1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Host AP (software wireless LAN access point) driver for
4  * Intersil Prism2/2.5/3 - hostap.o module, common routines
5  *
6  * Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen
7  * <j@w1.fi>
8  * Copyright (c) 2002-2005, Jouni Malinen <j@w1.fi>
9  */
10 
11 #include <linux/module.h>
12 #include <linux/init.h>
13 #include <linux/slab.h>
14 #include <linux/proc_fs.h>
15 #include <linux/if_arp.h>
16 #include <linux/delay.h>
17 #include <linux/random.h>
18 #include <linux/workqueue.h>
19 #include <linux/kmod.h>
20 #include <linux/rtnetlink.h>
21 #include <linux/wireless.h>
22 #include <linux/etherdevice.h>
23 #include <net/net_namespace.h>
24 #include <net/iw_handler.h>
25 #include <net/lib80211.h>
26 #include <linux/uaccess.h>
27 
28 #include "hostap_wlan.h"
29 #include "hostap_80211.h"
30 #include "hostap_ap.h"
31 #include "hostap.h"
32 
33 MODULE_AUTHOR("Jouni Malinen");
34 MODULE_DESCRIPTION("Host AP common routines");
35 MODULE_LICENSE("GPL");
36 
37 #define TX_TIMEOUT (2 * HZ)
38 
39 #define PRISM2_MAX_FRAME_SIZE 2304
40 #define PRISM2_MIN_MTU 256
41 /* FIX: */
42 #define PRISM2_MAX_MTU (PRISM2_MAX_FRAME_SIZE - (6 /* LLC */ + 8 /* WEP */))
43 
44 
45 struct net_device * hostap_add_interface(struct local_info *local,
46 					 int type, int rtnl_locked,
47 					 const char *prefix,
48 					 const char *name)
49 {
50 	struct net_device *dev, *mdev;
51 	struct hostap_interface *iface;
52 	int ret;
53 
54 	dev = alloc_etherdev(sizeof(struct hostap_interface));
55 	if (dev == NULL)
56 		return NULL;
57 
58 	iface = netdev_priv(dev);
59 	iface->dev = dev;
60 	iface->local = local;
61 	iface->type = type;
62 	list_add(&iface->list, &local->hostap_interfaces);
63 
64 	mdev = local->dev;
65 	eth_hw_addr_inherit(dev, mdev);
66 	dev->base_addr = mdev->base_addr;
67 	dev->irq = mdev->irq;
68 	dev->mem_start = mdev->mem_start;
69 	dev->mem_end = mdev->mem_end;
70 
71 	hostap_setup_dev(dev, local, type);
72 	dev->needs_free_netdev = true;
73 
74 	sprintf(dev->name, "%s%s", prefix, name);
75 	if (!rtnl_locked)
76 		rtnl_lock();
77 
78 	SET_NETDEV_DEV(dev, mdev->dev.parent);
79 	ret = register_netdevice(dev);
80 
81 	if (!rtnl_locked)
82 		rtnl_unlock();
83 
84 	if (ret < 0) {
85 		printk(KERN_WARNING "%s: failed to add new netdevice!\n",
86 		       dev->name);
87 		free_netdev(dev);
88 		return NULL;
89 	}
90 
91 	printk(KERN_DEBUG "%s: registered netdevice %s\n",
92 	       mdev->name, dev->name);
93 
94 	return dev;
95 }
96 
97 
98 void hostap_remove_interface(struct net_device *dev, int rtnl_locked,
99 			     int remove_from_list)
100 {
101 	struct hostap_interface *iface;
102 
103 	if (!dev)
104 		return;
105 
106 	iface = netdev_priv(dev);
107 
108 	if (remove_from_list) {
109 		list_del(&iface->list);
110 	}
111 
112 	if (dev == iface->local->ddev)
113 		iface->local->ddev = NULL;
114 	else if (dev == iface->local->apdev)
115 		iface->local->apdev = NULL;
116 	else if (dev == iface->local->stadev)
117 		iface->local->stadev = NULL;
118 
119 	if (rtnl_locked)
120 		unregister_netdevice(dev);
121 	else
122 		unregister_netdev(dev);
123 
124 	/* 'dev->needs_free_netdev = true' implies device data, including
125 	 * private data, will be freed when the device is removed */
126 }
127 
128 
129 static inline int prism2_wds_special_addr(u8 *addr)
130 {
131 	if (addr[0] || addr[1] || addr[2] || addr[3] || addr[4] || addr[5])
132 		return 0;
133 
134 	return 1;
135 }
136 
137 
138 int prism2_wds_add(local_info_t *local, u8 *remote_addr,
139 		   int rtnl_locked)
140 {
141 	struct net_device *dev;
142 	struct list_head *ptr;
143 	struct hostap_interface *iface, *empty, *match;
144 
145 	empty = match = NULL;
146 	read_lock_bh(&local->iface_lock);
147 	list_for_each(ptr, &local->hostap_interfaces) {
148 		iface = list_entry(ptr, struct hostap_interface, list);
149 		if (iface->type != HOSTAP_INTERFACE_WDS)
150 			continue;
151 
152 		if (prism2_wds_special_addr(iface->u.wds.remote_addr))
153 			empty = iface;
154 		else if (ether_addr_equal(iface->u.wds.remote_addr, remote_addr)) {
155 			match = iface;
156 			break;
