projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
staging: tidspbridge: ioremap dsp sync addr
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / staging / vt6656 / dpc.c
CommitLineData
92b96797
FB		 1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
92b96797 41#include "device.h"
92b96797 42#include "rxtx.h"
92b96797 43#include "tether.h"
92b96797 44#include "card.h"
92b96797 45#include "bssdb.h"
92b96797 46#include "mac.h"
92b96797 47#include "baseband.h"
92b96797 48#include "michael.h"
92b96797 49#include "tkip.h"
92b96797 50#include "tcrc.h"
92b96797 51#include "wctl.h"
92b96797 52#include "hostap.h"
92b96797 53#include "rf.h"
92b96797 54#include "iowpa.h"
92b96797 55#include "aes_ccmp.h"
92b96797 56#include "datarate.h"
92b96797 57#include "usbpipe.h"
92b96797
FB		 58
59/*--------------------- Static Definitions -------------------------*/
60
61/*--------------------- Static Classes ----------------------------*/
62
63/*--------------------- Static Variables --------------------------*/
64//static int msglevel =MSG_LEVEL_DEBUG;
65static int msglevel =MSG_LEVEL_INFO;
66
67const BYTE acbyRxRate[MAX_RATE] =
68{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
69
70
71/*--------------------- Static Functions --------------------------*/
72
73/*--------------------- Static Definitions -------------------------*/
74
75/*--------------------- Static Functions --------------------------*/
76
592ccfeb 77static BYTE s_byGetRateIdx(BYTE byRate);
92b96797
FB		 78
79static
8611a29a 80void
92b96797 81s_vGetDASA(
592ccfeb 82 PBYTE pbyRxBufferAddr,
93a94c42 83 unsigned int *pcbHeaderSize,
6f8c13c7 84 PSEthernetHeader psEthHeader
92b96797
FB		 85 );
86
87static
8611a29a 88void
92b96797 89s_vProcessRxMACHeader (
592ccfeb
AM		 90 PSDevice pDevice,
91 PBYTE pbyRxBufferAddr,
cc856e61 92 unsigned int cbPacketSize,
592ccfeb
AM		 93 BOOL bIsWEP,
94 BOOL bExtIV,
93a94c42 95 unsigned int *pcbHeadSize
92b96797
FB		 96 );
97
98static BOOL s_bAPModeRxCtl(
592ccfeb
AM		 99 PSDevice pDevice,
100 PBYTE pbyFrame,
213d2e93 101 signed int iSANodeIndex
92b96797
FB		 102 );
103
104
105
106static BOOL s_bAPModeRxData (
592ccfeb
AM		 107 PSDevice pDevice,
108 struct sk_buff *skb,
cc856e61
AM		 109 unsigned int FrameSize,
110 unsigned int cbHeaderOffset,
213d2e93
AM		 111 signed int iSANodeIndex,
112 signed int iDANodeIndex
92b96797
FB		 113 );
114
115
116static BOOL s_bHandleRxEncryption(
592ccfeb
AM		 117 PSDevice pDevice,
118 PBYTE pbyFrame,
cc856e61 119 unsigned int FrameSize,
592ccfeb 120 PBYTE pbyRsr,
6f8c13c7
AM		 121 PBYTE pbyNewRsr,
122 PSKeyItem * pKeyOut,
193a823c 123 int * pbExtIV,
6f8c13c7
AM		 124 PWORD pwRxTSC15_0,
125 PDWORD pdwRxTSC47_16
92b96797
FB		 126 );
127
128static BOOL s_bHostWepRxEncryption(
129
592ccfeb
AM		 130 PSDevice pDevice,
131 PBYTE pbyFrame,
cc856e61 132 unsigned int FrameSize,
592ccfeb
AM		 133 PBYTE pbyRsr,
134 BOOL bOnFly,
135 PSKeyItem pKey,
6f8c13c7 136 PBYTE pbyNewRsr,
193a823c 137 int * pbExtIV,
6f8c13c7
AM		 138 PWORD pwRxTSC15_0,
139 PDWORD pdwRxTSC47_16
92b96797
FB		 140
141 );
142
143/*--------------------- Export Variables --------------------------*/
144
145/*+
146 *
147 * Description:
