1*4882a593Smuzhiyun /* Helpers for managing scan queues
2*4882a593Smuzhiyun *
3*4882a593Smuzhiyun * See copyright notice in main.c
4*4882a593Smuzhiyun */
5*4882a593Smuzhiyun
6*4882a593Smuzhiyun #include <linux/gfp.h>
7*4882a593Smuzhiyun #include <linux/kernel.h>
8*4882a593Smuzhiyun #include <linux/string.h>
9*4882a593Smuzhiyun #include <linux/ieee80211.h>
10*4882a593Smuzhiyun #include <net/cfg80211.h>
11*4882a593Smuzhiyun
12*4882a593Smuzhiyun #include "hermes.h"
13*4882a593Smuzhiyun #include "orinoco.h"
14*4882a593Smuzhiyun #include "main.h"
15*4882a593Smuzhiyun
16*4882a593Smuzhiyun #include "scan.h"
17*4882a593Smuzhiyun
18*4882a593Smuzhiyun #define ZERO_DBM_OFFSET 0x95
19*4882a593Smuzhiyun #define MAX_SIGNAL_LEVEL 0x8A
20*4882a593Smuzhiyun #define MIN_SIGNAL_LEVEL 0x2F
21*4882a593Smuzhiyun
22*4882a593Smuzhiyun #define SIGNAL_TO_DBM(x) \
23*4882a593Smuzhiyun (clamp_t(s32, (x), MIN_SIGNAL_LEVEL, MAX_SIGNAL_LEVEL) \
24*4882a593Smuzhiyun - ZERO_DBM_OFFSET)
25*4882a593Smuzhiyun #define SIGNAL_TO_MBM(x) (SIGNAL_TO_DBM(x) * 100)
26*4882a593Smuzhiyun
symbol_build_supp_rates(u8 * buf,const __le16 * rates)27*4882a593Smuzhiyun static int symbol_build_supp_rates(u8 *buf, const __le16 *rates)
28*4882a593Smuzhiyun {
29*4882a593Smuzhiyun int i;
30*4882a593Smuzhiyun u8 rate;
31*4882a593Smuzhiyun
32*4882a593Smuzhiyun buf[0] = WLAN_EID_SUPP_RATES;
33*4882a593Smuzhiyun for (i = 0; i < 5; i++) {
34*4882a593Smuzhiyun rate = le16_to_cpu(rates[i]);
35*4882a593Smuzhiyun /* NULL terminated */
36*4882a593Smuzhiyun if (rate == 0x0)
37*4882a593Smuzhiyun break;
38*4882a593Smuzhiyun buf[i + 2] = rate;
39*4882a593Smuzhiyun }
40*4882a593Smuzhiyun buf[1] = i;
41*4882a593Smuzhiyun
42*4882a593Smuzhiyun return i + 2;
43*4882a593Smuzhiyun }
44*4882a593Smuzhiyun
prism_build_supp_rates(u8 * buf,const u8 * rates)45*4882a593Smuzhiyun static int prism_build_supp_rates(u8 *buf, const u8 *rates)
46*4882a593Smuzhiyun {
47*4882a593Smuzhiyun int i;
48*4882a593Smuzhiyun
49*4882a593Smuzhiyun buf[0] = WLAN_EID_SUPP_RATES;
50*4882a593Smuzhiyun for (i = 0; i < 8; i++) {
51*4882a593Smuzhiyun /* NULL terminated */
52*4882a593Smuzhiyun if (rates[i] == 0x0)
53*4882a593Smuzhiyun break;
54*4882a593Smuzhiyun buf[i + 2] = rates[i];
55*4882a593Smuzhiyun }
56*4882a593Smuzhiyun buf[1] = i;
57*4882a593Smuzhiyun
58*4882a593Smuzhiyun /* We might still have another 2 rates, which need to go in
59*4882a593Smuzhiyun * extended supported rates */
60*4882a593Smuzhiyun if (i == 8 && rates[i] > 0) {
61*4882a593Smuzhiyun buf[10] = WLAN_EID_EXT_SUPP_RATES;
62*4882a593Smuzhiyun for (; i < 10; i++) {
63*4882a593Smuzhiyun /* NULL terminated */
64*4882a593Smuzhiyun if (rates[i] == 0x0)
65*4882a593Smuzhiyun break;
66*4882a593Smuzhiyun buf[i + 2] = rates[i];
67*4882a593Smuzhiyun }
68*4882a593Smuzhiyun buf[11] = i - 8;
69*4882a593Smuzhiyun }
70*4882a593Smuzhiyun
71*4882a593Smuzhiyun return (i < 8) ? i + 2 : i + 4;
