projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'viafb-next' of git://git.lwn.net/linux-2.6
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / staging / vt6655 / dpc.c
CommitLineData
5449c685
FB		 1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
5449c685 41#include "device.h"
5449c685 42#include "rxtx.h"
5449c685 43#include "tether.h"
5449c685 44#include "card.h"
5449c685 45#include "bssdb.h"
5449c685 46#include "mac.h"
5449c685 47#include "baseband.h"
5449c685 48#include "michael.h"
5449c685 49#include "tkip.h"
5449c685 50#include "tcrc.h"
5449c685 51#include "wctl.h"
5449c685 52#include "wroute.h"
5449c685 53#include "hostap.h"
5449c685 54#include "rf.h"
5449c685 55#include "iowpa.h"
5449c685 56#include "aes_ccmp.h"
5449c685
FB		 57
58//#define PLICE_DEBUG
59
60
61/*--------------------- Static Definitions -------------------------*/
62
63/*--------------------- Static Classes ----------------------------*/
64
65/*--------------------- Static Variables --------------------------*/
66//static int msglevel =MSG_LEVEL_DEBUG;
67static int msglevel =MSG_LEVEL_INFO;
68
69const BYTE acbyRxRate[MAX_RATE] =
70{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
71
72
73/*--------------------- Static Functions --------------------------*/
74
75/*--------------------- Static Definitions -------------------------*/
76
77/*--------------------- Static Functions --------------------------*/
78
79static BYTE s_byGetRateIdx(IN BYTE byRate);
80
81
82static
83VOID
84s_vGetDASA(
85 IN PBYTE pbyRxBufferAddr,
86 OUT PUINT pcbHeaderSize,
87 OUT PSEthernetHeader psEthHeader
88 );
89
90static
91VOID
92s_vProcessRxMACHeader (
93 IN PSDevice pDevice,
94 IN PBYTE pbyRxBufferAddr,
95 IN UINT cbPacketSize,
96 IN BOOL bIsWEP,
97 IN BOOL bExtIV,
98 OUT PUINT pcbHeadSize
99 );
100
101static BOOL s_bAPModeRxCtl(
102 IN PSDevice pDevice,
103 IN PBYTE pbyFrame,
104 IN INT iSANodeIndex
105 );
106
5449c685 107
612822f5 108
5449c685
FB		 109static BOOL s_bAPModeRxData (
110 IN PSDevice pDevice,
111 IN struct sk_buff* skb,
112 IN UINT FrameSize,
113 IN UINT cbHeaderOffset,
114 IN INT iSANodeIndex,
115 IN INT iDANodeIndex
116 );
5449c685
FB		 117
118
119static BOOL s_bHandleRxEncryption(
120 IN PSDevice pDevice,
121 IN PBYTE pbyFrame,
122 IN UINT FrameSize,
123 IN PBYTE pbyRsr,
124 OUT PBYTE pbyNewRsr,
125 OUT PSKeyItem *pKeyOut,
a884847a 126 int * pbExtIV,
5449c685
FB		 127 OUT PWORD pwRxTSC15_0,
128 OUT PDWORD pdwRxTSC47_16
129 );
130
131static BOOL s_bHostWepRxEncryption(
132
133 IN PSDevice pDevice,
134 IN PBYTE pbyFrame,
135 IN UINT FrameSize,
136 IN PBYTE pbyRsr,
137 IN BOOL bOnFly,
138 IN PSKeyItem pKey,
139 OUT PBYTE pbyNewRsr,
a884847a 140 int * pbExtIV,
5449c685
FB		 141 OUT PWORD pwRxTSC15_0,
142 OUT PDWORD pdwRxTSC47_16
143
144 );
145
146/*--------------------- Export Variables --------------------------*/
147
148/*+
149 *
150 * Description:
151 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
152 *
153 * Parameters:
154 * In:
155 * pDevice
156 * dwRxBufferAddr - Address of Rcv Buffer
157 * cbPacketSize - Rcv Packet size
158 * bIsWEP - If Rcv with WEP
159 * Out:
160 * pcbHeaderSize - 802.11 header size
161 *
162 * Return Value: None
163 *
164-*/
165static
166VOID
167s_vProcessRxMACHeader (
168 IN PSDevice pDevice,
169 IN PBYTE pbyRxBufferAddr,
170 IN UINT cbPacketSize,
171 IN BOOL bIsWEP,
172 IN BOOL bExtIV,
173 OUT PUINT pcbHeadSize
174 )
175{
176 PBYTE pbyRxBuffer;
177 UINT cbHeaderSize = 0;
178 PWORD pwType;
179 PS802_11Header pMACHeader;
180 int ii;
181
182
183 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
184
185 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
186
187 if (bIsWEP) {
188 if (bExtIV) {
189 // strip IV&ExtIV , add 8 byte
190 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
191 } else {
192 // strip IV , add 4 byte
193 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
194 }
195 }
196 else {
197 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
198 };
199
200 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
201 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
202 cbHeaderSize += 6;
203 }
204 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
205 cbHeaderSize += 6;
206 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
207 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
208 }
209 else {
210 cbHeaderSize -= 8;
211 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
212 if (bIsWEP) {
213 if (bExtIV) {
214 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
215 } else {
216 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
217 }
218 }
219 else {
220 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
221 }
222 }
223 }
224 else {
225 cbHeaderSize -= 2;
226 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
227 if (bIsWEP) {
228 if (bExtIV) {
229 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
230 } else {
231 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
232 }
233 }
234 else {
235 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
236 }
237 }
238
239 cbHeaderSize -= (U_ETHER_ADDR_LEN * 2);
240 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
241 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
242 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
243 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
244 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
245
246 *pcbHeadSize = cbHeaderSize;
247}
248
249
250
251
252static BYTE s_byGetRateIdx (IN BYTE byRate)
253{
254 BYTE byRateIdx;
255
256 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
257 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
258 return byRateIdx;
259 }
260 return 0;
261}
262
263
264static
265VOID
266s_vGetDASA (
267 IN PBYTE pbyRxBufferAddr,
268 OUT PUINT pcbHeaderSize,
269 OUT PSEthernetHeader psEthHeader
270 )
271{
272 UINT cbHeaderSize = 0;
273 PS802_11Header pMACHeader;
274 int ii;
275
276 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
277
278 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
279 if (pMACHeader->wFrameCtl & FC_FROMDS) {
280 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
281 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
282 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
283 }
284 }
285 else {
286 // IBSS mode
287 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
288 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
289 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
290 }
291 }
292 }
293 else {
294 // Is AP mode..