157 		}
158 	}
159 	if (!match && empty && !prism2_wds_special_addr(remote_addr)) {
160 		/* take pre-allocated entry into use */
161 		memcpy(empty->u.wds.remote_addr, remote_addr, ETH_ALEN);
162 		read_unlock_bh(&local->iface_lock);
163 		printk(KERN_DEBUG "%s: using pre-allocated WDS netdevice %s\n",
164 		       local->dev->name, empty->dev->name);
165 		return 0;
166 	}
167 	read_unlock_bh(&local->iface_lock);
168 
169 	if (!prism2_wds_special_addr(remote_addr)) {
170 		if (match)
171 			return -EEXIST;
172 		hostap_add_sta(local->ap, remote_addr);
173 	}
174 
175 	if (local->wds_connections >= local->wds_max_connections)
176 		return -ENOBUFS;
177 
178 	/* verify that there is room for wds# postfix in the interface name */
179 	if (strlen(local->dev->name) >= IFNAMSIZ - 5) {
180 		printk(KERN_DEBUG "'%s' too long base device name\n",
181 		       local->dev->name);
182 		return -EINVAL;
183 	}
184 
185 	dev = hostap_add_interface(local, HOSTAP_INTERFACE_WDS, rtnl_locked,
186 				   local->ddev->name, "wds%d");
187 	if (dev == NULL)
188 		return -ENOMEM;
189 
190 	iface = netdev_priv(dev);
191 	memcpy(iface->u.wds.remote_addr, remote_addr, ETH_ALEN);
192 
193 	local->wds_connections++;
194 
195 	return 0;
196 }
197 
198 
199 int prism2_wds_del(local_info_t *local, u8 *remote_addr,
200 		   int rtnl_locked, int do_not_remove)
201 {
202 	unsigned long flags;
203 	struct list_head *ptr;
204 	struct hostap_interface *iface, *selected = NULL;
205 
206 	write_lock_irqsave(&local->iface_lock, flags);
207 	list_for_each(ptr, &local->hostap_interfaces) {
208 		iface = list_entry(ptr, struct hostap_interface, list);
209 		if (iface->type != HOSTAP_INTERFACE_WDS)
210 			continue;
211 
212 		if (ether_addr_equal(iface->u.wds.remote_addr, remote_addr)) {
213 			selected = iface;
214 			break;
215 		}
216 	}
217 	if (selected && !do_not_remove)
218 		list_del(&selected->list);
219 	write_unlock_irqrestore(&local->iface_lock, flags);
220 
221 	if (selected) {
222 		if (do_not_remove)
223 			eth_zero_addr(selected->u.wds.remote_addr);
224 		else {
225 			hostap_remove_interface(selected->dev, rtnl_locked, 0);
226 			local->wds_connections--;
227 		}
228 	}
229 
230 	return selected ? 0 : -ENODEV;
231 }
232 
233 
234 u16 hostap_tx_callback_register(local_info_t *local,
235 				void (*func)(struct sk_buff *, int ok, void *),
236 				void *data)
237 {
238 	unsigned long flags;
239 	struct hostap_tx_callback_info *entry;
240 
241 	entry = kmalloc(sizeof(*entry), GFP_KERNEL);
242 	if (entry == NULL)
243 		return 0;
244 
245 	entry->func = func;
246 	entry->data = data;
247 
248 	spin_lock_irqsave(&local->lock, flags);
249 	entry->idx = local->tx_callback ? local->tx_callback->idx + 1 : 1;
250 	entry->next = local->tx_callback;
251 	local->tx_callback = entry;
252 	spin_unlock_irqrestore(&local->lock, flags);
253 
254 	return entry->idx;
255 }
256 
257 
258 int hostap_tx_callback_unregister(local_info_t *local, u16 idx)
259 {
260 	unsigned long flags;
261 	struct hostap_tx_callback_info *cb, *prev = NULL;
262 
263 	spin_lock_irqsave(&local->lock, flags);
264 	cb = local->tx_callback;
265 	while (cb != NULL && cb->idx != idx) {
266 		prev = cb;
267 		cb = cb->next;
268 	}
269 	if (cb) {
270 		if (prev == NULL)
271 			local->tx_callback = cb->next;
272 		else
273 			prev->next = cb->next;
274 		kfree(cb);
275 	}
276 	spin_unlock_irqrestore(&local->lock, flags);
277 
278 	return cb ? 0 : -1;
279 }
280 
281 
282 /* val is in host byte order */
283 int hostap_set_word(struct net_device *dev, int rid, u16 val)
284 {
285 	struct hostap_interface *iface;
286 	__le16 tmp = cpu_to_le16(val);
287 	iface = netdev_priv(dev);
288 	return iface->local->func->set_rid(dev, rid, &tmp, 2);
289 }
290 
291 
292 int hostap_set_string(struct net_device *dev, int rid, const char *val)
293 {
294 	struct hostap_interface *iface;
295 	char buf[MAX_SSID_LEN + 2];
296 	int len;
297 
298 	iface = netdev_priv(dev);
299 	len = strlen(val);
300 	if (len > MAX_SSID_LEN)
301 		return -1;
302 	memset(buf, 0, sizeof(buf));
303 	buf[0] = len; /* little endian 16 bit word */
304 	memcpy(buf + 2, val, len);
