drivers/net/wireless/rndis_wlan.c at v2.6.39-rc2

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / net / wireless / rndis_wlan.c
at v2.6.39-rc2 3774 lines 104 kB view raw
wrap content
   1/*
   2 * Driver for RNDIS based wireless USB devices.
   3 *
   4 * Copyright (C) 2007 by Bjorge Dijkstra <bjd@jooz.net>
   5 * Copyright (C) 2008-2009 by Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
   6 *
   7 * This program is free software; you can redistribute it and/or modify
   8 * it under the terms of the GNU General Public License as published by
   9 * the Free Software Foundation; either version 2 of the License, or
  10 * (at your option) any later version.
  11 *
  12 * This program is distributed in the hope that it will be useful,
  13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15 * GNU General Public License for more details.
  16 *
  17 * You should have received a copy of the GNU General Public License
  18 * along with this program; if not, write to the Free Software
  19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  20 *
  21 *  Portions of this file are based on NDISwrapper project,
  22 *  Copyright (C) 2003-2005 Pontus Fuchs, Giridhar Pemmasani
  23 *  http://ndiswrapper.sourceforge.net/
  24 */
  25
  26// #define	DEBUG			// error path messages, extra info
  27// #define	VERBOSE			// more; success messages
  28
  29#include <linux/module.h>
  30#include <linux/init.h>
  31#include <linux/netdevice.h>
  32#include <linux/etherdevice.h>
  33#include <linux/ethtool.h>
  34#include <linux/workqueue.h>
  35#include <linux/mutex.h>
  36#include <linux/mii.h>
  37#include <linux/usb.h>
  38#include <linux/usb/cdc.h>
  39#include <linux/wireless.h>
  40#include <linux/ieee80211.h>
  41#include <linux/if_arp.h>
  42#include <linux/ctype.h>
  43#include <linux/spinlock.h>
  44#include <linux/slab.h>
  45#include <net/iw_handler.h>
  46#include <net/cfg80211.h>
  47#include <linux/usb/usbnet.h>
  48#include <linux/usb/rndis_host.h>
  49
  50
  51/* NOTE: All these are settings for Broadcom chipset */
  52static char modparam_country[4] = "EU";
  53module_param_string(country, modparam_country, 4, 0444);
  54MODULE_PARM_DESC(country, "Country code (ISO 3166-1 alpha-2), default: EU");
  55
  56static int modparam_frameburst = 1;
  57module_param_named(frameburst, modparam_frameburst, int, 0444);
  58MODULE_PARM_DESC(frameburst, "enable frame bursting (default: on)");
  59
  60static int modparam_afterburner = 0;
  61module_param_named(afterburner, modparam_afterburner, int, 0444);
  62MODULE_PARM_DESC(afterburner,
  63	"enable afterburner aka '125 High Speed Mode' (default: off)");
  64
  65static int modparam_power_save = 0;
  66module_param_named(power_save, modparam_power_save, int, 0444);
  67MODULE_PARM_DESC(power_save,
  68	"set power save mode: 0=off, 1=on, 2=fast (default: off)");
  69
  70static int modparam_power_output = 3;
  71module_param_named(power_output, modparam_power_output, int, 0444);
  72MODULE_PARM_DESC(power_output,
  73	"set power output: 0=25%, 1=50%, 2=75%, 3=100% (default: 100%)");
  74
  75static int modparam_roamtrigger = -70;
  76module_param_named(roamtrigger, modparam_roamtrigger, int, 0444);
  77MODULE_PARM_DESC(roamtrigger,
  78	"set roaming dBm trigger: -80=optimize for distance, "
  79				"-60=bandwidth (default: -70)");
  80
  81static int modparam_roamdelta = 1;
  82module_param_named(roamdelta, modparam_roamdelta, int, 0444);
  83MODULE_PARM_DESC(roamdelta,
  84	"set roaming tendency: 0=aggressive, 1=moderate, "
  85				"2=conservative (default: moderate)");
  86
  87static int modparam_workaround_interval;
  88module_param_named(workaround_interval, modparam_workaround_interval,
  89							int, 0444);
  90MODULE_PARM_DESC(workaround_interval,
  91	"set stall workaround interval in msecs (0=disabled) (default: 0)");
  92
  93
  94/* various RNDIS OID defs */
  95#define OID_GEN_LINK_SPEED			cpu_to_le32(0x00010107)
  96#define OID_GEN_RNDIS_CONFIG_PARAMETER		cpu_to_le32(0x0001021b)
  97
  98#define OID_GEN_XMIT_OK				cpu_to_le32(0x00020101)
  99#define OID_GEN_RCV_OK				cpu_to_le32(0x00020102)
 100#define OID_GEN_XMIT_ERROR			cpu_to_le32(0x00020103)
 101#define OID_GEN_RCV_ERROR			cpu_to_le32(0x00020104)
 102#define OID_GEN_RCV_NO_BUFFER			cpu_to_le32(0x00020105)
 103
 104#define OID_802_3_CURRENT_ADDRESS		cpu_to_le32(0x01010102)
 105#define OID_802_3_MULTICAST_LIST		cpu_to_le32(0x01010103)
 106#define OID_802_3_MAXIMUM_LIST_SIZE		cpu_to_le32(0x01010104)
 107
 108#define OID_802_11_BSSID			cpu_to_le32(0x0d010101)
 109#define OID_802_11_SSID				cpu_to_le32(0x0d010102)
 110#define OID_802_11_INFRASTRUCTURE_MODE		cpu_to_le32(0x0d010108)
 111#define OID_802_11_ADD_WEP			cpu_to_le32(0x0d010113)
 112#define OID_802_11_REMOVE_WEP			cpu_to_le32(0x0d010114)
 113#define OID_802_11_DISASSOCIATE			cpu_to_le32(0x0d010115)
 114#define OID_802_11_AUTHENTICATION_MODE		cpu_to_le32(0x0d010118)
 115#define OID_802_11_PRIVACY_FILTER		cpu_to_le32(0x0d010119)
 116#define OID_802_11_BSSID_LIST_SCAN		cpu_to_le32(0x0d01011a)
 117#define OID_802_11_ENCRYPTION_STATUS		cpu_to_le32(0x0d01011b)
 118#define OID_802_11_ADD_KEY			cpu_to_le32(0x0d01011d)
 119#define OID_802_11_REMOVE_KEY			cpu_to_le32(0x0d01011e)
 120#define OID_802_11_ASSOCIATION_INFORMATION	cpu_to_le32(0x0d01011f)
 121#define OID_802_11_CAPABILITY			cpu_to_le32(0x0d010122)
 122#define OID_802_11_PMKID			cpu_to_le32(0x0d010123)
 123#define OID_802_11_NETWORK_TYPES_SUPPORTED	cpu_to_le32(0x0d010203)
 124#define OID_802_11_NETWORK_TYPE_IN_USE		cpu_to_le32(0x0d010204)
 125#define OID_802_11_TX_POWER_LEVEL		cpu_to_le32(0x0d010205)
 126#define OID_802_11_RSSI				cpu_to_le32(0x0d010206)
 127#define OID_802_11_RSSI_TRIGGER			cpu_to_le32(0x0d010207)
 128#define OID_802_11_FRAGMENTATION_THRESHOLD	cpu_to_le32(0x0d010209)
 129#define OID_802_11_RTS_THRESHOLD		cpu_to_le32(0x0d01020a)
 130#define OID_802_11_SUPPORTED_RATES		cpu_to_le32(0x0d01020e)
 131#define OID_802_11_CONFIGURATION		cpu_to_le32(0x0d010211)
 132#define OID_802_11_POWER_MODE			cpu_to_le32(0x0d010216)
 133#define OID_802_11_BSSID_LIST			cpu_to_le32(0x0d010217)
 134
 135
 136/* Typical noise/maximum signal level values taken from ndiswrapper iw_ndis.h */
 137#define	WL_NOISE	-96	/* typical noise level in dBm */
 138#define	WL_SIGMAX	-32	/* typical maximum signal level in dBm */
 139
 140
 141/* Assume that Broadcom 4320 (only chipset at time of writing known to be
 142 * based on wireless rndis) has default txpower of 13dBm.
 143 * This value is from Linksys WUSB54GSC User Guide, Appendix F: Specifications.
 144 *  100% : 20 mW ~ 13dBm
 145 *   75% : 15 mW ~ 12dBm
 146 *   50% : 10 mW ~ 10dBm
 147 *   25% :  5 mW ~  7dBm
 148 */
 149#define BCM4320_DEFAULT_TXPOWER_DBM_100 13
 150#define BCM4320_DEFAULT_TXPOWER_DBM_75  12
 151#define BCM4320_DEFAULT_TXPOWER_DBM_50  10
 152#define BCM4320_DEFAULT_TXPOWER_DBM_25  7
 153
 154
 155/* codes for "status" field of completion messages */
 156#define RNDIS_STATUS_ADAPTER_NOT_READY		cpu_to_le32(0xc0010011)
 157#define RNDIS_STATUS_ADAPTER_NOT_OPEN		cpu_to_le32(0xc0010012)
 158
 159
 160/* Known device types */
 161#define RNDIS_UNKNOWN	0
 162#define RNDIS_BCM4320A	1
 163#define RNDIS_BCM4320B	2
 164
 165
 166/* NDIS data structures. Taken from wpa_supplicant driver_ndis.c
 167 * slightly modified for datatype endianess, etc
 168 */
 169#define NDIS_802_11_LENGTH_SSID 32
 170#define NDIS_802_11_LENGTH_RATES 8
 171#define NDIS_802_11_LENGTH_RATES_EX 16
 172
 173enum ndis_80211_net_type {
 174	NDIS_80211_TYPE_FREQ_HOP,
 175	NDIS_80211_TYPE_DIRECT_SEQ,
 176	NDIS_80211_TYPE_OFDM_A,
 177	NDIS_80211_TYPE_OFDM_G
 178};
 179
 180enum ndis_80211_net_infra {
 181	NDIS_80211_INFRA_ADHOC,
 182	NDIS_80211_INFRA_INFRA,
 183	NDIS_80211_INFRA_AUTO_UNKNOWN
 184};
 185
 186enum ndis_80211_auth_mode {
 187	NDIS_80211_AUTH_OPEN,
 188	NDIS_80211_AUTH_SHARED,
 189	NDIS_80211_AUTH_AUTO_SWITCH,
 190	NDIS_80211_AUTH_WPA,
 191	NDIS_80211_AUTH_WPA_PSK,
 192	NDIS_80211_AUTH_WPA_NONE,
 193	NDIS_80211_AUTH_WPA2,
 194	NDIS_80211_AUTH_WPA2_PSK
 195};
 196
 197enum ndis_80211_encr_status {
 198	NDIS_80211_ENCR_WEP_ENABLED,
 199	NDIS_80211_ENCR_DISABLED,
 200	NDIS_80211_ENCR_WEP_KEY_ABSENT,
 201	NDIS_80211_ENCR_NOT_SUPPORTED,
 202	NDIS_80211_ENCR_TKIP_ENABLED,
 203	NDIS_80211_ENCR_TKIP_KEY_ABSENT,
 204	NDIS_80211_ENCR_CCMP_ENABLED,
 205	NDIS_80211_ENCR_CCMP_KEY_ABSENT
 206};
 207
 208enum ndis_80211_priv_filter {
 209	NDIS_80211_PRIV_ACCEPT_ALL,
 210	NDIS_80211_PRIV_8021X_WEP
 211};
 212
 213enum ndis_80211_status_type {
 214	NDIS_80211_STATUSTYPE_AUTHENTICATION,
 215	NDIS_80211_STATUSTYPE_MEDIASTREAMMODE,
 216	NDIS_80211_STATUSTYPE_PMKID_CANDIDATELIST,
 217	NDIS_80211_STATUSTYPE_RADIOSTATE,
 218};
 219
 220enum ndis_80211_media_stream_mode {
 221	NDIS_80211_MEDIA_STREAM_OFF,
 222	NDIS_80211_MEDIA_STREAM_ON
 223};
 224
 225enum ndis_80211_radio_status {
 226	NDIS_80211_RADIO_STATUS_ON,
 227	NDIS_80211_RADIO_STATUS_HARDWARE_OFF,
 228	NDIS_80211_RADIO_STATUS_SOFTWARE_OFF,
 229};
 230
 231enum ndis_80211_addkey_bits {
 232	NDIS_80211_ADDKEY_8021X_AUTH = cpu_to_le32(1 << 28),
 233	NDIS_80211_ADDKEY_SET_INIT_RECV_SEQ = cpu_to_le32(1 << 29),
 234	NDIS_80211_ADDKEY_PAIRWISE_KEY = cpu_to_le32(1 << 30),
 235	NDIS_80211_ADDKEY_TRANSMIT_KEY = cpu_to_le32(1 << 31)
 236};
 237
 238enum ndis_80211_addwep_bits {
 239	NDIS_80211_ADDWEP_PERCLIENT_KEY = cpu_to_le32(1 << 30),
 240	NDIS_80211_ADDWEP_TRANSMIT_KEY = cpu_to_le32(1 << 31)
 241};
 242
 243enum ndis_80211_power_mode {
 244	NDIS_80211_POWER_MODE_CAM,
 245	NDIS_80211_POWER_MODE_MAX_PSP,
 246	NDIS_80211_POWER_MODE_FAST_PSP,
 247};
 248
 249struct ndis_80211_auth_request {
 250	__le32 length;
 251	u8 bssid[6];
 252	u8 padding[2];
 253	__le32 flags;
 254} __packed;
 255
 256struct ndis_80211_pmkid_candidate {
 257	u8 bssid[6];
 258	u8 padding[2];
 259	__le32 flags;
 260} __packed;
 261
 262struct ndis_80211_pmkid_cand_list {
 263	__le32 version;
 264	__le32 num_candidates;
 265	struct ndis_80211_pmkid_candidate candidate_list[0];
 266} __packed;
 267
 268struct ndis_80211_status_indication {
 269	__le32 status_type;
 270	union {
 271		__le32					media_stream_mode;
 272		__le32					radio_status;
 273		struct ndis_80211_auth_request		auth_request[0];
 274		struct ndis_80211_pmkid_cand_list	cand_list;
 275	} u;
 276} __packed;
 277
 278struct ndis_80211_ssid {
 279	__le32 length;
 280	u8 essid[NDIS_802_11_LENGTH_SSID];
 281} __packed;
 282
 283struct ndis_80211_conf_freq_hop {
 284	__le32 length;
 285	__le32 hop_pattern;
 286	__le32 hop_set;
 287	__le32 dwell_time;
 288} __packed;
 289
 290struct ndis_80211_conf {
 291	__le32 length;
 292	__le32 beacon_period;
 293	__le32 atim_window;
 294	__le32 ds_config;
 295	struct ndis_80211_conf_freq_hop fh_config;
 296} __packed;
 297
 298struct ndis_80211_bssid_ex {
 299	__le32 length;
 300	u8 mac[6];
 301	u8 padding[2];
 302	struct ndis_80211_ssid ssid;
 303	__le32 privacy;
 304	__le32 rssi;
 305	__le32 net_type;
 306	struct ndis_80211_conf config;
 307	__le32 net_infra;
 308	u8 rates[NDIS_802_11_LENGTH_RATES_EX];
 309	__le32 ie_length;
 310	u8 ies[0];
 311} __packed;
 312
 313struct ndis_80211_bssid_list_ex {
 314	__le32 num_items;
 315	struct ndis_80211_bssid_ex bssid[0];
 316} __packed;
 317
 318struct ndis_80211_fixed_ies {
 319	u8 timestamp[8];
 320	__le16 beacon_interval;
 321	__le16 capabilities;
 322} __packed;
 323
 324struct ndis_80211_wep_key {
 325	__le32 size;
 326	__le32 index;
 327	__le32 length;
 328	u8 material[32];
 329} __packed;
 330
 331struct ndis_80211_key {
 332	__le32 size;
 333	__le32 index;
 334	__le32 length;
 335	u8 bssid[6];
 336	u8 padding[6];
 337	u8 rsc[8];
 338	u8 material[32];
 339} __packed;
 340
 341struct ndis_80211_remove_key {
 342	__le32 size;
 343	__le32 index;
 344	u8 bssid[6];
 345	u8 padding[2];
 346} __packed;
 347
 348struct ndis_config_param {
 349	__le32 name_offs;
 350	__le32 name_length;
 351	__le32 type;
 352	__le32 value_offs;
 353	__le32 value_length;
 354} __packed;
 355
 356struct ndis_80211_assoc_info {
 357	__le32 length;
 358	__le16 req_ies;
 359	struct req_ie {
 360		__le16 capa;
 361		__le16 listen_interval;
 362		u8 cur_ap_address[6];
 363	} req_ie;
 364	__le32 req_ie_length;
 365	__le32 offset_req_ies;
 366	__le16 resp_ies;
 367	struct resp_ie {
 368		__le16 capa;
 369		__le16 status_code;
 370		__le16 assoc_id;
 371	} resp_ie;
 372	__le32 resp_ie_length;
 373	__le32 offset_resp_ies;
 374} __packed;
 375
 376struct ndis_80211_auth_encr_pair {
 377	__le32 auth_mode;
 378	__le32 encr_mode;
 379} __packed;
 380
 381struct ndis_80211_capability {
 382	__le32 length;
 383	__le32 version;
 384	__le32 num_pmkids;
 385	__le32 num_auth_encr_pair;
 386	struct ndis_80211_auth_encr_pair auth_encr_pair[0];
 387} __packed;
 388
 389struct ndis_80211_bssid_info {
 390	u8 bssid[6];
 391	u8 pmkid[16];
 392};
 393
 394struct ndis_80211_pmkid {
 395	__le32 length;
 396	__le32 bssid_info_count;
 397	struct ndis_80211_bssid_info bssid_info[0];
 398};
 399
 400/*
 401 *  private data
 402 */
 403#define NET_TYPE_11FB	0
 404
 405#define CAP_MODE_80211A		1
 406#define CAP_MODE_80211B		2
 407#define CAP_MODE_80211G		4
 408#define CAP_MODE_MASK		7
 409
 410#define WORK_LINK_UP		(1<<0)
 411#define WORK_LINK_DOWN		(1<<1)
 412#define WORK_SET_MULTICAST_LIST	(1<<2)
 413
 414#define RNDIS_WLAN_ALG_NONE	0
 415#define RNDIS_WLAN_ALG_WEP	(1<<0)
 416#define RNDIS_WLAN_ALG_TKIP	(1<<1)
 417#define RNDIS_WLAN_ALG_CCMP	(1<<2)
 418
 419#define RNDIS_WLAN_KEY_MGMT_NONE	0
 420#define RNDIS_WLAN_KEY_MGMT_802_1X	(1<<0)
 421#define RNDIS_WLAN_KEY_MGMT_PSK		(1<<1)
 422
 423#define COMMAND_BUFFER_SIZE	(CONTROL_BUFFER_SIZE + sizeof(struct rndis_set))
 424
 425static const struct ieee80211_channel rndis_channels[] = {
 426	{ .center_freq = 2412 },
 427	{ .center_freq = 2417 },
 428	{ .center_freq = 2422 },
 429	{ .center_freq = 2427 },
 430	{ .center_freq = 2432 },
 431	{ .center_freq = 2437 },
 432	{ .center_freq = 2442 },
 433	{ .center_freq = 2447 },
 434	{ .center_freq = 2452 },
 435	{ .center_freq = 2457 },
 436	{ .center_freq = 2462 },
 437	{ .center_freq = 2467 },
 438	{ .center_freq = 2472 },
 439	{ .center_freq = 2484 },
 440};
 441
 442static const struct ieee80211_rate rndis_rates[] = {
 443	{ .bitrate = 10 },
 444	{ .bitrate = 20, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
 445	{ .bitrate = 55, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
