1/* 2 * Marvell Wireless LAN device driver: management IE handling- setting and 3 * deleting IE. 4 * 5 * Copyright (C) 2012-2014, Marvell International Ltd. 6 * 7 * This software file (the "File") is distributed by Marvell International 8 * Ltd. under the terms of the GNU General Public License Version 2, June 1991 9 * (the "License"). You may use, redistribute and/or modify this File in 10 * accordance with the terms and conditions of the License, a copy of which 11 * is available by writing to the Free Software Foundation, Inc., 12 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA or on the 13 * worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. 14 * 15 * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE 17 * ARE EXPRESSLY DISCLAIMED. The License provides additional details about 18 * this warranty disclaimer. 19 */ 20 21#include "main.h" 22 23/* This function checks if current IE index is used by any on other interface. 24 * Return: -1: yes, current IE index is used by someone else. 25 * 0: no, current IE index is NOT used by other interface. 26 */ 27static int 28mwifiex_ie_index_used_by_other_intf(struct mwifiex_private *priv, u16 idx) 29{ 30 int i; 31 struct mwifiex_adapter *adapter = priv->adapter; 32 struct mwifiex_ie *ie; 33 34 for (i = 0; i < adapter->priv_num; i++) { 35 if (adapter->priv[i] != priv) { 36 ie = &adapter->priv[i]->mgmt_ie[idx]; 37 if (ie->mgmt_subtype_mask && ie->ie_length) 38 return -1; 39 } 40 } 41 42 return 0; 43} 44 45/* Get unused IE index. This index will be used for setting new IE */ 46static int 47mwifiex_ie_get_autoidx(struct mwifiex_private *priv, u16 subtype_mask, 48 struct mwifiex_ie *ie, u16 *index) 49{ 50 u16 mask, len, i; 51 52 for (i = 0; i < priv->adapter->max_mgmt_ie_index; i++) { 53 mask = le16_to_cpu(priv->mgmt_ie[i].mgmt_subtype_mask); 54 len = le16_to_cpu(ie->ie_length); 55 56 if (mask == MWIFIEX_AUTO_IDX_MASK) 57 continue; 58 59 if (mask == subtype_mask) { 60 if (len > IEEE_MAX_IE_SIZE) 61 continue; 62 63 *index = i; 64 return 0; 65 } 66 67 if (!priv->mgmt_ie[i].ie_length) { 68 if (mwifiex_ie_index_used_by_other_intf(priv, i)) 69 continue; 70 71 *index = i; 72 return 0; 73 } 74 } 75 76 return -1; 77} 78 79/* This function prepares IE data buffer for command to be sent to FW */ 80static int 81mwifiex_update_autoindex_ies(struct mwifiex_private *priv, 82 struct mwifiex_ie_list *ie_list) 83{ 84 u16 travel_len, index, mask; 85 s16 input_len, tlv_len; 86 struct mwifiex_ie *ie; 87 u8 *tmp; 88 89 input_len = le16_to_cpu(ie_list->len); 90 travel_len = sizeof(struct mwifiex_ie_types_header); 91 92 ie_list->len = 0; 93 94 while (input_len >= sizeof(struct mwifiex_ie_types_header)) { 95 ie = (struct mwifiex_ie *)(((u8 *)ie_list) + travel_len); 96 tlv_len = le16_to_cpu(ie->ie_length); 97 travel_len += tlv_len + MWIFIEX_IE_HDR_SIZE; 