1 /******************************************************************************
2 *
3 * Copyright(c) 2007 - 2011 Realtek Corporation. All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 ******************************************************************************/
15 #define _IEEE80211_C
16
17 #include <drv_types.h>
18 #include <linux/ieee80211.h>
19 #include <ieee80211.h>
20 #include <wifi.h>
21 #include <osdep_service.h>
22 #include <wlan_bssdef.h>
23
24 u8 RTW_WPA_OUI23A_TYPE[] = { 0x00, 0x50, 0xf2, 1 };
25 u16 RTW_WPA_VERSION23A = 1;
26 u8 WPA_AUTH_KEY_MGMT_NONE23A[] = { 0x00, 0x50, 0xf2, 0 };
27 u8 WPA_AUTH_KEY_MGMT_UNSPEC_802_1X23A[] = { 0x00, 0x50, 0xf2, 1 };
28 u8 WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X23A[] = { 0x00, 0x50, 0xf2, 2 };
29 u8 WPA_CIPHER_SUITE_NONE23A[] = { 0x00, 0x50, 0xf2, 0 };
30 u8 WPA_CIPHER_SUITE_WEP4023A[] = { 0x00, 0x50, 0xf2, 1 };
31 u8 WPA_CIPHER_SUITE_TKIP23A[] = { 0x00, 0x50, 0xf2, 2 };
32 u8 WPA_CIPHER_SUITE_WRAP23A[] = { 0x00, 0x50, 0xf2, 3 };
33 u8 WPA_CIPHER_SUITE_CCMP23A[] = { 0x00, 0x50, 0xf2, 4 };
34 u8 WPA_CIPHER_SUITE_WEP10423A[] = { 0x00, 0x50, 0xf2, 5 };
35
36 u8 RSN_AUTH_KEY_MGMT_UNSPEC_802_1X23A[] = { 0x00, 0x0f, 0xac, 1 };
37 u8 RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X23A[] = { 0x00, 0x0f, 0xac, 2 };
38 u8 RSN_CIPHER_SUITE_NONE23A[] = { 0x00, 0x0f, 0xac, 0 };
39 u8 RSN_CIPHER_SUITE_WEP4023A[] = { 0x00, 0x0f, 0xac, 1 };
40 u8 RSN_CIPHER_SUITE_TKIP23A[] = { 0x00, 0x0f, 0xac, 2 };
41 u8 RSN_CIPHER_SUITE_WRAP23A[] = { 0x00, 0x0f, 0xac, 3 };
42 u8 RSN_CIPHER_SUITE_CCMP23A[] = { 0x00, 0x0f, 0xac, 4 };
43 u8 RSN_CIPHER_SUITE_WEP10423A[] = { 0x00, 0x0f, 0xac, 5 };
44 /* */
45 /* for adhoc-master to generate ie and provide supported-rate to fw */
46 /* */
47
48 static u8 WIFI_CCKRATES[] = {
49 IEEE80211_CCK_RATE_1MB | IEEE80211_BASIC_RATE_MASK,
50 IEEE80211_CCK_RATE_2MB | IEEE80211_BASIC_RATE_MASK,
51 IEEE80211_CCK_RATE_5MB | IEEE80211_BASIC_RATE_MASK,
52 IEEE80211_CCK_RATE_11MB | IEEE80211_BASIC_RATE_MASK
53 };
54
55 static u8 WIFI_OFDMRATES[] = {
56 IEEE80211_OFDM_RATE_6MB,
57 IEEE80211_OFDM_RATE_9MB,
58 IEEE80211_OFDM_RATE_12MB,
59 IEEE80211_OFDM_RATE_18MB,
60 IEEE80211_OFDM_RATE_24MB,
61 IEEE80211_OFDM_RATE_36MB,
62 IEEE80211_OFDM_RATE_48MB,
63 IEEE80211_OFDM_RATE_54MB
64 };
65
rtw_get_bit_value_from_ieee_value23a(u8 val)66 int rtw_get_bit_value_from_ieee_value23a(u8 val)
67 {
68 unsigned char dot11_rate_table[]=
69 {2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108, 0};
70
71 int i = 0;
72
73 while (dot11_rate_table[i] != 0) {
74 if (dot11_rate_table[i] == val)
75 return BIT(i);
76 i++;
77 }
78 return 0;
79 }
80
rtw_is_cckrates_included(u8 * rate)81 static bool rtw_is_cckrates_included(u8 *rate)
82 {
83 u32 i = 0;
84
85 while (rate[i]) {
86 if ((rate[i] & 0x7f) == 2 || (rate[i] & 0x7f) == 4 ||
87 (rate[i] & 0x7f) == 11 || (rate[i] & 0x7f) == 22)
88 return true;
89 i++;
90 }
91
92 return false;
93 }
94
rtw_is_cckratesonly_included(u8 * rate)95 static bool rtw_is_cckratesonly_included(u8 *rate)
96 {
97 u32 i = 0;
98
99 while (rate[i]) {
100 if ((rate[i] & 0x7f) != 2 && (rate[i] & 0x7f) != 4 &&
101 (rate[i] & 0x7f) != 11 && (rate[i] & 0x7f) != 22)
102 return false;
103
104 i++;
105 }
106
107 return true;
108 }
109