72*4882a593Smuzhiyun }
73*4882a593Smuzhiyun
orinoco_add_hostscan_result(struct orinoco_private * priv,const union hermes_scan_info * bss)74*4882a593Smuzhiyun static void orinoco_add_hostscan_result(struct orinoco_private *priv,
75*4882a593Smuzhiyun const union hermes_scan_info *bss)
76*4882a593Smuzhiyun {
77*4882a593Smuzhiyun struct wiphy *wiphy = priv_to_wiphy(priv);
78*4882a593Smuzhiyun struct ieee80211_channel *channel;
79*4882a593Smuzhiyun struct cfg80211_bss *cbss;
80*4882a593Smuzhiyun u8 *ie;
81*4882a593Smuzhiyun u8 ie_buf[46];
82*4882a593Smuzhiyun u64 timestamp;
83*4882a593Smuzhiyun s32 signal;
84*4882a593Smuzhiyun u16 capability;
85*4882a593Smuzhiyun u16 beacon_interval;
86*4882a593Smuzhiyun int ie_len;
87*4882a593Smuzhiyun int freq;
88*4882a593Smuzhiyun int len;
89*4882a593Smuzhiyun
90*4882a593Smuzhiyun len = le16_to_cpu(bss->a.essid_len);
91*4882a593Smuzhiyun
92*4882a593Smuzhiyun /* Reconstruct SSID and bitrate IEs to pass up */
93*4882a593Smuzhiyun ie_buf[0] = WLAN_EID_SSID;
94*4882a593Smuzhiyun ie_buf[1] = len;
95*4882a593Smuzhiyun memcpy(&ie_buf[2], bss->a.essid, len);
96*4882a593Smuzhiyun
97*4882a593Smuzhiyun ie = ie_buf + len + 2;
98*4882a593Smuzhiyun ie_len = ie_buf[1] + 2;
99*4882a593Smuzhiyun switch (priv->firmware_type) {
100*4882a593Smuzhiyun case FIRMWARE_TYPE_SYMBOL:
101*4882a593Smuzhiyun ie_len += symbol_build_supp_rates(ie, bss->s.rates);
102*4882a593Smuzhiyun break;
103*4882a593Smuzhiyun
104*4882a593Smuzhiyun case FIRMWARE_TYPE_INTERSIL:
105*4882a593Smuzhiyun ie_len += prism_build_supp_rates(ie, bss->p.rates);
106*4882a593Smuzhiyun break;
107*4882a593Smuzhiyun
108*4882a593Smuzhiyun case FIRMWARE_TYPE_AGERE:
109*4882a593Smuzhiyun default:
110*4882a593Smuzhiyun break;
111*4882a593Smuzhiyun }
112*4882a593Smuzhiyun
113*4882a593Smuzhiyun freq = ieee80211_channel_to_frequency(
114*4882a593Smuzhiyun le16_to_cpu(bss->a.channel), NL80211_BAND_2GHZ);
115*4882a593Smuzhiyun channel = ieee80211_get_channel(wiphy, freq);
116*4882a593Smuzhiyun if (!channel) {
117*4882a593Smuzhiyun printk(KERN_DEBUG "Invalid channel designation %04X(%04X)",
118*4882a593Smuzhiyun bss->a.channel, freq);
119*4882a593Smuzhiyun return; /* Then ignore it for now */
120*4882a593Smuzhiyun }
121*4882a593Smuzhiyun timestamp = 0;
122*4882a593Smuzhiyun capability = le16_to_cpu(bss->a.capabilities);
123*4882a593Smuzhiyun beacon_interval = le16_to_cpu(bss->a.beacon_interv);
124*4882a593Smuzhiyun signal = SIGNAL_TO_MBM(le16_to_cpu(bss->a.level));
125*4882a593Smuzhiyun
126*4882a593Smuzhiyun cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN,
127*4882a593Smuzhiyun bss->a.bssid, timestamp, capability,
128*4882a593Smuzhiyun beacon_interval, ie_buf, ie_len, signal,
129*4882a593Smuzhiyun GFP_KERNEL);
130*4882a593Smuzhiyun cfg80211_put_bss(wiphy, cbss);
131*4882a593Smuzhiyun }
132*4882a593Smuzhiyun