98 99 if (input_len < tlv_len + MWIFIEX_IE_HDR_SIZE) 100 return -1; 101 index = le16_to_cpu(ie->ie_index); 102 mask = le16_to_cpu(ie->mgmt_subtype_mask); 103 104 if (index == MWIFIEX_AUTO_IDX_MASK) { 105 /* automatic addition */ 106 if (mwifiex_ie_get_autoidx(priv, mask, ie, &index)) 107 return -1; 108 if (index == MWIFIEX_AUTO_IDX_MASK) 109 return -1; 110 111 tmp = (u8 *)&priv->mgmt_ie[index].ie_buffer; 112 memcpy(tmp, &ie->ie_buffer, le16_to_cpu(ie->ie_length)); 113 priv->mgmt_ie[index].ie_length = ie->ie_length; 114 priv->mgmt_ie[index].ie_index = cpu_to_le16(index); 115 priv->mgmt_ie[index].mgmt_subtype_mask = 116 cpu_to_le16(mask); 117 118 ie->ie_index = cpu_to_le16(index); 119 } else { 120 if (mask != MWIFIEX_DELETE_MASK) 121 return -1; 122 /* 123 * Check if this index is being used on any 124 * other interface. 125 */ 126 if (mwifiex_ie_index_used_by_other_intf(priv, index)) 127 return -1; 128 129 ie->ie_length = 0; 130 memcpy(&priv->mgmt_ie[index], ie, 131 sizeof(struct mwifiex_ie)); 132 } 133 134 le16_add_cpu(&ie_list->len, 135 le16_to_cpu(priv->mgmt_ie[index].ie_length) + 136 MWIFIEX_IE_HDR_SIZE); 137 input_len -= tlv_len + MWIFIEX_IE_HDR_SIZE; 138 } 139 140 if (GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_UAP) 141 return mwifiex_send_cmd(priv, HostCmd_CMD_UAP_SYS_CONFIG, 142 HostCmd_ACT_GEN_SET, 143 UAP_CUSTOM_IE_I, ie_list, false); 144 145 return 0; 146} 147 148/* Copy individual custom IEs for beacon, probe response and assoc response 149 * and prepare single structure for IE setting. 150 * This function also updates allocated IE indices from driver. 151 */ 152static int 153mwifiex_update_uap_custom_ie(struct mwifiex_private *priv, 154 struct mwifiex_ie *beacon_ie, u16 *beacon_idx, 155 struct mwifiex_ie *pr_ie, u16 *probe_idx, 156 struct mwifiex_ie *ar_ie, u16 *assoc_idx) 157{ 158 struct mwifiex_ie_list *ap_custom_ie; 159 u8 *pos; 160 u16 len; 161 int ret; 162 163 ap_custom_ie = kzalloc(sizeof(*ap_custom_ie), GFP_KERNEL); 164 if (!ap_custom_ie) 165 return -ENOMEM; 166 167 ap_custom_ie->type = cpu_to_le16(TLV_TYPE_MGMT_IE); 168 pos = (u8 *)ap_custom_ie->ie_list; 169 170 if (beacon_ie) { 171 len = sizeof(struct mwifiex_ie) - IEEE_MAX_IE_SIZE + 172 le16_to_cpu(beacon_ie->ie_length); 173 memcpy(pos, beacon_ie, len); 174 pos += len; 175 le16_add_cpu(&ap_custom_ie->len, len); 176 } 177 if (pr_ie) { 178 len = sizeof(struct mwifiex_ie) - IEEE_MAX_IE_SIZE + 179 le16_to_cpu(pr_ie->ie_length); 180 memcpy(pos, pr_ie, len); 181 pos += len; 182 le16_add_cpu(&ap_custom_ie->len, len); 183 } 184 if (ar_ie) { 185 len = sizeof(struct mwifiex_ie) - IEEE_MAX_IE_SIZE + 186 le16_to_cpu(ar_ie->ie_length); 187 memcpy(pos, ar_ie, len); 188 pos += len; 189 le16_add_cpu(&ap_custom_ie->len, len); 190 } 191 192 ret = mwifiex_update_autoindex_ies(priv, ap_custom_ie); 193 194 pos = (u8 *)(&ap_custom_ie->ie_list[0].ie_index); 195 if (beacon_ie && *beacon_idx == MWIFIEX_AUTO_IDX_MASK) { 196 /* save beacon ie index after auto-indexing */ 197 *beacon_idx = le16_to_cpu(ap_custom_ie->ie_list[0].ie_index); 198 len = sizeof(*beacon_ie) - IEEE_MAX_IE_SIZE + 199 le16_to_cpu(beacon_ie->ie_length); 200 pos += len; 201 } 202 if (pr_ie && le16_to_cpu(pr_ie->ie_index) == MWIFIEX_AUTO_IDX_MASK) { 203 /* save probe resp ie index after auto-indexing */ 204 *probe_idx = *((u16 *)pos); 205 len = sizeof(*pr_ie) - IEEE_MAX_IE_SIZE + 206 le16_to_cpu(pr_ie->ie_length); 207 pos += len; 208 } 209 if (ar_ie && le16_to_cpu(ar_ie->ie_index) == MWIFIEX_AUTO_IDX_MASK) 210 /* save assoc resp ie index after auto-indexing */ 211 *assoc_idx = *((u16 *)pos); 212 213 kfree(ap_custom_ie); 214 return ret; 215} 216 217/* This function checks if the vendor specified IE is present in passed buffer 218 * and copies it to mwifiex_ie structure. 219 * Function takes pointer to struct mwifiex_ie pointer as argument. 220 * If the vendor specified IE is present then memory is allocated for 221 * mwifiex_ie pointer and filled in with IE. Caller should take care of freeing 222 * this memory. 223 */ 224static int mwifiex_update_vs_ie(const u8 *ies, int ies_len, 225 struct mwifiex_ie **ie_ptr, u16 mask, 226 unsigned int oui, u8 oui_type) 227{ 228 struct ieee_types_header *vs_ie; 229 struct mwifiex_ie *ie = *ie_ptr; 230 const u8 *vendor_ie; 231 232 vendor_ie = cfg80211_find_vendor_ie(oui, oui_type, ies, ies_len); 233 if (vendor_ie) { 234 if (!*ie_ptr) { 235 *ie_ptr = kzalloc(sizeof(struct mwifiex_ie), 236 GFP_KERNEL); 237 if (!*ie_ptr) 238 return -ENOMEM; 239 ie = *ie_ptr; 240 } 241 242 vs_ie = (struct ieee_types_header *)vendor_ie; 243 memcpy(ie->ie_buffer + le16_to_cpu(ie->ie_length), 244 vs_ie, vs_ie->len + 2); 245 le16_add_cpu(&ie->ie_length, vs_ie->len + 2); 246 ie->mgmt_subtype_mask = cpu_to_le16(mask); 247 ie->ie_index = cpu_to_le16(MWIFIEX_AUTO_IDX_MASK); 248 } 249 250 *ie_ptr = ie; 251 return 0; 252} 253 254/* This function parses beacon IEs, probe response IEs, association response IEs 255 * from cfg80211_ap_settings->beacon and sets these IE to FW. 256 */ 257static int mwifiex_set_mgmt_beacon_data_ies(struct mwifiex_private *priv, 258 struct cfg80211_beacon_data *data) 259{ 260 struct mwifiex_ie *beacon_ie = NULL, *pr_ie = NULL, *ar_ie = NULL; 261 u16 beacon_idx = MWIFIEX_AUTO_IDX_MASK, pr_idx = MWIFIEX_AUTO_IDX_MASK; 262 u16 ar_idx = MWIFIEX_AUTO_IDX_MASK; 263 int ret = 0; 264 265 if (data->beacon_ies && data->beacon_ies_len) { 266 mwifiex_update_vs_ie(data->beacon_ies, data->beacon_ies_len, 267 &beacon_ie, MGMT_MASK_BEACON, 268 WLAN_OUI_MICROSOFT, 269 WLAN_OUI_TYPE_MICROSOFT_WPS); 270 mwifiex_update_vs_ie(data->beacon_ies, data->beacon_ies_len, 271 &beacon_ie, MGMT_MASK_BEACON, 272 WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P); 273 } 274 275 if (data->proberesp_ies && data->proberesp_ies_len) { 276 mwifiex_update_vs_ie(data->proberesp_ies, 277 data->proberesp_ies_len, &pr_ie, 278 MGMT_MASK_PROBE_RESP, WLAN_OUI_MICROSOFT, 279 WLAN_OUI_TYPE_MICROSOFT_WPS); 280 mwifiex_update_vs_ie(data->proberesp_ies, 281 data->proberesp_ies_len, &pr_ie, 282 MGMT_MASK_PROBE_RESP, 283 WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P); 284 } 285 286 if (data->assocresp_ies && data->assocresp_ies_len) { 287 mwifiex_update_vs_ie(data->assocresp_ies, 288 data->assocresp_ies_len, &ar_ie, 289 MGMT_MASK_ASSOC_RESP | 290 MGMT_MASK_REASSOC_RESP, 291 WLAN_OUI_MICROSOFT, 292 WLAN_OUI_TYPE_MICROSOFT_WPS); 293 mwifiex_update_vs_ie(data->assocresp_ies, 294 data->assocresp_ies_len, &ar_ie, 295 MGMT_MASK_ASSOC_RESP | 296 MGMT_MASK_REASSOC_RESP, WLAN_OUI_WFA, 297 WLAN_OUI_TYPE_WFA_P2P); 298 } 299 300 if (beacon_ie || pr_ie || ar_ie) { 301 ret = mwifiex_update_uap_custom_ie(priv, beacon_ie, 302 &beacon_idx, pr_ie, 303 &pr_idx, ar_ie, &ar_idx); 304 if (ret) 305 goto done; 306 } 307 308 priv->beacon_idx = beacon_idx; 309 priv->proberesp_idx = pr_idx; 310 priv->assocresp_idx = ar_idx; 311 312done: 313 kfree(beacon_ie); 314 kfree(pr_ie); 315 kfree(ar_ie); 316 317 return ret; 318} 319 320/* This function parses head and tail IEs, from cfg80211_beacon_data and sets 321 * these IE to FW. 322 */ 323static int mwifiex_uap_set_head_tail_ies(struct mwifiex_private *priv, 324 struct cfg80211_beacon_data *info) 325{ 326 struct mwifiex_ie *gen_ie; 327 struct ieee_types_header *rsn_ie = NULL, *wpa_ie = NULL; 328 struct ieee_types_header *chsw_ie = NULL; 329 u16 gen_idx = MWIFIEX_AUTO_IDX_MASK, ie_len = 0; 330 const u8 *vendor_ie; 331 332 gen_ie = kzalloc(sizeof(*gen_ie), GFP_KERNEL); 333 if (!gen_ie) 334 return -ENOMEM; 335 gen_ie->ie_index = cpu_to_le16(gen_idx); 336 gen_ie->mgmt_subtype_mask = cpu_to_le16(MGMT_MASK_BEACON | 337 MGMT_MASK_PROBE_RESP | 338 MGMT_MASK_ASSOC_RESP); 339 340 if (info->tail && info->tail_len) { 341 rsn_ie = (void *)cfg80211_find_ie(WLAN_EID_RSN, 342 info->tail, info->tail_len); 343 if (rsn_ie) { 344 memcpy(gen_ie->ie_buffer, rsn_ie, rsn_ie->len + 2); 345 ie_len = rsn_ie->len + 2; 346 gen_ie->ie_length = cpu_to_le16(ie_len); 347 } 348 349 vendor_ie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, 350 WLAN_OUI_TYPE_MICROSOFT_WPA, 351 info->tail, 352 info->tail_len); 353 if (vendor_ie) { 354 wpa_ie = (struct ieee_types_header *)vendor_ie; 355 memcpy(gen_ie->ie_buffer + ie_len, 356 wpa_ie, wpa_ie->len + 2); 357 ie_len += wpa_ie->len + 2; 358 gen_ie->ie_length = cpu_to_le16(ie_len); 359 } 360 361 chsw_ie = (void *)cfg80211_find_ie(WLAN_EID_CHANNEL_SWITCH, 362 info->tail, info->tail_len); 363 if (chsw_ie) { 364 memcpy(gen_ie->ie_buffer + ie_len, 365 chsw_ie, chsw_ie->len + 2); 366 