git://git.onelab.eu / linux-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fedora core 6 1.2949 + vserver 2.2.0
[linux-2.6.git] / drivers / net / wireless / prism54 / isl_ioctl.c
diff --git a/drivers/net/wireless/prism54/isl_ioctl.c b/drivers/net/wireless/prism54/isl_ioctl.c
index 7924b36..a5396c1 100644 (file)
--- a/drivers/net/wireless/prism54/isl_ioctl.c
+++ b/drivers/net/wireless/prism54/isl_ioctl.c
@@ -1,5 +1,4 @@
 /*
- *  
  *  Copyright (C) 2002 Intersil Americas Inc.
  *            (C) 2003,2004 Aurelien Alleaume <slts@free.fr>
  *            (C) 2003 Herbert Valerio Riedel <hvr@gnu.org>
@@ -20,7 +19,6 @@
  *
  */
 
-#include <linux/version.h>
 #include <linux/module.h>
 #include <linux/kernel.h>
 #include <linux/if_arp.h>
@@ -36,50 +34,34 @@
 
 #include <net/iw_handler.h>    /* New driver API */
 
-static int init_mode = CARD_DEFAULT_IW_MODE;
-static int init_channel = CARD_DEFAULT_CHANNEL;
-static int init_wep = CARD_DEFAULT_WEP;
-static int init_filter = CARD_DEFAULT_FILTER;
-static int init_authen = CARD_DEFAULT_AUTHEN;
-static int init_dot1x = CARD_DEFAULT_DOT1X;
-static int init_conformance = CARD_DEFAULT_CONFORMANCE;
-static int init_mlme = CARD_DEFAULT_MLME_MODE;
+#define KEY_SIZE_WEP104 13     /* 104/128-bit WEP keys */
+#define KEY_SIZE_WEP40  5      /* 40/64-bit WEP keys */
+/* KEY_SIZE_TKIP should match isl_oid.h, struct obj_key.key[] size */
+#define KEY_SIZE_TKIP   32     /* TKIP keys */
 
-module_param(init_mode, int, 0);
-MODULE_PARM_DESC(init_mode,
-                "Set card mode:\n0: Auto\n1: Ad-Hoc\n2: Managed Client (Default)\n3: Master / Access Point\n4: Repeater (Not supported yet)\n5: Secondary (Not supported yet)\n6: Monitor");
+static void prism54_wpa_bss_ie_add(islpci_private *priv, u8 *bssid,
+                               u8 *wpa_ie, size_t wpa_ie_len);
+static size_t prism54_wpa_bss_ie_get(islpci_private *priv, u8 *bssid, u8 *wpa_ie);
+static int prism54_set_wpa(struct net_device *, struct iw_request_info *,
+                               __u32 *, char *);
 
-module_param(init_channel, int, 0);
-MODULE_PARM_DESC(init_channel,
-                "Check `iwpriv ethx channel` for available channels");
-
-module_param(init_wep, int, 0);
-module_param(init_filter, int, 0);
-
-module_param(init_authen, int, 0);
-MODULE_PARM_DESC(init_authen,
-                "Authentication method. Can be of seven types:\n0 0x0000: None\n1 0x0001: DOT11_AUTH_OS (Default)\n2 0x0002: DOT11_AUTH_SK\n3 0x0003: DOT11_AUTH_BOTH");
-
-module_param(init_dot1x, int, 0);
-MODULE_PARM_DESC(init_dot1x,
-                "\n0: None/not set     (Default)\n1: DOT11_DOT1X_AUTHENABLED\n2: DOT11_DOT1X_KEYTXENABLED");
-
-module_param(init_mlme, int, 0);
-MODULE_PARM_DESC(init_mlme,
-                "Sets the MAC layer management entity (MLME) mode of operation,\n0: DOT11_MLME_AUTO (Default)\n1: DOT11_MLME_INTERMEDIATE\n2: DOT11_MLME_EXTENDED");
+/* In 500 kbps */
+static const unsigned char scan_rate_list[] = { 2, 4, 11, 22,
+                                               12, 18, 24, 36,
+                                               48, 72, 96, 108 };
 
 /**
  * prism54_mib_mode_helper - MIB change mode helper function
  * @mib: the &struct islpci_mib object to modify
  * @iw_mode: new mode (%IW_MODE_*)
- * 
+ *
  *  This is a helper function, hence it does not lock. Make sure
- *  caller deals with locking *if* necessary. This function sets the 
- *  mode-dependent mib values and does the mapping of the Linux 
- *  Wireless API modes to Device firmware modes. It also checks for 
- *  correct valid Linux wireless modes. 
+ *  caller deals with locking *if* necessary. This function sets the
+ *  mode-dependent mib values and does the mapping of the Linux
+ *  Wireless API modes to Device firmware modes. It also checks for
+ *  correct valid Linux wireless modes.
  */
-int
+static int
 prism54_mib_mode_helper(islpci_private *priv, u32 iw_mode)
 {
        u32 config = INL_CONFIG_MANUALRUN;
@@ -135,50 +117,49 @@ prism54_mib_mode_helper(islpci_private *priv, u32 iw_mode)
  *
  *  this function initializes the struct given as @mib with defaults,
  *  of which many are retrieved from the global module parameter
- *  variables.  
+ *  variables.
  */
 
 void
 prism54_mib_init(islpci_private *priv)
 {
-       u32 t;
+       u32 channel, authen, wep, filter, dot1x, mlme, conformance, power, mode;
        struct obj_buffer psm_buffer = {
                .size = PSM_BUFFER_SIZE,
                .addr = priv->device_psm_buffer
        };
 
-       mgt_set(priv, DOT11_OID_CHANNEL, &init_channel);
-       mgt_set(priv, DOT11_OID_AUTHENABLE, &init_authen);
-       mgt_set(priv, DOT11_OID_PRIVACYINVOKED, &init_wep);
-
+       channel = CARD_DEFAULT_CHANNEL;
+       authen = CARD_DEFAULT_AUTHEN;
+       wep = CARD_DEFAULT_WEP;
+       filter = CARD_DEFAULT_FILTER; /* (0) Do not filter un-encrypted data */
+       dot1x = CARD_DEFAULT_DOT1X;
+       mlme = CARD_DEFAULT_MLME_MODE;
+       conformance = CARD_DEFAULT_CONFORMANCE;
+       power = 127;
+       mode = CARD_DEFAULT_IW_MODE;
+
+       mgt_set(priv, DOT11_OID_CHANNEL, &channel);
+       mgt_set(priv, DOT11_OID_AUTHENABLE, &authen);
+       mgt_set(priv, DOT11_OID_PRIVACYINVOKED, &wep);
        mgt_set(priv, DOT11_OID_PSMBUFFER, &psm_buffer);
-       mgt_set(priv, DOT11_OID_EXUNENCRYPTED, &init_filter);
-       mgt_set(priv, DOT11_OID_DOT1XENABLE, &init_dot1x);
-       mgt_set(priv, DOT11_OID_MLMEAUTOLEVEL, &init_mlme);
-       mgt_set(priv, OID_INL_DOT11D_CONFORMANCE, &init_conformance);
-
-       t = 127;
-       mgt_set(priv, OID_INL_OUTPUTPOWER, &t);
-
-       /* Important: we are setting a default wireless mode and we are 
-        * forcing a valid one, so prism54_mib_mode_helper should just set
-        * mib values depending on what the wireless mode given is. No need
-        * for it save old values */
-       if (init_mode > IW_MODE_MONITOR || init_mode < IW_MODE_AUTO) {
-               printk(KERN_DEBUG "%s(): You passed a non-valid init_mode. "
-                      "Using default mode\n", __FUNCTION__);
-               init_mode = CARD_DEFAULT_IW_MODE;
-       }
+       mgt_set(priv, DOT11_OID_EXUNENCRYPTED, &filter);
+       mgt_set(priv, DOT11_OID_DOT1XENABLE, &dot1x);
+       mgt_set(priv, DOT11_OID_MLMEAUTOLEVEL, &mlme);
+       mgt_set(priv, OID_INL_DOT11D_CONFORMANCE, &conformance);
+       mgt_set(priv, OID_INL_OUTPUTPOWER, &power);
+
        /* This sets all of the mode-dependent values */
-       prism54_mib_mode_helper(priv, init_mode);
+       prism54_mib_mode_helper(priv, mode);
 }
 
 /* this will be executed outside of atomic context thanks to
  * schedule_work(), thus we can as well use sleeping semaphore
  * locking */
 void
-prism54_update_stats(islpci_private *priv)
+prism54_update_stats(struct work_struct *work)
 {
+       islpci_private *priv = container_of(work, islpci_private, stats_work);
        char *data;
        int j;
        struct obj_bss bss, *bss2;
@@ -247,7 +228,7 @@ prism54_get_wireless_stats(struct net_device *ndev)
        } else
                priv->iwstatistics.qual.updated = 0;
 
