Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / common / 98c8fccfaea838e62ffde2f2e44568844e0e5472 / . / net / mac80211 / scan.c
blob: 2848ba3a08e327fc481fb73bbb0e36f0b38b6963 [file] [log] [blame]
Johannes Berg0a51b272008-09-08 17:44:25 +0200[diff] [blame]1/*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14#include <linux/wireless.h>
15#include <linux/if_arp.h>
16#include <net/mac80211.h>
17#include <net/iw_handler.h>
18
19#include "ieee80211_i.h"
20
21#define IEEE80211_PROBE_DELAY (HZ / 33)
22#define IEEE80211_CHANNEL_TIME (HZ / 33)
23#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
24
25
Johannes Berg98c8fcc2008-09-08 17:44:26 +0200[diff] [blame^]26ieee80211_rx_result
27ieee80211_sta_rx_scan(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
28 struct ieee80211_rx_status *rx_status)
29{
30 struct ieee80211_mgmt *mgmt;
31 struct ieee80211_sta_bss *bss;
32 u8 *elements;
33 struct ieee80211_channel *channel;
34 size_t baselen;
35 int freq;
36 __le16 fc;
37 bool presp, beacon = false;
38 struct ieee802_11_elems elems;
39
40 if (skb->len < 2)
41 return RX_DROP_UNUSABLE;
42
43 mgmt = (struct ieee80211_mgmt *) skb->data;
44 fc = mgmt->frame_control;
45
46 if (ieee80211_is_ctl(fc))
47 return RX_CONTINUE;
48
49 if (skb->len < 24)
50 return RX_DROP_MONITOR;
51
52 presp = ieee80211_is_probe_resp(fc);
53 if (presp) {
54 /* ignore ProbeResp to foreign address */
55 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
56 return RX_DROP_MONITOR;
57
58 presp = true;
59 elements = mgmt->u.probe_resp.variable;
60 baselen = offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
61 } else {
62 beacon = ieee80211_is_beacon(fc);
63 baselen = offsetof(struct ieee80211_mgmt, u.beacon.variable);
64 elements = mgmt->u.beacon.variable;
65 }
66
67 if (!presp && !beacon)
68 return RX_CONTINUE;
69
70 if (baselen > skb->len)
71 return RX_DROP_MONITOR;
72
73 ieee802_11_parse_elems(elements, skb->len - baselen, &elems);
74
75 if (elems.ds_params && elems.ds_params_len == 1)
76 freq = ieee80211_channel_to_frequency(elems.ds_params[0]);
77 else
78 freq = rx_status->freq;
79
80 channel = ieee80211_get_channel(sdata->local->hw.wiphy, freq);
81
82 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
83 return RX_DROP_MONITOR;
84
85 bss = ieee80211_bss_info_update(sdata->local, rx_status,
86 mgmt, skb->len, &elems,
87 freq, beacon);
88 ieee80211_rx_bss_put(sdata->local, bss);
89
90 dev_kfree_skb(skb);
91 return RX_QUEUED;
92}
93
Johannes Berg0a51b272008-09-08 17:44:25 +0200[diff] [blame]94static void ieee80211_send_nullfunc(struct ieee80211_local *local,
95 struct ieee80211_sub_if_data *sdata,
96 int powersave)
97{
98 struct sk_buff *skb;
99 struct ieee80211_hdr *nullfunc;
100 __le16 fc;
101
102 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
103 if (!skb) {
104 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
105 "frame\n", sdata->dev->name);
106 return;
107 }
108 skb_reserve(skb, local->hw.extra_tx_headroom);
109
110 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
111 memset(nullfunc, 0, 24);
112 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
113 IEEE80211_FCTL_TODS);
114 if (powersave)
115 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
116 nullfunc->frame_control = fc;
117 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
118 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
119 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
120
121 ieee80211_sta_tx(sdata, skb, 0);
122}
123
124static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
125{
126 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
127 ieee80211_vif_is_mesh(&sdata->vif))
128 ieee80211_sta_timer((unsigned long)sdata);
129}
130
131void ieee80211_scan_completed(struct ieee80211_hw *hw)
132{
133 struct ieee80211_local *local = hw_to_local(hw);
