| /* |
| * Copyright (c) 2017-2021 The Linux Foundation. All rights reserved. |
| * Copyright (c) 2021-2023 Qualcomm Innovation Center, Inc. All rights reserved. |
| * |
| * Permission to use, copy, modify, and/or distribute this software for |
| * any purpose with or without fee is hereby granted, provided that the |
| * above copyright notice and this permission notice appear in all |
| * copies. |
| * |
| * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL |
| * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED |
| * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE |
| * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL |
| * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR |
| * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER |
| * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR |
| * PERFORMANCE OF THIS SOFTWARE. |
| */ |
| |
| /* |
| * DOC: Defines scan utility functions |
| */ |
| |
| #include <wlan_cmn.h> |
| #include <wlan_scan_ucfg_api.h> |
| #include <wlan_scan_utils_api.h> |
| #include <../../core/src/wlan_scan_cache_db.h> |
| #include <../../core/src/wlan_scan_main.h> |
| #include <wlan_reg_services_api.h> |
| #if defined(WLAN_SAE_SINGLE_PMK) && defined(WLAN_FEATURE_ROAM_OFFLOAD) |
| #include <wlan_mlme_api.h> |
| #endif |
| |
| #define MAX_IE_LEN 1024 |
| #define SHORT_SSID_LEN 4 |
| #define NEIGHBOR_AP_LEN 1 |
| #define BSS_PARAMS_LEN 1 |
| |
| const char* |
| util_scan_get_ev_type_name(enum scan_event_type type) |
| { |
| static const char * const event_name[] = { |
| [SCAN_EVENT_TYPE_STARTED] = "STARTED", |
| [SCAN_EVENT_TYPE_COMPLETED] = "COMPLETED", |
| [SCAN_EVENT_TYPE_BSS_CHANNEL] = "HOME_CHANNEL", |
| [SCAN_EVENT_TYPE_FOREIGN_CHANNEL] = "FOREIGN_CHANNEL", |
| [SCAN_EVENT_TYPE_DEQUEUED] = "DEQUEUED", |
| [SCAN_EVENT_TYPE_PREEMPTED] = "PREEMPTED", |
| [SCAN_EVENT_TYPE_START_FAILED] = "START_FAILED", |
| [SCAN_EVENT_TYPE_RESTARTED] = "RESTARTED", |
| [SCAN_EVENT_TYPE_FOREIGN_CHANNEL_EXIT] = "FOREIGN_CHANNEL_EXIT", |
| [SCAN_EVENT_TYPE_SUSPENDED] = "SUSPENDED", |
| [SCAN_EVENT_TYPE_RESUMED] = "RESUMED", |
| [SCAN_EVENT_TYPE_NLO_COMPLETE] = "NLO_COMPLETE", |
| [SCAN_EVENT_TYPE_NLO_MATCH] = "NLO_MATCH", |
| [SCAN_EVENT_TYPE_INVALID] = "INVALID", |
| [SCAN_EVENT_TYPE_GPIO_TIMEOUT] = "GPIO_TIMEOUT", |
| [SCAN_EVENT_TYPE_RADIO_MEASUREMENT_START] = |
| "RADIO_MEASUREMENT_START", |
| [SCAN_EVENT_TYPE_RADIO_MEASUREMENT_END] = |
| "RADIO_MEASUREMENT_END", |
| [SCAN_EVENT_TYPE_BSSID_MATCH] = "BSSID_MATCH", |
| [SCAN_EVENT_TYPE_FOREIGN_CHANNEL_GET_NF] = |
| "FOREIGN_CHANNEL_GET_NF", |
| }; |
| |
| if (type >= SCAN_EVENT_TYPE_MAX) |
| return "UNKNOWN"; |
| |
| return event_name[type]; |
| } |
| |
| |
| const char* |
| util_scan_get_ev_reason_name(enum scan_completion_reason reason) |
| { |
| static const char * const reason_name[] = { |
| [SCAN_REASON_NONE] = "NONE", |
| [SCAN_REASON_COMPLETED] = "COMPLETED", |
| [SCAN_REASON_CANCELLED] = "CANCELLED", |
| [SCAN_REASON_PREEMPTED] = "PREEMPTED", |
| [SCAN_REASON_TIMEDOUT] = "TIMEDOUT", |
| [SCAN_REASON_INTERNAL_FAILURE] = "INTERNAL_FAILURE", |
| [SCAN_REASON_SUSPENDED] = "SUSPENDED", |
| [SCAN_REASON_RUN_FAILED] = "RUN_FAILED", |
| [SCAN_REASON_TERMINATION_FUNCTION] = "TERMINATION_FUNCTION", |
| [SCAN_REASON_MAX_OFFCHAN_RETRIES] = "MAX_OFFCHAN_RETRIES", |
| [SCAN_REASON_DFS_VIOLATION] = "DFS_NOL_VIOLATION", |
| }; |
| |
| if (reason >= SCAN_REASON_MAX) |
| return "UNKNOWN"; |
| |
| return reason_name[reason]; |
| } |
| |
| qdf_time_t |
| util_get_last_scan_time(struct wlan_objmgr_vdev *vdev) |
| { |
| uint8_t pdev_id; |
| struct wlan_scan_obj *scan_obj; |
| |
| if (!vdev) { |
| scm_warn("null vdev"); |
| QDF_ASSERT(0); |
| return 0; |
| } |
| pdev_id = wlan_scan_vdev_get_pdev_id(vdev); |
| scan_obj = wlan_vdev_get_scan_obj(vdev); |
| |
| if (scan_obj) |
| return scan_obj->pdev_info[pdev_id].last_scan_time; |
| else |
| return 0; |
| } |
| |
| enum wlan_band util_scan_scm_freq_to_band(uint16_t freq) |
| { |
| if (WLAN_REG_IS_24GHZ_CH_FREQ(freq)) |
| return WLAN_BAND_2_4_GHZ; |
| |
| return WLAN_BAND_5_GHZ; |
| } |
| |
| bool util_is_scan_entry_match( |
| struct scan_cache_entry *entry1, |
| struct scan_cache_entry *entry2) |
| { |
| |
| if (entry1->cap_info.wlan_caps.ess != |
| entry2->cap_info.wlan_caps.ess) |
| return false; |
| |
| if (entry1->cap_info.wlan_caps.ess && |
| !qdf_mem_cmp(entry1->bssid.bytes, |
| entry2->bssid.bytes, QDF_MAC_ADDR_SIZE)) { |
| /* Check for BSS */ |
| if (util_is_ssid_match(&entry1->ssid, &entry2->ssid) || |
| util_scan_is_null_ssid(&entry1->ssid) || |
| util_scan_is_null_ssid(&entry2->ssid)) |
| return true; |
| } else if (entry1->cap_info.wlan_caps.ibss && |
| (entry1->channel.chan_freq == |
| entry2->channel.chan_freq)) { |
| /* |
| * Same channel cannot have same SSID for |
| * different IBSS, so no need to check BSSID |
| */ |
| if (util_is_ssid_match( |
| &entry1->ssid, &entry2->ssid)) |
| return true; |
| } else if (!entry1->cap_info.wlan_caps.ibss && |
| !entry1->cap_info.wlan_caps.ess && |
| !qdf_mem_cmp(entry1->bssid.bytes, |
| entry2->bssid.bytes, QDF_MAC_ADDR_SIZE)) { |
| /* In case of P2P devices, ess and ibss will be set to zero */ |
| return true; |
| } |
| |
| return false; |
| } |
| |
| static bool util_is_pureg_rate(uint8_t *rates, uint8_t nrates) |
| { |
| static const uint8_t g_rates[] = {12, 18, 24, 36, 48, 72, 96, 108}; |
| bool pureg = false; |
| uint8_t i, j; |
| |
| for (i = 0; i < nrates; i++) { |
| for (j = 0; j < QDF_ARRAY_SIZE(g_rates); j++) { |
| if (WLAN_RV(rates[i]) == g_rates[j]) { |
| pureg = true; |
| break; |
| } |
| } |
| if (pureg) |
| break; |
| } |
| |
| return pureg; |
| } |
| |
| #ifdef WLAN_FEATURE_11BE |
| static enum wlan_phymode |
| util_scan_get_phymode_11be(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params, |
| enum wlan_phymode phymode, |
| uint8_t band_mask) |
| { |
| struct wlan_ie_ehtops *eht_ops; |
| |
| eht_ops = (struct wlan_ie_ehtops *)util_scan_entry_ehtop(scan_params); |
| if (!util_scan_entry_ehtcap(scan_params) || !eht_ops) |
| return phymode; |
| |
| switch (eht_ops->width) { |
| case WLAN_EHT_CHWIDTH_20: |
| phymode = WLAN_PHYMODE_11BEA_EHT20; |
| break; |
| case WLAN_EHT_CHWIDTH_40: |
| phymode = WLAN_PHYMODE_11BEA_EHT40; |
| break; |
| case WLAN_EHT_CHWIDTH_80: |
| phymode = WLAN_PHYMODE_11BEA_EHT80; |
| break; |
| case WLAN_EHT_CHWIDTH_160: |
| phymode = WLAN_PHYMODE_11BEA_EHT160; |
| break; |
| case WLAN_EHT_CHWIDTH_320: |
| phymode = WLAN_PHYMODE_11BEA_EHT320; |
| break; |
| default: |
| scm_err("Invalid eht_ops width: %d", eht_ops->width); |
| phymode = WLAN_PHYMODE_11BEA_EHT20; |
| break; |
| } |
| |
| scan_params->channel.cfreq0 = |
| wlan_reg_chan_band_to_freq(pdev, |
| eht_ops->chan_freq_seg0, |
| band_mask); |
| scan_params->channel.cfreq1 = |
| wlan_reg_chan_band_to_freq(pdev, |
| eht_ops->chan_freq_seg1, |
| band_mask); |
| scan_params->channel.puncture_bitmap = eht_ops->puncture_pattern; |
| return phymode; |
| } |
| #else |
| static enum wlan_phymode |
| util_scan_get_phymode_11be(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params, |
| enum wlan_phymode phymode, |
| uint8_t band_mask) |
| { |
| return phymode; |
| } |
| #endif |
| |
| #ifdef CONFIG_BAND_6GHZ |
| static struct he_oper_6g_param *util_scan_get_he_6g_params(uint8_t *he_ops) |
| { |
| uint8_t len; |
| uint32_t he_oper_params; |
| |
| if (!he_ops) |
| return NULL; |
| |
| len = he_ops[1]; |
| he_ops += sizeof(struct ie_header); |
| |
| if (len < WLAN_HEOP_FIXED_PARAM_LENGTH) |
| return NULL; |
| |
| /* element id extension */ |
| he_ops++; |
| len--; |
| |
| he_oper_params = LE_READ_4(he_ops); |
| if (!(he_oper_params & WLAN_HEOP_6GHZ_INFO_PRESENT_MASK)) |
| return NULL; |
| |
| /* fixed params - element id extension */ |
| he_ops += WLAN_HEOP_FIXED_PARAM_LENGTH - 1; |
| len -= WLAN_HEOP_FIXED_PARAM_LENGTH - 1; |
| |
| if (!len) |
| return NULL; |
| |
| /* vht oper params */ |
| if (he_oper_params & WLAN_HEOP_VHTOP_PRESENT_MASK) { |
| if (len < WLAN_HEOP_VHTOP_LENGTH) |
| return NULL; |
| he_ops += WLAN_HEOP_VHTOP_LENGTH; |
| len -= WLAN_HEOP_VHTOP_LENGTH; |
| } |
| |
| if (!len) |
| return NULL; |
| |
| if (he_oper_params & WLAN_HEOP_CO_LOCATED_BSS_MASK) { |
| he_ops += WLAN_HEOP_CO_LOCATED_BSS_LENGTH; |
| len -= WLAN_HEOP_CO_LOCATED_BSS_LENGTH; |
| } |
| |
| if (len < sizeof(struct he_oper_6g_param)) |
| return NULL; |
| |
| return (struct he_oper_6g_param *)he_ops; |
| } |
| |
| static QDF_STATUS |
| util_scan_get_chan_from_he_6g_params(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params, |
| qdf_freq_t *chan_freq, |
| bool *he_6g_dup_bcon, uint8_t band_mask) |
| { |
| struct he_oper_6g_param *he_6g_params; |
| uint8_t *he_ops; |
| struct wlan_scan_obj *scan_obj; |
| struct wlan_objmgr_psoc *psoc; |
| |
| psoc = wlan_pdev_get_psoc(pdev); |
| if (!psoc) { |
| scm_err("psoc is NULL"); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| scan_obj = wlan_psoc_get_scan_obj(psoc); |
| if (!scan_obj) { |
| scm_err("scan_obj is NULL"); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| *he_6g_dup_bcon = false; |
| |
| he_ops = util_scan_entry_heop(scan_params); |
| if (!util_scan_entry_hecap(scan_params) || !he_ops) |
| return QDF_STATUS_SUCCESS; |
| |
| he_6g_params = util_scan_get_he_6g_params(he_ops); |
| if (!he_6g_params) |
| return QDF_STATUS_SUCCESS; |
| |
| *chan_freq = wlan_reg_chan_band_to_freq(pdev, |
| he_6g_params->primary_channel, |
| band_mask); |
| if (scan_obj->drop_bcn_on_invalid_freq && |
| wlan_reg_is_disable_for_freq(pdev, *chan_freq)) { |
| scm_debug_rl(QDF_MAC_ADDR_FMT": Drop as invalid channel %d freq %d in HE 6Ghz params", |
| QDF_MAC_ADDR_REF(scan_params->bssid.bytes), |
| he_6g_params->primary_channel, *chan_freq); |
| return QDF_STATUS_E_INVAL; |
| } |
| *he_6g_dup_bcon = he_6g_params->duplicate_beacon ? true : false; |
| |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| static enum wlan_phymode |
| util_scan_get_phymode_6g(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params) |
| { |
| struct he_oper_6g_param *he_6g_params; |
| enum wlan_phymode phymode = WLAN_PHYMODE_11AXA_HE20; |
| uint8_t *he_ops; |
| uint8_t band_mask = BIT(REG_BAND_6G); |
| |
| he_ops = util_scan_entry_heop(scan_params); |
| if (!util_scan_entry_hecap(scan_params) || !he_ops) |
| return phymode; |
| |
| he_6g_params = util_scan_get_he_6g_params(he_ops); |
| if (!he_6g_params) |
| return phymode; |
| |
| switch (he_6g_params->width) { |
| case WLAN_HE_6GHZ_CHWIDTH_20: |
| phymode = WLAN_PHYMODE_11AXA_HE20; |
| break; |
| case WLAN_HE_6GHZ_CHWIDTH_40: |
| phymode = WLAN_PHYMODE_11AXA_HE40; |
| break; |
| case WLAN_HE_6GHZ_CHWIDTH_80: |
| phymode = WLAN_PHYMODE_11AXA_HE80; |
| break; |
| case WLAN_HE_6GHZ_CHWIDTH_160_80_80: |
| if (WLAN_IS_HE80_80(he_6g_params)) |
| phymode = WLAN_PHYMODE_11AXA_HE80_80; |
| else if (WLAN_IS_HE160(he_6g_params)) |
| phymode = WLAN_PHYMODE_11AXA_HE160; |
| else |
| phymode = WLAN_PHYMODE_11AXA_HE80; |
| break; |
| default: |
| scm_err("Invalid he_6g_params width: %d", he_6g_params->width); |
| phymode = WLAN_PHYMODE_11AXA_HE20; |
| break; |
| } |
| |
| if (he_6g_params->chan_freq_seg0) |
| scan_params->channel.cfreq0 = |
| wlan_reg_chan_band_to_freq(pdev, |
| he_6g_params->chan_freq_seg0, |
| band_mask); |
| if (he_6g_params->chan_freq_seg1) |
| scan_params->channel.cfreq1 = |
| wlan_reg_chan_band_to_freq(pdev, |
| he_6g_params->chan_freq_seg1, |
| band_mask); |
| |
| phymode = util_scan_get_phymode_11be(pdev, scan_params, |
| phymode, band_mask); |
| |
| return phymode; |
| } |
| |
| uint8_t |