 446	{ .bitrate = 110, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
 447	{ .bitrate = 60 },
 448	{ .bitrate = 90 },
 449	{ .bitrate = 120 },
 450	{ .bitrate = 180 },
 451	{ .bitrate = 240 },
 452	{ .bitrate = 360 },
 453	{ .bitrate = 480 },
 454	{ .bitrate = 540 }
 455};
 456
 457static const u32 rndis_cipher_suites[] = {
 458	WLAN_CIPHER_SUITE_WEP40,
 459	WLAN_CIPHER_SUITE_WEP104,
 460	WLAN_CIPHER_SUITE_TKIP,
 461	WLAN_CIPHER_SUITE_CCMP,
 462};
 463
 464struct rndis_wlan_encr_key {
 465	int len;
 466	u32 cipher;
 467	u8 material[32];
 468	u8 bssid[ETH_ALEN];
 469	bool pairwise;
 470	bool tx_key;
 471};
 472
 473/* RNDIS device private data */
 474struct rndis_wlan_private {
 475	struct usbnet *usbdev;
 476
 477	struct wireless_dev wdev;
 478
 479	struct cfg80211_scan_request *scan_request;
 480
 481	struct workqueue_struct *workqueue;
 482	struct delayed_work dev_poller_work;
 483	struct delayed_work scan_work;
 484	struct work_struct work;
 485	struct mutex command_lock;
 486	unsigned long work_pending;
 487	int last_qual;
 488	s32 cqm_rssi_thold;
 489	u32 cqm_rssi_hyst;
 490	int last_cqm_event_rssi;
 491
 492	struct ieee80211_supported_band band;
 493	struct ieee80211_channel channels[ARRAY_SIZE(rndis_channels)];
 494	struct ieee80211_rate rates[ARRAY_SIZE(rndis_rates)];
 495	u32 cipher_suites[ARRAY_SIZE(rndis_cipher_suites)];
 496
 497	int device_type;
 498	int caps;
 499	int multicast_size;
 500
 501	/* module parameters */
 502	char param_country[4];
 503	int  param_frameburst;
 504	int  param_afterburner;
 505	int  param_power_save;
 506	int  param_power_output;
 507	int  param_roamtrigger;
 508	int  param_roamdelta;
 509	u32  param_workaround_interval;
 510
 511	/* hardware state */
 512	bool radio_on;
 513	int power_mode;
 514	int infra_mode;
 515	bool connected;
 516	u8 bssid[ETH_ALEN];
 517	__le32 current_command_oid;
 518
 519	/* encryption stuff */
 520	int  encr_tx_key_index;
 521	struct rndis_wlan_encr_key encr_keys[4];
 522	int  wpa_version;
 523
 524	u8 command_buffer[COMMAND_BUFFER_SIZE];
 525};
 526
 527/*
 528 * cfg80211 ops
 529 */
 530static int rndis_change_virtual_intf(struct wiphy *wiphy,
 531					struct net_device *dev,
 532					enum nl80211_iftype type, u32 *flags,
 533					struct vif_params *params);
 534
 535static int rndis_scan(struct wiphy *wiphy, struct net_device *dev,
 536			struct cfg80211_scan_request *request);
 537
 538static int rndis_set_wiphy_params(struct wiphy *wiphy, u32 changed);
 539
 540static int rndis_set_tx_power(struct wiphy *wiphy,
 541			      enum nl80211_tx_power_setting type,
 542			      int mbm);
 543static int rndis_get_tx_power(struct wiphy *wiphy, int *dbm);
 544
 545static int rndis_connect(struct wiphy *wiphy, struct net_device *dev,
 546				struct cfg80211_connect_params *sme);
 547
 548static int rndis_disconnect(struct wiphy *wiphy, struct net_device *dev,
 549				u16 reason_code);
 550
 551static int rndis_join_ibss(struct wiphy *wiphy, struct net_device *dev,
 552					struct cfg80211_ibss_params *params);
 553
 554static int rndis_leave_ibss(struct wiphy *wiphy, struct net_device *dev);
 555
 556static int rndis_set_channel(struct wiphy *wiphy, struct net_device *dev,
 557	struct ieee80211_channel *chan, enum nl80211_channel_type channel_type);
 558
 559static int rndis_add_key(struct wiphy *wiphy, struct net_device *netdev,
 560			 u8 key_index, bool pairwise, const u8 *mac_addr,
 561			 struct key_params *params);
 562
 563static int rndis_del_key(struct wiphy *wiphy, struct net_device *netdev,
 564			 u8 key_index, bool pairwise, const u8 *mac_addr);
 565
 566static int rndis_set_default_key(struct wiphy *wiphy, struct net_device *netdev,
 567				 u8 key_index, bool unicast, bool multicast);
 568
 569static int rndis_get_station(struct wiphy *wiphy, struct net_device *dev,
 570					u8 *mac, struct station_info *sinfo);
 571
 572static int rndis_dump_station(struct wiphy *wiphy, struct net_device *dev,
 573			       int idx, u8 *mac, struct station_info *sinfo);
 574
 575static int rndis_set_pmksa(struct wiphy *wiphy, struct net_device *netdev,
 576				struct cfg80211_pmksa *pmksa);
 577
 578static int rndis_del_pmksa(struct wiphy *wiphy, struct net_device *netdev,
 579				struct cfg80211_pmksa *pmksa);
 580
 581static int rndis_flush_pmksa(struct wiphy *wiphy, struct net_device *netdev);
 582
 583static int rndis_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
 584				bool enabled, int timeout);
 585
 586static int rndis_set_cqm_rssi_config(struct wiphy *wiphy,
 587					struct net_device *dev,
 588					s32 rssi_thold, u32 rssi_hyst);
 589
 590static const struct cfg80211_ops rndis_config_ops = {
 591	.change_virtual_intf = rndis_change_virtual_intf,
 592	.scan = rndis_scan,
 593	.set_wiphy_params = rndis_set_wiphy_params,
 594	.set_tx_power = rndis_set_tx_power,
 595	.get_tx_power = rndis_get_tx_power,
 596	.connect = rndis_connect,
 597	.disconnect = rndis_disconnect,
 598	.join_ibss = rndis_join_ibss,
 599	.leave_ibss = rndis_leave_ibss,
 600	.set_channel = rndis_set_channel,
 601	.add_key = rndis_add_key,
 602	.del_key = rndis_del_key,
 603	.set_default_key = rndis_set_default_key,
 604	.get_station = rndis_get_station,
 605	.dump_station = rndis_dump_station,
 606	.set_pmksa = rndis_set_pmksa,
 607	.del_pmksa = rndis_del_pmksa,
 608	.flush_pmksa = rndis_flush_pmksa,
 609	.set_power_mgmt = rndis_set_power_mgmt,
 610	.set_cqm_rssi_config = rndis_set_cqm_rssi_config,
 611};
 612
 613static void *rndis_wiphy_privid = &rndis_wiphy_privid;
 614
 615
 616static struct rndis_wlan_private *get_rndis_wlan_priv(struct usbnet *dev)
 617{
 618	return (struct rndis_wlan_private *)dev->driver_priv;
 619}
 620
 621static u32 get_bcm4320_power_dbm(struct rndis_wlan_private *priv)
 622{
 623	switch (priv->param_power_output) {
 624	default:
 625	case 3:
 626		return BCM4320_DEFAULT_TXPOWER_DBM_100;
 627	case 2:
 628		return BCM4320_DEFAULT_TXPOWER_DBM_75;
 629	case 1:
 630		return BCM4320_DEFAULT_TXPOWER_DBM_50;
 631	case 0:
 632		return BCM4320_DEFAULT_TXPOWER_DBM_25;
 633	}
 634}
 635
 636static bool is_wpa_key(struct rndis_wlan_private *priv, int idx)
 637{
 638	int cipher = priv->encr_keys[idx].cipher;
 639
 640	return (cipher == WLAN_CIPHER_SUITE_CCMP ||
 641		cipher == WLAN_CIPHER_SUITE_TKIP);
 642}
 643
 644static int rndis_cipher_to_alg(u32 cipher)
 645{
 646	switch (cipher) {
 647	default:
 648		return RNDIS_WLAN_ALG_NONE;
 649	case WLAN_CIPHER_SUITE_WEP40:
 650	case WLAN_CIPHER_SUITE_WEP104:
 651		return RNDIS_WLAN_ALG_WEP;
 652	case WLAN_CIPHER_SUITE_TKIP:
 653		return RNDIS_WLAN_ALG_TKIP;
 654	case WLAN_CIPHER_SUITE_CCMP:
 655		return RNDIS_WLAN_ALG_CCMP;
 656	}
 657}
 658
 659static int rndis_akm_suite_to_key_mgmt(u32 akm_suite)
 660{
 661	switch (akm_suite) {
 662	default:
 663		return RNDIS_WLAN_KEY_MGMT_NONE;
 664	case WLAN_AKM_SUITE_8021X:
 665		return RNDIS_WLAN_KEY_MGMT_802_1X;
 666	case WLAN_AKM_SUITE_PSK:
 667		return RNDIS_WLAN_KEY_MGMT_PSK;
 668	}
 669}
 670
 671#ifdef DEBUG
 672static const char *oid_to_string(__le32 oid)
 673{
 674	switch (oid) {
 675#define OID_STR(oid) case oid: return(#oid)
 676		/* from rndis_host.h */
 677		OID_STR(OID_802_3_PERMANENT_ADDRESS);
 678		OID_STR(OID_GEN_MAXIMUM_FRAME_SIZE);
 679		OID_STR(OID_GEN_CURRENT_PACKET_FILTER);
 680		OID_STR(OID_GEN_PHYSICAL_MEDIUM);
 681
 682		/* from rndis_wlan.c */
 683		OID_STR(OID_GEN_LINK_SPEED);
 684		OID_STR(OID_GEN_RNDIS_CONFIG_PARAMETER);
 685
 686		OID_STR(OID_GEN_XMIT_OK);
 687		OID_STR(OID_GEN_RCV_OK);
 688		OID_STR(OID_GEN_XMIT_ERROR);
 689		OID_STR(OID_GEN_RCV_ERROR);
 690		OID_STR(OID_GEN_RCV_NO_BUFFER);
 691
 692		OID_STR(OID_802_3_CURRENT_ADDRESS);
 693		OID_STR(OID_802_3_MULTICAST_LIST);
 694		OID_STR(OID_802_3_MAXIMUM_LIST_SIZE);
 695
 696		OID_STR(OID_802_11_BSSID);
 697		OID_STR(OID_802_11_SSID);
 698		OID_STR(OID_802_11_INFRASTRUCTURE_MODE);
 699		OID_STR(OID_802_11_ADD_WEP);
 700		OID_STR(OID_802_11_REMOVE_WEP);
 701		OID_STR(OID_802_11_DISASSOCIATE);
 702		OID_STR(OID_802_11_AUTHENTICATION_MODE);
 703		OID_STR(OID_802_11_PRIVACY_FILTER);
 704		OID_STR(OID_802_11_BSSID_LIST_SCAN);
 705		OID_STR(OID_802_11_ENCRYPTION_STATUS);
 706		OID_STR(OID_802_11_ADD_KEY);
 707		OID_STR(OID_802_11_REMOVE_KEY);
 708		OID_STR(OID_802_11_ASSOCIATION_INFORMATION);
 709		OID_STR(OID_802_11_CAPABILITY);
 710		OID_STR(OID_802_11_PMKID);
 711		OID_STR(OID_802_11_NETWORK_TYPES_SUPPORTED);
 712		OID_STR(OID_802_11_NETWORK_TYPE_IN_USE);
 713		OID_STR(OID_802_11_TX_POWER_LEVEL);
 714		OID_STR(OID_802_11_RSSI);
 715		OID_STR(OID_802_11_RSSI_TRIGGER);
 716		OID_STR(OID_802_11_FRAGMENTATION_THRESHOLD);
 717		OID_STR(OID_802_11_RTS_THRESHOLD);
 718		OID_STR(OID_802_11_SUPPORTED_RATES);
 719		OID_STR(OID_802_11_CONFIGURATION);
 720		OID_STR(OID_802_11_POWER_MODE);
 721		OID_STR(OID_802_11_BSSID_LIST);
 722#undef OID_STR
 723	}
 724
 725	return "?";
 726}
 727#else
 728static const char *oid_to_string(__le32 oid)
 729{
 730	return "?";
 731}
 732#endif
 733
 734/* translate error code */
 735static int rndis_error_status(__le32 rndis_status)
 736{
 737	int ret = -EINVAL;
 738	switch (rndis_status) {
 739	case RNDIS_STATUS_SUCCESS:
 740		ret = 0;
 741		break;
 742	case RNDIS_STATUS_FAILURE:
 743	case RNDIS_STATUS_INVALID_DATA:
 744		ret = -EINVAL;
 745		break;
 746	case RNDIS_STATUS_NOT_SUPPORTED:
 747		ret = -EOPNOTSUPP;
 748		break;
 749	case RNDIS_STATUS_ADAPTER_NOT_READY:
 750	case RNDIS_STATUS_ADAPTER_NOT_OPEN:
 751		ret = -EBUSY;
 752		break;
 753	}
 754	return ret;
 755}
 756
 757static int rndis_query_oid(struct usbnet *dev, __le32 oid, void *data, int *len)
 758{
 759	struct rndis_wlan_private *priv = get_rndis_wlan_priv(dev);
 760	union {
 761		void			*buf;
 762		struct rndis_msg_hdr	*header;
 763		struct rndis_query	*get;
 764		struct rndis_query_c	*get_c;
 765	} u;
 766	int ret, buflen;
 767	int resplen, respoffs, copylen;
 768
 769	buflen = *len + sizeof(*u.get);
 770	if (buflen < CONTROL_BUFFER_SIZE)
 771		buflen = CONTROL_BUFFER_SIZE;
 772
 773	if (buflen > COMMAND_BUFFER_SIZE) {
 774		u.buf = kmalloc(buflen, GFP_KERNEL);
 775		if (!u.buf)
 776			return -ENOMEM;
 777	} else {
 778		u.buf = priv->command_buffer;
 779	}
 780
 781	mutex_lock(&priv->command_lock);
 782
 783	memset(u.get, 0, sizeof *u.get);
 784	u.get->msg_type = RNDIS_MSG_QUERY;
 785	u.get->msg_len = cpu_to_le32(sizeof *u.get);
 786	u.get->oid = oid;
 787
 788	priv->current_command_oid = oid;
 789	ret = rndis_command(dev, u.header, buflen);
 790	priv->current_command_oid = 0;
 791	if (ret < 0)
 792		netdev_dbg(dev->net, "%s(%s): rndis_command() failed, %d (%08x)\n",
 793			   __func__, oid_to_string(oid), ret,
 794			   le32_to_cpu(u.get_c->status));
 795
 796	if (ret == 0) {
 797		resplen = le32_to_cpu(u.get_c->len);
 798		respoffs = le32_to_cpu(u.get_c->offset) + 8;
 799
 800		if (respoffs > buflen) {
 801			/* Device returned data offset outside buffer, error. */
 802			netdev_dbg(dev->net, "%s(%s): received invalid "
 803				"data offset: %d > %d\n", __func__,
 804				oid_to_string(oid), respoffs, buflen);
 805
 806			ret = -EINVAL;
 807			goto exit_unlock;
 808		}
 809
 810		if ((resplen + respoffs) > buflen) {
 811			/* Device would have returned more data if buffer would
 812			 * have been big enough. Copy just the bits that we got.
 813			 */
 814			copylen = buflen - respoffs;
 815		} else {
 816			copylen = resplen;
 817		}
 818
 819		if (copylen > *len)
 820			copylen = *len;
 821
 822		memcpy(data, u.buf + respoffs, copylen);
 823
 824		*len = resplen;
 825
 826		ret = rndis_error_status(u.get_c->status);
 827		if (ret < 0)
 828			netdev_dbg(dev->net, "%s(%s): device returned error,  0x%08x (%d)\n",
 829				   __func__, oid_to_string(oid),
 830				   le32_to_cpu(u.get_c->status), ret);
 831	}
 832
 833exit_unlock:
 834	mutex_unlock(&priv->command_lock);
 835
 836	if (u.buf != priv->command_buffer)
 837		kfree(u.buf);
 838	return ret;
 839}
 840
 841static int rndis_set_oid(struct usbnet *dev, __le32 oid, const void *data,
 842			 int len)
 843{
 844	struct rndis_wlan_private *priv = get_rndis_wlan_priv(dev);
 845	union {
 846		void			*buf;
 847		struct rndis_msg_hdr	*header;
 848		struct rndis_set	*set;
 849		struct rndis_set_c	*set_c;
 850	} u;
 851	int ret, buflen;
 852
 853	buflen = len + sizeof(*u.set);
 854	if (buflen < CONTROL_BUFFER_SIZE)
 855		buflen = CONTROL_BUFFER_SIZE;
 856
 857	if (buflen > COMMAND_BUFFER_SIZE) {
 858		u.buf = kmalloc(buflen, GFP_KERNEL);
 859		if (!u.buf)
 860			return -ENOMEM;
 861	} else {
 862		u.buf = priv->command_buffer;
 863	}
 864
 865	mutex_lock(&priv->command_lock);
 866
 867	memset(u.set, 0, sizeof *u.set);
 868	u.set->msg_type = RNDIS_MSG_SET;
 869	u.set->msg_len = cpu_to_le32(sizeof(*u.set) + len);
 870	u.set->oid = oid;
 871	u.set->len = cpu_to_le32(len);
 872	u.set->offset = cpu_to_le32(sizeof(*u.set) - 8);
 873	u.set->handle = cpu_to_le32(0);
 874	memcpy(u.buf + sizeof(*u.set), data, len);
 875
 876	priv->current_command_oid = oid;
 877	ret = rndis_command(dev, u.header, buflen);
 878	priv->current_command_oid = 0;
 879	if (ret < 0)
 880		netdev_dbg(dev->net, "%s(%s): rndis_command() failed, %d (%08x)\n",
 881			   __func__, oid_to_string(oid), ret,
 882			   le32_to_cpu(u.set_c->status));
 883
 884	if (ret == 0) {
 885		ret = rndis_error_status(u.set_c->status);
 886
 887		if (ret < 0)
 888			netdev_dbg(dev->net, "%s(%s): device returned error, 0x%08x (%d)\n",
 889				   __func__, oid_to_string(oid),
 890				   le32_to_cpu(u.set_c->status), ret);
 891	}
 892
 893	mutex_unlock(&priv->command_lock);
 894
 895	if (u.buf != priv->command_buffer)
 896		kfree(u.buf);
 897	return ret;
 898}
 899
 900static int rndis_reset(struct usbnet *usbdev)
 901{
 902	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
 903	struct rndis_reset *reset;
 904	int ret;
 905
 906	mutex_lock(&priv->command_lock);
 907
 908	reset = (void *)priv->command_buffer;
 909	memset(reset, 0, sizeof(*reset));
 910	reset->msg_type = RNDIS_MSG_RESET;
 911	reset->msg_len = cpu_to_le32(sizeof(*reset));
 912	priv->current_command_oid = 0;
 913	ret = rndis_command(usbdev, (void *)reset, CONTROL_BUFFER_SIZE);
 914
 915	mutex_unlock(&priv->command_lock);
 916
 917	if (ret < 0)
 918		return ret;
 919	return 0;
 920}
 921
 922/*
 923 * Specs say that we can only set config parameters only soon after device
 924 * initialization.