rtw_check_network_type23a(unsigned char * rate,int ratelen,int channel)110 int rtw_check_network_type23a(unsigned char *rate, int ratelen, int channel)
111 {
112 if (channel > 14) {
113 if (rtw_is_cckrates_included(rate))
114 return WIRELESS_INVALID;
115 else
116 return WIRELESS_11A;
117 } else { /* could be pure B, pure G, or B/G */
118 if (rtw_is_cckratesonly_included(rate))
119 return WIRELESS_11B;
120 else if (rtw_is_cckrates_included(rate))
121 return WIRELESS_11BG;
122 else
123 return WIRELESS_11G;
124 }
125 }
126
127 /* rtw_set_ie23a will update frame length */
rtw_set_ie23a(u8 * pbuf,int index,uint len,const u8 * source,uint * frlen)128 u8 *rtw_set_ie23a(u8 *pbuf, int index, uint len, const u8 *source, uint *frlen)
129 {
130
131 *pbuf = (u8)index;
132
133 *(pbuf + 1) = (u8)len;
134
135 if (len > 0)
136 memcpy((void *)(pbuf + 2), (void *)source, len);
137
138 *frlen = *frlen + (len + 2);
139
140 return pbuf + len + 2;
141 }
142
rtw_set_ie23a_ch_switch(u8 * buf,u32 * buf_len,u8 ch_switch_mode,u8 new_ch,u8 ch_switch_cnt)143 inline u8 *rtw_set_ie23a_ch_switch (u8 *buf, u32 *buf_len, u8 ch_switch_mode,
144 u8 new_ch, u8 ch_switch_cnt)
145 {
146 u8 ie_data[3];
147
148 ie_data[0] = ch_switch_mode;
149 ie_data[1] = new_ch;
150 ie_data[2] = ch_switch_cnt;
151 return rtw_set_ie23a(buf, WLAN_EID_CHANNEL_SWITCH, 3, ie_data, buf_len);
152 }
153
hal_ch_offset_to_secondary_ch_offset23a(u8 ch_offset)154 inline u8 hal_ch_offset_to_secondary_ch_offset23a(u8 ch_offset)
155 {
156 if (ch_offset == HAL_PRIME_CHNL_OFFSET_LOWER)
157 return IEEE80211_HT_PARAM_CHA_SEC_BELOW;
158 else if (ch_offset == HAL_PRIME_CHNL_OFFSET_UPPER)
159 return IEEE80211_HT_PARAM_CHA_SEC_ABOVE;
160
161 return IEEE80211_HT_PARAM_CHA_SEC_NONE;
162 }
163
rtw_set_ie23a_secondary_ch_offset(u8 * buf,u32 * buf_len,u8 secondary_ch_offset)164 inline u8 *rtw_set_ie23a_secondary_ch_offset(u8 *buf, u32 *buf_len,
165 u8 secondary_ch_offset)
166 {
167 return rtw_set_ie23a(buf, WLAN_EID_SECONDARY_CHANNEL_OFFSET,
168 1, &secondary_ch_offset, buf_len);
169 }
170
171 /*----------------------------------------------------------------------------
172 index: the information element id index, limit is the limit for search
173 -----------------------------------------------------------------------------*/
rtw_get_ie23a(u8 * pbuf,int index,int * len,int limit)174 u8 *rtw_get_ie23a(u8 *pbuf, int index, int *len, int limit)
175 {
176 int tmp, i;
177 u8 *p;
178
179 if (limit < 1) {
180
181 return NULL;
182 }
183
184 p = pbuf;
185 i = 0;
186 *len = 0;
187 while (1) {
188 if (*p == index) {
189 *len = *(p + 1);
190 return p;
191 } else {
192 tmp = *(p + 1);
193 p += (tmp + 2);
194 i += (tmp + 2);
195 }
196 if (i >= limit)
197 break;
198 }
199
200 return NULL;
201 }
202
203 /**
204 * rtw_get_ie23a_ex - Search specific IE from a series of IEs
205 * @in_ie: Address of IEs to search
206 * @in_len: Length limit from in_ie
207 * @eid: Element ID to match
208 * @oui: OUI to match
209 * @oui_len: OUI length
210 * @ie: If not NULL and the specific IE is found, the IE will be copied
211 * to the buf starting from the specific IE
212 * @ielen: If not NULL and the specific IE is found, will set to the length
213 * of the entire IE
214 *
215 * Returns: The address of the specific IE found, or NULL
216 */