295 if (pMACHeader->wFrameCtl & FC_FROMDS) {
296 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
297 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
298 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
299 cbHeaderSize += 6;
300 }
301 }
302 else {
303 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
304 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
305 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
306 }
307 }
308 };
309 *pcbHeaderSize = cbHeaderSize;
310}
311
312
313
314
315//PLICE_DEBUG ->
316
317VOID MngWorkItem(PVOID Context)
318{
319 PSRxMgmtPacket pRxMgmtPacket;
320 PSDevice pDevice = (PSDevice) Context;
321 //printk("Enter MngWorkItem,Queue packet num is %d\n",pDevice->rxManeQueue.packet_num);
322 spin_lock_irq(&pDevice->lock);
323 while(pDevice->rxManeQueue.packet_num != 0)
324 {
325 pRxMgmtPacket = DeQueue(pDevice);
326 vMgrRxManagePacket(pDevice, pDevice->pMgmt, pRxMgmtPacket);
327 }
328 spin_unlock_irq(&pDevice->lock);
329}
330
331
332//PLICE_DEBUG<-
333
334
335
336BOOL
337device_receive_frame (
338 IN PSDevice pDevice,
339 IN PSRxDesc pCurrRD
340 )
341{
342
343 PDEVICE_RD_INFO pRDInfo = pCurrRD->pRDInfo;
344#ifdef PLICE_DEBUG
345 //printk("device_receive_frame:pCurrRD is %x,pRDInfo is %x\n",pCurrRD,pCurrRD->pRDInfo);
346#endif
347 struct net_device_stats* pStats=&pDevice->stats;
5449c685 348 struct sk_buff* skb;
5449c685
FB		 349 PSMgmtObject pMgmt = pDevice->pMgmt;
350 PSRxMgmtPacket pRxPacket = &(pDevice->pMgmt->sRxPacket);
351 PS802_11Header p802_11Header;
352 PBYTE pbyRsr;
353 PBYTE pbyNewRsr;
354 PBYTE pbyRSSI;
355 PQWORD pqwTSFTime;
356 PWORD pwFrameSize;
357 PBYTE pbyFrame;
358 BOOL bDeFragRx = FALSE;
359 BOOL bIsWEP = FALSE;
360 UINT cbHeaderOffset;
361 UINT FrameSize;
362 WORD wEtherType = 0;
363 INT iSANodeIndex = -1;
364 INT iDANodeIndex = -1;
365 UINT ii;
366 UINT cbIVOffset;
367 BOOL bExtIV = FALSE;
368 PBYTE pbyRxSts;
369 PBYTE pbyRxRate;
370 PBYTE pbySQ;
371 UINT cbHeaderSize;
372 PSKeyItem pKey = NULL;
373 WORD wRxTSC15_0 = 0;
374 DWORD dwRxTSC47_16 = 0;
375 SKeyItem STempKey;
376 // 802.11h RPI
377 DWORD dwDuration = 0;
378 LONG ldBm = 0;
379 LONG ldBmThreshold = 0;
380 PS802_11Header pMACHeader;
381 BOOL bRxeapol_key = FALSE;
382
7e809a9b 383// DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- device_receive_frame---\n");
5449c685
FB		 384
385 skb = pRDInfo->skb;
5449c685
FB		 386
387
388//PLICE_DEBUG->
389#if 1
390 pci_unmap_single(pDevice->pcid, pRDInfo->skb_dma,
391 pDevice->rx_buf_sz, PCI_DMA_FROMDEVICE);
392#endif
393//PLICE_DEBUG<-
394 pwFrameSize = (PWORD)(skb->data + 2);
395 FrameSize = cpu_to_le16(pCurrRD->m_rd1RD1.wReqCount) - cpu_to_le16(pCurrRD->m_rd0RD0.wResCount);
396
397 // Max: 2312Payload + 30HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
398 // Min (ACK): 10HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
399 if ((FrameSize > 2364)||(FrameSize <= 32)) {
400 // Frame Size error drop this packet.