-       /* Update our wireless stats, but do not schedule to often 
+       /* Update our wireless stats, but do not schedule to often
         * (max 1 HZ) */
        if ((priv->stats_timestamp == 0) ||
            time_after(jiffies, priv->stats_timestamp + 1 * HZ)) {
@@ -334,9 +315,10 @@ prism54_get_freq(struct net_device *ndev, struct iw_request_info *info,
        int rvalue;
 
        rvalue = mgt_get_request(priv, DOT11_OID_CHANNEL, 0, NULL, &r);
-
+       fwrq->i = r.u;
+       rvalue |= mgt_get_request(priv, DOT11_OID_FREQUENCY, 0, NULL, &r);
        fwrq->m = r.u;
-       fwrq->e = 0;
+       fwrq->e = 3;
 
        return rvalue;
 }
@@ -373,7 +355,10 @@ prism54_set_mode(struct net_device *ndev, struct iw_request_info *info,
 
        mgt_set(priv, DOT11_OID_MLMEAUTOLEVEL, &mlmeautolevel);
 
-       mgt_commit(priv);
+       if (mgt_commit(priv)) {
+               up_write(&priv->mib_sem);
+               return -EIO;
+       }
        priv->ndev->type = (priv->iw_mode == IW_MODE_MONITOR)
            ? priv->monitor_type : ARPHRD_ETHER;
        up_write(&priv->mib_sem);
@@ -484,6 +469,16 @@ prism54_get_range(struct net_device *ndev, struct iw_request_info *info,
        /* txpower is supported in dBm's */
        range->txpower_capa = IW_TXPOW_DBM;
 
+       /* Event capability (kernel + driver) */
+       range->event_capa[0] = (IW_EVENT_CAPA_K_0 |
+       IW_EVENT_CAPA_MASK(SIOCGIWTHRSPY) |
+       IW_EVENT_CAPA_MASK(SIOCGIWAP));
+       range->event_capa[1] = IW_EVENT_CAPA_K_1;
+       range->event_capa[4] = IW_EVENT_CAPA_MASK(IWEVCUSTOM);
+
+       range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
+               IW_ENC_CAPA_CIPHER_TKIP;
+
        if (islpci_get_state(priv) < PRV_STATE_INIT)
                return 0;
 
@@ -583,6 +578,8 @@ prism54_translate_bss(struct net_device *ndev, char *current_ev,
        struct iw_event iwe;    /* Temporary buffer */
        short cap;
        islpci_private *priv = netdev_priv(ndev);
+       u8 wpa_ie[MAX_WPA_IE_LEN];
+       size_t wpa_ie_len;
 
        /* The first entry must be the MAC address */
        memcpy(iwe.u.ap_addr.sa_data, bss->address, 6);
@@ -628,8 +625,8 @@ prism54_translate_bss(struct net_device *ndev, char *current_ev,
        current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, NULL);
 
        /* Add frequency. (short) bss->channel is the frequency in MHz */
-       iwe.u.freq.m = channel_of_freq(bss->channel);
-       iwe.u.freq.e = 0;
+       iwe.u.freq.m = bss->channel;
+       iwe.u.freq.e = 6;
        iwe.cmd = SIOCGIWFREQ;
        current_ev =
            iwe_stream_add_event(current_ev, end_buf, &iwe, IW_EV_FREQ_LEN);
@@ -643,32 +640,44 @@ prism54_translate_bss(struct net_device *ndev, char *current_ev,
        current_ev =
            iwe_stream_add_event(current_ev, end_buf, &iwe, IW_EV_QUAL_LEN);
 
-       if (priv->wpa) {
-               u8 wpa_ie[MAX_WPA_IE_LEN];
-               char *buf, *p;
-               size_t wpa_ie_len;
+       /* Add WPA/RSN Information Element, if any */
+       wpa_ie_len = prism54_wpa_bss_ie_get(priv, bss->address, wpa_ie);
+       if (wpa_ie_len > 0) {
+               iwe.cmd = IWEVGENIE;
+               iwe.u.data.length = min(wpa_ie_len, (size_t)MAX_WPA_IE_LEN);
+               current_ev = iwe_stream_add_point(current_ev, end_buf,
+                               &iwe, wpa_ie);
+       }
+       /* Do the bitrates */
+       {
+               char *  current_val = current_ev + IW_EV_LCP_LEN;
                int i;
-
-               wpa_ie_len = prism54_wpa_ie_get(priv, bss->address, wpa_ie);
-               if (wpa_ie_len > 0 &&
-                   (buf = kmalloc(wpa_ie_len * 2 + 10, GFP_ATOMIC))) {
-                       p = buf;
-                       p += sprintf(p, "wpa_ie=");
-                       for (i = 0; i < wpa_ie_len; i++) {
-                               p += sprintf(p, "%02x", wpa_ie[i]);
+               int mask;
+
+               iwe.cmd = SIOCGIWRATE;
+               /* Those two flags are ignored... */
+               iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
+
+               /* Parse the bitmask */
+               mask = 0x1;
+               for(i = 0; i < sizeof(scan_rate_list); i++) {
+                       if(bss->rates & mask) {
+                               iwe.u.bitrate.value = (scan_rate_list[i] * 500000);
+                               current_val = iwe_stream_add_value(current_ev, current_val,
+                                                                  end_buf, &iwe,
+                                                                  IW_EV_PARAM_LEN);
                        }
-                       memset(&iwe, 0, sizeof (iwe));
-                       iwe.cmd = IWEVCUSTOM;
-                       iwe.u.data.length = strlen(buf);
-                       current_ev = iwe_stream_add_point(current_ev, end_buf,
-                                                         &iwe, buf);
-                       kfree(buf);
+                       mask <<= 1;
                }
+               /* Check if we added any event */
+               if ((current_val - current_ev) > IW_EV_LCP_LEN)
+                       current_ev = current_val;
        }
+
        return current_ev;
 }
 
-int
+static int
 prism54_get_scan(struct net_device *ndev, struct iw_request_info *info,
                 struct iw_point *dwrq, char *extra)
 {
@@ -689,19 +698,32 @@ prism54_get_scan(struct net_device *ndev, struct iw_request_info *info,
        rvalue = mgt_get_request(priv, DOT11_OID_NOISEFLOOR, 0, NULL, &r);
        noise = r.u;
 
-       /* Ask the device for a list of known bss. We can report at most
-        * IW_MAX_AP=64 to the range struct. But the device won't repport anything
-        * if you change the value of IWMAX_BSS=24.
-        */
+       /* Ask the device for a list of known bss.
+       * The old API, using SIOCGIWAPLIST, had a hard limit of IW_MAX_AP=64.
+       * The new API, using SIOCGIWSCAN, is only limited by the buffer size.
+       * WE-14->WE-16, the buffer is limited to IW_SCAN_MAX_DATA bytes.
+       * Starting with WE-17, the buffer can be as big as needed.
+       * But the device won't repport anything if you change the value
+       * of IWMAX_BSS=24. */
+
        rvalue |= mgt_get_request(priv, DOT11_OID_BSSLIST, 0, NULL, &r);
        bsslist = r.ptr;
 
        /* ok now, scan the list and translate its info */
-       for (i = 0; i < min(IW_MAX_AP, (int) bsslist->nr); i++)
+       for (i = 0; i < (int) bsslist->nr; i++) {
                current_ev = prism54_translate_bss(ndev, current_ev,
-                                                  extra + IW_SCAN_MAX_DATA,
+                                                  extra + dwrq->length,
                                                   &(bsslist->bsslist[i]),
                                                   noise);
+
+               /* Check if there is space for one more entry */
+               if((extra + dwrq->length - current_ev) <= IW_EV_ADDR_LEN) {
+                       /* Ask user space to try again with a bigger buffer */
+                       rvalue = -E2BIG;
+                       break;
+               }
+       }
+
        kfree(bsslist);
        dwrq->length = (current_ev - extra);
        dwrq->flags = 0;        /* todo */
@@ -720,9 +742,9 @@ prism54_set_essid(struct net_device *ndev, struct iw_request_info *info,
 
        /* Check if we were asked for `any' */
        if (dwrq->flags && dwrq->length) {
-               if (dwrq->length > min(33, IW_ESSID_MAX_SIZE + 1))
+               if (dwrq->length > 32)
                        return -E2BIG;
-               essid.length = dwrq->length - 1;
+               essid.length = dwrq->length;
                memcpy(essid.octets, extra, dwrq->length);
        } else
                essid.length = 0;
@@ -750,8 +772,8 @@ prism54_get_essid(struct net_device *ndev, struct iw_request_info *info,
 
        if (essid->length) {
                dwrq->flags = 1;        /* set ESSID to ON for Wireless Extensions */
-               /* if it is to big, trunk it */
-               dwrq->length = min(IW_ESSID_MAX_SIZE, essid->length + 1);
+               /* if it is too big, trunk it */
+               dwrq->length = min((u8)IW_ESSID_MAX_SIZE, essid->length);
        } else {
                dwrq->flags = 0;
                dwrq->length = 0;
@@ -763,7 +785,7 @@ prism54_get_essid(struct net_device *ndev, struct iw_request_info *info,
        return rvalue;
 }
 