rtw_get_ie23a_ex(u8 * in_ie,uint in_len,u8 eid,u8 * oui,u8 oui_len,u8 * ie,uint * ielen)217 u8 *rtw_get_ie23a_ex(u8 *in_ie, uint in_len, u8 eid, u8 *oui, u8 oui_len,
218 u8 *ie, uint *ielen)
219 {
220 uint cnt;
221 u8 *target_ie = NULL;
222
223 if (ielen)
224 *ielen = 0;
225
226 if (!in_ie || in_len <= 0)
227 return target_ie;
228
229 cnt = 0;
230
231 while (cnt < in_len) {
232 if (eid == in_ie[cnt] &&
233 (!oui || !memcmp(&in_ie[cnt+2], oui, oui_len))) {
234 target_ie = &in_ie[cnt];
235
236 if (ie)
237 memcpy(ie, &in_ie[cnt], in_ie[cnt+1]+2);
238
239 if (ielen)
240 *ielen = in_ie[cnt+1]+2;
241 break;
242 } else {
243 cnt += in_ie[cnt + 1] + 2; /* goto next */
244 }
245 }
246
247 return target_ie;
248 }
249
250 /**
251 * rtw_ies_remove_ie23a - Find matching IEs and remove
252 * @ies: Address of IEs to search
253 * @ies_len: Pointer of length of ies, will update to new length
254 * @offset: The offset to start search
255 * @eid: Element ID to match
256 * @oui: OUI to match
257 * @oui_len: OUI length
258 *
259 * Returns: _SUCCESS: ies is updated, _FAIL: not updated
260 */
rtw_ies_remove_ie23a(u8 * ies,uint * ies_len,uint offset,u8 eid,u8 * oui,u8 oui_len)261 int rtw_ies_remove_ie23a(u8 *ies, uint *ies_len, uint offset, u8 eid,
262 u8 *oui, u8 oui_len)
263 {
264 int ret = _FAIL;
265 u8 *target_ie;
266 u32 target_ielen;
267 u8 *start;
268 uint search_len;
269
270 if (!ies || !ies_len || *ies_len <= offset)
271 goto exit;
272
273 start = ies + offset;
274 search_len = *ies_len - offset;
275
276 while (1) {
277 target_ie = rtw_get_ie23a_ex(start, search_len, eid, oui, oui_len,
278 NULL, &target_ielen);
279 if (target_ie && target_ielen) {
280 u8 buf[MAX_IE_SZ] = {0};
281 u8 *remain_ies = target_ie + target_ielen;
282 uint remain_len = search_len - (remain_ies - start);
283
284 memcpy(buf, remain_ies, remain_len);
285 memcpy(target_ie, buf, remain_len);
286 *ies_len = *ies_len - target_ielen;
287 ret = _SUCCESS;
288
289 start = target_ie;
290 search_len = remain_len;
291 } else {
292 break;
293 }
294 }
295 exit:
296 return ret;
297 }
298
rtw_set_supported_rate23a(u8 * SupportedRates,uint mode)299 void rtw_set_supported_rate23a(u8 *SupportedRates, uint mode)
300 {
301
302
303 memset(SupportedRates, 0, NDIS_802_11_LENGTH_RATES_EX);
304
305 switch (mode) {
306 case WIRELESS_11B:
307 memcpy(SupportedRates, WIFI_CCKRATES, IEEE80211_CCK_RATE_LEN);
308 break;
309
310 case WIRELESS_11G:
311 case WIRELESS_11A:
312 case WIRELESS_11_5N:
313 case WIRELESS_11A_5N:/* Todo: no basic rate for ofdm ? */
314 memcpy(SupportedRates, WIFI_OFDMRATES,
315 IEEE80211_NUM_OFDM_RATESLEN);
316 break;
317
318 case WIRELESS_11BG:
319 case WIRELESS_11G_24N:
320 case WIRELESS_11_24N:
321 case WIRELESS_11BG_24N:
322 memcpy(SupportedRates, WIFI_CCKRATES, IEEE80211_CCK_RATE_LEN);
323 memcpy(SupportedRates + IEEE80211_CCK_RATE_LEN, WIFI_OFDMRATES,
324 IEEE80211_NUM_OFDM_RATESLEN);
325 break;
326 }
327
328 }
329
rtw_get_rateset_len23a(u8 * rateset)330 uint rtw_get_rateset_len23a(u8 *rateset)
331 {
332 uint i = 0;
333
334 while(1) {
335 if (rateset[i] == 0)
336 break;
337
338 if (i > 12)
339 break;
340
341 i++;
342 }
343
344 return i;
345 }
346
rtw_generate_ie23a(struct registry_priv * pregistrypriv)347 int rtw_generate_ie23a(struct registry_priv *pregistrypriv)