| util_scan_get_6g_oper_channel(uint8_t *he_op_ie) |
| { |
| struct he_oper_6g_param *he_6g_params; |
| |
| he_6g_params = util_scan_get_he_6g_params(he_op_ie); |
| if (!he_6g_params) |
| return 0; |
| |
| return he_6g_params->primary_channel; |
| } |
| |
| #else |
| static QDF_STATUS |
| util_scan_get_chan_from_he_6g_params(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params, |
| qdf_freq_t *chan_freq, |
| bool *he_6g_dup_bcon, |
| uint8_t band_mask) |
| { |
| return QDF_STATUS_SUCCESS; |
| } |
| static inline enum wlan_phymode |
| util_scan_get_phymode_6g(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params) |
| { |
| return WLAN_PHYMODE_AUTO; |
| } |
| #endif |
| |
| static inline |
| uint32_t util_scan_sec_chan_freq_from_htinfo(struct wlan_ie_htinfo_cmn *htinfo, |
| uint32_t primary_chan_freq) |
| { |
| if (htinfo->hi_extchoff == WLAN_HTINFO_EXTOFFSET_ABOVE) |
| return primary_chan_freq + WLAN_CHAN_SPACING_20MHZ; |
| else if (htinfo->hi_extchoff == WLAN_HTINFO_EXTOFFSET_BELOW) |
| return primary_chan_freq - WLAN_CHAN_SPACING_20MHZ; |
| |
| return 0; |
| } |
| |
| static enum wlan_phymode |
| util_scan_get_phymode_5g(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params) |
| { |
| enum wlan_phymode phymode = WLAN_PHYMODE_AUTO; |
| uint16_t ht_cap = 0; |
| struct htcap_cmn_ie *htcap; |
| struct wlan_ie_htinfo_cmn *htinfo; |
| struct wlan_ie_vhtop *vhtop; |
| uint8_t band_mask = BIT(REG_BAND_5G); |
| |
| htcap = (struct htcap_cmn_ie *) |
| util_scan_entry_htcap(scan_params); |
| htinfo = (struct wlan_ie_htinfo_cmn *) |
| util_scan_entry_htinfo(scan_params); |
| vhtop = (struct wlan_ie_vhtop *) |
| util_scan_entry_vhtop(scan_params); |
| |
| if (!(htcap && htinfo)) |
| return WLAN_PHYMODE_11A; |
| |
| if (htcap) |
| ht_cap = le16toh(htcap->hc_cap); |
| |
| if (ht_cap & WLAN_HTCAP_C_CHWIDTH40) |
| phymode = WLAN_PHYMODE_11NA_HT40; |
| else |
| phymode = WLAN_PHYMODE_11NA_HT20; |
| |
| scan_params->channel.cfreq0 = |
| util_scan_sec_chan_freq_from_htinfo(htinfo, |
| scan_params->channel.chan_freq); |
| |
| if (util_scan_entry_vhtcap(scan_params) && vhtop) { |
| switch (vhtop->vht_op_chwidth) { |
| case WLAN_VHTOP_CHWIDTH_2040: |
| if (ht_cap & WLAN_HTCAP_C_CHWIDTH40) |
| phymode = WLAN_PHYMODE_11AC_VHT40; |
| else |
| phymode = WLAN_PHYMODE_11AC_VHT20; |
| break; |
| case WLAN_VHTOP_CHWIDTH_80: |
| if (WLAN_IS_REVSIG_VHT80_80(vhtop)) |
| phymode = WLAN_PHYMODE_11AC_VHT80_80; |
| else if (WLAN_IS_REVSIG_VHT160(vhtop)) |
| phymode = WLAN_PHYMODE_11AC_VHT160; |
| else |
| phymode = WLAN_PHYMODE_11AC_VHT80; |
| break; |
| case WLAN_VHTOP_CHWIDTH_160: |
| phymode = WLAN_PHYMODE_11AC_VHT160; |
| break; |
| case WLAN_VHTOP_CHWIDTH_80_80: |
| phymode = WLAN_PHYMODE_11AC_VHT80_80; |
| break; |
| default: |
| scm_err("bad channel: %d", |
| vhtop->vht_op_chwidth); |
| phymode = WLAN_PHYMODE_11AC_VHT20; |
| break; |
| } |
| if (vhtop->vht_op_ch_freq_seg1) |
| scan_params->channel.cfreq0 = |
| wlan_reg_chan_band_to_freq(pdev, |
| vhtop->vht_op_ch_freq_seg1, |
| band_mask); |
| if (vhtop->vht_op_ch_freq_seg2) |
| scan_params->channel.cfreq1 = |
| wlan_reg_chan_band_to_freq(pdev, |
| vhtop->vht_op_ch_freq_seg2, |
| band_mask); |
| } |
| |
| if (!util_scan_entry_hecap(scan_params)) |
| return phymode; |
| |
| /* for 5Ghz Check for HE, only if VHT cap and HE cap are present */ |
| if (!IS_WLAN_PHYMODE_VHT(phymode)) |
| return phymode; |
| |
| switch (phymode) { |
| case WLAN_PHYMODE_11AC_VHT20: |
| phymode = WLAN_PHYMODE_11AXA_HE20; |
| break; |
| case WLAN_PHYMODE_11AC_VHT40: |
| phymode = WLAN_PHYMODE_11AXA_HE40; |
| break; |
| case WLAN_PHYMODE_11AC_VHT80: |
| phymode = WLAN_PHYMODE_11AXA_HE80; |
| break; |
| case WLAN_PHYMODE_11AC_VHT160: |
| phymode = WLAN_PHYMODE_11AXA_HE160; |
| break; |
| case WLAN_PHYMODE_11AC_VHT80_80: |
| phymode = WLAN_PHYMODE_11AXA_HE80_80; |
| break; |
| default: |
| phymode = WLAN_PHYMODE_11AXA_HE20; |
| break; |
| } |
| |
| phymode = util_scan_get_phymode_11be(pdev, scan_params, |
| phymode, band_mask); |
| |
| return phymode; |
| } |
| |
| #ifdef WLAN_FEATURE_11BE |
| static enum wlan_phymode |
| util_scan_get_phymode_2g_11be(struct scan_cache_entry *scan_params, |
| enum wlan_phymode phymode) |
| { |
| if (!util_scan_entry_ehtcap(scan_params)) |
| return phymode; |
| |
| if (phymode == WLAN_PHYMODE_11AXG_HE40PLUS) |
| phymode = WLAN_PHYMODE_11BEG_EHT40PLUS; |
| else if (phymode == WLAN_PHYMODE_11AXG_HE40MINUS) |
| phymode = WLAN_PHYMODE_11BEG_EHT40MINUS; |
| else |
| phymode = WLAN_PHYMODE_11BEG_EHT20; |
| |
| return phymode; |
| } |
| #else |
| static enum wlan_phymode |
| util_scan_get_phymode_2g_11be(struct scan_cache_entry *scan_params, |
| enum wlan_phymode phymode) |
| { |
| return phymode; |
| } |
| #endif |
| |
| static enum wlan_phymode |
| util_scan_get_phymode_2g(struct scan_cache_entry *scan_params) |
| { |
| enum wlan_phymode phymode = WLAN_PHYMODE_AUTO; |
| uint16_t ht_cap = 0; |
| struct htcap_cmn_ie *htcap; |
| struct wlan_ie_htinfo_cmn *htinfo; |
| struct wlan_ie_vhtop *vhtop; |
| |
| htcap = (struct htcap_cmn_ie *) |
| util_scan_entry_htcap(scan_params); |
| htinfo = (struct wlan_ie_htinfo_cmn *) |
| util_scan_entry_htinfo(scan_params); |
| vhtop = (struct wlan_ie_vhtop *) |
| util_scan_entry_vhtop(scan_params); |
| |
| if (htcap) |
| ht_cap = le16toh(htcap->hc_cap); |
| |
| if (htcap && htinfo) { |
| if ((ht_cap & WLAN_HTCAP_C_CHWIDTH40) && |
| (htinfo->hi_extchoff == WLAN_HTINFO_EXTOFFSET_ABOVE)) |
| phymode = WLAN_PHYMODE_11NG_HT40PLUS; |
| else if ((ht_cap & WLAN_HTCAP_C_CHWIDTH40) && |
| (htinfo->hi_extchoff == WLAN_HTINFO_EXTOFFSET_BELOW)) |
| phymode = WLAN_PHYMODE_11NG_HT40MINUS; |
| else |
| phymode = WLAN_PHYMODE_11NG_HT20; |
| } else if (util_scan_entry_xrates(scan_params)) { |
| /* only 11G stations will have more than 8 rates */ |
| phymode = WLAN_PHYMODE_11G; |
| } else { |
| /* Some mischievous g-only APs do not set extended rates */ |
| if (util_scan_entry_rates(scan_params)) { |
| if (util_is_pureg_rate(&scan_params->ie_list.rates[2], |
| scan_params->ie_list.rates[1])) |
| phymode = WLAN_PHYMODE_11G; |
| else |
| phymode = WLAN_PHYMODE_11B; |
| } else { |
| phymode = WLAN_PHYMODE_11B; |
| } |
| } |
| |
| /* Check for VHT only if HT cap is present */ |
| if (!IS_WLAN_PHYMODE_HT(phymode)) |
| return phymode; |
| |
| scan_params->channel.cfreq0 = |
| util_scan_sec_chan_freq_from_htinfo(htinfo, |
| scan_params->channel.chan_freq); |
| |
| if (util_scan_entry_vhtcap(scan_params) && vhtop) { |
| switch (vhtop->vht_op_chwidth) { |
| case WLAN_VHTOP_CHWIDTH_2040: |
| if (phymode == WLAN_PHYMODE_11NG_HT40PLUS) |
| phymode = WLAN_PHYMODE_11AC_VHT40PLUS_2G; |
| else if (phymode == WLAN_PHYMODE_11NG_HT40MINUS) |
| phymode = WLAN_PHYMODE_11AC_VHT40MINUS_2G; |
| else |
| phymode = WLAN_PHYMODE_11AC_VHT20_2G; |
| |
| break; |
| default: |
| scm_info("bad vht_op_chwidth: %d", |
| vhtop->vht_op_chwidth); |
| phymode = WLAN_PHYMODE_11AC_VHT20_2G; |
| break; |
| } |
| } |
| |
| if (!util_scan_entry_hecap(scan_params)) |
| return phymode; |
| |
| if (phymode == WLAN_PHYMODE_11AC_VHT40PLUS_2G || |
| phymode == WLAN_PHYMODE_11NG_HT40PLUS) |
| phymode = WLAN_PHYMODE_11AXG_HE40PLUS; |
| else if (phymode == WLAN_PHYMODE_11AC_VHT40MINUS_2G || |
| phymode == WLAN_PHYMODE_11NG_HT40MINUS) |
| phymode = WLAN_PHYMODE_11AXG_HE40MINUS; |
| else |
| phymode = WLAN_PHYMODE_11AXG_HE20; |
| |
| phymode = util_scan_get_phymode_2g_11be(scan_params, phymode); |
| |
| return phymode; |
| } |
| |
| static enum wlan_phymode |
| util_scan_get_phymode(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params) |
| { |
| if (WLAN_REG_IS_24GHZ_CH_FREQ(scan_params->channel.chan_freq)) |
| return util_scan_get_phymode_2g(scan_params); |
| else if (WLAN_REG_IS_6GHZ_CHAN_FREQ(scan_params->channel.chan_freq)) |
| return util_scan_get_phymode_6g(pdev, scan_params); |
| else |
| return util_scan_get_phymode_5g(pdev, scan_params); |
| } |
| |
| static QDF_STATUS |
| util_scan_parse_chan_switch_wrapper_ie(struct scan_cache_entry *scan_params, |
| struct ie_header *sub_ie, qdf_size_t sub_ie_len) |
| { |
| /* Walk through to check nothing is malformed */ |
| while (sub_ie_len >= sizeof(struct ie_header)) { |
| /* At least one more header is present */ |
| sub_ie_len -= sizeof(struct ie_header); |
| |
| if (sub_ie->ie_len == 0) { |
| sub_ie += 1; |
| continue; |
| } |
| if (sub_ie_len < sub_ie->ie_len) { |
| scm_debug_rl(QDF_MAC_ADDR_FMT": Incomplete corrupted IE:%x", |
| QDF_MAC_ADDR_REF(scan_params->bssid.bytes), |
| WLAN_ELEMID_CHAN_SWITCH_WRAP); |
| return QDF_STATUS_E_INVAL; |
| } |
| switch (sub_ie->ie_id) { |
| case WLAN_ELEMID_COUNTRY: |
| if (sub_ie->ie_len < WLAN_COUNTRY_IE_MIN_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.country = (uint8_t *)sub_ie; |
| break; |
| case WLAN_ELEMID_WIDE_BAND_CHAN_SWITCH: |
| if (sub_ie->ie_len < WLAN_WIDE_BW_CHAN_SWITCH_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.widebw = (uint8_t *)sub_ie; |
| break; |
| case WLAN_ELEMID_VHT_TX_PWR_ENVLP: |
| if (sub_ie->ie_len > WLAN_TPE_IE_MAX_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.txpwrenvlp = (uint8_t *)sub_ie; |
| break; |
| } |
| /* Consume sub info element */ |
| sub_ie_len -= sub_ie->ie_len; |
| /* go to next Sub IE */ |
| sub_ie = (struct ie_header *) |
| (((uint8_t *) sub_ie) + |
| sizeof(struct ie_header) + sub_ie->ie_len); |
| } |
| |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| bool |
| util_scan_is_hidden_ssid(struct ie_ssid *ssid) |
| { |
| uint8_t i; |
| |
| /* |
| * We flag this as Hidden SSID if the Length is 0 |
| * of the SSID only contains 0's |
| */ |
| if (!ssid || !ssid->ssid_len) |
| return true; |
| |
| for (i = 0; i < ssid->ssid_len; i++) |
| if (ssid->ssid[i] != 0) |
| return false; |
| |
| /* All 0's */ |
| return true; |
| } |
| |
| #ifdef WLAN_FEATURE_11BE_MLO |
| static void |
| util_scan_update_rnr_mld(struct rnr_bss_info *rnr, |
| struct neighbor_ap_info_field *ap_info, uint8_t *data) |
| { |
| uint8_t tbtt_info_length; |
| bool mld_info_present = false; |
| |
| tbtt_info_length = ap_info->tbtt_header.tbtt_info_length; |
| if (tbtt_info_length >= |
| TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM_20MHZ_PSD_MLD_PARAM) |
| tbtt_info_length = |
| TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM_20MHZ_PSD_MLD_PARAM; |
| |
| switch (tbtt_info_length) { |
| case TBTT_NEIGHBOR_AP_MLD_PARAM: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->mld_info, &data[1], |
| sizeof(struct rnr_mld_info)); |
| mld_info_present = true; |
| break; |
| case TBTT_NEIGHBOR_AP_BSSID_MLD_PARAM: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| qdf_mem_copy(&rnr->mld_info, &data[1 + QDF_MAC_ADDR_SIZE], |
| sizeof(struct rnr_mld_info)); |
| mld_info_present = true; |
| break; |
| case TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM_20MHZ_PSD_MLD_PARAM: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| qdf_mem_copy(&rnr->short_ssid, &data[7], SHORT_SSID_LEN); |
| rnr->bss_params = data[11]; |
| rnr->psd_20mhz = data[12]; |
| qdf_mem_copy(&rnr->mld_info, &data[13], |
| sizeof(struct rnr_mld_info)); |
| mld_info_present = true; |
| break; |
| }; |
| } |
| #else |
| static void |
| util_scan_update_rnr_mld(struct rnr_bss_info *rnr, |
| struct neighbor_ap_info_field *ap_info, uint8_t *data) |
| { |
| scm_debug("Wrong fieldtype"); |
| } |
| #endif |
| |
| static QDF_STATUS |
| util_scan_update_rnr(struct rnr_bss_info *rnr, |
| struct neighbor_ap_info_field *ap_info, |
| uint8_t *data) |
| { |
| uint8_t tbtt_info_length; |
| |
| tbtt_info_length = ap_info->tbtt_header.tbtt_info_length; |
