Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
[linux-3.10.git] / drivers / staging / brcm80211 / brcmfmac / wl_iw.c
1 /*
2  * Copyright (c) 2010 Broadcom Corporation
3  *
4  * Permission to use, copy, modify, and/or distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
11  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16
17 #include <linux/kthread.h>
18 #include <linux/semaphore.h>
19 #include <bcmdefs.h>
20 #include <linux/netdevice.h>
21 #include <linux/hardirq.h>
22 #include <wlioctl.h>
23 #include <bcmutils.h>
24 #include <linux/if_arp.h>
25 #include <asm/uaccess.h>
26 #include <linux/ieee80211.h>
27
28 #include <dngl_stats.h>
29 #include <dhd.h>
30 #include <dhdioctl.h>
31
32 typedef const struct si_pub si_t;
33
34 #define WL_ERROR(fmt, args...)  printk(fmt, ##args)
35 #define WL_TRACE(fmt, args...)  no_printk(fmt, ##args)
36 #define WL_INFORM(fmt, args...) no_printk(fmt, ##args)
37 #define WL_WSEC(fmt, args...)   no_printk(fmt, ##args)
38 #define WL_SCAN(fmt, args...)   no_printk(fmt, ##args)
39
40 #include <wl_iw.h>
41
42 #define IW_WSEC_ENABLED(wsec)   ((wsec) & (WEP_ENABLED |        \
43                                          TKIP_ENABLED | AES_ENABLED))
44
45 #include <linux/rtnetlink.h>
46
47 #define WL_IW_USE_ISCAN  1
48 #define ENABLE_ACTIVE_PASSIVE_SCAN_SUPPRESS  1
49
50 bool g_set_essid_before_scan = true;
51
52 #define WL_IW_IOCTL_CALL(func_call) \
53         do {                            \
54                 func_call;              \
55         } while (0)
56
57 static int g_onoff = G_WLAN_SET_ON;
58 wl_iw_extra_params_t g_wl_iw_params;
59
60 extern bool wl_iw_conn_status_str(u32 event_type, u32 status,
61                                   u32 reason, char *stringBuf, uint buflen);
62
63 #define MAX_WLIW_IOCTL_LEN 1024
64
65 #ifdef CONFIG_WIRELESS_EXT
66 extern int dhd_wait_pend8021x(struct net_device *dev);
67 #endif
68
69 #if WIRELESS_EXT < 19
70 #define IW_IOCTL_IDX(cmd)       ((cmd) - SIOCIWFIRST)
71 #define IW_EVENT_IDX(cmd)       ((cmd) - IWEVFIRST)
72 #endif
73
74 static void *g_scan;
75 static volatile uint g_scan_specified_ssid;
76 static wlc_ssid_t g_specific_ssid;
77
78 static wlc_ssid_t g_ssid;
79
80 #if defined(WL_IW_USE_ISCAN)
81 #define ISCAN_STATE_IDLE   0
82 #define ISCAN_STATE_SCANING 1
83
84 #define WLC_IW_ISCAN_MAXLEN   2048
85 typedef struct iscan_buf {
86         struct iscan_buf *next;
87         char iscan_buf[WLC_IW_ISCAN_MAXLEN];
88 } iscan_buf_t;
89
90 typedef struct iscan_info {
91         struct net_device *dev;
92         struct timer_list timer;
93         u32 timer_ms;
94         u32 timer_on;
95         int iscan_state;
96         iscan_buf_t *list_hdr;
97         iscan_buf_t *list_cur;
98
99         struct task_struct *sysioc_tsk;
100         struct semaphore sysioc_sem;
101
102 #if defined CSCAN
103         char ioctlbuf[WLC_IOCTL_MEDLEN];
104 #else
105         char ioctlbuf[WLC_IOCTL_SMLEN];
106 #endif
107         wl_iscan_params_t *iscan_ex_params_p;
108         int iscan_ex_param_size;
109 } iscan_info_t;
110 iscan_info_t *g_iscan;
111
112 static const u8 ether_bcast[ETH_ALEN] = {255, 255, 255, 255, 255, 255};
113
114 /* Global ASSERT type flag */
115 u32 g_assert_type;
116
117 static void wl_iw_timerfunc(unsigned long data);
118 static void wl_iw_set_event_mask(struct net_device *dev);
119 static int wl_iw_iscan(iscan_info_t *iscan, wlc_ssid_t *ssid, u16 action);
120 #endif                          /* defined(WL_IW_USE_ISCAN) */
121
122 static int
123 wl_iw_set_scan(struct net_device *dev,
124                struct iw_request_info *info,
125                union iwreq_data *wrqu, char *extra);
126
127 static int
128 wl_iw_get_scan(struct net_device *dev,
129                struct iw_request_info *info,
130                struct iw_point *dwrq, char *extra);
131
132 static uint
133 wl_iw_get_scan_prep(wl_scan_results_t *list,
134                     struct iw_request_info *info, char *extra, short max_size);
135
136 static void swap_key_from_BE(wl_wsec_key_t *key)
137 {
138         key->index = cpu_to_le32(key->index);
139         key->len = cpu_to_le32(key->len);
140         key->algo = cpu_to_le32(key->algo);
141         key->flags = cpu_to_le32(key->flags);
142         key->rxiv.hi = cpu_to_le32(key->rxiv.hi);
143         key->rxiv.lo = cpu_to_le16(key->rxiv.lo);
144         key->iv_initialized = cpu_to_le32(key->iv_initialized);
145 }
146
147 static void swap_key_to_BE(wl_wsec_key_t *key)
148 {
149         key->index = le32_to_cpu(key->index);
150         key->len = le32_to_cpu(key->len);
151         key->algo = le32_to_cpu(key->algo);
152         key->flags = le32_to_cpu(key->flags);
153         key->rxiv.hi = le32_to_cpu(key->rxiv.hi);
154         key->rxiv.lo = le16_to_cpu(key->rxiv.lo);
155         key->iv_initialized = le32_to_cpu(key->iv_initialized);
156 }
157
158 static int dev_wlc_ioctl(struct net_device *dev, int cmd, void *arg, int len)
159 {
160         struct ifreq ifr;
161         wl_ioctl_t ioc;
162         mm_segment_t fs;
163         int ret = -EINVAL;
164
165         if (!dev) {
166                 WL_ERROR("%s: dev is null\n", __func__);
167                 return ret;
168         }
169
170         WL_INFORM("\n%s, PID:%x: send Local IOCTL -> dhd: cmd:0x%x, buf:%p, len:%d\n",
171                   __func__, current->pid, cmd, arg, len);
172
173         if (g_onoff == G_WLAN_SET_ON) {
174                 memset(&ioc, 0, sizeof(ioc));
175                 ioc.cmd = cmd;
176                 ioc.buf = arg;
177                 ioc.len = len;
178
179                 strcpy(ifr.ifr_name, dev->name);
180                 ifr.ifr_data = (caddr_t)&ioc;
181
182                 ret = dev_open(dev);
183                 if (ret) {
184                         WL_ERROR("%s: Error dev_open: %d\n", __func__, ret);
185                         return ret;
186                 }
187
188                 fs = get_fs();
189                 set_fs(get_ds());
190                 ret = dev->netdev_ops->ndo_do_ioctl(dev, &ifr, SIOCDEVPRIVATE);
191                 set_fs(fs);
192         } else {
193                 WL_TRACE("%s: call after driver stop : ignored\n", __func__);
194         }
195         return ret;
196 }
197
198 static int dev_wlc_intvar_set(struct net_device *dev, char *name, int val)
199 {
200         char buf[WLC_IOCTL_SMLEN];
201         uint len;
202
203         val = cpu_to_le32(val);
204         len = bcm_mkiovar(name, (char *)(&val), sizeof(val), buf, sizeof(buf));
205         ASSERT(len);
206
207         return dev_wlc_ioctl(dev, WLC_SET_VAR, buf, len);
208 }
209
210 #if defined(WL_IW_USE_ISCAN)
211 static int
212 dev_iw_iovar_setbuf(struct net_device *dev,
213                     char *iovar,
214                     void *param, int paramlen, void *bufptr, int buflen)
215 {
216         int iolen;
217
218         iolen = bcm_mkiovar(iovar, param, paramlen, bufptr, buflen);
219         ASSERT(iolen);
220
221         if (iolen == 0)
222                 return 0;
223
224         return dev_wlc_ioctl(dev, WLC_SET_VAR, bufptr, iolen);
225 }
226
227 static int
228 dev_iw_iovar_getbuf(struct net_device *dev,
229                     char *iovar,
230                     void *param, int paramlen, void *bufptr, int buflen)
231 {
232         int iolen;
233
234         iolen = bcm_mkiovar(iovar, param, paramlen, bufptr, buflen);
235         ASSERT(iolen);
236
237         return dev_wlc_ioctl(dev, WLC_GET_VAR, bufptr, buflen);
238 }
239 #endif                          /* defined(WL_IW_USE_ISCAN) */
240
241 #if WIRELESS_EXT > 17
242 static int
243 dev_wlc_bufvar_set(struct net_device *dev, char *name, char *buf, int len)
244 {
245         static char ioctlbuf[MAX_WLIW_IOCTL_LEN];
246         uint buflen;
247
248         buflen = bcm_mkiovar(name, buf, len, ioctlbuf, sizeof(ioctlbuf));
249         ASSERT(buflen);
250
251         return dev_wlc_ioctl(dev, WLC_SET_VAR, ioctlbuf, buflen);
252 }
253 #endif                          /* WIRELESS_EXT > 17 */
254
255 static int
256 dev_wlc_bufvar_get(struct net_device *dev, char *name, char *buf, int buflen)
257 {
258         static char ioctlbuf[MAX_WLIW_IOCTL_LEN];
259         int error;
260         uint len;
261
262         len = bcm_mkiovar(name, NULL, 0, ioctlbuf, sizeof(ioctlbuf));
263         ASSERT(len);
264         error =
265             dev_wlc_ioctl(dev, WLC_GET_VAR, (void *)ioctlbuf,
266                           MAX_WLIW_IOCTL_LEN);
267         if (!error)
268                 memcpy(buf, ioctlbuf, buflen);
269
270         return error;
271 }
272
273 static int dev_wlc_intvar_get(struct net_device *dev, char *name, int *retval)
274 {
275         union {
276                 char buf[WLC_IOCTL_SMLEN];
277                 int val;
278         } var;
279         int error;
280
281         uint len;
282         uint data_null;
283
284         len =
285             bcm_mkiovar(name, (char *)(&data_null), 0, (char *)(&var),
286                         sizeof(var.buf));
287         ASSERT(len);
288         error = dev_wlc_ioctl(dev, WLC_GET_VAR, (void *)&var, len);
289
290         *retval = le32_to_cpu(var.val);
291
292         return error;
293 }
294
295 #if WIRELESS_EXT < 13
296 struct iw_request_info {
297         __u16 cmd;
298         __u16 flags;
299 };
300
301 typedef int (*iw_handler) (struct net_device *dev,
302                            struct iw_request_info *info,
303                            void *wrqu, char *extra);
304 #endif
305
306 static int
307 wl_iw_config_commit(struct net_device *dev,
308                     struct iw_request_info *info, void *zwrq, char *extra)
309 {
310         wlc_ssid_t ssid;
311         int error;
312         struct sockaddr bssid;
313
314         WL_TRACE("%s: SIOCSIWCOMMIT\n", dev->name);
315
316         error = dev_wlc_ioctl(dev, WLC_GET_SSID, &ssid, sizeof(ssid));
317         if (error)
318                 return error;
319
320         ssid.SSID_len = le32_to_cpu(ssid.SSID_len);
321
322         if (!ssid.SSID_len)
323                 return 0;
324
325         memset(&bssid, 0, sizeof(struct sockaddr));
326         error = dev_wlc_ioctl(dev, WLC_REASSOC, &bssid, ETH_ALEN);
327         if (error) {
328                 WL_ERROR("%s: WLC_REASSOC to %s failed\n",
329                          __func__, ssid.SSID);
330                 return error;
331         }
332
333         return 0;
334 }
335
336 static int
337 wl_iw_get_name(struct net_device *dev,
338                struct iw_request_info *info, char *cwrq, char *extra)
339 {
340         WL_TRACE("%s: SIOCGIWNAME\n", dev->name);
341
342         strcpy(cwrq, "IEEE 802.11-DS");
343
344         return 0;
345 }
346
347 static int
348 wl_iw_set_freq(struct net_device *dev,
349                struct iw_request_info *info, struct iw_freq *fwrq, char *extra)
350 {
351         int error, chan;
352         uint sf = 0;
353
354         WL_TRACE("\n %s %s: SIOCSIWFREQ\n", __func__, dev->name);
355
356         if (fwrq->e == 0 && fwrq->m < MAXCHANNEL) {
357                 chan = fwrq->m;
358         } else {
359                 if (fwrq->e >= 6) {
360                         fwrq->e -= 6;
361                         while (fwrq->e--)
362                                 fwrq->m *= 10;
363                 } else if (fwrq->e < 6) {
364                         while (fwrq->e++ < 6)
365                                 fwrq->m /= 10;
366                 }
367                 if (fwrq->m > 4000 && fwrq->m < 5000)
368                         sf = WF_CHAN_FACTOR_4_G;
369
370                 chan = bcm_mhz2channel(fwrq->m, sf);
371         }
372         chan = cpu_to_le32(chan);
373
374         error = dev_wlc_ioctl(dev, WLC_SET_CHANNEL, &chan, sizeof(chan));
375         if (error)
376                 return error;
377
378         g_wl_iw_params.target_channel = chan;
379         return -EINPROGRESS;
380 }
381
382 static int
383 wl_iw_get_freq(struct net_device *dev,
384                struct iw_request_info *info, struct iw_freq *fwrq, char *extra)
385 {
386         channel_info_t ci;
387         int error;
388
389         WL_TRACE("%s: SIOCGIWFREQ\n", dev->name);
390
391         error = dev_wlc_ioctl(dev, WLC_GET_CHANNEL, &ci, sizeof(ci));
392         if (error)
393                 return error;
394
395         fwrq->m = le32_to_cpu(ci.hw_channel);
396         fwrq->e = le32_to_cpu(0);
397         return 0;
398 }
399
400 static int
401 wl_iw_set_mode(struct net_device *dev,
402                struct iw_request_info *info, __u32 *uwrq, char *extra)
403 {
404         int infra = 0, ap = 0, error = 0;
405
406         WL_TRACE("%s: SIOCSIWMODE\n", dev->name);
407
408         switch (*uwrq) {
409         case IW_MODE_MASTER:
410                 infra = ap = 1;
411                 break;
412         case IW_MODE_ADHOC:
413         case IW_MODE_AUTO:
414                 break;
415         case IW_MODE_INFRA:
416                 infra = 1;
417                 break;
418         default:
419                 return -EINVAL;
420         }
421         infra = cpu_to_le32(infra);
422         ap = cpu_to_le32(ap);
423
424         error = dev_wlc_ioctl(dev, WLC_SET_INFRA, &infra, sizeof(infra));
425         if (error)
426                 return error;
427
428         error = dev_wlc_ioctl(dev, WLC_SET_AP, &ap, sizeof(ap));
429         if (error)
430                 return error;
431
432         return -EINPROGRESS;
433 }
434
435 static int
436 wl_iw_get_mode(struct net_device *dev,
437                struct iw_request_info *info, __u32 *uwrq, char *extra)
438 {
439         int error, infra = 0, ap = 0;
440
441         WL_TRACE("%s: SIOCGIWMODE\n", dev->name);
442
443         error = dev_wlc_ioctl(dev, WLC_GET_INFRA, &infra, sizeof(infra));
444         if (error)
445                 return error;
446
447         error = dev_wlc_ioctl(dev, WLC_GET_AP, &ap, sizeof(ap));
448         if (error)
449                 return error;
450
451         infra = le32_to_cpu(infra);
452         ap = le32_to_cpu(ap);
453         *uwrq = infra ? ap ? IW_MODE_MASTER : IW_MODE_INFRA : IW_MODE_ADHOC;
454
455         return 0;
456 }
457
458 static int
459 wl_iw_get_range(struct net_device *dev,
460                 struct iw_request_info *info,
461                 struct iw_point *dwrq, char *extra)
462 {
463         struct iw_range *range = (struct iw_range *)extra;
464         wl_u32_list_t *list;
465         wl_rateset_t rateset;
466         s8 *channels;
467         int error, i, k;
468         uint ch;
469
470         int phytype;
471         int bw_cap = 0, sgi_tx = 0, nmode = 0;
472         channel_info_t ci;
473         u8 nrate_list2copy = 0;
474         u16 nrate_list[4][8] = { {13, 26, 39, 52, 78, 104, 117, 130},
475         {14, 29, 43, 58, 87, 116, 130, 144},
476         {27, 54, 81, 108, 162, 216, 243, 270},
477         {30, 60, 90, 120, 180, 240, 270, 300}
478         };
479
480         WL_TRACE("%s: SIOCGIWRANGE\n", dev->name);
481
482         if (!extra)
483                 return -EINVAL;
484
485         channels = kmalloc((MAXCHANNEL + 1) * 4, GFP_KERNEL);
486         if (!channels) {
487                 WL_ERROR("Could not alloc channels\n");
488                 return -ENOMEM;
489         }
490         list = (wl_u32_list_t *) channels;
491
492         dwrq->length = sizeof(struct iw_range);
493         memset(range, 0, sizeof(*range));
494
495         list->count = cpu_to_le32(MAXCHANNEL);
496         error = dev_wlc_ioctl(dev, WLC_GET_VALID_CHANNELS, channels,
497                                 (MAXCHANNEL + 1) * 4);
498         if (error) {
499                 kfree(channels);
500                 return error;
501         }
502         for (i = 0; i < le32_to_cpu(list->count) && i < IW_MAX_FREQUENCIES;
503              i++) {
504                 range->freq[i].i = le32_to_cpu(list->element[i]);
505
506                 ch = le32_to_cpu(list->element[i]);
507                 if (ch <= CH_MAX_2G_CHANNEL) {
508                         range->freq[i].m = ieee80211_dsss_chan_to_freq(ch);
509                 } else {
510                         range->freq[i].m = ieee80211_ofdm_chan_to_freq(
511                                                 WF_CHAN_FACTOR_5_G/2, ch);
512                 }
513                 range->freq[i].e = 6;
514         }
515         range->num_frequency = range->num_channels = i;
516
517         range->max_qual.qual = 5;
518         range->max_qual.level = 0x100 - 200;
519         range->max_qual.noise = 0x100 - 200;
520         range->sensitivity = 65535;
521
522 #if WIRELESS_EXT > 11
523         range->avg_qual.qual = 3;
524         range->avg_qual.level = 0x100 + WL_IW_RSSI_GOOD;
525         range->avg_qual.noise = 0x100 - 75;
526 #endif
527
528         error = dev_wlc_ioctl(dev, WLC_GET_CURR_RATESET, &rateset,
529                                 sizeof(rateset));
530         if (error) {
531                 kfree(channels);
532                 return error;
533         }
534         rateset.count = le32_to_cpu(rateset.count);
535         range->num_bitrates = rateset.count;
536         for (i = 0; i < rateset.count && i < IW_MAX_BITRATES; i++)
537                 range->bitrate[i] = (rateset.rates[i] & 0x7f) * 500000;
538         dev_wlc_intvar_get(dev, "nmode", &nmode);
539         dev_wlc_ioctl(dev, WLC_GET_PHYTYPE, &phytype, sizeof(phytype));
540
541         if (nmode == 1 && phytype == WLC_PHY_TYPE_SSN) {
542                 dev_wlc_intvar_get(dev, "mimo_bw_cap", &bw_cap);
543                 dev_wlc_intvar_get(dev, "sgi_tx", &sgi_tx);
544                 dev_wlc_ioctl(dev, WLC_GET_CHANNEL, &ci,
545                               sizeof(channel_info_t));
546                 ci.hw_channel = le32_to_cpu(ci.hw_channel);
547
548                 if (bw_cap == 0 || (bw_cap == 2 && ci.hw_channel <= 14)) {
549                         if (sgi_tx == 0)
550                                 nrate_list2copy = 0;
551                         else
552                                 nrate_list2copy = 1;
