2
* Scanning implementation
4
* Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5
* Copyright 2004, Instant802 Networks, Inc.
6
* Copyright 2005, Devicescape Software, Inc.
7
* Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8
* Copyright 2007, Michael Wu <flamingice@sourmilk.net>
10
* This program is free software; you can redistribute it and/or modify
11
* it under the terms of the GNU General Public License version 2 as
12
* published by the Free Software Foundation.
15
#include <linux/if_arp.h>
16
#include <linux/etherdevice.h>
17
#include <linux/rtnetlink.h>
18
#include <linux/pm_qos.h>
19
#include <net/sch_generic.h>
20
#include <linux/slab.h>
21
#include <linux/export.h>
22
#include <net/mac80211.h>
24
#include "ieee80211_i.h"
25
#include "driver-ops.h"
28
#define IEEE80211_PROBE_DELAY (HZ / 33)
29
#define IEEE80211_CHANNEL_TIME (HZ / 33)
30
#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 8)
32
static void ieee80211_rx_bss_free(struct cfg80211_bss *cbss)
34
struct ieee80211_bss *bss = (void *)cbss->priv;
36
kfree(bss_mesh_id(bss));
37
kfree(bss_mesh_cfg(bss));
40
void ieee80211_rx_bss_put(struct ieee80211_local *local,
41
struct ieee80211_bss *bss)
45
cfg80211_put_bss(container_of((void *)bss, struct cfg80211_bss, priv));
48
static bool is_uapsd_supported(struct ieee802_11_elems *elems)
52
if (elems->wmm_info && elems->wmm_info_len == 7
53
&& elems->wmm_info[5] == 1)
54
qos_info = elems->wmm_info[6];
55
else if (elems->wmm_param && elems->wmm_param_len == 24
56
&& elems->wmm_param[5] == 1)
57
qos_info = elems->wmm_param[6];
59
/* no valid wmm information or parameter element found */
62
return qos_info & IEEE80211_WMM_IE_AP_QOSINFO_UAPSD;
65
struct ieee80211_bss *
66
ieee80211_bss_info_update(struct ieee80211_local *local,
67
struct ieee80211_rx_status *rx_status,
68
struct ieee80211_mgmt *mgmt,
70
struct ieee802_11_elems *elems,
71
struct ieee80211_channel *channel,
74
struct cfg80211_bss *cbss;
75
struct ieee80211_bss *bss;
79
if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
80
signal = rx_status->signal * 100;
81
else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
82
signal = (rx_status->signal * 100) / local->hw.max_signal;
84
cbss = cfg80211_inform_bss_frame(local->hw.wiphy, channel,
85
mgmt, len, signal, GFP_ATOMIC);
89
cbss->free_priv = ieee80211_rx_bss_free;
90
bss = (void *)cbss->priv;
92
bss->device_ts = rx_status->device_timestamp;
94
if (elems->parse_error) {
96
bss->corrupt_data |= IEEE80211_BSS_CORRUPT_BEACON;
98
bss->corrupt_data |= IEEE80211_BSS_CORRUPT_PROBE_RESP;
101
bss->corrupt_data &= ~IEEE80211_BSS_CORRUPT_BEACON;
103
bss->corrupt_data &= ~IEEE80211_BSS_CORRUPT_PROBE_RESP;
106
/* save the ERP value so that it is available at association time */
107
if (elems->erp_info && elems->erp_info_len >= 1 &&
108
(!elems->parse_error ||
109
!(bss->valid_data & IEEE80211_BSS_VALID_ERP))) {
110
bss->erp_value = elems->erp_info[0];
111
bss->has_erp_value = true;
112
if (!elems->parse_error)
113
bss->valid_data |= IEEE80211_BSS_VALID_ERP;
116
if (elems->tim && (!elems->parse_error ||
117
!(bss->valid_data & IEEE80211_BSS_VALID_DTIM))) {
118
struct ieee80211_tim_ie *tim_ie = elems->tim;
119
bss->dtim_period = tim_ie->dtim_period;
120
if (!elems->parse_error)
121
bss->valid_data |= IEEE80211_BSS_VALID_DTIM;
124
/* If the beacon had no TIM IE, or it was invalid, use 1 */
125
if (beacon && !bss->dtim_period)
126
bss->dtim_period = 1;
128
/* replace old supported rates if we get new values */
129
if (!elems->parse_error ||
130
!(bss->valid_data & IEEE80211_BSS_VALID_RATES)) {
132
if (elems->supp_rates) {
133
clen = IEEE80211_MAX_SUPP_RATES;
134
if (clen > elems->supp_rates_len)
135
clen = elems->supp_rates_len;
136
memcpy(bss->supp_rates, elems->supp_rates, clen);