7e809a9b 401 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
5449c685
FB		 402 return FALSE;
403 }
404
405 pbyRxSts = (PBYTE) (skb->data);
406 pbyRxRate = (PBYTE) (skb->data + 1);
407 pbyRsr = (PBYTE) (skb->data + FrameSize - 1);
408 pbyRSSI = (PBYTE) (skb->data + FrameSize - 2);
409 pbyNewRsr = (PBYTE) (skb->data + FrameSize - 3);
410 pbySQ = (PBYTE) (skb->data + FrameSize - 4);
411 pqwTSFTime = (PQWORD) (skb->data + FrameSize - 12);
412 pbyFrame = (PBYTE)(skb->data + 4);
413
414 // get packet size
415 FrameSize = cpu_to_le16(*pwFrameSize);
416
417 if ((FrameSize > 2346)|(FrameSize < 14)) { // Max: 2312Payload + 30HD +4CRC
418 // Min: 14 bytes ACK
7e809a9b 419 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
5449c685
FB		 420 return FALSE;
421 }
422//PLICE_DEBUG->
423#if 1
424 // update receive statistic counter
425 STAvUpdateRDStatCounter(&pDevice->scStatistic,
426 *pbyRsr,
427 *pbyNewRsr,
428 *pbyRxRate,
429 pbyFrame,
430 FrameSize);
431
432#endif
433
434 pMACHeader=(PS802_11Header)((PBYTE) (skb->data)+8);
435//PLICE_DEBUG<-
436 if (pDevice->bMeasureInProgress == TRUE) {
437 if ((*pbyRsr & RSR_CRCOK) != 0) {
438 pDevice->byBasicMap |= 0x01;
439 }
440 dwDuration = (FrameSize << 4);
441 dwDuration /= acbyRxRate[*pbyRxRate%MAX_RATE];
442 if (*pbyRxRate <= RATE_11M) {
256a816b 443 if (*pbyRxSts & 0x01) {
5449c685
FB		 444 // long preamble
445 dwDuration += 192;
446 } else {
447 // short preamble
448 dwDuration += 96;
449 }
450 } else {
451 dwDuration += 16;
452 }
453 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
454 ldBmThreshold = -57;
455 for (ii = 7; ii > 0;) {
456 if (ldBm > ldBmThreshold) {
457 break;
458 }
459 ldBmThreshold -= 5;
460 ii--;
461 }
462 pDevice->dwRPIs[ii] += dwDuration;
463 return FALSE;
464 }
465
466 if (!IS_MULTICAST_ADDRESS(pbyFrame) && !IS_BROADCAST_ADDRESS(pbyFrame)) {
467 if (WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) (skb->data + 4))) {
468 pDevice->s802_11Counter.FrameDuplicateCount++;
469 return FALSE;
470 }
471 }
472
473
474 // Use for TKIP MIC
475 s_vGetDASA(skb->data+4, &cbHeaderSize, &pDevice->sRxEthHeader);
476
477 // filter packet send from myself
478 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
479 return FALSE;
480
481 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
482 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
483 p802_11Header = (PS802_11Header) (pbyFrame);
484 // get SA NodeIndex
485 if (BSSDBbIsSTAInNodeDB(pMgmt, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
5449c685 486 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
5449c685
FB		 487 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
488 }
489 }
490 }
491
492 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
493 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
494 return FALSE;
495 }
496 }
612822f5
JL		 497
498
5449c685
FB		 499 if (IS_FC_WEP(pbyFrame)) {
500 BOOL bRxDecryOK = FALSE;
501
7e809a9b 502 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
5449c685
FB		 503 bIsWEP = TRUE;
504 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
505 pKey = &STempKey;
506 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
507 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
508 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
509 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
510 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
511 memcpy(pKey->abyKey,
512 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
513 pKey->uKeyLength
514 );
515
516 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
517 pbyFrame,
518 FrameSize,
519 pbyRsr,
520 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
521 pKey,
522 pbyNewRsr,
523 &bExtIV,
524 &wRxTSC15_0,
525 &dwRxTSC47_16);
526 } else {
527 bRxDecryOK = s_bHandleRxEncryption(pDevice,
528 pbyFrame,
529 FrameSize,
530 pbyRsr,
531 pbyNewRsr,
532 &pKey,
533 &bExtIV,
534 &wRxTSC15_0,
535 &dwRxTSC47_16);
536 }
537
538 if (bRxDecryOK) {
539 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
7e809a9b 540 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
5449c685
FB		 541 if ( (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
542 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
543 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
544 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
545 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
546
547 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
548 pDevice->s802_11Counter.TKIPICVErrors++;
549 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
550 pDevice->s802_11Counter.CCMPDecryptErrors++;
551 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
552// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
553 }
554 }
555 return FALSE;
556 }
557 } else {
7e809a9b 558 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
5449c685
FB		 559 return FALSE;
560 }
561 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
562 FrameSize -= 8; // Message Integrity Code
563 else
564 FrameSize -= 4; // 4 is ICV
565 }
566
567
568 //
569 // RX OK
570 //
571 //remove the CRC length
572 FrameSize -= U_CRC_LEN;