348 {
349 u8 wireless_mode;
350 int sz = 0, rateLen;
351 struct wlan_bssid_ex *pdev_network = &pregistrypriv->dev_network;
352 u8 *ie = pdev_network->IEs;
353 u16 cap;
354
355 pdev_network->tsf = 0;
356
357 cap = WLAN_CAPABILITY_IBSS;
358
359 if (pregistrypriv->preamble == PREAMBLE_SHORT)
360 cap |= WLAN_CAPABILITY_SHORT_PREAMBLE;
361
362 if (pdev_network->Privacy)
363 cap |= WLAN_CAPABILITY_PRIVACY;
364
365 pdev_network->capability = cap;
366
367 /* SSID */
368 ie = rtw_set_ie23a(ie, WLAN_EID_SSID, pdev_network->Ssid.ssid_len,
369 pdev_network->Ssid.ssid, &sz);
370
371 /* supported rates */
372 if (pregistrypriv->wireless_mode == WIRELESS_11ABGN) {
373 if (pdev_network->DSConfig > 14)
374 wireless_mode = WIRELESS_11A_5N;
375 else
376 wireless_mode = WIRELESS_11BG_24N;
377 } else {
378 wireless_mode = pregistrypriv->wireless_mode;
379 }
380
381 rtw_set_supported_rate23a(pdev_network->SupportedRates, wireless_mode) ;
382
383 rateLen = rtw_get_rateset_len23a(pdev_network->SupportedRates);
384
385 if (rateLen > 8) {
386 ie = rtw_set_ie23a(ie, WLAN_EID_SUPP_RATES, 8,
387 pdev_network->SupportedRates, &sz);
388 /* ie = rtw_set_ie23a(ie, _EXT_SUPPORTEDRATES_IE_, (rateLen - 8), (pdev_network->SupportedRates + 8), &sz); */
389 } else {
390 ie = rtw_set_ie23a(ie, WLAN_EID_SUPP_RATES, rateLen,
391 pdev_network->SupportedRates, &sz);
392 }
393
394 /* DS parameter set */
395 ie = rtw_set_ie23a(ie, WLAN_EID_DS_PARAMS, 1,
396 (u8 *)&pdev_network->DSConfig, &sz);
397
398 /* IBSS Parameter Set */
399
400 ie = rtw_set_ie23a(ie, WLAN_EID_IBSS_PARAMS, 2,
401 (u8 *)&pdev_network->ATIMWindow, &sz);
402
403 if (rateLen > 8) {
404 ie = rtw_set_ie23a(ie, WLAN_EID_EXT_SUPP_RATES, (rateLen - 8),
405 (pdev_network->SupportedRates + 8), &sz);
406 }
407
408
409
410 /* return _SUCCESS; */
411
412 return sz;
413 }
414
rtw_get_wpa_cipher_suite(const u8 * s)415 static int rtw_get_wpa_cipher_suite(const u8 *s)
416 {
417 if (!memcmp(s, WPA_CIPHER_SUITE_NONE23A, WPA_SELECTOR_LEN))
418 return WPA_CIPHER_NONE;
419 if (!memcmp(s, WPA_CIPHER_SUITE_WEP4023A, WPA_SELECTOR_LEN))
420 return WPA_CIPHER_WEP40;
421 if (!memcmp(s, WPA_CIPHER_SUITE_TKIP23A, WPA_SELECTOR_LEN))
422 return WPA_CIPHER_TKIP;
423 if (!memcmp(s, WPA_CIPHER_SUITE_CCMP23A, WPA_SELECTOR_LEN))
424 return WPA_CIPHER_CCMP;
425 if (!memcmp(s, WPA_CIPHER_SUITE_WEP10423A, WPA_SELECTOR_LEN))
426 return WPA_CIPHER_WEP104;
427
428 return 0;
429 }
430
rtw_get_wpa2_cipher_suite(const u8 * s)431 static int rtw_get_wpa2_cipher_suite(const u8 *s)
432 {
433 if (!memcmp(s, RSN_CIPHER_SUITE_NONE23A, RSN_SELECTOR_LEN))
434 return WPA_CIPHER_NONE;
435 if (!memcmp(s, RSN_CIPHER_SUITE_WEP4023A, RSN_SELECTOR_LEN))
436 return WPA_CIPHER_WEP40;
437 if (!memcmp(s, RSN_CIPHER_SUITE_TKIP23A, RSN_SELECTOR_LEN))
438 return WPA_CIPHER_TKIP;
439 if (!memcmp(s, RSN_CIPHER_SUITE_CCMP23A, RSN_SELECTOR_LEN))
440 return WPA_CIPHER_CCMP;
441 if (!memcmp(s, RSN_CIPHER_SUITE_WEP10423A, RSN_SELECTOR_LEN))
442 return WPA_CIPHER_WEP104;
443
444 return 0;
445 }
446
rtw_parse_wpa_ie23a(const u8 * wpa_ie,int wpa_ie_len,int * group_cipher,int * pairwise_cipher,int * is_8021x)447 int rtw_parse_wpa_ie23a(const u8 *wpa_ie, int wpa_ie_len, int *group_cipher,
448 int *pairwise_cipher, int *is_8021x)
449 {
450 int i, ret = _SUCCESS;