139
if (elems->ext_supp_rates) {
140
clen = IEEE80211_MAX_SUPP_RATES - srlen;
141
if (clen > elems->ext_supp_rates_len)
142
clen = elems->ext_supp_rates_len;
143
memcpy(bss->supp_rates + srlen, elems->ext_supp_rates,
148
bss->supp_rates_len = srlen;
149
if (!elems->parse_error)
150
bss->valid_data |= IEEE80211_BSS_VALID_RATES;
154
if (!elems->parse_error ||
155
!(bss->valid_data & IEEE80211_BSS_VALID_WMM)) {
156
bss->wmm_used = elems->wmm_param || elems->wmm_info;
157
bss->uapsd_supported = is_uapsd_supported(elems);
158
if (!elems->parse_error)
159
bss->valid_data |= IEEE80211_BSS_VALID_WMM;
163
bss->last_probe_resp = jiffies;
168
void ieee80211_scan_rx(struct ieee80211_local *local, struct sk_buff *skb)
170
struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
171
struct ieee80211_sub_if_data *sdata1, *sdata2;
172
struct ieee80211_mgmt *mgmt = (void *)skb->data;
173
struct ieee80211_bss *bss;
175
struct ieee80211_channel *channel;
179
struct ieee802_11_elems elems;
182
(!ieee80211_is_probe_resp(mgmt->frame_control) &&
183
!ieee80211_is_beacon(mgmt->frame_control)))
186
sdata1 = rcu_dereference(local->scan_sdata);
187
sdata2 = rcu_dereference(local->sched_scan_sdata);
189
if (likely(!sdata1 && !sdata2))
192
if (ieee80211_is_probe_resp(mgmt->frame_control)) {
193
/* ignore ProbeResp to foreign address */
194
if ((!sdata1 || !ether_addr_equal(mgmt->da, sdata1->vif.addr)) &&
195
(!sdata2 || !ether_addr_equal(mgmt->da, sdata2->vif.addr)))
198
elements = mgmt->u.probe_resp.variable;
199
baselen = offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
202
baselen = offsetof(struct ieee80211_mgmt, u.beacon.variable);
203
elements = mgmt->u.beacon.variable;
207
if (baselen > skb->len)
210
ieee802_11_parse_elems(elements, skb->len - baselen, &elems);
212
if (elems.ds_params && elems.ds_params_len == 1)
213
freq = ieee80211_channel_to_frequency(elems.ds_params[0],
216
freq = rx_status->freq;
218
channel = ieee80211_get_channel(local->hw.wiphy, freq);
220
if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
223
bss = ieee80211_bss_info_update(local, rx_status,
224
mgmt, skb->len, &elems,
227
ieee80211_rx_bss_put(local, bss);
230
/* return false if no more work */
231
static bool ieee80211_prep_hw_scan(struct ieee80211_local *local)
233
struct cfg80211_scan_request *req = local->scan_req;
234
enum ieee80211_band band;
235
int i, ielen, n_chans;
238
if (local->hw_scan_band == IEEE80211_NUM_BANDS)
241
band = local->hw_scan_band;
243
for (i = 0; i < req->n_channels; i++) {
244
if (req->channels[i]->band == band) {
245
local->hw_scan_req->channels[n_chans] =
251
local->hw_scan_band++;
254
local->hw_scan_req->n_channels = n_chans;
256
ielen = ieee80211_build_preq_ies(local, (u8 *)local->hw_scan_req->ie,
257
req->ie, req->ie_len, band,
258
req->rates[band], 0);
259
local->hw_scan_req->ie_len = ielen;
260
local->hw_scan_req->no_cck = req->no_cck;
265
static void __ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted,
268
struct ieee80211_local *local = hw_to_local(hw);
270
lockdep_assert_held(&local->mtx);
273
* It's ok to abort a not-yet-running scan (that
274
* we have one at all will be verified by checking
275
* local->scan_req next), but not to complete it
278
if (WARN_ON(!local->scanning && !aborted))
281
if (WARN_ON(!local->scan_req))
284
if (was_hw_scan && !aborted && ieee80211_prep_hw_scan(local)) {
287
rc = drv_hw_scan(local,
288
rcu_dereference_protected(local->scan_sdata,
289
lockdep_is_held(&local->mtx)),
296
kfree(local->hw_scan_req);
297
local->hw_scan_req = NULL;
299
if (local->scan_req != local->int_scan_req)
300
cfg80211_scan_done(local->scan_req, aborted);
301
local->scan_req = NULL;
302
rcu_assign_pointer(local->scan_sdata, NULL);
305
local->scan_channel = NULL;
307