 925 *   value_type: 0 = u32, 2 = unicode string
 926 */
 927static int rndis_set_config_parameter(struct usbnet *dev, char *param,
 928						int value_type, void *value)
 929{
 930	struct ndis_config_param *infobuf;
 931	int value_len, info_len, param_len, ret, i;
 932	__le16 *unibuf;
 933	__le32 *dst_value;
 934
 935	if (value_type == 0)
 936		value_len = sizeof(__le32);
 937	else if (value_type == 2)
 938		value_len = strlen(value) * sizeof(__le16);
 939	else
 940		return -EINVAL;
 941
 942	param_len = strlen(param) * sizeof(__le16);
 943	info_len = sizeof(*infobuf) + param_len + value_len;
 944
 945#ifdef DEBUG
 946	info_len += 12;
 947#endif
 948	infobuf = kmalloc(info_len, GFP_KERNEL);
 949	if (!infobuf)
 950		return -ENOMEM;
 951
 952#ifdef DEBUG
 953	info_len -= 12;
 954	/* extra 12 bytes are for padding (debug output) */
 955	memset(infobuf, 0xCC, info_len + 12);
 956#endif
 957
 958	if (value_type == 2)
 959		netdev_dbg(dev->net, "setting config parameter: %s, value: %s\n",
 960			   param, (u8 *)value);
 961	else
 962		netdev_dbg(dev->net, "setting config parameter: %s, value: %d\n",
 963			   param, *(u32 *)value);
 964
 965	infobuf->name_offs = cpu_to_le32(sizeof(*infobuf));
 966	infobuf->name_length = cpu_to_le32(param_len);
 967	infobuf->type = cpu_to_le32(value_type);
 968	infobuf->value_offs = cpu_to_le32(sizeof(*infobuf) + param_len);
 969	infobuf->value_length = cpu_to_le32(value_len);
 970
 971	/* simple string to unicode string conversion */
 972	unibuf = (void *)infobuf + sizeof(*infobuf);
 973	for (i = 0; i < param_len / sizeof(__le16); i++)
 974		unibuf[i] = cpu_to_le16(param[i]);
 975
 976	if (value_type == 2) {
 977		unibuf = (void *)infobuf + sizeof(*infobuf) + param_len;
 978		for (i = 0; i < value_len / sizeof(__le16); i++)
 979			unibuf[i] = cpu_to_le16(((u8 *)value)[i]);
 980	} else {
 981		dst_value = (void *)infobuf + sizeof(*infobuf) + param_len;
 982		*dst_value = cpu_to_le32(*(u32 *)value);
 983	}
 984
 985#ifdef DEBUG
 986	netdev_dbg(dev->net, "info buffer (len: %d)\n", info_len);
 987	for (i = 0; i < info_len; i += 12) {
 988		u32 *tmp = (u32 *)((u8 *)infobuf + i);
 989		netdev_dbg(dev->net, "%08X:%08X:%08X\n",
 990			   cpu_to_be32(tmp[0]),
 991			   cpu_to_be32(tmp[1]),
 992			   cpu_to_be32(tmp[2]));
 993	}
 994#endif
 995
 996	ret = rndis_set_oid(dev, OID_GEN_RNDIS_CONFIG_PARAMETER,
 997							infobuf, info_len);
 998	if (ret != 0)
 999		netdev_dbg(dev->net, "setting rndis config parameter failed, %d\n",
1000			   ret);
1001
1002	kfree(infobuf);
1003	return ret;
1004}
1005
1006static int rndis_set_config_parameter_str(struct usbnet *dev,
1007						char *param, char *value)
1008{
1009	return rndis_set_config_parameter(dev, param, 2, value);
1010}
1011
1012/*
1013 * data conversion functions
1014 */
1015static int level_to_qual(int level)
1016{
1017	int qual = 100 * (level - WL_NOISE) / (WL_SIGMAX - WL_NOISE);
1018	return qual >= 0 ? (qual <= 100 ? qual : 100) : 0;
1019}
1020
1021/*
1022 * common functions
1023 */
1024static int set_infra_mode(struct usbnet *usbdev, int mode);
1025static void restore_keys(struct usbnet *usbdev);
1026static int rndis_check_bssid_list(struct usbnet *usbdev, u8 *match_bssid,
1027					bool *matched);
1028
1029static int rndis_start_bssid_list_scan(struct usbnet *usbdev)
1030{
1031	__le32 tmp;
1032
1033	/* Note: OID_802_11_BSSID_LIST_SCAN clears internal BSS list. */
1034	tmp = cpu_to_le32(1);
1035	return rndis_set_oid(usbdev, OID_802_11_BSSID_LIST_SCAN, &tmp,
1036							sizeof(tmp));
1037}
1038
1039static int set_essid(struct usbnet *usbdev, struct ndis_80211_ssid *ssid)
1040{
1041	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1042	int ret;
1043
1044	ret = rndis_set_oid(usbdev, OID_802_11_SSID, ssid, sizeof(*ssid));
1045	if (ret < 0) {
1046		netdev_warn(usbdev->net, "setting SSID failed (%08X)\n", ret);
1047		return ret;
1048	}
1049	if (ret == 0) {
1050		priv->radio_on = true;
1051		netdev_dbg(usbdev->net, "%s(): radio_on = true\n", __func__);
1052	}
1053
1054	return ret;
1055}
1056
1057static int set_bssid(struct usbnet *usbdev, const u8 *bssid)
1058{
1059	int ret;
1060
1061	ret = rndis_set_oid(usbdev, OID_802_11_BSSID, bssid, ETH_ALEN);
1062	if (ret < 0) {
1063		netdev_warn(usbdev->net, "setting BSSID[%pM] failed (%08X)\n",
1064			    bssid, ret);
1065		return ret;
1066	}
1067
1068	return ret;
1069}
1070
1071static int clear_bssid(struct usbnet *usbdev)
1072{
1073	static const u8 broadcast_mac[ETH_ALEN] = {
1074		0xff, 0xff, 0xff, 0xff, 0xff, 0xff
1075	};
1076
1077	return set_bssid(usbdev, broadcast_mac);
1078}
1079
1080static int get_bssid(struct usbnet *usbdev, u8 bssid[ETH_ALEN])
1081{
1082	int ret, len;
1083
1084	len = ETH_ALEN;
1085	ret = rndis_query_oid(usbdev, OID_802_11_BSSID, bssid, &len);
1086
1087	if (ret != 0)
1088		memset(bssid, 0, ETH_ALEN);
1089
1090	return ret;
1091}
1092
1093static int get_association_info(struct usbnet *usbdev,
1094			struct ndis_80211_assoc_info *info, int len)
1095{
1096	return rndis_query_oid(usbdev, OID_802_11_ASSOCIATION_INFORMATION,
1097				info, &len);
1098}
1099
1100static bool is_associated(struct usbnet *usbdev)
1101{
1102	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1103	u8 bssid[ETH_ALEN];
1104	int ret;
1105
1106	if (!priv->radio_on)
1107		return false;
1108
1109	ret = get_bssid(usbdev, bssid);
1110
1111	return (ret == 0 && !is_zero_ether_addr(bssid));
1112}
1113
1114static int disassociate(struct usbnet *usbdev, bool reset_ssid)
1115{
1116	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1117	struct ndis_80211_ssid ssid;
1118	int i, ret = 0;
1119
1120	if (priv->radio_on) {
1121		ret = rndis_set_oid(usbdev, OID_802_11_DISASSOCIATE, NULL, 0);
1122		if (ret == 0) {
1123			priv->radio_on = false;
1124			netdev_dbg(usbdev->net, "%s(): radio_on = false\n",
1125				   __func__);
1126
1127			if (reset_ssid)
1128				msleep(100);
1129		}
1130	}
1131
1132	/* disassociate causes radio to be turned off; if reset_ssid
1133	 * is given, set random ssid to enable radio */
1134	if (reset_ssid) {
1135		/* Set device to infrastructure mode so we don't get ad-hoc
1136		 * 'media connect' indications with the random ssid.
1137		 */
1138		set_infra_mode(usbdev, NDIS_80211_INFRA_INFRA);
1139
1140		ssid.length = cpu_to_le32(sizeof(ssid.essid));
1141		get_random_bytes(&ssid.essid[2], sizeof(ssid.essid)-2);
1142		ssid.essid[0] = 0x1;
1143		ssid.essid[1] = 0xff;
1144		for (i = 2; i < sizeof(ssid.essid); i++)
1145			ssid.essid[i] = 0x1 + (ssid.essid[i] * 0xfe / 0xff);
1146		ret = set_essid(usbdev, &ssid);
1147	}
1148	return ret;
1149}
1150
1151static int set_auth_mode(struct usbnet *usbdev, u32 wpa_version,
1152				enum nl80211_auth_type auth_type, int keymgmt)
1153{
1154	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1155	__le32 tmp;
1156	int auth_mode, ret;
1157
1158	netdev_dbg(usbdev->net, "%s(): wpa_version=0x%x authalg=0x%x keymgmt=0x%x\n",
1159		   __func__, wpa_version, auth_type, keymgmt);
1160
1161	if (wpa_version & NL80211_WPA_VERSION_2) {
1162		if (keymgmt & RNDIS_WLAN_KEY_MGMT_802_1X)
1163			auth_mode = NDIS_80211_AUTH_WPA2;
1164		else
1165			auth_mode = NDIS_80211_AUTH_WPA2_PSK;
1166	} else if (wpa_version & NL80211_WPA_VERSION_1) {
1167		if (keymgmt & RNDIS_WLAN_KEY_MGMT_802_1X)
1168			auth_mode = NDIS_80211_AUTH_WPA;
1169		else if (keymgmt & RNDIS_WLAN_KEY_MGMT_PSK)
1170			auth_mode = NDIS_80211_AUTH_WPA_PSK;
1171		else
1172			auth_mode = NDIS_80211_AUTH_WPA_NONE;
1173	} else if (auth_type == NL80211_AUTHTYPE_SHARED_KEY)
1174		auth_mode = NDIS_80211_AUTH_SHARED;
1175	else if (auth_type == NL80211_AUTHTYPE_OPEN_SYSTEM)
1176		auth_mode = NDIS_80211_AUTH_OPEN;
1177	else if (auth_type == NL80211_AUTHTYPE_AUTOMATIC)
1178		auth_mode = NDIS_80211_AUTH_AUTO_SWITCH;
1179	else
1180		return -ENOTSUPP;
1181
1182	tmp = cpu_to_le32(auth_mode);
1183	ret = rndis_set_oid(usbdev, OID_802_11_AUTHENTICATION_MODE, &tmp,
1184								sizeof(tmp));
1185	if (ret != 0) {
1186		netdev_warn(usbdev->net, "setting auth mode failed (%08X)\n",
1187			    ret);
1188		return ret;
1189	}
1190
1191	priv->wpa_version = wpa_version;
1192
1193	return 0;
1194}
1195
1196static int set_priv_filter(struct usbnet *usbdev)
1197{
1198	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1199	__le32 tmp;
1200
1201	netdev_dbg(usbdev->net, "%s(): wpa_version=0x%x\n",
1202		   __func__, priv->wpa_version);
1203
1204	if (priv->wpa_version & NL80211_WPA_VERSION_2 ||
1205	    priv->wpa_version & NL80211_WPA_VERSION_1)
1206		tmp = cpu_to_le32(NDIS_80211_PRIV_8021X_WEP);
1207	else
1208		tmp = cpu_to_le32(NDIS_80211_PRIV_ACCEPT_ALL);
1209
1210	return rndis_set_oid(usbdev, OID_802_11_PRIVACY_FILTER, &tmp,
1211								sizeof(tmp));
1212}
1213
1214static int set_encr_mode(struct usbnet *usbdev, int pairwise, int groupwise)
1215{
1216	__le32 tmp;
1217	int encr_mode, ret;
1218
1219	netdev_dbg(usbdev->net, "%s(): cipher_pair=0x%x cipher_group=0x%x\n",
1220		   __func__, pairwise, groupwise);
1221
1222	if (pairwise & RNDIS_WLAN_ALG_CCMP)
1223		encr_mode = NDIS_80211_ENCR_CCMP_ENABLED;
1224	else if (pairwise & RNDIS_WLAN_ALG_TKIP)
1225		encr_mode = NDIS_80211_ENCR_TKIP_ENABLED;
1226	else if (pairwise & RNDIS_WLAN_ALG_WEP)
1227		encr_mode = NDIS_80211_ENCR_WEP_ENABLED;
1228	else if (groupwise & RNDIS_WLAN_ALG_CCMP)
1229		encr_mode = NDIS_80211_ENCR_CCMP_ENABLED;
1230	else if (groupwise & RNDIS_WLAN_ALG_TKIP)
1231		encr_mode = NDIS_80211_ENCR_TKIP_ENABLED;
1232	else
1233		encr_mode = NDIS_80211_ENCR_DISABLED;
1234
1235	tmp = cpu_to_le32(encr_mode);
1236	ret = rndis_set_oid(usbdev, OID_802_11_ENCRYPTION_STATUS, &tmp,
1237								sizeof(tmp));
1238	if (ret != 0) {
1239		netdev_warn(usbdev->net, "setting encr mode failed (%08X)\n",
1240			    ret);
1241		return ret;
1242	}
1243
1244	return 0;
1245}
1246
1247static int set_infra_mode(struct usbnet *usbdev, int mode)
1248{
1249	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1250	__le32 tmp;
1251	int ret;
1252
1253	netdev_dbg(usbdev->net, "%s(): infra_mode=0x%x\n",
1254		   __func__, priv->infra_mode);
1255
1256	tmp = cpu_to_le32(mode);
1257	ret = rndis_set_oid(usbdev, OID_802_11_INFRASTRUCTURE_MODE, &tmp,
1258								sizeof(tmp));
1259	if (ret != 0) {
1260		netdev_warn(usbdev->net, "setting infra mode failed (%08X)\n",
1261			    ret);
1262		return ret;
1263	}
1264
1265	/* NDIS drivers clear keys when infrastructure mode is
1266	 * changed. But Linux tools assume otherwise. So set the
1267	 * keys */
1268	restore_keys(usbdev);
1269
1270	priv->infra_mode = mode;
1271	return 0;
1272}
1273
1274static int set_rts_threshold(struct usbnet *usbdev, u32 rts_threshold)
1275{
1276	__le32 tmp;
1277
1278	netdev_dbg(usbdev->net, "%s(): %i\n", __func__, rts_threshold);
1279
1280	if (rts_threshold < 0 || rts_threshold > 2347)
1281		rts_threshold = 2347;
1282
1283	tmp = cpu_to_le32(rts_threshold);
1284	return rndis_set_oid(usbdev, OID_802_11_RTS_THRESHOLD, &tmp,
1285								sizeof(tmp));
1286}
1287
1288static int set_frag_threshold(struct usbnet *usbdev, u32 frag_threshold)
1289{
1290	__le32 tmp;
1291
1292	netdev_dbg(usbdev->net, "%s(): %i\n", __func__, frag_threshold);
1293
1294	if (frag_threshold < 256 || frag_threshold > 2346)
1295		frag_threshold = 2346;
1296
1297	tmp = cpu_to_le32(frag_threshold);
1298	return rndis_set_oid(usbdev, OID_802_11_FRAGMENTATION_THRESHOLD, &tmp,
1299								sizeof(tmp));
1300}
1301
1302static void set_default_iw_params(struct usbnet *usbdev)
1303{
1304	set_infra_mode(usbdev, NDIS_80211_INFRA_INFRA);
1305	set_auth_mode(usbdev, 0, NL80211_AUTHTYPE_OPEN_SYSTEM,
1306						RNDIS_WLAN_KEY_MGMT_NONE);
1307	set_priv_filter(usbdev);
1308	set_encr_mode(usbdev, RNDIS_WLAN_ALG_NONE, RNDIS_WLAN_ALG_NONE);
1309}
1310
1311static int deauthenticate(struct usbnet *usbdev)
1312{
1313	int ret;
1314
1315	ret = disassociate(usbdev, true);
1316	set_default_iw_params(usbdev);
1317	return ret;
1318}
1319
1320static int set_channel(struct usbnet *usbdev, int channel)
1321{
1322	struct ndis_80211_conf config;
1323	unsigned int dsconfig;
1324	int len, ret;
1325
1326	netdev_dbg(usbdev->net, "%s(%d)\n", __func__, channel);
1327
1328	/* this OID is valid only when not associated */
1329	if (is_associated(usbdev))
1330		return 0;
1331
1332	dsconfig = ieee80211_dsss_chan_to_freq(channel) * 1000;
1333
1334	len = sizeof(config);
1335	ret = rndis_query_oid(usbdev, OID_802_11_CONFIGURATION, &config, &len);
1336	if (ret < 0) {
1337		netdev_dbg(usbdev->net, "%s(): querying configuration failed\n",
1338			   __func__);
1339		return ret;
1340	}
1341
1342	config.ds_config = cpu_to_le32(dsconfig);
1343	ret = rndis_set_oid(usbdev, OID_802_11_CONFIGURATION, &config,
1344								sizeof(config));
1345
1346	netdev_dbg(usbdev->net, "%s(): %d -> %d\n", __func__, channel, ret);
1347
1348	return ret;
1349}
1350
1351/* index must be 0 - N, as per NDIS  */
1352static int add_wep_key(struct usbnet *usbdev, const u8 *key, int key_len,
1353								int index)
1354{
1355	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1356	struct ndis_80211_wep_key ndis_key;
1357	u32 cipher;
1358	int ret;
1359
1360	netdev_dbg(usbdev->net, "%s(idx: %d, len: %d)\n",
1361		   __func__, index, key_len);
1362
1363	if ((key_len != 5 && key_len != 13) || index < 0 || index > 3)
1364		return -EINVAL;
1365
1366	if (key_len == 5)
1367		cipher = WLAN_CIPHER_SUITE_WEP40;
1368	else
1369		cipher = WLAN_CIPHER_SUITE_WEP104;
1370
1371	memset(&ndis_key, 0, sizeof(ndis_key));
1372
1373	ndis_key.size = cpu_to_le32(sizeof(ndis_key));
1374	ndis_key.length = cpu_to_le32(key_len);
1375	ndis_key.index = cpu_to_le32(index);
1376	memcpy(&ndis_key.material, key, key_len);
1377
1378	if (index == priv->encr_tx_key_index) {
1379		ndis_key.index |= NDIS_80211_ADDWEP_TRANSMIT_KEY;
1380		ret = set_encr_mode(usbdev, RNDIS_WLAN_ALG_WEP,
1381							RNDIS_WLAN_ALG_NONE);
1382		if (ret)
1383			netdev_warn(usbdev->net, "encryption couldn't be enabled (%08X)\n",
1384				    ret);
1385	}
1386
1387	ret = rndis_set_oid(usbdev, OID_802_11_ADD_WEP, &ndis_key,
1388							sizeof(ndis_key));
1389	if (ret != 0) {
1390		netdev_warn(usbdev->net, "adding encryption key %d failed (%08X)\n",
1391			    index + 1, ret);
1392		return ret;
1393	}
1394
1395	priv->encr_keys[index].len = key_len;
1396	priv->encr_keys[index].cipher = cipher;
1397	memcpy(&priv->encr_keys[index].material, key, key_len);
1398	memset(&priv->encr_keys[index].bssid, 0xff, ETH_ALEN);
1399
1400	return 0;
1401}
1402
1403static int add_wpa_key(struct usbnet *usbdev, const u8 *key, int key_len,
1404			int index, const u8 *addr, const u8 *rx_seq,
1405			int seq_len, u32 cipher, __le32 flags)
1406{
1407	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1408	struct ndis_80211_key ndis_key;
1409	bool is_addr_ok;
1410	int ret;
1411
1412	if (index < 0 || index >= 4) {
1413		netdev_dbg(usbdev->net, "%s(): index out of range (%i)\n",
1414			   __func__, index);
1415		return -EINVAL;
1416	}
1417	if (key_len > sizeof(ndis_key.material) || key_len < 0) {