-/* Provides no functionality, just completes the ioctl. In essence this is a 
+/* Provides no functionality, just completes the ioctl. In essence this is a
  * just a cosmetic ioctl.
  */
 static int
@@ -792,7 +814,7 @@ prism54_get_nick(struct net_device *ndev, struct iw_request_info *info,
        dwrq->length = 0;
 
        down_read(&priv->mib_sem);
-       dwrq->length = strlen(priv->nickname) + 1;
+       dwrq->length = strlen(priv->nickname);
        memcpy(extra, priv->nickname, dwrq->length);
        up_read(&priv->mib_sem);
 
@@ -970,9 +992,9 @@ prism54_set_retry(struct net_device *ndev, struct iw_request_info *info,
                return -EINVAL;
 
        if (vwrq->flags & IW_RETRY_LIMIT) {
-               if (vwrq->flags & IW_RETRY_MIN)
+               if (vwrq->flags & IW_RETRY_SHORT)
                        slimit = vwrq->value;
-               else if (vwrq->flags & IW_RETRY_MAX)
+               else if (vwrq->flags & IW_RETRY_LONG)
                        llimit = vwrq->value;
                else {
                        /* we are asked to set both */
@@ -1013,18 +1035,18 @@ prism54_get_retry(struct net_device *ndev, struct iw_request_info *info,
                    mgt_get_request(priv, DOT11_OID_MAXTXLIFETIME, 0, NULL, &r);
                vwrq->value = r.u * 1024;
                vwrq->flags = IW_RETRY_LIFETIME;
-       } else if ((vwrq->flags & IW_RETRY_MAX)) {
+       } else if ((vwrq->flags & IW_RETRY_LONG)) {
                /* we are asked for the long retry limit */
                rvalue |=
                    mgt_get_request(priv, DOT11_OID_LONGRETRIES, 0, NULL, &r);
                vwrq->value = r.u;
-               vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_MAX;
+               vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
        } else {
                /* default. get the  short retry limit */
                rvalue |=
                    mgt_get_request(priv, DOT11_OID_SHORTRETRIES, 0, NULL, &r);
                vwrq->value = r.u;
-               vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_MIN;
+               vwrq->flags = IW_RETRY_LIMIT | IW_RETRY_SHORT;
        }
 
        return rvalue;
@@ -1054,12 +1076,24 @@ prism54_set_encode(struct net_device *ndev, struct iw_request_info *info,
                current_index = r.u;
                /* Verify that the key is not marked as invalid */
                if (!(dwrq->flags & IW_ENCODE_NOKEY)) {
-                       key.length = dwrq->length > sizeof (key.key) ?
-                           sizeof (key.key) : dwrq->length;
-                       memcpy(key.key, extra, key.length);
-                       if (key.length == 32)
-                               /* we want WPA-PSK */
+                       if (dwrq->length > KEY_SIZE_TKIP) {
+                               /* User-provided key data too big */
+                               return -EINVAL;
+                       }
+                       if (dwrq->length > KEY_SIZE_WEP104) {
+                               /* WPA-PSK TKIP */
                                key.type = DOT11_PRIV_TKIP;
+                               key.length = KEY_SIZE_TKIP;
+                       } else if (dwrq->length > KEY_SIZE_WEP40) {
+                               /* WEP 104/128 */
+                               key.length = KEY_SIZE_WEP104;
+                       } else {
+                               /* WEP 40/64 */
+                               key.length = KEY_SIZE_WEP40;
+                       }
+                       memset(key.key, 0, sizeof (key.key));
+                       memcpy(key.key, extra, dwrq->length);
+
                        if ((index < 0) || (index > 3))
                                /* no index provided use the current one */
                                index = current_index;
@@ -1070,7 +1104,7 @@ prism54_set_encode(struct net_device *ndev, struct iw_request_info *info,
                                            &key);
                }
                /*
-                * If a valid key is set, encryption should be enabled 
+                * If a valid key is set, encryption should be enabled
                 * (user may turn it off later).
                 * This is also how "iwconfig ethX key on" works
                 */
@@ -1092,7 +1126,7 @@ prism54_set_encode(struct net_device *ndev, struct iw_request_info *info,
        }
        /* now read the flags */
        if (dwrq->flags & IW_ENCODE_DISABLED) {
-               /* Encoding disabled, 
+               /* Encoding disabled,
                 * authen = DOT11_AUTH_OS;
                 * invoke = 0;
                 * exunencrypt = 0; */
@@ -1180,7 +1214,7 @@ prism54_get_txpower(struct net_device *ndev, struct iw_request_info *info,
        vwrq->value = (s32) r.u / 4;
        vwrq->fixed = 1;
        /* radio is not turned of
-        * btw: how is possible to turn off only the radio 
+        * btw: how is possible to turn off only the radio
         */
        vwrq->disabled = 0;
 
@@ -1213,6 +1247,495 @@ prism54_set_txpower(struct net_device *ndev, struct iw_request_info *info,
        }
 }
 