305 
306 	return iface->local->func->set_rid(dev, rid, &buf, MAX_SSID_LEN + 2);
307 }
308 
309 
310 u16 hostap_get_porttype(local_info_t *local)
311 {
312 	if (local->iw_mode == IW_MODE_ADHOC && local->pseudo_adhoc)
313 		return HFA384X_PORTTYPE_PSEUDO_IBSS;
314 	if (local->iw_mode == IW_MODE_ADHOC)
315 		return HFA384X_PORTTYPE_IBSS;
316 	if (local->iw_mode == IW_MODE_INFRA)
317 		return HFA384X_PORTTYPE_BSS;
318 	if (local->iw_mode == IW_MODE_REPEAT)
319 		return HFA384X_PORTTYPE_WDS;
320 	if (local->iw_mode == IW_MODE_MONITOR)
321 		return HFA384X_PORTTYPE_PSEUDO_IBSS;
322 	return HFA384X_PORTTYPE_HOSTAP;
323 }
324 
325 
326 int hostap_set_encryption(local_info_t *local)
327 {
328 	u16 val, old_val;
329 	int i, keylen, len, idx;
330 	char keybuf[WEP_KEY_LEN + 1];
331 	enum { NONE, WEP, OTHER } encrypt_type;
332 
333 	idx = local->crypt_info.tx_keyidx;
334 	if (local->crypt_info.crypt[idx] == NULL ||
335 	    local->crypt_info.crypt[idx]->ops == NULL)
336 		encrypt_type = NONE;
337 	else if (strcmp(local->crypt_info.crypt[idx]->ops->name, "WEP") == 0)
338 		encrypt_type = WEP;
339 	else
340 		encrypt_type = OTHER;
341 
342 	if (local->func->get_rid(local->dev, HFA384X_RID_CNFWEPFLAGS, &val, 2,
343 				 1) < 0) {
344 		printk(KERN_DEBUG "Could not read current WEP flags.\n");
345 		goto fail;
346 	}
347 	le16_to_cpus(&val);
348 	old_val = val;
349 
350 	if (encrypt_type != NONE || local->privacy_invoked)
351 		val |= HFA384X_WEPFLAGS_PRIVACYINVOKED;
352 	else
353 		val &= ~HFA384X_WEPFLAGS_PRIVACYINVOKED;
354 
355 	if (local->open_wep || encrypt_type == NONE ||
356 	    ((local->ieee_802_1x || local->wpa) && local->host_decrypt))
357 		val &= ~HFA384X_WEPFLAGS_EXCLUDEUNENCRYPTED;
358 	else
359 		val |= HFA384X_WEPFLAGS_EXCLUDEUNENCRYPTED;
360 
361 	if ((encrypt_type != NONE || local->privacy_invoked) &&
362 	    (encrypt_type == OTHER || local->host_encrypt))
363 		val |= HFA384X_WEPFLAGS_HOSTENCRYPT;
364 	else
365 		val &= ~HFA384X_WEPFLAGS_HOSTENCRYPT;
366 	if ((encrypt_type != NONE || local->privacy_invoked) &&
367 	    (encrypt_type == OTHER || local->host_decrypt))
368 		val |= HFA384X_WEPFLAGS_HOSTDECRYPT;
369 	else
370 		val &= ~HFA384X_WEPFLAGS_HOSTDECRYPT;
371 
372 	if (val != old_val &&
373 	    hostap_set_word(local->dev, HFA384X_RID_CNFWEPFLAGS, val)) {
374 		printk(KERN_DEBUG "Could not write new WEP flags (0x%x)\n",
375 		       val);
376 		goto fail;
377 	}
378 
379 	if (encrypt_type != WEP)
380 		return 0;
381 
382 	/* 104-bit support seems to require that all the keys are set to the
383 	 * same keylen */
384 	keylen = 6; /* first 5 octets */
385 	len = local->crypt_info.crypt[idx]->ops->get_key(keybuf, sizeof(keybuf), NULL,
386 							   local->crypt_info.crypt[idx]->priv);
387 	if (idx >= 0 && idx < WEP_KEYS && len > 5)
388 		keylen = WEP_KEY_LEN + 1; /* first 13 octets */
389 
390 	for (i = 0; i < WEP_KEYS; i++) {
391 		memset(keybuf, 0, sizeof(keybuf));
392 		if (local->crypt_info.crypt[i]) {
393 			(void) local->crypt_info.crypt[i]->ops->get_key(
394 				keybuf, sizeof(keybuf),
395 				NULL, local->crypt_info.crypt[i]->priv);
396 		}
397 		if (local->func->set_rid(local->dev,
398 					 HFA384X_RID_CNFDEFAULTKEY0 + i,
399 					 keybuf, keylen)) {
400 			printk(KERN_DEBUG "Could not set key %d (len=%d)\n",
401 			       i, keylen);
402 			goto fail;
403 		}
404 	}
405 	if (hostap_set_word(local->dev, HFA384X_RID_CNFWEPDEFAULTKEYID, idx)) {
406 		printk(KERN_DEBUG "Could not set default keyid %d\n", idx);
407 		goto fail;
408 	}
409 
410 	return 0;
411 
412  fail:
413 	printk(KERN_DEBUG "%s: encryption setup failed\n", local->dev->name);
414 	return -1;
415 }
416 
417 
418 int hostap_set_antsel(local_info_t *local)
419 {
420 	u16 val;
421 	int ret = 0;
422 
423 	if (local->antsel_tx != HOSTAP_ANTSEL_DO_NOT_TOUCH &&
424 	    local->func->cmd(local->dev, HFA384X_CMDCODE_READMIF,
425 			     HFA386X_CR_TX_CONFIGURE,
426 			     NULL, &val) == 0) {
427 		val &= ~(BIT(2) | BIT(1));
428 		switch (local->antsel_tx) {
429 		case HOSTAP_ANTSEL_DIVERSITY:
430 			val |= BIT(1);
431 			break;
432 		case HOSTAP_ANTSEL_LOW:
433 			break;
