SYMBOL(cfg80211_disconnected);
758
759 int __cfg80211_connect(struct cfg80211_registered_device *rdev,
760                        struct net_device *dev,
761                        struct cfg80211_connect_params *connect,
762                        struct cfg80211_cached_keys *connkeys,
763                        const u8 *prev_bssid)
764 {
765         struct wireless_dev *wdev = dev->ieee80211_ptr;
766         struct cfg80211_bss *bss = NULL;
767         int err;
768
769         ASSERT_WDEV_LOCK(wdev);
770
771         if (wdev->sme_state != CFG80211_SME_IDLE)
772                 return -EALREADY;
773
774         if (WARN_ON(wdev->connect_keys)) {
775                 kfree(wdev->connect_keys);
776                 wdev->connect_keys = NULL;
777         }
778
779         cfg80211_oper_and_ht_capa(&connect->ht_capa_mask,
780                                   rdev->wiphy.ht_capa_mod_mask);
781
782         if (connkeys && connkeys->def >= 0) {
783                 int idx;
784                 u32 cipher;
785
786                 idx = connkeys->def;
787                 cipher = connkeys->params[idx].cipher;
788                 /* If given a WEP key we may need it for shared key auth */
789                 if (cipher == WLAN_CIPHER_SUITE_WEP40 ||
790                     cipher == WLAN_CIPHER_SUITE_WEP104) {
791                         connect->key_idx = idx;
792                         connect->key = connkeys->params[idx].key;
793                         connect->key_len = connkeys->params[idx].key_len;
794
795                         /*
796                          * If ciphers are not set (e.g. when going through
797                          * iwconfig), we have to set them appropriately here.
798                          */
799                         if (connect->crypto.cipher_group == 0)
800                                 connect->crypto.cipher_group = cipher;
801
802                         if (connect->crypto.n_ciphers_pairwise == 0) {
803                                 connect->crypto.n_ciphers_pairwise = 1;
804                                 connect->crypto.ciphers_pairwise[0] = cipher;
805                         }
806                 }
807         }
808
809         if (!rdev->ops->connect) {
810                 if (!rdev->ops->auth || !rdev->ops->assoc)
811                         return -EOPNOTSUPP;
812
813                 if (WARN_ON(wdev->conn))
814                         return -EINPROGRESS;
815
816                 wdev->conn = kzalloc(sizeof(*wdev->conn), GFP_KERNEL);
817                 if (!wdev->conn)
818                         return -ENOMEM;
819
820                 /*
821                  * Copy all parameters, and treat explicitly IEs, BSSID, SSID.
822                  */
823                 memcpy(&wdev->conn->params, connect, sizeof(*connect));
824                 if (connect->bssid) {
825                         wdev->conn->params.bssid = wdev->conn->bssid;
826                         memcpy(wdev->conn->bssid, connect->bssid, ETH_ALEN);
827                 }
828
829                 if (connect->ie) {
830                         wdev->conn->ie = kmemdup(connect->ie, connect->ie_len,
831                                                 GFP_KERNEL);
832                         wdev->conn->params.ie = wdev->conn->ie;
833                         if (!wdev->conn->ie) {
834                                 kfree(wdev->conn);
835                                 wdev->conn = NULL;
836                                 return -ENOMEM;
837                         }
838                 }
839
840                 if (connect->auth_type == NL80211_AUTHTYPE_AUTOMATIC) {
841                         wdev->conn->auto_auth = true;
842                         /* start with open system ... should mostly work */
843                         wdev->conn->params.auth_type =
844                                 NL80211_AUTHTYPE_OPEN_SYSTEM;
845                 } else {
846                         wdev->conn->auto_auth = false;
847                 }
848
849                 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
850                 wdev->ssid_len = connect->ssid_len;
851                 wdev->conn->params.ssid = wdev->ssid;
852                 wdev->conn->params.ssid_len = connect->ssid_len;
853
854                 /* see if we have the bss already */
855                 bss = cfg80211_get_conn_bss(wdev);
856
857                 wdev->sme_state = CFG80211_SME_CONNECTING;
858                 wdev->connect_keys = connkeys;
859
860                 if (prev_bssid) {
861                         memcpy(wdev->conn->prev_bssid, prev_bssid, ETH_ALEN);
862                         wdev->conn->prev_bssid_valid = true;
863                 }
864
865                 /* we're good if we have a matching bss struct */
866                 if (bss) {
867                         wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
868                         err = cfg80211_conn_do_work(wdev);
869                         cfg80211_put_bss(bss);
870                 } else {
871                         /* otherwise we'll need to scan for the AP first */
872                         err = cfg80211_conn_scan(wdev);
873                         /*
874                          * If we can't scan right now, then we need to scan again
875                          * after the current scan finished, since the parameters
876                          * changed (unless we find a good AP anyway).