+static int prism54_set_genie(struct net_device *ndev,
+                            struct iw_request_info *info,
+                            struct iw_point *data, char *extra)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       int alen, ret = 0;
+       struct obj_attachment *attach;
+
+       if (data->length > MAX_WPA_IE_LEN ||
+           (data->length && extra == NULL))
+               return -EINVAL;
+
+       memcpy(priv->wpa_ie, extra, data->length);
+       priv->wpa_ie_len = data->length;
+
+       alen = sizeof(*attach) + priv->wpa_ie_len;
+       attach = kzalloc(alen, GFP_KERNEL);
+       if (attach == NULL)
+               return -ENOMEM;
+
+#define WLAN_FC_TYPE_MGMT 0
+#define WLAN_FC_STYPE_ASSOC_REQ 0
+#define WLAN_FC_STYPE_REASSOC_REQ 2
+
+       /* Note: endianness is covered by mgt_set_varlen */
+       attach->type = (WLAN_FC_TYPE_MGMT << 2) |
+               (WLAN_FC_STYPE_ASSOC_REQ << 4);
+       attach->id = -1;
+       attach->size = priv->wpa_ie_len;
+       memcpy(attach->data, extra, priv->wpa_ie_len);
+
+       ret = mgt_set_varlen(priv, DOT11_OID_ATTACHMENT, attach,
+               priv->wpa_ie_len);
+       if (ret == 0) {
+               attach->type = (WLAN_FC_TYPE_MGMT << 2) |
+                       (WLAN_FC_STYPE_REASSOC_REQ << 4);
+
+               ret = mgt_set_varlen(priv, DOT11_OID_ATTACHMENT, attach,
+                       priv->wpa_ie_len);
+               if (ret == 0)
+                       printk(KERN_DEBUG "%s: WPA IE Attachment was set\n",
+                               ndev->name);
+       }
+
+       kfree(attach);
+       return ret;
+}
+
+
+static int prism54_get_genie(struct net_device *ndev,
+                            struct iw_request_info *info,
+                            struct iw_point *data, char *extra)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       int len = priv->wpa_ie_len;
+
+       if (len <= 0) {
+               data->length = 0;
+               return 0;
+       }
+
+       if (data->length < len)
+               return -E2BIG;
+
+       data->length = len;
+       memcpy(extra, priv->wpa_ie, len);
+
+       return 0;
+}
+
+static int prism54_set_auth(struct net_device *ndev,
+                              struct iw_request_info *info,
+                              union iwreq_data *wrqu, char *extra)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       struct iw_param *param = &wrqu->param;
+       u32 mlmelevel = 0, authen = 0, dot1x = 0;
+       u32 exunencrypt = 0, privinvoked = 0, wpa = 0;
+       u32 old_wpa;
+       int ret = 0;
+       union oid_res_t r;
+
+       if (islpci_get_state(priv) < PRV_STATE_INIT)
+               return 0;
+
+       /* first get the flags */
+       down_write(&priv->mib_sem);
+       wpa = old_wpa = priv->wpa;
+       up_write(&priv->mib_sem);
+       ret = mgt_get_request(priv, DOT11_OID_AUTHENABLE, 0, NULL, &r);
+       authen = r.u;
+       ret = mgt_get_request(priv, DOT11_OID_PRIVACYINVOKED, 0, NULL, &r);
+       privinvoked = r.u;
+       ret = mgt_get_request(priv, DOT11_OID_EXUNENCRYPTED, 0, NULL, &r);
+       exunencrypt = r.u;
+       ret = mgt_get_request(priv, DOT11_OID_DOT1XENABLE, 0, NULL, &r);
+       dot1x = r.u;
+       ret = mgt_get_request(priv, DOT11_OID_MLMEAUTOLEVEL, 0, NULL, &r);
+       mlmelevel = r.u;
+
+       if (ret < 0)
+               goto out;
+
+       switch (param->flags & IW_AUTH_INDEX) {
+       case IW_AUTH_CIPHER_PAIRWISE:
+       case IW_AUTH_CIPHER_GROUP:
+       case IW_AUTH_KEY_MGMT:
+               break;
+
+       case IW_AUTH_WPA_ENABLED:
+               /* Do the same thing as IW_AUTH_WPA_VERSION */
+               if (param->value) {
+                       wpa = 1;
+                       privinvoked = 1; /* For privacy invoked */
+                       exunencrypt = 1; /* Filter out all unencrypted frames */
+                       dot1x = 0x01; /* To enable eap filter */
+                       mlmelevel = DOT11_MLME_EXTENDED;
+                       authen = DOT11_AUTH_OS; /* Only WEP uses _SK and _BOTH */
+               } else {
+                       wpa = 0;
+                       privinvoked = 0;
+                       exunencrypt = 0; /* Do not filter un-encrypted data */
+                       dot1x = 0;
+                       mlmelevel = DOT11_MLME_AUTO;
+               }
+               break;
+
+       case IW_AUTH_WPA_VERSION:
+               if (param->value & IW_AUTH_WPA_VERSION_DISABLED) {
+                       wpa = 0;
+                       privinvoked = 0;
+                       exunencrypt = 0; /* Do not filter un-encrypted data */
+                       dot1x = 0;
+                       mlmelevel = DOT11_MLME_AUTO;
+               } else {
+                       if (param->value & IW_AUTH_WPA_VERSION_WPA)
+                               wpa = 1;
+                       else if (param->value & IW_AUTH_WPA_VERSION_WPA2)
+                               wpa = 2;
+                       privinvoked = 1; /* For privacy invoked */
+                       exunencrypt = 1; /* Filter out all unencrypted frames */
+                       dot1x = 0x01; /* To enable eap filter */
+                       mlmelevel = DOT11_MLME_EXTENDED;
+                       authen = DOT11_AUTH_OS; /* Only WEP uses _SK and _BOTH */
+               }
+               break;
+
+       case IW_AUTH_RX_UNENCRYPTED_EAPOL:
+               /* dot1x should be the opposite of RX_UNENCRYPTED_EAPOL;
+                * turn off dot1x when  allowing recepit of unencrypted eapol
+                * frames, turn on dot1x when we disallow receipt
+                */
+               dot1x = param->value ? 0x00 : 0x01;
+               break;
+
+       case IW_AUTH_PRIVACY_INVOKED:
+               privinvoked = param->value ? 1 : 0;
+               break;
+
+       case IW_AUTH_DROP_UNENCRYPTED:
+               exunencrypt = param->value ? 1 : 0;
+               break;
+
+       case IW_AUTH_80211_AUTH_ALG:
+               if (param->value & IW_AUTH_ALG_SHARED_KEY) {
+                       /* Only WEP uses _SK and _BOTH */
+                       if (wpa > 0) {
+                               ret = -EINVAL;
+                               goto out;
+                       }
+                       authen = DOT11_AUTH_SK;
+               } else if (param->value & IW_AUTH_ALG_OPEN_SYSTEM) {
+                       authen = DOT11_AUTH_OS;
+               } else {
+                       ret = -EINVAL;
+                       goto out;
+               }
+               break;
+
+       default:
+               return -EOPNOTSUPP;
+       }
+
+       /* Set all the values */
+       down_write(&priv->mib_sem);
+       priv->wpa = wpa;
+       up_write(&priv->mib_sem);
+       mgt_set_request(priv, DOT11_OID_AUTHENABLE, 0, &authen);
+       mgt_set_request(priv, DOT11_OID_PRIVACYINVOKED, 0, &privinvoked);
+       mgt_set_request(priv, DOT11_OID_EXUNENCRYPTED, 0, &exunencrypt);
+       mgt_set_request(priv, DOT11_OID_DOT1XENABLE, 0, &dot1x);
+       mgt_set_request(priv, DOT11_OID_MLMEAUTOLEVEL, 0, &mlmelevel);
+
+out:
+       return ret;
+}
+
+static int prism54_get_auth(struct net_device *ndev,
+                           struct iw_request_info *info,
+                           union iwreq_data *wrqu, char *extra)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       struct iw_param *param = &wrqu->param;
+       u32 wpa = 0;
+       int ret = 0;
+       union oid_res_t r;
+
+       if (islpci_get_state(priv) < PRV_STATE_INIT)
+               return 0;
+
+       /* first get the flags */
+       down_write(&priv->mib_sem);
+       wpa = priv->wpa;
+       up_write(&priv->mib_sem);
+
+       switch (param->flags & IW_AUTH_INDEX) {
+       case IW_AUTH_CIPHER_PAIRWISE:
+       case IW_AUTH_CIPHER_GROUP:
+       case IW_AUTH_KEY_MGMT:
+               /*
+                * wpa_supplicant will control these internally
+                */
+               ret = -EOPNOTSUPP;
+               break;
+
+       case IW_AUTH_WPA_VERSION:
+               switch (wpa) {
+               case 1:
+                       param->value = IW_AUTH_WPA_VERSION_WPA;
+                       break;
+               case 2:
+                       param->value = IW_AUTH_WPA_VERSION_WPA2;
+                       break;
+               case 0:
+               default:
+                       param->value = IW_AUTH_WPA_VERSION_DISABLED;
+                       break;
+               }
+               break;
+
+       case IW_AUTH_DROP_UNENCRYPTED:
+               ret = mgt_get_request(priv, DOT11_OID_EXUNENCRYPTED, 0, NULL, &r);
+               if (ret >= 0)
+                       param->value = r.u > 0 ? 1 : 0;
+               break;
+
+       case IW_AUTH_80211_AUTH_ALG:
+               ret = mgt_get_request(priv, DOT11_OID_AUTHENABLE, 0, NULL, &r);
+               if (ret >= 0) {
+                       switch (r.u) {
+                       case DOT11_AUTH_OS:
+                               param->value = IW_AUTH_ALG_OPEN_SYSTEM;
+                               break;
+                       case DOT11_AUTH_BOTH:
+                       case DOT11_AUTH_SK:
+                               param->value = IW_AUTH_ALG_SHARED_KEY;
+                       case DOT11_AUTH_NONE:
+                       default:
+                               param->value = 0;
+                               break;
+                       }
+               }
+               break;
+
+       case IW_AUTH_WPA_ENABLED:
+               param->value = wpa > 0 ? 1 : 0;
+               break;
+
+       case IW_AUTH_RX_UNENCRYPTED_EAPOL:
+               ret = mgt_get_request(priv, DOT11_OID_DOT1XENABLE, 0, NULL, &r);
+               if (ret >= 0)
+                       param->value = r.u > 0 ? 1 : 0;
+               break;
+
+       case IW_AUTH_PRIVACY_INVOKED:
+               ret = mgt_get_request(priv, DOT11_OID_PRIVACYINVOKED, 0, NULL, &r);
+               if (ret >= 0)
+                       param->value = r.u > 0 ? 1 : 0;
+               break;
+
+       default:
+               return -EOPNOTSUPP;
+       }
+       return ret;
+}
+
+static int prism54_set_encodeext(struct net_device *ndev,
+                                struct iw_request_info *info,
+                                union iwreq_data *wrqu,
+                                char *extra)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       struct iw_point *encoding = &wrqu->encoding;
+       struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
+       int idx, alg = ext->alg, set_key = 1;
+       union oid_res_t r;
+       int authen = DOT11_AUTH_OS, invoke = 0, exunencrypt = 0;
+       int ret = 0;
+
+       if (islpci_get_state(priv) < PRV_STATE_INIT)
+               return 0;
+
+       /* Determine and validate the key index */
+       idx = (encoding->flags & IW_ENCODE_INDEX) - 1;
+       if (idx) {
+               if (idx < 0 || idx > 3)
+                       return -EINVAL;
+       } else {
+               ret = mgt_get_request(priv, DOT11_OID_DEFKEYID, 0, NULL, &r);
+               if (ret < 0)
+                       goto out;
+               idx = r.u;
+       }
+
+       if (encoding->flags & IW_ENCODE_DISABLED)
+               alg = IW_ENCODE_ALG_NONE;
+
+       if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
+               /* Only set transmit key index here, actual
+                * key is set below if needed.
+                */
+               ret = mgt_set_request(priv, DOT11_OID_DEFKEYID, 0, &idx);
+               set_key = ext->key_len > 0 ? 1 : 0;
+       }
+
+       if (set_key) {
+               struct obj_key key = { DOT11_PRIV_WEP, 0, "" };
+               switch (alg) {
+               case IW_ENCODE_ALG_NONE:
+                       break;
+               case IW_ENCODE_ALG_WEP:
+                       if (ext->key_len > KEY_SIZE_WEP104) {
+                               ret = -EINVAL;
+                               goto out;
+                       }
+                       if (ext->key_len > KEY_SIZE_WEP40)
+                               key.length = KEY_SIZE_WEP104;
+                       else
+                               key.length = KEY_SIZE_WEP40;
+                       break;
+               case IW_ENCODE_ALG_TKIP:
+                       if (ext->key_len > KEY_SIZE_TKIP) {
+                               ret = -EINVAL;
+                               goto out;
+                       }
+                       key.type = DOT11_PRIV_TKIP;
+                       key.length = KEY_SIZE_TKIP;
+                       break;
+               default:
+                       return -EINVAL;
+               }
+
+               if (key.length) {
+                       memset(key.key, 0, sizeof(key.key));
+                       memcpy(key.key, ext->key, ext->key_len);
+                       ret = mgt_set_request(priv, DOT11_OID_DEFKEYX, idx,
+                                           &key);
+                       if (ret < 0)
+                               goto out;
+               }
+       }
+
+       /* Read the flags */
+       if (encoding->flags & IW_ENCODE_DISABLED) {
+               /* Encoding disabled,
+                * authen = DOT11_AUTH_OS;
+                * invoke = 0;
+                * exunencrypt = 0; */
+       }
+       if (encoding->flags & IW_ENCODE_OPEN) {
+               /* Encode but accept non-encoded packets. No auth */
+               invoke = 1;
+       }
+       if (encoding->flags & IW_ENCODE_RESTRICTED) {
+               /* Refuse non-encoded packets. Auth */
+               authen = DOT11_AUTH_BOTH;
+               invoke = 1;
+               exunencrypt = 1;
+       }
+
+       /* do the change if requested  */
+       if (encoding->flags & IW_ENCODE_MODE) {
+               ret = mgt_set_request(priv, DOT11_OID_AUTHENABLE, 0,
+                                     &authen);
+               ret = mgt_set_request(priv, DOT11_OID_PRIVACYINVOKED, 0,
+                                     &invoke);
+               ret = mgt_set_request(priv, DOT11_OID_EXUNENCRYPTED, 0,
+                                     &exunencrypt);
+       }
+
+out:
+       return ret;
+}
+
+
+static int prism54_get_encodeext(struct net_device *ndev,
+                                struct iw_request_info *info,
+                                union iwreq_data *wrqu,
+                                char *extra)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       struct iw_point *encoding = &wrqu->encoding;
+       struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
+       int idx, max_key_len;
+       union oid_res_t r;
+       int authen = DOT11_AUTH_OS, invoke = 0, exunencrypt = 0, wpa = 0;
+       int ret = 0;
+
+       if (islpci_get_state(priv) < PRV_STATE_INIT)
+               return 0;
+
+       /* first get the flags */
+       ret = mgt_get_request(priv, DOT11_OID_AUTHENABLE, 0, NULL, &r);
+       authen = r.u;
+       ret = mgt_get_request(priv, DOT11_OID_PRIVACYINVOKED, 0, NULL, &r);
+       invoke = r.u;
+       ret = mgt_get_request(priv, DOT11_OID_EXUNENCRYPTED, 0, NULL, &r);
+       exunencrypt = r.u;
+       if (ret < 0)
+               goto out;
+
+       max_key_len = encoding->length - sizeof(*ext);
+       if (max_key_len < 0)
+               return -EINVAL;
+
+       idx = (encoding->flags & IW_ENCODE_INDEX) - 1;
+       if (idx) {
+               if (idx < 0 || idx > 3)
+                       return -EINVAL;
+       } else {
+               ret = mgt_get_request(priv, DOT11_OID_DEFKEYID, 0, NULL, &r);
+               if (ret < 0)
+                       goto out;
+               idx = r.u;
+       }
+
+       encoding->flags = idx + 1;
+       memset(ext, 0, sizeof(*ext));
+
+       switch (authen) {
+       case DOT11_AUTH_BOTH:
+       case DOT11_AUTH_SK:
+               wrqu->encoding.flags |= IW_ENCODE_RESTRICTED;
+       case DOT11_AUTH_OS:
+       default:
+               wrqu->encoding.flags |= IW_ENCODE_OPEN;
+               break;
+       }
+
+       down_write(&priv->mib_sem);
+       wpa = priv->wpa;
+       up_write(&priv->mib_sem);
+
+       if (authen == DOT11_AUTH_OS && !exunencrypt && !invoke && !wpa) {
+               /* No encryption */
+               ext->alg = IW_ENCODE_ALG_NONE;
+               ext->key_len = 0;
+               wrqu->encoding.flags |= IW_ENCODE_DISABLED;
+       } else {
+               struct obj_key *key;
+
+               ret = mgt_get_request(priv, DOT11_OID_DEFKEYX, idx, NULL, &r);
+               if (ret < 0)
+                       goto out;
+               key = r.ptr;
+               if (max_key_len < key->length) {
+                       ret = -E2BIG;
+                       goto out;
+               }
+               memcpy(ext->key, key->key, key->length);
+               ext->key_len = key->length;
+
+               switch (key->type) {
+               case DOT11_PRIV_TKIP:
+                       ext->alg = IW_ENCODE_ALG_TKIP;
+                       break;
+               default:
+               case DOT11_PRIV_WEP:
+                       ext->alg = IW_ENCODE_ALG_WEP;
+                       break;
+               }
+               wrqu->encoding.flags |= IW_ENCODE_ENABLED;
+       }
+
+out:
+       return ret;
+}
+
+
 static int
 prism54_reset(struct net_device *ndev, struct iw_request_info *info,
              __u32 * uwrq, char *extra)
@@ -1411,7 +1934,10 @@ prism54_set_policy(struct net_device *ndev, struct iw_request_info *info,
                mlmeautolevel = DOT11_MLME_EXTENDED;
        mgt_set(priv, DOT11_OID_MLMEAUTOLEVEL, &mlmeautolevel);
        /* restart the card with our new policy */
-       mgt_commit(priv);
+       if (mgt_commit(priv)) {
+               up_write(&priv->mib_sem);
+               return -EIO;
+       }
        up_write(&priv->mib_sem);
 