553                 }
554                 if (bw_cap == 1 || (bw_cap == 2 && ci.hw_channel >= 36)) {
555                         if (sgi_tx == 0)
556                                 nrate_list2copy = 2;
557                         else
558                                 nrate_list2copy = 3;
559                 }
560                 range->num_bitrates += 8;
561                 for (k = 0; i < range->num_bitrates; k++, i++) {
562                         range->bitrate[i] =
563                             (nrate_list[nrate_list2copy][k]) * 500000;
564                 }
565         }
566
567         error = dev_wlc_ioctl(dev, WLC_GET_PHYTYPE, &i, sizeof(i));
568         if (error) {
569                 kfree(channels);
570                 return error;
571         }
572         i = le32_to_cpu(i);
573         if (i == WLC_PHY_TYPE_A)
574                 range->throughput = 24000000;
575         else
576                 range->throughput = 1500000;
577
578         range->min_rts = 0;
579         range->max_rts = 2347;
580         range->min_frag = 256;
581         range->max_frag = 2346;
582
583         range->max_encoding_tokens = DOT11_MAX_DEFAULT_KEYS;
584         range->num_encoding_sizes = 4;
585         range->encoding_size[0] = WLAN_KEY_LEN_WEP40;
586         range->encoding_size[1] = WLAN_KEY_LEN_WEP104;
587 #if WIRELESS_EXT > 17
588         range->encoding_size[2] = WLAN_KEY_LEN_TKIP;
589 #else
590         range->encoding_size[2] = 0;
591 #endif
592         range->encoding_size[3] = WLAN_KEY_LEN_AES_CMAC;
593
594         range->min_pmp = 0;
595         range->max_pmp = 0;
596         range->min_pmt = 0;
597         range->max_pmt = 0;
598         range->pmp_flags = 0;
599         range->pm_capa = 0;
600
601         range->num_txpower = 2;
602         range->txpower[0] = 1;
603         range->txpower[1] = 255;
604         range->txpower_capa = IW_TXPOW_MWATT;
605
606 #if WIRELESS_EXT > 10
607         range->we_version_compiled = WIRELESS_EXT;
608         range->we_version_source = 19;
609
610         range->retry_capa = IW_RETRY_LIMIT;
611         range->retry_flags = IW_RETRY_LIMIT;
612         range->r_time_flags = 0;
613         range->min_retry = 1;
614         range->max_retry = 255;
615         range->min_r_time = 0;
616         range->max_r_time = 0;
617 #endif
618
619 #if WIRELESS_EXT > 17
620         range->enc_capa = IW_ENC_CAPA_WPA;
621         range->enc_capa |= IW_ENC_CAPA_CIPHER_TKIP;
622         range->enc_capa |= IW_ENC_CAPA_CIPHER_CCMP;
623         range->enc_capa |= IW_ENC_CAPA_WPA2;
624
625         IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
626         IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
627         IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
628         IW_EVENT_CAPA_SET(range->event_capa, IWEVTXDROP);
629         IW_EVENT_CAPA_SET(range->event_capa, IWEVMICHAELMICFAILURE);
630         IW_EVENT_CAPA_SET(range->event_capa, IWEVPMKIDCAND);
631 #endif                          /* WIRELESS_EXT > 17 */
632
633         kfree(channels);
634
635         return 0;
636 }
637
638 static int rssi_to_qual(int rssi)
639 {
640         if (rssi <= WL_IW_RSSI_NO_SIGNAL)
641                 return 0;
642         else if (rssi <= WL_IW_RSSI_VERY_LOW)
643                 return 1;
644         else if (rssi <= WL_IW_RSSI_LOW)
645                 return 2;
646         else if (rssi <= WL_IW_RSSI_GOOD)
647                 return 3;
648         else if (rssi <= WL_IW_RSSI_VERY_GOOD)
649                 return 4;
650         else
651                 return 5;
652 }
653
654 static int
655 wl_iw_set_spy(struct net_device *dev,
656               struct iw_request_info *info, struct iw_point *dwrq, char *extra)
657 {
658         wl_iw_t *iw = *(wl_iw_t **) netdev_priv(dev);
659         struct sockaddr *addr = (struct sockaddr *)extra;
660         int i;
661
662         WL_TRACE("%s: SIOCSIWSPY\n", dev->name);
663
664         if (!extra)
665                 return -EINVAL;
666
667         iw->spy_num = min_t(int, ARRAY_SIZE(iw->spy_addr), dwrq->length);
668         for (i = 0; i < iw->spy_num; i++)
669                 memcpy(iw->spy_addr[i], addr[i].sa_data, ETH_ALEN);
670         memset(iw->spy_qual, 0, sizeof(iw->spy_qual));
671
672         return 0;
673 }
674
675 static int
676 wl_iw_get_spy(struct net_device *dev,
677               struct iw_request_info *info, struct iw_point *dwrq, char *extra)
678 {
679         wl_iw_t *iw = *(wl_iw_t **) netdev_priv(dev);
680         struct sockaddr *addr = (struct sockaddr *)extra;
681         struct iw_quality *qual = (struct iw_quality *)&addr[iw->spy_num];
682         int i;
683
684         WL_TRACE("%s: SIOCGIWSPY\n", dev->name);
685
686         if (!extra)
687                 return -EINVAL;
688
689         dwrq->length = iw->spy_num;
690         for (i = 0; i < iw->spy_num; i++) {
691                 memcpy(addr[i].sa_data, iw->spy_addr[i], ETH_ALEN);
692                 addr[i].sa_family = AF_UNIX;
693                 memcpy(&qual[i], &iw->spy_qual[i], sizeof(struct iw_quality));
694                 iw->spy_qual[i].updated = 0;
695         }
696
697         return 0;
698 }
699
700 static int
701 wl_iw_ch_to_chanspec(int ch, wl_join_params_t *join_params,
702                      int *join_params_size)
703 {
704         chanspec_t chanspec = 0;
705
706         if (ch != 0) {
707                 join_params->params.chanspec_num = 1;
708                 join_params->params.chanspec_list[0] = ch;
709
710                 if (join_params->params.chanspec_list[0])
711                         chanspec |= WL_CHANSPEC_BAND_2G;
712                 else
713                         chanspec |= WL_CHANSPEC_BAND_5G;
714
715                 chanspec |= WL_CHANSPEC_BW_20;
716                 chanspec |= WL_CHANSPEC_CTL_SB_NONE;
717
718                 *join_params_size += WL_ASSOC_PARAMS_FIXED_SIZE +
719                     join_params->params.chanspec_num * sizeof(chanspec_t);
720
721                 join_params->params.chanspec_list[0] &= WL_CHANSPEC_CHAN_MASK;
722                 join_params->params.chanspec_list[0] |= chanspec;
723                 join_params->params.chanspec_list[0] =
724                     cpu_to_le16(join_params->params.chanspec_list[0]);
725
726                 join_params->params.chanspec_num =
727                     cpu_to_le32(join_params->params.chanspec_num);
728
729                 WL_TRACE("%s  join_params->params.chanspec_list[0]= %X\n",
730                          __func__, join_params->params.chanspec_list[0]);
731         }
732         return 1;
733 }
734
735 static int
736 wl_iw_set_wap(struct net_device *dev,
737               struct iw_request_info *info, struct sockaddr *awrq, char *extra)
738 {
739         int error = -EINVAL;
740         wl_join_params_t join_params;
741         int join_params_size;
742
743         WL_TRACE("%s: SIOCSIWAP\n", dev->name);
744
745         if (awrq->sa_family != ARPHRD_ETHER) {
746                 WL_ERROR("Invalid Header...sa_family\n");
747                 return -EINVAL;
748         }
749
750         if (is_broadcast_ether_addr(awrq->sa_data) ||
751             is_zero_ether_addr(awrq->sa_data)) {
752                 scb_val_t scbval;
753                 memset(&scbval, 0, sizeof(scb_val_t));
754                 (void)dev_wlc_ioctl(dev, WLC_DISASSOC, &scbval,
755                                     sizeof(scb_val_t));
756                 return 0;
757         }
758
759         memset(&join_params, 0, sizeof(join_params));
760         join_params_size = sizeof(join_params.ssid);
761
762         memcpy(join_params.ssid.SSID, g_ssid.SSID, g_ssid.SSID_len);
763         join_params.ssid.SSID_len = cpu_to_le32(g_ssid.SSID_len);
764         memcpy(&join_params.params.bssid, awrq->sa_data, ETH_ALEN);
765
766         WL_TRACE("%s  target_channel=%d\n",
767                  __func__, g_wl_iw_params.target_channel);
768         wl_iw_ch_to_chanspec(g_wl_iw_params.target_channel, &join_params,
769                              &join_params_size);
770
771         error = dev_wlc_ioctl(dev, WLC_SET_SSID, &join_params,
772                                 join_params_size);
773         if (error) {
774                 WL_ERROR("%s Invalid ioctl data=%d\n", __func__, error);
775         }
776
777         if (g_ssid.SSID_len) {
778                 WL_TRACE("%s: join SSID=%s BSSID=%pM ch=%d\n",
779                          __func__, g_ssid.SSID, awrq->sa_data,
780                          g_wl_iw_params.target_channel);
781         }
782
783         memset(&g_ssid, 0, sizeof(g_ssid));
784         return 0;
785 }
786
787 static int
788 wl_iw_get_wap(struct net_device *dev,
789               struct iw_request_info *info, struct sockaddr *awrq, char *extra)
790 {
791         WL_TRACE("%s: SIOCGIWAP\n", dev->name);
792
793         awrq->sa_family = ARPHRD_ETHER;
794         memset(awrq->sa_data, 0, ETH_ALEN);
795
796         (void)dev_wlc_ioctl(dev, WLC_GET_BSSID, awrq->sa_data, ETH_ALEN);
797
798         return 0;
799 }
800
801 #if WIRELESS_EXT > 17
802 static int
803 wl_iw_mlme(struct net_device *dev,
804            struct iw_request_info *info, struct sockaddr *awrq, char *extra)
805 {
806         struct iw_mlme *mlme;
807         scb_val_t scbval;
808         int error = -EINVAL;
809
810         WL_TRACE("%s: SIOCSIWMLME DISASSOC/DEAUTH\n", dev->name);
811
812         mlme = (struct iw_mlme *)extra;
813         if (mlme == NULL) {
814                 WL_ERROR("Invalid ioctl data\n");
815                 return error;
816         }
817
818         scbval.val = mlme->reason_code;
819         memcpy(&scbval.ea, &mlme->addr.sa_data, ETH_ALEN);
820
821         if (mlme->cmd == IW_MLME_DISASSOC) {
822                 scbval.val = cpu_to_le32(scbval.val);
823                 error =
824                     dev_wlc_ioctl(dev, WLC_DISASSOC, &scbval,
825                                   sizeof(scb_val_t));
826         } else if (mlme->cmd == IW_MLME_DEAUTH) {
827                 scbval.val = cpu_to_le32(scbval.val);
828                 error =
829                     dev_wlc_ioctl(dev, WLC_SCB_DEAUTHENTICATE_FOR_REASON,
830                                   &scbval, sizeof(scb_val_t));
831         } else {
832                 WL_ERROR("Invalid ioctl data\n");
833                 return error;
834         }
835
836         return error;
837 }
838 #endif                          /* WIRELESS_EXT > 17 */
839
840 #ifndef WL_IW_USE_ISCAN
841 static int
842 wl_iw_get_aplist(struct net_device *dev,
843                  struct iw_request_info *info,
844                  struct iw_point *dwrq, char *extra)
845 {
846         wl_scan_results_t *list;
847         struct sockaddr *addr = (struct sockaddr *)extra;
848         struct iw_quality qual[IW_MAX_AP];
849         wl_bss_info_t *bi = NULL;
850         int error, i;
851         uint buflen = dwrq->length;
852
853         WL_TRACE("%s: SIOCGIWAPLIST\n", dev->name);
854
855         if (!extra)
856                 return -EINVAL;
857
858         list = kzalloc(buflen, GFP_KERNEL);
859         if (!list)
860                 return -ENOMEM;
861         list->buflen = cpu_to_le32(buflen);
862         error = dev_wlc_ioctl(dev, WLC_SCAN_RESULTS, list, buflen);
863         if (error) {
864                 WL_ERROR("%d: Scan results error %d\n", __LINE__, error);
865                 kfree(list);
866                 return error;
867         }
868         list->buflen = le32_to_cpu(list->buflen);
869         list->version = le32_to_cpu(list->version);
870         list->count = le32_to_cpu(list->count);
871         if (list->version != WL_BSS_INFO_VERSION) {
872                 WL_ERROR("%s : list->version %d != WL_BSS_INFO_VERSION\n",
873                          __func__, list->version);
874                 kfree(list);
875                 return -EINVAL;
876         }
877
878         for (i = 0, dwrq->length = 0;
879              i < list->count && dwrq->length < IW_MAX_AP; i++) {
880                 bi = bi ? (wl_bss_info_t *) ((unsigned long)bi +
881                                              le32_to_cpu(bi->length)) : list->
882                     bss_info;
883                 ASSERT(((unsigned long)bi + le32_to_cpu(bi->length)) <=
884                        ((unsigned long)list + buflen));
885
886                 if (!(le16_to_cpu(bi->capability) & WLAN_CAPABILITY_ESS))
887                         continue;
888
889                 memcpy(addr[dwrq->length].sa_data, &bi->BSSID, ETH_ALEN);
890                 addr[dwrq->length].sa_family = ARPHRD_ETHER;
891                 qual[dwrq->length].qual = rssi_to_qual(le16_to_cpu(bi->RSSI));
892                 qual[dwrq->length].level = 0x100 + le16_to_cpu(bi->RSSI);
893                 qual[dwrq->length].noise = 0x100 + bi->phy_noise;
894
895 #if WIRELESS_EXT > 18
896                 qual[dwrq->length].updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
897 #else
898                 qual[dwrq->length].updated = 7;
899 #endif
900                 dwrq->length++;
901         }
902
903         kfree(list);
904
905         if (dwrq->length) {
906                 memcpy(&addr[dwrq->length], qual,
907                        sizeof(struct iw_quality) * dwrq->length);
908                 dwrq->flags = 1;
909         }
910
911         return 0;
912 }
913 #endif                          /* WL_IW_USE_ISCAN */
914
915 #ifdef WL_IW_USE_ISCAN
916 static int
917 wl_iw_iscan_get_aplist(struct net_device *dev,
918                        struct iw_request_info *info,
919                        struct iw_point *dwrq, char *extra)
920 {
921         wl_scan_results_t *list;
922         iscan_buf_t *buf;
923         iscan_info_t *iscan = g_iscan;
924
925         struct sockaddr *addr = (struct sockaddr *)extra;
926         struct iw_quality qual[IW_MAX_AP];
927         wl_bss_info_t *bi = NULL;
928         int i;
929
930         WL_TRACE("%s: SIOCGIWAPLIST\n", dev->name);
931
932         if (!extra)
933                 return -EINVAL;
934
935         if ((!iscan) || (!iscan->sysioc_tsk)) {
936                 WL_ERROR("%s error\n", __func__);
937                 return 0;
938         }
939
940         buf = iscan->list_hdr;
941         while (buf) {
942                 list = &((wl_iscan_results_t *) buf->iscan_buf)->results;
943                 if (list->version != WL_BSS_INFO_VERSION) {
944                         WL_ERROR("%s : list->version %d != WL_BSS_INFO_VERSION\n",
945                                  __func__, list->version);
946                         return -EINVAL;
947                 }
948
949                 bi = NULL;
950                 for (i = 0, dwrq->length = 0;
951                      i < list->count && dwrq->length < IW_MAX_AP; i++) {
952                         bi = bi ? (wl_bss_info_t *) ((unsigned long)bi +
953                                                      le32_to_cpu(bi->length)) :
954                             list->bss_info;
955                         ASSERT(((unsigned long)bi + le32_to_cpu(bi->length)) <=
956                                ((unsigned long)list + WLC_IW_ISCAN_MAXLEN));
957
958                         if (!(le16_to_cpu(bi->capability) &
959                               WLAN_CAPABILITY_ESS))
960                                 continue;
961
962                         memcpy(addr[dwrq->length].sa_data, &bi->BSSID,
963                                ETH_ALEN);
964                         addr[dwrq->length].sa_family = ARPHRD_ETHER;
965                         qual[dwrq->length].qual =
966                             rssi_to_qual(le16_to_cpu(bi->RSSI));
967                         qual[dwrq->length].level = 0x100 +
968                                                         le16_to_cpu(bi->RSSI);
969                         qual[dwrq->length].noise = 0x100 + bi->phy_noise;
970
971 #if WIRELESS_EXT > 18
972                         qual[dwrq->length].updated =
973                             IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
974 #else
975                         qual[dwrq->length].updated = 7;
976 #endif
977
978                         dwrq->length++;
979                 }
980                 buf = buf->next;
981         }
982         if (dwrq->length) {
983                 memcpy(&addr[dwrq->length], qual,
984                        sizeof(struct iw_quality) * dwrq->length);
985                 dwrq->flags = 1;
986         }
987
988         return 0;
989 }
990
991 static int wl_iw_iscan_prep(wl_scan_params_t *params, wlc_ssid_t *ssid)
992 {
993         int err = 0;
994
995         memcpy(params->bssid, ether_bcast, ETH_ALEN);
996         params->bss_type = DOT11_BSSTYPE_ANY;
997         params->scan_type = 0;
998         params->nprobes = -1;
999         params->active_time = -1;
1000         params->passive_time = -1;
1001         params->home_time = -1;
1002         params->channel_num = 0;
1003
1004         params->nprobes = cpu_to_le32(params->nprobes);
1005         params->active_time = cpu_to_le32(params->active_time);
1006         params->passive_time = cpu_to_le32(params->passive_time);
1007         params->home_time = cpu_to_le32(params->home_time);
1008         if (ssid && ssid->SSID_len)
1009                 memcpy(&params->ssid, ssid, sizeof(wlc_ssid_t));
1010
1011         return err;
1012 }
1013
1014 static int wl_iw_iscan(iscan_info_t *iscan, wlc_ssid_t *ssid, u16 action)
1015 {
1016         int err = 0;
1017
1018         iscan->iscan_ex_params_p->version = cpu_to_le32(ISCAN_REQ_VERSION);
1019         iscan->iscan_ex_params_p->action = cpu_to_le16(action);
1020         iscan->iscan_ex_params_p->scan_duration = cpu_to_le16(0);
1021
1022         WL_SCAN("%s : nprobes=%d\n",
1023                 __func__, iscan->iscan_ex_params_p->params.nprobes);
1024         WL_SCAN("active_time=%d\n",
1025                  iscan->iscan_ex_params_p->params.active_time);
1026         WL_SCAN("passive_time=%d\n",