134 struct ieee80211_sub_if_data *sdata;
135 union iwreq_data wrqu;
136
137 local->last_scan_completed = jiffies;
138 memset(&wrqu, 0, sizeof(wrqu));
139 wireless_send_event(local->scan_sdata->dev, SIOCGIWSCAN, &wrqu, NULL);
140
141 if (local->sta_hw_scanning) {
142 local->sta_hw_scanning = 0;
143 if (ieee80211_hw_config(local))
144 printk(KERN_DEBUG "%s: failed to restore operational "
145 "channel after scan\n", wiphy_name(local->hw.wiphy));
146 /* Restart STA timer for HW scan case */
147 rcu_read_lock();
148 list_for_each_entry_rcu(sdata, &local->interfaces, list)
149 ieee80211_restart_sta_timer(sdata);
150 rcu_read_unlock();
151
152 goto done;
153 }
154
155 local->sta_sw_scanning = 0;
156 if (ieee80211_hw_config(local))
157 printk(KERN_DEBUG "%s: failed to restore operational "
158 "channel after scan\n", wiphy_name(local->hw.wiphy));
159
160
161 netif_tx_lock_bh(local->mdev);
162 netif_addr_lock(local->mdev);
163 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
164 local->ops->configure_filter(local_to_hw(local),
165 FIF_BCN_PRBRESP_PROMISC,
166 &local->filter_flags,
167 local->mdev->mc_count,
168 local->mdev->mc_list);
169
170 netif_addr_unlock(local->mdev);
171 netif_tx_unlock_bh(local->mdev);
172
173 rcu_read_lock();
174 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
175 /* Tell AP we're back */
176 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
177 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) {
178 ieee80211_send_nullfunc(local, sdata, 0);
179 netif_tx_wake_all_queues(sdata->dev);
180 }
181 } else
182 netif_tx_wake_all_queues(sdata->dev);
183
184 ieee80211_restart_sta_timer(sdata);
185 }
186 rcu_read_unlock();
187
188 done:
189 ieee80211_mlme_notify_scan_completed(local);
190}
191EXPORT_SYMBOL(ieee80211_scan_completed);
192
193
194void ieee80211_sta_scan_work(struct work_struct *work)
195{
196 struct ieee80211_local *local =
197 container_of(work, struct ieee80211_local, scan_work.work);
198 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
199 struct ieee80211_supported_band *sband;
200 struct ieee80211_channel *chan;
201 int skip;
202 unsigned long next_delay = 0;
203
204 if (!local->sta_sw_scanning)
205 return;
206
207 switch (local->scan_state) {
208 case SCAN_SET_CHANNEL:
209 /*
210 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
211 * after we successfully scanned the last channel of the last
212 * band (and the last band is supported by the hw)
213 */
214 if (local->scan_band < IEEE80211_NUM_BANDS)
215 sband = local->hw.wiphy->bands[local->scan_band];
216 else
217 sband = NULL;
218
219 /*
220 * If we are at an unsupported band and have more bands
221 * left to scan, advance to the next supported one.
222 */
223 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
224 local->scan_band++;
225 sband = local->hw.wiphy->bands[local->scan_band];
226 local->scan_channel_idx = 0;
227 }
228
229 /* if no more bands/channels left, complete scan */
230 if (!sband || local->scan_channel_idx >= sband->n_channels) {
231 ieee80211_scan_completed(local_to_hw(local));
232 return;
233 }
234 skip = 0;
235 chan = &sband->channels[local->scan_channel_idx];
236
237 if (chan->flags & IEEE80211_CHAN_DISABLED ||
238 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
239 chan->flags & IEEE80211_CHAN_NO_IBSS))
240 skip = 1;
241
242 if (!skip) {
243 local->scan_channel = chan;
244 if (ieee80211_hw_config(local)) {
245 printk(KERN_DEBUG "%s: failed to set freq to "
246 "%d MHz for scan\n", wiphy_name(local->hw.wiphy),
247 chan->center_freq);
248 skip = 1;
249 }
250 }
251
252 /* advance state machine to next channel/band */
253 local->scan_channel_idx++;
254 if (local->scan_channel_idx >= sband->n_channels) {
255 /*
256 * scan_band may end up == IEEE80211_NUM_BANDS, but
257 * we'll catch that case above and complete the scan
258 * if that is the case.