148 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
149 *
150 * Parameters:
151 * In:
152 * pDevice
153 * dwRxBufferAddr - Address of Rcv Buffer
154 * cbPacketSize - Rcv Packet size
155 * bIsWEP - If Rcv with WEP
156 * Out:
157 * pcbHeaderSize - 802.11 header size
158 *
159 * Return Value: None
160 *
161-*/
162static
8611a29a 163void
92b96797 164s_vProcessRxMACHeader (
592ccfeb
AM		 165 PSDevice pDevice,
166 PBYTE pbyRxBufferAddr,
cc856e61 167 unsigned int cbPacketSize,
592ccfeb
AM		 168 BOOL bIsWEP,
169 BOOL bExtIV,
93a94c42 170 unsigned int *pcbHeadSize
92b96797
FB		 171 )
172{
173 PBYTE pbyRxBuffer;
cc856e61 174 unsigned int cbHeaderSize = 0;
92b96797
FB		 175 PWORD pwType;
176 PS802_11Header pMACHeader;
177 int ii;
178
179
180 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
181
182 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
183
184 if (bIsWEP) {
185 if (bExtIV) {
186 // strip IV&ExtIV , add 8 byte
187 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
188 } else {
189 // strip IV , add 4 byte
190 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
191 }
192 }
193 else {
194 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
195 };
196
197 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
4722a26c 198 if (!compare_ether_addr(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
92b96797 199 cbHeaderSize += 6;
4722a26c 200 } else if (!compare_ether_addr(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
92b96797
FB		 201 cbHeaderSize += 6;
202 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
aa209eef 203 if ((*pwType == cpu_to_be16(ETH_P_IPX)) ||
203e4615
AM		 204 (*pwType == cpu_to_le16(0xF380))) {
205 cbHeaderSize -= 8;
92b96797
FB		 206 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
207 if (bIsWEP) {
208 if (bExtIV) {
209 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
210 } else {
211 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
212 }
213 }
214 else {
215 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
216 }
217 }
218 }
219 else {
220 cbHeaderSize -= 2;
221 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
222 if (bIsWEP) {
223 if (bExtIV) {
224 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
225 } else {
226 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
227 }
228 }
229 else {
230 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
231 }
232 }
233
9a0e756c 234 cbHeaderSize -= (ETH_ALEN * 2);
92b96797 235 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
9a0e756c 236 for (ii = 0; ii < ETH_ALEN; ii++)
92b96797 237 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
9a0e756c 238 for (ii = 0; ii < ETH_ALEN; ii++)
92b96797
FB		 239 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
240
241 *pcbHeadSize = cbHeaderSize;
242}
243
244
245
246
592ccfeb 247static BYTE s_byGetRateIdx(BYTE byRate)
92b96797
FB		 248{
249 BYTE byRateIdx;
250
251 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
252 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
253 return byRateIdx;
254 }
255 return 0;
256}
257
258
259static
8611a29a 260void
92b96797 261s_vGetDASA (
592ccfeb 262 PBYTE pbyRxBufferAddr,
93a94c42 263 unsigned int *pcbHeaderSize,
6f8c13c7 264 PSEthernetHeader psEthHeader
92b96797
