[PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

[PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

[Aarthi Thiruvengadam]

When the device is in P2P GO mode and in listen state, the correct behavior is
to see two different probe response frames - one from P2P device and the other
from GO. wpa_supplicant uses the same mechanism to send the frame in both cases
(ath6kl_mgmt_tx). For GO probe response, ath6kl needs to call
ath6kl_send_go_probe_resp (this will add only WSC/P2P IEs and the rest of the
IEs are filled in by the firmware). That was done based on the nw_type ==
AP_NETWORK which would work if P2P Device role were in a separate netdev. When
P2P Device and GO use the same netdev, ath6kl needs to use the special GO probe
response case only if SSID is longer than P2P wildcard SSID.

Signed-off-by: Aarthi Thiruvengadam <athiruve@qca.qualcomm.com>
Reviewed-by: Jouni Malinen <jouni@qca.qualcomm.com>

---
 drivers/net/wireless/ath/ath6kl/cfg80211.c |   23 +++++++++++++++++++----
 drivers/net/wireless/ath/ath6kl/core.h     |    2 ++
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/drivers/net/wireless/ath/ath6kl/cfg80211.c b/drivers/net/wireless/ath/ath6kl/cfg80211.c
index 37908e6..37aa5db 100644
--- a/drivers/net/wireless/ath/ath6kl/cfg80211.c
+++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c
@@ -2750,6 +2750,21 @@ static bool ath6kl_mgmt_powersave_ap(struct ath6kl_vif *vif,
 	return false;
 }
 
+/* Check if SSID length is greater than DIRECT- */
+static bool ath6kl_is_p2p_go_ssid(const u8 *buf, size_t len)
+{
+	const struct ieee80211_mgmt *mgmt;
+	mgmt = (const struct ieee80211_mgmt *) buf;
+
+	/* variable[1] contains the SSID tag length */
+	if (buf + len >= &mgmt->u.probe_resp.variable[1] &&
+	    (mgmt->u.probe_resp.variable[1] > P2P_WILDCARD_SSID_LEN)) {
+		return true;
+	}
+
+	return false;
+}
+
 static int ath6kl_mgmt_tx(struct wiphy *wiphy, struct net_device *dev,
 			  struct ieee80211_channel *chan, bool offchan,
 			  enum nl80211_channel_type channel_type,
@@ -2764,11 +2779,11 @@ static int ath6kl_mgmt_tx(struct wiphy *wiphy, struct net_device *dev,
 	bool more_data, queued;
 
 	mgmt = (const struct ieee80211_mgmt *) buf;
-	if (buf + len >= mgmt->u.probe_resp.variable &&
-	    vif->nw_type == AP_NETWORK && test_bit(CONNECTED, &vif->flags) &&
-	    ieee80211_is_probe_resp(mgmt->frame_control)) {
+	if (vif->nw_type == AP_NETWORK && test_bit(CONNECTED, &vif->flags) &&
+	    ieee80211_is_probe_resp(mgmt->frame_control) &&
+	    ath6kl_is_p2p_go_ssid(buf, len)) {
 		/*
-		 * Send Probe Response frame in AP mode using a separate WMI
+		 * Send Probe Response frame in GO mode using a separate WMI
 		 * command to allow the target to fill in the generic IEs.
 		 */
 		*cookie = 0; /* TX status not supported */
diff --git a/drivers/net/wireless/ath/ath6kl/core.h b/drivers/net/wireless/ath/ath6kl/core.h
index f1dd890..17697eb 100644
--- a/drivers/net/wireless/ath/ath6kl/core.h
+++ b/drivers/net/wireless/ath/ath6kl/core.h
@@ -205,6 +205,8 @@ struct ath6kl_fw_ie {
 #define ATH6KL_CONF_ENABLE_TX_BURST		BIT(3)
 #define ATH6KL_CONF_UART_DEBUG			BIT(4)
 
+#define P2P_WILDCARD_SSID_LEN			7 /* DIRECT- */
+
 enum wlan_low_pwr_state {
 	WLAN_POWER_STATE_ON,
 	WLAN_POWER_STATE_CUT_PWR,
-- 
1.7.0.4

Re: [PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

[Kalle Valo]

On 03/15/2012 11:34 PM, Aarthi Thiruvengadam wrote:
> When the device is in P2P GO mode and in listen state, the correct behavior is
> to see two different probe response frames - one from P2P device and the other
> from GO. wpa_supplicant uses the same mechanism to send the frame in both cases
> (ath6kl_mgmt_tx). For GO probe response, ath6kl needs to call
> ath6kl_send_go_probe_resp (this will add only WSC/P2P IEs and the rest of the
> IEs are filled in by the firmware). That was done based on the nw_type ==
> AP_NETWORK which would work if P2P Device role were in a separate netdev. When
> P2P Device and GO use the same netdev, ath6kl needs to use the special GO probe
> response case only if SSID is longer than P2P wildcard SSID.
> 
> Signed-off-by: Aarthi Thiruvengadam <athiruve@qca.qualcomm.com>
> Reviewed-by: Jouni Malinen <jouni@qca.qualcomm.com>

Thanks, applied.