orinoco_add_extscan_result(struct orinoco_private * priv,struct agere_ext_scan_info * bss,size_t len)133*4882a593Smuzhiyun void orinoco_add_extscan_result(struct orinoco_private *priv,
134*4882a593Smuzhiyun struct agere_ext_scan_info *bss,
135*4882a593Smuzhiyun size_t len)
136*4882a593Smuzhiyun {
137*4882a593Smuzhiyun struct wiphy *wiphy = priv_to_wiphy(priv);
138*4882a593Smuzhiyun struct ieee80211_channel *channel;
139*4882a593Smuzhiyun struct cfg80211_bss *cbss;
140*4882a593Smuzhiyun const u8 *ie;
141*4882a593Smuzhiyun u64 timestamp;
142*4882a593Smuzhiyun s32 signal;
143*4882a593Smuzhiyun u16 capability;
144*4882a593Smuzhiyun u16 beacon_interval;
145*4882a593Smuzhiyun size_t ie_len;
146*4882a593Smuzhiyun int chan, freq;
147*4882a593Smuzhiyun
148*4882a593Smuzhiyun ie_len = len - sizeof(*bss);
149*4882a593Smuzhiyun ie = cfg80211_find_ie(WLAN_EID_DS_PARAMS, bss->data, ie_len);
150*4882a593Smuzhiyun chan = ie ? ie[2] : 0;
151*4882a593Smuzhiyun freq = ieee80211_channel_to_frequency(chan, NL80211_BAND_2GHZ);
152*4882a593Smuzhiyun channel = ieee80211_get_channel(wiphy, freq);
153*4882a593Smuzhiyun
154*4882a593Smuzhiyun timestamp = le64_to_cpu(bss->timestamp);
155*4882a593Smuzhiyun capability = le16_to_cpu(bss->capabilities);
156*4882a593Smuzhiyun beacon_interval = le16_to_cpu(bss->beacon_interval);
157*4882a593Smuzhiyun ie = bss->data;
158*4882a593Smuzhiyun signal = SIGNAL_TO_MBM(bss->level);
159*4882a593Smuzhiyun
160*4882a593Smuzhiyun cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN,
161*4882a593Smuzhiyun bss->bssid, timestamp, capability,
162*4882a593Smuzhiyun beacon_interval, ie, ie_len, signal,
163*4882a593Smuzhiyun GFP_KERNEL);
164*4882a593Smuzhiyun cfg80211_put_bss(wiphy, cbss);
165*4882a593Smuzhiyun }
166*4882a593Smuzhiyun
orinoco_add_hostscan_results(struct orinoco_private * priv,unsigned char * buf,size_t len)167*4882a593Smuzhiyun void orinoco_add_hostscan_results(struct orinoco_private *priv,
168*4882a593Smuzhiyun unsigned char *buf,
169*4882a593Smuzhiyun size_t len)
170*4882a593Smuzhiyun {
171*4882a593Smuzhiyun int offset; /* In the scan data */
172*4882a593Smuzhiyun size_t atom_len;
173*4882a593Smuzhiyun bool abort = false;
174*4882a593Smuzhiyun
175*4882a593Smuzhiyun switch (priv->firmware_type) {
176*4882a593Smuzhiyun case FIRMWARE_TYPE_AGERE:
177*4882a593Smuzhiyun atom_len = sizeof(struct agere_scan_apinfo);
178*4882a593Smuzhiyun offset = 0;
179*4882a593Smuzhiyun break;
180*4882a593Smuzhiyun
181*4882a593Smuzhiyun case FIRMWARE_TYPE_SYMBOL:
182*4882a593Smuzhiyun /* Lack of documentation necessitates this hack.
183*4882a593Smuzhiyun * Different firmwares have 68 or 76 byte long atoms.
184*4882a593Smuzhiyun * We try modulo first. If the length divides by both,
185*4882a593Smuzhiyun * we check what would be the channel in the second
186*4882a593Smuzhiyun * frame for a 68-byte atom. 76-byte atoms have 0 there.