1418		netdev_dbg(usbdev->net, "%s(): key length out of range (%i)\n",
1419			   __func__, key_len);
1420		return -EINVAL;
1421	}
1422	if (flags & NDIS_80211_ADDKEY_SET_INIT_RECV_SEQ) {
1423		if (!rx_seq || seq_len <= 0) {
1424			netdev_dbg(usbdev->net, "%s(): recv seq flag without buffer\n",
1425				   __func__);
1426			return -EINVAL;
1427		}
1428		if (rx_seq && seq_len > sizeof(ndis_key.rsc)) {
1429			netdev_dbg(usbdev->net, "%s(): too big recv seq buffer\n", __func__);
1430			return -EINVAL;
1431		}
1432	}
1433
1434	is_addr_ok = addr && !is_zero_ether_addr(addr) &&
1435					!is_broadcast_ether_addr(addr);
1436	if ((flags & NDIS_80211_ADDKEY_PAIRWISE_KEY) && !is_addr_ok) {
1437		netdev_dbg(usbdev->net, "%s(): pairwise but bssid invalid (%pM)\n",
1438			   __func__, addr);
1439		return -EINVAL;
1440	}
1441
1442	netdev_dbg(usbdev->net, "%s(%i): flags:%i%i%i\n",
1443		   __func__, index,
1444		   !!(flags & NDIS_80211_ADDKEY_TRANSMIT_KEY),
1445		   !!(flags & NDIS_80211_ADDKEY_PAIRWISE_KEY),
1446		   !!(flags & NDIS_80211_ADDKEY_SET_INIT_RECV_SEQ));
1447
1448	memset(&ndis_key, 0, sizeof(ndis_key));
1449
1450	ndis_key.size = cpu_to_le32(sizeof(ndis_key) -
1451				sizeof(ndis_key.material) + key_len);
1452	ndis_key.length = cpu_to_le32(key_len);
1453	ndis_key.index = cpu_to_le32(index) | flags;
1454
1455	if (cipher == WLAN_CIPHER_SUITE_TKIP && key_len == 32) {
1456		/* wpa_supplicant gives us the Michael MIC RX/TX keys in
1457		 * different order than NDIS spec, so swap the order here. */
1458		memcpy(ndis_key.material, key, 16);
1459		memcpy(ndis_key.material + 16, key + 24, 8);
1460		memcpy(ndis_key.material + 24, key + 16, 8);
1461	} else
1462		memcpy(ndis_key.material, key, key_len);
1463
1464	if (flags & NDIS_80211_ADDKEY_SET_INIT_RECV_SEQ)
1465		memcpy(ndis_key.rsc, rx_seq, seq_len);
1466
1467	if (flags & NDIS_80211_ADDKEY_PAIRWISE_KEY) {
1468		/* pairwise key */
1469		memcpy(ndis_key.bssid, addr, ETH_ALEN);
1470	} else {
1471		/* group key */
1472		if (priv->infra_mode == NDIS_80211_INFRA_ADHOC)
1473			memset(ndis_key.bssid, 0xff, ETH_ALEN);
1474		else
1475			get_bssid(usbdev, ndis_key.bssid);
1476	}
1477
1478	ret = rndis_set_oid(usbdev, OID_802_11_ADD_KEY, &ndis_key,
1479					le32_to_cpu(ndis_key.size));
1480	netdev_dbg(usbdev->net, "%s(): OID_802_11_ADD_KEY -> %08X\n",
1481		   __func__, ret);
1482	if (ret != 0)
1483		return ret;
1484
1485	memset(&priv->encr_keys[index], 0, sizeof(priv->encr_keys[index]));
1486	priv->encr_keys[index].len = key_len;
1487	priv->encr_keys[index].cipher = cipher;
1488	memcpy(&priv->encr_keys[index].material, key, key_len);
1489	if (flags & NDIS_80211_ADDKEY_PAIRWISE_KEY)
1490		memcpy(&priv->encr_keys[index].bssid, ndis_key.bssid, ETH_ALEN);
1491	else
1492		memset(&priv->encr_keys[index].bssid, 0xff, ETH_ALEN);
1493
1494	if (flags & NDIS_80211_ADDKEY_TRANSMIT_KEY)
1495		priv->encr_tx_key_index = index;
1496
1497	return 0;
1498}
1499
1500static int restore_key(struct usbnet *usbdev, int key_idx)
1501{
1502	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1503	struct rndis_wlan_encr_key key;
1504
1505	if (is_wpa_key(priv, key_idx))
1506		return 0;
1507
1508	key = priv->encr_keys[key_idx];
1509
1510	netdev_dbg(usbdev->net, "%s(): %i:%i\n", __func__, key_idx, key.len);
1511
1512	if (key.len == 0)
1513		return 0;
1514
1515	return add_wep_key(usbdev, key.material, key.len, key_idx);
1516}
1517
1518static void restore_keys(struct usbnet *usbdev)
1519{
1520	int i;
1521
1522	for (i = 0; i < 4; i++)
1523		restore_key(usbdev, i);
1524}
1525
1526static void clear_key(struct rndis_wlan_private *priv, int idx)
1527{
1528	memset(&priv->encr_keys[idx], 0, sizeof(priv->encr_keys[idx]));
1529}
1530
1531/* remove_key is for both wep and wpa */
1532static int remove_key(struct usbnet *usbdev, int index, const u8 *bssid)
1533{
1534	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1535	struct ndis_80211_remove_key remove_key;
1536	__le32 keyindex;
1537	bool is_wpa;
1538	int ret;
1539
1540	if (priv->encr_keys[index].len == 0)
1541		return 0;
1542
1543	is_wpa = is_wpa_key(priv, index);
1544
1545	netdev_dbg(usbdev->net, "%s(): %i:%s:%i\n",
1546		   __func__, index, is_wpa ? "wpa" : "wep",
1547		   priv->encr_keys[index].len);
1548
1549	clear_key(priv, index);
1550
1551	if (is_wpa) {
1552		remove_key.size = cpu_to_le32(sizeof(remove_key));
1553		remove_key.index = cpu_to_le32(index);
1554		if (bssid) {
1555			/* pairwise key */
1556			if (!is_broadcast_ether_addr(bssid))
1557				remove_key.index |=
1558					NDIS_80211_ADDKEY_PAIRWISE_KEY;
1559			memcpy(remove_key.bssid, bssid,
1560					sizeof(remove_key.bssid));
1561		} else
1562			memset(remove_key.bssid, 0xff,
1563						sizeof(remove_key.bssid));
1564
1565		ret = rndis_set_oid(usbdev, OID_802_11_REMOVE_KEY, &remove_key,
1566							sizeof(remove_key));
1567		if (ret != 0)
1568			return ret;
1569	} else {
1570		keyindex = cpu_to_le32(index);
1571		ret = rndis_set_oid(usbdev, OID_802_11_REMOVE_WEP, &keyindex,
1572							sizeof(keyindex));
1573		if (ret != 0) {
1574			netdev_warn(usbdev->net,
1575				    "removing encryption key %d failed (%08X)\n",
1576				    index, ret);
1577			return ret;
1578		}
1579	}
1580
1581	/* if it is transmit key, disable encryption */
1582	if (index == priv->encr_tx_key_index)
1583		set_encr_mode(usbdev, RNDIS_WLAN_ALG_NONE, RNDIS_WLAN_ALG_NONE);
1584
1585	return 0;
1586}
1587
1588static void set_multicast_list(struct usbnet *usbdev)
1589{
1590	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1591	struct netdev_hw_addr *ha;
1592	__le32 filter, basefilter;
1593	int ret;
1594	char *mc_addrs = NULL;
1595	int mc_count;
1596
1597	basefilter = filter = RNDIS_PACKET_TYPE_DIRECTED |
1598			      RNDIS_PACKET_TYPE_BROADCAST;
1599
1600	if (usbdev->net->flags & IFF_PROMISC) {
1601		filter |= RNDIS_PACKET_TYPE_PROMISCUOUS |
1602			RNDIS_PACKET_TYPE_ALL_LOCAL;
1603	} else if (usbdev->net->flags & IFF_ALLMULTI) {
1604		filter |= RNDIS_PACKET_TYPE_ALL_MULTICAST;
1605	}
1606
1607	if (filter != basefilter)
1608		goto set_filter;
1609
1610	/*
1611	 * mc_list should be accessed holding the lock, so copy addresses to
1612	 * local buffer first.
1613	 */
1614	netif_addr_lock_bh(usbdev->net);
1615	mc_count = netdev_mc_count(usbdev->net);
1616	if (mc_count > priv->multicast_size) {
1617		filter |= RNDIS_PACKET_TYPE_ALL_MULTICAST;
1618	} else if (mc_count) {
1619		int i = 0;
1620
1621		mc_addrs = kmalloc(mc_count * ETH_ALEN, GFP_ATOMIC);
1622		if (!mc_addrs) {
1623			netdev_warn(usbdev->net,
1624				    "couldn't alloc %d bytes of memory\n",
1625				    mc_count * ETH_ALEN);
1626			netif_addr_unlock_bh(usbdev->net);
1627			return;
1628		}
1629
1630		netdev_for_each_mc_addr(ha, usbdev->net)
1631			memcpy(mc_addrs + i++ * ETH_ALEN,
1632			       ha->addr, ETH_ALEN);
1633	}
1634	netif_addr_unlock_bh(usbdev->net);
1635
1636	if (filter != basefilter)
1637		goto set_filter;
1638
1639	if (mc_count) {
1640		ret = rndis_set_oid(usbdev, OID_802_3_MULTICAST_LIST, mc_addrs,
1641				    mc_count * ETH_ALEN);
1642		kfree(mc_addrs);
1643		if (ret == 0)
1644			filter |= RNDIS_PACKET_TYPE_MULTICAST;
1645		else
1646			filter |= RNDIS_PACKET_TYPE_ALL_MULTICAST;
1647
1648		netdev_dbg(usbdev->net, "OID_802_3_MULTICAST_LIST(%d, max: %d) -> %d\n",
1649			   mc_count, priv->multicast_size, ret);
1650	}
1651
1652set_filter:
1653	ret = rndis_set_oid(usbdev, OID_GEN_CURRENT_PACKET_FILTER, &filter,
1654							sizeof(filter));
1655	if (ret < 0) {
1656		netdev_warn(usbdev->net, "couldn't set packet filter: %08x\n",
1657			    le32_to_cpu(filter));
1658	}
1659
1660	netdev_dbg(usbdev->net, "OID_GEN_CURRENT_PACKET_FILTER(%08x) -> %d\n",
1661		   le32_to_cpu(filter), ret);
1662}
1663
1664#ifdef DEBUG
1665static void debug_print_pmkids(struct usbnet *usbdev,
1666				struct ndis_80211_pmkid *pmkids,
1667				const char *func_str)
1668{
1669	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1670	int i, len, count, max_pmkids, entry_len;
1671
1672	max_pmkids = priv->wdev.wiphy->max_num_pmkids;
1673	len = le32_to_cpu(pmkids->length);
1674	count = le32_to_cpu(pmkids->bssid_info_count);
1675
1676	entry_len = (count > 0) ? (len - sizeof(*pmkids)) / count : -1;
1677
1678	netdev_dbg(usbdev->net, "%s(): %d PMKIDs (data len: %d, entry len: "
1679				"%d)\n", func_str, count, len, entry_len);
1680
1681	if (count > max_pmkids)
1682		count = max_pmkids;
1683
1684	for (i = 0; i < count; i++) {
1685		u32 *tmp = (u32 *)pmkids->bssid_info[i].pmkid;
1686
1687		netdev_dbg(usbdev->net, "%s():  bssid: %pM, "
1688				"pmkid: %08X:%08X:%08X:%08X\n",
1689				func_str, pmkids->bssid_info[i].bssid,
1690				cpu_to_be32(tmp[0]), cpu_to_be32(tmp[1]),
1691				cpu_to_be32(tmp[2]), cpu_to_be32(tmp[3]));
1692	}
1693}
1694#else
1695static void debug_print_pmkids(struct usbnet *usbdev,
1696				struct ndis_80211_pmkid *pmkids,
1697				const char *func_str)
1698{
1699	return;
1700}
1701#endif
1702
1703static struct ndis_80211_pmkid *get_device_pmkids(struct usbnet *usbdev)
1704{
1705	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1706	struct ndis_80211_pmkid *pmkids;
1707	int len, ret, max_pmkids;
1708
1709	max_pmkids = priv->wdev.wiphy->max_num_pmkids;
1710	len = sizeof(*pmkids) + max_pmkids * sizeof(pmkids->bssid_info[0]);
1711
1712	pmkids = kzalloc(len, GFP_KERNEL);
1713	if (!pmkids)
1714		return ERR_PTR(-ENOMEM);
1715
1716	pmkids->length = cpu_to_le32(len);
1717	pmkids->bssid_info_count = cpu_to_le32(max_pmkids);
1718
1719	ret = rndis_query_oid(usbdev, OID_802_11_PMKID, pmkids, &len);
1720	if (ret < 0) {
1721		netdev_dbg(usbdev->net, "%s(): OID_802_11_PMKID(%d, %d)"
1722				" -> %d\n", __func__, len, max_pmkids, ret);
1723
1724		kfree(pmkids);
1725		return ERR_PTR(ret);
1726	}
1727
1728	if (le32_to_cpu(pmkids->bssid_info_count) > max_pmkids)
1729		pmkids->bssid_info_count = cpu_to_le32(max_pmkids);
1730
1731	debug_print_pmkids(usbdev, pmkids, __func__);
1732
1733	return pmkids;
1734}
1735
1736static int set_device_pmkids(struct usbnet *usbdev,
1737				struct ndis_80211_pmkid *pmkids)
1738{
1739	int ret, len, num_pmkids;
1740
1741	num_pmkids = le32_to_cpu(pmkids->bssid_info_count);
1742	len = sizeof(*pmkids) + num_pmkids * sizeof(pmkids->bssid_info[0]);
1743	pmkids->length = cpu_to_le32(len);
1744
1745	debug_print_pmkids(usbdev, pmkids, __func__);
1746
1747	ret = rndis_set_oid(usbdev, OID_802_11_PMKID, pmkids,
1748						le32_to_cpu(pmkids->length));
1749	if (ret < 0) {
1750		netdev_dbg(usbdev->net, "%s(): OID_802_11_PMKID(%d, %d) -> %d"
1751				"\n", __func__, len, num_pmkids, ret);
1752	}
1753
1754	kfree(pmkids);
1755	return ret;
1756}
1757
1758static struct ndis_80211_pmkid *remove_pmkid(struct usbnet *usbdev,
1759						struct ndis_80211_pmkid *pmkids,
1760						struct cfg80211_pmksa *pmksa,
1761						int max_pmkids)
1762{
1763	int i, len, count, newlen, err;
1764
1765	len = le32_to_cpu(pmkids->length);
1766	count = le32_to_cpu(pmkids->bssid_info_count);
1767
1768	if (count > max_pmkids)
1769		count = max_pmkids;
1770
1771	for (i = 0; i < count; i++)
1772		if (!compare_ether_addr(pmkids->bssid_info[i].bssid,
1773							pmksa->bssid))
1774			break;
1775
1776	/* pmkid not found */
1777	if (i == count) {
1778		netdev_dbg(usbdev->net, "%s(): bssid not found (%pM)\n",
1779					__func__, pmksa->bssid);
1780		err = -ENOENT;
1781		goto error;
1782	}
1783
1784	for (; i + 1 < count; i++)
1785		pmkids->bssid_info[i] = pmkids->bssid_info[i + 1];
1786
1787	count--;
1788	newlen = sizeof(*pmkids) + count * sizeof(pmkids->bssid_info[0]);
1789
1790	pmkids->length = cpu_to_le32(newlen);
1791	pmkids->bssid_info_count = cpu_to_le32(count);
1792
1793	return pmkids;
1794error:
1795	kfree(pmkids);
1796	return ERR_PTR(err);
1797}
1798
1799static struct ndis_80211_pmkid *update_pmkid(struct usbnet *usbdev,
1800						struct ndis_80211_pmkid *pmkids,
1801						struct cfg80211_pmksa *pmksa,
1802						int max_pmkids)
1803{
1804	int i, err, len, count, newlen;
1805
1806	len = le32_to_cpu(pmkids->length);
1807	count = le32_to_cpu(pmkids->bssid_info_count);
1808
1809	if (count > max_pmkids)
1810		count = max_pmkids;
1811
1812	/* update with new pmkid */
1813	for (i = 0; i < count; i++) {
1814		if (compare_ether_addr(pmkids->bssid_info[i].bssid,
1815							pmksa->bssid))
1816			continue;
1817
1818		memcpy(pmkids->bssid_info[i].pmkid, pmksa->pmkid,
1819								WLAN_PMKID_LEN);
1820
1821		return pmkids;
1822	}
1823
1824	/* out of space, return error */
1825	if (i == max_pmkids) {
1826		netdev_dbg(usbdev->net, "%s(): out of space\n", __func__);
1827		err = -ENOSPC;
1828		goto error;
1829	}
1830
1831	/* add new pmkid */
1832	newlen = sizeof(*pmkids) + (count + 1) * sizeof(pmkids->bssid_info[0]);
1833
1834	pmkids = krealloc(pmkids, newlen, GFP_KERNEL);
1835	if (!pmkids) {
1836		err = -ENOMEM;
1837		goto error;
1838	}
1839
1840	pmkids->length = cpu_to_le32(newlen);
1841	pmkids->bssid_info_count = cpu_to_le32(count + 1);
1842
1843	memcpy(pmkids->bssid_info[count].bssid, pmksa->bssid, ETH_ALEN);
1844	memcpy(pmkids->bssid_info[count].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
1845
1846	return pmkids;
1847error:
1848	kfree(pmkids);
1849	return ERR_PTR(err);
1850}
1851
1852/*
1853 * cfg80211 ops
1854 */
1855static int rndis_change_virtual_intf(struct wiphy *wiphy,
1856					struct net_device *dev,
1857					enum nl80211_iftype type, u32 *flags,
1858					struct vif_params *params)
1859{
1860	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
1861	struct usbnet *usbdev = priv->usbdev;
1862	int mode;
1863
1864	switch (type) {
1865	case NL80211_IFTYPE_ADHOC:
1866		mode = NDIS_80211_INFRA_ADHOC;
1867		break;
1868	case NL80211_IFTYPE_STATION:
1869		mode = NDIS_80211_INFRA_INFRA;
1870		break;
1871	default:
1872		return -EINVAL;
1873	}
1874
1875	priv->wdev.iftype = type;
1876
1877	return set_infra_mode(usbdev, mode);
1878}
1879
1880static int rndis_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1881{
1882	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
1883	struct usbnet *usbdev = priv->usbdev;
1884	int err;
1885
1886	if (changed & WIPHY_PARAM_FRAG_THRESHOLD) {
1887		err = set_frag_threshold(usbdev, wiphy->frag_threshold);
1888		if (err < 0)
1889			return err;
1890	}
1891
1892	if (changed & WIPHY_PARAM_RTS_THRESHOLD) {
1893		err = set_rts_threshold(usbdev, wiphy->rts_threshold);
1894		if (err < 0)
1895			return err;
1896	}
1897
1898	return 0;
1899}
1900
1901static int rndis_set_tx_power(struct wiphy *wiphy,
1902			      enum nl80211_tx_power_setting type,
1903			      int mbm)
1904{
1905	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
1906	struct usbnet *usbdev = priv->usbdev;
1907
1908	netdev_dbg(usbdev->net, "%s(): type:0x%x mbm:%i\n",
1909		   __func__, type, mbm);
1910
1911	if (mbm < 0 || (mbm % 100))
1912		return -ENOTSUPP;
1913
1914	/* Device doesn't support changing txpower after initialization, only
1915	 * turn off/on radio. Support 'auto' mode and setting same dBm that is
1916	 * currently used.