259 */
260 local->scan_band++;
261 local->scan_channel_idx = 0;
262 }
263
264 if (skip)
265 break;
266
267 next_delay = IEEE80211_PROBE_DELAY +
268 usecs_to_jiffies(local->hw.channel_change_time);
269 local->scan_state = SCAN_SEND_PROBE;
270 break;
271 case SCAN_SEND_PROBE:
272 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
273 local->scan_state = SCAN_SET_CHANNEL;
274
275 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN)
276 break;
277 ieee80211_send_probe_req(sdata, NULL, local->scan_ssid,
278 local->scan_ssid_len);
279 next_delay = IEEE80211_CHANNEL_TIME;
280 break;
281 }
282
283 if (local->sta_sw_scanning)
284 queue_delayed_work(local->hw.workqueue, &local->scan_work,
285 next_delay);
286}
287
288
289int ieee80211_sta_start_scan(struct ieee80211_sub_if_data *scan_sdata,
290 u8 *ssid, size_t ssid_len)
291{
292 struct ieee80211_local *local = scan_sdata->local;
293 struct ieee80211_sub_if_data *sdata;
294
295 if (ssid_len > IEEE80211_MAX_SSID_LEN)
296 return -EINVAL;
297
298 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
299 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
300 * BSSID: MACAddress
301 * SSID
302 * ScanType: ACTIVE, PASSIVE
303 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
304 * a Probe frame during active scanning
305 * ChannelList
306 * MinChannelTime (>= ProbeDelay), in TU
307 * MaxChannelTime: (>= MinChannelTime), in TU
308 */
309
310 /* MLME-SCAN.confirm
311 * BSSDescriptionSet
312 * ResultCode: SUCCESS, INVALID_PARAMETERS
313 */
314
315 if (local->sta_sw_scanning || local->sta_hw_scanning) {
316 if (local->scan_sdata == scan_sdata)
317 return 0;
318 return -EBUSY;
319 }
320
321 if (local->ops->hw_scan) {
322 int rc = local->ops->hw_scan(local_to_hw(local),
323 ssid, ssid_len);
324 if (!rc) {
325 local->sta_hw_scanning = 1;
326 local->scan_sdata = scan_sdata;
327 }
328 return rc;
329 }
330
331 local->sta_sw_scanning = 1;
332
333 rcu_read_lock();
334 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
335 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
336 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) {
337 netif_tx_stop_all_queues(sdata->dev);
338 ieee80211_send_nullfunc(local, sdata, 1);
339 }
340 } else
341 netif_tx_stop_all_queues(sdata->dev);
342 }
343 rcu_read_unlock();
344
345 if (ssid) {
346 local->scan_ssid_len = ssid_len;
347 memcpy(local->scan_ssid, ssid, ssid_len);
348 } else
349 local->scan_ssid_len = 0;
350 local->scan_state = SCAN_SET_CHANNEL;
351 local->scan_channel_idx = 0;
352 local->scan_band = IEEE80211_BAND_2GHZ;
353 local->scan_sdata = scan_sdata;
354
355 netif_addr_lock_bh(local->mdev);
356 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
357 local->ops->configure_filter(local_to_hw(local),
358 FIF_BCN_PRBRESP_PROMISC,
359 &local->filter_flags,
360 local->mdev->mc_count,
361 local->mdev->mc_list);
362 netif_addr_unlock_bh(local->mdev);
363
364 /* TODO: start scan as soon as all nullfunc frames are ACKed */
365 queue_delayed_work(local->hw.workqueue, &local->scan_work,
366 IEEE80211_CHANNEL_TIME);
367
368 return 0;
369}
370
371
372int ieee80211_sta_req_scan(struct ieee80211_sub_if_data *sdata, u8 *ssid, size_t ssid_len)
373{
374 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
375 struct ieee80211_local *local = sdata->local;
376
377 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
378 return ieee80211_sta_start_scan(sdata, ssid, ssid_len);
379
380 if (local->sta_sw_scanning || local->sta_hw_scanning) {
381 if (local->scan_sdata == sdata)
382 return 0;
383 return -EBUSY;
384 }
385
386 ifsta->scan_ssid_len = ssid_len;
387 if (ssid_len)
388 memcpy(ifsta->scan_ssid, ssid, ssid_len);
389 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
390 queue_work(local->hw.workqueue, &ifsta->work);
391 return 0;
392}
393
394
395static void ieee80211_sta_add_scan_ies(struct iw_request_info *info,
396 struct ieee80211_sta_bss *bss,
397 char **current_ev, char *end_buf)
398{
399 u8 *pos, *end, *next;
400 struct iw_event iwe;
401
402 if (bss == NULL || bss->ies == NULL)
403 return;
404
405 /*
406 * If needed, fragment the IEs buffer (at IE boundaries) into short
407 * enough fragments to fit into IW_GENERIC_IE_MAX octet messages.