/* Set power back to normal operating levels. */
308
ieee80211_hw_config(local, 0);
311
ieee80211_configure_filter(local);
312
drv_sw_scan_complete(local);
313
ieee80211_offchannel_return(local, true);
316
ieee80211_recalc_idle(local);
318
ieee80211_mlme_notify_scan_completed(local);
319
ieee80211_ibss_notify_scan_completed(local);
320
ieee80211_mesh_notify_scan_completed(local);
321
ieee80211_start_next_roc(local);
324
void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
326
struct ieee80211_local *local = hw_to_local(hw);
328
trace_api_scan_completed(local, aborted);
330
set_bit(SCAN_COMPLETED, &local->scanning);
332
set_bit(SCAN_ABORTED, &local->scanning);
333
ieee80211_queue_delayed_work(&local->hw, &local->scan_work, 0);
335
EXPORT_SYMBOL(ieee80211_scan_completed);
337
static int ieee80211_start_sw_scan(struct ieee80211_local *local)
340
* Hardware/driver doesn't support hw_scan, so use software
341
* scanning instead. First send a nullfunc frame with power save
342
* bit on so that AP will buffer the frames for us while we are not
343
* listening, then send probe requests to each channel and wait for
344
* the responses. After all channels are scanned, tune back to the
345
* original channel and send a nullfunc frame with power save bit
346
* off to trigger the AP to send us all the buffered frames.
348
* Note that while local->sw_scanning is true everything else but
349
* nullfunc frames and probe requests will be dropped in
350
* ieee80211_tx_h_check_assoc().
352
drv_sw_scan_start(local);
354
local->leave_oper_channel_time = jiffies;
355
local->next_scan_state = SCAN_DECISION;
356
local->scan_channel_idx = 0;
358
ieee80211_offchannel_stop_vifs(local, true);
360
ieee80211_configure_filter(local);
362
/* We need to set power level at maximum rate for scanning. */
363
ieee80211_hw_config(local, 0);
365
ieee80211_queue_delayed_work(&local->hw,
366
&local->scan_work, 0);
371
static bool ieee80211_can_scan(struct ieee80211_local *local,
372
struct ieee80211_sub_if_data *sdata)
374
if (!list_empty(&local->roc_list))
377
if (sdata->vif.type == NL80211_IFTYPE_STATION &&
378
sdata->u.mgd.flags & (IEEE80211_STA_BEACON_POLL |
379
IEEE80211_STA_CONNECTION_POLL))
385
void ieee80211_run_deferred_scan(struct ieee80211_local *local)
387
lockdep_assert_held(&local->mtx);
389
if (!local->scan_req || local->scanning)
392
if (!ieee80211_can_scan(local,
393
rcu_dereference_protected(
395
lockdep_is_held(&local->mtx))))
398
ieee80211_queue_delayed_work(&local->hw, &local->scan_work,
399
round_jiffies_relative(0));
402
static void ieee80211_scan_state_send_probe(struct ieee80211_local *local,
403
unsigned long *next_delay)
406
struct ieee80211_sub_if_data *sdata;
407
enum ieee80211_band band = local->hw.conf.channel->band;
409
sdata = rcu_dereference_protected(local->scan_sdata,
410
lockdep_is_held(&local->mtx));;
412
for (i = 0; i < local->scan_req->n_ssids; i++)
413
ieee80211_send_probe_req(
415
local->scan_req->ssids[i].ssid,
416
local->scan_req->ssids[i].ssid_len,
417
local->scan_req->ie, local->scan_req->ie_len,
418
local->scan_req->rates[band], false,
419
local->scan_req->no_cck);
422
* After sending probe requests, wait for probe responses
425
*next_delay = IEEE80211_CHANNEL_TIME;
426
local->next_scan_state = SCAN_DECISION;
429
static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
430
struct cfg80211_scan_request *req)
432
struct ieee80211_local *local = sdata->local;
435
lockdep_assert_held(&local->mtx);
440
if (!ieee80211_can_scan(local, sdata)) {
441
/* wait for the work to finish/time out */
442
local->scan_req = req;
443
rcu_assign_pointer(local->scan_sdata, sdata);
447
if (local->ops->hw_scan) {
450
local->hw_scan_req = kmalloc(
451
sizeof(*local->hw_scan_req) +
452
req->n_channels * sizeof(req->channels[0]) +