187*4882a593Smuzhiyun * Valid channel cannot be 0. */
188*4882a593Smuzhiyun if (len % 76)
189*4882a593Smuzhiyun atom_len = 68;
190*4882a593Smuzhiyun else if (len % 68)
191*4882a593Smuzhiyun atom_len = 76;
192*4882a593Smuzhiyun else if (len >= 1292 && buf[68] == 0)
193*4882a593Smuzhiyun atom_len = 76;
194*4882a593Smuzhiyun else
195*4882a593Smuzhiyun atom_len = 68;
196*4882a593Smuzhiyun offset = 0;
197*4882a593Smuzhiyun break;
198*4882a593Smuzhiyun
199*4882a593Smuzhiyun case FIRMWARE_TYPE_INTERSIL:
200*4882a593Smuzhiyun offset = 4;
201*4882a593Smuzhiyun if (priv->has_hostscan) {
202*4882a593Smuzhiyun atom_len = le16_to_cpup((__le16 *)buf);
203*4882a593Smuzhiyun /* Sanity check for atom_len */
204*4882a593Smuzhiyun if (atom_len < sizeof(struct prism2_scan_apinfo)) {
205*4882a593Smuzhiyun printk(KERN_ERR "%s: Invalid atom_len in scan "
206*4882a593Smuzhiyun "data: %zu\n", priv->ndev->name,
207*4882a593Smuzhiyun atom_len);
208*4882a593Smuzhiyun abort = true;
209*4882a593Smuzhiyun goto scan_abort;
210*4882a593Smuzhiyun }
211*4882a593Smuzhiyun } else
212*4882a593Smuzhiyun atom_len = offsetof(struct prism2_scan_apinfo, atim);
213*4882a593Smuzhiyun break;
214*4882a593Smuzhiyun
215*4882a593Smuzhiyun default:
216*4882a593Smuzhiyun abort = true;
217*4882a593Smuzhiyun goto scan_abort;
218*4882a593Smuzhiyun }
219*4882a593Smuzhiyun
220*4882a593Smuzhiyun /* Check that we got an whole number of atoms */
221*4882a593Smuzhiyun if ((len - offset) % atom_len) {
222*4882a593Smuzhiyun printk(KERN_ERR "%s: Unexpected scan data length %zu, "
223*4882a593Smuzhiyun "atom_len %zu, offset %d\n", priv->ndev->name, len,
224*4882a593Smuzhiyun atom_len, offset);
225*4882a593Smuzhiyun abort = true;
226*4882a593Smuzhiyun goto scan_abort;
227*4882a593Smuzhiyun }
228*4882a593Smuzhiyun
229*4882a593Smuzhiyun /* Process the entries one by one */
230*4882a593Smuzhiyun for (; offset + atom_len <= len; offset += atom_len) {
231*4882a593Smuzhiyun union hermes_scan_info *atom;
232*4882a593Smuzhiyun
233*4882a593Smuzhiyun atom = (union hermes_scan_info *) (buf + offset);
234*4882a593Smuzhiyun
235*4882a593Smuzhiyun orinoco_add_hostscan_result(priv, atom);
236*4882a593Smuzhiyun }
237*4882a593Smuzhiyun
238*4882a593Smuzhiyun scan_abort:
239*4882a593Smuzhiyun if (priv->scan_request) {
240*4882a593Smuzhiyun struct cfg80211_scan_info info = {
241*4882a593Smuzhiyun .aborted = abort,
242*4882a593Smuzhiyun };
243*4882a593Smuzhiyun
244*4882a593Smuzhiyun cfg80211_scan_done(priv->scan_request, &info);
245*4882a593Smuzhiyun priv->scan_request = NULL;
246*4882a593Smuzhiyun }
247*4882a593Smuzhiyun }
248*4882a593Smuzhiyun
orinoco_scan_done(struct orinoco_private * priv,bool abort)249*4882a593Smuzhiyun void orinoco_scan_done(struct orinoco_private *priv, bool abort)
250*4882a593Smuzhiyun {
251*4882a593Smuzhiyun if (priv->scan_request) {
252*4882a593Smuzhiyun struct cfg80211_scan_info info = {
253*4882a593Smuzhiyun .aborted = abort,
254*4882a593Smuzhiyun };
255*4882a593Smuzhiyun
256*4882a593Smuzhiyun cfg80211_scan_done(priv->scan_request, &info);
257*4882a593Smuzhiyun priv->scan_request = NULL;
258*4882a593Smuzhiyun }
259*4882a593Smuzhiyun }
260