FB		 265 )
266{
cc856e61 267 unsigned int cbHeaderSize = 0;
9a0e756c
AM		 268 PS802_11Header pMACHeader;
269 int ii;
270
271 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
272
273 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
274 if (pMACHeader->wFrameCtl & FC_FROMDS) {
275 for (ii = 0; ii < ETH_ALEN; ii++) {
276 psEthHeader->abyDstAddr[ii] =
277 pMACHeader->abyAddr1[ii];
278 psEthHeader->abySrcAddr[ii] =
279 pMACHeader->abyAddr3[ii];
280 }
281 } else {
282 /* IBSS mode */
283 for (ii = 0; ii < ETH_ALEN; ii++) {
284 psEthHeader->abyDstAddr[ii] =
285 pMACHeader->abyAddr1[ii];
286 psEthHeader->abySrcAddr[ii] =
287 pMACHeader->abyAddr2[ii];
288 }
289 }
290 } else {
291 /* Is AP mode.. */
292 if (pMACHeader->wFrameCtl & FC_FROMDS) {
293 for (ii = 0; ii < ETH_ALEN; ii++) {
294 psEthHeader->abyDstAddr[ii] =
295 pMACHeader->abyAddr3[ii];
296 psEthHeader->abySrcAddr[ii] =
297 pMACHeader->abyAddr4[ii];
298 cbHeaderSize += 6;
299 }
300 } else {
301 for (ii = 0; ii < ETH_ALEN; ii++) {
302 psEthHeader->abyDstAddr[ii] =
303 pMACHeader->abyAddr3[ii];
304 psEthHeader->abySrcAddr[ii] =
305 pMACHeader->abyAddr2[ii];
306 }
307 }
308 };
92b96797
FB		 309 *pcbHeaderSize = cbHeaderSize;
310}
311
312
313
314
315BOOL
316RXbBulkInProcessData (
592ccfeb
AM		 317 PSDevice pDevice,
318 PRCB pRCB,
cc856e61 319 unsigned long BytesToIndicate
92b96797
FB		 320 )
321{
322
323 struct net_device_stats* pStats=&pDevice->stats;
324 struct sk_buff* skb;
325 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
326 PSRxMgmtPacket pRxPacket = &(pMgmt->sRxPacket);
327 PS802_11Header p802_11Header;
328 PBYTE pbyRsr;
329 PBYTE pbyNewRsr;
330 PBYTE pbyRSSI;
331 PQWORD pqwTSFTime;
332 PBYTE pbyFrame;
333 BOOL bDeFragRx = FALSE;
cc856e61
AM		 334 unsigned int cbHeaderOffset;
335 unsigned int FrameSize;
92b96797 336 WORD wEtherType = 0;
213d2e93
AM		 337 signed int iSANodeIndex = -1;
338 signed int iDANodeIndex = -1;
cc856e61
AM		 339 unsigned int ii;
340 unsigned int cbIVOffset;
92b96797
FB		 341 PBYTE pbyRxSts;
342 PBYTE pbyRxRate;
343 PBYTE pbySQ;
92b96797 344 PBYTE pby3SQ;
cc856e61 345 unsigned int cbHeaderSize;
92b96797
FB		 346 PSKeyItem pKey = NULL;
347 WORD wRxTSC15_0 = 0;
348 DWORD dwRxTSC47_16 = 0;
349 SKeyItem STempKey;
350 // 802.11h RPI
213d2e93 351 /* signed long ldBm = 0; */
92b96797
FB		 352 BOOL bIsWEP = FALSE;
353 BOOL bExtIV = FALSE;
354 DWORD dwWbkStatus;
355 PRCB pRCBIndicate = pRCB;
356 PBYTE pbyDAddress;
357 PWORD pwPLCP_Length;
358 BYTE abyVaildRate[MAX_RATE] = {2,4,11,22,12,18,24,36,48,72,96,108};
359 WORD wPLCPwithPadding;
360 PS802_11Header pMACHeader;
361 BOOL bRxeapol_key = FALSE;
362
363
364
365 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- RXbBulkInProcessData---\n");
366
367 skb = pRCB->skb;
368
369 //[31:16]RcvByteCount ( not include 4-byte Status )
370 dwWbkStatus = *( (PDWORD)(skb->data) );
cc856e61 371 FrameSize = (unsigned int)(dwWbkStatus >> 16);
92b96797
FB		 372 FrameSize += 4;
373
374 if (BytesToIndicate != FrameSize) {
375 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
376 return FALSE;
377 }
378
bd2bc4c7 379 if ((BytesToIndicate > 2372) || (BytesToIndicate <= 40)) {
92b96797 380 // Frame Size error drop this packet.