1917	 */
1918	if (type == NL80211_TX_POWER_AUTOMATIC ||
1919	    MBM_TO_DBM(mbm) == get_bcm4320_power_dbm(priv)) {
1920		if (!priv->radio_on)
1921			disassociate(usbdev, true); /* turn on radio */
1922
1923		return 0;
1924	}
1925
1926	return -ENOTSUPP;
1927}
1928
1929static int rndis_get_tx_power(struct wiphy *wiphy, int *dbm)
1930{
1931	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
1932	struct usbnet *usbdev = priv->usbdev;
1933
1934	*dbm = get_bcm4320_power_dbm(priv);
1935
1936	netdev_dbg(usbdev->net, "%s(): dbm:%i\n", __func__, *dbm);
1937
1938	return 0;
1939}
1940
1941#define SCAN_DELAY_JIFFIES (6 * HZ)
1942static int rndis_scan(struct wiphy *wiphy, struct net_device *dev,
1943			struct cfg80211_scan_request *request)
1944{
1945	struct usbnet *usbdev = netdev_priv(dev);
1946	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1947	int ret;
1948	int delay = SCAN_DELAY_JIFFIES;
1949
1950	netdev_dbg(usbdev->net, "cfg80211.scan\n");
1951
1952	/* Get current bssid list from device before new scan, as new scan
1953	 * clears internal bssid list.
1954	 */
1955	rndis_check_bssid_list(usbdev, NULL, NULL);
1956
1957	if (!request)
1958		return -EINVAL;
1959
1960	if (priv->scan_request && priv->scan_request != request)
1961		return -EBUSY;
1962
1963	priv->scan_request = request;
1964
1965	ret = rndis_start_bssid_list_scan(usbdev);
1966	if (ret == 0) {
1967		if (priv->device_type == RNDIS_BCM4320A)
1968			delay = HZ;
1969
1970		/* Wait before retrieving scan results from device */
1971		queue_delayed_work(priv->workqueue, &priv->scan_work, delay);
1972	}
1973
1974	return ret;
1975}
1976
1977static struct cfg80211_bss *rndis_bss_info_update(struct usbnet *usbdev,
1978					struct ndis_80211_bssid_ex *bssid)
1979{
1980	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
1981	struct ieee80211_channel *channel;
1982	s32 signal;
1983	u64 timestamp;
1984	u16 capability;
1985	u16 beacon_interval;
1986	struct ndis_80211_fixed_ies *fixed;
1987	int ie_len, bssid_len;
1988	u8 *ie;
1989
1990	netdev_dbg(usbdev->net, " found bssid: '%.32s' [%pM], len: %d\n",
1991		   bssid->ssid.essid, bssid->mac, le32_to_cpu(bssid->length));
1992
1993	/* parse bssid structure */
1994	bssid_len = le32_to_cpu(bssid->length);
1995
1996	if (bssid_len < sizeof(struct ndis_80211_bssid_ex) +
1997			sizeof(struct ndis_80211_fixed_ies))
1998		return NULL;
1999
2000	fixed = (struct ndis_80211_fixed_ies *)bssid->ies;
2001
2002	ie = (void *)(bssid->ies + sizeof(struct ndis_80211_fixed_ies));
2003	ie_len = min(bssid_len - (int)sizeof(*bssid),
2004					(int)le32_to_cpu(bssid->ie_length));
2005	ie_len -= sizeof(struct ndis_80211_fixed_ies);
2006	if (ie_len < 0)
2007		return NULL;
2008
2009	/* extract data for cfg80211_inform_bss */
2010	channel = ieee80211_get_channel(priv->wdev.wiphy,
2011			KHZ_TO_MHZ(le32_to_cpu(bssid->config.ds_config)));
2012	if (!channel)
2013		return NULL;
2014
2015	signal = level_to_qual(le32_to_cpu(bssid->rssi));
2016	timestamp = le64_to_cpu(*(__le64 *)fixed->timestamp);
2017	capability = le16_to_cpu(fixed->capabilities);
2018	beacon_interval = le16_to_cpu(fixed->beacon_interval);
2019
2020	return cfg80211_inform_bss(priv->wdev.wiphy, channel, bssid->mac,
2021		timestamp, capability, beacon_interval, ie, ie_len, signal,
2022		GFP_KERNEL);
2023}
2024
2025static struct ndis_80211_bssid_ex *next_bssid_list_item(
2026					struct ndis_80211_bssid_ex *bssid,
2027					int *bssid_len, void *buf, int len)
2028{
2029	void *buf_end, *bssid_end;
2030
2031	buf_end = (char *)buf + len;
2032	bssid_end = (char *)bssid + *bssid_len;
2033
2034	if ((int)(buf_end - bssid_end) < sizeof(bssid->length)) {
2035		*bssid_len = 0;
2036		return NULL;
2037	} else {
2038		bssid = (void *)((char *)bssid + *bssid_len);
2039		*bssid_len = le32_to_cpu(bssid->length);
2040		return bssid;
2041	}
2042}
2043
2044static bool check_bssid_list_item(struct ndis_80211_bssid_ex *bssid,
2045				  int bssid_len, void *buf, int len)
2046{
2047	void *buf_end, *bssid_end;
2048
2049	if (!bssid || bssid_len <= 0 || bssid_len > len)
2050		return false;
2051
2052	buf_end = (char *)buf + len;
2053	bssid_end = (char *)bssid + bssid_len;
2054
2055	return (int)(buf_end - bssid_end) >= 0 && (int)(bssid_end - buf) >= 0;
2056}
2057
2058static int rndis_check_bssid_list(struct usbnet *usbdev, u8 *match_bssid,
2059					bool *matched)
2060{
2061	void *buf = NULL;
2062	struct ndis_80211_bssid_list_ex *bssid_list;
2063	struct ndis_80211_bssid_ex *bssid;
2064	int ret = -EINVAL, len, count, bssid_len, real_count, new_len;
2065
2066	netdev_dbg(usbdev->net, "%s()\n", __func__);
2067
2068	len = CONTROL_BUFFER_SIZE;
2069resize_buf:
2070	buf = kzalloc(len, GFP_KERNEL);
2071	if (!buf) {
2072		ret = -ENOMEM;
2073		goto out;
2074	}
2075
2076	/* BSSID-list might have got bigger last time we checked, keep
2077	 * resizing until it won't get any bigger.
2078	 */
2079	new_len = len;
2080	ret = rndis_query_oid(usbdev, OID_802_11_BSSID_LIST, buf, &new_len);
2081	if (ret != 0 || new_len < sizeof(struct ndis_80211_bssid_list_ex))
2082		goto out;
2083
2084	if (new_len > len) {
2085		len = new_len;
2086		kfree(buf);
2087		goto resize_buf;
2088	}
2089
2090	len = new_len;
2091
2092	bssid_list = buf;
2093	count = le32_to_cpu(bssid_list->num_items);
2094	real_count = 0;
2095	netdev_dbg(usbdev->net, "%s(): buflen: %d\n", __func__, len);
2096
2097	bssid_len = 0;
2098	bssid = next_bssid_list_item(bssid_list->bssid, &bssid_len, buf, len);
2099
2100	/* Device returns incorrect 'num_items'. Workaround by ignoring the
2101	 * received 'num_items' and walking through full bssid buffer instead.
2102	 */
2103	while (check_bssid_list_item(bssid, bssid_len, buf, len)) {
2104		if (rndis_bss_info_update(usbdev, bssid) && match_bssid &&
2105		    matched) {
2106			if (compare_ether_addr(bssid->mac, match_bssid))
2107				*matched = true;
2108		}
2109
2110		real_count++;
2111		bssid = next_bssid_list_item(bssid, &bssid_len, buf, len);
2112	}
2113
2114	netdev_dbg(usbdev->net, "%s(): num_items from device: %d, really found:"
2115				" %d\n", __func__, count, real_count);
2116
2117out:
2118	kfree(buf);
2119	return ret;
2120}
2121
2122static void rndis_get_scan_results(struct work_struct *work)
2123{
2124	struct rndis_wlan_private *priv =
2125		container_of(work, struct rndis_wlan_private, scan_work.work);
2126	struct usbnet *usbdev = priv->usbdev;
2127	int ret;
2128
2129	netdev_dbg(usbdev->net, "get_scan_results\n");
2130
2131	if (!priv->scan_request)
2132		return;
2133
2134	ret = rndis_check_bssid_list(usbdev, NULL, NULL);
2135
2136	cfg80211_scan_done(priv->scan_request, ret < 0);
2137
2138	priv->scan_request = NULL;
2139}
2140
2141static int rndis_connect(struct wiphy *wiphy, struct net_device *dev,
2142					struct cfg80211_connect_params *sme)
2143{
2144	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2145	struct usbnet *usbdev = priv->usbdev;
2146	struct ieee80211_channel *channel = sme->channel;
2147	struct ndis_80211_ssid ssid;
2148	int pairwise = RNDIS_WLAN_ALG_NONE;
2149	int groupwise = RNDIS_WLAN_ALG_NONE;
2150	int keymgmt = RNDIS_WLAN_KEY_MGMT_NONE;
2151	int length, i, ret, chan = -1;
2152
2153	if (channel)
2154		chan = ieee80211_frequency_to_channel(channel->center_freq);
2155
2156	groupwise = rndis_cipher_to_alg(sme->crypto.cipher_group);
2157	for (i = 0; i < sme->crypto.n_ciphers_pairwise; i++)
2158		pairwise |=
2159			rndis_cipher_to_alg(sme->crypto.ciphers_pairwise[i]);
2160
2161	if (sme->crypto.n_ciphers_pairwise > 0 &&
2162			pairwise == RNDIS_WLAN_ALG_NONE) {
2163		netdev_err(usbdev->net, "Unsupported pairwise cipher\n");
2164		return -ENOTSUPP;
2165	}
2166
2167	for (i = 0; i < sme->crypto.n_akm_suites; i++)
2168		keymgmt |=
2169			rndis_akm_suite_to_key_mgmt(sme->crypto.akm_suites[i]);
2170
2171	if (sme->crypto.n_akm_suites > 0 &&
2172			keymgmt == RNDIS_WLAN_KEY_MGMT_NONE) {
2173		netdev_err(usbdev->net, "Invalid keymgmt\n");
2174		return -ENOTSUPP;
2175	}
2176
2177	netdev_dbg(usbdev->net, "cfg80211.connect('%.32s':[%pM]:%d:[%d,0x%x:0x%x]:[0x%x:0x%x]:0x%x)\n",
2178		   sme->ssid, sme->bssid, chan,
2179		   sme->privacy, sme->crypto.wpa_versions, sme->auth_type,
2180		   groupwise, pairwise, keymgmt);
2181
2182	if (is_associated(usbdev))
2183		disassociate(usbdev, false);
2184
2185	ret = set_infra_mode(usbdev, NDIS_80211_INFRA_INFRA);
2186	if (ret < 0) {
2187		netdev_dbg(usbdev->net, "connect: set_infra_mode failed, %d\n",
2188			   ret);
2189		goto err_turn_radio_on;
2190	}
2191
2192	ret = set_auth_mode(usbdev, sme->crypto.wpa_versions, sme->auth_type,
2193								keymgmt);
2194	if (ret < 0) {
2195		netdev_dbg(usbdev->net, "connect: set_auth_mode failed, %d\n",
2196			   ret);
2197		goto err_turn_radio_on;
2198	}
2199
2200	set_priv_filter(usbdev);
2201
2202	ret = set_encr_mode(usbdev, pairwise, groupwise);
2203	if (ret < 0) {
2204		netdev_dbg(usbdev->net, "connect: set_encr_mode failed, %d\n",
2205			   ret);
2206		goto err_turn_radio_on;
2207	}
2208
2209	if (channel) {
2210		ret = set_channel(usbdev, chan);
2211		if (ret < 0) {
2212			netdev_dbg(usbdev->net, "connect: set_channel failed, %d\n",
2213				   ret);
2214			goto err_turn_radio_on;
2215		}
2216	}
2217
2218	if (sme->key && ((groupwise | pairwise) & RNDIS_WLAN_ALG_WEP)) {
2219		priv->encr_tx_key_index = sme->key_idx;
2220		ret = add_wep_key(usbdev, sme->key, sme->key_len, sme->key_idx);
2221		if (ret < 0) {
2222			netdev_dbg(usbdev->net, "connect: add_wep_key failed, %d (%d, %d)\n",
2223				   ret, sme->key_len, sme->key_idx);
2224			goto err_turn_radio_on;
2225		}
2226	}
2227
2228	if (sme->bssid && !is_zero_ether_addr(sme->bssid) &&
2229				!is_broadcast_ether_addr(sme->bssid)) {
2230		ret = set_bssid(usbdev, sme->bssid);
2231		if (ret < 0) {
2232			netdev_dbg(usbdev->net, "connect: set_bssid failed, %d\n",
2233				   ret);
2234			goto err_turn_radio_on;
2235		}
2236	} else
2237		clear_bssid(usbdev);
2238
2239	length = sme->ssid_len;
2240	if (length > NDIS_802_11_LENGTH_SSID)
2241		length = NDIS_802_11_LENGTH_SSID;
2242
2243	memset(&ssid, 0, sizeof(ssid));
2244	ssid.length = cpu_to_le32(length);
2245	memcpy(ssid.essid, sme->ssid, length);
2246
2247	/* Pause and purge rx queue, so we don't pass packets before
2248	 * 'media connect'-indication.
2249	 */
2250	usbnet_pause_rx(usbdev);
2251	usbnet_purge_paused_rxq(usbdev);
2252
2253	ret = set_essid(usbdev, &ssid);
2254	if (ret < 0)
2255		netdev_dbg(usbdev->net, "connect: set_essid failed, %d\n", ret);
2256	return ret;
2257
2258err_turn_radio_on:
2259	disassociate(usbdev, true);
2260
2261	return ret;
2262}
2263
2264static int rndis_disconnect(struct wiphy *wiphy, struct net_device *dev,
2265								u16 reason_code)
2266{
2267	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2268	struct usbnet *usbdev = priv->usbdev;
2269
2270	netdev_dbg(usbdev->net, "cfg80211.disconnect(%d)\n", reason_code);
2271
2272	priv->connected = false;
2273	memset(priv->bssid, 0, ETH_ALEN);
2274
2275	return deauthenticate(usbdev);
2276}
2277
2278static int rndis_join_ibss(struct wiphy *wiphy, struct net_device *dev,
2279					struct cfg80211_ibss_params *params)
2280{
2281	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2282	struct usbnet *usbdev = priv->usbdev;
2283	struct ieee80211_channel *channel = params->channel;
2284	struct ndis_80211_ssid ssid;
2285	enum nl80211_auth_type auth_type;
2286	int ret, alg, length, chan = -1;
2287
2288	if (channel)
2289		chan = ieee80211_frequency_to_channel(channel->center_freq);
2290
2291	/* TODO: How to handle ad-hoc encryption?
2292	 * connect() has *key, join_ibss() doesn't. RNDIS requires key to be
2293	 * pre-shared for encryption (open/shared/wpa), is key set before
2294	 * join_ibss? Which auth_type to use (not in params)? What about WPA?