| |
| switch (tbtt_info_length) { |
| case TBTT_NEIGHBOR_AP_OFFSET_ONLY: |
| /* Dont store it skip*/ |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSS_PARAM: |
| /* Dont store it skip*/ |
| break; |
| |
| case TBTT_NEIGHBOR_AP_SHORTSSID: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->short_ssid, &data[1], SHORT_SSID_LEN); |
| break; |
| |
| case TBTT_NEIGHBOR_AP_S_SSID_BSS_PARAM: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->short_ssid, &data[1], SHORT_SSID_LEN); |
| rnr->bss_params = data[5]; |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSSID: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSSID_BSS_PARAM: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| rnr->bss_params = data[7]; |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSSID_BSS_PARAM_20MHZ_PSD: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| rnr->bss_params = data[7]; |
| rnr->psd_20mhz = data[8]; |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSSSID_S_SSID: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| qdf_mem_copy(&rnr->short_ssid, &data[7], SHORT_SSID_LEN); |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| qdf_mem_copy(&rnr->short_ssid, &data[7], SHORT_SSID_LEN); |
| rnr->bss_params = data[11]; |
| break; |
| |
| case TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM_20MHZ_PSD: |
| rnr->channel_number = ap_info->channel_number; |
| rnr->operating_class = ap_info->operting_class; |
| qdf_mem_copy(&rnr->bssid, &data[1], QDF_MAC_ADDR_SIZE); |
| qdf_mem_copy(&rnr->short_ssid, &data[7], SHORT_SSID_LEN); |
| rnr->bss_params = data[11]; |
| rnr->psd_20mhz = data[12]; |
| break; |
| |
| default: |
| util_scan_update_rnr_mld(rnr, ap_info, data); |
| } |
| |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| static QDF_STATUS |
| util_scan_parse_rnr_ie(struct scan_cache_entry *scan_entry, |
| struct ie_header *ie) |
| { |
| uint32_t rnr_ie_len; |
| uint16_t tbtt_count, tbtt_length, i, fieldtype; |
| uint8_t *data; |
| struct neighbor_ap_info_field *neighbor_ap_info; |
| |
| rnr_ie_len = ie->ie_len; |
| data = (uint8_t *)ie + sizeof(struct ie_header); |
| |
| while (data < ((uint8_t *)ie + rnr_ie_len + 2)) { |
| neighbor_ap_info = (struct neighbor_ap_info_field *)data; |
| tbtt_count = neighbor_ap_info->tbtt_header.tbtt_info_count; |
| tbtt_length = neighbor_ap_info->tbtt_header.tbtt_info_length; |
| fieldtype = neighbor_ap_info->tbtt_header.tbbt_info_fieldtype; |
| scm_debug("channel number %d, op class %d", |
| neighbor_ap_info->channel_number, |
| neighbor_ap_info->operting_class); |
| scm_debug("tbtt_count %d, tbtt_length %d, fieldtype %d", |
| tbtt_count, tbtt_length, fieldtype); |
| data += sizeof(struct neighbor_ap_info_field); |
| |
| if (tbtt_count > TBTT_INFO_COUNT) |
| break; |
| |
| for (i = 0; i < (tbtt_count + 1) && |
| data < ((uint8_t *)ie + rnr_ie_len + 2); i++) { |
| if (i < MAX_RNR_BSS) |
| util_scan_update_rnr( |
| &scan_entry->rnr.bss_info[i], |
| neighbor_ap_info, |
| data); |
| data += tbtt_length; |
| } |
| } |
| |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| #ifdef WLAN_FEATURE_11BE_MLO |
| static void util_scan_parse_eht_ie(struct scan_cache_entry *scan_params, |
| struct extn_ie_header *extn_ie) |
| { |
| switch (extn_ie->ie_extn_id) { |
| case WLAN_EXTN_ELEMID_MULTI_LINK: |
| scan_params->ie_list.multi_link = (uint8_t *)extn_ie; |
| break; |
| default: |
| break; |
| } |
| } |
| #else |
| static void util_scan_parse_eht_ie(struct scan_cache_entry *scan_params, |
| struct extn_ie_header *extn_ie) |
| { |
| } |
| #endif |
| |
| static QDF_STATUS |
| util_scan_parse_extn_ie(struct scan_cache_entry *scan_params, |
| struct ie_header *ie) |
| { |
| struct extn_ie_header *extn_ie = (struct extn_ie_header *) ie; |
| |
| switch (extn_ie->ie_extn_id) { |
| case WLAN_EXTN_ELEMID_MAX_CHAN_SWITCH_TIME: |
| if (extn_ie->ie_len != WLAN_MAX_CHAN_SWITCH_TIME_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.mcst = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_SRP: |
| if (extn_ie->ie_len > WLAN_MAX_SRP_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.srp = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_HECAP: |
| scan_params->ie_list.hecap = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_HEOP: |
| if (extn_ie->ie_len > WLAN_MAX_HEOP_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.heop = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_ESP: |
| scan_params->ie_list.esp = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_MUEDCA: |
| if (extn_ie->ie_len > WLAN_MAX_MUEDCA_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.muedca = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_HE_6G_CAP: |
| if (extn_ie->ie_len > WLAN_MAX_HE_6G_CAP_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.hecap_6g = (uint8_t *)ie; |
| break; |
| #ifdef WLAN_FEATURE_11BE |
| case WLAN_EXTN_ELEMID_EHTCAP: |
| scan_params->ie_list.ehtcap = (uint8_t *)ie; |
| break; |
| case WLAN_EXTN_ELEMID_EHTOP: |
| scan_params->ie_list.ehtop = (uint8_t *)ie; |
| break; |
| #endif |
| default: |
| break; |
| } |
| util_scan_parse_eht_ie(scan_params, extn_ie); |
| |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| static QDF_STATUS |
| util_scan_parse_vendor_ie(struct scan_cache_entry *scan_params, |
| struct ie_header *ie) |
| { |
| if (!scan_params->ie_list.vendor) |
| scan_params->ie_list.vendor = (uint8_t *)ie; |
| |
| if (is_wpa_oui((uint8_t *)ie)) { |
| scan_params->ie_list.wpa = (uint8_t *)ie; |
| } else if (is_wps_oui((uint8_t *)ie)) { |
| scan_params->ie_list.wps = (uint8_t *)ie; |
| /* WCN IE should be a subset of WPS IE */ |
| if (is_wcn_oui((uint8_t *)ie)) |
| scan_params->ie_list.wcn = (uint8_t *)ie; |
| } else if (is_wme_param((uint8_t *)ie)) { |
| if (ie->ie_len > WLAN_VENDOR_WME_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| |
| scan_params->ie_list.wmeparam = (uint8_t *)ie; |
| } else if (is_wme_info((uint8_t *)ie)) { |
| scan_params->ie_list.wmeinfo = (uint8_t *)ie; |
| } else if (is_atheros_oui((uint8_t *)ie)) { |
| if (ie->ie_len > WLAN_VENDOR_ATHCAPS_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| |
| scan_params->ie_list.athcaps = (uint8_t *)ie; |
| } else if (is_atheros_extcap_oui((uint8_t *)ie)) { |
| if (ie->ie_len > WLAN_VENDOR_ATH_EXTCAP_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| |
| scan_params->ie_list.athextcaps = (uint8_t *)ie; |
| } else if (is_sfa_oui((uint8_t *)ie)) { |
| if (ie->ie_len > WLAN_VENDOR_SFA_IE_LEN) |
| return QDF_STATUS_E_INVAL; |
| |
| scan_params->ie_list.sfa = (uint8_t *)ie; |
| } else if (is_p2p_oui((uint8_t *)ie)) { |
| scan_params->ie_list.p2p = (uint8_t *)ie; |
| } else if (is_qca_son_oui((uint8_t *)ie, |
| QCA_OUI_WHC_AP_INFO_SUBTYPE)) { |
| |
| scan_params->ie_list.sonadv = (uint8_t *)ie; |
| } else if (is_ht_cap((uint8_t *)ie)) { |
| /* we only care if there isn't already an HT IE (ANA) */ |
| if (!scan_params->ie_list.htcap) { |
| if (ie->ie_len != (WLAN_VENDOR_HT_IE_OFFSET_LEN + |
| sizeof(struct htcap_cmn_ie))) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.htcap = |
| (uint8_t *)&(((struct wlan_vendor_ie_htcap *)ie)->ie); |
| } |
| } else if (is_ht_info((uint8_t *)ie)) { |
| /* we only care if there isn't already an HT IE (ANA) */ |
| if (!scan_params->ie_list.htinfo) { |
| if (ie->ie_len != WLAN_VENDOR_HT_IE_OFFSET_LEN + |
| sizeof(struct wlan_ie_htinfo_cmn)) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.htinfo = |
| (uint8_t *)&(((struct wlan_vendor_ie_htinfo *) |
| ie)->hi_ie); |
| } |
| } else if (is_interop_vht((uint8_t *)ie) && |
| !(scan_params->ie_list.vhtcap)) { |
| uint8_t *vendor_ie = (uint8_t *)(ie); |
| |
| if (ie->ie_len < ((WLAN_VENDOR_VHTCAP_IE_OFFSET + |
| sizeof(struct wlan_ie_vhtcaps)) - |
| sizeof(struct ie_header))) |
| return QDF_STATUS_E_INVAL; |
| vendor_ie = ((uint8_t *)(ie)) + WLAN_VENDOR_VHTCAP_IE_OFFSET; |
| if (vendor_ie[1] != (sizeof(struct wlan_ie_vhtcaps)) - |
| sizeof(struct ie_header)) |
| return QDF_STATUS_E_INVAL; |
| /* location where Interop Vht Cap IE and VHT OP IE Present */ |
| scan_params->ie_list.vhtcap = (((uint8_t *)(ie)) + |
| WLAN_VENDOR_VHTCAP_IE_OFFSET); |
| if (ie->ie_len > ((WLAN_VENDOR_VHTCAP_IE_OFFSET + |
| sizeof(struct wlan_ie_vhtcaps)) - |
| sizeof(struct ie_header))) { |
| if (ie->ie_len < ((WLAN_VENDOR_VHTOP_IE_OFFSET + |
| sizeof(struct wlan_ie_vhtop)) - |
| sizeof(struct ie_header))) |
| return QDF_STATUS_E_INVAL; |
| vendor_ie = ((uint8_t *)(ie)) + |
| WLAN_VENDOR_VHTOP_IE_OFFSET; |
| if (vendor_ie[1] != (sizeof(struct wlan_ie_vhtop) - |
| sizeof(struct ie_header))) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.vhtop = (((uint8_t *)(ie)) + |
| WLAN_VENDOR_VHTOP_IE_OFFSET); |
| } |
| } else if (is_bwnss_oui((uint8_t *)ie)) { |
| /* |
| * Bandwidth-NSS map has sub-type & version. |
| * hence copy data just after version byte |
| */ |
| if (ie->ie_len > WLAN_BWNSS_MAP_OFFSET) |
| scan_params->ie_list.bwnss_map = (((uint8_t *)ie) + 8); |
| } else if (is_mbo_oce_oui((uint8_t *)ie)) { |
| scan_params->ie_list.mbo_oce = (uint8_t *)ie; |
| } else if (is_extender_oui((uint8_t *)ie)) { |
| scan_params->ie_list.extender = (uint8_t *)ie; |
| } else if (is_adaptive_11r_oui((uint8_t *)ie)) { |
| if ((ie->ie_len < OUI_LENGTH) || |
| (ie->ie_len > MAX_ADAPTIVE_11R_IE_LEN)) |
| return QDF_STATUS_E_INVAL; |
| |
| scan_params->ie_list.adaptive_11r = (uint8_t *)ie + |
| sizeof(struct ie_header); |
| } else if (is_sae_single_pmk_oui((uint8_t *)ie)) { |
| if ((ie->ie_len < OUI_LENGTH) || |
| (ie->ie_len > MAX_SAE_SINGLE_PMK_IE_LEN)) { |
| scm_debug("Invalid sae single pmk OUI"); |
| return QDF_STATUS_E_INVAL; |
| } |
| scan_params->ie_list.single_pmk = (uint8_t *)ie + |
| sizeof(struct ie_header); |
| } |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| static QDF_STATUS |
| util_scan_populate_bcn_ie_list(struct wlan_objmgr_pdev *pdev, |
| struct scan_cache_entry *scan_params, |
| qdf_freq_t *chan_freq, uint8_t band_mask) |
| { |
| struct ie_header *ie, *sub_ie; |
| uint32_t ie_len, sub_ie_len; |
| QDF_STATUS status; |
| uint8_t chan_idx; |
| struct wlan_scan_obj *scan_obj; |
| struct wlan_objmgr_psoc *psoc; |
| uint8_t tpe_idx = 0; |
| |
| psoc = wlan_pdev_get_psoc(pdev); |
| if (!psoc) { |
| scm_err("psoc is NULL"); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| scan_obj = wlan_psoc_get_scan_obj(psoc); |
| if (!scan_obj) { |
| scm_err("scan_obj is NULL"); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| ie_len = util_scan_entry_ie_len(scan_params); |
| ie = (struct ie_header *) |
| util_scan_entry_ie_data(scan_params); |
| |
| while (ie_len >= sizeof(struct ie_header)) { |
| ie_len -= sizeof(struct ie_header); |
| |
| if (!ie->ie_len) { |
| ie += 1; |
| continue; |
| } |
| |
| if (ie_len < ie->ie_len) { |
| if (scan_obj->allow_bss_with_incomplete_ie) { |
| scm_debug(QDF_MAC_ADDR_FMT": Scan allowed with incomplete corrupted IE:%x, ie_len: %d, ie->ie_len: %d, stop processing further", |
| QDF_MAC_ADDR_REF(scan_params->bssid.bytes), |
| ie->ie_id, ie_len, ie->ie_len); |
| break; |
| } |
| scm_debug(QDF_MAC_ADDR_FMT": Scan not allowed with incomplete corrupted IE:%x, ie_len: %d, ie->ie_len: %d, stop processing further", |
| QDF_MAC_ADDR_REF(scan_params->bssid.bytes), |
| ie->ie_id, ie_len, ie->ie_len); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| switch (ie->ie_id) { |
| case WLAN_ELEMID_SSID: |
| if (ie->ie_len > (sizeof(struct ie_ssid) - |
| sizeof(struct ie_header))) |
| goto err; |
| scan_params->ie_list.ssid = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_RATES: |