453
2 + IEEE80211_MAX_SSID_LEN + local->scan_ies_len +
454
req->ie_len, GFP_KERNEL);
455
if (!local->hw_scan_req)
458
local->hw_scan_req->ssids = req->ssids;
459
local->hw_scan_req->n_ssids = req->n_ssids;
460
ies = (u8 *)local->hw_scan_req +
461
sizeof(*local->hw_scan_req) +
462
req->n_channels * sizeof(req->channels[0]);
463
local->hw_scan_req->ie = ies;
465
local->hw_scan_band = 0;
468
* After allocating local->hw_scan_req, we must
469
* go through until ieee80211_prep_hw_scan(), so
470
* anything that might be changed here and leave
471
* this function early must not go after this
476
local->scan_req = req;
477
rcu_assign_pointer(local->scan_sdata, sdata);
479
if (local->ops->hw_scan) {
480
__set_bit(SCAN_HW_SCANNING, &local->scanning);
481
} else if ((req->n_channels == 1) &&
482
(req->channels[0]->center_freq ==
483
local->hw.conf.channel->center_freq)) {
485
/* If we are scanning only on the current channel, then
486
* we do not need to stop normal activities
488
unsigned long next_delay;
490
__set_bit(SCAN_ONCHANNEL_SCANNING, &local->scanning);
492
ieee80211_recalc_idle(local);
494
/* Notify driver scan is starting, keep order of operations
495
* same as normal software scan, in case that matters. */
496
drv_sw_scan_start(local);
498
ieee80211_configure_filter(local); /* accept probe-responses */
500
/* We need to ensure power level is at max for scanning. */
501
ieee80211_hw_config(local, 0);
503
if ((req->channels[0]->flags &
504
IEEE80211_CHAN_PASSIVE_SCAN) ||
505
!local->scan_req->n_ssids) {
506
next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
508
ieee80211_scan_state_send_probe(local, &next_delay);
509
next_delay = IEEE80211_CHANNEL_TIME;
512
/* Now, just wait a bit and we are all done! */
513
ieee80211_queue_delayed_work(&local->hw, &local->scan_work,
517
/* Do normal software scan */
518
__set_bit(SCAN_SW_SCANNING, &local->scanning);
521
ieee80211_recalc_idle(local);
523
if (local->ops->hw_scan) {
524
WARN_ON(!ieee80211_prep_hw_scan(local));
525
rc = drv_hw_scan(local, sdata, local->hw_scan_req);
527
rc = ieee80211_start_sw_scan(local);
530
kfree(local->hw_scan_req);
531
local->hw_scan_req = NULL;
534
ieee80211_recalc_idle(local);
536
local->scan_req = NULL;
537
rcu_assign_pointer(local->scan_sdata, NULL);
544
ieee80211_scan_get_channel_time(struct ieee80211_channel *chan)
547
* TODO: channel switching also consumes quite some time,
548
* add that delay as well to get a better estimation
550
if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
551
return IEEE80211_PASSIVE_CHANNEL_TIME;
552
return IEEE80211_PROBE_DELAY + IEEE80211_CHANNEL_TIME;
555
static void ieee80211_scan_state_decision(struct ieee80211_local *local,
556
unsigned long *next_delay)
558
bool associated = false;
559
bool tx_empty = true;
561
bool listen_int_exceeded;
562
unsigned long min_beacon_int = 0;
563
struct ieee80211_sub_if_data *sdata;
564
struct ieee80211_channel *next_chan;
567
* check if at least one STA interface is associated,
568
* check if at least one STA interface has pending tx frames
569
* and grab the lowest used beacon interval
571
mutex_lock(&local->iflist_mtx);
572
list_for_each_entry(sdata, &local->interfaces, list) {
573
if (!ieee80211_sdata_running(sdata))
576
if (sdata->vif.type == NL80211_IFTYPE_STATION) {
577
if (sdata->u.mgd.associated) {
580
if (sdata->vif.bss_conf.beacon_int <
581
min_beacon_int || min_beacon_int == 0)
583
sdata->vif.bss_conf.beacon_int;
585
if (!qdisc_all_tx_empty(sdata->dev)) {
592
mutex_unlock(&local->iflist_mtx);
594
next_chan = local->scan_req->channels[local->scan_channel_idx];
597
* we're currently scanning a different channel, let's
598
* see if we can scan another channel without interfering
599
* with the current traffic situation.