But I still have one question:

> +/* Check if SSID length is greater than DIRECT- */
> +static bool ath6kl_is_p2p_go_ssid(const u8 *buf, size_t len)
> +{
> +	const struct ieee80211_mgmt *mgmt;
> +	mgmt = (const struct ieee80211_mgmt *) buf;
> +
> +	/* variable[1] contains the SSID tag length */
> +	if (buf + len >= &mgmt->u.probe_resp.variable[1] &&
> +	    (mgmt->u.probe_resp.variable[1] > P2P_WILDCARD_SSID_LEN)) {
> +		return true;

How do you know that it's SSID without checking the IE id from
variable[0]? Is that guaranteed or something?

Kalle

Re: [PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

[Malinen, Jouni]

On 3/20/12 1:39 AM, "Kalle Valo" <kvalo@qca.qualcomm.com> wrote:

>On 03/15/2012 11:34 PM, Aarthi Thiruvengadam wrote:
>>+/* Check if SSID length is greater than DIRECT- */
>> +static bool ath6kl_is_p2p_go_ssid(const u8 *buf, size_t len)
>> +{
>> +	const struct ieee80211_mgmt *mgmt;
>> +	mgmt = (const struct ieee80211_mgmt *) buf;
>> +
>> +	/* variable[1] contains the SSID tag length */

>How do you know that it's SSID without checking the IE id from
>variable[0]? Is that guaranteed or something?

The information elements in Probe Response frames (and other management
frames for that matter) are in a fixed order, so the SSID element is
always in this location.

- Jouni

RE: [PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

[Thiruvengadam, Aarthi]

Kalle,

According to the standard (section 7.2.3.9), SSID always follows the capability information in a probe response frame. So I think we should be ok as long as we check the buffer length.

Thanks,
Aarthi

-----Original Message-----
From: Valo, Kalle 
Sent: Tuesday, March 20, 2012 1:40 AM
To: Thiruvengadam, Aarthi
Cc: ath6kl-devel; linux-wireless@vger.kernel.org
Subject: Re: [PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

On 03/15/2012 11:34 PM, Aarthi Thiruvengadam wrote:
> When the device is in P2P GO mode and in listen state, the correct 
> behavior is to see two different probe response frames - one from P2P 
> device and the other from GO. wpa_supplicant uses the same mechanism 
> to send the frame in both cases (ath6kl_mgmt_tx). For GO probe 
> response, ath6kl needs to call ath6kl_send_go_probe_resp (this will 
> add only WSC/P2P IEs and the rest of the IEs are filled in by the 
> firmware). That was done based on the nw_type == AP_NETWORK which 
> would work if P2P Device role were in a separate netdev. When P2P 
> Device and GO use the same netdev, ath6kl needs to use the special GO probe response case only if SSID is longer than P2P wildcard SSID.
> 
> Signed-off-by: Aarthi Thiruvengadam <athiruve@qca.qualcomm.com>
> Reviewed-by: Jouni Malinen <jouni@qca.qualcomm.com>

Thanks, applied.

But I still have one question:

> +/* Check if SSID length is greater than DIRECT- */ static bool 
> +ath6kl_is_p2p_go_ssid(const u8 *buf, size_t len) {
> +	const struct ieee80211_mgmt *mgmt;
> +	mgmt = (const struct ieee80211_mgmt *) buf;
> +
> +	/* variable[1] contains the SSID tag length */
> +	if (buf + len >= &mgmt->u.probe_resp.variable[1] &&
> +	    (mgmt->u.probe_resp.variable[1] > P2P_WILDCARD_SSID_LEN)) {
> +		return true;

How do you know that it's SSID without checking the IE id from variable[0]? Is that guaranteed or something?

Kalle

Re: [PATCH v2] ath6kl: handle probe response from P2P device in P2P GO mode

[Kalle Valo]

On 03/20/2012 05:54 PM, Thiruvengadam, Aarthi wrote:

> According to the standard (section 7.2.3.9), SSID always follows the
> capability information in a probe response frame. So I think we
> should be ok as long as we check the buffer length.

Ok, thanks for the confirmation.

Kalle