| if (ie->ie_len > WLAN_SUPPORTED_RATES_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.rates = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_DSPARMS: |
| if (ie->ie_len != WLAN_DS_PARAM_IE_MAX_LEN) |
| return QDF_STATUS_E_INVAL; |
| scan_params->ie_list.ds_param = (uint8_t *)ie; |
| chan_idx = ((struct ds_ie *)ie)->cur_chan; |
| *chan_freq = wlan_reg_chan_band_to_freq(pdev, chan_idx, |
| band_mask); |
| /* Drop if invalid freq */ |
| if (scan_obj->drop_bcn_on_invalid_freq && |
| !wlan_reg_is_freq_present_in_cur_chan_list(pdev, |
| *chan_freq)) { |
| scm_debug(QDF_MAC_ADDR_FMT": Drop as invalid chan %d in DS IE, freq %d, band_mask %d", |
| QDF_MAC_ADDR_REF( |
| scan_params->bssid.bytes), |
| chan_idx, *chan_freq, band_mask); |
| return QDF_STATUS_E_INVAL; |
| } |
| break; |
| case WLAN_ELEMID_TIM: |
| if (ie->ie_len < WLAN_TIM_IE_MIN_LENGTH) |
| goto err; |
| scan_params->ie_list.tim = (uint8_t *)ie; |
| scan_params->dtim_period = |
| ((struct wlan_tim_ie *)ie)->tim_period; |
| break; |
| case WLAN_ELEMID_COUNTRY: |
| if (ie->ie_len < WLAN_COUNTRY_IE_MIN_LEN) |
| goto err; |
| scan_params->ie_list.country = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_QBSS_LOAD: |
| if (ie->ie_len != sizeof(struct qbss_load_ie) - |
| sizeof(struct ie_header)) { |
| /* |
| * Expected QBSS IE length is 5Bytes; For some |
| * old cisco AP, QBSS IE length is 4Bytes, which |
| * doesn't match with latest spec, So ignore |
| * QBSS IE in such case. |
| */ |
| break; |
| } |
| scan_params->ie_list.qbssload = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_CHANSWITCHANN: |
| if (ie->ie_len != WLAN_CSA_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.csa = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_IBSSDFS: |
| if (ie->ie_len < WLAN_IBSSDFS_IE_MIN_LEN) |
| goto err; |
| scan_params->ie_list.ibssdfs = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_QUIET: |
| if (ie->ie_len != WLAN_QUIET_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.quiet = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_ERP: |
| if (ie->ie_len != (sizeof(struct erp_ie) - |
| sizeof(struct ie_header))) |
| goto err; |
| scan_params->erp = ((struct erp_ie *)ie)->value; |
| break; |
| case WLAN_ELEMID_HTCAP_ANA: |
| if (ie->ie_len == sizeof(struct htcap_cmn_ie)) { |
| scan_params->ie_list.htcap = |
| (uint8_t *)&(((struct htcap_ie *)ie)->ie); |
| } |
| break; |
| case WLAN_ELEMID_RSN: |
| /* |
| * For security cert TC, RSNIE length can be 1 but if |
| * beacon is dropped, old entry will remain in scan |
| * cache and cause cert TC failure as connection with |
| * old entry with valid RSN IE will pass. |
| * So instead of dropping the frame, do not store the |
| * RSN pointer so that old entry is overwritten. |
| */ |
| if (ie->ie_len >= WLAN_RSN_IE_MIN_LEN) |
| scan_params->ie_list.rsn = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_XRATES: |
| if (ie->ie_len > WLAN_EXT_SUPPORTED_RATES_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.xrates = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_EXTCHANSWITCHANN: |
| if (ie->ie_len != WLAN_XCSA_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.xcsa = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_SECCHANOFFSET: |
| if (ie->ie_len != WLAN_SECCHANOFF_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.secchanoff = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_HTINFO_ANA: |
| if (ie->ie_len != sizeof(struct wlan_ie_htinfo_cmn)) |
| goto err; |
| scan_params->ie_list.htinfo = |
| (uint8_t *)&(((struct wlan_ie_htinfo *) ie)->hi_ie); |
| chan_idx = ((struct wlan_ie_htinfo_cmn *) |
| (scan_params->ie_list.htinfo))->hi_ctrlchannel; |
| *chan_freq = wlan_reg_chan_band_to_freq(pdev, chan_idx, |
| band_mask); |
| /* Drop if invalid freq */ |
| if (scan_obj->drop_bcn_on_invalid_freq && |
| wlan_reg_is_disable_for_freq(pdev, *chan_freq)) { |
| scm_debug_rl(QDF_MAC_ADDR_FMT": Drop as invalid channel %d freq %d in HT_INFO IE", |
| QDF_MAC_ADDR_REF(scan_params->bssid.bytes), |
| chan_idx, *chan_freq); |
| return QDF_STATUS_E_INVAL; |
| } |
| break; |
| case WLAN_ELEMID_WAPI: |
| if (ie->ie_len < WLAN_WAPI_IE_MIN_LEN) |
| goto err; |
| scan_params->ie_list.wapi = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_XCAPS: |
| if (ie->ie_len > WLAN_EXTCAP_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.extcaps = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_VHTCAP: |
| if (ie->ie_len != (sizeof(struct wlan_ie_vhtcaps) - |
| sizeof(struct ie_header))) |
| goto err; |
| scan_params->ie_list.vhtcap = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_VHTOP: |
| if (ie->ie_len != (sizeof(struct wlan_ie_vhtop) - |
| sizeof(struct ie_header))) |
| goto err; |
| scan_params->ie_list.vhtop = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_OP_MODE_NOTIFY: |
| if (ie->ie_len != WLAN_OPMODE_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.opmode = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_MOBILITY_DOMAIN: |
| if (ie->ie_len != WLAN_MOBILITY_DOMAIN_IE_MAX_LEN) |
| goto err; |
| scan_params->ie_list.mdie = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_VENDOR: |
| status = util_scan_parse_vendor_ie(scan_params, |
| ie); |
| if (QDF_IS_STATUS_ERROR(status)) |
| goto err_status; |
| break; |
| case WLAN_ELEMID_VHT_TX_PWR_ENVLP: |
| if (ie->ie_len < WLAN_TPE_IE_MIN_LEN) |
| goto err; |
| if (tpe_idx >= WLAN_MAX_NUM_TPE_IE) |
| goto err; |
| scan_params->ie_list.tpe[tpe_idx++] = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_CHAN_SWITCH_WRAP: |
| scan_params->ie_list.cswrp = (uint8_t *)ie; |
| /* Go to next sub IE */ |
| sub_ie = (struct ie_header *) |
| (((uint8_t *)ie) + sizeof(struct ie_header)); |
| sub_ie_len = ie->ie_len; |
| status = |
| util_scan_parse_chan_switch_wrapper_ie( |
| scan_params, sub_ie, sub_ie_len); |
| if (QDF_IS_STATUS_ERROR(status)) { |
| goto err_status; |
| } |
| break; |
| case WLAN_ELEMID_FILS_INDICATION: |
| if (ie->ie_len < WLAN_FILS_INDICATION_IE_MIN_LEN) |
| goto err; |
| scan_params->ie_list.fils_indication = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_RSNXE: |
| if (!ie->ie_len) |
| goto err; |
| scan_params->ie_list.rsnxe = (uint8_t *)ie; |
| break; |
| case WLAN_ELEMID_EXTN_ELEM: |
| status = util_scan_parse_extn_ie(scan_params, ie); |
| if (QDF_IS_STATUS_ERROR(status)) |
| goto err_status; |
| break; |
| case WLAN_ELEMID_REDUCED_NEIGHBOR_REPORT: |
| if (ie->ie_len < WLAN_RNR_IE_MIN_LEN) |
| goto err; |
| scan_params->ie_list.rnrie = (uint8_t *)ie; |
| status = util_scan_parse_rnr_ie(scan_params, ie); |
| if (QDF_IS_STATUS_ERROR(status)) |
| goto err_status; |
| break; |
| default: |
| break; |
| } |
| |
| /* Consume info element */ |
| ie_len -= ie->ie_len; |
| /* Go to next IE */ |
| ie = (struct ie_header *) |
| (((uint8_t *) ie) + |
| sizeof(struct ie_header) + |
| ie->ie_len); |
| } |
| |
| return QDF_STATUS_SUCCESS; |
| |
| err: |
| status = QDF_STATUS_E_INVAL; |
| err_status: |
| scm_debug("failed to parse IE - id: %d, len: %d", |
| ie->ie_id, ie->ie_len); |
| |
| return status; |
| } |
| |
| /** |
| * util_scan_update_esp_data: update ESP params from beacon/probe response |
| * @esp_information: pointer to wlan_esp_information |
| * @scan_entry: new received entry |
| * |
| * The Estimated Service Parameters element is |
| * used by a AP to provide information to another STA which |
| * can then use the information as input to an algorithm to |
| * generate an estimate of throughput between the two STAs. |
| * The ESP Information List field contains from 1 to 4 ESP |
| * Information fields(each field 24 bits), each corresponding |
| * to an access category for which estimated service parameters |
| * information is provided. |
| * |
| * Return: None |
| */ |
| static void util_scan_update_esp_data(struct wlan_esp_ie *esp_information, |
| struct scan_cache_entry *scan_entry) |
| { |
| |
| uint8_t *data; |
| int i = 0; |
| uint64_t total_elements; |
| struct wlan_esp_info *esp_info; |
| struct wlan_esp_ie *esp_ie; |
| |
| esp_ie = (struct wlan_esp_ie *) |
| util_scan_entry_esp_info(scan_entry); |
| |
| total_elements = esp_ie->esp_len; |
| data = (uint8_t *)esp_ie + 3; |
| do_div(total_elements, ESP_INFORMATION_LIST_LENGTH); |
| |
| if (total_elements > MAX_ESP_INFORMATION_FIELD) { |
| scm_err("No of Air time fractions are greater than supported"); |
| return; |
| } |
| |
| for (i = 0; i < total_elements && |
| data < ((uint8_t *)esp_ie + esp_ie->esp_len + 3); i++) { |
| esp_info = (struct wlan_esp_info *)data; |
| if (esp_info->access_category == ESP_AC_BK) { |
| qdf_mem_copy(&esp_information->esp_info_AC_BK, |
| data, 3); |
| data = data + ESP_INFORMATION_LIST_LENGTH; |
| continue; |
| } |
| if (esp_info->access_category == ESP_AC_BE) { |
| qdf_mem_copy(&esp_information->esp_info_AC_BE, |
| data, 3); |
| data = data + ESP_INFORMATION_LIST_LENGTH; |
| continue; |
| } |
| if (esp_info->access_category == ESP_AC_VI) { |
| qdf_mem_copy(&esp_information->esp_info_AC_VI, |
| data, 3); |
| data = data + ESP_INFORMATION_LIST_LENGTH; |
| continue; |
| } |
| if (esp_info->access_category == ESP_AC_VO) { |
| qdf_mem_copy(&esp_information->esp_info_AC_VO, |
| data, 3); |
| data = data + ESP_INFORMATION_LIST_LENGTH; |
| break; |
| } |
| } |
| } |
| |
| /** |
| * util_scan_scm_update_bss_with_esp_dataa: calculate estimated air time |
| * fraction |
| * @scan_entry: new received entry |
| * |
| * This function process all Access category ESP params and provide |
| * best effort air time fraction. |
| * If best effort is not available, it will choose VI, VO and BK in sequence |
| * |
| */ |
| static void util_scan_scm_update_bss_with_esp_data( |
| struct scan_cache_entry *scan_entry) |
| { |
| uint8_t air_time_fraction = 0; |
| struct wlan_esp_ie esp_information; |
| |
| if (!scan_entry->ie_list.esp) |
| return; |
| |
| util_scan_update_esp_data(&esp_information, scan_entry); |
| |
| /* |
| * If the ESP metric is transmitting multiple airtime fractions, then |
| * follow the sequence AC_BE, AC_VI, AC_VO, AC_BK and pick whichever is |
| * the first one available |
| */ |
| if (esp_information.esp_info_AC_BE.access_category |
| == ESP_AC_BE) |
| air_time_fraction = |
| esp_information.esp_info_AC_BE. |
| estimated_air_fraction; |
| else if (esp_information.esp_info_AC_VI.access_category |
| == ESP_AC_VI) |
| air_time_fraction = |
| esp_information.esp_info_AC_VI. |
| estimated_air_fraction; |
| else if (esp_information.esp_info_AC_VO.access_category |
| == ESP_AC_VO) |
| air_time_fraction = |
| esp_information.esp_info_AC_VO. |
| estimated_air_fraction; |
| else if (esp_information.esp_info_AC_BK.access_category |
| == ESP_AC_BK) |
| air_time_fraction = |
| esp_information.esp_info_AC_BK. |
| estimated_air_fraction; |
| scan_entry->air_time_fraction = air_time_fraction; |
| } |
| |
| /** |
| * util_scan_scm_calc_nss_supported_by_ap() - finds out nss from AP |
| * @scan_entry: new received entry |
| * |
| * Return: number of nss advertised by AP |
| */ |
| static int util_scan_scm_calc_nss_supported_by_ap( |
| struct scan_cache_entry *scan_params) |
| { |
| struct htcap_cmn_ie *htcap; |
| struct wlan_ie_vhtcaps *vhtcaps; |
| struct wlan_ie_hecaps *hecaps; |
| uint16_t rx_mcs_map = 0; |
| |
| htcap = (struct htcap_cmn_ie *) |
| util_scan_entry_htcap(scan_params); |
| vhtcaps = (struct wlan_ie_vhtcaps *) |
| util_scan_entry_vhtcap(scan_params); |
| hecaps = (struct wlan_ie_hecaps *) |
| util_scan_entry_hecap(scan_params); |
| |
| if (hecaps) { |
| /* Using rx mcs map related to 80MHz or lower as in some |