408 */
409 pos = bss->ies;
410 end = pos + bss->ies_len;
411
412 while (end - pos > IW_GENERIC_IE_MAX) {
413 next = pos + 2 + pos[1];
414 while (next + 2 + next[1] - pos < IW_GENERIC_IE_MAX)
415 next = next + 2 + next[1];
416
417 memset(&iwe, 0, sizeof(iwe));
418 iwe.cmd = IWEVGENIE;
419 iwe.u.data.length = next - pos;
420 *current_ev = iwe_stream_add_point(info, *current_ev,
421 end_buf, &iwe, pos);
422
423 pos = next;
424 }
425
426 if (end > pos) {
427 memset(&iwe, 0, sizeof(iwe));
428 iwe.cmd = IWEVGENIE;
429 iwe.u.data.length = end - pos;
430 *current_ev = iwe_stream_add_point(info, *current_ev,
431 end_buf, &iwe, pos);
432 }
433}
434
435
436static char *
437ieee80211_sta_scan_result(struct ieee80211_local *local,
438 struct iw_request_info *info,
439 struct ieee80211_sta_bss *bss,
440 char *current_ev, char *end_buf)
441{
442 struct iw_event iwe;
443 char *buf;
444
445 if (time_after(jiffies,
446 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
447 return current_ev;
448
449 memset(&iwe, 0, sizeof(iwe));
450 iwe.cmd = SIOCGIWAP;
451 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
452 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
453 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
454 IW_EV_ADDR_LEN);
455
456 memset(&iwe, 0, sizeof(iwe));
457 iwe.cmd = SIOCGIWESSID;
458 if (bss_mesh_cfg(bss)) {
459 iwe.u.data.length = bss_mesh_id_len(bss);
460 iwe.u.data.flags = 1;
461 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
462 &iwe, bss_mesh_id(bss));
463 } else {
464 iwe.u.data.length = bss->ssid_len;
465 iwe.u.data.flags = 1;
466 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
467 &iwe, bss->ssid);
468 }
469
470 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
471 || bss_mesh_cfg(bss)) {
472 memset(&iwe, 0, sizeof(iwe));
473 iwe.cmd = SIOCGIWMODE;
474 if (bss_mesh_cfg(bss))
475 iwe.u.mode = IW_MODE_MESH;
476 else if (bss->capability & WLAN_CAPABILITY_ESS)
477 iwe.u.mode = IW_MODE_MASTER;
478 else
479 iwe.u.mode = IW_MODE_ADHOC;
480 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
481 &iwe, IW_EV_UINT_LEN);
482 }
483
484 memset(&iwe, 0, sizeof(iwe));
485 iwe.cmd = SIOCGIWFREQ;
486 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
487 iwe.u.freq.e = 0;
488 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
489 IW_EV_FREQ_LEN);
490
491 memset(&iwe, 0, sizeof(iwe));
492 iwe.cmd = SIOCGIWFREQ;
493 iwe.u.freq.m = bss->freq;
494 iwe.u.freq.e = 6;
495 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
496 IW_EV_FREQ_LEN);
497 memset(&iwe, 0, sizeof(iwe));
498 iwe.cmd = IWEVQUAL;
499 iwe.u.qual.qual = bss->qual;
500 iwe.u.qual.level = bss->signal;
501 iwe.u.qual.noise = bss->noise;
502 iwe.u.qual.updated = local->wstats_flags;
503 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
504 IW_EV_QUAL_LEN);
505
506 memset(&iwe, 0, sizeof(iwe));
507 iwe.cmd = SIOCGIWENCODE;
508 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
509 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
510 else
511 iwe.u.data.flags = IW_ENCODE_DISABLED;
512 iwe.u.data.length = 0;
513 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
514 &iwe, "");
515
516 ieee80211_sta_add_scan_ies(info, bss, &current_ev, end_buf);