1027                  iscan->iscan_ex_params_p->params.passive_time);
1028         WL_SCAN("home_time=%d\n", iscan->iscan_ex_params_p->params.home_time);
1029         WL_SCAN("scan_type=%d\n", iscan->iscan_ex_params_p->params.scan_type);
1030         WL_SCAN("bss_type=%d\n", iscan->iscan_ex_params_p->params.bss_type);
1031
1032         (void)dev_iw_iovar_setbuf(iscan->dev, "iscan", iscan->iscan_ex_params_p,
1033                                   iscan->iscan_ex_param_size, iscan->ioctlbuf,
1034                                   sizeof(iscan->ioctlbuf));
1035
1036         return err;
1037 }
1038
1039 static void wl_iw_timerfunc(unsigned long data)
1040 {
1041         iscan_info_t *iscan = (iscan_info_t *) data;
1042         if (iscan) {
1043                 iscan->timer_on = 0;
1044                 if (iscan->iscan_state != ISCAN_STATE_IDLE) {
1045                         WL_TRACE("timer trigger\n");
1046                         up(&iscan->sysioc_sem);
1047                 }
1048         }
1049 }
1050
1051 static void wl_iw_set_event_mask(struct net_device *dev)
1052 {
1053         char eventmask[WL_EVENTING_MASK_LEN];
1054         char iovbuf[WL_EVENTING_MASK_LEN + 12];
1055
1056         dev_iw_iovar_getbuf(dev, "event_msgs", "", 0, iovbuf, sizeof(iovbuf));
1057         memcpy(eventmask, iovbuf, WL_EVENTING_MASK_LEN);
1058         setbit(eventmask, WLC_E_SCAN_COMPLETE);
1059         dev_iw_iovar_setbuf(dev, "event_msgs", eventmask, WL_EVENTING_MASK_LEN,
1060                             iovbuf, sizeof(iovbuf));
1061 }
1062
1063 static u32 wl_iw_iscan_get(iscan_info_t *iscan)
1064 {
1065         iscan_buf_t *buf;
1066         iscan_buf_t *ptr;
1067         wl_iscan_results_t *list_buf;
1068         wl_iscan_results_t list;
1069         wl_scan_results_t *results;
1070         u32 status;
1071         int res = 0;
1072
1073         MUTEX_LOCK_WL_SCAN_SET();
1074         if (iscan->list_cur) {
1075                 buf = iscan->list_cur;
1076                 iscan->list_cur = buf->next;
1077         } else {
1078                 buf = kmalloc(sizeof(iscan_buf_t), GFP_KERNEL);
1079                 if (!buf) {
1080                         WL_ERROR("%s can't alloc iscan_buf_t : going to abort current iscan\n",
1081                                  __func__);
1082                         MUTEX_UNLOCK_WL_SCAN_SET();
1083                         return WL_SCAN_RESULTS_NO_MEM;
1084                 }
1085                 buf->next = NULL;
1086                 if (!iscan->list_hdr)
1087                         iscan->list_hdr = buf;
1088                 else {
1089                         ptr = iscan->list_hdr;
1090                         while (ptr->next) {
1091                                 ptr = ptr->next;
1092                         }
1093                         ptr->next = buf;
1094                 }
1095         }
1096         memset(buf->iscan_buf, 0, WLC_IW_ISCAN_MAXLEN);
1097         list_buf = (wl_iscan_results_t *) buf->iscan_buf;
1098         results = &list_buf->results;
1099         results->buflen = WL_ISCAN_RESULTS_FIXED_SIZE;
1100         results->version = 0;
1101         results->count = 0;
1102
1103         memset(&list, 0, sizeof(list));
1104         list.results.buflen = cpu_to_le32(WLC_IW_ISCAN_MAXLEN);
1105         res = dev_iw_iovar_getbuf(iscan->dev,
1106                                   "iscanresults",
1107                                   &list,
1108                                   WL_ISCAN_RESULTS_FIXED_SIZE,
1109                                   buf->iscan_buf, WLC_IW_ISCAN_MAXLEN);
1110         if (res == 0) {
1111                 results->buflen = le32_to_cpu(results->buflen);
1112                 results->version = le32_to_cpu(results->version);
1113                 results->count = le32_to_cpu(results->count);
1114                 WL_TRACE("results->count = %d\n", results->count);
1115                 WL_TRACE("results->buflen = %d\n", results->buflen);
1116                 status = le32_to_cpu(list_buf->status);
1117         } else {
1118                 WL_ERROR("%s returns error %d\n", __func__, res);
1119                 status = WL_SCAN_RESULTS_NO_MEM;
1120         }
1121         MUTEX_UNLOCK_WL_SCAN_SET();
1122         return status;
1123 }
1124
1125 static void wl_iw_force_specific_scan(iscan_info_t *iscan)
1126 {
1127         WL_TRACE("%s force Specific SCAN for %s\n",
1128                  __func__, g_specific_ssid.SSID);
1129         rtnl_lock();
1130
1131         (void)dev_wlc_ioctl(iscan->dev, WLC_SCAN, &g_specific_ssid,
1132                             sizeof(g_specific_ssid));
1133
1134         rtnl_unlock();
1135 }
1136
1137 static void wl_iw_send_scan_complete(iscan_info_t *iscan)
1138 {
1139 #ifndef SANDGATE2G
1140         union iwreq_data wrqu;
1141
1142         memset(&wrqu, 0, sizeof(wrqu));
1143
1144         wireless_send_event(iscan->dev, SIOCGIWSCAN, &wrqu, NULL);
1145         WL_TRACE("Send Event ISCAN complete\n");
1146 #endif
1147 }
1148
1149 static int _iscan_sysioc_thread(void *data)
1150 {
1151         u32 status;
1152         iscan_info_t *iscan = (iscan_info_t *) data;
1153         static bool iscan_pass_abort = false;
1154
1155         allow_signal(SIGTERM);
1156         status = WL_SCAN_RESULTS_PARTIAL;
1157         while (down_interruptible(&iscan->sysioc_sem) == 0) {
1158                 if (kthread_should_stop())
1159                         break;
1160
1161                 if (iscan->timer_on) {
1162                         del_timer_sync(&iscan->timer);
1163                         iscan->timer_on = 0;
1164                 }
1165                 rtnl_lock();
1166                 status = wl_iw_iscan_get(iscan);
1167                 rtnl_unlock();
1168                 if (g_scan_specified_ssid && (iscan_pass_abort == true)) {
1169                         WL_TRACE("%s Get results from specific scan status = %d\n",
1170                                  __func__, status);
1171                         wl_iw_send_scan_complete(iscan);
1172                         iscan_pass_abort = false;
1173                         status = -1;
1174                 }
1175
1176                 switch (status) {
1177                 case WL_SCAN_RESULTS_PARTIAL:
1178                         WL_TRACE("iscanresults incomplete\n");
1179                         rtnl_lock();
1180                         wl_iw_iscan(iscan, NULL, WL_SCAN_ACTION_CONTINUE);
1181                         rtnl_unlock();
1182                         mod_timer(&iscan->timer,
1183                                   jiffies + iscan->timer_ms * HZ / 1000);
1184                         iscan->timer_on = 1;
1185                         break;
1186                 case WL_SCAN_RESULTS_SUCCESS:
1187                         WL_TRACE("iscanresults complete\n");
1188                         iscan->iscan_state = ISCAN_STATE_IDLE;
1189                         wl_iw_send_scan_complete(iscan);
1190                         break;
1191                 case WL_SCAN_RESULTS_PENDING:
1192                         WL_TRACE("iscanresults pending\n");
1193                         mod_timer(&iscan->timer,
1194                                   jiffies + iscan->timer_ms * HZ / 1000);
1195                         iscan->timer_on = 1;
1196                         break;
1197                 case WL_SCAN_RESULTS_ABORTED:
1198                         WL_TRACE("iscanresults aborted\n");
1199                         iscan->iscan_state = ISCAN_STATE_IDLE;
1200                         if (g_scan_specified_ssid == 0)
1201                                 wl_iw_send_scan_complete(iscan);
1202                         else {
1203                                 iscan_pass_abort = true;
1204                                 wl_iw_force_specific_scan(iscan);
1205                         }
1206                         break;
1207                 case WL_SCAN_RESULTS_NO_MEM:
1208                         WL_TRACE("iscanresults can't alloc memory: skip\n");
1209                         iscan->iscan_state = ISCAN_STATE_IDLE;
1210                         break;
1211                 default:
1212                         WL_TRACE("iscanresults returned unknown status %d\n",
1213                                  status);
1214                         break;
1215                 }
1216         }
1217
1218         if (iscan->timer_on) {
1219                 del_timer_sync(&iscan->timer);
1220                 iscan->timer_on = 0;
1221         }
1222         return 0;
1223 }
1224 #endif                          /* WL_IW_USE_ISCAN */
1225
1226 static int
1227 wl_iw_set_scan(struct net_device *dev,
1228                struct iw_request_info *info,
1229                union iwreq_data *wrqu, char *extra)
1230 {
1231         int error;
1232         WL_TRACE("\n:%s dev:%s: SIOCSIWSCAN : SCAN\n", __func__, dev->name);
1233
1234         g_set_essid_before_scan = false;
1235 #if defined(CSCAN)
1236         WL_ERROR("%s: Scan from SIOCGIWSCAN not supported\n", __func__);
1237         return -EINVAL;
1238 #endif
1239
1240         if (g_onoff == G_WLAN_SET_OFF)
1241                 return 0;
1242
1243         memset(&g_specific_ssid, 0, sizeof(g_specific_ssid));
1244 #ifndef WL_IW_USE_ISCAN
1245         g_scan_specified_ssid = 0;
1246 #endif
1247
1248 #if WIRELESS_EXT > 17
1249         if (wrqu->data.length == sizeof(struct iw_scan_req)) {
1250                 if (wrqu->data.flags & IW_SCAN_THIS_ESSID) {
1251                         struct iw_scan_req *req = (struct iw_scan_req *)extra;
1252                         if (g_scan_specified_ssid) {
1253                                 WL_TRACE("%s Specific SCAN is not done ignore scan for = %s\n",
1254                                          __func__, req->essid);
1255                                 return -EBUSY;
1256                         } else {
1257                                 g_specific_ssid.SSID_len = min_t(size_t,
1258                                                 sizeof(g_specific_ssid.SSID),
1259                                                 req->essid_len);
1260                                 memcpy(g_specific_ssid.SSID, req->essid,
1261                                        g_specific_ssid.SSID_len);
1262                                 g_specific_ssid.SSID_len =
1263                                     cpu_to_le32(g_specific_ssid.SSID_len);
1264                                 g_scan_specified_ssid = 1;
1265                                 WL_TRACE("### Specific scan ssid=%s len=%d\n",
1266                                          g_specific_ssid.SSID,
1267                                          g_specific_ssid.SSID_len);
1268                         }
1269                 }
1270         }
1271 #endif                          /* WIRELESS_EXT > 17 */
1272         error = dev_wlc_ioctl(dev, WLC_SCAN, &g_specific_ssid,
1273                                 sizeof(g_specific_ssid));
1274         if (error) {
1275                 WL_TRACE("#### Set SCAN for %s failed with %d\n",
1276                          g_specific_ssid.SSID, error);
1277                 g_scan_specified_ssid = 0;
1278                 return -EBUSY;
1279         }
1280
1281         return 0;
1282 }
1283
1284 #ifdef WL_IW_USE_ISCAN
1285 int wl_iw_iscan_set_scan_broadcast_prep(struct net_device *dev, uint flag)
1286 {
1287         wlc_ssid_t ssid;
1288         iscan_info_t *iscan = g_iscan;
1289
1290         if (flag)
1291                 rtnl_lock();
1292
1293         wl_iw_set_event_mask(dev);
1294
1295         WL_TRACE("+++: Set Broadcast ISCAN\n");
1296         memset(&ssid, 0, sizeof(ssid));
1297
1298         iscan->list_cur = iscan->list_hdr;
1299         iscan->iscan_state = ISCAN_STATE_SCANING;
1300
1301         memset(&iscan->iscan_ex_params_p->params, 0,
1302                iscan->iscan_ex_param_size);
1303         wl_iw_iscan_prep(&iscan->iscan_ex_params_p->params, &ssid);
1304         wl_iw_iscan(iscan, &ssid, WL_SCAN_ACTION_START);
1305
1306         if (flag)
1307                 rtnl_unlock();
1308
1309         mod_timer(&iscan->timer, jiffies + iscan->timer_ms * HZ / 1000);
1310
1311         iscan->timer_on = 1;
1312
1313         return 0;
1314 }
1315
1316 static int
1317 wl_iw_iscan_set_scan(struct net_device *dev,
1318                      struct iw_request_info *info,
1319                      union iwreq_data *wrqu, char *extra)
1320 {
1321         wlc_ssid_t ssid;
1322         iscan_info_t *iscan = g_iscan;
1323
1324         WL_TRACE("%s: SIOCSIWSCAN : ISCAN\n", dev->name);
1325
1326 #if defined(CSCAN)
1327         WL_ERROR("%s: Scan from SIOCGIWSCAN not supported\n", __func__);
1328         return -EINVAL;
1329 #endif
1330
1331         if (g_onoff == G_WLAN_SET_OFF) {
1332                 WL_TRACE("%s: driver is not up yet after START\n", __func__);
1333                 return 0;
1334         }
1335 #ifdef PNO_SUPPORT
1336         if (dhd_dev_get_pno_status(dev)) {
1337                 WL_ERROR("%s: Scan called when PNO is active\n", __func__);
1338         }
1339 #endif
1340
1341         if ((!iscan) || (!iscan->sysioc_tsk))
1342                 return wl_iw_set_scan(dev, info, wrqu, extra);
1343
1344         if (g_scan_specified_ssid) {
1345                 WL_TRACE("%s Specific SCAN already running ignoring BC scan\n",
1346                          __func__);
1347                 return -EBUSY;
1348         }
1349
1350         memset(&ssid, 0, sizeof(ssid));
1351
1352 #if WIRELESS_EXT > 17
1353         if (wrqu->data.length == sizeof(struct iw_scan_req)) {
1354                 if (wrqu->data.flags & IW_SCAN_THIS_ESSID) {
1355                         struct iw_scan_req *req = (struct iw_scan_req *)extra;
1356                         ssid.SSID_len = min_t(size_t, sizeof(ssid.SSID),
1357                                                 req->essid_len);
1358                         memcpy(ssid.SSID, req->essid, ssid.SSID_len);
1359                         ssid.SSID_len = cpu_to_le32(ssid.SSID_len);
1360                 } else {
1361                         g_scan_specified_ssid = 0;
1362
1363                         if (iscan->iscan_state == ISCAN_STATE_SCANING) {
1364                                 WL_TRACE("%s ISCAN already in progress\n",
1365                                          __func__);
1366                                 return 0;
1367                         }
1368                 }
1369         }
1370 #endif                          /* WIRELESS_EXT > 17 */
1371         wl_iw_iscan_set_scan_broadcast_prep(dev, 0);
1372
1373         return 0;
1374 }
1375 #endif                          /* WL_IW_USE_ISCAN */
1376
1377 #if WIRELESS_EXT > 17
1378 static bool ie_is_wpa_ie(u8 **wpaie, u8 **tlvs, int *tlvs_len)
1379 {
1380
1381         u8 *ie = *wpaie;
1382
1383         if ((ie[1] >= 6) &&
1384             !memcmp((const void *)&ie[2], (const void *)(WPA_OUI "\x01"), 4)) {
1385                 return true;
1386         }
1387
1388         ie += ie[1] + 2;
1389         *tlvs_len -= (int)(ie - *tlvs);
1390         *tlvs = ie;
1391         return false;
1392 }
1393
1394 static bool ie_is_wps_ie(u8 **wpsie, u8 **tlvs, int *tlvs_len)
1395 {
1396
1397         u8 *ie = *wpsie;
1398
1399         if ((ie[1] >= 4) &&
1400             !memcmp((const void *)&ie[2], (const void *)(WPA_OUI "\x04"), 4)) {
1401                 return true;
1402         }
1403
1404         ie += ie[1] + 2;
1405         *tlvs_len -= (int)(ie - *tlvs);
1406         *tlvs = ie;
1407         return false;
1408 }
1409 #endif                          /* WIRELESS_EXT > 17 */
1410
1411 static int
1412 wl_iw_handle_scanresults_ies(char **event_p, char *end,
1413                              struct iw_request_info *info, wl_bss_info_t *bi)
1414 {
1415 #if WIRELESS_EXT > 17
1416         struct iw_event iwe;
1417         char *event;
1418
1419         event = *event_p;
1420         if (bi->ie_length) {
1421                 bcm_tlv_t *ie;
1422                 u8 *ptr = ((u8 *) bi) + sizeof(wl_bss_info_t);
1423                 int ptr_len = bi->ie_length;
1424
1425                 ie = bcm_parse_tlvs(ptr, ptr_len, DOT11_MNG_RSN_ID);
1426                 if (ie) {
1427                         iwe.cmd = IWEVGENIE;
1428                         iwe.u.data.length = ie->len + 2;
1429                         event =
1430                             IWE_STREAM_ADD_POINT(info, event, end, &iwe,
1431                                                  (char *)ie);
1432                 }
1433                 ptr = ((u8 *) bi) + sizeof(wl_bss_info_t);
1434
1435                 while ((ie = bcm_parse_tlvs(ptr, ptr_len, DOT11_MNG_WPA_ID))) {
1436                         if (ie_is_wps_ie(((u8 **)&ie), &ptr, &ptr_len)) {
1437                                 iwe.cmd = IWEVGENIE;
1438                                 iwe.u.data.length = ie->len + 2;
1439                                 event =
1440                                     IWE_STREAM_ADD_POINT(info, event, end, &iwe,
1441                                                          (char *)ie);
1442                                 break;
1443                         }
1444                 }
1445
1446                 ptr = ((u8 *) bi) + sizeof(wl_bss_info_t);
1447                 ptr_len = bi->ie_length;
1448                 while ((ie = bcm_parse_tlvs(ptr, ptr_len, DOT11_MNG_WPA_ID))) {
1449                         if (ie_is_wpa_ie(((u8 **)&ie), &ptr, &ptr_len)) {
1450                                 iwe.cmd = IWEVGENIE;
1451                                 iwe.u.data.length = ie->len + 2;
1452                                 event =
1453                                     IWE_STREAM_ADD_POINT(info, event, end, &iwe,
1454                                                          (char *)ie);
1455                                 break;
1456                         }
1457                 }
1458
1459                 *event_p = event;
1460         }
1461 #endif          /* WIRELESS_EXT > 17 */