434 		case HOSTAP_ANTSEL_HIGH:
435 			val |= BIT(2);
436 			break;
437 		}
438 
439 		if (local->func->cmd(local->dev, HFA384X_CMDCODE_WRITEMIF,
440 				     HFA386X_CR_TX_CONFIGURE, &val, NULL)) {
441 			printk(KERN_INFO "%s: setting TX AntSel failed\n",
442 			       local->dev->name);
443 			ret = -1;
444 		}
445 	}
446 
447 	if (local->antsel_rx != HOSTAP_ANTSEL_DO_NOT_TOUCH &&
448 	    local->func->cmd(local->dev, HFA384X_CMDCODE_READMIF,
449 			     HFA386X_CR_RX_CONFIGURE,
450 			     NULL, &val) == 0) {
451 		val &= ~(BIT(1) | BIT(0));
452 		switch (local->antsel_rx) {
453 		case HOSTAP_ANTSEL_DIVERSITY:
454 			break;
455 		case HOSTAP_ANTSEL_LOW:
456 			val |= BIT(0);
457 			break;
458 		case HOSTAP_ANTSEL_HIGH:
459 			val |= BIT(0) | BIT(1);
460 			break;
461 		}
462 
463 		if (local->func->cmd(local->dev, HFA384X_CMDCODE_WRITEMIF,
464 				     HFA386X_CR_RX_CONFIGURE, &val, NULL)) {
465 			printk(KERN_INFO "%s: setting RX AntSel failed\n",
466 			       local->dev->name);
467 			ret = -1;
468 		}
469 	}
470 
471 	return ret;
472 }
473 
474 
475 int hostap_set_roaming(local_info_t *local)
476 {
477 	u16 val;
478 
479 	switch (local->host_roaming) {
480 	case 1:
481 		val = HFA384X_ROAMING_HOST;
482 		break;
483 	case 2:
484 		val = HFA384X_ROAMING_DISABLED;
485 		break;
486 	case 0:
487 	default:
488 		val = HFA384X_ROAMING_FIRMWARE;
489 		break;
490 	}
491 
492 	return hostap_set_word(local->dev, HFA384X_RID_CNFROAMINGMODE, val);
493 }
494 
495 
496 int hostap_set_auth_algs(local_info_t *local)
497 {
498 	int val = local->auth_algs;
499 	/* At least STA f/w v0.6.2 seems to have issues with cnfAuthentication
500 	 * set to include both Open and Shared Key flags. It tries to use
501 	 * Shared Key authentication in that case even if WEP keys are not
502 	 * configured.. STA f/w v0.7.6 is able to handle such configuration,
503 	 * but it is unknown when this was fixed between 0.6.2 .. 0.7.6. */
504 	if (local->sta_fw_ver < PRISM2_FW_VER(0,7,0) &&
505 	    val != PRISM2_AUTH_OPEN && val != PRISM2_AUTH_SHARED_KEY)
506 		val = PRISM2_AUTH_OPEN;
507 
508 	if (hostap_set_word(local->dev, HFA384X_RID_CNFAUTHENTICATION, val)) {
509 		printk(KERN_INFO "%s: cnfAuthentication setting to 0x%x "
510 		       "failed\n", local->dev->name, local->auth_algs);
511 		return -EINVAL;
512 	}
513 
514 	return 0;
515 }
516 
517 
518 void hostap_dump_rx_header(const char *name, const struct hfa384x_rx_frame *rx)
519 {
520 	u16 status, fc;
521 
522 	status = __le16_to_cpu(rx->status);
523 
524 	printk(KERN_DEBUG "%s: RX status=0x%04x (port=%d, type=%d, "
525 	       "fcserr=%d) silence=%d signal=%d rate=%d rxflow=%d; "
526 	       "jiffies=%ld\n",
527 	       name, status, (status >> 8) & 0x07, status >> 13, status & 1,
528 	       rx->silence, rx->signal, rx->rate, rx->rxflow, jiffies);
529 
530 	fc = __le16_to_cpu(rx->frame_control);
531 	printk(KERN_DEBUG "   FC=0x%04x (type=%d:%d) dur=0x%04x seq=0x%04x "
532 	       "data_len=%d%s%s\n",
533 	       fc, (fc & IEEE80211_FCTL_FTYPE) >> 2,
534 	       (fc & IEEE80211_FCTL_STYPE) >> 4,
535 	       __le16_to_cpu(rx->duration_id), __le16_to_cpu(rx->seq_ctrl),
536 	       __le16_to_cpu(rx->data_len),
537 	       fc & IEEE80211_FCTL_TODS ? " [ToDS]" : "",
538 	       fc & IEEE80211_FCTL_FROMDS ? " [FromDS]" : "");
539 
540 	printk(KERN_DEBUG "   A1=%pM A2=%pM A3=%pM A4=%pM\n",
541 	       rx->addr1, rx->addr2, rx->addr3, rx->addr4);
542 
543 	printk(KERN_DEBUG "   dst=%pM src=%pM len=%d\n",
544 	       rx->dst_addr, rx->src_addr,
545 	       __be16_to_cpu(rx->len));
546 }
547 
548 
549 void hostap_dump_tx_header(const char *name, const struct hfa384x_tx_frame *tx)
550 {
551 	u16 fc;
552 
553 	printk(KERN_DEBUG "%s: TX status=0x%04x retry_count=%d tx_rate=%d "
554 	       "tx_control=0x%04x; jiffies=%ld\n",
555 	       name, __le16_to_cpu(tx->status), tx->retry_count, tx->tx_rate,
556 	       __le16_to_cpu(tx->tx_control), jiffies);
557 
558 	fc = __le16_to_cpu(tx->frame_control);
559 	printk(KERN_DEBUG "   FC=0x%04x (type=%d:%d) dur=0x%04x seq=0x%04x "
560 	       "data_len=%d%s%s\n",
561 	       fc, (fc & IEEE80211_FCTL_FTYPE) >> 2,