573
256a816b 574 if (( !(*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI))) && // unicast address
5449c685
FB		 575 (IS_FRAGMENT_PKT((skb->data+4)))
576 ) {
577 // defragment
578 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (skb->data+4), FrameSize, bIsWEP, bExtIV);
579 pDevice->s802_11Counter.ReceivedFragmentCount++;
580 if (bDeFragRx) {
581 // defrag complete
5449c685 582 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
5449c685
FB		 583 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
584
585 }
586 else {
587 return FALSE;
588 }
589 }
590
591
592// Management & Control frame Handle
593 if ((IS_TYPE_DATA((skb->data+4))) == FALSE) {
594 // Handle Control & Manage Frame
595
596 if (IS_TYPE_MGMT((skb->data+4))) {
597 PBYTE pbyData1;
598 PBYTE pbyData2;
599
600 pRxPacket->p80211Header = (PUWLAN_80211HDR)(skb->data+4);
601 pRxPacket->cbMPDULen = FrameSize;
602 pRxPacket->uRSSI = *pbyRSSI;
603 pRxPacket->bySQ = *pbySQ;
604 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
605 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
606 if (bIsWEP) {
607 // strip IV
608 pbyData1 = WLAN_HDR_A3_DATA_PTR(skb->data+4);
609 pbyData2 = WLAN_HDR_A3_DATA_PTR(skb->data+4) + 4;
610 for (ii = 0; ii < (FrameSize - 4); ii++) {
611 *pbyData1 = *pbyData2;
612 pbyData1++;
613 pbyData2++;
614 }
615 }
616 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
617 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
618//PLICE_DEBUG->
619//EnQueue(pDevice,pRxPacket);
620
621#ifdef THREAD
622 EnQueue(pDevice,pRxPacket);
623
624 //printk("enque time is %x\n",jiffies);
625 //up(&pDevice->mlme_semaphore);
626 //Enque (pDevice->FirstRecvMngList,pDevice->LastRecvMngList,pMgmt);
627#else
628
629#ifdef TASK_LET
630 EnQueue(pDevice,pRxPacket);
631 tasklet_schedule(&pDevice->RxMngWorkItem);
632#else
633//printk("RxMan\n");
634 vMgrRxManagePacket((HANDLE)pDevice, pDevice->pMgmt, pRxPacket);
635 //tasklet_schedule(&pDevice->RxMngWorkItem);
636#endif
637
638#endif
639//PLICE_DEBUG<-
640 //vMgrRxManagePacket((HANDLE)pDevice, pDevice->pMgmt, pRxPacket);
641 // hostap Deamon handle 802.11 management
642 if (pDevice->bEnableHostapd) {
643 skb->dev = pDevice->apdev;
5449c685
FB		 644 skb->data += 4;
645 skb->tail += 4;
646 skb_put(skb, FrameSize);
db6cb903 647 skb_reset_mac_header(skb);
5449c685
FB		 648 skb->pkt_type = PACKET_OTHERHOST;
649 skb->protocol = htons(ETH_P_802_2);
650 memset(skb->cb, 0, sizeof(skb->cb));
651 netif_rx(skb);
5449c685
FB		 652 return TRUE;
653 }
654 }
655 else {
656 // Control Frame
657 };
658 return FALSE;
659 }
660 else {
661 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
662 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
256a816b 663 if ( !(*pbyRsr & RSR_BSSIDOK)) {
5449c685
FB		 664 if (bDeFragRx) {
665 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 666 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 667 pDevice->dev->name);
668 }
669 }
670 return FALSE;
671 }
672 }
673 else {
674 // discard DATA packet while not associate || BSSID error
675 if ((pDevice->bLinkPass == FALSE) ||
256a816b 676 !(*pbyRsr & RSR_BSSIDOK)) {
5449c685
FB		 677 if (bDeFragRx) {
678 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 679 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 680 pDevice->dev->name);
681 }
682 }
683 return FALSE;
684 }
5449c685
FB		 685 //mike add:station mode check eapol-key challenge--->
686 {
687 BYTE Protocol_Version; //802.1x Authentication
688 BYTE Packet_Type; //802.1x Authentication
689 if (bIsWEP)
690 cbIVOffset = 8;
691 else
692 cbIVOffset = 0;
693 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
694 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
695 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
696 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
697 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
698 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
699 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
700 bRxeapol_key = TRUE;
701 }
702 }
703 }
704 //mike add:station mode check eapol-key challenge<---
705 }
706 }
707
612822f5 708
5449c685
FB		 709// Data frame Handle
710
612822f5 711
5449c685
FB		 712 if (pDevice->bEnablePSMode) {
713 if (IS_FC_MOREDATA((skb->data+4))) {
256a816b 714 if (*pbyRsr & RSR_ADDROK) {
5449c685
FB		 715 //PSbSendPSPOLL((PSDevice)pDevice);
716 }
717 }
718 else {
719 if (pDevice->pMgmt->bInTIMWake == TRUE) {
720 pDevice->pMgmt->bInTIMWake = FALSE;
721 }
722 }
723 };
724
725 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
726 if (pDevice->bDiversityEnable && (FrameSize>50) &&
727 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
728 (pDevice->bLinkPass == TRUE)) {
729 //printk("device_receive_frame: RxRate is %d\n",*pbyRxRate);
730 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
731 }
732
733
734 if (pDevice->byLocalID != REV_ID_VT3253_B1) {
735 pDevice->uCurrRSSI = *pbyRSSI;
736 }
737 pDevice->byCurrSQ = *pbySQ;
738
739 if ((*pbyRSSI != 0) &&
740 (pMgmt->pCurrBSS!=NULL)) {
741 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
742 // Moniter if RSSI is too strong.