451 int left, count;
452 const u8 *pos;
453
454 if (wpa_ie_len <= 0) {
455 /* No WPA IE - fail silently */
456 return _FAIL;
457 }
458
459 if (wpa_ie[1] != (u8)(wpa_ie_len - 2))
460 return _FAIL;
461
462 pos = wpa_ie;
463
464 pos += 8;
465 left = wpa_ie_len - 8;
466
467 /* group_cipher */
468 if (left >= WPA_SELECTOR_LEN) {
469
470 *group_cipher = rtw_get_wpa_cipher_suite(pos);
471
472 pos += WPA_SELECTOR_LEN;
473 left -= WPA_SELECTOR_LEN;
474 } else if (left > 0) {
475 RT_TRACE(_module_rtl871x_mlme_c_, _drv_err_,
476 "%s: ie length mismatch, %u too much\n",
477 __func__, left);
478
479 return _FAIL;
480 }
481
482 /* pairwise_cipher */
483 if (left >= 2) {
484 /* count = le16_to_cpu(*(u16*)pos); */
485 count = get_unaligned_le16(pos);
486 pos += 2;
487 left -= 2;
488
489 if (count == 0 || left < count * WPA_SELECTOR_LEN) {
490 RT_TRACE(_module_rtl871x_mlme_c_, _drv_err_,
491 "%s: ie count botch (pairwise), count %u left %u\n",
492 __func__, count, left);
493 return _FAIL;
494 }
495
496 for (i = 0; i < count; i++) {
497 *pairwise_cipher |= rtw_get_wpa_cipher_suite(pos);
498
499 pos += WPA_SELECTOR_LEN;
500 left -= WPA_SELECTOR_LEN;
501 }
502 } else if (left == 1) {
503 RT_TRACE(_module_rtl871x_mlme_c_, _drv_err_,
504 "%s: ie too short (for key mgmt)\n", __func__);
505 return _FAIL;
506 }
507
508 if (is_8021x) {
509 if (left >= 6) {
510 pos += 2;
511 if (!memcmp(pos, RTW_WPA_OUI23A_TYPE, 4)) {
512 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
513 "%s : there has 802.1x auth\n",
514 __func__);
515 *is_8021x = 1;
516 }
517 }
518 }
519
520 return ret;
521 }
522
rtw_parse_wpa2_ie23a(const u8 * rsn_ie,int rsn_ie_len,int * group_cipher,int * pairwise_cipher,int * is_8021x)523 int rtw_parse_wpa2_ie23a(const u8 *rsn_ie, int rsn_ie_len, int *group_cipher,
524 int *pairwise_cipher, int *is_8021x)
525 {
526 int i, ret = _SUCCESS;
527 int left, count;
528 const u8 *pos;
529 u8 SUITE_1X[4] = {0x00, 0x0f, 0xac, 0x01};
530
531 if (rsn_ie_len <= 0) {
532 /* No RSN IE - fail silently */
533 return _FAIL;
534 }
535
536 if (*rsn_ie != WLAN_EID_RSN || *(rsn_ie+1) != (u8)(rsn_ie_len - 2)) {
537 return _FAIL;
538 }
539
540 pos = rsn_ie;
541 pos += 4;
542 left = rsn_ie_len - 4;
543
544 /* group_cipher */
545 if (left >= RSN_SELECTOR_LEN) {
546 *group_cipher = rtw_get_wpa2_cipher_suite(pos);
547
548 pos += RSN_SELECTOR_LEN;
549 left -= RSN_SELECTOR_LEN;
550 } else if (left > 0) {
551 RT_TRACE(_module_rtl871x_mlme_c_, _drv_err_,
552 "%s: ie length mismatch, %u too much\n",
553 __func__, left);
554 return _FAIL;
555 }
556
557 /* pairwise_cipher */
558 if (left >= 2) {
559 /* count = le16_to_cpu(*(u16*)pos); */
560 count = get_unaligned_le16(pos);
561 pos += 2;
562 left -= 2;
563
564 if (count == 0 || left < count * RSN_SELECTOR_LEN) {
565 RT_TRACE(_module_rtl871x_mlme_c_, _drv_err_,
566 "%s: ie count botch (pairwise), count %u left %u\n",
567 __func__, count, left);
568 return _FAIL;
569 }
570
571 for (i = 0; i < count; i++) {
572 *pairwise_cipher |= rtw_get_wpa2_cipher_suite(pos);
573
574 pos += RSN_SELECTOR_LEN;
575 left -= RSN_SELECTOR_LEN;
576 }
577 } else if (left == 1) {
578 RT_TRACE(_module_rtl871x_mlme_c_, _drv_err_,
579 "%s: ie too short (for key mgmt)\n", __func__);
580
581 return _FAIL;
582 }
583
584 if (is_8021x) {
585 if (left >= 6) {