562 	       (fc & IEEE80211_FCTL_STYPE) >> 4,
563 	       __le16_to_cpu(tx->duration_id), __le16_to_cpu(tx->seq_ctrl),
564 	       __le16_to_cpu(tx->data_len),
565 	       fc & IEEE80211_FCTL_TODS ? " [ToDS]" : "",
566 	       fc & IEEE80211_FCTL_FROMDS ? " [FromDS]" : "");
567 
568 	printk(KERN_DEBUG "   A1=%pM A2=%pM A3=%pM A4=%pM\n",
569 	       tx->addr1, tx->addr2, tx->addr3, tx->addr4);
570 
571 	printk(KERN_DEBUG "   dst=%pM src=%pM len=%d\n",
572 	       tx->dst_addr, tx->src_addr,
573 	       __be16_to_cpu(tx->len));
574 }
575 
576 
577 static int hostap_80211_header_parse(const struct sk_buff *skb,
578 				     unsigned char *haddr)
579 {
580 	memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
581 	return ETH_ALEN;
582 }
583 
584 
585 int hostap_80211_get_hdrlen(__le16 fc)
586 {
587 	if (ieee80211_is_data(fc) && ieee80211_has_a4 (fc))
588 		return 30; /* Addr4 */
589 	else if (ieee80211_is_cts(fc) || ieee80211_is_ack(fc))
590 		return 10;
591 	else if (ieee80211_is_ctl(fc))
592 		return 16;
593 
594 	return 24;
595 }
596 
597 
598 static int prism2_close(struct net_device *dev)
599 {
600 	struct hostap_interface *iface;
601 	local_info_t *local;
602 
603 	PDEBUG(DEBUG_FLOW, "%s: prism2_close\n", dev->name);
604 
605 	iface = netdev_priv(dev);
606 	local = iface->local;
607 
608 	if (dev == local->ddev) {
609 		prism2_sta_deauth(local, WLAN_REASON_DEAUTH_LEAVING);
610 	}
611 #ifndef PRISM2_NO_KERNEL_IEEE80211_MGMT
612 	if (!local->hostapd && dev == local->dev &&
613 	    (!local->func->card_present || local->func->card_present(local)) &&
614 	    local->hw_ready && local->ap && local->iw_mode == IW_MODE_MASTER)
615 		hostap_deauth_all_stas(dev, local->ap, 1);
616 #endif /* PRISM2_NO_KERNEL_IEEE80211_MGMT */
617 
618 	if (dev == local->dev) {
619 		local->func->hw_shutdown(dev, HOSTAP_HW_ENABLE_CMDCOMPL);
620 	}
621 
622 	if (netif_running(dev)) {
623 		netif_stop_queue(dev);
624 		netif_device_detach(dev);
625 	}
626 
627 	cancel_work_sync(&local->reset_queue);
628 	cancel_work_sync(&local->set_multicast_list_queue);
629 	cancel_work_sync(&local->set_tim_queue);
630 #ifndef PRISM2_NO_STATION_MODES
631 	cancel_work_sync(&local->info_queue);
632 #endif
633 	cancel_work_sync(&local->comms_qual_update);
634 
635 	module_put(local->hw_module);
636 
637 	local->num_dev_open--;
638 
639 	if (dev != local->dev && local->dev->flags & IFF_UP &&
640 	    local->master_dev_auto_open && local->num_dev_open == 1) {
641 		/* Close master radio interface automatically if it was also
642 		 * opened automatically and we are now closing the last
643 		 * remaining non-master device. */
644 		dev_close(local->dev);
645 	}
646 
647 	return 0;
648 }
649 
650 
651 static int prism2_open(struct net_device *dev)
652 {
653 	struct hostap_interface *iface;
654 	local_info_t *local;
655 
656 	PDEBUG(DEBUG_FLOW, "%s: prism2_open\n", dev->name);
657 
658 	iface = netdev_priv(dev);
659 	local = iface->local;
660 
661 	if (local->no_pri) {
662 		printk(KERN_DEBUG "%s: could not set interface UP - no PRI "
663 		       "f/w\n", dev->name);
664 		return -ENODEV;
665 	}
666 
667 	if ((local->func->card_present && !local->func->card_present(local)) ||
668 	    local->hw_downloading)
669 		return -ENODEV;
670 
671 	if (!try_module_get(local->hw_module))
672 		return -ENODEV;
673 	local->num_dev_open++;
674 
675 	if (!local->dev_enabled && local->func->hw_enable(dev, 1)) {
676 		printk(KERN_WARNING "%s: could not enable MAC port\n",
677 		       dev->name);
678 		prism2_close(dev);
679 		return -ENODEV;
680 	}
681 	if (!local->dev_enabled)
682 		prism2_callback(local, PRISM2_CALLBACK_ENABLE);
683 	local->dev_enabled = 1;
684 
685 	if (dev != local->dev && !(local->dev->flags & IFF_UP)) {
686 		/* Master radio interface is needed for all operation, so open
687 		 * it automatically when any virtual net_device is opened. */
688 		local->master_dev_auto_open = 1;
689 		dev_open(local->dev, NULL);
690 	}
691 
692 	netif_device_attach(dev);
693 	netif_start_queue(dev);
694 
695 	return 0;
696 }
697 
698 
699 static int prism2_set_mac_address(struct net_device *dev, void *p)