| * cases higher mcs may suuport lesser NSS than that |
| * of lowe mcs. Thus giving max NSS capability. |
| */ |
| rx_mcs_map = |
| qdf_cpu_to_le16(hecaps->mcs_bw_map[0].rx_mcs_map); |
| } else if (vhtcaps) { |
| rx_mcs_map = vhtcaps->rx_mcs_map; |
| } |
| |
| if (hecaps || vhtcaps) { |
| if ((rx_mcs_map & 0xC000) != 0xC000) |
| return 8; |
| |
| if ((rx_mcs_map & 0x3000) != 0x3000) |
| return 7; |
| |
| if ((rx_mcs_map & 0x0C00) != 0x0C00) |
| return 6; |
| |
| if ((rx_mcs_map & 0x0300) != 0x0300) |
| return 5; |
| |
| if ((rx_mcs_map & 0x00C0) != 0x00C0) |
| return 4; |
| |
| if ((rx_mcs_map & 0x0030) != 0x0030) |
| return 3; |
| |
| if ((rx_mcs_map & 0x000C) != 0x000C) |
| return 2; |
| } else if (htcap) { |
| if (htcap->mcsset[3]) |
| return 4; |
| |
| if (htcap->mcsset[2]) |
| return 3; |
| |
| if (htcap->mcsset[1]) |
| return 2; |
| |
| } |
| return 1; |
| } |
| |
| #ifdef WLAN_DFS_CHAN_HIDDEN_SSID |
| QDF_STATUS |
| util_scan_add_hidden_ssid(struct wlan_objmgr_pdev *pdev, qdf_nbuf_t bcnbuf) |
| { |
| struct wlan_frame_hdr *hdr; |
| struct wlan_bcn_frame *bcn; |
| struct wlan_scan_obj *scan_obj; |
| struct wlan_ssid *conf_ssid; |
| struct ie_header *ie; |
| uint32_t frame_len = qdf_nbuf_len(bcnbuf); |
| uint16_t bcn_ie_offset, ssid_ie_start_offset, ssid_ie_end_offset; |
| uint16_t tmplen, ie_length; |
| uint8_t *pbeacon, *tmp; |
| bool set_ssid_flag = false; |
| struct ie_ssid ssid = {0}; |
| uint8_t pdev_id; |
| |
| if (!pdev) { |
| scm_warn("pdev: 0x%pK is NULL", pdev); |
| return QDF_STATUS_E_NULL_VALUE; |
| } |
| pdev_id = wlan_objmgr_pdev_get_pdev_id(pdev); |
| scan_obj = wlan_pdev_get_scan_obj(pdev); |
| if (!scan_obj) { |
| scm_warn("null scan_obj"); |
| return QDF_STATUS_E_NULL_VALUE; |
| } |
| |
| conf_ssid = &scan_obj->pdev_info[pdev_id].conf_ssid; |
| |
| hdr = (struct wlan_frame_hdr *)qdf_nbuf_data(bcnbuf); |
| |
| /* received bssid does not match configured bssid */ |
| if (qdf_mem_cmp(hdr->i_addr3, scan_obj->pdev_info[pdev_id].conf_bssid, |
| QDF_MAC_ADDR_SIZE) || |
| conf_ssid->length == 0) { |
| return QDF_STATUS_SUCCESS; |
| } |
| |
| bcn = (struct wlan_bcn_frame *)(qdf_nbuf_data(bcnbuf) + sizeof(*hdr)); |
| pbeacon = (uint8_t *)bcn; |
| |
| ie = (struct ie_header *)(pbeacon + |
| offsetof(struct wlan_bcn_frame, ie)); |
| |
| bcn_ie_offset = offsetof(struct wlan_bcn_frame, ie); |
| ie_length = (uint16_t)(frame_len - sizeof(*hdr) - |
| bcn_ie_offset); |
| |
| while (ie_length >= sizeof(struct ie_header)) { |
| ie_length -= sizeof(struct ie_header); |
| |
| bcn_ie_offset += sizeof(struct ie_header); |
| |
| if (ie_length < ie->ie_len) { |
| scm_debug("Incomplete corrupted IE:%x", ie->ie_id); |
| return QDF_STATUS_E_INVAL; |
| } |
| if (ie->ie_id == WLAN_ELEMID_SSID) { |
| if (ie->ie_len > (sizeof(struct ie_ssid) - |
| sizeof(struct ie_header))) { |
| return QDF_STATUS_E_INVAL; |
| } |
| ssid.ssid_id = ie->ie_id; |
| ssid.ssid_len = ie->ie_len; |
| |
| if (ssid.ssid_len) |
| qdf_mem_copy(ssid.ssid, |
| ie + sizeof(struct ie_header), |
| ssid.ssid_len); |
| |
| if (util_scan_is_hidden_ssid(&ssid)) { |
| set_ssid_flag = true; |
| ssid_ie_start_offset = bcn_ie_offset - |
| sizeof(struct ie_header); |
| ssid_ie_end_offset = bcn_ie_offset + |
| ie->ie_len; |
| } |
| } |
| if (ie->ie_len == 0) { |
| ie += 1; /* next IE */ |
| continue; |
| } |
| if (ie->ie_id == WLAN_ELEMID_VENDOR && |
| is_wps_oui((uint8_t *)ie)) { |
| set_ssid_flag = false; |
| break; |
| } |
| /* Consume info element */ |
| ie_length -= ie->ie_len; |
| /* Go to next IE */ |
| ie = (struct ie_header *)(((uint8_t *)ie) + |
| sizeof(struct ie_header) + |
| ie->ie_len); |
| } |
| |
| if (set_ssid_flag) { |
| /* Hidden SSID if the Length is 0 */ |
| if (!ssid.ssid_len) { |
| /* increase the taillength by length of ssid */ |
| if (qdf_nbuf_put_tail(bcnbuf, |
| conf_ssid->length) == NULL) { |
| scm_debug("No enough tailroom"); |
| return QDF_STATUS_E_NOMEM; |
| } |
| /* length of the buffer to be copied */ |
| tmplen = frame_len - |
| sizeof(*hdr) - ssid_ie_end_offset; |
| /* |
| * tmp memory to copy the beacon info |
| * after ssid ie. |
| */ |
| tmp = qdf_mem_malloc(tmplen * sizeof(u_int8_t)); |
| if (!tmp) |
| return QDF_STATUS_E_NOMEM; |
| |
| /* Copy beacon data after ssid ie to tmp */ |
| qdf_nbuf_copy_bits(bcnbuf, (sizeof(*hdr) + |
| ssid_ie_end_offset), tmplen, tmp); |
| /* Add ssid length */ |
| *(pbeacon + (ssid_ie_start_offset + 1)) |
| = conf_ssid->length; |
| /* Insert the SSID string */ |
| qdf_mem_copy((pbeacon + ssid_ie_end_offset), |
| conf_ssid->ssid, conf_ssid->length); |
| /* Copy rest of the beacon data */ |
| qdf_mem_copy((pbeacon + ssid_ie_end_offset + |
| conf_ssid->length), tmp, tmplen); |
| qdf_mem_free(tmp); |
| |
| /* Hidden ssid with all 0's */ |
| } else if (ssid.ssid_len == conf_ssid->length) { |
| /* Insert the SSID string */ |
| qdf_mem_copy((pbeacon + ssid_ie_start_offset + |
| sizeof(struct ie_header)), |
| conf_ssid->ssid, conf_ssid->length); |
| } else { |
| scm_debug("mismatch in hidden ssid length"); |
| return QDF_STATUS_E_INVAL; |
| } |
| } |
| return QDF_STATUS_SUCCESS; |
| } |
| #endif /* WLAN_DFS_CHAN_HIDDEN_SSID */ |
| |
| #ifdef WLAN_ADAPTIVE_11R |
| /** |
| * scm_fill_adaptive_11r_cap() - Check if the AP supports adaptive 11r |
| * @scan_entry: Pointer to the scan entry |
| * |
| * Return: true if adaptive 11r is advertised else false |
| */ |
| static void scm_fill_adaptive_11r_cap(struct scan_cache_entry *scan_entry) |
| { |
| uint8_t *ie; |
| uint8_t data; |
| bool adaptive_11r; |
| |
| ie = util_scan_entry_adaptive_11r(scan_entry); |
| if (!ie) |
| return; |
| |
| data = *(ie + OUI_LENGTH); |
| adaptive_11r = (data & 0x1) ? true : false; |
| |
| scan_entry->adaptive_11r_ap = adaptive_11r; |
| } |
| #else |
| static void scm_fill_adaptive_11r_cap(struct scan_cache_entry *scan_entry) |
| { |
| scan_entry->adaptive_11r_ap = false; |
| } |
| #endif |
| |
| static void util_scan_set_security(struct scan_cache_entry *scan_params) |
| { |
| if (util_scan_entry_wpa(scan_params)) |
| scan_params->security_type |= SCAN_SECURITY_TYPE_WPA; |
| |
| if (util_scan_entry_rsn(scan_params)) |
| scan_params->security_type |= SCAN_SECURITY_TYPE_RSN; |
| if (util_scan_entry_wapi(scan_params)) |
| scan_params->security_type |= SCAN_SECURITY_TYPE_WAPI; |
| |
| if (!scan_params->security_type && |
| scan_params->cap_info.wlan_caps.privacy) |
| scan_params->security_type |= SCAN_SECURITY_TYPE_WEP; |
| } |
| |
| #ifdef WLAN_FEATURE_11BE_MLO |
| /** |
| * Multi link IE field offsets |
| * ------------------------------------------------------------------------ |
| * | EID(1) | Len (1) | EID_EXT (1) | ML_CONTROL (2) | CMN_INFO (var) | ... | |
| * ------------------------------------------------------------------------ |
| */ |
| #define ML_CONTROL_OFFSET 3 |
| #define ML_CMN_INFO_OFFSET ML_CONTROL_OFFSET + 2 |
| |
| #define CMN_INFO_MLD_ADDR_PRESENT_BIT BIT(4) |
| #define CMN_INFO_LINK_ID_PRESENT_BIT BIT(5) |
| #define LINK_INFO_MAC_ADDR_PRESENT_BIT BIT(5) |
| |
| static uint8_t util_get_link_info_offset(uint8_t *ml_ie) |
| { |
| uint8_t offset = ML_CMN_INFO_OFFSET; |
| uint8_t ml_ie_len = ml_ie[1]; |
| uint16_t multi_link_ctrl = *(uint16_t *)(ml_ie + ML_CONTROL_OFFSET); |
| |
| offset += (BIT(4) & multi_link_ctrl) * 6 + |
| (BIT(5) & multi_link_ctrl) * 1 + |
| (BIT(6) & multi_link_ctrl) * 1 + |
| (BIT(7) & multi_link_ctrl) * 2 + |
| (BIT(8) & multi_link_ctrl) * 2 + |
| (BIT(9) & multi_link_ctrl) * 2; |
| |
| if (offset < ml_ie_len) |
| return offset; |
| |
| return 0; |
| } |
| |
| static void util_get_partner_link_info(struct scan_cache_entry *scan_entry) |
| { |
| uint8_t *ml_ie = scan_entry->ie_list.multi_link; |
| uint8_t offset = util_get_link_info_offset(ml_ie); |
| uint16_t sta_ctrl; |
| |
| /* Update partner info from RNR IE */ |
| qdf_mem_copy(&scan_entry->ml_info.link_info[0].link_addr, |
| &scan_entry->rnr.bss_info[0].bssid, 6); |
| |
| scan_entry->ml_info.link_info[0].link_id = |
| scan_entry->rnr.bss_info[0].mld_info.link_id; |
| |
| if (!offset) |
| return; |
| |
| /* TODO: loop through all the STA info fields */ |
| |
| /* Sub element ID 0 represents Per-STA Profile */ |
| if (ml_ie[offset] == 0) { |
| /* Skip sub element ID and length fields */ |
| offset += 2; |
| sta_ctrl = *(uint16_t *)(ml_ie + offset); |
| /* Skip STA control field */ |
| offset += 2; |
| |
| scan_entry->ml_info.link_info[0].link_id = sta_ctrl & 0xF; |
| if (sta_ctrl & LINK_INFO_MAC_ADDR_PRESENT_BIT) { |
| qdf_mem_copy( |
| &scan_entry->ml_info.link_info[0].link_addr, |
| ml_ie + offset, 6); |
| scm_debug("Found partner info in ML IE"); |
| return; |
| } |
| } |
| } |
| |
| static void util_scan_update_ml_info(struct scan_cache_entry *scan_entry) |
| { |
| uint8_t *ml_ie = scan_entry->ie_list.multi_link; |
| uint16_t multi_link_ctrl; |
| uint8_t offset; |
| |
| if (!scan_entry->ie_list.multi_link) { |
| return; |
| } |
| |
| multi_link_ctrl = *(uint16_t *)(ml_ie + ML_CONTROL_OFFSET); |
| |
| /* TODO: update ml_info based on ML IE */ |
| |
| multi_link_ctrl = *(uint16_t *)(ml_ie + ML_CONTROL_OFFSET); |
| offset = ML_CMN_INFO_OFFSET; |
| /* TODO: Add proper parsing based on presense bitmap */ |
| if (multi_link_ctrl & CMN_INFO_MLD_ADDR_PRESENT_BIT) { |
| qdf_mem_copy(&scan_entry->ml_info.mld_mac_addr, |
| ml_ie + offset, 6); |
| offset += 6; |
| } |
| |
| /* TODO: Decode it from ML IE */ |
| scan_entry->ml_info.num_links = 2; |
| |
| /** |
| * Copy Link ID & MAC address of the scan cache entry as first entry |
| * in the partner info list |
| */ |
| if (multi_link_ctrl & CMN_INFO_LINK_ID_PRESENT_BIT) |
| scan_entry->ml_info.self_link_id = ml_ie[offset] & 0x0F; |
| |
| util_get_partner_link_info(scan_entry); |
| } |
| #else |
| static void util_scan_update_ml_info(struct scan_cache_entry *scan_entry) |
| { |
| } |
| #endif |
| |
| static QDF_STATUS |
| util_scan_gen_scan_entry(struct wlan_objmgr_pdev *pdev, |
| uint8_t *frame, qdf_size_t frame_len, |
| uint32_t frm_subtype, |
| struct mgmt_rx_event_params *rx_param, |
| struct scan_mbssid_info *mbssid_info, |
| qdf_list_t *scan_list) |
| { |
| struct wlan_frame_hdr *hdr; |
| struct wlan_bcn_frame *bcn; |
| QDF_STATUS status = QDF_STATUS_SUCCESS; |
| struct ie_ssid *ssid; |
| struct scan_cache_entry *scan_entry; |
| struct qbss_load_ie *qbss_load; |
| struct scan_cache_node *scan_node; |
| uint8_t i; |
| qdf_freq_t chan_freq = 0; |
| bool he_6g_dup_bcon = false; |
| uint8_t band_mask; |
| |
| scan_entry = qdf_mem_malloc_atomic(sizeof(*scan_entry)); |
| if (!scan_entry) { |
| scm_err("failed to allocate memory for scan_entry"); |
| return QDF_STATUS_E_NOMEM; |
| } |
| |
| scan_entry->raw_frame.ptr = |
| qdf_mem_malloc_atomic(frame_len); |
| if (!scan_entry->raw_frame.ptr) { |
| scm_err("failed to allocate memory for frame"); |
| qdf_mem_free(scan_entry); |
| return QDF_STATUS_E_NOMEM; |
| } |
| |
| bcn = (struct wlan_bcn_frame *) |
| (frame + sizeof(*hdr)); |
| hdr = (struct wlan_frame_hdr *)frame; |
| |
| /* update timestamp in nanoseconds needed by kernel layers */ |
| scan_entry->boottime_ns = qdf_get_bootbased_boottime_ns(); |
| |
| scan_entry->frm_subtype = frm_subtype; |
| qdf_mem_copy(scan_entry->bssid.bytes, |
| hdr->i_addr3, QDF_MAC_ADDR_SIZE); |
| /* Scr addr */ |
| qdf_mem_copy(scan_entry->mac_addr.bytes, |
| hdr->i_addr2, QDF_MAC_ADDR_SIZE); |
| scan_entry->seq_num = |
| (le16toh(*(uint16_t *)hdr->i_seq) >> WLAN_SEQ_SEQ_SHIFT); |
| |
| scan_entry->snr = rx_param->snr; |
| scan_entry->avg_snr = WLAN_SNR_IN(scan_entry->snr); |
| scan_entry->rssi_raw = rx_param->rssi; |