2295	 */
2296	if (params->privacy) {
2297		auth_type = NL80211_AUTHTYPE_SHARED_KEY;
2298		alg = RNDIS_WLAN_ALG_WEP;
2299	} else {
2300		auth_type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2301		alg = RNDIS_WLAN_ALG_NONE;
2302	}
2303
2304	netdev_dbg(usbdev->net, "cfg80211.join_ibss('%.32s':[%pM]:%d:%d)\n",
2305		   params->ssid, params->bssid, chan, params->privacy);
2306
2307	if (is_associated(usbdev))
2308		disassociate(usbdev, false);
2309
2310	ret = set_infra_mode(usbdev, NDIS_80211_INFRA_ADHOC);
2311	if (ret < 0) {
2312		netdev_dbg(usbdev->net, "join_ibss: set_infra_mode failed, %d\n",
2313			   ret);
2314		goto err_turn_radio_on;
2315	}
2316
2317	ret = set_auth_mode(usbdev, 0, auth_type, RNDIS_WLAN_KEY_MGMT_NONE);
2318	if (ret < 0) {
2319		netdev_dbg(usbdev->net, "join_ibss: set_auth_mode failed, %d\n",
2320			   ret);
2321		goto err_turn_radio_on;
2322	}
2323
2324	set_priv_filter(usbdev);
2325
2326	ret = set_encr_mode(usbdev, alg, RNDIS_WLAN_ALG_NONE);
2327	if (ret < 0) {
2328		netdev_dbg(usbdev->net, "join_ibss: set_encr_mode failed, %d\n",
2329			   ret);
2330		goto err_turn_radio_on;
2331	}
2332
2333	if (channel) {
2334		ret = set_channel(usbdev, chan);
2335		if (ret < 0) {
2336			netdev_dbg(usbdev->net, "join_ibss: set_channel failed, %d\n",
2337				   ret);
2338			goto err_turn_radio_on;
2339		}
2340	}
2341
2342	if (params->bssid && !is_zero_ether_addr(params->bssid) &&
2343				!is_broadcast_ether_addr(params->bssid)) {
2344		ret = set_bssid(usbdev, params->bssid);
2345		if (ret < 0) {
2346			netdev_dbg(usbdev->net, "join_ibss: set_bssid failed, %d\n",
2347				   ret);
2348			goto err_turn_radio_on;
2349		}
2350	} else
2351		clear_bssid(usbdev);
2352
2353	length = params->ssid_len;
2354	if (length > NDIS_802_11_LENGTH_SSID)
2355		length = NDIS_802_11_LENGTH_SSID;
2356
2357	memset(&ssid, 0, sizeof(ssid));
2358	ssid.length = cpu_to_le32(length);
2359	memcpy(ssid.essid, params->ssid, length);
2360
2361	/* Don't need to pause rx queue for ad-hoc. */
2362	usbnet_purge_paused_rxq(usbdev);
2363	usbnet_resume_rx(usbdev);
2364
2365	ret = set_essid(usbdev, &ssid);
2366	if (ret < 0)
2367		netdev_dbg(usbdev->net, "join_ibss: set_essid failed, %d\n",
2368			   ret);
2369	return ret;
2370
2371err_turn_radio_on:
2372	disassociate(usbdev, true);
2373
2374	return ret;
2375}
2376
2377static int rndis_leave_ibss(struct wiphy *wiphy, struct net_device *dev)
2378{
2379	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2380	struct usbnet *usbdev = priv->usbdev;
2381
2382	netdev_dbg(usbdev->net, "cfg80211.leave_ibss()\n");
2383
2384	priv->connected = false;
2385	memset(priv->bssid, 0, ETH_ALEN);
2386
2387	return deauthenticate(usbdev);
2388}
2389
2390static int rndis_set_channel(struct wiphy *wiphy, struct net_device *netdev,
2391	struct ieee80211_channel *chan, enum nl80211_channel_type channel_type)
2392{
2393	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2394	struct usbnet *usbdev = priv->usbdev;
2395
2396	return set_channel(usbdev,
2397			ieee80211_frequency_to_channel(chan->center_freq));
2398}
2399
2400static int rndis_add_key(struct wiphy *wiphy, struct net_device *netdev,
2401			 u8 key_index, bool pairwise, const u8 *mac_addr,
2402			 struct key_params *params)
2403{
2404	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2405	struct usbnet *usbdev = priv->usbdev;
2406	__le32 flags;
2407
2408	netdev_dbg(usbdev->net, "%s(%i, %pM, %08x)\n",
2409		   __func__, key_index, mac_addr, params->cipher);
2410
2411	switch (params->cipher) {
2412	case WLAN_CIPHER_SUITE_WEP40:
2413	case WLAN_CIPHER_SUITE_WEP104:
2414		return add_wep_key(usbdev, params->key, params->key_len,
2415								key_index);
2416	case WLAN_CIPHER_SUITE_TKIP:
2417	case WLAN_CIPHER_SUITE_CCMP:
2418		flags = 0;
2419
2420		if (params->seq && params->seq_len > 0)
2421			flags |= NDIS_80211_ADDKEY_SET_INIT_RECV_SEQ;
2422		if (mac_addr)
2423			flags |= NDIS_80211_ADDKEY_PAIRWISE_KEY |
2424					NDIS_80211_ADDKEY_TRANSMIT_KEY;
2425
2426		return add_wpa_key(usbdev, params->key, params->key_len,
2427				key_index, mac_addr, params->seq,
2428				params->seq_len, params->cipher, flags);
2429	default:
2430		netdev_dbg(usbdev->net, "%s(): unsupported cipher %08x\n",
2431			   __func__, params->cipher);
2432		return -ENOTSUPP;
2433	}
2434}
2435
2436static int rndis_del_key(struct wiphy *wiphy, struct net_device *netdev,
2437			 u8 key_index, bool pairwise, const u8 *mac_addr)
2438{
2439	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2440	struct usbnet *usbdev = priv->usbdev;
2441
2442	netdev_dbg(usbdev->net, "%s(%i, %pM)\n", __func__, key_index, mac_addr);
2443
2444	return remove_key(usbdev, key_index, mac_addr);
2445}
2446
2447static int rndis_set_default_key(struct wiphy *wiphy, struct net_device *netdev,
2448				 u8 key_index, bool unicast, bool multicast)
2449{
2450	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2451	struct usbnet *usbdev = priv->usbdev;
2452	struct rndis_wlan_encr_key key;
2453
2454	netdev_dbg(usbdev->net, "%s(%i)\n", __func__, key_index);
2455
2456	priv->encr_tx_key_index = key_index;
2457
2458	if (is_wpa_key(priv, key_index))
2459		return 0;
2460
2461	key = priv->encr_keys[key_index];
2462
2463	return add_wep_key(usbdev, key.material, key.len, key_index);
2464}
2465
2466static void rndis_fill_station_info(struct usbnet *usbdev,
2467						struct station_info *sinfo)
2468{
2469	__le32 linkspeed, rssi;
2470	int ret, len;
2471
2472	memset(sinfo, 0, sizeof(*sinfo));
2473
2474	len = sizeof(linkspeed);
2475	ret = rndis_query_oid(usbdev, OID_GEN_LINK_SPEED, &linkspeed, &len);
2476	if (ret == 0) {
2477		sinfo->txrate.legacy = le32_to_cpu(linkspeed) / 1000;
2478		sinfo->filled |= STATION_INFO_TX_BITRATE;
2479	}
2480
2481	len = sizeof(rssi);
2482	ret = rndis_query_oid(usbdev, OID_802_11_RSSI, &rssi, &len);
2483	if (ret == 0) {
2484		sinfo->signal = level_to_qual(le32_to_cpu(rssi));
2485		sinfo->filled |= STATION_INFO_SIGNAL;
2486	}
2487}
2488
2489static int rndis_get_station(struct wiphy *wiphy, struct net_device *dev,
2490					u8 *mac, struct station_info *sinfo)
2491{
2492	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2493	struct usbnet *usbdev = priv->usbdev;
2494
2495	if (compare_ether_addr(priv->bssid, mac))
2496		return -ENOENT;
2497
2498	rndis_fill_station_info(usbdev, sinfo);
2499
2500	return 0;
2501}
2502
2503static int rndis_dump_station(struct wiphy *wiphy, struct net_device *dev,
2504			       int idx, u8 *mac, struct station_info *sinfo)
2505{
2506	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2507	struct usbnet *usbdev = priv->usbdev;
2508
2509	if (idx != 0)
2510		return -ENOENT;
2511
2512	memcpy(mac, priv->bssid, ETH_ALEN);
2513
2514	rndis_fill_station_info(usbdev, sinfo);
2515
2516	return 0;
2517}
2518
2519static int rndis_set_pmksa(struct wiphy *wiphy, struct net_device *netdev,
2520				struct cfg80211_pmksa *pmksa)
2521{
2522	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2523	struct usbnet *usbdev = priv->usbdev;
2524	struct ndis_80211_pmkid *pmkids;
2525	u32 *tmp = (u32 *)pmksa->pmkid;
2526
2527	netdev_dbg(usbdev->net, "%s(%pM, %08X:%08X:%08X:%08X)\n", __func__,
2528			pmksa->bssid,
2529			cpu_to_be32(tmp[0]), cpu_to_be32(tmp[1]),
2530			cpu_to_be32(tmp[2]), cpu_to_be32(tmp[3]));
2531
2532	pmkids = get_device_pmkids(usbdev);
2533	if (IS_ERR(pmkids)) {
2534		/* couldn't read PMKID cache from device */
2535		return PTR_ERR(pmkids);
2536	}
2537
2538	pmkids = update_pmkid(usbdev, pmkids, pmksa, wiphy->max_num_pmkids);
2539	if (IS_ERR(pmkids)) {
2540		/* not found, list full, etc */
2541		return PTR_ERR(pmkids);
2542	}
2543
2544	return set_device_pmkids(usbdev, pmkids);
2545}
2546
2547static int rndis_del_pmksa(struct wiphy *wiphy, struct net_device *netdev,
2548				struct cfg80211_pmksa *pmksa)
2549{
2550	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2551	struct usbnet *usbdev = priv->usbdev;
2552	struct ndis_80211_pmkid *pmkids;
2553	u32 *tmp = (u32 *)pmksa->pmkid;
2554
2555	netdev_dbg(usbdev->net, "%s(%pM, %08X:%08X:%08X:%08X)\n", __func__,
2556			pmksa->bssid,
2557			cpu_to_be32(tmp[0]), cpu_to_be32(tmp[1]),
2558			cpu_to_be32(tmp[2]), cpu_to_be32(tmp[3]));
2559
2560	pmkids = get_device_pmkids(usbdev);
2561	if (IS_ERR(pmkids)) {
2562		/* Couldn't read PMKID cache from device */
2563		return PTR_ERR(pmkids);
2564	}
2565
2566	pmkids = remove_pmkid(usbdev, pmkids, pmksa, wiphy->max_num_pmkids);
2567	if (IS_ERR(pmkids)) {
2568		/* not found, etc */
2569		return PTR_ERR(pmkids);
2570	}
2571
2572	return set_device_pmkids(usbdev, pmkids);
2573}
2574
2575static int rndis_flush_pmksa(struct wiphy *wiphy, struct net_device *netdev)
2576{
2577	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2578	struct usbnet *usbdev = priv->usbdev;
2579	struct ndis_80211_pmkid pmkid;
2580
2581	netdev_dbg(usbdev->net, "%s()\n", __func__);
2582
2583	memset(&pmkid, 0, sizeof(pmkid));
2584
2585	pmkid.length = cpu_to_le32(sizeof(pmkid));
2586	pmkid.bssid_info_count = cpu_to_le32(0);
2587
2588	return rndis_set_oid(usbdev, OID_802_11_PMKID, &pmkid, sizeof(pmkid));
2589}
2590
2591static int rndis_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
2592				bool enabled, int timeout)
2593{
2594	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2595	struct usbnet *usbdev = priv->usbdev;
2596	int power_mode;
2597	__le32 mode;
2598	int ret;
2599
2600	if (priv->device_type != RNDIS_BCM4320B)
2601		return -ENOTSUPP;
2602
2603	netdev_dbg(usbdev->net, "%s(): %s, %d\n", __func__,
2604				enabled ? "enabled" : "disabled",
2605				timeout);
2606
2607	if (enabled)
2608		power_mode = NDIS_80211_POWER_MODE_FAST_PSP;
2609	else
2610		power_mode = NDIS_80211_POWER_MODE_CAM;
2611
2612	if (power_mode == priv->power_mode)
2613		return 0;
2614
2615	priv->power_mode = power_mode;
2616
2617	mode = cpu_to_le32(power_mode);
2618	ret = rndis_set_oid(usbdev, OID_802_11_POWER_MODE, &mode, sizeof(mode));
2619
2620	netdev_dbg(usbdev->net, "%s(): OID_802_11_POWER_MODE -> %d\n",
2621				__func__, ret);
2622
2623	return ret;
2624}
2625
2626static int rndis_set_cqm_rssi_config(struct wiphy *wiphy,
2627					struct net_device *dev,
2628					s32 rssi_thold, u32 rssi_hyst)
2629{
2630	struct rndis_wlan_private *priv = wiphy_priv(wiphy);
2631
2632	priv->cqm_rssi_thold = rssi_thold;
2633	priv->cqm_rssi_hyst = rssi_hyst;
2634	priv->last_cqm_event_rssi = 0;
2635
2636	return 0;
2637}
2638
2639static void rndis_wlan_craft_connected_bss(struct usbnet *usbdev, u8 *bssid,
2640					   struct ndis_80211_assoc_info *info)
2641{
2642	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
2643	struct ieee80211_channel *channel;
2644	struct ndis_80211_conf config;
2645	struct ndis_80211_ssid ssid;
2646	s32 signal;
2647	u64 timestamp;
2648	u16 capability;
2649	u16 beacon_interval;
2650	__le32 rssi;
2651	u8 ie_buf[34];
2652	int len, ret, ie_len;
2653
2654	/* Get signal quality, in case of error use rssi=0 and ignore error. */
2655	len = sizeof(rssi);
2656	rssi = 0;
2657	ret = rndis_query_oid(usbdev, OID_802_11_RSSI, &rssi, &len);
2658	signal = level_to_qual(le32_to_cpu(rssi));
2659
2660	netdev_dbg(usbdev->net, "%s(): OID_802_11_RSSI -> %d, "
2661		   "rssi:%d, qual: %d\n", __func__, ret, le32_to_cpu(rssi),
2662		   level_to_qual(le32_to_cpu(rssi)));
2663
2664	/* Get AP capabilities */
2665	if (info) {
2666		capability = le16_to_cpu(info->resp_ie.capa);
2667	} else {
2668		/* Set atleast ESS/IBSS capability */
2669		capability = (priv->infra_mode == NDIS_80211_INFRA_INFRA) ?
2670				WLAN_CAPABILITY_ESS : WLAN_CAPABILITY_IBSS;
2671	}
2672
2673	/* Get channel and beacon interval */
2674	len = sizeof(config);
2675	ret = rndis_query_oid(usbdev, OID_802_11_CONFIGURATION, &config, &len);
2676	netdev_dbg(usbdev->net, "%s(): OID_802_11_CONFIGURATION -> %d\n",
2677				__func__, ret);
2678	if (ret >= 0) {
2679		beacon_interval = le16_to_cpu(config.beacon_period);
2680		channel = ieee80211_get_channel(priv->wdev.wiphy,
2681				KHZ_TO_MHZ(le32_to_cpu(config.ds_config)));
2682		if (!channel) {
2683			netdev_warn(usbdev->net, "%s(): could not get channel."
2684						 "\n", __func__);
2685			return;
2686		}
2687	} else {
2688		netdev_warn(usbdev->net, "%s(): could not get configuration.\n",
2689					 __func__);
2690		return;
2691	}
2692
2693	/* Get SSID, in case of error, use zero length SSID and ignore error. */
2694	len = sizeof(ssid);
2695	memset(&ssid, 0, sizeof(ssid));
2696	ret = rndis_query_oid(usbdev, OID_802_11_SSID, &ssid, &len);
2697	netdev_dbg(usbdev->net, "%s(): OID_802_11_SSID -> %d, len: %d, ssid: "
2698				"'%.32s'\n", __func__, ret,
2699				le32_to_cpu(ssid.length), ssid.essid);
2700
2701	if (le32_to_cpu(ssid.length) > 32)
2702		ssid.length = cpu_to_le32(32);
2703
2704	ie_buf[0] = WLAN_EID_SSID;
2705	ie_buf[1] = le32_to_cpu(ssid.length);
2706	memcpy(&ie_buf[2], ssid.essid, le32_to_cpu(ssid.length));
2707
2708	ie_len = le32_to_cpu(ssid.length) + 2;
2709
2710	/* no tsf */
2711	timestamp = 0;
2712
2713	netdev_dbg(usbdev->net, "%s(): channel:%d(freq), bssid:[%pM], tsf:%d, "
2714		"capa:%x, beacon int:%d, resp_ie(len:%d, essid:'%.32s'), "
2715		"signal:%d\n", __func__, (channel ? channel->center_freq : -1),
2716		bssid, (u32)timestamp, capability, beacon_interval, ie_len,
2717		ssid.essid, signal);
2718
2719	cfg80211_inform_bss(priv->wdev.wiphy, channel, bssid,
2720		timestamp, capability, beacon_interval, ie_buf, ie_len,
2721		signal, GFP_KERNEL);
2722}
2723
2724/*
2725 * workers, indication handlers, device poller
2726 */
2727static void rndis_wlan_do_link_up_work(struct usbnet *usbdev)
2728{
2729	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
2730	struct ndis_80211_assoc_info *info = NULL;
2731	u8 bssid[ETH_ALEN];
2732	int resp_ie_len, req_ie_len;
2733	u8 *req_ie, *resp_ie;
2734	int ret, offset;
2735	bool roamed = false;
2736	bool match_bss;
2737
2738	if (priv->infra_mode == NDIS_80211_INFRA_INFRA && priv->connected) {
2739		/* received media connect indication while connected, either
2740		 * device reassociated with same AP or roamed to new. */
2741		roamed = true;
2742	}
2743
2744	req_ie_len = 0;
2745	resp_ie_len = 0;
2746	req_ie = NULL;
2747	resp_ie = NULL;
2748
2749	if (priv->infra_mode == NDIS_80211_INFRA_INFRA) {
2750		info = kzalloc(CONTROL_BUFFER_SIZE, GFP_KERNEL);
2751		if (!info) {
2752			/* No memory? Try resume work later */
2753			set_bit(WORK_LINK_UP, &priv->work_pending);
2754			queue_work(priv->workqueue, &priv->work);
2755			return;
2756		}
2757
2758		/* Get association info IEs from device. */
2759		ret = get_association_info(usbdev, info, CONTROL_BUFFER_SIZE);
2760		if (!ret) {
2761			req_ie_len = le32_to_cpu(info->req_ie_length);
2762			if (req_ie_len > 0) {
2763				offset = le32_to_cpu(info->offset_req_ies);
2764
2765				if (offset > CONTROL_BUFFER_SIZE)
2766					offset = CONTROL_BUFFER_SIZE;
2767
2768				req_ie = (u8 *)info + offset;
2769
2770				if (offset + req_ie_len > CONTROL_BUFFER_SIZE)
2771					req_ie_len =
2772						CONTROL_BUFFER_SIZE - offset;
2773			}
2774
2775			resp_ie_len = le32_to_cpu(info->resp_ie_length);
2776			if (resp_ie_len > 0) {
2777				offset = le32_to_cpu(info->offset_resp_ies);
2778
2779				if (offset > CONTROL_BUFFER_SIZE)
2780					offset = CONTROL_BUFFER_SIZE;
2781
2782				resp_ie = (u8 *)info + offset;
2783
2784				if (offset + resp_ie_len > CONTROL_BUFFER_SIZE)
2785					resp_ie_len =
2786						CONTROL_BUFFER_SIZE - offset;
2787			}
2788		} else {
2789			/* Since rndis_wlan_craft_connected_bss() might use info
2790			 * later and expects info to contain valid data if
2791			 * non-null, free info and set NULL here.
2792			 */
2793			kfree(info);
2794			info = NULL;
2795		}
2796	} else if (WARN_ON(priv->infra_mode != NDIS_80211_INFRA_ADHOC))
2797		return;
2798
2799	ret = get_bssid(usbdev, bssid);
2800	if (ret < 0)
2801		memset(bssid, 0, sizeof(bssid));
2802
2803	netdev_dbg(usbdev->net, "link up work: [%pM]%s\n",
2804		   bssid, roamed ? " roamed" : "");
2805
2806	/* Internal bss list in device should contain at least the currently
2807	 * connected bss and we can get it to cfg80211 with
2808	 * rndis_check_bssid_list().
2809	 *
2810	 * NDIS spec says: "If the device is associated, but the associated
2811	 *  BSSID is not in its BSSID scan list, then the driver must add an
2812	 *  entry for the BSSID at the end of the data that it returns in
2813	 *  response to query of OID_802_11_BSSID_LIST."
2814	 *
2815	 * NOTE: Seems to be true for BCM4320b variant, but not BCM4320a.
2816	 */
2817	match_bss = false;
2818	rndis_check_bssid_list(usbdev, bssid, &match_bss);
2819
2820	if (!is_zero_ether_addr(bssid) && !match_bss) {
2821		/* Couldn't get bss from device, we need to manually craft bss
2822		 * for cfg80211.