        return 0;
@@ -1528,31 +2054,35 @@ send_formatted_event(islpci_private *priv, const char *str,
                     const struct obj_mlme *mlme, int error)
 {
        union iwreq_data wrqu;
+       char *memptr;
 
-       wrqu.data.pointer = kmalloc(IW_CUSTOM_MAX, GFP_KERNEL);
-       if (!wrqu.data.pointer)
+       memptr = kmalloc(IW_CUSTOM_MAX, GFP_KERNEL);
+       if (!memptr)
                return;
+       wrqu.data.pointer = memptr;
        wrqu.data.length = 0;
-       format_event(priv, wrqu.data.pointer, str, mlme, &wrqu.data.length,
+       format_event(priv, memptr, str, mlme, &wrqu.data.length,
                     error);
-       wireless_send_event(priv->ndev, IWEVCUSTOM, &wrqu, wrqu.data.pointer);
-       kfree(wrqu.data.pointer);
+       wireless_send_event(priv->ndev, IWEVCUSTOM, &wrqu, memptr);
+       kfree(memptr);
 }
 
 static void
 send_simple_event(islpci_private *priv, const char *str)
 {
        union iwreq_data wrqu;
+       char *memptr;
        int n = strlen(str);
 
-       wrqu.data.pointer = kmalloc(IW_CUSTOM_MAX, GFP_KERNEL);
-       if (!wrqu.data.pointer)
+       memptr = kmalloc(IW_CUSTOM_MAX, GFP_KERNEL);
+       if (!memptr)
                return;
        BUG_ON(n > IW_CUSTOM_MAX);
+       wrqu.data.pointer = memptr;
        wrqu.data.length = n;
-       strcpy(wrqu.data.pointer, str);
-       wireless_send_event(priv->ndev, IWEVCUSTOM, &wrqu, wrqu.data.pointer);
-       kfree(wrqu.data.pointer);
+       strcpy(memptr, str);
+       wireless_send_event(priv->ndev, IWEVCUSTOM, &wrqu, memptr);
+       kfree(memptr);
 }
 
 static void
@@ -1586,9 +2116,9 @@ static u8 wpa_oid[4] = { 0x00, 0x50, 0xf2, 1 };
 #define MAC2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5]
 #define MACSTR "%02x:%02x:%02x:%02x:%02x:%02x"
 
-void
-prism54_wpa_ie_add(islpci_private *priv, u8 *bssid,
-                  u8 *wpa_ie, size_t wpa_ie_len)
+static void
+prism54_wpa_bss_ie_add(islpci_private *priv, u8 *bssid,
+                      u8 *wpa_ie, size_t wpa_ie_len)
 {
        struct list_head *ptr;
        struct islpci_bss_wpa_ie *bss = NULL;
@@ -1617,11 +2147,9 @@ prism54_wpa_ie_add(islpci_private *priv, u8 *bssid,
                                         struct islpci_bss_wpa_ie, list);
                        list_del(&bss->list);
                } else {
-                       bss = kmalloc(sizeof (*bss), GFP_ATOMIC);
-                       if (bss != NULL) {
+                       bss = kzalloc(sizeof (*bss), GFP_ATOMIC);
+                       if (bss != NULL)
                                priv->num_bss_wpa++;
-                               memset(bss, 0, sizeof (*bss));
-                       }
                }
                if (bss != NULL) {
                        memcpy(bss->bssid, bssid, ETH_ALEN);
@@ -1653,8 +2181,8 @@ prism54_wpa_ie_add(islpci_private *priv, u8 *bssid,
        up(&priv->wpa_sem);
 }
 
-size_t
-prism54_wpa_ie_get(islpci_private *priv, u8 *bssid, u8 *wpa_ie)
+static size_t
+prism54_wpa_bss_ie_get(islpci_private *priv, u8 *bssid, u8 *wpa_ie)
 {
        struct list_head *ptr;
        struct islpci_bss_wpa_ie *bss = NULL;
@@ -1679,14 +2207,14 @@ prism54_wpa_ie_get(islpci_private *priv, u8 *bssid, u8 *wpa_ie)
 }
 
 void
-prism54_wpa_ie_init(islpci_private *priv)
+prism54_wpa_bss_ie_init(islpci_private *priv)
 {
        INIT_LIST_HEAD(&priv->bss_wpa_list);
        sema_init(&priv->wpa_sem, 1);
 }
 
 void
-prism54_wpa_ie_clean(islpci_private *priv)
+prism54_wpa_bss_ie_clean(islpci_private *priv)
 {
        struct list_head *ptr, *n;
 