| scan_entry->avg_rssi = WLAN_RSSI_IN(scan_entry->rssi_raw); |
| scan_entry->tsf_delta = rx_param->tsf_delta; |
| scan_entry->pdev_id = wlan_objmgr_pdev_get_pdev_id(pdev); |
| |
| /* Copy per chain rssi to scan entry */ |
| qdf_mem_copy(scan_entry->per_chain_rssi, rx_param->rssi_ctl, |
| WLAN_MGMT_TXRX_HOST_MAX_ANTENNA); |
| band_mask = BIT(wlan_reg_freq_to_band(rx_param->chan_freq)); |
| |
| if (!wlan_psoc_nif_fw_ext_cap_get(wlan_pdev_get_psoc(pdev), |
| WLAN_SOC_CEXT_HW_DB2DBM)) { |
| for (i = 0; i < WLAN_MGMT_TXRX_HOST_MAX_ANTENNA; i++) { |
| if (scan_entry->per_chain_rssi[i] != |
| WLAN_INVALID_PER_CHAIN_SNR) |
| scan_entry->per_chain_rssi[i] += |
| WLAN_NOISE_FLOOR_DBM_DEFAULT; |
| else |
| scan_entry->per_chain_rssi[i] = |
| WLAN_INVALID_PER_CHAIN_RSSI; |
| } |
| } |
| |
| /* store jiffies */ |
| scan_entry->rrm_parent_tsf = (uint32_t)qdf_system_ticks(); |
| |
| scan_entry->bcn_int = le16toh(bcn->beacon_interval); |
| |
| /* |
| * In case if the beacon dosnt have |
| * valid beacon interval falback to def |
| */ |
| if (!scan_entry->bcn_int) |
| scan_entry->bcn_int = 100; |
| scan_entry->cap_info.value = le16toh(bcn->capability.value); |
| qdf_mem_copy(scan_entry->tsf_info.data, |
| bcn->timestamp, 8); |
| scan_entry->erp = ERP_NON_ERP_PRESENT; |
| |
| scan_entry->scan_entry_time = |
| qdf_mc_timer_get_system_time(); |
| |
| scan_entry->raw_frame.len = frame_len; |
| qdf_mem_copy(scan_entry->raw_frame.ptr, |
| frame, frame_len); |
| status = util_scan_populate_bcn_ie_list(pdev, scan_entry, &chan_freq, |
| band_mask); |
| if (QDF_IS_STATUS_ERROR(status)) { |
| scm_debug(QDF_MAC_ADDR_FMT": failed to parse beacon IE", |
| QDF_MAC_ADDR_REF(scan_entry->bssid.bytes)); |
| qdf_mem_free(scan_entry->raw_frame.ptr); |
| qdf_mem_free(scan_entry); |
| return QDF_STATUS_E_FAILURE; |
| } |
| |
| ssid = (struct ie_ssid *) |
| scan_entry->ie_list.ssid; |
| |
| if (ssid && (ssid->ssid_len > WLAN_SSID_MAX_LEN)) { |
| qdf_mem_free(scan_entry->raw_frame.ptr); |
| qdf_mem_free(scan_entry); |
| return QDF_STATUS_E_FAILURE; |
| } |
| |
| if (scan_entry->ie_list.p2p) |
| scan_entry->is_p2p = true; |
| |
| if (!chan_freq && util_scan_entry_hecap(scan_entry)) { |
| status = util_scan_get_chan_from_he_6g_params(pdev, scan_entry, |
| &chan_freq, |
| &he_6g_dup_bcon, |
| band_mask); |
| if (QDF_IS_STATUS_ERROR(status)) { |
| qdf_mem_free(scan_entry->raw_frame.ptr); |
| qdf_mem_free(scan_entry); |
| return QDF_STATUS_E_FAILURE; |
| } |
| } |
| |
| if (chan_freq) |
| scan_entry->channel.chan_freq = chan_freq; |
| |
| /* If no channel info is present in beacon use meta channel */ |
| if (!scan_entry->channel.chan_freq) { |
| scan_entry->channel.chan_freq = rx_param->chan_freq; |
| } else if (rx_param->chan_freq != |
| scan_entry->channel.chan_freq) { |
| if (!wlan_reg_is_49ghz_freq(scan_entry->channel.chan_freq) && |
| !he_6g_dup_bcon) |
| scan_entry->channel_mismatch = true; |
| } |
| |
| if (util_scan_is_hidden_ssid(ssid)) { |
| scan_entry->ie_list.ssid = NULL; |
| scan_entry->is_hidden_ssid = true; |
| } else { |
| qdf_mem_copy(scan_entry->ssid.ssid, |
| ssid->ssid, ssid->ssid_len); |
| scan_entry->ssid.length = ssid->ssid_len; |
| scan_entry->hidden_ssid_timestamp = |
| scan_entry->scan_entry_time; |
| } |
| qdf_mem_copy(&scan_entry->mbssid_info, mbssid_info, |
| sizeof(scan_entry->mbssid_info)); |
| |
| scan_entry->phy_mode = util_scan_get_phymode(pdev, scan_entry); |
| |
| scan_entry->nss = util_scan_scm_calc_nss_supported_by_ap(scan_entry); |
| scm_fill_adaptive_11r_cap(scan_entry); |
| util_scan_set_security(scan_entry); |
| |
| util_scan_scm_update_bss_with_esp_data(scan_entry); |
| qbss_load = (struct qbss_load_ie *) |
| util_scan_entry_qbssload(scan_entry); |
| if (qbss_load) |
| scan_entry->qbss_chan_load = qbss_load->qbss_chan_load; |
| |
| scan_node = qdf_mem_malloc_atomic(sizeof(*scan_node)); |
| if (!scan_node) { |
| qdf_mem_free(scan_entry->raw_frame.ptr); |
| qdf_mem_free(scan_entry); |
| return QDF_STATUS_E_FAILURE; |
| } |
| |
| util_scan_update_ml_info(scan_entry); |
| |
| scan_node->entry = scan_entry; |
| qdf_list_insert_front(scan_list, &scan_node->node); |
| |
| return status; |
| } |
| |
| #ifdef WLAN_FEATURE_MBSSID |
| /* |
| * util_is_noninh_ie() - find the noninhertance information element |
| * in the received frame's IE list, so that we can stop inheriting that IE |
| * in the caller function. |
| * |
| * @elem_id: Element ID in the received frame's IE, which is being processed. |
| * @non_inh_list: pointer to the non inherited list of element IDs or |
| * list of extension element IDs. |
| * @len: Length of non inheritance IE list |
| * |
| * Return: False if the element ID is not found or else return true |
| */ |
| static bool util_is_noninh_ie(uint8_t elem_id, |
| uint8_t *non_inh_list, |
| int8_t len) |
| { |
| int count; |
| |
| for (count = 0; count < len; count++) { |
| if (elem_id == non_inh_list[count]) |
| return true; |
| } |
| |
| return false; |
| } |
| |
| /* |
| * util_scan_find_noninheritance_ie() - find noninheritance information element |
| * This block of code is to identify if there is any non-inheritance element |
| * present as part of the nontransmitted BSSID profile. |
| * @elem_id: element id |
| * @ies: pointer consisting of IEs |
| * @len: IE length |
| * |
| * Return: NULL if the element ID is not found or if IE pointer is NULL else |
| * pointer to the first byte of the requested element |
| */ |
| static uint8_t |
| *util_scan_find_noninheritance_ie(uint8_t elem_id, uint8_t *ies, |
| int32_t len) |
| { |
| if (!ies) |
| return NULL; |
| |
| while (len >= MIN_IE_LEN && len >= ies[TAG_LEN_POS] + MIN_IE_LEN) { |
| if ((ies[ID_POS] == elem_id) && |
| (ies[ELEM_ID_EXTN_POS] == |
| WLAN_EXTN_ELEMID_NONINHERITANCE)) { |
| return ies; |
| } |
| len -= ies[TAG_LEN_POS] + MIN_IE_LEN; |
| ies += ies[TAG_LEN_POS] + MIN_IE_LEN; |
| } |
| |
| return NULL; |
| } |
| #endif |
| |
| /* |
| * util_scan_find_ie() - find information element |
| * @eid: element id |
| * @ies: pointer consisting of IEs |
| * @len: IE length |
| * |
| * Return: NULL if the element ID is not found or if IE pointer is NULL else |
| * pointer to the first byte of the requested element |
| */ |
| static uint8_t *util_scan_find_ie(uint8_t eid, uint8_t *ies, |
| int32_t len) |
| { |
| if (!ies) |
| return NULL; |
| |
| while (len >= 2 && len >= ies[1] + 2) { |
| if (ies[0] == eid) |
| return ies; |
| len -= ies[1] + 2; |
| ies += ies[1] + 2; |
| } |
| |
| return NULL; |
| } |
| |
| #ifdef WLAN_FEATURE_MBSSID |
| static void util_gen_new_bssid(uint8_t *bssid, uint8_t max_bssid, |
| uint8_t mbssid_index, |
| uint8_t *new_bssid_addr) |
| { |
| uint8_t lsb_n; |
| int i; |
| |
| for (i = 0; i < QDF_MAC_ADDR_SIZE; i++) |
| new_bssid_addr[i] = bssid[i]; |
| |
| lsb_n = new_bssid_addr[5] & ((1 << max_bssid) - 1); |
| |
| new_bssid_addr[5] &= ~((1 << max_bssid) - 1); |
| new_bssid_addr[5] |= (lsb_n + mbssid_index) % (1 << max_bssid); |
| } |
| |
| /* |
| * util_parse_noninheritance_list() - This block of code will be executed only |
| * if there is a valid non inheritance IE present in the nontx profile. |
| * Host need not inherit those list of element IDs and list of element ID |
| * extensions from the transmitted BSSID profile. |
| * Since non-inheritance element is an element ID extension, it should |
| * be part of extension element. So first we need to find if there are |
| * any extension element present in the nontransmitted BSSID profile. |
| * @extn_elem: If valid, it points to the element ID field of |
| * extension element tag in the nontransmitted BSSID profile. |
| * It may or may not have non inheritance tag present. |
| * _____________________________________________ |
| * | | | |List of|List of | |
| * | Element |Length |Element|Element|Element ID | |
| * | ID | |ID extn| IDs |Extension | |
| * |_________|_______|_______|_______|___________| |
| * List of Element IDs: |
| * __________________ |
| * | | | |
| * | Length |Element | |
| * | |ID List | |
| * |_________|________| |
| * List of Element ID Extensions: |
| * __________________________ |
| * | | | |
| * | Length |Element ID | |
| * | |extension List | |
| * |_________|________________| |
| * @elem_list: Element ID list |
| * @extn_elem_list: Element ID exiension list |
| * @non_inheritance_ie: Non inheritance IE information |
| */ |
| |
| static void util_parse_noninheritance_list(uint8_t *extn_elem, |
| uint8_t **elem_list, |
| uint8_t **extn_elem_list, |
| struct non_inheritance_ie *ninh) |
| { |
| int8_t extn_rem_len = 0; |
| |
| if (extn_elem[ELEM_ID_LIST_LEN_POS] < extn_elem[TAG_LEN_POS]) { |
| /* |
| * extn_rem_len represents the number of bytes after |
| * the length subfield of list of Element IDs. |
| * So here, extn_rem_len should be equal to |
| * Element ID list + Length subfield of Element ID |
| * extension list + Element ID extension list. |
| * |
| * Here we have taken two pointers pointing to the |
| * element ID list and element ID extension list |
| * which we will use to detect the same elements |
| * in the transmitted BSSID profile and choose not |
| * to inherit those elements while constructing the |
| * frame for nontransmitted BSSID profile. |
| */ |
| extn_rem_len = extn_elem[TAG_LEN_POS] - MIN_IE_LEN; |
| ninh->non_inherit = true; |
| |
| if (extn_rem_len && extn_elem[ELEM_ID_LIST_LEN_POS]) { |
| if (extn_rem_len >= extn_elem[ELEM_ID_LIST_LEN_POS]) { |
| ninh->list_len = |
| extn_elem[ELEM_ID_LIST_LEN_POS]; |
| *elem_list = extn_elem + ELEM_ID_LIST_POS; |
| extn_rem_len -= ninh->list_len; |
| } else { |
| /* |
| * Corrupt frame. length subfield of |
| * element ID list is greater than |
| * what it should be. Go ahead with |
| * frame generation but do not honour |
| * the non inheritance part. Also, mark |
| * the element ID in subcopy as 0, so |
| * that this element info will not |
| * be copied. |
| */ |
| ninh->non_inherit = false; |
| extn_elem[0] = 0; |
| } |
| } |
| |
| extn_rem_len--; |
| if (extn_rem_len > 0) { |
| if (!ninh->list_len) { |
| ninh->extn_len = |
| extn_elem[ELEM_ID_LIST_LEN_POS + 1]; |
| } else { |
| ninh->extn_len = |
| extn_elem[ELEM_ID_LIST_POS + |
| ninh->list_len]; |
| } |
| |
| if (extn_rem_len != ninh->extn_len) { |
| /* |
| * Corrupt frame. length subfield of |
| * element ID extn list is not |
| * what it should be. Go ahead with |
| * frame generation but do not honour |
| * the non inheritance part. Also, mark |
| * the element ID in subcopy as 0, so |
| * that this element info will not |
| * be copied. |
| */ |
| ninh->non_inherit = false; |
| extn_elem[0] = 0; |
| } |
| |
| if (ninh->extn_len) { |
| *extn_elem_list = |
| (extn_elem + ninh->list_len + |
| ELEM_ID_LIST_POS + 1); |
| } |
| } |
| } |
| } |
| |
| #ifdef WLAN_FEATURE_11BE_MLO |
| /** |
| * util_handle_rnr_ie_for_mbssid() - parse and modify RNR IE for MBSSID feature |
| * @rnr: The pointer to RNR IE |
| * @bssid_index: BSSID index from MBSSID index IE |
| * @pos: The buffer pointer to save the transformed RNR IE, caller is expected |
| * to supply a buffer that is at least as big as @rnr |
| * |
| * Per the description about Neighbor AP Information field about MLD |
| * parameters subfield in section 9.4.2.170.2 of Draft P802.11be_D1.4. |
| * If the reported AP is affiliated with the same MLD of the reporting AP, |
| * the TBTT information is skipped; If the reported AP is affiliated with |
| * the same MLD of the nontransmitted BSSID, the TBTT information is |
| * copied and the MLD ID is changed to 0. |
| * |
| * Return: Length of the element written to @pos |