700 {
701 	struct hostap_interface *iface;
702 	local_info_t *local;
703 	struct list_head *ptr;
704 	struct sockaddr *addr = p;
705 
706 	iface = netdev_priv(dev);
707 	local = iface->local;
708 
709 	if (local->func->set_rid(dev, HFA384X_RID_CNFOWNMACADDR, addr->sa_data,
710 				 ETH_ALEN) < 0 || local->func->reset_port(dev))
711 		return -EINVAL;
712 
713 	read_lock_bh(&local->iface_lock);
714 	list_for_each(ptr, &local->hostap_interfaces) {
715 		iface = list_entry(ptr, struct hostap_interface, list);
716 		memcpy(iface->dev->dev_addr, addr->sa_data, ETH_ALEN);
717 	}
718 	memcpy(local->dev->dev_addr, addr->sa_data, ETH_ALEN);
719 	read_unlock_bh(&local->iface_lock);
720 
721 	return 0;
722 }
723 
724 
725 /* TODO: to be further implemented as soon as Prism2 fully supports
726  *       GroupAddresses and correct documentation is available */
727 void hostap_set_multicast_list_queue(struct work_struct *work)
728 {
729 	local_info_t *local =
730 		container_of(work, local_info_t, set_multicast_list_queue);
731 	struct net_device *dev = local->dev;
732 
733 	if (hostap_set_word(dev, HFA384X_RID_PROMISCUOUSMODE,
734 			    local->is_promisc)) {
735 		printk(KERN_INFO "%s: %sabling promiscuous mode failed\n",
736 		       dev->name, local->is_promisc ? "en" : "dis");
737 	}
738 }
739 
740 
741 static void hostap_set_multicast_list(struct net_device *dev)
742 {
743 #if 0
744 	/* FIX: promiscuous mode seems to be causing a lot of problems with
745 	 * some station firmware versions (FCSErr frames, invalid MACPort, etc.
746 	 * corrupted incoming frames). This code is now commented out while the
747 	 * problems are investigated. */
748 	struct hostap_interface *iface;
749 	local_info_t *local;
750 
751 	iface = netdev_priv(dev);
752 	local = iface->local;
753 	if ((dev->flags & IFF_ALLMULTI) || (dev->flags & IFF_PROMISC)) {
754 		local->is_promisc = 1;
755 	} else {
756 		local->is_promisc = 0;
757 	}
758 
759 	schedule_work(&local->set_multicast_list_queue);
760 #endif
761 }
762 
763 
764 static void prism2_tx_timeout(struct net_device *dev, unsigned int txqueue)
765 {
766 	struct hostap_interface *iface;
767 	local_info_t *local;
768 	struct hfa384x_regs regs;
769 
770 	iface = netdev_priv(dev);
771 	local = iface->local;
772 
773 	printk(KERN_WARNING "%s Tx timed out! Resetting card\n", dev->name);
774 	netif_stop_queue(local->dev);
775 
776 	local->func->read_regs(dev, &regs);
777 	printk(KERN_DEBUG "%s: CMD=%04x EVSTAT=%04x "
778 	       "OFFSET0=%04x OFFSET1=%04x SWSUPPORT0=%04x\n",
779 	       dev->name, regs.cmd, regs.evstat, regs.offset0, regs.offset1,
780 	       regs.swsupport0);
781 
782 	local->func->schedule_reset(local);
783 }
784 
785 const struct header_ops hostap_80211_ops = {
786 	.create		= eth_header,
787 	.cache		= eth_header_cache,
788 	.cache_update	= eth_header_cache_update,
789 	.parse		= hostap_80211_header_parse,
790 };
791 EXPORT_SYMBOL(hostap_80211_ops);
792 
793 
794 static const struct net_device_ops hostap_netdev_ops = {
795 	.ndo_start_xmit		= hostap_data_start_xmit,
796 
797 	.ndo_open		= prism2_open,
798 	.ndo_stop		= prism2_close,
799 	.ndo_do_ioctl		= hostap_ioctl,
800 	.ndo_set_mac_address	= prism2_set_mac_address,
801 	.ndo_set_rx_mode	= hostap_set_multicast_list,
802 	.ndo_tx_timeout 	= prism2_tx_timeout,
803 	.ndo_validate_addr	= eth_validate_addr,
804 };
805 
806 static const struct net_device_ops hostap_mgmt_netdev_ops = {
807 	.ndo_start_xmit		= hostap_mgmt_start_xmit,
808 
809 	.ndo_open		= prism2_open,
810 	.ndo_stop		= prism2_close,
811 	.ndo_do_ioctl		= hostap_ioctl,
812 	.ndo_set_mac_address	= prism2_set_mac_address,
813 	.ndo_set_rx_mode	= hostap_set_multicast_list,
814 	.ndo_tx_timeout 	= prism2_tx_timeout,
815 	.ndo_validate_addr	= eth_validate_addr,
816 };
817 
818 static const struct net_device_ops hostap_master_ops = {
819 	.ndo_start_xmit 	= hostap_master_start_xmit,
820 
821 	.ndo_open		= prism2_open,
822 	.ndo_stop		= prism2_close,
823 	.ndo_do_ioctl		= hostap_ioctl,
824 	.ndo_set_mac_address	= prism2_set_mac_address,
825 	.ndo_set_rx_mode	= hostap_set_multicast_list,
826 	.ndo_tx_timeout 	= prism2_tx_timeout,