743 pMgmt->pCurrBSS->byRSSIStatCnt++;
744 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
745 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
746 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
747 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
748 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
749 }
750 }
751 }
752
753 // -----------------------------------------------
754
755 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
756 BYTE abyMacHdr[24];
757
758 // Only 802.1x packet incoming allowed
759 if (bIsWEP)
760 cbIVOffset = 8;
761 else
762 cbIVOffset = 0;
763 wEtherType = (skb->data[cbIVOffset + 4 + 24 + 6] << 8) |
764 skb->data[cbIVOffset + 4 + 24 + 6 + 1];
765
7e809a9b 766 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
5449c685
FB		 767 if (wEtherType == ETH_P_PAE) {
768 skb->dev = pDevice->apdev;
769
770 if (bIsWEP == TRUE) {
771 // strip IV header(8)
772 memcpy(&abyMacHdr[0], (skb->data + 4), 24);
773 memcpy((skb->data + 4 + cbIVOffset), &abyMacHdr[0], 24);
774 }
5449c685
FB		 775 skb->data += (cbIVOffset + 4);
776 skb->tail += (cbIVOffset + 4);
777 skb_put(skb, FrameSize);
db6cb903 778 skb_reset_mac_header(skb);
5449c685
FB		 779
780 skb->pkt_type = PACKET_OTHERHOST;
781 skb->protocol = htons(ETH_P_802_2);
782 memset(skb->cb, 0, sizeof(skb->cb));
783 netif_rx(skb);
5449c685
FB		 784 return TRUE;
785
786}
787 // check if 802.1x authorized
788 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
789 return FALSE;
790 }
791
792
793 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
794 if (bIsWEP) {
795 FrameSize -= 8; //MIC
796 }
797 }
798
799 //--------------------------------------------------------------------------------
800 // Soft MIC
801 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
802 if (bIsWEP) {
803 PDWORD pdwMIC_L;
804 PDWORD pdwMIC_R;
805 DWORD dwMIC_Priority;
806 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
807 DWORD dwLocalMIC_L = 0;
808 DWORD dwLocalMIC_R = 0;
809 viawget_wpa_header *wpahdr;
810
811
812 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
813 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
814 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
815 }
816 else {
817 if (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
818 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
819 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
820 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
821 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
822 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
823 } else {
824 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
825 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
826 }
827 }
828
829 MIC_vInit(dwMICKey0, dwMICKey1);
830 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
831 dwMIC_Priority = 0;
832 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
833 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
834 MIC_vAppend((PBYTE)(skb->data + 4 + WLAN_HDR_ADDR3_LEN + 8),
835 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
836 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
837 MIC_vUnInit();
838
839 pdwMIC_L = (PDWORD)(skb->data + 4 + FrameSize);
840 pdwMIC_R = (PDWORD)(skb->data + 4 + FrameSize + 4);
841 //DBG_PRN_GRP12(("RxL: %lx, RxR: %lx\n", *pdwMIC_L, *pdwMIC_R));
842 //DBG_PRN_GRP12(("LocalL: %lx, LocalR: %lx\n", dwLocalMIC_L, dwLocalMIC_R));
7e809a9b 843 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"dwMICKey0= %lx,dwMICKey1= %lx \n", dwMICKey0, dwMICKey1);
5449c685
FB		 844
845
846 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
847 (pDevice->bRxMICFail == TRUE)) {
7e809a9b 848 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
5449c685
FB		 849 pDevice->bRxMICFail = FALSE;
850 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
851 pDevice->s802_11Counter.TKIPLocalMICFailures++;
852 if (bDeFragRx) {
853 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 854 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 855 pDevice->dev->name);
856 }
857 }
612822f5 858 //2008-0409-07, <Add> by Einsn Liu
5449c685
FB		 859 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
860 //send event to wpa_supplicant
861 //if(pDevice->bWPADevEnable == TRUE)
612822f5 862 {
5449c685
FB		 863 union iwreq_data wrqu;
864 struct iw_michaelmicfailure ev;
865 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
866 memset(&ev, 0, sizeof(ev));
867 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
868 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
869 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
870 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
871 ev.flags |= IW_MICFAILURE_PAIRWISE;
872 } else {
873 ev.flags |= IW_MICFAILURE_GROUP;
874 }
875
876 ev.src_addr.sa_family = ARPHRD_ETHER;
877 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
878 memset(&wrqu, 0, sizeof(wrqu));
879 wrqu.data.length = sizeof(ev);
880 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
881
882 }
883 #endif
612822f5
JL		 884
885
5449c685
FB		 886 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
887 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
888 if ((pDevice->pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
889 (pDevice->pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
890 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
891 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
892 wpahdr->type = VIAWGET_PTK_MIC_MSG;
893 } else {
894 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
895 wpahdr->type = VIAWGET_GTK_MIC_MSG;
896 }
897 wpahdr->resp_ie_len = 0;
898 wpahdr->req_ie_len = 0;
899 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
900 pDevice->skb->dev = pDevice->wpadev;
db6cb903 901 skb_reset_mac_header(pDevice->skb);
7bb8dc2d 902 pDevice->skb->pkt_type = PACKET_HOST;
5449c685
FB		 903 pDevice->skb->protocol = htons(ETH_P_802_2);
904 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
905 netif_rx(pDevice->skb);
906 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
907 };
908
909 return FALSE;
910
911 }
912 }
913 } //---end of SOFT MIC-----------------------------------------------------------------------
914
915 // ++++++++++ Reply Counter Check +++++++++++++
916
917 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
918 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
919 if (bIsWEP) {
920 WORD wLocalTSC15_0 = 0;
921 DWORD dwLocalTSC47_16 = 0;
922 ULONGLONG RSC = 0;
923 // endian issues
924 RSC = *((ULONGLONG *) &(pKey->KeyRSC));
925 wLocalTSC15_0 = (WORD) RSC;
926 dwLocalTSC47_16 = (DWORD) (RSC>>16);