@@ -1718,7 +2246,7 @@ prism54_process_bss_data(islpci_private *priv, u32 oid, u8 *addr,
                }
                if (pos[0] == WLAN_EID_GENERIC && pos[1] >= 4 &&
                    memcmp(pos + 2, wpa_oid, 4) == 0) {
-                       prism54_wpa_ie_add(priv, addr, pos, pos[1] + 2);
+                       prism54_wpa_bss_ie_add(priv, addr, pos, pos[1] + 2);
                        return;
                }
                pos += 2 + pos[1];
@@ -1740,16 +2268,18 @@ handle_request(islpci_private *priv, struct obj_mlme *mlme, enum oid_num_t oid)
        }
 }
 
-int
+static int
 prism54_process_trap_helper(islpci_private *priv, enum oid_num_t oid,
                            char *data)
 {
        struct obj_mlme *mlme = (struct obj_mlme *) data;
-       size_t len;
-       u8 *payload, *pos = (u8 *) (mlme + 1);
-
-       len = pos[0] | (pos[1] << 8);   /* little endian data length */
-       payload = pos + 2;
+       struct obj_mlmeex *mlmeex = (struct obj_mlmeex *) data;
+       struct obj_mlmeex *confirm;
+       u8 wpa_ie[MAX_WPA_IE_LEN];
+       int wpa_ie_len;
+       size_t len = 0; /* u16, better? */
+       u8 *payload = NULL, *pos = NULL;
+       int ret;
 
        /* I think all trapable objects are listed here.
         * Some oids have a EX version. The difference is that they are emitted
@@ -1759,9 +2289,14 @@ prism54_process_trap_helper(islpci_private *priv, enum oid_num_t oid,
         * suited. We use the more flexible custom event facility.
         */
 
+       if (oid >= DOT11_OID_BEACON) {
+               len = mlmeex->size;
+               payload = pos = mlmeex->data;
+       }
+
        /* I fear prism54_process_bss_data won't work with big endian data */
        if ((oid == DOT11_OID_BEACON) || (oid == DOT11_OID_PROBE))
-               prism54_process_bss_data(priv, oid, mlme->address,
+               prism54_process_bss_data(priv, oid, mlmeex->address,
                                         payload, len);
 
        mgt_le_to_cpu(isl_oid[oid].flags & OID_FLAG_TYPE, (void *) mlme);
@@ -1821,21 +2356,134 @@ prism54_process_trap_helper(islpci_private *priv, enum oid_num_t oid,
 
        case DOT11_OID_AUTHENTICATEEX:
                handle_request(priv, mlme, oid);
-               send_formatted_event(priv, "Authenticate request", mlme, 1);
+               send_formatted_event(priv, "Authenticate request (ex)", mlme, 1);
+
+               if (priv->iw_mode != IW_MODE_MASTER
+                               && mlmeex->state != DOT11_STATE_AUTHING)
+                       break;
+
+               confirm = kmalloc(sizeof(struct obj_mlmeex) + 6, GFP_ATOMIC);
+
+               if (!confirm)
+                       break;
+
+               memcpy(&confirm->address, mlmeex->address, ETH_ALEN);
+               printk(KERN_DEBUG "Authenticate from: address:\t%02x:%02x:%02x:%02x:%02x:%02x\n",
+                               mlmeex->address[0],
+                               mlmeex->address[1],
+                               mlmeex->address[2],
+                               mlmeex->address[3],
+                               mlmeex->address[4],
+                               mlmeex->address[5]
+                               );
+               confirm->id = -1; /* or mlmeex->id ? */
+               confirm->state = 0; /* not used */
+               confirm->code = 0;
+               confirm->size = 6;
+               confirm->data[0] = 0x00;
+               confirm->data[1] = 0x00;
+               confirm->data[2] = 0x02;
+               confirm->data[3] = 0x00;
+               confirm->data[4] = 0x00;
+               confirm->data[5] = 0x00;
+
+               ret = mgt_set_varlen(priv, DOT11_OID_ASSOCIATEEX, confirm, 6);
+
+               kfree(confirm);
+               if (ret)
+                       return ret;
                break;
 
        case DOT11_OID_DISASSOCIATEEX:
-               send_formatted_event(priv, "Disassociate request", mlme, 0);
+               send_formatted_event(priv, "Disassociate request (ex)", mlme, 0);
                break;
 
        case DOT11_OID_ASSOCIATEEX:
                handle_request(priv, mlme, oid);
-               send_formatted_event(priv, "Associate request", mlme, 1);
+               send_formatted_event(priv, "Associate request (ex)", mlme, 1);
+
+               if (priv->iw_mode != IW_MODE_MASTER
+                               && mlmeex->state != DOT11_STATE_ASSOCING)
+                       break;
+
+               confirm = kmalloc(sizeof(struct obj_mlmeex), GFP_ATOMIC);
+
+               if (!confirm)
+                       break;
+
+               memcpy(&confirm->address, mlmeex->address, ETH_ALEN);
+
+               confirm->id = ((struct obj_mlmeex *)mlme)->id;
+               confirm->state = 0; /* not used */
+               confirm->code = 0;
+
+               wpa_ie_len = prism54_wpa_bss_ie_get(priv, mlmeex->address, wpa_ie);
+
+               if (!wpa_ie_len) {
+                       printk(KERN_DEBUG "No WPA IE found from "
+                                       "address:\t%02x:%02x:%02x:%02x:%02x:%02x\n",
+                               mlmeex->address[0],
+                               mlmeex->address[1],
+                               mlmeex->address[2],
+                               mlmeex->address[3],
+                               mlmeex->address[4],
+                               mlmeex->address[5]
+                               );
+                       kfree(confirm);
+                       break;
+               }
+
+               confirm->size = wpa_ie_len;
+               memcpy(&confirm->data, wpa_ie, wpa_ie_len);
+
+               mgt_set_varlen(priv, oid, confirm, wpa_ie_len);
+
+               kfree(confirm);
+
                break;
 
        case DOT11_OID_REASSOCIATEEX:
                handle_request(priv, mlme, oid);
-               send_formatted_event(priv, "Reassociate request", mlme, 1);
+               send_formatted_event(priv, "Reassociate request (ex)", mlme, 1);
+
+               if (priv->iw_mode != IW_MODE_MASTER
+                               && mlmeex->state != DOT11_STATE_ASSOCING)
+                       break;
+
+               confirm = kmalloc(sizeof(struct obj_mlmeex), GFP_ATOMIC);
+
+               if (!confirm)
+                       break;
+
+               memcpy(&confirm->address, mlmeex->address, ETH_ALEN);
+
+               confirm->id = mlmeex->id;
+               confirm->state = 0; /* not used */
+               confirm->code = 0;
+
+               wpa_ie_len = prism54_wpa_bss_ie_get(priv, mlmeex->address, wpa_ie);
+
+               if (!wpa_ie_len) {
+                       printk(KERN_DEBUG "No WPA IE found from "
+                                       "address:\t%02x:%02x:%02x:%02x:%02x:%02x\n",
+                               mlmeex->address[0],
+                               mlmeex->address[1],
+                               mlmeex->address[2],
+                               mlmeex->address[3],
+                               mlmeex->address[4],
+                               mlmeex->address[5]
+                               );
+                       kfree(confirm);
+                       break;
+               }
+
+               confirm->size = wpa_ie_len;
+               memcpy(&confirm->data, wpa_ie, wpa_ie_len);
+
+               mgt_set_varlen(priv, oid, confirm, wpa_ie_len);
+
+               kfree(confirm);
+
                break;
 
        default:
@@ -1850,9 +2498,10 @@ prism54_process_trap_helper(islpci_private *priv, enum oid_num_t oid,
  * interrupt context, no locks held.
  */
 void
-prism54_process_trap(void *data)
+prism54_process_trap(struct work_struct *work)
 {
-       struct islpci_mgmtframe *frame = data;
+       struct islpci_mgmtframe *frame =
+               container_of(work, struct islpci_mgmtframe, ws);
        struct net_device *ndev = frame->ndev;
        enum oid_num_t n = mgt_oidtonum(frame->header->oid);
 
@@ -1878,27 +2527,370 @@ prism54_set_mac_address(struct net_device *ndev, void *addr)
        return ret;
 }
 