601
* Since we don't know if the AP has pending frames for us
602
* we can only check for our tx queues and use the current
603
* pm_qos requirements for rx. Hence, if no tx traffic occurs
604
* at all we will scan as many channels in a row as the pm_qos
605
* latency allows us to. Additionally we also check for the
606
* currently negotiated listen interval to prevent losing
607
* frames unnecessarily.
609
* Otherwise switch back to the operating channel.
612
bad_latency = time_after(jiffies +
613
ieee80211_scan_get_channel_time(next_chan),
614
local->leave_oper_channel_time +
615
usecs_to_jiffies(pm_qos_request(PM_QOS_NETWORK_LATENCY)));
617
listen_int_exceeded = time_after(jiffies +
618
ieee80211_scan_get_channel_time(next_chan),
619
local->leave_oper_channel_time +
620
usecs_to_jiffies(min_beacon_int * 1024) *
621
local->hw.conf.listen_interval);
623
if (associated && (!tx_empty || bad_latency || listen_int_exceeded))
624
local->next_scan_state = SCAN_SUSPEND;
626
local->next_scan_state = SCAN_SET_CHANNEL;
631
static void ieee80211_scan_state_set_channel(struct ieee80211_local *local,
632
unsigned long *next_delay)
635
struct ieee80211_channel *chan;
638
chan = local->scan_req->channels[local->scan_channel_idx];
640
local->scan_channel = chan;
642
if (ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL))
645
/* advance state machine to next channel/band */
646
local->scan_channel_idx++;
649
/* if we skip this channel return to the decision state */
650
local->next_scan_state = SCAN_DECISION;
655
* Probe delay is used to update the NAV, cf. 11.1.3.2.2
656
* (which unfortunately doesn't say _why_ step a) is done,
657
* but it waits for the probe delay or until a frame is
658
* received - and the received frame would update the NAV).
659
* For now, we do not support waiting until a frame is
662
* In any case, it is not necessary for a passive scan.
664
if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
665
!local->scan_req->n_ssids) {
666
*next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
667
local->next_scan_state = SCAN_DECISION;
671
/* active scan, send probes */
672
*next_delay = IEEE80211_PROBE_DELAY;
673
local->next_scan_state = SCAN_SEND_PROBE;
676
static void ieee80211_scan_state_suspend(struct ieee80211_local *local,
677
unsigned long *next_delay)
679
/* switch back to the operating channel */
680
local->scan_channel = NULL;
681
ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
684
* Re-enable vifs and beaconing. Leave PS
685
* in off-channel state..will put that back
686
* on-channel at the end of scanning.