877                          */
878                         if (err == -EBUSY) {
879                                 err = 0;
880                                 wdev->conn->state = CFG80211_CONN_SCAN_AGAIN;
881                         }
882                 }
883                 if (err) {
884                         kfree(wdev->conn->ie);
885                         kfree(wdev->conn);
886                         wdev->conn = NULL;
887                         wdev->sme_state = CFG80211_SME_IDLE;
888                         wdev->connect_keys = NULL;
889                         wdev->ssid_len = 0;
890                 }
891
892                 return err;
893         } else {
894                 wdev->sme_state = CFG80211_SME_CONNECTING;
895                 wdev->connect_keys = connkeys;
896                 err = rdev->ops->connect(&rdev->wiphy, dev, connect);
897                 if (err) {
898                         wdev->connect_keys = NULL;
899                         wdev->sme_state = CFG80211_SME_IDLE;
900                         return err;
901                 }
902
903                 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
904                 wdev->ssid_len = connect->ssid_len;
905
906                 return 0;
907         }
908 }
909
910 int cfg80211_connect(struct cfg80211_registered_device *rdev,
911                      struct net_device *dev,
912                      struct cfg80211_connect_params *connect,
913                      struct cfg80211_cached_keys *connkeys)
914 {
915         int err;
916
917         mutex_lock(&rdev->devlist_mtx);
918         wdev_lock(dev->ieee80211_ptr);
919         err = __cfg80211_connect(rdev, dev, connect, connkeys, NULL);
920         wdev_unlock(dev->ieee80211_ptr);
921         mutex_unlock(&rdev->devlist_mtx);
922
923         return err;
924 }
925
926 int __cfg80211_disconnect(struct cfg80211_registered_device *rdev,
927                           struct net_device *dev, u16 reason, bool wextev)
928 {
929         struct wireless_dev *wdev = dev->ieee80211_ptr;
930         int err;
931
932         ASSERT_WDEV_LOCK(wdev);
933
934         if (wdev->sme_state == CFG80211_SME_IDLE)
935                 return -EINVAL;
936
937         kfree(wdev->connect_keys);
938         wdev->connect_keys = NULL;
939
940         if (!rdev->ops->disconnect) {
941                 if (!rdev->ops->deauth)
942                         return -EOPNOTSUPP;
943
944                 /* was it connected by userspace SME? */
945                 if (!wdev->conn) {
946                         cfg80211_mlme_down(rdev, dev);
947                         return 0;
948                 }
949
950                 if (wdev->sme_state == CFG80211_SME_CONNECTING &&
951                     (wdev->conn->state == CFG80211_CONN_SCANNING ||
952                      wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)) {
953                         wdev->sme_state = CFG80211_SME_IDLE;
954                         kfree(wdev->conn->ie);
955                         kfree(wdev->conn);
956                         wdev->conn = NULL;
957                         wdev->ssid_len = 0;
958                         return 0;
959                 }
960
961                 /* wdev->conn->params.bssid must be set if > SCANNING */
962                 err = __cfg80211_mlme_deauth(rdev, dev,
963                                              wdev->conn->params.bssid,
964                                              NULL, 0, reason, false);
965                 if (err)
966                         return err;
967         } else {
968                 err = rdev->ops->disconnect(&rdev->wiphy, dev, reason);
969                 if (err)
970                         return err;
971         }
972
973         if (wdev->sme_state == CFG80211_SME_CONNECTED)
974                 __cfg80211_disconnected(dev, NULL, 0, 0, false);
975         else if (wdev->sme_state == CFG80211_SME_CONNECTING)
976                 __cfg80211_connect_result(dev, NULL, NULL, 0, NULL, 0,
977                                           WLAN_STATUS_UNSPECIFIED_FAILURE,
978                                           wextev, NULL);
979
980         return 0;
981 }
982
983 int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
984                         struct net_device *dev,
985                         u16 reason, bool wextev)
986 {
987         int err;
988
989         wdev_lock(dev->ieee80211_ptr);
990         err = __cfg80211_disconnect(rdev, dev, reason, wextev);
991         wdev_unlock(dev->ieee80211_ptr);
992
993         return err;
994 }
995
996 void cfg80211_sme_disassoc(struct net_device *dev, int idx)
997 {
998         struct wireless_dev *wdev = dev->ieee80211_ptr;
999         struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1000         u8 bssid[ETH_ALEN];
1001
1002         ASSERT_WDEV_LOCK(wdev);
1003
1004         if (!wdev->conn)
1005                 return;
1006
1007         if (wdev->conn->state == CFG80211_CONN_IDLE)
1008                 return;
1009
1010         /*
1011          * Ok, so the association was made by this SME -- we don't
1012          * want it any more so deauthenticate too.
1013          */
1014
1015         if (!wdev->auth_bsses[idx])
1016                 return;
1017
1018         memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN);
1019         if (__cfg80211_mlme_deauth(rdev, dev, bssid,
1020                                    NULL, 0, WLAN_REASON_DEAUTH_LEAVING,
1021                                    false)) {
1022                 /* whatever -- assume gone anyway */
1023                 cfg80211_unhold_bss(wdev->auth_bsses[idx]);
1024                 cfg80211_put_bss(&wdev->auth_bsses[idx]->pub);
1025                 wdev->auth_bsses[idx] = NULL;
1026         }
1027 }