-int
+/* Note: currently, use hostapd ioctl from the Host AP driver for WPA
+ * support. This is to be replaced with Linux wireless extensions once they
+ * get WPA support. */
+
+/* Note II: please leave all this together as it will be easier to remove later,
+ * once wireless extensions add WPA support -mcgrof */
+
+/* PRISM54_HOSTAPD ioctl() cmd: */
+enum {
+       PRISM2_SET_ENCRYPTION = 6,
+       PRISM2_HOSTAPD_SET_GENERIC_ELEMENT = 12,
+       PRISM2_HOSTAPD_MLME = 13,
+       PRISM2_HOSTAPD_SCAN_REQ = 14,
+};
+
+#define PRISM54_SET_WPA                        SIOCIWFIRSTPRIV+12
+#define PRISM54_HOSTAPD                        SIOCIWFIRSTPRIV+25
+#define PRISM54_DROP_UNENCRYPTED       SIOCIWFIRSTPRIV+26
+
+#define PRISM2_HOSTAPD_MAX_BUF_SIZE 1024
+#define PRISM2_HOSTAPD_GENERIC_ELEMENT_HDR_LEN \
+((int) (&((struct prism2_hostapd_param *) 0)->u.generic_elem.data))
+
+/* Maximum length for algorithm names (-1 for nul termination)
+ * used in ioctl() */
+#define HOSTAP_CRYPT_ALG_NAME_LEN 16
+
+struct prism2_hostapd_param {
+       u32 cmd;
+       u8 sta_addr[ETH_ALEN];
+       union {
+              struct {
+                      u8 alg[HOSTAP_CRYPT_ALG_NAME_LEN];
+                      u32 flags;
+                      u32 err;
+                      u8 idx;
+                      u8 seq[8]; /* sequence counter (set: RX, get: TX) */
+                      u16 key_len;
+                      u8 key[0];
+                      } crypt;
+               struct {
+                       u8 len;
+                       u8 data[0];
+               } generic_elem;
+               struct {
+#define MLME_STA_DEAUTH 0
+#define MLME_STA_DISASSOC 1
+                       u16 cmd;
+                       u16 reason_code;
+               } mlme;
+               struct {
+                       u8 ssid_len;
+                       u8 ssid[32];
+               } scan_req;
+       } u;
+};
+
+
+static int
+prism2_ioctl_set_encryption(struct net_device *dev,
+       struct prism2_hostapd_param *param,
+       int param_len)
+{
+       islpci_private *priv = netdev_priv(dev);
+       int rvalue = 0, force = 0;
+       int authen = DOT11_AUTH_OS, invoke = 0, exunencrypt = 0;
+       union oid_res_t r;
+
+       /* with the new API, it's impossible to get a NULL pointer.
+        * New version of iwconfig set the IW_ENCODE_NOKEY flag
+        * when no key is given, but older versions don't. */
+
+       if (param->u.crypt.key_len > 0) {
+               /* we have a key to set */
+               int index = param->u.crypt.idx;
+               int current_index;
+               struct obj_key key = { DOT11_PRIV_TKIP, 0, "" };
+
+               /* get the current key index */
+               rvalue = mgt_get_request(priv, DOT11_OID_DEFKEYID, 0, NULL, &r);
+               current_index = r.u;
+               /* Verify that the key is not marked as invalid */
+               if (!(param->u.crypt.flags & IW_ENCODE_NOKEY)) {
+                       key.length = param->u.crypt.key_len > sizeof (param->u.crypt.key) ?
+                           sizeof (param->u.crypt.key) : param->u.crypt.key_len;
+                       memcpy(key.key, param->u.crypt.key, key.length);
+                       if (key.length == 32)
+                               /* we want WPA-PSK */
+                               key.type = DOT11_PRIV_TKIP;
+                       if ((index < 0) || (index > 3))
+                               /* no index provided use the current one */
+                               index = current_index;
+
+                       /* now send the key to the card  */
+                       rvalue |=
+                           mgt_set_request(priv, DOT11_OID_DEFKEYX, index,
+                                           &key);
+               }
+               /*
+                * If a valid key is set, encryption should be enabled
+                * (user may turn it off later).
+                * This is also how "iwconfig ethX key on" works
+                */
+               if ((index == current_index) && (key.length > 0))
+                       force = 1;
+       } else {
+               int index = (param->u.crypt.flags & IW_ENCODE_INDEX) - 1;
+               if ((index >= 0) && (index <= 3)) {
+                       /* we want to set the key index */
+                       rvalue |=
+                           mgt_set_request(priv, DOT11_OID_DEFKEYID, 0,
+                                           &index);
+               } else {
+                       if (!param->u.crypt.flags & IW_ENCODE_MODE) {
+                               /* we cannot do anything. Complain. */
+                               return -EINVAL;
+                       }
+               }
+       }
+       /* now read the flags */
+       if (param->u.crypt.flags & IW_ENCODE_DISABLED) {
+               /* Encoding disabled,
+                * authen = DOT11_AUTH_OS;
+                * invoke = 0;
+                * exunencrypt = 0; */
+       }
+       if (param->u.crypt.flags & IW_ENCODE_OPEN)
+               /* Encode but accept non-encoded packets. No auth */
+               invoke = 1;
+       if ((param->u.crypt.flags & IW_ENCODE_RESTRICTED) || force) {
+               /* Refuse non-encoded packets. Auth */
+               authen = DOT11_AUTH_BOTH;
+               invoke = 1;
+               exunencrypt = 1;
+       }
+       /* do the change if requested  */
+       if ((param->u.crypt.flags & IW_ENCODE_MODE) || force) {
+               rvalue |=
+                   mgt_set_request(priv, DOT11_OID_AUTHENABLE, 0, &authen);
+               rvalue |=
+                   mgt_set_request(priv, DOT11_OID_PRIVACYINVOKED, 0, &invoke);
+               rvalue |=
+                   mgt_set_request(priv, DOT11_OID_EXUNENCRYPTED, 0,
+                                   &exunencrypt);
+       }
+       return rvalue;
+}
+
+static int
+prism2_ioctl_set_generic_element(struct net_device *ndev,
+       struct prism2_hostapd_param *param,
+       int param_len)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       int max_len, len, alen, ret=0;
+       struct obj_attachment *attach;
+
+       len = param->u.generic_elem.len;
+       max_len = param_len - PRISM2_HOSTAPD_GENERIC_ELEMENT_HDR_LEN;
+       if (max_len < 0 || max_len < len)
+               return -EINVAL;
+
+       alen = sizeof(*attach) + len;
+       attach = kzalloc(alen, GFP_KERNEL);
+       if (attach == NULL)
+               return -ENOMEM;
+
+#define WLAN_FC_TYPE_MGMT 0
+#define WLAN_FC_STYPE_ASSOC_REQ 0
+#define WLAN_FC_STYPE_REASSOC_REQ 2
+
+       /* Note: endianness is covered by mgt_set_varlen */
+
+       attach->type = (WLAN_FC_TYPE_MGMT << 2) |
+               (WLAN_FC_STYPE_ASSOC_REQ << 4);
+       attach->id = -1;
+       attach->size = len;
+       memcpy(attach->data, param->u.generic_elem.data, len);
+
+       ret = mgt_set_varlen(priv, DOT11_OID_ATTACHMENT, attach, len);
+
+       if (ret == 0) {
+               attach->type = (WLAN_FC_TYPE_MGMT << 2) |
+                       (WLAN_FC_STYPE_REASSOC_REQ << 4);
+
+              ret = mgt_set_varlen(priv, DOT11_OID_ATTACHMENT, attach, len);
+
+              if (ret == 0)
+                      printk(KERN_DEBUG "%s: WPA IE Attachment was set\n",
+                                      ndev->name);
+       }
+
+       kfree(attach);
+       return ret;
+
+}
+
+static int
+prism2_ioctl_mlme(struct net_device *dev, struct prism2_hostapd_param *param)
+{
+       return -EOPNOTSUPP;
+}
+
+static int
+prism2_ioctl_scan_req(struct net_device *ndev,
+                     struct prism2_hostapd_param *param)
+{
+       islpci_private *priv = netdev_priv(ndev);
+       int i, rvalue;
+       struct obj_bsslist *bsslist;
+       u32 noise = 0;
+       char *extra = "";
+       char *current_ev = "foo";
+       union oid_res_t r;
+
+       if (islpci_get_state(priv) < PRV_STATE_INIT) {
+               /* device is not ready, fail gently */
+               return 0;
+       }
+
+       /* first get the noise value. We will use it to report the link quality */
+       rvalue = mgt_get_request(priv, DOT11_OID_NOISEFLOOR, 0, NULL, &r);
+       noise = r.u;
+
+       /* Ask the device for a list of known bss. We can report at most
+        * IW_MAX_AP=64 to the range struct. But the device won't repport anything
+        * if you change the value of IWMAX_BSS=24.
+        */
+       rvalue |= mgt_get_request(priv, DOT11_OID_BSSLIST, 0, NULL, &r);
+       bsslist = r.ptr;
+
+       /* ok now, scan the list and translate its info */
+       for (i = 0; i < min(IW_MAX_AP, (int) bsslist->nr); i++)
+               current_ev = prism54_translate_bss(ndev, current_ev,
+                                                  extra + IW_SCAN_MAX_DATA,
+                                                  &(bsslist->bsslist[i]),
+                                                  noise);
+       kfree(bsslist);
+
+       return rvalue;
+}
+
+static int
+prism54_hostapd(struct net_device *ndev, struct iw_point *p)
+{
+       struct prism2_hostapd_param *param;
+       int ret = 0;
+       u32 uwrq;
+
+       printk(KERN_DEBUG "prism54_hostapd - len=%d\n", p->length);
+       if (p->length < sizeof(struct prism2_hostapd_param) ||
+           p->length > PRISM2_HOSTAPD_MAX_BUF_SIZE || !p->pointer)
+               return -EINVAL;
+
+       param = kmalloc(p->length, GFP_KERNEL);
+       if (param == NULL)
+               return -ENOMEM;
+
+       if (copy_from_user(param, p->pointer, p->length)) {
+               kfree(param);
+               return -EFAULT;
+       }
+
+       switch (param->cmd) {
+       case PRISM2_SET_ENCRYPTION:
+              printk(KERN_DEBUG "%s: Caught WPA supplicant set encryption request\n",
+                              ndev->name);
+               ret = prism2_ioctl_set_encryption(ndev, param, p->length);
+               break;
+       case PRISM2_HOSTAPD_SET_GENERIC_ELEMENT:
+              printk(KERN_DEBUG "%s: Caught WPA supplicant set WPA IE request\n",
+                              ndev->name);
+               ret = prism2_ioctl_set_generic_element(ndev, param,
+                                                      p->length);
+               break;
+       case PRISM2_HOSTAPD_MLME:
+              printk(KERN_DEBUG "%s: Caught WPA supplicant MLME request\n",
+                              ndev->name);
+               ret = prism2_ioctl_mlme(ndev, param);
+               break;
+       case PRISM2_HOSTAPD_SCAN_REQ:
+              printk(KERN_DEBUG "%s: Caught WPA supplicant scan request\n",
+                              ndev->name);
+               ret = prism2_ioctl_scan_req(ndev, param);
+               break;
+       case PRISM54_SET_WPA:
+              printk(KERN_DEBUG "%s: Caught WPA supplicant wpa init request\n",
+                              ndev->name);
+              uwrq = 1;
+              ret = prism54_set_wpa(ndev, NULL, &uwrq, NULL);
+              break;
+       case PRISM54_DROP_UNENCRYPTED:
+              printk(KERN_DEBUG "%s: Caught WPA drop unencrypted request\n",
+                              ndev->name);
+#if 0
+              uwrq = 0x01;
+              mgt_set(priv, DOT11_OID_EXUNENCRYPTED, &uwrq);
+              down_write(&priv->mib_sem);
+              mgt_commit(priv);
+              up_write(&priv->mib_sem);
+#endif
+              /* Not necessary, as set_wpa does it, should we just do it here though? */
+              ret = 0;
+              break;
+       default:
+              printk(KERN_DEBUG "%s: Caught a WPA supplicant request that is not supported\n",
+                              ndev->name);
+               ret = -EOPNOTSUPP;
+               break;
+       }
+
+       if (ret == 0 && copy_to_user(p->pointer, param, p->length))
+               ret = -EFAULT;
+
+       kfree(param);
+
+       return ret;
+}
+
+static int
 prism54_set_wpa(struct net_device *ndev, struct iw_request_info *info,
                __u32 * uwrq, char *extra)
 {
        islpci_private *priv = netdev_priv(ndev);
+       u32 mlme, authen, dot1x, filter, wep;
 