2823		 */
2824		rndis_wlan_craft_connected_bss(usbdev, bssid, info);
2825	}
2826
2827	if (priv->infra_mode == NDIS_80211_INFRA_INFRA) {
2828		if (!roamed)
2829			cfg80211_connect_result(usbdev->net, bssid, req_ie,
2830						req_ie_len, resp_ie,
2831						resp_ie_len, 0, GFP_KERNEL);
2832		else
2833			cfg80211_roamed(usbdev->net, bssid, req_ie, req_ie_len,
2834					resp_ie, resp_ie_len, GFP_KERNEL);
2835	} else if (priv->infra_mode == NDIS_80211_INFRA_ADHOC)
2836		cfg80211_ibss_joined(usbdev->net, bssid, GFP_KERNEL);
2837
2838	if (info != NULL)
2839		kfree(info);
2840
2841	priv->connected = true;
2842	memcpy(priv->bssid, bssid, ETH_ALEN);
2843
2844	usbnet_resume_rx(usbdev);
2845	netif_carrier_on(usbdev->net);
2846}
2847
2848static void rndis_wlan_do_link_down_work(struct usbnet *usbdev)
2849{
2850	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
2851
2852	if (priv->connected) {
2853		priv->connected = false;
2854		memset(priv->bssid, 0, ETH_ALEN);
2855
2856		deauthenticate(usbdev);
2857
2858		cfg80211_disconnected(usbdev->net, 0, NULL, 0, GFP_KERNEL);
2859	}
2860
2861	netif_carrier_off(usbdev->net);
2862}
2863
2864static void rndis_wlan_worker(struct work_struct *work)
2865{
2866	struct rndis_wlan_private *priv =
2867		container_of(work, struct rndis_wlan_private, work);
2868	struct usbnet *usbdev = priv->usbdev;
2869
2870	if (test_and_clear_bit(WORK_LINK_UP, &priv->work_pending))
2871		rndis_wlan_do_link_up_work(usbdev);
2872
2873	if (test_and_clear_bit(WORK_LINK_DOWN, &priv->work_pending))
2874		rndis_wlan_do_link_down_work(usbdev);
2875
2876	if (test_and_clear_bit(WORK_SET_MULTICAST_LIST, &priv->work_pending))
2877		set_multicast_list(usbdev);
2878}
2879
2880static void rndis_wlan_set_multicast_list(struct net_device *dev)
2881{
2882	struct usbnet *usbdev = netdev_priv(dev);
2883	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
2884
2885	if (test_bit(WORK_SET_MULTICAST_LIST, &priv->work_pending))
2886		return;
2887
2888	set_bit(WORK_SET_MULTICAST_LIST, &priv->work_pending);
2889	queue_work(priv->workqueue, &priv->work);
2890}
2891
2892static void rndis_wlan_auth_indication(struct usbnet *usbdev,
2893				struct ndis_80211_status_indication *indication,
2894				int len)
2895{
2896	u8 *buf;
2897	const char *type;
2898	int flags, buflen, key_id;
2899	bool pairwise_error, group_error;
2900	struct ndis_80211_auth_request *auth_req;
2901	enum nl80211_key_type key_type;
2902
2903	/* must have at least one array entry */
2904	if (len < offsetof(struct ndis_80211_status_indication, u) +
2905				sizeof(struct ndis_80211_auth_request)) {
2906		netdev_info(usbdev->net, "authentication indication: too short message (%i)\n",
2907			    len);
2908		return;
2909	}
2910
2911	buf = (void *)&indication->u.auth_request[0];
2912	buflen = len - offsetof(struct ndis_80211_status_indication, u);
2913
2914	while (buflen >= sizeof(*auth_req)) {
2915		auth_req = (void *)buf;
2916		type = "unknown";
2917		flags = le32_to_cpu(auth_req->flags);
2918		pairwise_error = false;
2919		group_error = false;
2920
2921		if (flags & 0x1)
2922			type = "reauth request";
2923		if (flags & 0x2)
2924			type = "key update request";
2925		if (flags & 0x6) {
2926			pairwise_error = true;
2927			type = "pairwise_error";
2928		}
2929		if (flags & 0xe) {
2930			group_error = true;
2931			type = "group_error";
2932		}
2933
2934		netdev_info(usbdev->net, "authentication indication: %s (0x%08x)\n",
2935			    type, le32_to_cpu(auth_req->flags));
2936
2937		if (pairwise_error) {
2938			key_type = NL80211_KEYTYPE_PAIRWISE;
2939			key_id = -1;
2940
2941			cfg80211_michael_mic_failure(usbdev->net,
2942							auth_req->bssid,
2943							key_type, key_id, NULL,
2944							GFP_KERNEL);
2945		}
2946
2947		if (group_error) {
2948			key_type = NL80211_KEYTYPE_GROUP;
2949			key_id = -1;
2950
2951			cfg80211_michael_mic_failure(usbdev->net,
2952							auth_req->bssid,
2953							key_type, key_id, NULL,
2954							GFP_KERNEL);
2955		}
2956
2957		buflen -= le32_to_cpu(auth_req->length);
2958		buf += le32_to_cpu(auth_req->length);
2959	}
2960}
2961
2962static void rndis_wlan_pmkid_cand_list_indication(struct usbnet *usbdev,
2963				struct ndis_80211_status_indication *indication,
2964				int len)
2965{
2966	struct ndis_80211_pmkid_cand_list *cand_list;
2967	int list_len, expected_len, i;
2968
2969	if (len < offsetof(struct ndis_80211_status_indication, u) +
2970				sizeof(struct ndis_80211_pmkid_cand_list)) {
2971		netdev_info(usbdev->net, "pmkid candidate list indication: too short message (%i)\n",
2972			    len);
2973		return;
2974	}
2975
2976	list_len = le32_to_cpu(indication->u.cand_list.num_candidates) *
2977			sizeof(struct ndis_80211_pmkid_candidate);
2978	expected_len = sizeof(struct ndis_80211_pmkid_cand_list) + list_len +
2979			offsetof(struct ndis_80211_status_indication, u);
2980
2981	if (len < expected_len) {
2982		netdev_info(usbdev->net, "pmkid candidate list indication: list larger than buffer (%i < %i)\n",
2983			    len, expected_len);
2984		return;
2985	}
2986
2987	cand_list = &indication->u.cand_list;
2988
2989	netdev_info(usbdev->net, "pmkid candidate list indication: version %i, candidates %i\n",
2990		    le32_to_cpu(cand_list->version),
2991		    le32_to_cpu(cand_list->num_candidates));
2992
2993	if (le32_to_cpu(cand_list->version) != 1)
2994		return;
2995
2996	for (i = 0; i < le32_to_cpu(cand_list->num_candidates); i++) {
2997		struct ndis_80211_pmkid_candidate *cand =
2998						&cand_list->candidate_list[i];
2999
3000		netdev_dbg(usbdev->net, "cand[%i]: flags: 0x%08x, bssid: %pM\n",
3001			   i, le32_to_cpu(cand->flags), cand->bssid);
3002
3003#if 0
3004		struct iw_pmkid_cand pcand;
3005		union iwreq_data wrqu;
3006
3007		memset(&pcand, 0, sizeof(pcand));
3008		if (le32_to_cpu(cand->flags) & 0x01)
3009			pcand.flags |= IW_PMKID_CAND_PREAUTH;
3010		pcand.index = i;
3011		memcpy(pcand.bssid.sa_data, cand->bssid, ETH_ALEN);
3012
3013		memset(&wrqu, 0, sizeof(wrqu));
3014		wrqu.data.length = sizeof(pcand);
3015		wireless_send_event(usbdev->net, IWEVPMKIDCAND, &wrqu,
3016								(u8 *)&pcand);
3017#endif
3018	}
3019}
3020
3021static void rndis_wlan_media_specific_indication(struct usbnet *usbdev,
3022			struct rndis_indicate *msg, int buflen)
3023{
3024	struct ndis_80211_status_indication *indication;
3025	int len, offset;
3026
3027	offset = offsetof(struct rndis_indicate, status) +
3028			le32_to_cpu(msg->offset);
3029	len = le32_to_cpu(msg->length);
3030
3031	if (len < 8) {
3032		netdev_info(usbdev->net, "media specific indication, ignore too short message (%i < 8)\n",
3033			    len);
3034		return;
3035	}
3036
3037	if (offset + len > buflen) {
3038		netdev_info(usbdev->net, "media specific indication, too large to fit to buffer (%i > %i)\n",
3039			    offset + len, buflen);
3040		return;
3041	}
3042
3043	indication = (void *)((u8 *)msg + offset);
3044
3045	switch (le32_to_cpu(indication->status_type)) {
3046	case NDIS_80211_STATUSTYPE_RADIOSTATE:
3047		netdev_info(usbdev->net, "radio state indication: %i\n",
3048			    le32_to_cpu(indication->u.radio_status));
3049		return;
3050
3051	case NDIS_80211_STATUSTYPE_MEDIASTREAMMODE:
3052		netdev_info(usbdev->net, "media stream mode indication: %i\n",
3053			    le32_to_cpu(indication->u.media_stream_mode));
3054		return;
3055
3056	case NDIS_80211_STATUSTYPE_AUTHENTICATION:
3057		rndis_wlan_auth_indication(usbdev, indication, len);
3058		return;
3059
3060	case NDIS_80211_STATUSTYPE_PMKID_CANDIDATELIST:
3061		rndis_wlan_pmkid_cand_list_indication(usbdev, indication, len);
3062		return;
3063
3064	default:
3065		netdev_info(usbdev->net, "media specific indication: unknown status type 0x%08x\n",
3066			    le32_to_cpu(indication->status_type));
3067	}
3068}
3069
3070static void rndis_wlan_indication(struct usbnet *usbdev, void *ind, int buflen)
3071{
3072	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3073	struct rndis_indicate *msg = ind;
3074
3075	switch (msg->status) {
3076	case RNDIS_STATUS_MEDIA_CONNECT:
3077		if (priv->current_command_oid == OID_802_11_ADD_KEY) {
3078			/* OID_802_11_ADD_KEY causes sometimes extra
3079			 * "media connect" indications which confuses driver
3080			 * and userspace to think that device is
3081			 * roaming/reassociating when it isn't.
3082			 */
3083			netdev_dbg(usbdev->net, "ignored OID_802_11_ADD_KEY triggered 'media connect'\n");
3084			return;
3085		}
3086
3087		usbnet_pause_rx(usbdev);
3088
3089		netdev_info(usbdev->net, "media connect\n");
3090
3091		/* queue work to avoid recursive calls into rndis_command */
3092		set_bit(WORK_LINK_UP, &priv->work_pending);
3093		queue_work(priv->workqueue, &priv->work);
3094		break;
3095
3096	case RNDIS_STATUS_MEDIA_DISCONNECT:
3097		netdev_info(usbdev->net, "media disconnect\n");
3098
3099		/* queue work to avoid recursive calls into rndis_command */
3100		set_bit(WORK_LINK_DOWN, &priv->work_pending);
3101		queue_work(priv->workqueue, &priv->work);
3102		break;
3103
3104	case RNDIS_STATUS_MEDIA_SPECIFIC_INDICATION:
3105		rndis_wlan_media_specific_indication(usbdev, msg, buflen);
3106		break;
3107
3108	default:
3109		netdev_info(usbdev->net, "indication: 0x%08x\n",
3110			    le32_to_cpu(msg->status));
3111		break;
3112	}
3113}
3114
3115static int rndis_wlan_get_caps(struct usbnet *usbdev, struct wiphy *wiphy)
3116{
3117	struct {
3118		__le32	num_items;
3119		__le32	items[8];
3120	} networks_supported;
3121	struct ndis_80211_capability *caps;
3122	u8 caps_buf[sizeof(*caps) + sizeof(caps->auth_encr_pair) * 16];
3123	int len, retval, i, n;
3124	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3125
3126	/* determine supported modes */
3127	len = sizeof(networks_supported);
3128	retval = rndis_query_oid(usbdev, OID_802_11_NETWORK_TYPES_SUPPORTED,
3129						&networks_supported, &len);
3130	if (retval >= 0) {
3131		n = le32_to_cpu(networks_supported.num_items);
3132		if (n > 8)
3133			n = 8;
3134		for (i = 0; i < n; i++) {
3135			switch (le32_to_cpu(networks_supported.items[i])) {
3136			case NDIS_80211_TYPE_FREQ_HOP:
3137			case NDIS_80211_TYPE_DIRECT_SEQ:
3138				priv->caps |= CAP_MODE_80211B;
3139				break;
3140			case NDIS_80211_TYPE_OFDM_A:
3141				priv->caps |= CAP_MODE_80211A;
3142				break;
3143			case NDIS_80211_TYPE_OFDM_G:
3144				priv->caps |= CAP_MODE_80211G;
3145				break;
3146			}
3147		}
3148	}
3149
3150	/* get device 802.11 capabilities, number of PMKIDs */
3151	caps = (struct ndis_80211_capability *)caps_buf;
3152	len = sizeof(caps_buf);
3153	retval = rndis_query_oid(usbdev, OID_802_11_CAPABILITY, caps, &len);
3154	if (retval >= 0) {
3155		netdev_dbg(usbdev->net, "OID_802_11_CAPABILITY -> len %d, "
3156				"ver %d, pmkids %d, auth-encr-pairs %d\n",
3157				le32_to_cpu(caps->length),
3158				le32_to_cpu(caps->version),
3159				le32_to_cpu(caps->num_pmkids),
3160				le32_to_cpu(caps->num_auth_encr_pair));
3161		wiphy->max_num_pmkids = le32_to_cpu(caps->num_pmkids);
3162	} else
3163		wiphy->max_num_pmkids = 0;
3164
3165	return retval;
3166}
3167
3168static void rndis_do_cqm(struct usbnet *usbdev, s32 rssi)
3169{
3170	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3171	enum nl80211_cqm_rssi_threshold_event event;
3172	int thold, hyst, last_event;
3173
3174	if (priv->cqm_rssi_thold >= 0 || rssi >= 0)
3175		return;
3176	if (priv->infra_mode != NDIS_80211_INFRA_INFRA)
3177		return;
3178
3179	last_event = priv->last_cqm_event_rssi;
3180	thold = priv->cqm_rssi_thold;
3181	hyst = priv->cqm_rssi_hyst;
3182
3183	if (rssi < thold && (last_event == 0 || rssi < last_event - hyst))
3184		event = NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW;
3185	else if (rssi > thold && (last_event == 0 || rssi > last_event + hyst))
3186		event = NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH;
3187	else
3188		return;
3189
3190	priv->last_cqm_event_rssi = rssi;
3191	cfg80211_cqm_rssi_notify(usbdev->net, event, GFP_KERNEL);
3192}
3193
3194#define DEVICE_POLLER_JIFFIES (HZ)
3195static void rndis_device_poller(struct work_struct *work)
3196{
3197	struct rndis_wlan_private *priv =
3198		container_of(work, struct rndis_wlan_private,
3199							dev_poller_work.work);
3200	struct usbnet *usbdev = priv->usbdev;
3201	__le32 rssi, tmp;
3202	int len, ret, j;
3203	int update_jiffies = DEVICE_POLLER_JIFFIES;
3204	void *buf;
3205
3206	/* Only check/do workaround when connected. Calling is_associated()
3207	 * also polls device with rndis_command() and catches for media link
3208	 * indications.
3209	 */
3210	if (!is_associated(usbdev)) {
3211		/* Workaround bad scanning in BCM4320a devices with active
3212		 * background scanning when not associated.
3213		 */
3214		if (priv->device_type == RNDIS_BCM4320A && priv->radio_on &&
3215		    !priv->scan_request) {
3216			/* Get previous scan results */
3217			rndis_check_bssid_list(usbdev, NULL, NULL);
3218
3219			/* Initiate new scan */
3220			rndis_start_bssid_list_scan(usbdev);
3221		}
3222
3223		goto end;
3224	}
3225
3226	len = sizeof(rssi);
3227	ret = rndis_query_oid(usbdev, OID_802_11_RSSI, &rssi, &len);
3228	if (ret == 0) {
3229		priv->last_qual = level_to_qual(le32_to_cpu(rssi));
3230		rndis_do_cqm(usbdev, le32_to_cpu(rssi));
3231	}
3232
3233	netdev_dbg(usbdev->net, "dev-poller: OID_802_11_RSSI -> %d, rssi:%d, qual: %d\n",
3234		   ret, le32_to_cpu(rssi), level_to_qual(le32_to_cpu(rssi)));
3235
3236	/* Workaround transfer stalls on poor quality links.
3237	 * TODO: find right way to fix these stalls (as stalls do not happen
3238	 * with ndiswrapper/windows driver). */
3239	if (priv->param_workaround_interval > 0 && priv->last_qual <= 25) {
3240		/* Decrease stats worker interval to catch stalls.
3241		 * faster. Faster than 400-500ms causes packet loss,
3242		 * Slower doesn't catch stalls fast enough.
3243		 */
3244		j = msecs_to_jiffies(priv->param_workaround_interval);
3245		if (j > DEVICE_POLLER_JIFFIES)
3246			j = DEVICE_POLLER_JIFFIES;
3247		else if (j <= 0)
3248			j = 1;
3249		update_jiffies = j;
3250
3251		/* Send scan OID. Use of both OIDs is required to get device
3252		 * working.
3253		 */
3254		tmp = cpu_to_le32(1);
3255		rndis_set_oid(usbdev, OID_802_11_BSSID_LIST_SCAN, &tmp,
3256								sizeof(tmp));
3257
3258		len = CONTROL_BUFFER_SIZE;
3259		buf = kmalloc(len, GFP_KERNEL);
3260		if (!buf)
3261			goto end;
3262
3263		rndis_query_oid(usbdev, OID_802_11_BSSID_LIST, buf, &len);
3264		kfree(buf);
3265	}
3266
3267end:
3268	if (update_jiffies >= HZ)
3269		update_jiffies = round_jiffies_relative(update_jiffies);
3270	else {
3271		j = round_jiffies_relative(update_jiffies);
3272		if (abs(j - update_jiffies) <= 10)
3273			update_jiffies = j;
3274	}
3275
3276	queue_delayed_work(priv->workqueue, &priv->dev_poller_work,
3277								update_jiffies);
3278}
3279
3280/*
3281 * driver/device initialization
3282 */
3283static void rndis_copy_module_params(struct usbnet *usbdev, int device_type)
3284{
3285	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3286
3287	priv->device_type = device_type;
3288
3289	priv->param_country[0] = modparam_country[0];
3290	priv->param_country[1] = modparam_country[1];
3291	priv->param_country[2] = 0;
3292	priv->param_frameburst   = modparam_frameburst;
3293	priv->param_afterburner  = modparam_afterburner;
3294	priv->param_power_save   = modparam_power_save;
3295	priv->param_power_output = modparam_power_output;
3296	priv->param_roamtrigger  = modparam_roamtrigger;
3297	priv->param_roamdelta    = modparam_roamdelta;
3298
3299	priv->param_country[0] = toupper(priv->param_country[0]);
3300	priv->param_country[1] = toupper(priv->param_country[1]);
3301	/* doesn't support EU as country code, use FI instead */
3302	if (!strcmp(priv->param_country, "EU"))
3303		strcpy(priv->param_country, "FI");
3304
3305	if (priv->param_power_save < 0)
3306		priv->param_power_save = 0;
3307	else if (priv->param_power_save > 2)
3308		priv->param_power_save = 2;
3309
3310	if (priv->param_power_output < 0)
3311		priv->param_power_output = 0;
3312	else if (priv->param_power_output > 3)
3313		priv->param_power_output = 3;
3314
3315	if (priv->param_roamtrigger < -80)
3316		priv->param_roamtrigger = -80;
3317	else if (priv->param_roamtrigger > -60)
3318		priv->param_roamtrigger = -60;
3319
3320	if (priv->param_roamdelta < 0)
3321		priv->param_roamdelta = 0;
3322	else if (priv->param_roamdelta > 2)
3323		priv->param_roamdelta = 2;
3324
3325	if (modparam_workaround_interval < 0)
3326		priv->param_workaround_interval = 500;
3327	else
3328		priv->param_workaround_interval = modparam_workaround_interval;
3329}
3330
3331static int unknown_early_init(struct usbnet *usbdev)
3332{
3333	/* copy module parameters for unknown so that iwconfig reports txpower
3334	 * and workaround parameter is copied to private structure correctly.
3335	 */
3336	rndis_copy_module_params(usbdev, RNDIS_UNKNOWN);
3337
3338	/* This is unknown device, so do not try set configuration parameters.