927
928 RSC = dwRxTSC47_16;
929 RSC <<= 16;
930 RSC += wRxTSC15_0;
51b6d9c2 931 memcpy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
5449c685
FB		 932
933 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
934 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
935 // check RSC
936 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
937 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
938 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
7e809a9b 939 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
5449c685
FB		 940 if (pKey->byCipherSuite == KEY_CTL_TKIP)
941 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
942 pDevice->s802_11Counter.TKIPReplays++;
943 else
944 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
945 pDevice->s802_11Counter.CCMPReplays++;
946
947 if (bDeFragRx) {
948 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 949 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 950 pDevice->dev->name);
951 }
952 }
953 return FALSE;
954 }
955 }
956 }
957 } // ----- End of Reply Counter Check --------------------------
958
959
960
961 if ((pKey != NULL) && (bIsWEP)) {
962// pDevice->s802_11Counter.DecryptSuccessCount.QuadPart++;
963 }
964
965
966 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+4), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
967 FrameSize -= cbHeaderOffset;
968 cbHeaderOffset += 4; // 4 is Rcv buffer header
969
970 // Null data, framesize = 14
971 if (FrameSize < 15)
972 return FALSE;
973
974 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
975 if (s_bAPModeRxData(pDevice,
976 skb,
977 FrameSize,
978 cbHeaderOffset,
979 iSANodeIndex,
980 iDANodeIndex
981 ) == FALSE) {
982
983 if (bDeFragRx) {
984 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 985 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 986 pDevice->dev->name);
987 }
988 }
989 return FALSE;
990 }
991
992// if(pDevice->bRxMICFail == FALSE) {
993// for (ii =0; ii < 100; ii++)
994// printk(" %02x", *(skb->data + ii));
995// printk("\n");
996// }
997
998 }
999
5449c685
FB		 1000 skb->data += cbHeaderOffset;
1001 skb->tail += cbHeaderOffset;
1002 skb_put(skb, FrameSize);
1003 skb->protocol=eth_type_trans(skb, skb->dev);
5449c685
FB		 1004
1005
1006 //drop frame not met IEEE 802.3
1007/*
1008 if (pDevice->flags & DEVICE_FLAGS_VAL_PKT_LEN) {
5449c685
FB		 1009 if ((skb->protocol==htons(ETH_P_802_3)) &&
1010 (skb->len!=htons(skb->mac.ethernet->h_proto))) {
5449c685
FB		 1011 pStats->rx_length_errors++;
1012 pStats->rx_dropped++;
1013 if (bDeFragRx) {
1014 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 1015 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 1016 pDevice->dev->name);
1017 }
1018 }
1019 return FALSE;
1020 }
1021 }
1022*/
1023
5449c685
FB		 1024 skb->ip_summed=CHECKSUM_NONE;
1025 pStats->rx_bytes +=skb->len;
1026 pStats->rx_packets++;
1027 netif_rx(skb);
5449c685
FB		 1028
1029 if (bDeFragRx) {
1030 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
7e809a9b 1031 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
5449c685
FB		 1032 pDevice->dev->name);
1033 }
1034 return FALSE;
1035 }
612822f5 1036
5449c685
FB		 1037 return TRUE;
1038}
1039
1040
1041static BOOL s_bAPModeRxCtl (
1042 IN PSDevice pDevice,
1043 IN PBYTE pbyFrame,
1044 IN INT iSANodeIndex
1045 )
1046{
1047 PS802_11Header p802_11Header;
1048 CMD_STATUS Status;
1049 PSMgmtObject pMgmt = pDevice->pMgmt;
1050
1051
1052 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1053
1054 p802_11Header = (PS802_11Header) (pbyFrame);
1055 if (!IS_TYPE_MGMT(pbyFrame)) {
1056
1057 // Data & PS-Poll packet
1058 // check frame class
1059 if (iSANodeIndex > 0) {
1060 // frame class 3 fliter & checking
1061 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1062 // send deauth notification
1063 // reason = (6) class 2 received from nonauth sta
1064 vMgrDeAuthenBeginSta(pDevice,
1065 pMgmt,
1066 (PBYTE)(p802_11Header->abyAddr2),
1067 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1068 &Status
1069 );
7e809a9b 1070 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
5449c685
FB		 1071 return TRUE;
1072 };
1073 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1074 // send deassoc notification
1075 // reason = (7) class 3 received from nonassoc sta
1076 vMgrDisassocBeginSta(pDevice,
1077 pMgmt,
1078 (PBYTE)(p802_11Header->abyAddr2),
1079 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1080 &Status
1081 );
7e809a9b 1082 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
5449c685
FB		 1083 return TRUE;
1084 };
1085
1086 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1087 // delcare received ps-poll event
1088 if (IS_CTL_PSPOLL(pbyFrame)) {
1089 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1090 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
7e809a9b 1091 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
5449c685
FB		 1092 }
1093 else {
1094 // check Data PS state
1095 // if PW bit off, send out all PS bufferring packets.
1096 if (!IS_FC_POWERMGT(pbyFrame)) {
1097 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1098 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1099 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
7e809a9b 1100 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
5449c685
FB		 1101 }
1102 }
1103 }
1104 else {
1105 if (IS_FC_POWERMGT(pbyFrame)) {
1106 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1107 // Once if STA in PS state, enable multicast bufferring
1108 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1109 }
1110 else {
1111 // clear all pending PS frame.
1112 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1113 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1114 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1115 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
7e809a9b 1116 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
5449c685
FB		 1117
1118 }
1119 }
1120 }
1121 }
1122 else {
1123 vMgrDeAuthenBeginSta(pDevice,
1124 pMgmt,
1125 (PBYTE)(p802_11Header->abyAddr2),
1126 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1127 &Status
1128 );
7e809a9b
JL		 1129 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1130 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
5449c685
FB		 1131 p802_11Header->abyAddr3[0],
1132 p802_11Header->abyAddr3[1],
1133 p802_11Header->abyAddr3[2],
1134 p802_11Header->abyAddr3[3],
1135 p802_11Header->abyAddr3[4],
1136 p802_11Header->abyAddr3[5]
1137 );
7e809a9b 1138 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
5449c685
FB		 1139 p802_11Header->abyAddr2[0],
1140 p802_11Header->abyAddr2[1],