586 pos += 2;
587 if (!memcmp(pos, SUITE_1X, 4)) {
588 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
589 "%s (): there has 802.1x auth\n",
590 __func__);
591 *is_8021x = 1;
592 }
593 }
594 }
595
596 return ret;
597 }
598
599 /**
600 * rtw_get_wps_attr23a - Search a specific WPS attribute from a given WPS IE
601 * @wps_ie: Address of WPS IE to search
602 * @wps_ielen: Length limit from wps_ie
603 * @target_attr_id: The attribute ID of WPS attribute to search
604 * @buf_attr: If not NULL and the WPS attribute is found, WPS attribute
605 * will be copied to the buf starting from buf_attr
606 * @len_attr: If not NULL and the WPS attribute is found, will set to the
607 * length of the entire WPS attribute
608 *
609 * Returns: the address of the specific WPS attribute found, or NULL
610 */
rtw_get_wps_attr23a(const u8 * wps_ie,uint wps_ielen,u16 target_attr_id,u8 * buf_attr,u32 * len_attr)611 const u8 *rtw_get_wps_attr23a(const u8 *wps_ie, uint wps_ielen,
612 u16 target_attr_id, u8 *buf_attr, u32 *len_attr)
613 {
614 const u8 *attr_ptr = NULL;
615 const u8 *target_attr_ptr = NULL;
616 u8 wps_oui[4] = {0x00, 0x50, 0xF2, 0x04};
617
618 if (len_attr)
619 *len_attr = 0;
620
621 if (wps_ie[0] != WLAN_EID_VENDOR_SPECIFIC ||
622 memcmp(wps_ie + 2, wps_oui, 4)) {
623 return attr_ptr;
624 }
625
626 /* 6 = 1(Element ID) + 1(Length) + 4(WPS OUI) */
627 attr_ptr = wps_ie + 6; /* goto first attr */
628
629 while (attr_ptr - wps_ie < wps_ielen) {
630 /* 4 = 2(Attribute ID) + 2(Length) */
631 u16 attr_id = get_unaligned_be16(attr_ptr);
632 u16 attr_data_len = get_unaligned_be16(attr_ptr + 2);
633 u16 attr_len = attr_data_len + 4;
634
635 /* DBG_8723A("%s attr_ptr:%p, id:%u, length:%u\n", __func__, attr_ptr, attr_id, attr_data_len); */
636 if (attr_id == target_attr_id) {
637 target_attr_ptr = attr_ptr;
638
639 if (buf_attr)
640 memcpy(buf_attr, attr_ptr, attr_len);
641
642 if (len_attr)
643 *len_attr = attr_len;
644
645 break;
646 } else {
647 attr_ptr += attr_len; /* goto next */
648 }
649 }
650
651 return target_attr_ptr;
652 }
653
654 /**
655 * rtw_get_wps_attr_content23a - Search a specific WPS attribute content
656 * from a given WPS IE
657 * @wps_ie: Address of WPS IE to search
658 * @wps_ielen: Length limit from wps_ie
659 * @target_attr_id: The attribute ID of WPS attribute to search
660 * @buf_content: If not NULL and the WPS attribute is found, WPS attribute
661 * content will be copied to the buf starting from buf_content
662 * @len_content: If not NULL and the WPS attribute is found, will set to the
663 * length of the WPS attribute content
664 *
665 * Returns: the address of the specific WPS attribute content found, or NULL
666 */
rtw_get_wps_attr_content23a(const u8 * wps_ie,uint wps_ielen,u16 target_attr_id,u8 * buf_content)667 const u8 *rtw_get_wps_attr_content23a(const u8 *wps_ie, uint wps_ielen,
668 u16 target_attr_id, u8 *buf_content)
669 {
670 const u8 *attr_ptr;
671 u32 attr_len;
672
673 attr_ptr = rtw_get_wps_attr23a(wps_ie, wps_ielen, target_attr_id,
674 NULL, &attr_len);
675
676 if (attr_ptr && attr_len) {
677 if (buf_content)
678 memcpy(buf_content, attr_ptr + 4, attr_len - 4);
679
680 return attr_ptr + 4;
681 }
682
683 return NULL;
684 }
685