3339	 */
3340
3341	return 0;
3342}
3343
3344static int bcm4320a_early_init(struct usbnet *usbdev)
3345{
3346	/* copy module parameters for bcm4320a so that iwconfig reports txpower
3347	 * and workaround parameter is copied to private structure correctly.
3348	 */
3349	rndis_copy_module_params(usbdev, RNDIS_BCM4320A);
3350
3351	/* bcm4320a doesn't handle configuration parameters well. Try
3352	 * set any and you get partially zeroed mac and broken device.
3353	 */
3354
3355	return 0;
3356}
3357
3358static int bcm4320b_early_init(struct usbnet *usbdev)
3359{
3360	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3361	char buf[8];
3362
3363	rndis_copy_module_params(usbdev, RNDIS_BCM4320B);
3364
3365	/* Early initialization settings, setting these won't have effect
3366	 * if called after generic_rndis_bind().
3367	 */
3368
3369	rndis_set_config_parameter_str(usbdev, "Country", priv->param_country);
3370	rndis_set_config_parameter_str(usbdev, "FrameBursting",
3371					priv->param_frameburst ? "1" : "0");
3372	rndis_set_config_parameter_str(usbdev, "Afterburner",
3373					priv->param_afterburner ? "1" : "0");
3374	sprintf(buf, "%d", priv->param_power_save);
3375	rndis_set_config_parameter_str(usbdev, "PowerSaveMode", buf);
3376	sprintf(buf, "%d", priv->param_power_output);
3377	rndis_set_config_parameter_str(usbdev, "PwrOut", buf);
3378	sprintf(buf, "%d", priv->param_roamtrigger);
3379	rndis_set_config_parameter_str(usbdev, "RoamTrigger", buf);
3380	sprintf(buf, "%d", priv->param_roamdelta);
3381	rndis_set_config_parameter_str(usbdev, "RoamDelta", buf);
3382
3383	return 0;
3384}
3385
3386/* same as rndis_netdev_ops but with local multicast handler */
3387static const struct net_device_ops rndis_wlan_netdev_ops = {
3388	.ndo_open		= usbnet_open,
3389	.ndo_stop		= usbnet_stop,
3390	.ndo_start_xmit		= usbnet_start_xmit,
3391	.ndo_tx_timeout		= usbnet_tx_timeout,
3392	.ndo_set_mac_address 	= eth_mac_addr,
3393	.ndo_validate_addr	= eth_validate_addr,
3394	.ndo_set_multicast_list	= rndis_wlan_set_multicast_list,
3395};
3396
3397static int rndis_wlan_bind(struct usbnet *usbdev, struct usb_interface *intf)
3398{
3399	struct wiphy *wiphy;
3400	struct rndis_wlan_private *priv;
3401	int retval, len;
3402	__le32 tmp;
3403
3404	/* allocate wiphy and rndis private data
3405	 * NOTE: We only support a single virtual interface, so wiphy
3406	 * and wireless_dev are somewhat synonymous for this device.
3407	 */
3408	wiphy = wiphy_new(&rndis_config_ops, sizeof(struct rndis_wlan_private));
3409	if (!wiphy)
3410		return -ENOMEM;
3411
3412	priv = wiphy_priv(wiphy);
3413	usbdev->net->ieee80211_ptr = &priv->wdev;
3414	priv->wdev.wiphy = wiphy;
3415	priv->wdev.iftype = NL80211_IFTYPE_STATION;
3416
3417	/* These have to be initialized before calling generic_rndis_bind().
3418	 * Otherwise we'll be in big trouble in rndis_wlan_early_init().
3419	 */
3420	usbdev->driver_priv = priv;
3421	priv->usbdev = usbdev;
3422
3423	mutex_init(&priv->command_lock);
3424
3425	/* because rndis_command() sleeps we need to use workqueue */
3426	priv->workqueue = create_singlethread_workqueue("rndis_wlan");
3427	INIT_WORK(&priv->work, rndis_wlan_worker);
3428	INIT_DELAYED_WORK(&priv->dev_poller_work, rndis_device_poller);
3429	INIT_DELAYED_WORK(&priv->scan_work, rndis_get_scan_results);
3430
3431	/* try bind rndis_host */
3432	retval = generic_rndis_bind(usbdev, intf, FLAG_RNDIS_PHYM_WIRELESS);
3433	if (retval < 0)
3434		goto fail;
3435
3436	/* generic_rndis_bind set packet filter to multicast_all+
3437	 * promisc mode which doesn't work well for our devices (device
3438	 * picks up rssi to closest station instead of to access point).
3439	 *
3440	 * rndis_host wants to avoid all OID as much as possible
3441	 * so do promisc/multicast handling in rndis_wlan.
3442	 */
3443	usbdev->net->netdev_ops = &rndis_wlan_netdev_ops;
3444
3445	tmp = RNDIS_PACKET_TYPE_DIRECTED | RNDIS_PACKET_TYPE_BROADCAST;
3446	retval = rndis_set_oid(usbdev, OID_GEN_CURRENT_PACKET_FILTER, &tmp,
3447								sizeof(tmp));
3448
3449	len = sizeof(tmp);
3450	retval = rndis_query_oid(usbdev, OID_802_3_MAXIMUM_LIST_SIZE, &tmp,
3451								&len);
3452	priv->multicast_size = le32_to_cpu(tmp);
3453	if (retval < 0 || priv->multicast_size < 0)
3454		priv->multicast_size = 0;
3455	if (priv->multicast_size > 0)
3456		usbdev->net->flags |= IFF_MULTICAST;
3457	else
3458		usbdev->net->flags &= ~IFF_MULTICAST;
3459
3460	/* fill-out wiphy structure and register w/ cfg80211 */
3461	memcpy(wiphy->perm_addr, usbdev->net->dev_addr, ETH_ALEN);
3462	wiphy->privid = rndis_wiphy_privid;
3463	wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION)
3464					| BIT(NL80211_IFTYPE_ADHOC);
3465	wiphy->max_scan_ssids = 1;
3466
3467	/* TODO: fill-out band/encr information based on priv->caps */
3468	rndis_wlan_get_caps(usbdev, wiphy);
3469
3470	memcpy(priv->channels, rndis_channels, sizeof(rndis_channels));
3471	memcpy(priv->rates, rndis_rates, sizeof(rndis_rates));
3472	priv->band.channels = priv->channels;
3473	priv->band.n_channels = ARRAY_SIZE(rndis_channels);
3474	priv->band.bitrates = priv->rates;
3475	priv->band.n_bitrates = ARRAY_SIZE(rndis_rates);
3476	wiphy->bands[IEEE80211_BAND_2GHZ] = &priv->band;
3477	wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
3478
3479	memcpy(priv->cipher_suites, rndis_cipher_suites,
3480						sizeof(rndis_cipher_suites));
3481	wiphy->cipher_suites = priv->cipher_suites;
3482	wiphy->n_cipher_suites = ARRAY_SIZE(rndis_cipher_suites);
3483
3484	set_wiphy_dev(wiphy, &usbdev->udev->dev);
3485
3486	if (wiphy_register(wiphy)) {
3487		retval = -ENODEV;
3488		goto fail;
3489	}
3490
3491	set_default_iw_params(usbdev);
3492
3493	priv->power_mode = -1;
3494
3495	/* set default rts/frag */
3496	rndis_set_wiphy_params(wiphy,
3497			WIPHY_PARAM_FRAG_THRESHOLD | WIPHY_PARAM_RTS_THRESHOLD);
3498
3499	/* turn radio off on init */
3500	priv->radio_on = false;
3501	disassociate(usbdev, false);
3502	netif_carrier_off(usbdev->net);
3503
3504	return 0;
3505
3506fail:
3507	cancel_delayed_work_sync(&priv->dev_poller_work);
3508	cancel_delayed_work_sync(&priv->scan_work);
3509	cancel_work_sync(&priv->work);
3510	flush_workqueue(priv->workqueue);
3511	destroy_workqueue(priv->workqueue);
3512
3513	wiphy_free(wiphy);
3514	return retval;
3515}
3516
3517static void rndis_wlan_unbind(struct usbnet *usbdev, struct usb_interface *intf)
3518{
3519	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3520
3521	/* turn radio off */
3522	disassociate(usbdev, false);
3523
3524	cancel_delayed_work_sync(&priv->dev_poller_work);
3525	cancel_delayed_work_sync(&priv->scan_work);
3526	cancel_work_sync(&priv->work);
3527	flush_workqueue(priv->workqueue);
3528	destroy_workqueue(priv->workqueue);
3529
3530	rndis_unbind(usbdev, intf);
3531
3532	wiphy_unregister(priv->wdev.wiphy);
3533	wiphy_free(priv->wdev.wiphy);
3534}
3535
3536static int rndis_wlan_reset(struct usbnet *usbdev)
3537{
3538	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3539	int retval;
3540
3541	netdev_dbg(usbdev->net, "%s()\n", __func__);
3542
3543	retval = rndis_reset(usbdev);
3544	if (retval)
3545		netdev_warn(usbdev->net, "rndis_reset failed: %d\n", retval);
3546
3547	/* rndis_reset cleared multicast list, so restore here.
3548	   (set_multicast_list() also turns on current packet filter) */
3549	set_multicast_list(usbdev);
3550
3551	queue_delayed_work(priv->workqueue, &priv->dev_poller_work,
3552		round_jiffies_relative(DEVICE_POLLER_JIFFIES));
3553
3554	return deauthenticate(usbdev);
3555}
3556
3557static int rndis_wlan_stop(struct usbnet *usbdev)
3558{
3559	struct rndis_wlan_private *priv = get_rndis_wlan_priv(usbdev);
3560	int retval;
3561	__le32 filter;
3562
3563	netdev_dbg(usbdev->net, "%s()\n", __func__);
3564
3565	retval = disassociate(usbdev, false);
3566
3567	priv->work_pending = 0;
3568	cancel_delayed_work_sync(&priv->dev_poller_work);
3569	cancel_delayed_work_sync(&priv->scan_work);
3570	cancel_work_sync(&priv->work);
3571	flush_workqueue(priv->workqueue);
3572
3573	if (priv->scan_request) {
3574		cfg80211_scan_done(priv->scan_request, true);
3575		priv->scan_request = NULL;
3576	}
3577
3578	/* Set current packet filter zero to block receiving data packets from
3579	   device. */
3580	filter = 0;
3581	rndis_set_oid(usbdev, OID_GEN_CURRENT_PACKET_FILTER, &filter,
3582								sizeof(filter));
3583
3584	return retval;
3585}
3586
3587static const struct driver_info	bcm4320b_info = {
3588	.description =	"Wireless RNDIS device, BCM4320b based",
3589	.flags =	FLAG_WLAN | FLAG_FRAMING_RN | FLAG_NO_SETINT |
3590				FLAG_AVOID_UNLINK_URBS,
3591	.bind =		rndis_wlan_bind,
3592	.unbind =	rndis_wlan_unbind,
3593	.status =	rndis_status,
3594	.rx_fixup =	rndis_rx_fixup,
3595	.tx_fixup =	rndis_tx_fixup,
3596	.reset =	rndis_wlan_reset,
3597	.stop =		rndis_wlan_stop,
3598	.early_init =	bcm4320b_early_init,
3599	.indication =	rndis_wlan_indication,
3600};
3601
3602static const struct driver_info	bcm4320a_info = {
3603	.description =	"Wireless RNDIS device, BCM4320a based",
3604	.flags =	FLAG_WLAN | FLAG_FRAMING_RN | FLAG_NO_SETINT |
3605				FLAG_AVOID_UNLINK_URBS,
3606	.bind =		rndis_wlan_bind,
3607	.unbind =	rndis_wlan_unbind,
3608	.status =	rndis_status,
3609	.rx_fixup =	rndis_rx_fixup,
3610	.tx_fixup =	rndis_tx_fixup,
3611	.reset =	rndis_wlan_reset,
3612	.stop =		rndis_wlan_stop,
3613	.early_init =	bcm4320a_early_init,
3614	.indication =	rndis_wlan_indication,
3615};
3616
3617static const struct driver_info rndis_wlan_info = {
3618	.description =	"Wireless RNDIS device",
3619	.flags =	FLAG_WLAN | FLAG_FRAMING_RN | FLAG_NO_SETINT |
3620				FLAG_AVOID_UNLINK_URBS,
3621	.bind =		rndis_wlan_bind,
3622	.unbind =	rndis_wlan_unbind,
3623	.status =	rndis_status,
3624	.rx_fixup =	rndis_rx_fixup,
3625	.tx_fixup =	rndis_tx_fixup,
3626	.reset =	rndis_wlan_reset,
3627	.stop =		rndis_wlan_stop,
3628	.early_init =	unknown_early_init,
3629	.indication =	rndis_wlan_indication,
3630};
3631
3632/*-------------------------------------------------------------------------*/
3633
3634static const struct usb_device_id products [] = {
3635#define	RNDIS_MASTER_INTERFACE \
3636	.bInterfaceClass	= USB_CLASS_COMM, \
3637	.bInterfaceSubClass	= 2 /* ACM */, \
3638	.bInterfaceProtocol	= 0x0ff
3639
3640/* INF driver for these devices have DriverVer >= 4.xx.xx.xx and many custom
3641 * parameters available. Chipset marked as 'BCM4320SKFBG' in NDISwrapper-wiki.
3642 */
3643{
3644	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3645			  | USB_DEVICE_ID_MATCH_DEVICE,
3646	.idVendor		= 0x0411,
3647	.idProduct		= 0x00bc,	/* Buffalo WLI-U2-KG125S */
3648	RNDIS_MASTER_INTERFACE,
3649	.driver_info		= (unsigned long) &bcm4320b_info,
3650}, {
3651	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3652			  | USB_DEVICE_ID_MATCH_DEVICE,
3653	.idVendor		= 0x0baf,
3654	.idProduct		= 0x011b,	/* U.S. Robotics USR5421 */
3655	RNDIS_MASTER_INTERFACE,
3656	.driver_info		= (unsigned long) &bcm4320b_info,
3657}, {
3658	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3659			  | USB_DEVICE_ID_MATCH_DEVICE,
3660	.idVendor		= 0x050d,
3661	.idProduct		= 0x011b,	/* Belkin F5D7051 */
3662	RNDIS_MASTER_INTERFACE,
3663	.driver_info		= (unsigned long) &bcm4320b_info,
3664}, {
3665	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3666			  | USB_DEVICE_ID_MATCH_DEVICE,
3667	.idVendor		= 0x1799,	/* Belkin has two vendor ids */
3668	.idProduct		= 0x011b,	/* Belkin F5D7051 */
3669	RNDIS_MASTER_INTERFACE,
3670	.driver_info		= (unsigned long) &bcm4320b_info,
3671}, {
3672	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3673			  | USB_DEVICE_ID_MATCH_DEVICE,
3674	.idVendor		= 0x13b1,
3675	.idProduct		= 0x0014,	/* Linksys WUSB54GSv2 */
3676	RNDIS_MASTER_INTERFACE,
3677	.driver_info		= (unsigned long) &bcm4320b_info,
3678}, {
3679	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3680			  | USB_DEVICE_ID_MATCH_DEVICE,
3681	.idVendor		= 0x13b1,
3682	.idProduct		= 0x0026,	/* Linksys WUSB54GSC */
3683	RNDIS_MASTER_INTERFACE,
3684	.driver_info		= (unsigned long) &bcm4320b_info,
3685}, {
3686	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3687			  | USB_DEVICE_ID_MATCH_DEVICE,
3688	.idVendor		= 0x0b05,
3689	.idProduct		= 0x1717,	/* Asus WL169gE */
3690	RNDIS_MASTER_INTERFACE,
3691	.driver_info		= (unsigned long) &bcm4320b_info,
3692}, {
3693	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3694			  | USB_DEVICE_ID_MATCH_DEVICE,
3695	.idVendor		= 0x0a5c,
3696	.idProduct		= 0xd11b,	/* Eminent EM4045 */
3697	RNDIS_MASTER_INTERFACE,
3698	.driver_info		= (unsigned long) &bcm4320b_info,
3699}, {
3700	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3701			  | USB_DEVICE_ID_MATCH_DEVICE,
3702	.idVendor		= 0x1690,
3703	.idProduct		= 0x0715,	/* BT Voyager 1055 */
3704	RNDIS_MASTER_INTERFACE,
3705	.driver_info		= (unsigned long) &bcm4320b_info,
3706},
3707/* These devices have DriverVer < 4.xx.xx.xx and do not have any custom
3708 * parameters available, hardware probably contain older firmware version with
3709 * no way of updating. Chipset marked as 'BCM4320????' in NDISwrapper-wiki.
3710 */
3711{
3712	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3713			  | USB_DEVICE_ID_MATCH_DEVICE,
3714	.idVendor		= 0x13b1,
3715	.idProduct		= 0x000e,	/* Linksys WUSB54GSv1 */
3716	RNDIS_MASTER_INTERFACE,
3717	.driver_info		= (unsigned long) &bcm4320a_info,
3718}, {
3719	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3720			  | USB_DEVICE_ID_MATCH_DEVICE,
3721	.idVendor		= 0x0baf,
3722	.idProduct		= 0x0111,	/* U.S. Robotics USR5420 */
3723	RNDIS_MASTER_INTERFACE,
3724	.driver_info		= (unsigned long) &bcm4320a_info,
3725}, {
3726	.match_flags	=   USB_DEVICE_ID_MATCH_INT_INFO
3727			  | USB_DEVICE_ID_MATCH_DEVICE,
3728	.idVendor		= 0x0411,
3729	.idProduct		= 0x004b,	/* BUFFALO WLI-USB-G54 */
3730	RNDIS_MASTER_INTERFACE,
3731	.driver_info		= (unsigned long) &bcm4320a_info,
3732},
3733/* Generic Wireless RNDIS devices that we don't have exact
3734 * idVendor/idProduct/chip yet.
3735 */
3736{
3737	/* RNDIS is MSFT's un-official variant of CDC ACM */
3738	USB_INTERFACE_INFO(USB_CLASS_COMM, 2 /* ACM */, 0x0ff),
3739	.driver_info = (unsigned long) &rndis_wlan_info,
3740}, {
3741	/* "ActiveSync" is an undocumented variant of RNDIS, used in WM5 */
3742	USB_INTERFACE_INFO(USB_CLASS_MISC, 1, 1),
3743	.driver_info = (unsigned long) &rndis_wlan_info,
3744},
3745	{ },		// END
3746};
3747MODULE_DEVICE_TABLE(usb, products);
3748
3749static struct usb_driver rndis_wlan_driver = {
3750	.name =		"rndis_wlan",
3751	.id_table =	products,
3752	.probe =	usbnet_probe,
3753	.disconnect =	usbnet_disconnect,
3754	.suspend =	usbnet_suspend,
3755	.resume =	usbnet_resume,
3756};
3757
3758static int __init rndis_wlan_init(void)
3759{
3760	return usb_register(&rndis_wlan_driver);
3761}
3762module_init(rndis_wlan_init);
3763
3764static void __exit rndis_wlan_exit(void)
3765{
3766	usb_deregister(&rndis_wlan_driver);
3767}
3768module_exit(rndis_wlan_exit);
3769
3770MODULE_AUTHOR("Bjorge Dijkstra");
3771MODULE_AUTHOR("Jussi Kivilinna");
3772MODULE_DESCRIPTION("Driver for RNDIS based USB Wireless adapters");
3773MODULE_LICENSE("GPL");
3774
Configure Feed

Configure Feed