517
518 if (bss->supp_rates_len > 0) {
519 /* display all supported rates in readable format */
520 char *p = current_ev + iwe_stream_lcp_len(info);
521 int i;
522
523 memset(&iwe, 0, sizeof(iwe));
524 iwe.cmd = SIOCGIWRATE;
525 /* Those two flags are ignored... */
526 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
527
528 for (i = 0; i < bss->supp_rates_len; i++) {
529 iwe.u.bitrate.value = ((bss->supp_rates[i] &
530 0x7f) * 500000);
531 p = iwe_stream_add_value(info, current_ev, p,
532 end_buf, &iwe, IW_EV_PARAM_LEN);
533 }
534 current_ev = p;
535 }
536
537 buf = kmalloc(30, GFP_ATOMIC);
538 if (buf) {
539 memset(&iwe, 0, sizeof(iwe));
540 iwe.cmd = IWEVCUSTOM;
541 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
542 iwe.u.data.length = strlen(buf);
543 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
544 &iwe, buf);
545 memset(&iwe, 0, sizeof(iwe));
546 iwe.cmd = IWEVCUSTOM;
547 sprintf(buf, " Last beacon: %dms ago",
548 jiffies_to_msecs(jiffies - bss->last_update));
549 iwe.u.data.length = strlen(buf);
550 current_ev = iwe_stream_add_point(info, current_ev,
551 end_buf, &iwe, buf);
552 kfree(buf);
553 }
554
555 if (bss_mesh_cfg(bss)) {
556 u8 *cfg = bss_mesh_cfg(bss);
557 buf = kmalloc(50, GFP_ATOMIC);
558 if (buf) {
559 memset(&iwe, 0, sizeof(iwe));
560 iwe.cmd = IWEVCUSTOM;
561 sprintf(buf, "Mesh network (version %d)", cfg[0]);
562 iwe.u.data.length = strlen(buf);
563 current_ev = iwe_stream_add_point(info, current_ev,
564 end_buf,
565 &iwe, buf);
566 sprintf(buf, "Path Selection Protocol ID: "
567 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
568 cfg[4]);
569 iwe.u.data.length = strlen(buf);
570 current_ev = iwe_stream_add_point(info, current_ev,
571 end_buf,
572 &iwe, buf);
573 sprintf(buf, "Path Selection Metric ID: "
574 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
575 cfg[8]);
576 iwe.u.data.length = strlen(buf);
577 current_ev = iwe_stream_add_point(info, current_ev,
578 end_buf,
579 &iwe, buf);
580 sprintf(buf, "Congestion Control Mode ID: "
581 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
582 cfg[11], cfg[12]);
583 iwe.u.data.length = strlen(buf);
584 current_ev = iwe_stream_add_point(info, current_ev,
585 end_buf,
586 &iwe, buf);
587 sprintf(buf, "Channel Precedence: "
588 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
589 cfg[15], cfg[16]);
590 iwe.u.data.length = strlen(buf);
591 current_ev = iwe_stream_add_point(info, current_ev,
592 end_buf,
593 &iwe, buf);
594 kfree(buf);
595 }
596 }
597
598 return current_ev;
599}
600
601
602int ieee80211_sta_scan_results(struct ieee80211_local *local,
603 struct iw_request_info *info,
604 char *buf, size_t len)
605{
606 char *current_ev = buf;
607 char *end_buf = buf + len;
608 struct ieee80211_sta_bss *bss;
609
610 spin_lock_bh(&local->sta_bss_lock);
611 list_for_each_entry(bss, &local->sta_bss_list, list) {
612 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
613 spin_unlock_bh(&local->sta_bss_lock);
614 return -E2BIG;
615 }
616 current_ev = ieee80211_sta_scan_result(local, info, bss,
617 current_ev, end_buf);
618 }
619 spin_unlock_bh(&local->sta_bss_lock);
620 return current_ev - buf;
621}