rtw_get_cipher_info(struct wlan_network * pnetwork)686 static int rtw_get_cipher_info(struct wlan_network *pnetwork)
687 {
688 const u8 *pbuf;
689 int group_cipher = 0, pairwise_cipher = 0, is8021x = 0;
690 int ret = _FAIL;
691 int r, plen;
692 char *pie;
693
694 pie = pnetwork->network.IEs;
695 plen = pnetwork->network.IELength;
696
697 pbuf = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
698 WLAN_OUI_TYPE_MICROSOFT_WPA, pie, plen);
699
700 if (pbuf && pbuf[1] > 0) {
701 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
702 "rtw_get_cipher_info: wpa_ielen: %d\n", pbuf[1]);
703 r = rtw_parse_wpa_ie23a(pbuf, pbuf[1] + 2, &group_cipher,
704 &pairwise_cipher, &is8021x);
705 if (r == _SUCCESS) {
706 pnetwork->BcnInfo.pairwise_cipher = pairwise_cipher;
707 pnetwork->BcnInfo.group_cipher = group_cipher;
708 pnetwork->BcnInfo.is_8021x = is8021x;
709 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
710 "%s: pnetwork->pairwise_cipher: %d, is_8021x is %d\n",
711 __func__, pnetwork->BcnInfo.pairwise_cipher,
712 pnetwork->BcnInfo.is_8021x);
713 ret = _SUCCESS;
714 }
715 } else {
716 pbuf = cfg80211_find_ie(WLAN_EID_RSN, pie, plen);
717
718 if (pbuf && pbuf[1] > 0) {
719 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
720 "get RSN IE\n");
721 r = rtw_parse_wpa2_ie23a(pbuf, pbuf[1] + 2,
722 &group_cipher, &pairwise_cipher,
723 &is8021x);
724 if (r == _SUCCESS) {
725 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
726 "get RSN IE OK!!!\n");
727 pnetwork->BcnInfo.pairwise_cipher =
728 pairwise_cipher;
729 pnetwork->BcnInfo.group_cipher = group_cipher;
730 pnetwork->BcnInfo.is_8021x = is8021x;
731 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
732 "%s: pnetwork->pairwise_cipher: %d,pnetwork->group_cipher is %d, is_8021x is %d\n",
733 __func__,
734 pnetwork->BcnInfo.pairwise_cipher,
735 pnetwork->BcnInfo.group_cipher,
736 pnetwork->BcnInfo.is_8021x);
737 ret = _SUCCESS;
738 }
739 }
740 }
741
742 return ret;
743 }
744
rtw_get_bcn_info23a(struct wlan_network * pnetwork)745 void rtw_get_bcn_info23a(struct wlan_network *pnetwork)
746 {
747 u8 bencrypt = 0;
748 int pie_len;
749 u8 *pie;
750 const u8 *p;
751
752 if (pnetwork->network.capability & WLAN_CAPABILITY_PRIVACY) {
753 bencrypt = 1;
754 pnetwork->network.Privacy = 1;
755 } else
756 pnetwork->BcnInfo.encryp_protocol = ENCRYP_PROTOCOL_OPENSYS;
757
758 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
759 "%s: ssid =%s\n", __func__, pnetwork->network.Ssid.ssid);
760
761 pie = pnetwork->network.IEs;
762 pie_len = pnetwork->network.IELength;
763
764 p = cfg80211_find_ie(WLAN_EID_RSN, pie, pie_len);
765 if (p && p[1]) {
766 pnetwork->BcnInfo.encryp_protocol = ENCRYP_PROTOCOL_WPA2;
767 } else if (cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
768 WLAN_OUI_TYPE_MICROSOFT_WPA,
769 pie, pie_len)) {
770 pnetwork->BcnInfo.encryp_protocol = ENCRYP_PROTOCOL_WPA;
771 } else {
772 if (bencrypt)
773 pnetwork->BcnInfo.encryp_protocol = ENCRYP_PROTOCOL_WEP;
774 }
775 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
776 "%s: pnetwork->encryp_protocol is %x\n", __func__,
777 pnetwork->BcnInfo.encryp_protocol);
778 RT_TRACE(_module_rtl871x_mlme_c_, _drv_info_,
779 "%s: pnetwork->encryp_protocol is %x\n", __func__,
780 pnetwork->BcnInfo.encryp_protocol);
781 rtw_get_cipher_info(pnetwork);
782