1462         return 0;
1463 }
1464
1465 static uint
1466 wl_iw_get_scan_prep(wl_scan_results_t *list,
1467                     struct iw_request_info *info, char *extra, short max_size)
1468 {
1469         int i, j;
1470         struct iw_event iwe;
1471         wl_bss_info_t *bi = NULL;
1472         char *event = extra, *end = extra + max_size - WE_ADD_EVENT_FIX, *value;
1473         int ret = 0;
1474
1475         ASSERT(list);
1476
1477         for (i = 0; i < list->count && i < IW_MAX_AP; i++) {
1478                 if (list->version != WL_BSS_INFO_VERSION) {
1479                         WL_ERROR("%s : list->version %d != WL_BSS_INFO_VERSION\n",
1480                                  __func__, list->version);
1481                         return ret;
1482                 }
1483
1484                 bi = bi ? (wl_bss_info_t *)((unsigned long)bi +
1485                                              le32_to_cpu(bi->length)) : list->
1486                     bss_info;
1487
1488                 WL_TRACE("%s : %s\n", __func__, bi->SSID);
1489
1490                 iwe.cmd = SIOCGIWAP;
1491                 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
1492                 memcpy(iwe.u.ap_addr.sa_data, &bi->BSSID, ETH_ALEN);
1493                 event =
1494                     IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1495                                          IW_EV_ADDR_LEN);
1496                 iwe.u.data.length = le32_to_cpu(bi->SSID_len);
1497                 iwe.cmd = SIOCGIWESSID;
1498                 iwe.u.data.flags = 1;
1499                 event = IWE_STREAM_ADD_POINT(info, event, end, &iwe, bi->SSID);
1500
1501                 if (le16_to_cpu(bi->capability) & (WLAN_CAPABILITY_ESS |
1502                     WLAN_CAPABILITY_IBSS)) {
1503                         iwe.cmd = SIOCGIWMODE;
1504                         if (le16_to_cpu(bi->capability) & WLAN_CAPABILITY_ESS)
1505                                 iwe.u.mode = IW_MODE_INFRA;
1506                         else
1507                                 iwe.u.mode = IW_MODE_ADHOC;
1508                         event =
1509                             IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1510                                                  IW_EV_UINT_LEN);
1511                 }
1512
1513                 iwe.cmd = SIOCGIWFREQ;
1514
1515                 if (CHSPEC_CHANNEL(bi->chanspec) <= CH_MAX_2G_CHANNEL)
1516                         iwe.u.freq.m = ieee80211_dsss_chan_to_freq(
1517                                                 CHSPEC_CHANNEL(bi->chanspec));
1518                 else
1519                         iwe.u.freq.m = ieee80211_ofdm_chan_to_freq(
1520                                                 WF_CHAN_FACTOR_5_G/2,
1521                                                 CHSPEC_CHANNEL(bi->chanspec));
1522
1523                 iwe.u.freq.e = 6;
1524                 event =
1525                     IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1526                                          IW_EV_FREQ_LEN);
1527
1528                 iwe.cmd = IWEVQUAL;
1529                 iwe.u.qual.qual = rssi_to_qual(le16_to_cpu(bi->RSSI));
1530                 iwe.u.qual.level = 0x100 + le16_to_cpu(bi->RSSI);
1531                 iwe.u.qual.noise = 0x100 + bi->phy_noise;
1532                 event =
1533                     IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1534                                          IW_EV_QUAL_LEN);
1535
1536                 wl_iw_handle_scanresults_ies(&event, end, info, bi);
1537
1538                 iwe.cmd = SIOCGIWENCODE;
1539                 if (le16_to_cpu(bi->capability) & WLAN_CAPABILITY_PRIVACY)
1540                         iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
1541                 else
1542                         iwe.u.data.flags = IW_ENCODE_DISABLED;
1543                 iwe.u.data.length = 0;
1544                 event =
1545                     IWE_STREAM_ADD_POINT(info, event, end, &iwe, (char *)event);
1546
1547                 if (bi->rateset.count) {
1548                         if (((event - extra) +
1549                                 IW_EV_LCP_LEN) <= (unsigned long)end) {
1550                                 value = event + IW_EV_LCP_LEN;
1551                                 iwe.cmd = SIOCGIWRATE;
1552                                 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled =
1553                                     0;
1554                                 for (j = 0;
1555                                      j < bi->rateset.count
1556                                      && j < IW_MAX_BITRATES; j++) {
1557                                         iwe.u.bitrate.value =
1558                                             (bi->rateset.rates[j] & 0x7f) *
1559                                             500000;
1560                                         value =
1561                                             IWE_STREAM_ADD_VALUE(info, event,
1562                                                  value, end, &iwe,
1563                                                  IW_EV_PARAM_LEN);
1564                                 }
1565                                 event = value;
1566                         }
1567                 }
1568         }
1569
1570         ret = event - extra;
1571         if (ret < 0) {
1572                 WL_ERROR("==> Wrong size\n");
1573                 ret = 0;
1574         }
1575         WL_TRACE("%s: size=%d bytes prepared\n",
1576                  __func__, (unsigned int)(event - extra));
1577         return (uint)ret;
1578 }
1579
1580 static int
1581 wl_iw_get_scan(struct net_device *dev,
1582                struct iw_request_info *info, struct iw_point *dwrq, char *extra)
1583 {
1584         channel_info_t ci;
1585         wl_scan_results_t *list_merge;
1586         wl_scan_results_t *list = (wl_scan_results_t *) g_scan;
1587         int error;
1588         uint buflen_from_user = dwrq->length;
1589         uint len = G_SCAN_RESULTS;
1590         __u16 len_ret = 0;
1591 #if defined(WL_IW_USE_ISCAN)
1592         iscan_info_t *iscan = g_iscan;
1593         iscan_buf_t *p_buf;
1594 #endif
1595
1596         WL_TRACE("%s: buflen_from_user %d:\n", dev->name, buflen_from_user);
1597
1598         if (!extra) {
1599                 WL_TRACE("%s: wl_iw_get_scan return -EINVAL\n", dev->name);
1600                 return -EINVAL;
1601         }
1602
1603         error = dev_wlc_ioctl(dev, WLC_GET_CHANNEL, &ci, sizeof(ci));
1604         if (error)
1605                 return error;
1606         ci.scan_channel = le32_to_cpu(ci.scan_channel);
1607         if (ci.scan_channel)
1608                 return -EAGAIN;
1609
1610         if (g_scan_specified_ssid) {
1611                 list = kmalloc(len, GFP_KERNEL);
1612                 if (!list) {
1613                         WL_TRACE("%s: wl_iw_get_scan return -ENOMEM\n",
1614                                  dev->name);
1615                         g_scan_specified_ssid = 0;
1616                         return -ENOMEM;
1617                 }
1618         }
1619
1620         memset(list, 0, len);
1621         list->buflen = cpu_to_le32(len);
1622         error = dev_wlc_ioctl(dev, WLC_SCAN_RESULTS, list, len);
1623         if (error) {
1624                 WL_ERROR("%s: %s : Scan_results ERROR %d\n",
1625                          dev->name, __func__, error);
1626                 dwrq->length = len;
1627                 if (g_scan_specified_ssid) {
1628                         g_scan_specified_ssid = 0;
1629                         kfree(list);
1630                 }
1631                 return 0;
1632         }
1633         list->buflen = le32_to_cpu(list->buflen);
1634         list->version = le32_to_cpu(list->version);
1635         list->count = le32_to_cpu(list->count);
1636
1637         if (list->version != WL_BSS_INFO_VERSION) {
1638                 WL_ERROR("%s : list->version %d != WL_BSS_INFO_VERSION\n",
1639                          __func__, list->version);
1640                 if (g_scan_specified_ssid) {
1641                         g_scan_specified_ssid = 0;
1642                         kfree(list);
1643                 }
1644                 return -EINVAL;
1645         }
1646
1647         if (g_scan_specified_ssid) {
1648                 WL_TRACE("%s: Specified scan APs in the list =%d\n",
1649                          __func__, list->count);
1650                 len_ret =
1651                     (__u16) wl_iw_get_scan_prep(list, info, extra,
1652                                                 buflen_from_user);
1653                 kfree(list);
1654
1655 #if defined(WL_IW_USE_ISCAN)
1656                 p_buf = iscan->list_hdr;
1657                 while (p_buf != iscan->list_cur) {
1658                         list_merge =
1659                             &((wl_iscan_results_t *) p_buf->iscan_buf)->results;
1660                         WL_TRACE("%s: Bcast APs list=%d\n",
1661                                  __func__, list_merge->count);
1662                         if (list_merge->count > 0)
1663                                 len_ret +=
1664                                     (__u16) wl_iw_get_scan_prep(list_merge,
1665                                         info, extra + len_ret,
1666                                         buflen_from_user - len_ret);
1667                         p_buf = p_buf->next;
1668                 }
1669 #else
1670                 list_merge = (wl_scan_results_t *) g_scan;
1671                 WL_TRACE("%s: Bcast APs list=%d\n",
1672                          __func__, list_merge->count);
1673                 if (list_merge->count > 0)
1674                         len_ret +=
1675                             (__u16) wl_iw_get_scan_prep(list_merge, info,
1676                                                         extra + len_ret,
1677                                                         buflen_from_user -
1678                                                         len_ret);
1679 #endif                          /* defined(WL_IW_USE_ISCAN) */
1680         } else {
1681                 list = (wl_scan_results_t *) g_scan;
1682                 len_ret =
1683                     (__u16) wl_iw_get_scan_prep(list, info, extra,
1684                                                 buflen_from_user);
1685         }
1686
1687 #if defined(WL_IW_USE_ISCAN)
1688         g_scan_specified_ssid = 0;
1689 #endif
1690         if ((len_ret + WE_ADD_EVENT_FIX) < buflen_from_user)
1691                 len = len_ret;
1692
1693         dwrq->length = len;
1694         dwrq->flags = 0;
1695
1696         WL_TRACE("%s return to WE %d bytes APs=%d\n",
1697                  __func__, dwrq->length, list->count);
1698         return 0;
1699 }
1700
1701 #if defined(WL_IW_USE_ISCAN)
1702 static int
1703 wl_iw_iscan_get_scan(struct net_device *dev,
1704                      struct iw_request_info *info,
1705                      struct iw_point *dwrq, char *extra)
1706 {
1707         wl_scan_results_t *list;
1708         struct iw_event iwe;
1709         wl_bss_info_t *bi = NULL;
1710         int ii, j;
1711         int apcnt;
1712         char *event = extra, *end = extra + dwrq->length, *value;
1713         iscan_info_t *iscan = g_iscan;
1714         iscan_buf_t *p_buf;
1715         u32 counter = 0;
1716         u8 channel;
1717
1718         WL_TRACE("%s %s buflen_from_user %d:\n",
1719                  dev->name, __func__, dwrq->length);
1720
1721         if (!extra) {
1722                 WL_TRACE("%s: INVALID SIOCGIWSCAN GET bad parameter\n",
1723                          dev->name);
1724                 return -EINVAL;
1725         }
1726
1727         if ((!iscan) || (!iscan->sysioc_tsk)) {
1728                 WL_ERROR("%ssysioc_tsk\n", __func__);
1729                 return wl_iw_get_scan(dev, info, dwrq, extra);
1730         }
1731
1732         if (iscan->iscan_state == ISCAN_STATE_SCANING) {
1733                 WL_TRACE("%s: SIOCGIWSCAN GET still scanning\n", dev->name);
1734                 return -EAGAIN;
1735         }
1736
1737         WL_TRACE("%s: SIOCGIWSCAN GET broadcast results\n", dev->name);
1738         apcnt = 0;
1739         p_buf = iscan->list_hdr;
1740         while (p_buf != iscan->list_cur) {
1741                 list = &((wl_iscan_results_t *) p_buf->iscan_buf)->results;
1742
1743                 counter += list->count;
1744
1745                 if (list->version != WL_BSS_INFO_VERSION) {
1746                         WL_ERROR("%s : list->version %d != WL_BSS_INFO_VERSION\n",
1747                                  __func__, list->version);
1748                         return -EINVAL;
1749                 }
1750
1751                 bi = NULL;
1752                 for (ii = 0; ii < list->count && apcnt < IW_MAX_AP;
1753                      apcnt++, ii++) {
1754                         bi = bi ? (wl_bss_info_t *)((unsigned long)bi +
1755                                                      le32_to_cpu(bi->length)) :
1756                             list->bss_info;
1757                         ASSERT(((unsigned long)bi + le32_to_cpu(bi->length)) <=
1758                                ((unsigned long)list + WLC_IW_ISCAN_MAXLEN));
1759
1760                         if (event + ETH_ALEN + bi->SSID_len +
1761                             IW_EV_UINT_LEN + IW_EV_FREQ_LEN + IW_EV_QUAL_LEN >=
1762                             end)
1763                                 return -E2BIG;
1764                         iwe.cmd = SIOCGIWAP;
1765                         iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
1766                         memcpy(iwe.u.ap_addr.sa_data, &bi->BSSID,
1767                                ETH_ALEN);
1768                         event =
1769                             IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1770                                                  IW_EV_ADDR_LEN);
1771
1772                         iwe.u.data.length = le32_to_cpu(bi->SSID_len);
1773                         iwe.cmd = SIOCGIWESSID;
1774                         iwe.u.data.flags = 1;
1775                         event =
1776                             IWE_STREAM_ADD_POINT(info, event, end, &iwe,
1777                                                  bi->SSID);
1778
1779                         if (le16_to_cpu(bi->capability) &
1780                             (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
1781                                 iwe.cmd = SIOCGIWMODE;
1782                                 if (le16_to_cpu(bi->capability) &
1783                                     WLAN_CAPABILITY_ESS)
1784                                         iwe.u.mode = IW_MODE_INFRA;
1785                                 else
1786                                         iwe.u.mode = IW_MODE_ADHOC;
1787                                 event =
1788                                     IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1789                                                          IW_EV_UINT_LEN);
1790                         }
1791
1792                         iwe.cmd = SIOCGIWFREQ;
1793                         channel =
1794                             (bi->ctl_ch ==
1795                              0) ? CHSPEC_CHANNEL(bi->chanspec) : bi->ctl_ch;
1796
1797                         if (channel <= CH_MAX_2G_CHANNEL)
1798                                 iwe.u.freq.m =
1799                                         ieee80211_dsss_chan_to_freq(channel);
1800                         else
1801                                 iwe.u.freq.m = ieee80211_ofdm_chan_to_freq(
1802                                                         WF_CHAN_FACTOR_5_G/2,
1803                                                         channel);
1804
1805                         iwe.u.freq.e = 6;
1806                         event =
1807                             IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1808                                                  IW_EV_FREQ_LEN);
1809
1810                         iwe.cmd = IWEVQUAL;
1811                         iwe.u.qual.qual = rssi_to_qual(le16_to_cpu(bi->RSSI));
1812                         iwe.u.qual.level = 0x100 + le16_to_cpu(bi->RSSI);
1813                         iwe.u.qual.noise = 0x100 + bi->phy_noise;
1814                         event =
1815                             IWE_STREAM_ADD_EVENT(info, event, end, &iwe,
1816                                                  IW_EV_QUAL_LEN);
1817
1818                         wl_iw_handle_scanresults_ies(&event, end, info, bi);
1819
1820                         iwe.cmd = SIOCGIWENCODE;
1821                         if (le16_to_cpu(bi->capability) &
1822                             WLAN_CAPABILITY_PRIVACY)
1823                                 iwe.u.data.flags =
1824                                     IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
1825                         else
1826                                 iwe.u.data.flags = IW_ENCODE_DISABLED;
1827                         iwe.u.data.length = 0;
1828                         event =
1829                             IWE_STREAM_ADD_POINT(info, event, end, &iwe,
1830                                                  (char *)event);
1831
1832                         if (bi->rateset.count) {
1833                                 if (event + IW_MAX_BITRATES * IW_EV_PARAM_LEN >=
1834                                     end)
1835                                         return -E2BIG;
1836
1837                                 value = event + IW_EV_LCP_LEN;
1838                                 iwe.cmd = SIOCGIWRATE;
1839                                 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled =
1840                                     0;
1841                                 for (j = 0;
1842                                      j < bi->rateset.count