-       down_write(&priv->mib_sem);
+       if (islpci_get_state(priv) < PRV_STATE_INIT)
+               return 0;
+
+       wep = 1; /* For privacy invoked */
+       filter = 1; /* Filter out all unencrypted frames */
+       dot1x = 0x01; /* To enable eap filter */
+       mlme = DOT11_MLME_EXTENDED;
+       authen = DOT11_AUTH_OS; /* Only WEP uses _SK and _BOTH */
 
+       down_write(&priv->mib_sem);
        priv->wpa = *uwrq;
-       if (priv->wpa) {
-               u32 l = DOT11_MLME_EXTENDED;
-               mgt_set(priv, DOT11_OID_MLMEAUTOLEVEL, &l);
+
+       switch (priv->wpa) {
+               default:
+               case 0: /* Clears/disables WPA and friends */
+                       wep = 0;
+                       filter = 0; /* Do not filter un-encrypted data */
+                       dot1x = 0;
+                       mlme = DOT11_MLME_AUTO;
+                       printk("%s: Disabling WPA\n", ndev->name);
+                       break;
+               case 2:
+               case 1: /* WPA */
+                       printk("%s: Enabling WPA\n", ndev->name);
+                       break;
        }
-       /* restart the card with new level. Needed ? */
-       mgt_commit(priv);
        up_write(&priv->mib_sem);
 
+       mgt_set_request(priv, DOT11_OID_AUTHENABLE, 0, &authen);
+       mgt_set_request(priv, DOT11_OID_PRIVACYINVOKED, 0, &wep);
+       mgt_set_request(priv, DOT11_OID_EXUNENCRYPTED, 0, &filter);
+       mgt_set_request(priv, DOT11_OID_DOT1XENABLE, 0, &dot1x);
+       mgt_set_request(priv, DOT11_OID_MLMEAUTOLEVEL, 0, &mlme);
+
        return 0;
 }
 
-int
+static int
 prism54_get_wpa(struct net_device *ndev, struct iw_request_info *info,
                __u32 * uwrq, char *extra)
 {
@@ -1907,7 +2899,7 @@ prism54_get_wpa(struct net_device *ndev, struct iw_request_info *info,
        return 0;
 }
 
-int
+static int
 prism54_set_prismhdr(struct net_device *ndev, struct iw_request_info *info,
                     __u32 * uwrq, char *extra)
 {
@@ -1920,7 +2912,7 @@ prism54_set_prismhdr(struct net_device *ndev, struct iw_request_info *info,
        return 0;
 }
 
-int
+static int
 prism54_get_prismhdr(struct net_device *ndev, struct iw_request_info *info,
                     __u32 * uwrq, char *extra)
 {
@@ -1929,7 +2921,7 @@ prism54_get_prismhdr(struct net_device *ndev, struct iw_request_info *info,
        return 0;
 }
 
-int
+static int
 prism54_debug_oid(struct net_device *ndev, struct iw_request_info *info,
                  __u32 * uwrq, char *extra)
 {
@@ -1941,12 +2933,12 @@ prism54_debug_oid(struct net_device *ndev, struct iw_request_info *info,
        return 0;
 }
 
-int
+static int
 prism54_debug_get_oid(struct net_device *ndev, struct iw_request_info *info,
                      struct iw_point *data, char *extra)
 {
        islpci_private *priv = netdev_priv(ndev);
-       struct islpci_mgmtframe *response = NULL;
+       struct islpci_mgmtframe *response;
        int ret = -EIO;
 
        printk("%s: get_oid 0x%08X\n", ndev->name, priv->priv_oid);
@@ -1977,12 +2969,12 @@ prism54_debug_get_oid(struct net_device *ndev, struct iw_request_info *info,
        return ret;
 }
 
-int
+static int
 prism54_debug_set_oid(struct net_device *ndev, struct iw_request_info *info,
                      struct iw_point *data, char *extra)
 {
        islpci_private *priv = netdev_priv(ndev);
-       struct islpci_mgmtframe *response = NULL;
+       struct islpci_mgmtframe *response;
        int ret = 0, response_op = PIMFOR_OP_ERROR;
 
        printk("%s: set_oid 0x%08X\tlen: %d\n", ndev->name, priv->priv_oid,
@@ -2085,6 +3077,15 @@ static const iw_handler prism54_handler[] = {
        (iw_handler) prism54_get_encode,        /* SIOCGIWENCODE */
        (iw_handler) NULL,      /* SIOCSIWPOWER */
        (iw_handler) NULL,      /* SIOCGIWPOWER */
+       NULL,                   /* -- hole -- */
+       NULL,                   /* -- hole -- */
+       (iw_handler) prism54_set_genie, /* SIOCSIWGENIE */
+       (iw_handler) prism54_get_genie, /* SIOCGIWGENIE */
+       (iw_handler) prism54_set_auth,  /* SIOCSIWAUTH */
+       (iw_handler) prism54_get_auth,  /* SIOCGIWAUTH */
+       (iw_handler) prism54_set_encodeext, /* SIOCSIWENCODEEXT */
+       (iw_handler) prism54_get_encodeext, /* SIOCGIWENCODEEXT */
+       NULL,                   /* SIOCSIWPMKSA */
 };
 
 /* The low order bit identify a SET (0) or a GET (1) ioctl.  */
@@ -2255,14 +3256,22 @@ const struct iw_handler_def prism54_handler_def = {
        .standard = (iw_handler *) prism54_handler,
        .private = (iw_handler *) prism54_private_handler,
        .private_args = (struct iw_priv_args *) prism54_private_args,
-       .spy_offset = offsetof(islpci_private, spy_data),
+       .get_wireless_stats = prism54_get_wireless_stats,
 };
 
-/* For ioctls that don't work with the new API */
+/* For wpa_supplicant */
 
 int
 prism54_ioctl(struct net_device *ndev, struct ifreq *rq, int cmd)
 {
-
+       struct iwreq *wrq = (struct iwreq *) rq;
+       int ret = -1;
+       switch (cmd) {
+               case PRISM54_HOSTAPD:
+               if (!capable(CAP_NET_ADMIN))
+               return -EPERM;
+               ret = prism54_hostapd(ndev, &wrq->u.data);
+               return ret;
+       }
        return -EOPNOTSUPP;
 }
linux-2.6