688
ieee80211_offchannel_return(local, false);
690
*next_delay = HZ / 5;
691
/* afterwards, resume scan & go to next channel */
692
local->next_scan_state = SCAN_RESUME;
695
static void ieee80211_scan_state_resume(struct ieee80211_local *local,
696
unsigned long *next_delay)
698
/* PS already is in off-channel mode */
699
ieee80211_offchannel_stop_vifs(local, false);
701
if (local->ops->flush) {
702
drv_flush(local, false);
705
*next_delay = HZ / 10;
707
/* remember when we left the operating channel */
708
local->leave_oper_channel_time = jiffies;
710
/* advance to the next channel to be scanned */
711
local->next_scan_state = SCAN_SET_CHANNEL;
714
void ieee80211_scan_work(struct work_struct *work)
716
struct ieee80211_local *local =
717
container_of(work, struct ieee80211_local, scan_work.work);
718
struct ieee80211_sub_if_data *sdata;
719
unsigned long next_delay = 0;
720
bool aborted, hw_scan;
722
mutex_lock(&local->mtx);
724
sdata = rcu_dereference_protected(local->scan_sdata,
725
lockdep_is_held(&local->mtx));
727
/* When scanning on-channel, the first-callback means completed. */
728
if (test_bit(SCAN_ONCHANNEL_SCANNING, &local->scanning)) {
729
aborted = test_and_clear_bit(SCAN_ABORTED, &local->scanning);
733
if (test_and_clear_bit(SCAN_COMPLETED, &local->scanning)) {
734
aborted = test_and_clear_bit(SCAN_ABORTED, &local->scanning);
738
if (!sdata || !local->scan_req)
741
if (local->scan_req && !local->scanning) {
742
struct cfg80211_scan_request *req = local->scan_req;
745
local->scan_req = NULL;
746
rcu_assign_pointer(local->scan_sdata, NULL);
748
rc = __ieee80211_start_scan(sdata, req);
750
/* need to complete scan in cfg80211 */
751
local->scan_req = req;
759
* Avoid re-scheduling when the sdata is going away.
761
if (!ieee80211_sdata_running(sdata)) {
767
* as long as no delay is required advance immediately
768
* without scheduling a new work
771
if (!ieee80211_sdata_running(sdata)) {
776
switch (local->next_scan_state) {
778
/* if no more bands/channels left, complete scan */
779
if (local->scan_channel_idx >= local->scan_req->n_channels) {
783
ieee80211_scan_state_decision(local, &next_delay);
785
case SCAN_SET_CHANNEL:
786
ieee80211_scan_state_set_channel(local, &next_delay);
788
case SCAN_SEND_PROBE:
789
ieee80211_scan_state_send_probe(local, &next_delay);
792
ieee80211_scan_state_suspend(local, &next_delay);
795
ieee80211_scan_state_resume(local, &next_delay);
798
} while (next_delay == 0);
800
ieee80211_queue_delayed_work(&local->hw, &local->scan_work, next_delay);
804
hw_scan = test_bit(SCAN_HW_SCANNING, &local->scanning);
805
__ieee80211_scan_completed(&local->hw, aborted, hw_scan);
807
mutex_unlock(&local->mtx);
810
int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
811
struct cfg80211_scan_request *req)
815
mutex_lock(&sdata->local->mtx);
816
res = __ieee80211_start_scan(sdata, req);
817
mutex_unlock(&sdata->local->mtx);
822
int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
823
const u8 *ssid, u8 ssid_len,
824
struct ieee80211_channel *chan)
826
struct ieee80211_local *local = sdata->local;
828
enum ieee80211_band band;
830
mutex_lock(&local->mtx);
836
/* fill internal scan request */
840
for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
841
if (!local->hw.wiphy->bands[band])
844
i < local->hw.wiphy->bands[band]->n_channels;
846
local->int_scan_req->channels[nchan] =
847
&local->hw.wiphy->bands[band]->channels[i];
852
local->int_scan_req->n_channels = nchan;
854
local->int_scan_req->channels[0] = chan;
855
local->int_scan_req->n_channels = 1;
858
local->int_scan_req->ssids = &local->scan_ssid;
859
local->int_scan_req->n_ssids = 1;
860
memcpy(local->int_scan_req->ssids[0].ssid, ssid, IEEE80211_MAX_SSID_LEN);
861
local->int_scan_req->ssids[0].ssid_len = ssid_len;
863
ret = __ieee80211_start_scan(sdata, sdata->local->int_scan_req);
865
mutex_unlock(&local->mtx);
870
* Only call this function when a scan can't be queued -- under RTNL.
872
void ieee80211_scan_cancel(struct ieee80211_local *local)
875
* We are canceling software scan, or deferred scan that was not
876
* yet really started (see __ieee80211_start_scan ).