1843                                      && j < IW_MAX_BITRATES; j++) {
1844                                         iwe.u.bitrate.value =
1845                                             (bi->rateset.rates[j] & 0x7f) *
1846                                             500000;
1847                                         value =
1848                                             IWE_STREAM_ADD_VALUE(info, event,
1849                                                  value, end,
1850                                                  &iwe,
1851                                                  IW_EV_PARAM_LEN);
1852                                 }
1853                                 event = value;
1854                         }
1855                 }
1856                 p_buf = p_buf->next;
1857         }
1858
1859         dwrq->length = event - extra;
1860         dwrq->flags = 0;
1861
1862         WL_TRACE("%s return to WE %d bytes APs=%d\n",
1863                  __func__, dwrq->length, counter);
1864
1865         if (!dwrq->length)
1866                 return -EAGAIN;
1867
1868         return 0;
1869 }
1870 #endif                          /* defined(WL_IW_USE_ISCAN) */
1871
1872 static int
1873 wl_iw_set_essid(struct net_device *dev,
1874                 struct iw_request_info *info,
1875                 struct iw_point *dwrq, char *extra)
1876 {
1877         int error;
1878         wl_join_params_t join_params;
1879         int join_params_size;
1880
1881         WL_TRACE("%s: SIOCSIWESSID\n", dev->name);
1882
1883         if (g_set_essid_before_scan)
1884                 return -EAGAIN;
1885
1886         memset(&g_ssid, 0, sizeof(g_ssid));
1887
1888         CHECK_EXTRA_FOR_NULL(extra);
1889
1890         if (dwrq->length && extra) {
1891 #if WIRELESS_EXT > 20
1892                 g_ssid.SSID_len = min_t(size_t, sizeof(g_ssid.SSID),
1893                                         dwrq->length);
1894 #else
1895                 g_ssid.SSID_len = min_t(size_t, sizeof(g_ssid.SSID),
1896                                         dwrq->length - 1);
1897 #endif
1898                 memcpy(g_ssid.SSID, extra, g_ssid.SSID_len);
1899         } else {
1900                 g_ssid.SSID_len = 0;
1901         }
1902         g_ssid.SSID_len = cpu_to_le32(g_ssid.SSID_len);
1903
1904         memset(&join_params, 0, sizeof(join_params));
1905         join_params_size = sizeof(join_params.ssid);
1906
1907         memcpy(&join_params.ssid.SSID, g_ssid.SSID, g_ssid.SSID_len);
1908         join_params.ssid.SSID_len = cpu_to_le32(g_ssid.SSID_len);
1909         memcpy(join_params.params.bssid, ether_bcast, ETH_ALEN);
1910
1911         wl_iw_ch_to_chanspec(g_wl_iw_params.target_channel, &join_params,
1912                              &join_params_size);
1913
1914         error = dev_wlc_ioctl(dev, WLC_SET_SSID, &join_params,
1915                                 join_params_size);
1916         if (error)
1917                 WL_ERROR("Invalid ioctl data=%d\n", error);
1918
1919         if (g_ssid.SSID_len) {
1920                 WL_TRACE("%s: join SSID=%s ch=%d\n",
1921                          __func__, g_ssid.SSID, g_wl_iw_params.target_channel);
1922         }
1923         return 0;
1924 }
1925
1926 static int
1927 wl_iw_get_essid(struct net_device *dev,
1928                 struct iw_request_info *info,
1929                 struct iw_point *dwrq, char *extra)
1930 {
1931         wlc_ssid_t ssid;
1932         int error;
1933
1934         WL_TRACE("%s: SIOCGIWESSID\n", dev->name);
1935
1936         if (!extra)
1937                 return -EINVAL;
1938
1939         error = dev_wlc_ioctl(dev, WLC_GET_SSID, &ssid, sizeof(ssid));
1940         if (error) {
1941                 WL_ERROR("Error getting the SSID\n");
1942                 return error;
1943         }
1944
1945         ssid.SSID_len = le32_to_cpu(ssid.SSID_len);
1946
1947         memcpy(extra, ssid.SSID, ssid.SSID_len);
1948
1949         dwrq->length = ssid.SSID_len;
1950
1951         dwrq->flags = 1;
1952
1953         return 0;
1954 }
1955
1956 static int
1957 wl_iw_set_nick(struct net_device *dev,
1958                struct iw_request_info *info, struct iw_point *dwrq, char *extra)
1959 {
1960         wl_iw_t *iw = *(wl_iw_t **) netdev_priv(dev);
1961
1962         WL_TRACE("%s: SIOCSIWNICKN\n", dev->name);
1963
1964         if (!extra)
1965                 return -EINVAL;
1966
1967         if (dwrq->length > sizeof(iw->nickname))
1968                 return -E2BIG;
1969
1970         memcpy(iw->nickname, extra, dwrq->length);
1971         iw->nickname[dwrq->length - 1] = '\0';
1972
1973         return 0;
1974 }
1975
1976 static int
1977 wl_iw_get_nick(struct net_device *dev,
1978                struct iw_request_info *info, struct iw_point *dwrq, char *extra)
1979 {
1980         wl_iw_t *iw = *(wl_iw_t **) netdev_priv(dev);
1981
1982         WL_TRACE("%s: SIOCGIWNICKN\n", dev->name);
1983
1984         if (!extra)
1985                 return -EINVAL;
1986
1987         strcpy(extra, iw->nickname);
1988         dwrq->length = strlen(extra) + 1;
1989
1990         return 0;
1991 }
1992
1993 static int
1994 wl_iw_set_rate(struct net_device *dev,
1995                struct iw_request_info *info, struct iw_param *vwrq, char *extra)
1996 {
1997         wl_rateset_t rateset;
1998         int error, rate, i, error_bg, error_a;
1999
2000         WL_TRACE("%s: SIOCSIWRATE\n", dev->name);
2001
2002         error = dev_wlc_ioctl(dev, WLC_GET_CURR_RATESET, &rateset,
2003                                 sizeof(rateset));
2004         if (error)
2005                 return error;
2006
2007         rateset.count = le32_to_cpu(rateset.count);
2008
2009         if (vwrq->value < 0)
2010                 rate = rateset.rates[rateset.count - 1] & 0x7f;
2011         else if (vwrq->value < rateset.count)
2012                 rate = rateset.rates[vwrq->value] & 0x7f;
2013         else
2014                 rate = vwrq->value / 500000;
2015
2016         if (vwrq->fixed) {
2017                 error_bg = dev_wlc_intvar_set(dev, "bg_rate", rate);
2018                 error_a = dev_wlc_intvar_set(dev, "a_rate", rate);
2019
2020                 if (error_bg && error_a)
2021                         return error_bg | error_a;
2022         } else {
2023                 error_bg = dev_wlc_intvar_set(dev, "bg_rate", 0);
2024                 error_a = dev_wlc_intvar_set(dev, "a_rate", 0);
2025
2026                 if (error_bg && error_a)
2027                         return error_bg | error_a;
2028
2029                 for (i = 0; i < rateset.count; i++)
2030                         if ((rateset.rates[i] & 0x7f) > rate)
2031                                 break;
2032                 rateset.count = cpu_to_le32(i);
2033
2034                 error = dev_wlc_ioctl(dev, WLC_SET_RATESET, &rateset,
2035                                         sizeof(rateset));
2036                 if (error)
2037                         return error;
2038         }
2039
2040         return 0;
2041 }
2042
2043 static int
2044 wl_iw_get_rate(struct net_device *dev,
2045                struct iw_request_info *info, struct iw_param *vwrq, char *extra)
2046 {
2047         int error, rate;
2048
2049         WL_TRACE("%s: SIOCGIWRATE\n", dev->name);
2050
2051         error = dev_wlc_ioctl(dev, WLC_GET_RATE, &rate, sizeof(rate));
2052         if (error)
2053                 return error;
2054         rate = le32_to_cpu(rate);
2055         vwrq->value = rate * 500000;
2056
2057         return 0;
2058 }
2059
2060 static int
2061 wl_iw_set_rts(struct net_device *dev,
2062               struct iw_request_info *info, struct iw_param *vwrq, char *extra)
2063 {
2064         int error, rts;
2065
2066         WL_TRACE("%s: SIOCSIWRTS\n", dev->name);
2067
2068         if (vwrq->disabled)
2069                 rts = DOT11_DEFAULT_RTS_LEN;
2070         else if (vwrq->value < 0 || vwrq->value > DOT11_DEFAULT_RTS_LEN)
2071                 return -EINVAL;
2072         else
2073                 rts = vwrq->value;
2074
2075         error = dev_wlc_intvar_set(dev, "rtsthresh", rts);
2076         if (error)
2077                 return error;
2078
2079         return 0;
2080 }
2081
2082 static int
2083 wl_iw_get_rts(struct net_device *dev,
2084               struct iw_request_info *info, struct iw_param *vwrq, char *extra)
2085 {
2086         int error, rts;
2087
2088         WL_TRACE("%s: SIOCGIWRTS\n", dev->name);
2089
2090         error = dev_wlc_intvar_get(dev, "rtsthresh", &rts);
2091         if (error)
2092                 return error;
2093
2094         vwrq->value = rts;
2095         vwrq->disabled = (rts >= DOT11_DEFAULT_RTS_LEN);
2096         vwrq->fixed = 1;
2097
2098         return 0;
2099 }
2100
2101 static int
2102 wl_iw_set_frag(struct net_device *dev,
2103                struct iw_request_info *info, struct iw_param *vwrq, char *extra)
2104 {
2105         int error, frag;
2106
2107         WL_TRACE("%s: SIOCSIWFRAG\n", dev->name);
2108
2109         if (vwrq->disabled)
2110                 frag = DOT11_DEFAULT_FRAG_LEN;
2111         else if (vwrq->value < 0 || vwrq->value > DOT11_DEFAULT_FRAG_LEN)
2112                 return -EINVAL;
2113         else
2114                 frag = vwrq->value;
2115
2116         error = dev_wlc_intvar_set(dev, "fragthresh", frag);
2117         if (error)
2118                 return error;
2119
2120         return 0;
2121 }
2122
2123 static int
2124 wl_iw_get_frag(struct net_device *dev,
2125                struct iw_request_info *info, struct iw_param *vwrq, char *extra)
2126 {
2127         int error, fragthreshold;
2128
2129         WL_TRACE("%s: SIOCGIWFRAG\n", dev->name);
2130
2131         error = dev_wlc_intvar_get(dev, "fragthresh", &fragthreshold);
2132         if (error)
2133                 return error;
2134
2135         vwrq->value = fragthreshold;
2136         vwrq->disabled = (fragthreshold >= DOT11_DEFAULT_FRAG_LEN);
2137         vwrq->fixed = 1;
2138
2139         return 0;
2140 }
2141
2142 static int
2143 wl_iw_set_txpow(struct net_device *dev,
2144                 struct iw_request_info *info,
2145                 struct iw_param *vwrq, char *extra)
2146 {
2147         int error, disable;
2148         u16 txpwrmw;
2149         WL_TRACE("%s: SIOCSIWTXPOW\n", dev->name);
2150
2151         disable = vwrq->disabled ? WL_RADIO_SW_DISABLE : 0;
2152         disable += WL_RADIO_SW_DISABLE << 16;
2153
2154         disable = cpu_to_le32(disable);
2155         error = dev_wlc_ioctl(dev, WLC_SET_RADIO, &disable, sizeof(disable));
2156         if (error)
2157                 return error;
2158
2159         if (disable & WL_RADIO_SW_DISABLE)
2160                 return 0;
2161
2162         if (!(vwrq->flags & IW_TXPOW_MWATT))
2163                 return -EINVAL;
2164
2165         if (vwrq->value < 0)
2166                 return 0;
2167
2168         if (vwrq->value > 0xffff)
2169                 txpwrmw = 0xffff;
2170         else
2171                 txpwrmw = (u16) vwrq->value;
2172
2173         error =
2174             dev_wlc_intvar_set(dev, "qtxpower", (int)(bcm_mw_to_qdbm(txpwrmw)));
2175         return error;
2176 }
2177
2178 static int
2179 wl_iw_get_txpow(struct net_device *dev,
2180                 struct iw_request_info *info,
2181                 struct iw_param *vwrq, char *extra)
2182 {
2183         int error, disable, txpwrdbm;
2184         u8 result;
2185
2186         WL_TRACE("%s: SIOCGIWTXPOW\n", dev->name);
2187
2188         error = dev_wlc_ioctl(dev, WLC_GET_RADIO, &disable, sizeof(disable));
2189         if (error)
2190                 return error;
2191
2192         error = dev_wlc_intvar_get(dev, "qtxpower", &txpwrdbm);
2193         if (error)
2194                 return error;
2195
2196         disable = le32_to_cpu(disable);
2197         result = (u8) (txpwrdbm & ~WL_TXPWR_OVERRIDE);
2198         vwrq->value = (s32) bcm_qdbm_to_mw(result);
2199         vwrq->fixed = 0;
2200         vwrq->disabled =
2201             (disable & (WL_RADIO_SW_DISABLE | WL_RADIO_HW_DISABLE)) ? 1 : 0;
2202         vwrq->flags = IW_TXPOW_MWATT;
2203
2204         return 0;
2205 }
2206
2207 #if WIRELESS_EXT > 10
2208 static int
2209 wl_iw_set_retry(struct net_device *dev,
2210                 struct iw_request_info *info,
2211                 struct iw_param *vwrq, char *extra)
2212 {
2213         int error, lrl, srl;
2214
2215         WL_TRACE("%s: SIOCSIWRETRY\n", dev->name);
2216
2217         if (vwrq->disabled || (vwrq->flags & IW_RETRY_LIFETIME))
2218                 return -EINVAL;
2219
2220         if (vwrq->flags & IW_RETRY_LIMIT) {
2221
2222 #if WIRELESS_EXT > 20
2223                 if ((vwrq->flags & IW_RETRY_LONG)
2224                     || (vwrq->flags & IW_RETRY_MAX)
2225                     || !((vwrq->flags & IW_RETRY_SHORT)
2226                          || (vwrq->flags & IW_RETRY_MIN))) {
2227 #else
2228                 if ((vwrq->flags & IW_RETRY_MAX)
2229                     || !(vwrq->flags & IW_RETRY_MIN)) {
2230 #endif
2231                         lrl = cpu_to_le32(vwrq->value);
2232                         error = dev_wlc_ioctl(dev, WLC_SET_LRL, &lrl,
2233                                                 sizeof(lrl));
2234                         if (error)
2235                                 return error;
2236                 }
2237 #if WIRELESS_EXT > 20
2238                 if ((vwrq->flags & IW_RETRY_SHORT)
2239                     || (vwrq->flags & IW_RETRY_MIN)
2240                     || !((vwrq->flags & IW_RETRY_LONG)
2241                          || (vwrq->flags & IW_RETRY_MAX))) {
2242 #else
2243                 if ((vwrq->flags & IW_RETRY_MIN)
2244                     || !(vwrq->flags & IW_RETRY_MAX)) {
2245 #endif
2246                         srl = cpu_to_le32(vwrq->value);
2247                         error = dev_wlc_ioctl(dev, WLC_SET_SRL, &srl,
2248                                                 sizeof(srl));
2249                         if (error)
2250                                 return error;
2251                 }
2252         }
2253         return 0;
2254 }
2255
2256 static int
2257 wl_iw_get_retry(struct net_device *dev,
2258                 struct iw_request_info *info,
2259                 struct iw_param *vwrq, char *extra)
2260 {
2261         int error, lrl, srl;
2262
2263         WL_TRACE("%s: SIOCGIWRETRY\n", dev->name);
2264
2265         vwrq->disabled = 0;
2266
2267         if ((vwrq->flags & IW_RETRY_TYPE) == IW_RETRY_LIFETIME)
2268                 return -EINVAL;
2269
2270         error = dev_wlc_ioctl(dev, WLC_GET_LRL, &lrl, sizeof(lrl));
2271         if (error)
2272                 return error;
2273
2274         error = dev_wlc_ioctl(dev, WLC_GET_SRL, &srl, sizeof(srl));
2275         if (error)
2276                 return error;
2277
2278         lrl = le32_to_cpu(lrl);
2279         srl = le32_to_cpu(srl);
2280
2281         if (vwrq->flags & IW_RETRY_MAX) {
2282                 vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_MAX;
2283                 vwrq->value = lrl;
2284         } else {
2285                 vwrq->flags = IW_RETRY_LIMIT;
2286                 vwrq->value = srl;
2287                 if (srl != lrl)
2288                         vwrq->flags |= IW_RETRY_MIN;
2289         }
2290
2291         return 0;
2292 }
2293 #endif                          /* WIRELESS_EXT > 10 */
2294
2295 static int
2296 wl_iw_set_encode(struct net_device *dev,
2297                  struct iw_request_info *info,
2298                  struct iw_point *dwrq, char *extra)
2299 {
2300         wl_wsec_key_t key;
2301         int error, val, wsec;
2302
2303         WL_TRACE("%s: SIOCSIWENCODE\n", dev->name);
2304
2305         memset(&key, 0, sizeof(key));
2306
2307         if ((dwrq->flags & IW_ENCODE_INDEX) == 0) {
2308                 for (key.index = 0; key.index < DOT11_MAX_DEFAULT_KEYS;
2309                      key.index++) {
2310                         val = cpu_to_le32(key.index);
2311                         error = dev_wlc_ioctl(dev, WLC_GET_KEY_PRIMARY, &val,
2312                                                 sizeof(val));
2313                         if (error)
2314                                 return error;
2315                         val = le32_to_cpu(val);
2316                         if (val)
2317                                 break;
2318                 }
2319                 if (key.index == DOT11_MAX_DEFAULT_KEYS)
2320                         key.index = 0;
2321         } else {
2322                 key.index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
2323                 if (key.index >= DOT11_MAX_DEFAULT_KEYS)
2324                         return -EINVAL;
2325         }
2326
2327         if (!extra || !dwrq->length || (dwrq->flags & IW_ENCODE_NOKEY)) {
2328                 val = cpu_to_le32(key.index);
2329                 error = dev_wlc_ioctl(dev, WLC_SET_KEY_PRIMARY, &val,
2330                                         sizeof(val));
2331                 if (error)
2332                         return error;
2333         } else {
2334                 key.len = dwrq->length;
2335
2336                 if (dwrq->length > sizeof(key.data))
2337                         return -EINVAL;
2338
2339                 memcpy(key.data, extra, dwrq->length);
2340
2341                 key.flags = WL_PRIMARY_KEY;
2342                 switch (key.len) {
2343                 case WLAN_KEY_LEN_WEP40:
2344                         key.algo = CRYPTO_ALGO_WEP1;
2345                         break;
2346                 case WLAN_KEY_LEN_WEP104:
2347                         key.algo = CRYPTO_ALGO_WEP128;
2348                         break;
2349                 case WLAN_KEY_LEN_TKIP:
2350                         key.algo = CRYPTO_ALGO_TKIP;
2351                         break;
2352                 case WLAN_KEY_LEN_AES_CMAC:
2353                         key.algo = CRYPTO_ALGO_AES_CCM;
2354                         break;