bd2bc4c7 381 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "---------- WRONG Length 2\n");
92b96797
FB		 382 return FALSE;
383 }
384
385 pbyDAddress = (PBYTE)(skb->data);
386 pbyRxSts = pbyDAddress+4;
387 pbyRxRate = pbyDAddress+5;
388
389 //real Frame Size = USBFrameSize -4WbkStatus - 4RxStatus - 8TSF - 4RSR - 4SQ3 - ?Padding
390 //if SQ3 the range is 24~27, if no SQ3 the range is 20~23
391 //real Frame size in PLCPLength field.
392 pwPLCP_Length = (PWORD) (pbyDAddress + 6);
393 //Fix hardware bug => PLCP_Length error
394 if ( ((BytesToIndicate - (*pwPLCP_Length)) > 27) ||
395 ((BytesToIndicate - (*pwPLCP_Length)) < 24) ||
396 (BytesToIndicate < (*pwPLCP_Length)) ) {
397
398 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong PLCP Length %x\n", (int) *pwPLCP_Length);
399 ASSERT(0);
400 return FALSE;
401 }
402 for ( ii=RATE_1M;ii<MAX_RATE;ii++) {
403 if ( *pbyRxRate == abyVaildRate[ii] ) {
404 break;
405 }
406 }
407 if ( ii==MAX_RATE ) {
408 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong RxRate %x\n",(int) *pbyRxRate);
409 return FALSE;
410 }
411
412 wPLCPwithPadding = ( (*pwPLCP_Length / 4) + ( (*pwPLCP_Length % 4) ? 1:0 ) ) *4;
413
414 pqwTSFTime = (PQWORD) (pbyDAddress + 8 + wPLCPwithPadding);
92b96797
FB		 415 if(pDevice->byBBType == BB_TYPE_11G) {
416 pby3SQ = pbyDAddress + 8 + wPLCPwithPadding + 12;
417 pbySQ = pby3SQ;
418 }
419 else {
420 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
421 pby3SQ = pbySQ;
422 }
92b96797
FB		 423 pbyNewRsr = pbyDAddress + 8 + wPLCPwithPadding + 9;
424 pbyRSSI = pbyDAddress + 8 + wPLCPwithPadding + 10;
425 pbyRsr = pbyDAddress + 8 + wPLCPwithPadding + 11;
426
427 FrameSize = *pwPLCP_Length;
428
429 pbyFrame = pbyDAddress + 8;
430 // update receive statistic counter
431
432 STAvUpdateRDStatCounter(&pDevice->scStatistic,
433 *pbyRsr,
434 *pbyNewRsr,
435 *pbyRxSts,
436 *pbyRxRate,
437 pbyFrame,
438 FrameSize
439 );
440
441
442 pMACHeader = (PS802_11Header) pbyFrame;
443
444//mike add: to judge if current AP is activated?