878
* Regarding hardware scan:
879
* - we can not call __ieee80211_scan_completed() as when
880
* SCAN_HW_SCANNING bit is set this function change
881
* local->hw_scan_req to operate on 5G band, what race with
882
* driver which can use local->hw_scan_req
884
* - we can not cancel scan_work since driver can schedule it
885
* by ieee80211_scan_completed(..., true) to finish scan
887
* Hence we only call the cancel_hw_scan() callback, but the low-level
888
* driver is still responsible for calling ieee80211_scan_completed()
889
* after the scan was completed/aborted.
892
mutex_lock(&local->mtx);
893
if (!local->scan_req)
896
if (test_bit(SCAN_HW_SCANNING, &local->scanning)) {
897
if (local->ops->cancel_hw_scan)
898
drv_cancel_hw_scan(local,
899
rcu_dereference_protected(local->scan_sdata,
900
lockdep_is_held(&local->mtx)));
905
* If the work is currently running, it must be blocked on
906
* the mutex, but we'll set scan_sdata = NULL and it'll
907
* simply exit once it acquires the mutex.
909
cancel_delayed_work(&local->scan_work);
911
__ieee80211_scan_completed(&local->hw, true, false);
913
mutex_unlock(&local->mtx);
916
int ieee80211_request_sched_scan_start(struct ieee80211_sub_if_data *sdata,
917
struct cfg80211_sched_scan_request *req)
919
struct ieee80211_local *local = sdata->local;
922
mutex_lock(&local->mtx);
924
if (rcu_access_pointer(local->sched_scan_sdata)) {
929
if (!local->ops->sched_scan_start) {
934
for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
935
if (!local->hw.wiphy->bands[i])
938
local->sched_scan_ies.ie[i] = kzalloc(2 +
939
IEEE80211_MAX_SSID_LEN +
940
local->scan_ies_len +
943
if (!local->sched_scan_ies.ie[i]) {
948
local->sched_scan_ies.len[i] =
949
ieee80211_build_preq_ies(local,
950
local->sched_scan_ies.ie[i],
951
req->ie, req->ie_len, i,
955
ret = drv_sched_scan_start(local, sdata, req,
956
&local->sched_scan_ies);
958
rcu_assign_pointer(local->sched_scan_sdata, sdata);
964
kfree(local->sched_scan_ies.ie[--i]);
966
mutex_unlock(&local->mtx);
970
int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata)
972
struct ieee80211_local *local = sdata->local;
975
mutex_lock(&local->mtx);
977
if (!local->ops->sched_scan_stop) {
982
if (rcu_access_pointer(local->sched_scan_sdata)) {
983
for (i = 0; i < IEEE80211_NUM_BANDS; i++)
984
kfree(local->sched_scan_ies.ie[i]);
986
drv_sched_scan_stop(local, sdata);
989
mutex_unlock(&local->mtx);
994
void ieee80211_sched_scan_results(struct ieee80211_hw *hw)
996
struct ieee80211_local *local = hw_to_local(hw);
998
trace_api_sched_scan_results(local);
1000
cfg80211_sched_scan_results(hw->wiphy);
1002
EXPORT_SYMBOL(ieee80211_sched_scan_results);
1004
void ieee80211_sched_scan_stopped_work(struct work_struct *work)
1006
struct ieee80211_local *local =
1007
container_of(work, struct ieee80211_local,
1008
sched_scan_stopped_work);
1011
mutex_lock(&local->mtx);
1013
if (!rcu_access_pointer(local->sched_scan_sdata)) {
1014
mutex_unlock(&local->mtx);
1018
for (i = 0; i < IEEE80211_NUM_BANDS; i++)
1019
kfree(local->sched_scan_ies.ie[i]);
1021
rcu_assign_pointer(local->sched_scan_sdata, NULL);
1023
mutex_unlock(&local->mtx);
1025
cfg80211_sched_scan_stopped(local->hw.wiphy);
1028
void ieee80211_sched_scan_stopped(struct ieee80211_hw *hw)
1030
struct ieee80211_local *local = hw_to_local(hw);
1032
trace_api_sched_scan_stopped(local);
1034
ieee80211_queue_work(&local->hw, &local->sched_scan_stopped_work);
1036
EXPORT_SYMBOL(ieee80211_sched_scan_stopped);
added
removed
updates/cw-3.6/net/mac80211/scan.c