2355                 default:
2356                         return -EINVAL;
2357                 }
2358
2359                 swap_key_from_BE(&key);
2360                 error = dev_wlc_ioctl(dev, WLC_SET_KEY, &key, sizeof(key));
2361                 if (error)
2362                         return error;
2363         }
2364
2365         val = (dwrq->flags & IW_ENCODE_DISABLED) ? 0 : WEP_ENABLED;
2366
2367         error = dev_wlc_intvar_get(dev, "wsec", &wsec);
2368         if (error)
2369                 return error;
2370
2371         wsec &= ~(WEP_ENABLED);
2372         wsec |= val;
2373
2374         error = dev_wlc_intvar_set(dev, "wsec", wsec);
2375         if (error)
2376                 return error;
2377
2378         val = (dwrq->flags & IW_ENCODE_RESTRICTED) ? 1 : 0;
2379         val = cpu_to_le32(val);
2380         error = dev_wlc_ioctl(dev, WLC_SET_AUTH, &val, sizeof(val));
2381         if (error)
2382                 return error;
2383
2384         return 0;
2385 }
2386
2387 static int
2388 wl_iw_get_encode(struct net_device *dev,
2389                  struct iw_request_info *info,
2390                  struct iw_point *dwrq, char *extra)
2391 {
2392         wl_wsec_key_t key;
2393         int error, val, wsec, auth;
2394
2395         WL_TRACE("%s: SIOCGIWENCODE\n", dev->name);
2396
2397         memset(&key, 0, sizeof(wl_wsec_key_t));
2398
2399         if ((dwrq->flags & IW_ENCODE_INDEX) == 0) {
2400                 for (key.index = 0; key.index < DOT11_MAX_DEFAULT_KEYS;
2401                      key.index++) {
2402                         val = key.index;
2403                         error = dev_wlc_ioctl(dev, WLC_GET_KEY_PRIMARY, &val,
2404                                                 sizeof(val));
2405                         if (error)
2406                                 return error;
2407                         val = le32_to_cpu(val);
2408                         if (val)
2409                                 break;
2410                 }
2411         } else
2412                 key.index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
2413
2414         if (key.index >= DOT11_MAX_DEFAULT_KEYS)
2415                 key.index = 0;
2416
2417         error = dev_wlc_ioctl(dev, WLC_GET_WSEC, &wsec, sizeof(wsec));
2418         if (error)
2419                 return error;
2420
2421         error = dev_wlc_ioctl(dev, WLC_GET_AUTH, &auth, sizeof(auth));
2422         if (error)
2423                 return error;
2424
2425         swap_key_to_BE(&key);
2426
2427         wsec = le32_to_cpu(wsec);
2428         auth = le32_to_cpu(auth);
2429         dwrq->length = min_t(u16, WLAN_MAX_KEY_LEN, key.len);
2430
2431         dwrq->flags = key.index + 1;
2432         if (!(wsec & (WEP_ENABLED | TKIP_ENABLED | AES_ENABLED)))
2433                 dwrq->flags |= IW_ENCODE_DISABLED;
2434
2435         if (auth)
2436                 dwrq->flags |= IW_ENCODE_RESTRICTED;
2437
2438         if (dwrq->length && extra)
2439                 memcpy(extra, key.data, dwrq->length);
2440
2441         return 0;
2442 }
2443
2444 static int
2445 wl_iw_set_power(struct net_device *dev,
2446                 struct iw_request_info *info,
2447                 struct iw_param *vwrq, char *extra)
2448 {
2449         int error, pm;
2450
2451         WL_TRACE("%s: SIOCSIWPOWER\n", dev->name);
2452
2453         pm = vwrq->disabled ? PM_OFF : PM_MAX;
2454
2455         pm = cpu_to_le32(pm);
2456         error = dev_wlc_ioctl(dev, WLC_SET_PM, &pm, sizeof(pm));
2457         if (error)
2458                 return error;
2459
2460         return 0;
2461 }
2462
2463 static int
2464 wl_iw_get_power(struct net_device *dev,
2465                 struct iw_request_info *info,
2466                 struct iw_param *vwrq, char *extra)
2467 {
2468         int error, pm;
2469
2470         WL_TRACE("%s: SIOCGIWPOWER\n", dev->name);
2471
2472         error = dev_wlc_ioctl(dev, WLC_GET_PM, &pm, sizeof(pm));
2473         if (error)
2474                 return error;
2475
2476         pm = le32_to_cpu(pm);
2477         vwrq->disabled = pm ? 0 : 1;
2478         vwrq->flags = IW_POWER_ALL_R;
2479
2480         return 0;
2481 }
2482
2483 #if WIRELESS_EXT > 17
2484 static int
2485 wl_iw_set_wpaie(struct net_device *dev,
2486                 struct iw_request_info *info, struct iw_point *iwp, char *extra)
2487 {
2488
2489         WL_TRACE("%s: SIOCSIWGENIE\n", dev->name);
2490
2491         CHECK_EXTRA_FOR_NULL(extra);
2492
2493         dev_wlc_bufvar_set(dev, "wpaie", extra, iwp->length);
2494
2495         return 0;
2496 }
2497
2498 static int
2499 wl_iw_get_wpaie(struct net_device *dev,
2500                 struct iw_request_info *info, struct iw_point *iwp, char *extra)
2501 {
2502         WL_TRACE("%s: SIOCGIWGENIE\n", dev->name);
2503         iwp->length = 64;
2504         dev_wlc_bufvar_get(dev, "wpaie", extra, iwp->length);
2505         return 0;
2506 }
2507
2508 static int
2509 wl_iw_set_encodeext(struct net_device *dev,
2510                     struct iw_request_info *info,
2511                     struct iw_point *dwrq, char *extra)
2512 {
2513         wl_wsec_key_t key;
2514         int error;
2515         struct iw_encode_ext *iwe;
2516
2517         WL_TRACE("%s: SIOCSIWENCODEEXT\n", dev->name);
2518
2519         CHECK_EXTRA_FOR_NULL(extra);
2520
2521         memset(&key, 0, sizeof(key));
2522         iwe = (struct iw_encode_ext *)extra;
2523
2524         if (dwrq->flags & IW_ENCODE_DISABLED) {
2525
2526         }
2527
2528         key.index = 0;
2529         if (dwrq->flags & IW_ENCODE_INDEX)
2530                 key.index = (dwrq->flags & IW_ENCODE_INDEX) - 1;
2531
2532         key.len = iwe->key_len;
2533
2534         if (!is_multicast_ether_addr(iwe->addr.sa_data))
2535                 memcpy(&key.ea, &iwe->addr.sa_data, ETH_ALEN);
2536
2537         if (key.len == 0) {
2538                 if (iwe->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
2539                         WL_WSEC("Changing the the primary Key to %d\n",
2540                                 key.index);
2541                         key.index = cpu_to_le32(key.index);
2542                         error = dev_wlc_ioctl(dev, WLC_SET_KEY_PRIMARY,
2543                                               &key.index, sizeof(key.index));
2544                         if (error)
2545                                 return error;
2546                 } else {
2547                         swap_key_from_BE(&key);
2548                         dev_wlc_ioctl(dev, WLC_SET_KEY, &key, sizeof(key));
2549                 }
2550         } else {
2551                 if (iwe->key_len > sizeof(key.data))
2552                         return -EINVAL;
2553
2554                 WL_WSEC("Setting the key index %d\n", key.index);
2555                 if (iwe->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
2556                         WL_WSEC("key is a Primary Key\n");
2557                         key.flags = WL_PRIMARY_KEY;
2558                 }
2559
2560                 memcpy(key.data, iwe->key, iwe->key_len);
2561
2562                 if (iwe->alg == IW_ENCODE_ALG_TKIP) {
2563                         u8 keybuf[8];
2564                         memcpy(keybuf, &key.data[24], sizeof(keybuf));
2565                         memcpy(&key.data[24], &key.data[16], sizeof(keybuf));
2566                         memcpy(&key.data[16], keybuf, sizeof(keybuf));
2567                 }
2568
2569                 if (iwe->ext_flags & IW_ENCODE_EXT_RX_SEQ_VALID) {
2570                         unsigned char *ivptr;
2571                         ivptr = (unsigned char *) iwe->rx_seq;
2572                         key.rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
2573                             (ivptr[3] << 8) | ivptr[2];
2574                         key.rxiv.lo = (ivptr[1] << 8) | ivptr[0];
2575                         key.iv_initialized = true;
2576                 }
2577
2578                 switch (iwe->alg) {
2579                 case IW_ENCODE_ALG_NONE:
2580                         key.algo = CRYPTO_ALGO_OFF;
2581                         break;
2582                 case IW_ENCODE_ALG_WEP:
2583                         if (iwe->key_len == WLAN_KEY_LEN_WEP40)
2584                                 key.algo = CRYPTO_ALGO_WEP1;
2585                         else
2586                                 key.algo = CRYPTO_ALGO_WEP128;
2587                         break;
2588                 case IW_ENCODE_ALG_TKIP:
2589                         key.algo = CRYPTO_ALGO_TKIP;
2590                         break;
2591                 case IW_ENCODE_ALG_CCMP:
2592                         key.algo = CRYPTO_ALGO_AES_CCM;
2593                         break;
2594                 default:
2595                         break;
2596                 }
2597                 swap_key_from_BE(&key);
2598
2599                 dhd_wait_pend8021x(dev);
2600
2601                 error = dev_wlc_ioctl(dev, WLC_SET_KEY, &key, sizeof(key));
2602                 if (error)
2603                         return error;
2604         }
2605         return 0;
2606 }
2607
2608 #if WIRELESS_EXT > 17
2609 struct {
2610         pmkid_list_t pmkids;
2611         pmkid_t foo[MAXPMKID - 1];
2612 } pmkid_list;
2613
2614 static int
2615 wl_iw_set_pmksa(struct net_device *dev,
2616                 struct iw_request_info *info,
2617                 struct iw_param *vwrq, char *extra)
2618 {
2619         struct iw_pmksa *iwpmksa;
2620         uint i;
2621         int ret = 0;
2622
2623         WL_WSEC("%s: SIOCSIWPMKSA\n", dev->name);
2624
2625         CHECK_EXTRA_FOR_NULL(extra);
2626
2627         iwpmksa = (struct iw_pmksa *)extra;
2628
2629         if (iwpmksa->cmd == IW_PMKSA_FLUSH) {
2630                 WL_WSEC("wl_iw_set_pmksa - IW_PMKSA_FLUSH\n");
2631                 memset((char *)&pmkid_list, 0, sizeof(pmkid_list));
2632         }
2633
2634         else if (iwpmksa->cmd == IW_PMKSA_REMOVE) {
2635                 {
2636                         pmkid_list_t pmkid, *pmkidptr;
2637                         uint j;
2638                         pmkidptr = &pmkid;
2639
2640                         memcpy(&pmkidptr->pmkid[0].BSSID,
2641                                &iwpmksa->bssid.sa_data[0],
2642                                ETH_ALEN);
2643                         memcpy(&pmkidptr->pmkid[0].PMKID,
2644                                &iwpmksa->pmkid[0],
2645                                WLAN_PMKID_LEN);
2646
2647                         WL_WSEC("wl_iw_set_pmksa:IW_PMKSA_REMOVE:PMKID: "
2648                                 "%pM = ", &pmkidptr->pmkid[0].BSSID);
2649                         for (j = 0; j < WLAN_PMKID_LEN; j++)
2650                                 WL_WSEC("%02x ", pmkidptr->pmkid[0].PMKID[j]);
2651                         WL_WSEC("\n");
2652                 }
2653
2654                 for (i = 0; i < pmkid_list.pmkids.npmkid; i++)
2655                         if (!memcmp
2656                             (&iwpmksa->bssid.sa_data[0],
2657                              &pmkid_list.pmkids.pmkid[i].BSSID, ETH_ALEN))
2658                                 break;
2659
2660                 if ((pmkid_list.pmkids.npmkid > 0)
2661                     && (i < pmkid_list.pmkids.npmkid)) {
2662                         memset(&pmkid_list.pmkids.pmkid[i], 0, sizeof(pmkid_t));
2663                         for (; i < (pmkid_list.pmkids.npmkid - 1); i++) {
2664                                 memcpy(&pmkid_list.pmkids.pmkid[i].BSSID,
2665                                        &pmkid_list.pmkids.pmkid[i + 1].BSSID,
2666                                        ETH_ALEN);
2667                                 memcpy(&pmkid_list.pmkids.pmkid[i].PMKID,
2668                                        &pmkid_list.pmkids.pmkid[i + 1].PMKID,
2669                                        WLAN_PMKID_LEN);
2670                         }
2671                         pmkid_list.pmkids.npmkid--;
2672                 } else
2673                         ret = -EINVAL;
2674         }
2675
2676         else if (iwpmksa->cmd == IW_PMKSA_ADD) {
2677                 for (i = 0; i < pmkid_list.pmkids.npmkid; i++)
2678                         if (!memcmp
2679                             (&iwpmksa->bssid.sa_data[0],
2680                              &pmkid_list.pmkids.pmkid[i].BSSID, ETH_ALEN))
2681                                 break;
2682                 if (i < MAXPMKID) {
2683                         memcpy(&pmkid_list.pmkids.pmkid[i].BSSID,
2684                                &iwpmksa->bssid.sa_data[0],
2685                                ETH_ALEN);
2686                         memcpy(&pmkid_list.pmkids.pmkid[i].PMKID,
2687                                &iwpmksa->pmkid[0],
2688                                WLAN_PMKID_LEN);
2689                         if (i == pmkid_list.pmkids.npmkid)
2690                                 pmkid_list.pmkids.npmkid++;
2691                 } else
2692                         ret = -EINVAL;
2693                 {
2694                         uint j;
2695                         uint k;
2696                         k = pmkid_list.pmkids.npmkid;
2697                         WL_WSEC("wl_iw_set_pmksa,IW_PMKSA_ADD - PMKID: %pM = ",
2698                                 &pmkid_list.pmkids.pmkid[k].BSSID);
2699                         for (j = 0; j < WLAN_PMKID_LEN; j++)
2700                                 WL_WSEC("%02x ",
2701                                         pmkid_list.pmkids.pmkid[k].PMKID[j]);
2702                         WL_WSEC("\n");
2703                 }
2704         }
2705         WL_WSEC("PRINTING pmkid LIST - No of elements %d\n",
2706                 pmkid_list.pmkids.npmkid);
2707         for (i = 0; i < pmkid_list.pmkids.npmkid; i++) {
2708                 uint j;
2709                 WL_WSEC("PMKID[%d]: %pM = ",
2710                         i, &pmkid_list.pmkids.pmkid[i].BSSID);
2711                 for (j = 0; j < WLAN_PMKID_LEN; j++)
2712                         WL_WSEC("%02x ", pmkid_list.pmkids.pmkid[i].PMKID[j]);
2713                 WL_WSEC("\n");
2714         }
2715         WL_WSEC("\n");
2716
2717         if (!ret)
2718                 ret = dev_wlc_bufvar_set(dev, "pmkid_info", (char *)&pmkid_list,
2719                                          sizeof(pmkid_list));
2720         return ret;
2721 }
2722 #endif                          /* WIRELESS_EXT > 17 */
2723
2724 static int
2725 wl_iw_get_encodeext(struct net_device *dev,
2726                     struct iw_request_info *info,
2727                     struct iw_param *vwrq, char *extra)
2728 {
2729         WL_TRACE("%s: SIOCGIWENCODEEXT\n", dev->name);
2730         return 0;
2731 }
2732
2733 static int
2734 wl_iw_set_wpaauth(struct net_device *dev,
2735                   struct iw_request_info *info,
2736                   struct iw_param *vwrq, char *extra)
2737 {
2738         int error = 0;
2739         int paramid;
2740         int paramval;
2741         int val = 0;
2742         wl_iw_t *iw = *(wl_iw_t **) netdev_priv(dev);
2743
2744         WL_TRACE("%s: SIOCSIWAUTH\n", dev->name);
2745
2746         paramid = vwrq->flags & IW_AUTH_INDEX;
2747         paramval = vwrq->value;
2748
2749         WL_TRACE("%s: SIOCSIWAUTH, paramid = 0x%0x, paramval = 0x%0x\n",
2750                  dev->name, paramid, paramval);
2751
2752         switch (paramid) {
2753         case IW_AUTH_WPA_VERSION:
2754                 if (paramval & IW_AUTH_WPA_VERSION_DISABLED)
2755                         val = WPA_AUTH_DISABLED;
2756                 else if (paramval & (IW_AUTH_WPA_VERSION_WPA))
2757                         val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
2758                 else if (paramval & IW_AUTH_WPA_VERSION_WPA2)
2759                         val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
2760                 WL_INFORM("%s: %d: setting wpa_auth to 0x%0x\n",
2761                           __func__, __LINE__, val);
2762                 error = dev_wlc_intvar_set(dev, "wpa_auth", val);
2763                 if (error)
2764                         return error;
2765                 break;
2766         case IW_AUTH_CIPHER_PAIRWISE:
2767         case IW_AUTH_CIPHER_GROUP:
2768                 if (paramval & (IW_AUTH_CIPHER_WEP40 | IW_AUTH_CIPHER_WEP104))
2769                         val = WEP_ENABLED;
2770                 if (paramval & IW_AUTH_CIPHER_TKIP)
2771                         val = TKIP_ENABLED;
2772                 if (paramval & IW_AUTH_CIPHER_CCMP)
2773                         val = AES_ENABLED;
2774
2775                 if (paramid == IW_AUTH_CIPHER_PAIRWISE) {
2776                         iw->pwsec = val;
2777                         val |= iw->gwsec;
2778                 } else {
2779                         iw->gwsec = val;
2780                         val |= iw->pwsec;
2781                 }
2782
2783                 if (iw->privacy_invoked && !val) {
2784                         WL_WSEC("%s: %s: 'Privacy invoked' true but clearing wsec, assuming we're a WPS enrollee\n",
2785                                 dev->name, __func__);
2786                         error = dev_wlc_intvar_set(dev, "is_WPS_enrollee",
2787                                                         true);
2788                         if (error) {
2789                                 WL_WSEC("Failed to set is_WPS_enrollee\n");
2790                                 return error;
2791                         }
2792                 } else if (val) {
2793                         error = dev_wlc_intvar_set(dev, "is_WPS_enrollee",
2794                                                         false);
2795                         if (error) {
2796                                 WL_WSEC("Failed to clear is_WPS_enrollee\n");
2797                                 return error;
2798                         }
2799                 }
2800