| */ |
| static int util_handle_rnr_ie_for_mbssid(const uint8_t *rnr, |
| uint8_t bssid_index, uint8_t *pos) |
| { |
| size_t rnr_len; |
| const uint8_t *data, *rnr_end; |
| uint8_t *rnr_new; |
| struct neighbor_ap_info_field *neighbor_ap_info; |
| struct rnr_mld_info *mld_param; |
| uint8_t tbtt_type, tbtt_len, tbtt_count; |
| uint8_t mld_pos, mld_id; |
| int32_t i, copy_len; |
| /* The count of TBTT info field whose MLD ID equals to 0 in a neighbor |
| * AP information field. |
| */ |
| uint32_t tbtt_info_field_count; |
| /* The total bytes of TBTT info fields whose MLD ID equals to 0 in |
| * current RNR IE. |
| */ |
| uint32_t tbtt_info_field_len = 0; |
| uint8_t nbr_ap_info_len = sizeof(struct neighbor_ap_info_field); |
| |
| rnr_len = rnr[TAG_LEN_POS]; |
| rnr_end = rnr + rnr_len + MIN_IE_LEN; |
| rnr_new = pos; |
| qdf_mem_copy(pos, rnr, MIN_IE_LEN); |
| pos += MIN_IE_LEN; |
| |
| data = rnr + PAYLOAD_START_POS; |
| while (data < rnr_end) { |
| neighbor_ap_info = (struct neighbor_ap_info_field *)data; |
| tbtt_count = neighbor_ap_info->tbtt_header.tbtt_info_count; |
| tbtt_len = neighbor_ap_info->tbtt_header.tbtt_info_length; |
| tbtt_type = neighbor_ap_info->tbtt_header.tbbt_info_fieldtype; |
| scm_debug("channel number %d, op class %d, bssid_index %d", |
| neighbor_ap_info->channel_number, |
| neighbor_ap_info->operting_class, bssid_index); |
| scm_debug("tbtt_count %d, tbtt_length %d, tbtt_type %d", |
| tbtt_count, tbtt_len, tbtt_type); |
| |
| copy_len = tbtt_len * (tbtt_count + 1) + |
| nbr_ap_info_len; |
| if (data + copy_len > rnr_end) |
| return 0; |
| |
| if (tbtt_len >= |
| TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM_20MHZ_PSD_MLD_PARAM) |
| mld_pos = |
| TBTT_NEIGHBOR_AP_BSSID_S_SSID_BSS_PARAM_20MHZ_PSD; |
| else |
| mld_pos = 0; |
| |
| /* If MLD params do not exist, copy this neighbor AP |
| * information field. |
| * Per Draft P802.11be_D1.4, tbtt_type value 1, 2 and 3 |
| * are reserved, |
| */ |
| if (mld_pos == 0 || tbtt_type != 0) { |
| scm_debug("no MLD params, tbtt_type %d", tbtt_type); |
| qdf_mem_copy(pos, data, copy_len); |
| pos += copy_len; |
| data += copy_len; |
| continue; |
| } |
| |
| qdf_mem_copy(pos, data, nbr_ap_info_len); |
| neighbor_ap_info = (struct neighbor_ap_info_field *)pos; |
| pos += nbr_ap_info_len; |
| data += nbr_ap_info_len; |
| |
| tbtt_info_field_count = 0; |
| for (i = 0; i < tbtt_count + 1; i++) { |
| mld_param = (struct rnr_mld_info *)&data[mld_pos]; |
| mld_id = mld_param->mld_id; |
| |
| /* Refer to Draft P802.11be_D1.4 |
| * 9.4.2.170.2 Neighbor AP Information field about |
| * MLD parameters subfield |
| */ |
| if (mld_id == 0) { |
| /* Skip this TBTT information since this |
| * reported AP is affiliated with the same MLD |
| * of the reporting AP who sending the frame |
| * carrying this element. |
| */ |
| tbtt_info_field_len += tbtt_len; |
| data += tbtt_len; |
| tbtt_info_field_count++; |
| } else if (mld_id == bssid_index) { |
| /* Copy this TBTT information and change MLD |
| * to 0 as this reported AP is affiliated with |
| * the same MLD of the nontransmitted BSSID. |
| */ |
| qdf_mem_copy(pos, data, tbtt_len); |
| mld_param = |
| (struct rnr_mld_info *)&pos[mld_pos]; |
| scm_debug("change MLD ID from %d to 0", |
| mld_param->mld_id); |
| mld_param->mld_id = 0; |
| data += tbtt_len; |
| pos += tbtt_len; |
| } else { |
| qdf_mem_copy(pos, data, tbtt_len); |
| data += tbtt_len; |
| pos += tbtt_len; |
| } |
| } |
| |
| scm_debug("skip %d neighbor info", tbtt_info_field_count); |
| if (tbtt_info_field_count == (tbtt_count + 1)) { |
| /* If all the TBTT information are skipped, then also |
| * revert the neighbor AP info which has been copied. |
| */ |
| pos -= nbr_ap_info_len; |
| tbtt_info_field_len += nbr_ap_info_len; |
| } else { |
| neighbor_ap_info->tbtt_header.tbtt_info_count -= |
| tbtt_info_field_count; |
| } |
| } |
| |
| rnr_new[TAG_LEN_POS] = rnr_len - tbtt_info_field_len; |
| if (rnr_new[TAG_LEN_POS] > 0) |
| rnr_len = rnr_new[TAG_LEN_POS] + MIN_IE_LEN; |
| else |
| rnr_len = 0; |
| |
| return rnr_len; |
| } |
| #else |
| static int util_handle_rnr_ie_for_mbssid(const uint8_t *rnr, |
| uint8_t bssid_index, uint8_t *pos) |
| { |
| return 0; |
| } |
| #endif |
| |
| static size_t util_oui_header_len(uint8_t *ie) |
| { |
| /* Cisco Vendor Specific IEs doesn't have subtype in |
| * their VSIE header, therefore skip subtype |
| */ |
| if (ie[0] == 0x00 && ie[1] == 0x40 && ie[2] == 0x96) |
| return OUI_LEN - 1; |
| return OUI_LEN; |
| } |
| |
| static uint32_t util_gen_new_ie(uint8_t *ie, uint32_t ielen, |
| uint8_t *subelement, |
| size_t subie_len, uint8_t *new_ie, |
| uint8_t bssid_index) |
| { |
| uint8_t *pos, *tmp; |
| const uint8_t *tmp_old, *tmp_new; |
| uint8_t *sub_copy, *extn_elem = NULL; |
| struct non_inheritance_ie ninh = {0}; |
| uint8_t *elem_list = NULL, *extn_elem_list = NULL; |
| size_t tmp_rem_len; |
| |
| /* copy subelement as we need to change its content to |
| * mark an ie after it is processed. |
| */ |
| sub_copy = qdf_mem_malloc(subie_len); |
| if (!sub_copy) |
| return 0; |
| qdf_mem_copy(sub_copy, subelement, subie_len); |
| |
| pos = &new_ie[0]; |
| |
| /* new ssid */ |
| tmp_new = util_scan_find_ie(WLAN_ELEMID_SSID, sub_copy, subie_len); |
| if (tmp_new) { |
| scm_debug(" SSID %.*s", tmp_new[1], |
| &tmp_new[PAYLOAD_START_POS]); |
| if ((pos + tmp_new[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp_new, |
| (tmp_new[1] + MIN_IE_LEN)); |
| pos += (tmp_new[1] + MIN_IE_LEN); |
| } |
| } |
| |
| extn_elem = util_scan_find_noninheritance_ie(WLAN_ELEMID_EXTN_ELEM, |
| sub_copy, subie_len); |
| |
| if (extn_elem && extn_elem[TAG_LEN_POS]) { |
| util_parse_noninheritance_list(extn_elem, &elem_list, |
| &extn_elem_list, &ninh); |
| } |
| |
| /* go through IEs in ie (skip SSID) and subelement, |
| * merge them into new_ie |
| */ |
| tmp_old = util_scan_find_ie(WLAN_ELEMID_SSID, ie, ielen); |
| tmp_old = (tmp_old) ? tmp_old + tmp_old[1] + MIN_IE_LEN : ie; |
| |
| while (((tmp_old + tmp_old[1] + MIN_IE_LEN) - ie) <= ielen) { |
| ninh.non_inh_ie_found = 0; |
| if (ninh.non_inherit) { |
| if (ninh.list_len) { |
| ninh.non_inh_ie_found = |
| util_is_noninh_ie(tmp_old[0], |
| elem_list, |
| ninh.list_len); |
| } |
| |
| if (!ninh.non_inh_ie_found && |
| ninh.extn_len && |
| (tmp_old[0] == WLAN_ELEMID_EXTN_ELEM)) { |
| ninh.non_inh_ie_found = |
| util_is_noninh_ie(tmp_old[2], |
| extn_elem_list, |
| ninh.extn_len); |
| } |
| } |
| |
| if (ninh.non_inh_ie_found || (tmp_old[0] == 0)) { |
| tmp_old += tmp_old[1] + MIN_IE_LEN; |
| continue; |
| } |
| |
| tmp = (uint8_t *)util_scan_find_ie(tmp_old[0], sub_copy, |
| subie_len); |
| if (!tmp) { |
| /* ie in old ie but not in subelement */ |
| if (tmp_old[0] == WLAN_ELEMID_REDUCED_NEIGHBOR_REPORT) { |
| /* handle rnr ie for mbssid*/ |
| pos += |
| util_handle_rnr_ie_for_mbssid(tmp_old, |
| bssid_index, |
| pos); |
| } else if (tmp_old[0] != WLAN_ELEMID_MULTIPLE_BSSID) { |
| if ((pos + tmp_old[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp_old, |
| (tmp_old[1] + |
| MIN_IE_LEN)); |
| pos += tmp_old[1] + MIN_IE_LEN; |
| } |
| } |
| } else { |
| /* ie in transmitting ie also in subelement, |
| * copy from subelement and flag the ie in subelement |
| * as copied (by setting eid field to 0xff). |
| * To determine if the vendor ies are same: |
| * 1. For Cisco OUI, compare only OUI + type |
| * 2. For other OUI, compare OUI + type + subType |
| */ |
| tmp_rem_len = subie_len - (tmp - sub_copy); |
| if (tmp_old[0] == WLAN_ELEMID_VENDOR && |
| tmp_rem_len >= MIN_VENDOR_TAG_LEN) { |
| if (!qdf_mem_cmp(tmp_old + PAYLOAD_START_POS, |
| tmp + PAYLOAD_START_POS, |
| util_oui_header_len(tmp + |
| PAYLOAD_START_POS))) { |
| /* same vendor ie, copy from |
| * subelement |
| */ |
| if ((pos + tmp[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp, |
| tmp[1] + |
| MIN_IE_LEN); |
| pos += tmp[1] + MIN_IE_LEN; |
| tmp[0] = 0; |
| } |
| } else { |
| if ((pos + tmp_old[1] + |
| MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp_old, |
| tmp_old[1] + |
| MIN_IE_LEN); |
| pos += tmp_old[1] + |
| MIN_IE_LEN; |
| } |
| } |
| } else if (tmp_old[0] == WLAN_ELEMID_EXTN_ELEM) { |
| if (tmp_old[PAYLOAD_START_POS] == |
| tmp[PAYLOAD_START_POS]) { |
| /* same ie, copy from subelement */ |
| if ((pos + tmp[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp, |
| tmp[1] + |
| MIN_IE_LEN); |
| pos += tmp[1] + MIN_IE_LEN; |
| tmp[0] = 0; |
| } |
| } else { |
| if ((pos + tmp_old[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp_old, |
| tmp_old[1] + |
| MIN_IE_LEN); |
| pos += tmp_old[1] + |
| MIN_IE_LEN; |
| } |
| } |
| |
| } else { |
| /* copy ie from subelement into new ie */ |
| if ((pos + tmp[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp, |
| tmp[1] + MIN_IE_LEN); |
| pos += tmp[1] + MIN_IE_LEN; |
| tmp[0] = 0; |
| } |
| } |
| } |
| |
| if (((tmp_old + tmp_old[1] + MIN_IE_LEN) - ie) >= ielen) |
| break; |
| |
| tmp_old += tmp_old[1] + MIN_IE_LEN; |
| } |
| |
| /* go through subelement again to check if there is any ie not |
| * copied to new ie, skip ssid, capability, bssid-index ie |
| */ |
| tmp_new = sub_copy; |
| while (((tmp_new + tmp_new[1] + MIN_IE_LEN) - sub_copy) <= |
| (subie_len - 1)) { |
| if (!(tmp_new[0] == WLAN_ELEMID_NONTX_BSSID_CAP || |
| tmp_new[0] == WLAN_ELEMID_SSID || |
| tmp_new[0] == WLAN_ELEMID_MULTI_BSSID_IDX || |
| ((tmp_new[0] == WLAN_ELEMID_EXTN_ELEM) && |
| (tmp_new[2] == WLAN_EXTN_ELEMID_NONINHERITANCE)))) { |
| if ((pos + tmp_new[1] + MIN_IE_LEN) <= |
| (new_ie + ielen)) { |
| qdf_mem_copy(pos, tmp_new, |
| tmp_new[1] + MIN_IE_LEN); |
| pos += tmp_new[1] + MIN_IE_LEN; |
| } |
| } |
| if (((tmp_new + tmp_new[1] + MIN_IE_LEN) - sub_copy) >= |
| (subie_len - 1)) |
| break; |
| tmp_new += tmp_new[1] + MIN_IE_LEN; |
| } |
| |
| qdf_mem_free(sub_copy); |
| |
| if (pos > new_ie) |
| return pos - new_ie; |
| else |
| return 0; |
| } |
| |
| static enum nontx_profile_reasoncode |
| util_handle_nontx_prof(uint8_t *mbssid_elem, uint8_t *subelement, |
| uint8_t *next_subelement, |
| struct scan_mbssid_info *mbssid_info, |
| char *bssid, char *new_bssid) |
| { |
| uint8_t *mbssid_index_ie; |
| uint32_t prof_len; |
| |
| prof_len = subelement[TAG_LEN_POS]; |
| /* |
| * If we are executing the split portion of the nontx |
| * profile present in the subsequent MBSSID, then there |
| * is no need of any sanity check for valid BSS profile |
| */ |
| |
| if (mbssid_info->split_prof_continue) { |
| if ((subelement[ID_POS] != 0) || |
| (subelement[TAG_LEN_POS] < SPLIT_PROF_DATA_LEAST_LEN)) { |
| return INVALID_SPLIT_PROF; |
| } |
| } else { |
| if ((subelement[ID_POS] != 0) || |
| (subelement[TAG_LEN_POS] < VALID_ELEM_LEAST_LEN)) { |
| /* not a valid BSS profile */ |
| return INVALID_NONTX_PROF; |
| } |
| } |
| |
| if (mbssid_info->split_profile) { |
| if (next_subelement[PAYLOAD_START_POS] != |
| WLAN_ELEMID_NONTX_BSSID_CAP) { |
| mbssid_info->prof_residue = true; |
| } |
| } |
| |
| if (!mbssid_info->split_prof_continue && |
| ((subelement[PAYLOAD_START_POS] != WLAN_ELEMID_NONTX_BSSID_CAP) || |
| (subelement[NONTX_BSSID_CAP_TAG_LEN_POS] != CAP_INFO_LEN))) { |
| /* The first element within the Nontransmitted |
| * BSSID Profile is not the Nontransmitted |
| * BSSID Capability element. |
| */ |
| return INVALID_NONTX_PROF; |
| } |
| |
| /* found a Nontransmitted BSSID Profile */ |
| mbssid_index_ie = |
| util_scan_find_ie(WLAN_ELEMID_MULTI_BSSID_IDX, |
| (subelement + PAYLOAD_START_POS), prof_len); |
| |
| if (!mbssid_index_ie) { |
| if (!mbssid_info->prof_residue) |