1141 p802_11Header->abyAddr2[2],
1142 p802_11Header->abyAddr2[3],
1143 p802_11Header->abyAddr2[4],
1144 p802_11Header->abyAddr2[5]
1145 );
7e809a9b 1146 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
5449c685
FB		 1147 p802_11Header->abyAddr1[0],
1148 p802_11Header->abyAddr1[1],
1149 p802_11Header->abyAddr1[2],
1150 p802_11Header->abyAddr1[3],
1151 p802_11Header->abyAddr1[4],
1152 p802_11Header->abyAddr1[5]
1153 );
7e809a9b 1154 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
5449c685 1155 VNSvInPortB(pDevice->PortOffset + MAC_REG_RCR, &(pDevice->byRxMode));
7e809a9b 1156 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc:pDevice->byRxMode = %x\n", pDevice->byRxMode );
5449c685
FB		 1157 return TRUE;
1158 }
1159 }
1160 }
1161 return FALSE;
1162
1163}
1164
1165static BOOL s_bHandleRxEncryption (
1166 IN PSDevice pDevice,
1167 IN PBYTE pbyFrame,
1168 IN UINT FrameSize,
1169 IN PBYTE pbyRsr,
1170 OUT PBYTE pbyNewRsr,
1171 OUT PSKeyItem *pKeyOut,
a884847a 1172 int * pbExtIV,
5449c685
FB		 1173 OUT PWORD pwRxTSC15_0,
1174 OUT PDWORD pdwRxTSC47_16
1175 )
1176{
1177 UINT PayloadLen = FrameSize;
1178 PBYTE pbyIV;
1179 BYTE byKeyIdx;
1180 PSKeyItem pKey = NULL;
1181 BYTE byDecMode = KEY_CTL_WEP;
1182 PSMgmtObject pMgmt = pDevice->pMgmt;
1183
1184
1185 *pwRxTSC15_0 = 0;
1186 *pdwRxTSC47_16 = 0;
1187
1188 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1189 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1190 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1191 pbyIV += 6; // 6 is 802.11 address4
1192 PayloadLen -= 6;
1193 }
1194 byKeyIdx = (*(pbyIV+3) & 0xc0);
1195 byKeyIdx >>= 6;
7e809a9b 1196 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
5449c685
FB		 1197
1198 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1199 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1200 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1201 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1202 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1203 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1204 (pDevice->pMgmt->byCSSPK != KEY_CTL_NONE)) {
1205 // unicast pkt use pairwise key
7e809a9b 1206 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
5449c685
FB		 1207 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1208 if (pDevice->pMgmt->byCSSPK == KEY_CTL_TKIP)
1209 byDecMode = KEY_CTL_TKIP;
1210 else if (pDevice->pMgmt->byCSSPK == KEY_CTL_CCMP)
1211 byDecMode = KEY_CTL_CCMP;
1212 }
7e809a9b 1213 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
5449c685
FB		 1214 } else {
1215 // use group key
1216 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1217 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1218 byDecMode = KEY_CTL_TKIP;
1219 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1220 byDecMode = KEY_CTL_CCMP;
7e809a9b 1221 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
5449c685
FB		 1222 }
1223 }
1224 // our WEP only support Default Key
1225 if (pKey == NULL) {
1226 // use default group key
1227 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1228 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1229 byDecMode = KEY_CTL_TKIP;
1230 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1231 byDecMode = KEY_CTL_CCMP;
1232 }
1233 *pKeyOut = pKey;
1234
7e809a9b 1235 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
5449c685
FB		 1236
1237 if (pKey == NULL) {
7e809a9b 1238 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
5449c685
FB		 1239 if (byDecMode == KEY_CTL_WEP) {
1240// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1241 } else if (pDevice->bLinkPass == TRUE) {
1242// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1243 }
1244 return FALSE;
1245 }
1246 if (byDecMode != pKey->byCipherSuite) {
1247 if (byDecMode == KEY_CTL_WEP) {
1248// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1249 } else if (pDevice->bLinkPass == TRUE) {
1250// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1251 }
1252 *pKeyOut = NULL;
1253 return FALSE;
1254 }
1255 if (byDecMode == KEY_CTL_WEP) {
1256 // handle WEP
1257 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1258 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1259 // Software WEP
1260 // 1. 3253A
1261 // 2. WEP 256
1262
1263 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
51b6d9c2
JL		 1264 memcpy(pDevice->abyPRNG, pbyIV, 3);
1265 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
5449c685
FB		 1266 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1267 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1268
1269 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1270 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1271 }
1272 }
1273 } else if ((byDecMode == KEY_CTL_TKIP) ||
1274 (byDecMode == KEY_CTL_CCMP)) {
1275 // TKIP/AES
1276
1277 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1278 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
7e809a9b 1279 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
5449c685
FB		 1280 if (byDecMode == KEY_CTL_TKIP) {
1281 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1282 } else {
1283 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1284 }
7e809a9b 1285 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
5449c685
FB		 1286
1287 if ((byDecMode == KEY_CTL_TKIP) &&
1288 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1289 // Software TKIP
1290 // 1. 3253 A
1291 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1292 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1293 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1294 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1295 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1296 *pbyNewRsr |= NEWRSR_DECRYPTOK;
7e809a9b 1297 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
5449c685 1298 } else {
7e809a9b
JL		 1299 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1300 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
5449c685
FB		 1301 }
1302 }
1303 }// end of TKIP/AES
1304
1305 if ((*(pbyIV+3) & 0x20) != 0)
1306 *pbExtIV = TRUE;
1307 return TRUE;
1308}
1309
1310
1311static BOOL s_bHostWepRxEncryption (
1312 IN PSDevice pDevice,
1313 IN PBYTE pbyFrame,
1314 IN UINT FrameSize,
1315 IN PBYTE pbyRsr,
1316 IN BOOL bOnFly,
1317 IN PSKeyItem pKey,
1318 OUT PBYTE pbyNewRsr,
a884847a 1319 int * pbExtIV,
5449c685
FB		 1320 OUT PWORD pwRxTSC15_0,
1321 OUT PDWORD pdwRxTSC47_16
1322 )
1323{
1324 UINT PayloadLen = FrameSize;
1325 PBYTE pbyIV;
1326 BYTE byKeyIdx;
1327 BYTE byDecMode = KEY_CTL_WEP;
1328 PS802_11Header pMACHeader;
1329
1330
1331
1332 *pwRxTSC15_0 = 0;
1333 *pdwRxTSC47_16 = 0;