2801                 error = dev_wlc_intvar_set(dev, "wsec", val);
2802                 if (error)
2803                         return error;
2804
2805                 break;
2806
2807         case IW_AUTH_KEY_MGMT:
2808                 error = dev_wlc_intvar_get(dev, "wpa_auth", &val);
2809                 if (error)
2810                         return error;
2811
2812                 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
2813                         if (paramval & IW_AUTH_KEY_MGMT_PSK)
2814                                 val = WPA_AUTH_PSK;
2815                         else
2816                                 val = WPA_AUTH_UNSPECIFIED;
2817                 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
2818                         if (paramval & IW_AUTH_KEY_MGMT_PSK)
2819                                 val = WPA2_AUTH_PSK;
2820                         else
2821                                 val = WPA2_AUTH_UNSPECIFIED;
2822                 }
2823                 WL_INFORM("%s: %d: setting wpa_auth to %d\n",
2824                           __func__, __LINE__, val);
2825                 error = dev_wlc_intvar_set(dev, "wpa_auth", val);
2826                 if (error)
2827                         return error;
2828
2829                 break;
2830         case IW_AUTH_TKIP_COUNTERMEASURES:
2831                 dev_wlc_bufvar_set(dev, "tkip_countermeasures",
2832                                    (char *)&paramval, 1);
2833                 break;
2834
2835         case IW_AUTH_80211_AUTH_ALG:
2836                 WL_INFORM("Setting the D11auth %d\n", paramval);
2837                 if (paramval == IW_AUTH_ALG_OPEN_SYSTEM)
2838                         val = 0;
2839                 else if (paramval == IW_AUTH_ALG_SHARED_KEY)
2840                         val = 1;
2841                 else if (paramval ==
2842                          (IW_AUTH_ALG_OPEN_SYSTEM | IW_AUTH_ALG_SHARED_KEY))
2843                         val = 2;
2844                 else
2845                         error = 1;
2846                 if (!error) {
2847                         error = dev_wlc_intvar_set(dev, "auth", val);
2848                         if (error)
2849                                 return error;
2850                 }
2851                 break;
2852
2853         case IW_AUTH_WPA_ENABLED:
2854                 if (paramval == 0) {
2855                         iw->pwsec = 0;
2856                         iw->gwsec = 0;
2857                         error = dev_wlc_intvar_get(dev, "wsec", &val);
2858                         if (error)
2859                                 return error;
2860                         if (val & (TKIP_ENABLED | AES_ENABLED)) {
2861                                 val &= ~(TKIP_ENABLED | AES_ENABLED);
2862                                 dev_wlc_intvar_set(dev, "wsec", val);
2863                         }
2864                         val = 0;
2865                         WL_INFORM("%s: %d: setting wpa_auth to %d\n",
2866                                   __func__, __LINE__, val);
2867                         dev_wlc_intvar_set(dev, "wpa_auth", 0);
2868                         return error;
2869                 }
2870                 break;
2871
2872         case IW_AUTH_DROP_UNENCRYPTED:
2873                 dev_wlc_bufvar_set(dev, "wsec_restrict", (char *)&paramval, 1);
2874                 break;
2875
2876         case IW_AUTH_RX_UNENCRYPTED_EAPOL:
2877                 dev_wlc_bufvar_set(dev, "rx_unencrypted_eapol",
2878                                    (char *)&paramval, 1);
2879                 break;
2880
2881 #if WIRELESS_EXT > 17
2882         case IW_AUTH_ROAMING_CONTROL:
2883                 WL_INFORM("%s: IW_AUTH_ROAMING_CONTROL\n", __func__);
2884                 break;
2885         case IW_AUTH_PRIVACY_INVOKED:
2886                 {
2887                         int wsec;
2888
2889                         if (paramval == 0) {
2890                                 iw->privacy_invoked = false;
2891                                 error = dev_wlc_intvar_set(dev,
2892                                                 "is_WPS_enrollee", false);
2893                                 if (error) {
2894                                         WL_WSEC("Failed to clear iovar is_WPS_enrollee\n");
2895                                         return error;
2896                                 }
2897                         } else {
2898                                 iw->privacy_invoked = true;
2899                                 error = dev_wlc_intvar_get(dev, "wsec", &wsec);
2900                                 if (error)
2901                                         return error;
2902
2903                                 if (!(IW_WSEC_ENABLED(wsec))) {
2904                                         error = dev_wlc_intvar_set(dev,
2905                                                         "is_WPS_enrollee",
2906                                                         true);
2907                                         if (error) {
2908                                                 WL_WSEC("Failed to set iovar is_WPS_enrollee\n");
2909                                                 return error;
2910                                         }
2911                                 } else {
2912                                         error = dev_wlc_intvar_set(dev,
2913                                                         "is_WPS_enrollee",
2914                                                         false);
2915                                         if (error) {
2916                                                 WL_WSEC("Failed to clear is_WPS_enrollee\n");
2917                                                 return error;
2918                                         }
2919                                 }
2920                         }
2921                         break;
2922                 }
2923 #endif                          /* WIRELESS_EXT > 17 */
2924         default:
2925                 break;
2926         }
2927         return 0;
2928 }
2929
2930 #define VAL_PSK(_val) (((_val) & WPA_AUTH_PSK) || ((_val) & WPA2_AUTH_PSK))
2931
2932 static int
2933 wl_iw_get_wpaauth(struct net_device *dev,
2934                   struct iw_request_info *info,
2935                   struct iw_param *vwrq, char *extra)
2936 {
2937         int error;
2938         int paramid;
2939         int paramval = 0;
2940         int val;
2941         wl_iw_t *iw = *(wl_iw_t **) netdev_priv(dev);
2942
2943         WL_TRACE("%s: SIOCGIWAUTH\n", dev->name);
2944
2945         paramid = vwrq->flags & IW_AUTH_INDEX;
2946
2947         switch (paramid) {
2948         case IW_AUTH_WPA_VERSION:
2949                 error = dev_wlc_intvar_get(dev, "wpa_auth", &val);
2950                 if (error)
2951                         return error;
2952                 if (val & (WPA_AUTH_NONE | WPA_AUTH_DISABLED))
2953                         paramval = IW_AUTH_WPA_VERSION_DISABLED;
2954                 else if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED))
2955                         paramval = IW_AUTH_WPA_VERSION_WPA;
2956                 else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED))
2957                         paramval = IW_AUTH_WPA_VERSION_WPA2;
2958                 break;
2959         case IW_AUTH_CIPHER_PAIRWISE:
2960         case IW_AUTH_CIPHER_GROUP:
2961                 if (paramid == IW_AUTH_CIPHER_PAIRWISE)
2962                         val = iw->pwsec;
2963                 else
2964                         val = iw->gwsec;
2965
2966                 paramval = 0;
2967                 if (val) {
2968                         if (val & WEP_ENABLED)
2969                                 paramval |=
2970                                     (IW_AUTH_CIPHER_WEP40 |
2971                                      IW_AUTH_CIPHER_WEP104);
2972                         if (val & TKIP_ENABLED)
2973                                 paramval |= (IW_AUTH_CIPHER_TKIP);
2974                         if (val & AES_ENABLED)
2975                                 paramval |= (IW_AUTH_CIPHER_CCMP);
2976                 } else
2977                         paramval = IW_AUTH_CIPHER_NONE;
2978                 break;
2979         case IW_AUTH_KEY_MGMT:
2980                 error = dev_wlc_intvar_get(dev, "wpa_auth", &val);
2981                 if (error)
2982                         return error;
2983                 if (VAL_PSK(val))
2984                         paramval = IW_AUTH_KEY_MGMT_PSK;
2985                 else
2986                         paramval = IW_AUTH_KEY_MGMT_802_1X;
2987
2988                 break;
2989         case IW_AUTH_TKIP_COUNTERMEASURES:
2990                 dev_wlc_bufvar_get(dev, "tkip_countermeasures",
2991                                    (char *)&paramval, 1);
2992                 break;
2993
2994         case IW_AUTH_DROP_UNENCRYPTED:
2995                 dev_wlc_bufvar_get(dev, "wsec_restrict", (char *)&paramval, 1);
2996                 break;
2997
2998         case IW_AUTH_RX_UNENCRYPTED_EAPOL:
2999                 dev_wlc_bufvar_get(dev, "rx_unencrypted_eapol",
3000                                    (char *)&paramval, 1);
3001                 break;
3002
3003         case IW_AUTH_80211_AUTH_ALG:
3004                 error = dev_wlc_intvar_get(dev, "auth", &val);
3005                 if (error)
3006                         return error;
3007                 if (!val)
3008                         paramval = IW_AUTH_ALG_OPEN_SYSTEM;
3009                 else
3010                         paramval = IW_AUTH_ALG_SHARED_KEY;
3011                 break;
3012         case IW_AUTH_WPA_ENABLED:
3013                 error = dev_wlc_intvar_get(dev, "wpa_auth", &val);
3014                 if (error)
3015                         return error;
3016                 if (val)
3017                         paramval = true;
3018                 else
3019                         paramval = false;
3020                 break;
3021 #if WIRELESS_EXT > 17
3022         case IW_AUTH_ROAMING_CONTROL:
3023                 WL_ERROR("%s: IW_AUTH_ROAMING_CONTROL\n", __func__);
3024                 break;
3025         case IW_AUTH_PRIVACY_INVOKED:
3026                 paramval = iw->privacy_invoked;
3027                 break;
3028
3029 #endif
3030         }
3031         vwrq->value = paramval;
3032         return 0;
3033 }
3034 #endif                          /* WIRELESS_EXT > 17 */
3035
3036 static const iw_handler wl_iw_handler[] = {
3037         (iw_handler) wl_iw_config_commit,
3038         (iw_handler) wl_iw_get_name,
3039         (iw_handler) NULL,
3040         (iw_handler) NULL,
3041         (iw_handler) wl_iw_set_freq,
3042         (iw_handler) wl_iw_get_freq,
3043         (iw_handler) wl_iw_set_mode,
3044         (iw_handler) wl_iw_get_mode,
3045         (iw_handler) NULL,
3046         (iw_handler) NULL,
3047         (iw_handler) NULL,
3048         (iw_handler) wl_iw_get_range,
3049         (iw_handler) NULL,
3050         (iw_handler) NULL,
3051         (iw_handler) NULL,
3052         (iw_handler) NULL,
3053         (iw_handler) wl_iw_set_spy,
3054         (iw_handler) wl_iw_get_spy,
3055         (iw_handler) NULL,
3056         (iw_handler) NULL,
3057         (iw_handler) wl_iw_set_wap,
3058         (iw_handler) wl_iw_get_wap,
3059 #if WIRELESS_EXT > 17
3060         (iw_handler) wl_iw_mlme,
3061 #else
3062         (iw_handler) NULL,
3063 #endif
3064 #if defined(WL_IW_USE_ISCAN)
3065         (iw_handler) wl_iw_iscan_get_aplist,
3066 #else
3067         (iw_handler) wl_iw_get_aplist,
3068 #endif
3069 #if WIRELESS_EXT > 13
3070 #if defined(WL_IW_USE_ISCAN)
3071         (iw_handler) wl_iw_iscan_set_scan,
3072         (iw_handler) wl_iw_iscan_get_scan,
3073 #else
3074         (iw_handler) wl_iw_set_scan,
3075         (iw_handler) wl_iw_get_scan,
3076 #endif
3077 #else
3078         (iw_handler) NULL,
3079         (iw_handler) NULL,
3080 #endif                          /* WIRELESS_EXT > 13 */
3081         (iw_handler) wl_iw_set_essid,
3082         (iw_handler) wl_iw_get_essid,
3083         (iw_handler) wl_iw_set_nick,
3084         (iw_handler) wl_iw_get_nick,
3085         (iw_handler) NULL,
3086         (iw_handler) NULL,
3087         (iw_handler) wl_iw_set_rate,
3088         (iw_handler) wl_iw_get_rate,
3089         (iw_handler) wl_iw_set_rts,
3090         (iw_handler) wl_iw_get_rts,
3091         (iw_handler) wl_iw_set_frag,
3092         (iw_handler) wl_iw_get_frag,
3093         (iw_handler) wl_iw_set_txpow,
3094         (iw_handler) wl_iw_get_txpow,
3095 #if WIRELESS_EXT > 10
3096         (iw_handler) wl_iw_set_retry,
3097         (iw_handler) wl_iw_get_retry,
3098 #endif
3099         (iw_handler) wl_iw_set_encode,
3100         (iw_handler) wl_iw_get_encode,
3101         (iw_handler) wl_iw_set_power,
3102         (iw_handler) wl_iw_get_power,
3103 #if WIRELESS_EXT > 17
3104         (iw_handler) NULL,
3105         (iw_handler) NULL,
3106         (iw_handler) wl_iw_set_wpaie,
3107         (iw_handler) wl_iw_get_wpaie,
3108         (iw_handler) wl_iw_set_wpaauth,
3109         (iw_handler) wl_iw_get_wpaauth,
3110         (iw_handler) wl_iw_set_encodeext,
3111         (iw_handler) wl_iw_get_encodeext,
3112         (iw_handler) wl_iw_set_pmksa,
3113 #endif                          /* WIRELESS_EXT > 17 */
3114 };
3115
3116 #if WIRELESS_EXT > 12
3117
3118 const struct iw_handler_def wl_iw_handler_def = {
3119         .num_standard = ARRAY_SIZE(wl_iw_handler),
3120         .standard = (iw_handler *) wl_iw_handler,
3121         .num_private = 0,
3122         .num_private_args = 0,
3123         .private = 0,
3124         .private_args = 0,
3125
3126 #if WIRELESS_EXT >= 19
3127         .get_wireless_stats = NULL,
3128 #endif
3129 };
3130 #endif                          /* WIRELESS_EXT > 12 */
3131
3132 int wl_iw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
3133 {
3134         struct iwreq *wrq = (struct iwreq *)rq;
3135         struct iw_request_info info;
3136         iw_handler handler;
3137         char *extra = NULL;
3138         int token_size = 1, max_tokens = 0, ret = 0;
3139
3140         WL_TRACE("\n%s, cmd:%x alled via dhd->do_ioctl()entry point\n",
3141                  __func__, cmd);
3142         if (cmd < SIOCIWFIRST ||
3143                 IW_IOCTL_IDX(cmd) >= ARRAY_SIZE(wl_iw_handler)) {
3144                 WL_ERROR("%s: error in cmd=%x : out of range\n",
3145                          __func__, cmd);
3146                 return -EOPNOTSUPP;
3147         }
3148
3149         handler = wl_iw_handler[IW_IOCTL_IDX(cmd)];
3150         if (!handler) {
3151                 WL_ERROR("%s: error in cmd=%x : not supported\n",
3152                          __func__, cmd);
3153                 return -EOPNOTSUPP;
3154         }
3155
3156         switch (cmd) {
3157
3158         case SIOCSIWESSID:
3159         case SIOCGIWESSID:
3160         case SIOCSIWNICKN:
3161         case SIOCGIWNICKN:
3162                 max_tokens = IW_ESSID_MAX_SIZE + 1;
3163                 break;
3164
3165         case SIOCSIWENCODE:
3166         case SIOCGIWENCODE:
3167 #if WIRELESS_EXT > 17
3168         case SIOCSIWENCODEEXT:
3169         case SIOCGIWENCODEEXT:
3170 #endif
3171                 max_tokens = wrq->u.data.length;
3172                 break;
3173
3174         case SIOCGIWRANGE:
3175                 max_tokens = sizeof(struct iw_range) + 500;
3176                 break;
3177
3178         case SIOCGIWAPLIST:
3179                 token_size =
3180                     sizeof(struct sockaddr) + sizeof(struct iw_quality);
3181                 max_tokens = IW_MAX_AP;
3182                 break;
3183
3184 #if WIRELESS_EXT > 13
3185         case SIOCGIWSCAN:
3186 #if defined(WL_IW_USE_ISCAN)
3187                 if (g_iscan)
3188                         max_tokens = wrq->u.data.length;
3189                 else
3190 #endif
3191                         max_tokens = IW_SCAN_MAX_DATA;
3192                 break;
3193 #endif                          /* WIRELESS_EXT > 13 */
3194
3195         case SIOCSIWSPY:
3196                 token_size = sizeof(struct sockaddr);
3197                 max_tokens = IW_MAX_SPY;
3198                 break;
3199
3200         case SIOCGIWSPY:
3201                 token_size =
3202                     sizeof(struct sockaddr) + sizeof(struct iw_quality);
3203                 max_tokens = IW_MAX_SPY;
3204                 break;
3205
3206 #if WIRELESS_EXT > 17
3207         case SIOCSIWPMKSA:
3208         case SIOCSIWGENIE:
3209 #endif
3210         case SIOCSIWPRIV:
3211                 max_tokens = wrq->u.data.length;
3212                 break;
3213         }
3214
3215         if (max_tokens && wrq->u.data.pointer) {
3216                 if (wrq->u.data.length > max_tokens) {
3217                         WL_ERROR("%s: error in cmd=%x wrq->u.data.length=%d > max_tokens=%d\n",
3218                                  __func__, cmd, wrq->u.data.length, max_tokens);
3219                         return -E2BIG;
3220                 }
3221                 extra = kmalloc(max_tokens * token_size, GFP_KERNEL);
3222                 if (!extra)
3223                         return -ENOMEM;
3224
3225                 if (copy_from_user
3226                     (extra, wrq->u.data.pointer,
3227                      wrq->u.data.length * token_size)) {
3228                         kfree(extra);
3229                         return -EFAULT;
3230                 }
3231         }
3232
3233         info.cmd = cmd;
3234         info.flags = 0;
3235
3236         ret = handler(dev, &info, &wrq->u, extra);
3237
3238         if (extra) {
3239                 if (copy_to_user
3240                     (wrq->u.data.pointer, extra,
3241                      wrq->u.data.length * token_size)) {
3242                         kfree(extra);
3243                         return -EFAULT;
3244                 }
3245
3246                 kfree(extra);