| return INVALID_NONTX_PROF; |
| |
| mbssid_info->skip_bssid_copy = true; |
| } else if ((mbssid_index_ie[TAG_LEN_POS] < 1) || |
| (mbssid_index_ie[BSS_INDEX_POS] == 0)) { |
| /* No valid Multiple BSSID-Index element */ |
| return INVALID_NONTX_PROF; |
| } |
| |
| if (!mbssid_info->skip_bssid_copy) { |
| qdf_mem_copy(mbssid_info->trans_bssid, |
| bssid, QDF_MAC_ADDR_SIZE); |
| mbssid_info->profile_num = |
| mbssid_index_ie[BSS_INDEX_POS]; |
| util_gen_new_bssid(bssid, |
| mbssid_elem[MBSSID_INDICATOR_POS], |
| mbssid_index_ie[BSS_INDEX_POS], |
| new_bssid); |
| } |
| /* In single MBSS IE, there could be subelement holding |
| * remaining vendor IEs of non tx profile from last MBSS IE |
| * [split profile] and new non tx profile, hence reset |
| * skip_bssid_copy flag after each subelement processing |
| */ |
| mbssid_info->skip_bssid_copy = false; |
| return VALID_NONTX_PROF; |
| } |
| |
| /* |
| * What's split profile: |
| * If any nontransmitted BSSID profile is fragmented across |
| * multiple MBSSID elements, then it is called split profile. |
| * For a split profile to exist we need to have at least two |
| * MBSSID elements as part of the RX beacon or probe response |
| * Hence, first we need to identify the next MBSSID element |
| * and check for the 5th bit from the starting of the next |
| * MBSSID IE and if it does not have Nontransmitted BSSID |
| * capability element, then it's a split profile case. |
| */ |
| static bool util_scan_is_split_prof_found(uint8_t *next_elem, |
| uint8_t *ie, uint32_t ielen) |
| { |
| uint8_t *next_mbssid_elem; |
| |
| if (next_elem[0] == WLAN_ELEMID_MULTIPLE_BSSID) { |
| if ((next_elem[TAG_LEN_POS] >= VALID_ELEM_LEAST_LEN) && |
| (next_elem[SUBELEM_DATA_POS_FROM_MBSSID] != |
| WLAN_ELEMID_NONTX_BSSID_CAP)) { |
| return true; |
| } |
| } else { |
| next_mbssid_elem = |
| util_scan_find_ie(WLAN_ELEMID_MULTIPLE_BSSID, |
| next_elem, |
| ielen - (next_elem - ie)); |
| if (!next_mbssid_elem) |
| return false; |
| |
| if ((next_mbssid_elem[TAG_LEN_POS] >= VALID_ELEM_LEAST_LEN) && |
| (next_mbssid_elem[SUBELEM_DATA_POS_FROM_MBSSID] != |
| WLAN_ELEMID_NONTX_BSSID_CAP)) { |
| return true; |
| } |
| } |
| |
| return false; |
| } |
| |
| static QDF_STATUS util_scan_parse_mbssid(struct wlan_objmgr_pdev *pdev, |
| uint8_t *frame, qdf_size_t frame_len, |
| uint32_t frm_subtype, |
| struct mgmt_rx_event_params *rx_param, |
| qdf_list_t *scan_list) |
| { |
| struct wlan_bcn_frame *bcn; |
| struct wlan_frame_hdr *hdr; |
| struct scan_mbssid_info mbssid_info = {0}; |
| QDF_STATUS status; |
| uint8_t *pos, *subelement, *next_elem; |
| uint8_t *mbssid_elem; |
| uint32_t subie_len, new_ie_len, ielen; |
| uint8_t *next_subelement = NULL; |
| uint8_t new_bssid[QDF_MAC_ADDR_SIZE], bssid[QDF_MAC_ADDR_SIZE]; |
| uint8_t *new_ie, *split_prof_start = NULL, *split_prof_end = NULL; |
| uint8_t *ie, *new_frame = NULL; |
| int new_frame_len = 0, split_prof_len = 0; |
| enum nontx_profile_reasoncode retval; |
| uint8_t *nontx_profile = NULL; |
| |
| hdr = (struct wlan_frame_hdr *)frame; |
| bcn = (struct wlan_bcn_frame *)(frame + sizeof(struct wlan_frame_hdr)); |
| ie = (uint8_t *)&bcn->ie; |
| ielen = (uint16_t)(frame_len - |
| sizeof(struct wlan_frame_hdr) - |
| offsetof(struct wlan_bcn_frame, ie)); |
| qdf_mem_copy(bssid, hdr->i_addr3, QDF_MAC_ADDR_SIZE); |
| |
| if (!util_scan_find_ie(WLAN_ELEMID_MULTIPLE_BSSID, ie, ielen)) |
| return QDF_STATUS_E_FAILURE; |
| |
| pos = ie; |
| |
| new_ie = qdf_mem_malloc(ielen); |
| if (!new_ie) |
| return QDF_STATUS_E_NOMEM; |
| |
| while (pos < (ie + ielen + MIN_IE_LEN)) { |
| mbssid_elem = |
| util_scan_find_ie(WLAN_ELEMID_MULTIPLE_BSSID, pos, |
| ielen - (pos - ie)); |
| if (!mbssid_elem) |
| break; |
| |
| mbssid_info.profile_count = |
| (1 << mbssid_elem[MBSSID_INDICATOR_POS]); |
| |
| next_elem = |
| mbssid_elem + mbssid_elem[TAG_LEN_POS] + MIN_IE_LEN; |
| |
| /* Skip Element ID, Len, MaxBSSID Indicator */ |
| if (!mbssid_info.split_profile && |
| (mbssid_elem[TAG_LEN_POS] < VALID_ELEM_LEAST_LEN)) { |
| break; |
| } |
| |
| /* |
| * Find if the next IE is MBSSID, if not, then scan through |
| * the IE list and find the next MBSSID tag, if present. |
| * Once we find the MBSSID tag, check if this MBSSID tag has |
| * the other fragmented part of the non Tx profile. |
| */ |
| |
| mbssid_info.split_profile = |
| util_scan_is_split_prof_found(next_elem, ie, ielen); |
| |
| for (subelement = mbssid_elem + SUBELEMENT_START_POS; |
| subelement < (next_elem - 1); |
| subelement += MIN_IE_LEN + subelement[TAG_LEN_POS]) { |
| subie_len = subelement[TAG_LEN_POS]; |
| |
| /* |
| * if prof_residue is true, that means we are |
| * in the continuation of the fragmented profile part, |
| * present in the next MBSSD IE else this profile |
| * is a non fragmented non tx BSSID profile. |
| */ |
| |
| if (mbssid_info.prof_residue) |
| mbssid_info.split_prof_continue = true; |
| else |
| mbssid_info.split_prof_continue = false; |
| |
| if (subie_len > MAX_SUBELEM_LEN) { |
| scm_err_rl("Corrupt frame with subie_len: %d\n" |
| "split_prof_continue: %d\n" |
| "prof_residue: %d\n", |
| subie_len, |
| mbssid_info.split_prof_continue, |
| mbssid_info.prof_residue); |
| if (mbssid_info.split_prof_continue) { |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| } |
| |
| qdf_mem_free(new_ie); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| if ((next_elem - subelement) < |
| (MIN_IE_LEN + subie_len)) |
| break; |
| |
| next_subelement = subelement + subie_len + MIN_IE_LEN; |
| retval = util_handle_nontx_prof(mbssid_elem, subelement, |
| next_subelement, |
| &mbssid_info, |
| bssid, new_bssid); |
| |
| if (retval == INVALID_SPLIT_PROF) { |
| scm_err_rl("Corrupt frame with ID_POS: %d\n" |
| "TAG_LEN_POS: %d\n", |
| subelement[ID_POS], |
| subelement[TAG_LEN_POS]); |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| qdf_mem_free(new_ie); |
| return QDF_STATUS_E_INVAL; |
| } else if (retval == INVALID_NONTX_PROF) { |
| continue; |
| } |
| |
| /* |
| * Merging parts of nontx profile- |
| * Just for understanding, let's make an assumption |
| * that nontx profile is fragmented across MBSSIE1 |
| * and MBSSIE2. |
| * mbssid_info.prof_residue being set indicates |
| * that the ongoing nontx profile is part of split |
| * profile, whose other fragmented part is present |
| * in MBSSIE2. |
| * So once prof_residue is set, we need to |
| * identify whether we are accessing the split |
| * profile in MBSSIE1 or MBSSIE2. |
| * If we are in MBSSIE1, then copy the part of split |
| * profile from MBSSIE1 into a new buffer and then |
| * move to the next part of the split profile which |
| * is present in MBSSIE2 and append that part into |
| * the new buffer. |
| * Once the full profile is accumulated, go ahead with |
| * the ie generation and length calculation of the |
| * new frame. |
| */ |
| |
| if (mbssid_info.prof_residue) { |
| if (!mbssid_info.split_prof_continue) { |
| split_prof_start = |
| qdf_mem_malloc(ielen); |
| if (!split_prof_start) { |
| scm_err_rl("Malloc failed"); |
| qdf_mem_free(new_ie); |
| return QDF_STATUS_E_NOMEM; |
| } |
| |
| qdf_mem_copy(split_prof_start, |
| subelement, |
| (subie_len + |
| MIN_IE_LEN)); |
| split_prof_end = (split_prof_start + |
| subie_len + |
| MIN_IE_LEN); |
| break; |
| } |
| |
| /* |
| * Currently we are accessing other part of the |
| * split profile present in the subsequent |
| * MBSSIE. There is a possibility that one |
| * non tx profile is spread across more than |
| * two MBSSID tag as well. This code will |
| * handle such scenario. |
| */ |
| |
| qdf_mem_copy(split_prof_end, |
| (subelement + MIN_IE_LEN), |
| subie_len); |
| split_prof_end = |
| (split_prof_end + subie_len); |
| |
| /* |
| * When to stop the process of accumulating |
| * parts of split profile, is decided by |
| * mbssid_info.prof_residue. prof_residue |
| * could be made false if there is not any |
| * continuation of the split profile. |
| * which could be identified by two factors |
| * 1. By checking if the next MBSSIE's first |
| * non tx profile is not a fragmented one or |
| * 2. there is a probability that first |
| * subelement of MBSSIE2 is end if split |
| * profile and the next subelement of MBSSIE2 |
| * is a non split one. |
| */ |
| |
| if (!mbssid_info.split_profile || |
| (next_subelement[PAYLOAD_START_POS] == |
| WLAN_ELEMID_NONTX_BSSID_CAP)) { |
| mbssid_info.prof_residue = false; |
| } |
| |
| /* |
| * Until above mentioned conditions are met, |
| * we need to iterate and keep accumulating |
| * the split profile contents. |
| */ |
| |
| if (mbssid_info.prof_residue) |
| break; |
| |
| split_prof_len = |
| (split_prof_end - |
| split_prof_start - MIN_IE_LEN); |
| } |
| |
| if (mbssid_info.split_prof_continue) { |
| nontx_profile = split_prof_start; |
| subie_len = split_prof_len; |
| } else { |
| nontx_profile = subelement; |
| } |
| |
| new_ie_len = |
| util_gen_new_ie(ie, ielen, |
| (nontx_profile + |
| PAYLOAD_START_POS), |
| subie_len, new_ie, |
| mbssid_info.profile_num); |
| |
| if (!new_ie_len) { |
| if (mbssid_info.split_prof_continue) { |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| split_prof_end = NULL; |
| } |
| continue; |
| } |
| |
| new_frame_len = frame_len - ielen + new_ie_len; |
| |
| if (new_frame_len < 0) { |
| if (mbssid_info.split_prof_continue) { |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| } |
| qdf_mem_free(new_ie); |
| scm_err("Invalid frame:Stop MBSSIE parsing"); |
| scm_err("Frame_len: %zu,ielen:%u,new_ie_len:%u", |
| frame_len, ielen, new_ie_len); |
| return QDF_STATUS_E_INVAL; |
| } |
| |
| new_frame = qdf_mem_malloc(new_frame_len); |
| if (!new_frame) { |
| if (mbssid_info.split_prof_continue) { |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| } |
| qdf_mem_free(new_ie); |
| scm_err_rl("Malloc for new_frame failed"); |
| scm_err_rl("split_prof_continue: %d", |
| mbssid_info.split_prof_continue); |
| return QDF_STATUS_E_NOMEM; |
| } |
| |
| /* |
| * Copy the header(24byte), timestamp(8 byte), |
| * beaconinterval(2byte) and capability(2byte) |
| */ |
| qdf_mem_copy(new_frame, frame, FIXED_LENGTH); |
| /* Copy the new ie generated from MBSSID profile*/ |
| hdr = (struct wlan_frame_hdr *)new_frame; |
| qdf_mem_copy(hdr->i_addr2, new_bssid, |
| QDF_MAC_ADDR_SIZE); |
| qdf_mem_copy(hdr->i_addr3, new_bssid, |
| QDF_MAC_ADDR_SIZE); |
| bcn = (struct wlan_bcn_frame *) |
| (new_frame + sizeof(struct wlan_frame_hdr)); |
| /* update the non-tx capability */ |
| qdf_mem_copy(&bcn->capability, |
| nontx_profile + CAP_INFO_POS, |
| CAP_INFO_LEN); |
| |
| /* Copy the new ie generated from MBSSID profile*/ |
| qdf_mem_copy(new_frame + |
| offsetof(struct wlan_bcn_frame, ie) + |
| sizeof(struct wlan_frame_hdr), |
| new_ie, new_ie_len); |
| status = util_scan_gen_scan_entry(pdev, new_frame, |
| new_frame_len, |
| frm_subtype, |
| rx_param, |
| &mbssid_info, |
| scan_list); |
| if (QDF_IS_STATUS_ERROR(status)) { |
| if (mbssid_info.split_prof_continue) { |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| split_prof_end = NULL; |
| qdf_mem_zero(&mbssid_info, |
| sizeof(mbssid_info)); |
| } |
| qdf_mem_free(new_frame); |
| scm_err_rl("failed to generate a scan entry"); |
| scm_err_rl("split_prof_continue: %d", |
| mbssid_info.split_prof_continue); |
| break; |
| } |
| /* scan entry makes its own copy so free the frame*/ |
| if (mbssid_info.split_prof_continue) { |
| qdf_mem_free(split_prof_start); |
| split_prof_start = NULL; |
| split_prof_end = NULL; |
| } |
| qdf_mem_free(new_frame); |
| } |
|