1334
1335 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1336 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1337 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1338 pbyIV += 6; // 6 is 802.11 address4
1339 PayloadLen -= 6;
1340 }
1341 byKeyIdx = (*(pbyIV+3) & 0xc0);
1342 byKeyIdx >>= 6;
7e809a9b 1343 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
5449c685
FB		 1344
1345
1346 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1347 byDecMode = KEY_CTL_TKIP;
1348 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1349 byDecMode = KEY_CTL_CCMP;
1350
7e809a9b 1351 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
5449c685
FB		 1352
1353 if (byDecMode != pKey->byCipherSuite) {
1354 if (byDecMode == KEY_CTL_WEP) {
1355// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1356 } else if (pDevice->bLinkPass == TRUE) {
1357// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1358 }
1359 return FALSE;
1360 }
1361
1362 if (byDecMode == KEY_CTL_WEP) {
1363 // handle WEP
7e809a9b 1364 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
5449c685
FB		 1365 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1366 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1367 (bOnFly == FALSE)) {
1368 // Software WEP
1369 // 1. 3253A
1370 // 2. WEP 256
1371 // 3. NotOnFly
1372
1373 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
51b6d9c2
JL		 1374 memcpy(pDevice->abyPRNG, pbyIV, 3);
1375 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
5449c685
FB		 1376 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1377 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1378
1379 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1380 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1381 }
1382 }
1383 } else if ((byDecMode == KEY_CTL_TKIP) ||
1384 (byDecMode == KEY_CTL_CCMP)) {
1385 // TKIP/AES
1386
1387 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1388 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
7e809a9b 1389 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
5449c685
FB		 1390
1391 if (byDecMode == KEY_CTL_TKIP) {
1392 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1393 } else {
1394 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1395 }
7e809a9b 1396 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
5449c685
FB		 1397
1398 if (byDecMode == KEY_CTL_TKIP) {
612822f5 1399
5449c685
FB		 1400 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1401 // Software TKIP
1402 // 1. 3253 A
1403 // 2. NotOnFly
7e809a9b 1404 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
5449c685
FB		 1405 pMACHeader = (PS802_11Header) (pbyFrame);
1406 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1407 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1408 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1409 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1410 *pbyNewRsr |= NEWRSR_DECRYPTOK;
7e809a9b 1411 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
5449c685 1412 } else {
7e809a9b
JL		 1413 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1414 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
5449c685
FB		 1415 }
1416 }
1417 }
1418
1419 if (byDecMode == KEY_CTL_CCMP) {
1420 if (bOnFly == FALSE) {
1421 // Software CCMP
1422 // NotOnFly
7e809a9b 1423 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
5449c685
FB		 1424 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1425 *pbyNewRsr |= NEWRSR_DECRYPTOK;
7e809a9b 1426 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
5449c685 1427 } else {
7e809a9b 1428 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
5449c685
FB		 1429 }
1430 }
1431 }
1432
1433 }// end of TKIP/AES
1434
1435 if ((*(pbyIV+3) & 0x20) != 0)
1436 *pbExtIV = TRUE;
1437 return TRUE;
1438}
1439
1440
1441
5449c685
FB		 1442static BOOL s_bAPModeRxData (
1443 IN PSDevice pDevice,
1444 IN struct sk_buff* skb,
1445 IN UINT FrameSize,
1446 IN UINT cbHeaderOffset,
1447 IN INT iSANodeIndex,
1448 IN INT iDANodeIndex
1449 )
5449c685
FB		 1450{
1451 PSMgmtObject pMgmt = pDevice->pMgmt;
1452 BOOL bRelayAndForward = FALSE;
1453 BOOL bRelayOnly = FALSE;
1454 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1455 WORD wAID;
5449c685
FB		 1456
1457
612822f5 1458 struct sk_buff* skbcpy = NULL;
5449c685
FB		 1459
1460 if (FrameSize > CB_MAX_BUF_SIZE)
1461 return FALSE;
1462 // check DA
1463 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1464 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1465
5449c685 1466 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
612822f5 1467
5449c685
FB		 1468 // if any node in PS mode, buffer packet until DTIM.
1469 if (skbcpy == NULL) {
7e809a9b 1470 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
5449c685
FB		 1471 }
1472 else {
1473 skbcpy->dev = pDevice->dev;
5449c685
FB		 1474 skbcpy->len = FrameSize;
1475 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1476 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
612822f5 1477
5449c685
FB		 1478 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1479 // set tx map
1480 pMgmt->abyPSTxMap[0] |= byMask[0];
1481 }
1482 }
1483 else {
1484 bRelayAndForward = TRUE;
1485 }
1486 }
1487 else {
1488 // check if relay
1489 if (BSSDBbIsSTAInNodeDB(pMgmt, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1490 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1491 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1492 // queue this skb until next PS tx, and then release.
1493
5449c685
FB		 1494 skb->data += cbHeaderOffset;
1495 skb->tail += cbHeaderOffset;
1496 skb_put(skb, FrameSize);
1497 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
5449c685
FB		 1498 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1499 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1500 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
7e809a9b 1501 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
5449c685
FB		 1502 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1503 return TRUE;
1504 }
1505 else {
1506 bRelayOnly = TRUE;
1507 }
1508 }
1509 };
1510 }
1511
1512 if (bRelayOnly || bRelayAndForward) {
1513 // relay this packet right now
1514 if (bRelayAndForward)
1515 iDANodeIndex = 0;
1516
1517 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
1518 ROUTEbRelay(pDevice, (PBYTE)(skb->data + cbHeaderOffset), FrameSize, (UINT)iDANodeIndex);
1519 }
1520
1521 if (bRelayOnly)
1522 return FALSE;
1523 }
1524 // none associate, don't forward
1525 if (pDevice->uAssocCount == 0)
1526 return FALSE;
1527
1528 return TRUE;
1529}
1530
kernel source for telekom puls (alcatel/mediatek)