3247         }
3248
3249         return ret;
3250 }
3251
3252 bool
3253 wl_iw_conn_status_str(u32 event_type, u32 status, u32 reason,
3254                       char *stringBuf, uint buflen)
3255 {
3256         typedef struct conn_fail_event_map_t {
3257                 u32 inEvent;
3258                 u32 inStatus;
3259                 u32 inReason;
3260                 const char *outName;
3261                 const char *outCause;
3262         } conn_fail_event_map_t;
3263
3264 #define WL_IW_DONT_CARE 9999
3265         const conn_fail_event_map_t event_map[] = {
3266                 {WLC_E_SET_SSID, WLC_E_STATUS_SUCCESS, WL_IW_DONT_CARE,
3267                  "Conn", "Success"},
3268                 {WLC_E_SET_SSID, WLC_E_STATUS_NO_NETWORKS, WL_IW_DONT_CARE,
3269                  "Conn", "NoNetworks"},
3270                 {WLC_E_SET_SSID, WLC_E_STATUS_FAIL, WL_IW_DONT_CARE,
3271                  "Conn", "ConfigMismatch"},
3272                 {WLC_E_PRUNE, WL_IW_DONT_CARE, WLC_E_PRUNE_ENCR_MISMATCH,
3273                  "Conn", "EncrypMismatch"},
3274                 {WLC_E_PRUNE, WL_IW_DONT_CARE, WLC_E_RSN_MISMATCH,
3275                  "Conn", "RsnMismatch"},
3276                 {WLC_E_AUTH, WLC_E_STATUS_TIMEOUT, WL_IW_DONT_CARE,
3277                  "Conn", "AuthTimeout"},
3278                 {WLC_E_AUTH, WLC_E_STATUS_FAIL, WL_IW_DONT_CARE,
3279                  "Conn", "AuthFail"},
3280                 {WLC_E_AUTH, WLC_E_STATUS_NO_ACK, WL_IW_DONT_CARE,
3281                  "Conn", "AuthNoAck"},
3282                 {WLC_E_REASSOC, WLC_E_STATUS_FAIL, WL_IW_DONT_CARE,
3283                  "Conn", "ReassocFail"},
3284                 {WLC_E_REASSOC, WLC_E_STATUS_TIMEOUT, WL_IW_DONT_CARE,
3285                  "Conn", "ReassocTimeout"},
3286                 {WLC_E_REASSOC, WLC_E_STATUS_ABORT, WL_IW_DONT_CARE,
3287                  "Conn", "ReassocAbort"},
3288                 {WLC_E_PSK_SUP, WLC_SUP_KEYED, WL_IW_DONT_CARE,
3289                  "Sup", "ConnSuccess"},
3290                 {WLC_E_PSK_SUP, WL_IW_DONT_CARE, WL_IW_DONT_CARE,
3291                  "Sup", "WpaHandshakeFail"},
3292                 {WLC_E_DEAUTH_IND, WL_IW_DONT_CARE, WL_IW_DONT_CARE,
3293                  "Conn", "Deauth"},
3294                 {WLC_E_DISASSOC_IND, WL_IW_DONT_CARE, WL_IW_DONT_CARE,
3295                  "Conn", "DisassocInd"},
3296                 {WLC_E_DISASSOC, WL_IW_DONT_CARE, WL_IW_DONT_CARE,
3297                  "Conn", "Disassoc"}
3298         };
3299
3300         const char *name = "";
3301         const char *cause = NULL;
3302         int i;
3303
3304         for (i = 0; i < sizeof(event_map) / sizeof(event_map[0]); i++) {
3305                 const conn_fail_event_map_t *row = &event_map[i];
3306                 if (row->inEvent == event_type &&
3307                     (row->inStatus == status
3308                      || row->inStatus == WL_IW_DONT_CARE)
3309                     && (row->inReason == reason
3310                         || row->inReason == WL_IW_DONT_CARE)) {
3311                         name = row->outName;
3312                         cause = row->outCause;
3313                         break;
3314                 }
3315         }
3316
3317         if (cause) {
3318                 memset(stringBuf, 0, buflen);
3319                 snprintf(stringBuf, buflen, "%s %s %02d %02d",
3320                          name, cause, status, reason);
3321                 WL_INFORM("Connection status: %s\n", stringBuf);
3322                 return true;
3323         } else {
3324                 return false;
3325         }
3326 }
3327
3328 #if WIRELESS_EXT > 14
3329
3330 static bool
3331 wl_iw_check_conn_fail(wl_event_msg_t *e, char *stringBuf, uint buflen)
3332 {
3333         u32 event = be32_to_cpu(e->event_type);
3334         u32 status = be32_to_cpu(e->status);
3335         u32 reason = be32_to_cpu(e->reason);
3336
3337         if (wl_iw_conn_status_str(event, status, reason, stringBuf, buflen)) {
3338                 return true;
3339         } else
3340                 return false;
3341 }
3342 #endif
3343
3344 #ifndef IW_CUSTOM_MAX
3345 #define IW_CUSTOM_MAX 256
3346 #endif
3347
3348 void wl_iw_event(struct net_device *dev, wl_event_msg_t *e, void *data)
3349 {
3350 #if WIRELESS_EXT > 13
3351         union iwreq_data wrqu;
3352         char extra[IW_CUSTOM_MAX + 1];
3353         int cmd = 0;
3354         u32 event_type = be32_to_cpu(e->event_type);
3355         u16 flags = be16_to_cpu(e->flags);
3356         u32 datalen = be32_to_cpu(e->datalen);
3357         u32 status = be32_to_cpu(e->status);
3358         wl_iw_t *iw;
3359         u32 toto;
3360         memset(&wrqu, 0, sizeof(wrqu));
3361         memset(extra, 0, sizeof(extra));
3362         iw = 0;
3363
3364         if (!dev) {
3365                 WL_ERROR("%s: dev is null\n", __func__);
3366                 return;
3367         }
3368
3369         iw = *(wl_iw_t **) netdev_priv(dev);
3370
3371         WL_TRACE("%s: dev=%s event=%d\n", __func__, dev->name, event_type);
3372
3373         switch (event_type) {
3374         case WLC_E_TXFAIL:
3375                 cmd = IWEVTXDROP;
3376                 memcpy(wrqu.addr.sa_data, &e->addr, ETH_ALEN);
3377                 wrqu.addr.sa_family = ARPHRD_ETHER;
3378                 break;
3379 #if WIRELESS_EXT > 14
3380         case WLC_E_JOIN:
3381         case WLC_E_ASSOC_IND:
3382         case WLC_E_REASSOC_IND:
3383                 memcpy(wrqu.addr.sa_data, &e->addr, ETH_ALEN);
3384                 wrqu.addr.sa_family = ARPHRD_ETHER;
3385                 cmd = IWEVREGISTERED;
3386                 break;
3387         case WLC_E_DEAUTH_IND:
3388         case WLC_E_DISASSOC_IND:
3389                 cmd = SIOCGIWAP;
3390                 memset(wrqu.addr.sa_data, 0, ETH_ALEN);
3391                 wrqu.addr.sa_family = ARPHRD_ETHER;
3392                 memset(&extra, 0, ETH_ALEN);
3393                 break;
3394         case WLC_E_LINK:
3395         case WLC_E_NDIS_LINK:
3396                 cmd = SIOCGIWAP;
3397                 if (!(flags & WLC_EVENT_MSG_LINK)) {
3398                         memset(wrqu.addr.sa_data, 0, ETH_ALEN);
3399                         memset(&extra, 0, ETH_ALEN);
3400                 } else {
3401                         memcpy(wrqu.addr.sa_data, &e->addr, ETH_ALEN);
3402                         WL_TRACE("Link UP\n");
3403
3404                 }
3405                 wrqu.addr.sa_family = ARPHRD_ETHER;
3406                 break;
3407         case WLC_E_ACTION_FRAME:
3408                 cmd = IWEVCUSTOM;
3409                 if (datalen + 1 <= sizeof(extra)) {
3410                         wrqu.data.length = datalen + 1;
3411                         extra[0] = WLC_E_ACTION_FRAME;
3412                         memcpy(&extra[1], data, datalen);
3413                         WL_TRACE("WLC_E_ACTION_FRAME len %d\n",
3414                                  wrqu.data.length);
3415                 }
3416                 break;
3417
3418         case WLC_E_ACTION_FRAME_COMPLETE:
3419                 cmd = IWEVCUSTOM;
3420                 memcpy(&toto, data, 4);
3421                 if (sizeof(status) + 1 <= sizeof(extra)) {
3422                         wrqu.data.length = sizeof(status) + 1;
3423                         extra[0] = WLC_E_ACTION_FRAME_COMPLETE;
3424                         memcpy(&extra[1], &status, sizeof(status));
3425                         WL_TRACE("wl_iw_event status %d PacketId %d\n", status,
3426                                  toto);
3427                         WL_TRACE("WLC_E_ACTION_FRAME_COMPLETE len %d\n",
3428                                  wrqu.data.length);
3429                 }
3430                 break;
3431 #endif                          /* WIRELESS_EXT > 14 */
3432 #if WIRELESS_EXT > 17
3433         case WLC_E_MIC_ERROR:
3434                 {
3435                         struct iw_michaelmicfailure *micerrevt =
3436                             (struct iw_michaelmicfailure *)&extra;
3437                         cmd = IWEVMICHAELMICFAILURE;
3438                         wrqu.data.length = sizeof(struct iw_michaelmicfailure);
3439                         if (flags & WLC_EVENT_MSG_GROUP)
3440                                 micerrevt->flags |= IW_MICFAILURE_GROUP;
3441                         else
3442                                 micerrevt->flags |= IW_MICFAILURE_PAIRWISE;
3443                         memcpy(micerrevt->src_addr.sa_data, &e->addr,
3444                                ETH_ALEN);
3445                         micerrevt->src_addr.sa_family = ARPHRD_ETHER;
3446
3447                         break;
3448                 }
3449         case WLC_E_PMKID_CACHE:
3450                 {
3451                         if (data) {
3452                                 struct iw_pmkid_cand *iwpmkidcand =
3453                                     (struct iw_pmkid_cand *)&extra;
3454                                 pmkid_cand_list_t *pmkcandlist;
3455                                 pmkid_cand_t *pmkidcand;
3456                                 int count;
3457
3458                                 cmd = IWEVPMKIDCAND;
3459                                 pmkcandlist = data;
3460                                 count = get_unaligned_be32(&pmkcandlist->
3461                                                            npmkid_cand);
3462                                 ASSERT(count >= 0);
3463                                 wrqu.data.length = sizeof(struct iw_pmkid_cand);
3464                                 pmkidcand = pmkcandlist->pmkid_cand;
3465                                 while (count) {
3466                                         memset(iwpmkidcand, 0,
3467                                               sizeof(struct iw_pmkid_cand));
3468                                         if (pmkidcand->preauth)
3469                                                 iwpmkidcand->flags |=
3470                                                     IW_PMKID_CAND_PREAUTH;
3471                                         memcpy(&iwpmkidcand->bssid.sa_data,
3472                                                &pmkidcand->BSSID,
3473                                                ETH_ALEN);
3474 #ifndef SANDGATE2G
3475                                         wireless_send_event(dev, cmd, &wrqu,
3476                                                             extra);
3477 #endif
3478                                         pmkidcand++;
3479                                         count--;
3480                                 }
3481                         }
3482                         return;
3483                 }
3484 #endif                          /* WIRELESS_EXT > 17 */
3485
3486         case WLC_E_SCAN_COMPLETE:
3487 #if defined(WL_IW_USE_ISCAN)
3488                 if ((g_iscan) && (g_iscan->sysioc_tsk) &&
3489                     (g_iscan->iscan_state != ISCAN_STATE_IDLE)) {
3490                         up(&g_iscan->sysioc_sem);
3491                 } else {
3492                         cmd = SIOCGIWSCAN;
3493                         wrqu.data.length = strlen(extra);
3494                         WL_TRACE("Event WLC_E_SCAN_COMPLETE from specific scan %d\n",
3495                                  g_iscan->iscan_state);
3496                 }
3497 #else
3498                 cmd = SIOCGIWSCAN;
3499                 wrqu.data.length = strlen(extra);
3500                 WL_TRACE("Event WLC_E_SCAN_COMPLETE\n");
3501 #endif
3502                 break;
3503
3504         case WLC_E_PFN_NET_FOUND:
3505                 {
3506                         wlc_ssid_t *ssid;
3507                         ssid = (wlc_ssid_t *) data;
3508                         WL_ERROR("%s Event WLC_E_PFN_NET_FOUND, send %s up : find %s len=%d\n",
3509                                  __func__, PNO_EVENT_UP,
3510                                  ssid->SSID, ssid->SSID_len);
3511                         cmd = IWEVCUSTOM;
3512                         memset(&wrqu, 0, sizeof(wrqu));
3513                         strcpy(extra, PNO_EVENT_UP);
3514                         wrqu.data.length = strlen(extra);
3515                 }
3516                 break;
3517
3518         default:
3519                 WL_TRACE("Unknown Event %d: ignoring\n", event_type);
3520                 break;
3521         }
3522 #ifndef SANDGATE2G
3523         if (cmd) {
3524                 if (cmd == SIOCGIWSCAN)
3525                         wireless_send_event(dev, cmd, &wrqu, NULL);
3526                 else
3527                         wireless_send_event(dev, cmd, &wrqu, extra);
3528         }
3529 #endif
3530
3531 #if WIRELESS_EXT > 14
3532         memset(extra, 0, sizeof(extra));
3533         if (wl_iw_check_conn_fail(e, extra, sizeof(extra))) {
3534                 cmd = IWEVCUSTOM;
3535                 wrqu.data.length = strlen(extra);
3536 #ifndef SANDGATE2G
3537                 wireless_send_event(dev, cmd, &wrqu, extra);
3538 #endif
3539         }
3540 #endif                          /* WIRELESS_EXT > 14 */
3541 #endif                          /* WIRELESS_EXT > 13 */
3542 }
3543
3544 int wl_iw_attach(struct net_device *dev, void *dhdp)
3545 {
3546         int params_size;
3547         wl_iw_t *iw;
3548 #if defined(WL_IW_USE_ISCAN)
3549         iscan_info_t *iscan = NULL;
3550
3551         if (!dev)
3552                 return 0;
3553
3554         memset(&g_wl_iw_params, 0, sizeof(wl_iw_extra_params_t));
3555
3556 #ifdef CSCAN
3557         params_size =
3558             (WL_SCAN_PARAMS_FIXED_SIZE + offsetof(wl_iscan_params_t, params)) +
3559             (WL_NUMCHANNELS * sizeof(u16)) +
3560             WL_SCAN_PARAMS_SSID_MAX * sizeof(wlc_ssid_t);
3561 #else
3562         params_size =
3563             (WL_SCAN_PARAMS_FIXED_SIZE + offsetof(wl_iscan_params_t, params));
3564 #endif
3565         iscan = kzalloc(sizeof(iscan_info_t), GFP_KERNEL);
3566
3567         if (!iscan)
3568                 return -ENOMEM;
3569
3570         iscan->iscan_ex_params_p = kmalloc(params_size, GFP_KERNEL);
3571         if (!iscan->iscan_ex_params_p) {
3572                 kfree(iscan);
3573                 return -ENOMEM;
3574         }
3575         iscan->iscan_ex_param_size = params_size;
3576         iscan->sysioc_tsk = NULL;
3577
3578         g_iscan = iscan;
3579         iscan->dev = dev;
3580         iscan->iscan_state = ISCAN_STATE_IDLE;
3581
3582         iscan->timer_ms = 3000;
3583         init_timer(&iscan->timer);
3584         iscan->timer.data = (unsigned long) iscan;
3585         iscan->timer.function = wl_iw_timerfunc;
3586
3587         sema_init(&iscan->sysioc_sem, 0);
3588         iscan->sysioc_tsk = kthread_run(_iscan_sysioc_thread, iscan,
3589                                         "_iscan_sysioc");
3590         if (IS_ERR(iscan->sysioc_tsk)) {
3591                 iscan->sysioc_tsk = NULL;
3592                 return -ENOMEM;
3593         }
3594 #endif                          /* defined(WL_IW_USE_ISCAN) */
3595
3596         iw = *(wl_iw_t **) netdev_priv(dev);
3597         iw->pub = (dhd_pub_t *) dhdp;
3598         MUTEX_LOCK_INIT(iw->pub);
3599         MUTEX_LOCK_WL_SCAN_SET_INIT();
3600 #ifdef SOFTAP
3601         priv_dev = dev;
3602         MUTEX_LOCK_SOFTAP_SET_INIT(iw->pub);
3603 #endif
3604         g_scan = kzalloc(G_SCAN_RESULTS, GFP_KERNEL);
3605         if (!g_scan)
3606                 return -ENOMEM;
3607
3608         g_scan_specified_ssid = 0;
3609
3610         return 0;
3611 }
3612
3613 void wl_iw_detach(void)
3614 {
3615 #if defined(WL_IW_USE_ISCAN)
3616         iscan_buf_t *buf;
3617         iscan_info_t *iscan = g_iscan;
3618
3619         if (!iscan)
3620                 return;
3621         if (iscan->sysioc_tsk) {
3622                 send_sig(SIGTERM, iscan->sysioc_tsk, 1);
3623                 kthread_stop(iscan->sysioc_tsk);
3624                 iscan->sysioc_tsk = NULL;
3625         }
3626
3627         MUTEX_LOCK_WL_SCAN_SET();
3628         while (iscan->list_hdr) {
3629                 buf = iscan->list_hdr->next;
3630                 kfree(iscan->list_hdr);
3631                 iscan->list_hdr = buf;
3632         }
3633         MUTEX_UNLOCK_WL_SCAN_SET();
3634         kfree(iscan->iscan_ex_params_p);
3635         kfree(iscan);
3636         g_iscan = NULL;
3637 #endif                          /* WL_IW_USE_ISCAN */
3638
3639         kfree(g_scan);
3640
3641         g_scan = NULL;
3642 }
3643
3644 #if defined(BCMDBG)
3645 void osl_assert(char *exp, char *file, int line)
3646 {
3647         char tempbuf[256];
3648         char *basename;
3649
3650         basename = strrchr(file, '/');
3651         /* skip the '/' */
3652         if (basename)
3653                 basename++;
3654
3655         if (!basename)
3656                 basename = file;
3657
3658         snprintf(tempbuf, 256,
3659                  "assertion \"%s\" failed: file \"%s\", line %d\n", exp,
3660                  basename, line);
3661
3662         /*
3663          * Print assert message and give it time to
3664          * be written to /var/log/messages
3665          */
3666         if (!in_interrupt()) {
3667                 const int delay = 3;
3668                 printk(KERN_ERR "%s", tempbuf);
3669                 printk(KERN_ERR "panic in %d seconds\n", delay);
3670                 set_current_state(TASK_INTERRUPTIBLE);
3671                 schedule_timeout(delay * HZ);
3672         }
3673
3674         switch (g_assert_type) {
3675         case 0:
3676                 panic(KERN_ERR "%s", tempbuf);
3677                 break;
3678         case 1:
3679                 printk(KERN_ERR "%s", tempbuf);
3680                 BUG();
3681                 break;
3682         case 2:
3683                 printk(KERN_ERR "%s", tempbuf);
3684                 break;
3685         default:
3686                 break;
3687         }
3688 }
3689 #endif                          /* defined(BCMDBG) */