827 	.ndo_validate_addr	= eth_validate_addr,
828 };
829 
830 void hostap_setup_dev(struct net_device *dev, local_info_t *local,
831 		      int type)
832 {
833 	struct hostap_interface *iface;
834 
835 	iface = netdev_priv(dev);
836 	ether_setup(dev);
837 	dev->min_mtu = PRISM2_MIN_MTU;
838 	dev->max_mtu = PRISM2_MAX_MTU;
839 	dev->priv_flags &= ~IFF_TX_SKB_SHARING;
840 
841 	/* kernel callbacks */
842 	if (iface) {
843 		/* Currently, we point to the proper spy_data only on
844 		 * the main_dev. This could be fixed. Jean II */
845 		iface->wireless_data.spy_data = &iface->spy_data;
846 		dev->wireless_data = &iface->wireless_data;
847 	}
848 	dev->wireless_handlers = &hostap_iw_handler_def;
849 	dev->watchdog_timeo = TX_TIMEOUT;
850 
851 	switch(type) {
852 	case HOSTAP_INTERFACE_AP:
853 		dev->priv_flags |= IFF_NO_QUEUE;	/* use main radio device queue */
854 		dev->netdev_ops = &hostap_mgmt_netdev_ops;
855 		dev->type = ARPHRD_IEEE80211;
856 		dev->header_ops = &hostap_80211_ops;
857 		break;
858 	case HOSTAP_INTERFACE_MASTER:
859 		dev->netdev_ops = &hostap_master_ops;
860 		break;
861 	default:
862 		dev->priv_flags |= IFF_NO_QUEUE;	/* use main radio device queue */
863 		dev->netdev_ops = &hostap_netdev_ops;
864 	}
865 
866 	dev->mtu = local->mtu;
867 
868 
869 	dev->ethtool_ops = &prism2_ethtool_ops;
870 
871 }
872 
873 static int hostap_enable_hostapd(local_info_t *local, int rtnl_locked)
874 {
875 	struct net_device *dev = local->dev;
876 
877 	if (local->apdev)
878 		return -EEXIST;
879 
880 	printk(KERN_DEBUG "%s: enabling hostapd mode\n", dev->name);
881 
882 	local->apdev = hostap_add_interface(local, HOSTAP_INTERFACE_AP,
883 					    rtnl_locked, local->ddev->name,
884 					    "ap");
885 	if (local->apdev == NULL)
886 		return -ENOMEM;
887 
888 	return 0;
889 }
890 
891 
892 static int hostap_disable_hostapd(local_info_t *local, int rtnl_locked)
893 {
894 	struct net_device *dev = local->dev;
895 
896 	printk(KERN_DEBUG "%s: disabling hostapd mode\n", dev->name);
897 
898 	hostap_remove_interface(local->apdev, rtnl_locked, 1);
899 	local->apdev = NULL;
900 
901 	return 0;
902 }
903 
904 
905 static int hostap_enable_hostapd_sta(local_info_t *local, int rtnl_locked)
906 {
907 	struct net_device *dev = local->dev;
908 
909 	if (local->stadev)
910 		return -EEXIST;
911 
912 	printk(KERN_DEBUG "%s: enabling hostapd STA mode\n", dev->name);
913 
914 	local->stadev = hostap_add_interface(local, HOSTAP_INTERFACE_STA,
915 					     rtnl_locked, local->ddev->name,
916 					     "sta");
917 	if (local->stadev == NULL)
918 		return -ENOMEM;
919 
920 	return 0;
921 }
922 
923 
924 static int hostap_disable_hostapd_sta(local_info_t *local, int rtnl_locked)
925 {
926 	struct net_device *dev = local->dev;
927 
928 	printk(KERN_DEBUG "%s: disabling hostapd mode\n", dev->name);
929 
930 	hostap_remove_interface(local->stadev, rtnl_locked, 1);
931 	local->stadev = NULL;
932 
933 	return 0;
934 }
935 
936 
937 int hostap_set_hostapd(local_info_t *local, int val, int rtnl_locked)
938 {
939 	int ret;
940 
941 	if (val < 0 || val > 1)
942 		return -EINVAL;
943 
944 	if (local->hostapd == val)
945 		return 0;
946 
947 	if (val) {
948 		ret = hostap_enable_hostapd(local, rtnl_locked);
949 		if (ret == 0)
950 			local->hostapd = 1;
951 	} else {
952 		local->hostapd = 0;
953 		ret = hostap_disable_hostapd(local, rtnl_locked);
954 		if (ret != 0)
955 			local->hostapd = 1;
956 	}
957 
958 	return ret;
959 }
960 
961 
962 int hostap_set_hostapd_sta(local_info_t *local, int val, int rtnl_locked)
963 {
964 	int ret;
965 
966 	if (val < 0 || val > 1)
967 		return -EINVAL;
968 
969 	if (local->hostapd_sta == val)
970 		return 0;
971 
972 	if (val) {
973 		ret = hostap_enable_hostapd_sta(local, rtnl_locked);
974 		if (ret == 0)
975 			local->hostapd_sta = 1;
976 	} else {
977 		local->hostapd_sta = 0;
978 		ret = hostap_disable_hostapd_sta(local, rtnl_locked);
979 		if (ret != 0)
980 			local->hostapd_sta = 1;
981 	}
982 
983 
984 	return ret;
985 }
986 
987 
988 int prism2_update_comms_qual(struct net_device *dev)
989 {
990 	struct hostap_interface *iface;