783 /* get bwmode and ch_offset */
784 }
785
786 /* show MCS rate, unit: 100Kbps */
rtw_mcs_rate23a(u8 rf_type,u8 bw_40MHz,u8 short_GI_20,u8 short_GI_40,struct ieee80211_mcs_info * mcs)787 u16 rtw_mcs_rate23a(u8 rf_type, u8 bw_40MHz, u8 short_GI_20, u8 short_GI_40,
788 struct ieee80211_mcs_info *mcs)
789 {
790 u16 max_rate = 0;
791
792 if (rf_type == RF_1T1R) {
793 if (mcs->rx_mask[0] & BIT(7))
794 max_rate = (bw_40MHz) ? ((short_GI_40)?1500:1350):
795 ((short_GI_20)?722:650);
796 else if (mcs->rx_mask[0] & BIT(6))
797 max_rate = (bw_40MHz) ? ((short_GI_40)?1350:1215):
798 ((short_GI_20)?650:585);
799 else if (mcs->rx_mask[0] & BIT(5))
800 max_rate = (bw_40MHz) ? ((short_GI_40)?1200:1080):
801 ((short_GI_20)?578:520);
802 else if (mcs->rx_mask[0] & BIT(4))
803 max_rate = (bw_40MHz) ? ((short_GI_40)?900:810):
804 ((short_GI_20)?433:390);
805 else if (mcs->rx_mask[0] & BIT(3))
806 max_rate = (bw_40MHz) ? ((short_GI_40)?600:540):
807 ((short_GI_20)?289:260);
808 else if (mcs->rx_mask[0] & BIT(2))
809 max_rate = (bw_40MHz) ? ((short_GI_40)?450:405):
810 ((short_GI_20)?217:195);
811 else if (mcs->rx_mask[0] & BIT(1))
812 max_rate = (bw_40MHz) ? ((short_GI_40)?300:270):
813 ((short_GI_20)?144:130);
814 else if (mcs->rx_mask[0] & BIT(0))
815 max_rate = (bw_40MHz) ? ((short_GI_40)?150:135):
816 ((short_GI_20)?72:65);
817 } else {
818 if (mcs->rx_mask[1]) {
819 if (mcs->rx_mask[1] & BIT(7))
820 max_rate = (bw_40MHz) ? ((short_GI_40)?3000:2700):((short_GI_20)?1444:1300);
821 else if (mcs->rx_mask[1] & BIT(6))
822 max_rate = (bw_40MHz) ? ((short_GI_40)?2700:2430):((short_GI_20)?1300:1170);
823 else if (mcs->rx_mask[1] & BIT(5))
824 max_rate = (bw_40MHz) ? ((short_GI_40)?2400:2160):((short_GI_20)?1156:1040);
825 else if (mcs->rx_mask[1] & BIT(4))
826 max_rate = (bw_40MHz) ? ((short_GI_40)?1800:1620):((short_GI_20)?867:780);
827 else if (mcs->rx_mask[1] & BIT(3))
828 max_rate = (bw_40MHz) ? ((short_GI_40)?1200:1080):((short_GI_20)?578:520);
829 else if (mcs->rx_mask[1] & BIT(2))
830 max_rate = (bw_40MHz) ? ((short_GI_40)?900:810):((short_GI_20)?433:390);
831 else if (mcs->rx_mask[1] & BIT(1))
832 max_rate = (bw_40MHz) ? ((short_GI_40)?600:540):((short_GI_20)?289:260);
833 else if (mcs->rx_mask[1] & BIT(0))
834 max_rate = (bw_40MHz) ? ((short_GI_40)?300:270):((short_GI_20)?144:130);
835 } else {
836 if (mcs->rx_mask[0] & BIT(7))
837 max_rate = (bw_40MHz) ? ((short_GI_40)?1500:1350):((short_GI_20)?722:650);
838 else if (mcs->rx_mask[0] & BIT(6))
839 max_rate = (bw_40MHz) ? ((short_GI_40)?1350:1215):((short_GI_20)?650:585);
840 else if (mcs->rx_mask[0] & BIT(5))
841 max_rate = (bw_40MHz) ? ((short_GI_40)?1200:1080):((short_GI_20)?578:520);
842 else if (mcs->rx_mask[0] & BIT(4))
843 max_rate = (bw_40MHz) ? ((short_GI_40)?900:810):((short_GI_20)?433:390);
844 else if (mcs->rx_mask[0] & BIT(3))
845 max_rate = (bw_40MHz) ? ((short_GI_40)?600:540):((short_GI_20)?289:260);
846 else if (mcs->rx_mask[0] & BIT(2))
847 max_rate = (bw_40MHz) ? ((short_GI_40)?450:405):((short_GI_20)?217:195);
848 else if (mcs->rx_mask[0] & BIT(1))
849 max_rate = (bw_40MHz) ? ((short_GI_40)?300:270):((short_GI_20)?144:130);
850 else if (mcs->rx_mask[0] & BIT(0))
851 max_rate = (bw_40MHz) ? ((short_GI_40)?150:135):((short_GI_20)?72:65);
852 }
853 }
854 return max_rate;
855 }
856