ie_len += chsw_ie->len + 2; 367 gen_ie->ie_length = cpu_to_le16(ie_len); 368 } 369 } 370 371 if (rsn_ie || wpa_ie || chsw_ie) { 372 if (mwifiex_update_uap_custom_ie(priv, gen_ie, &gen_idx, NULL, 373 NULL, NULL, NULL)) { 374 kfree(gen_ie); 375 return -1; 376 } 377 priv->gen_idx = gen_idx; 378 } 379 380 kfree(gen_ie); 381 return 0; 382} 383 384/* This function parses different IEs-head & tail IEs, beacon IEs, 385 * probe response IEs, association response IEs from cfg80211_ap_settings 386 * function and sets these IE to FW. 387 */ 388int mwifiex_set_mgmt_ies(struct mwifiex_private *priv, 389 struct cfg80211_beacon_data *info) 390{ 391 int ret; 392 393 ret = mwifiex_uap_set_head_tail_ies(priv, info); 394 return ret; 395 396 return mwifiex_set_mgmt_beacon_data_ies(priv, info); 397} 398 399/* This function removes management IE set */ 400int mwifiex_del_mgmt_ies(struct mwifiex_private *priv) 401{ 402 struct mwifiex_ie *beacon_ie = NULL, *pr_ie = NULL; 403 struct mwifiex_ie *ar_ie = NULL, *gen_ie = NULL; 404 int ret = 0; 405 406 if (priv->gen_idx != MWIFIEX_AUTO_IDX_MASK) { 407 gen_ie = kmalloc(sizeof(*gen_ie), GFP_KERNEL); 408 if (!gen_ie) 409 return -ENOMEM; 410 411 gen_ie->ie_index = cpu_to_le16(priv->gen_idx); 412 gen_ie->mgmt_subtype_mask = cpu_to_le16(MWIFIEX_DELETE_MASK); 413 gen_ie->ie_length = 0; 414 if (mwifiex_update_uap_custom_ie(priv, gen_ie, &priv->gen_idx, 415 NULL, &priv->proberesp_idx, 416 NULL, &priv->assocresp_idx)) { 417 ret = -1; 418 goto done; 419 } 420 421 priv->gen_idx = MWIFIEX_AUTO_IDX_MASK; 422 } 423 424 if (priv->beacon_idx != MWIFIEX_AUTO_IDX_MASK) { 425 beacon_ie = kmalloc(sizeof(struct mwifiex_ie), GFP_KERNEL); 426 if (!beacon_ie) { 427 ret = -ENOMEM; 428 goto done; 429 } 430 beacon_ie->ie_index = cpu_to_le16(priv->beacon_idx); 431 beacon_ie->mgmt_subtype_mask = cpu_to_le16(MWIFIEX_DELETE_MASK); 432 beacon_ie->ie_length = 0; 433 } 434 if (priv->proberesp_idx != MWIFIEX_AUTO_IDX_MASK) { 435 pr_ie = kmalloc(sizeof(struct mwifiex_ie), GFP_KERNEL); 436 if (!pr_ie) { 437 ret = -ENOMEM; 438 goto done; 439 } 440 pr_ie->ie_index = cpu_to_le16(priv->proberesp_idx); 441 pr_ie->mgmt_subtype_mask = cpu_to_le16(MWIFIEX_DELETE_MASK); 442 pr_ie->ie_length = 0; 443 } 444 if (priv->assocresp_idx != MWIFIEX_AUTO_IDX_MASK) { 445 ar_ie = kmalloc(sizeof(struct mwifiex_ie), GFP_KERNEL); 446 if (!ar_ie) { 447 ret = -ENOMEM; 448 goto done; 449 } 450 ar_ie->ie_index = cpu_to_le16(priv->assocresp_idx); 451 ar_ie->mgmt_subtype_mask = cpu_to_le16(MWIFIEX_DELETE_MASK); 452 ar_ie->ie_length = 0; 453 } 454 455 if (beacon_ie || pr_ie || ar_ie) 456 ret = mwifiex_update_uap_custom_ie(priv, 457 beacon_ie, &priv->beacon_idx, 458 pr_ie, &priv->proberesp_idx, 459 ar_ie, &priv->assocresp_idx); 460 461done: 462 kfree(beacon_ie); 463 kfree(pr_ie); 464 kfree(ar_ie); 465 466 return ret; 467} 468