991 	local_info_t *local;
992 	int ret = 0;
993 	struct hfa384x_comms_quality sq;
994 
995 	iface = netdev_priv(dev);
996 	local = iface->local;
997 	if (!local->sta_fw_ver)
998 		ret = -1;
999 	else if (local->sta_fw_ver >= PRISM2_FW_VER(1,3,1)) {
1000 		if (local->func->get_rid(local->dev,
1001 					 HFA384X_RID_DBMCOMMSQUALITY,
1002 					 &sq, sizeof(sq), 1) >= 0) {
1003 			local->comms_qual = (s16) le16_to_cpu(sq.comm_qual);
1004 			local->avg_signal = (s16) le16_to_cpu(sq.signal_level);
1005 			local->avg_noise = (s16) le16_to_cpu(sq.noise_level);
1006 			local->last_comms_qual_update = jiffies;
1007 		} else
1008 			ret = -1;
1009 	} else {
1010 		if (local->func->get_rid(local->dev, HFA384X_RID_COMMSQUALITY,
1011 					 &sq, sizeof(sq), 1) >= 0) {
1012 			local->comms_qual = le16_to_cpu(sq.comm_qual);
1013 			local->avg_signal = HFA384X_LEVEL_TO_dBm(
1014 				le16_to_cpu(sq.signal_level));
1015 			local->avg_noise = HFA384X_LEVEL_TO_dBm(
1016 				le16_to_cpu(sq.noise_level));
1017 			local->last_comms_qual_update = jiffies;
1018 		} else
1019 			ret = -1;
1020 	}
1021 
1022 	return ret;
1023 }
1024 
1025 
1026 int prism2_sta_send_mgmt(local_info_t *local, u8 *dst, u16 stype,
1027 			 u8 *body, size_t bodylen)
1028 {
1029 	struct sk_buff *skb;
1030 	struct hostap_ieee80211_mgmt *mgmt;
1031 	struct hostap_skb_tx_data *meta;
1032 	struct net_device *dev = local->dev;
1033 
1034 	skb = dev_alloc_skb(IEEE80211_MGMT_HDR_LEN + bodylen);
1035 	if (skb == NULL)
1036 		return -ENOMEM;
1037 
1038 	mgmt = skb_put_zero(skb, IEEE80211_MGMT_HDR_LEN);
1039 	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
1040 	memcpy(mgmt->da, dst, ETH_ALEN);
1041 	memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1042 	memcpy(mgmt->bssid, dst, ETH_ALEN);
1043 	if (body)
1044 		skb_put_data(skb, body, bodylen);
1045 
1046 	meta = (struct hostap_skb_tx_data *) skb->cb;
1047 	memset(meta, 0, sizeof(*meta));
1048 	meta->magic = HOSTAP_SKB_TX_DATA_MAGIC;
1049 	meta->iface = netdev_priv(dev);
1050 
1051 	skb->dev = dev;
1052 	skb_reset_mac_header(skb);
1053 	skb_reset_network_header(skb);
1054 	dev_queue_xmit(skb);
1055 
1056 	return 0;
1057 }
1058 
1059 
1060 int prism2_sta_deauth(local_info_t *local, u16 reason)
1061 {
1062 	union iwreq_data wrqu;
1063 	int ret;
1064 	__le16 val = cpu_to_le16(reason);
1065 
1066 	if (local->iw_mode != IW_MODE_INFRA ||
1067 	    is_zero_ether_addr(local->bssid) ||
1068 	    ether_addr_equal(local->bssid, "\x44\x44\x44\x44\x44\x44"))
1069 		return 0;
1070 
1071 	ret = prism2_sta_send_mgmt(local, local->bssid, IEEE80211_STYPE_DEAUTH,
1072 				   (u8 *) &val, 2);
1073 	eth_zero_addr(wrqu.ap_addr.sa_data);
1074 	wireless_send_event(local->dev, SIOCGIWAP, &wrqu, NULL);
1075 	return ret;
1076 }
1077 
1078 
1079 struct proc_dir_entry *hostap_proc;
1080 
1081 static int __init hostap_init(void)
1082 {
1083 	if (init_net.proc_net != NULL) {
1084 		hostap_proc = proc_mkdir("hostap", init_net.proc_net);
1085 		if (!hostap_proc)
1086 			printk(KERN_WARNING "Failed to mkdir "
1087 			       "/proc/net/hostap\n");
1088 	} else
1089 		hostap_proc = NULL;
1090 
1091 	return 0;
1092 }
1093 
1094 
1095 static void __exit hostap_exit(void)
1096 {
1097 	if (hostap_proc != NULL) {
1098 		hostap_proc = NULL;
1099 		remove_proc_entry("hostap", init_net.proc_net);
1100 	}
1101 }
1102 
1103 
1104 EXPORT_SYMBOL(hostap_set_word);
1105 EXPORT_SYMBOL(hostap_set_string);
1106 EXPORT_SYMBOL(hostap_get_porttype);
1107 EXPORT_SYMBOL(hostap_set_encryption);
1108 EXPORT_SYMBOL(hostap_set_antsel);
1109 EXPORT_SYMBOL(hostap_set_roaming);
1110 EXPORT_SYMBOL(hostap_set_auth_algs);
1111 EXPORT_SYMBOL(hostap_dump_rx_header);
1112 EXPORT_SYMBOL(hostap_dump_tx_header);
1113 EXPORT_SYMBOL(hostap_80211_get_hdrlen);
1114 EXPORT_SYMBOL(hostap_setup_dev);
1115 EXPORT_SYMBOL(hostap_set_multicast_list_queue);
1116 EXPORT_SYMBOL(hostap_set_hostapd);
1117 EXPORT_SYMBOL(hostap_set_hostapd_sta);
1118 EXPORT_SYMBOL(hostap_add_interface);
1119 EXPORT_SYMBOL(hostap_remove_interface);
1120 EXPORT_SYMBOL(prism2_update_comms_qual);
1121 
1122 module_init(hostap_init);
1123 module_exit(hostap_exit);
1124