445 if ((pMgmt->eCurrMode == WMAC_MODE_STANDBY) ||
446 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA)) {
447 if (pMgmt->sNodeDBTable[0].bActive) {
4722a26c 448 if (!compare_ether_addr(pMgmt->abyCurrBSSID, pMACHeader->abyAddr2)) {
92b96797
FB		 449 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
450 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
451 }
452 }
453 }
454
14fc4235 455 if (!is_multicast_ether_addr(pMACHeader->abyAddr1)) {
92b96797
FB		 456 if ( WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) pbyFrame) ) {
457 pDevice->s802_11Counter.FrameDuplicateCount++;
458 return FALSE;
459 }
460
4722a26c
AM		 461 if (compare_ether_addr(pDevice->abyCurrentNetAddr,
462 pMACHeader->abyAddr1)) {
463 return FALSE;
92b96797
FB		 464 }
465 }
466
467
468 // Use for TKIP MIC
469 s_vGetDASA(pbyFrame, &cbHeaderSize, &pDevice->sRxEthHeader);
470
4722a26c
AM		 471 if (!compare_ether_addr((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]),
472 pDevice->abyCurrentNetAddr))
92b96797
FB		 473 return FALSE;
474
475 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
476 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
477 p802_11Header = (PS802_11Header) (pbyFrame);
478 // get SA NodeIndex
479 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
480 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
481 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
482 }
483 }
484 }
485
486 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
487 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
488 return FALSE;
489 }
490 }
491
492
493 if (IS_FC_WEP(pbyFrame)) {
494 BOOL bRxDecryOK = FALSE;
495
496 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
497 bIsWEP = TRUE;
498 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
499 pKey = &STempKey;
500 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
501 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
502 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
503 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
504 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
505 memcpy(pKey->abyKey,
506 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
507 pKey->uKeyLength
508 );
509
510 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
511 pbyFrame,
512 FrameSize,
513 pbyRsr,
514 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
515 pKey,
516 pbyNewRsr,
517 &bExtIV,
518 &wRxTSC15_0,
519 &dwRxTSC47_16);
520 } else {
521 bRxDecryOK = s_bHandleRxEncryption(pDevice,
522 pbyFrame,
523 FrameSize,
524 pbyRsr,
525 pbyNewRsr,
526 &pKey,
527 &bExtIV,
528 &wRxTSC15_0,
529 &dwRxTSC47_16);
530 }
531
532 if (bRxDecryOK) {
533 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
534 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
535 if ( (pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
536 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
537 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
538 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
539 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
540
541 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
542 pDevice->s802_11Counter.TKIPICVErrors++;
543 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
544 pDevice->s802_11Counter.CCMPDecryptErrors++;
545 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
546// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
547 }
548 }
549 return FALSE;
550 }
551 } else {
552 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
553 return FALSE;
554 }
555 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
556 FrameSize -= 8; // Message Integrity Code
557 else
558 FrameSize -= 4; // 4 is ICV
559 }
560
561
562 //
563 // RX OK
564 //
abad19d0
AM		 565 /* remove the FCS/CRC length */
566 FrameSize -= ETH_FCS_LEN;
92b96797 567
8a3d91b0 568 if ( !(*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) && // unicast address
92b96797
FB		 569 (IS_FRAGMENT_PKT((pbyFrame)))
570 ) {
571 // defragment
572 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (pbyFrame), FrameSize, bIsWEP, bExtIV);
573 pDevice->s802_11Counter.ReceivedFragmentCount++;
574 if (bDeFragRx) {
575 // defrag complete
576 // TODO skb, pbyFrame
577 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
578 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
579 pbyFrame = skb->data + 8;
580 }
581 else {
582 return FALSE;
583 }
584 }
585
586 //
587 // Management & Control frame Handle
588 //
589 if ((IS_TYPE_DATA((pbyFrame))) == FALSE) {
590 // Handle Control & Manage Frame
591
592 if (IS_TYPE_MGMT((pbyFrame))) {
593 PBYTE pbyData1;
594 PBYTE pbyData2;
595
596 pRxPacket = &(pRCB->sMngPacket);
597 pRxPacket->p80211Header = (PUWLAN_80211HDR)(pbyFrame);
598 pRxPacket->cbMPDULen = FrameSize;
599 pRxPacket->uRSSI = *pbyRSSI;
600 pRxPacket->bySQ = *pbySQ;
601 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
602 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
603 if (bIsWEP) {
604 // strip IV
605 pbyData1 = WLAN_HDR_A3_DATA_PTR(pbyFrame);
606 pbyData2 = WLAN_HDR_A3_DATA_PTR(pbyFrame) + 4;
607 for (ii = 0; ii < (FrameSize - 4); ii++) {
608 *pbyData1 = *pbyData2;
609 pbyData1++;
610 pbyData2++;
611 }
612 }
613
614 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
615
616 if ( *pbyRxSts == 0 ) {
617 //Discard beacon packet which channel is 0
618 if ( (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_BEACON) ||
619 (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_PROBERESP) ) {
620 return TRUE;
621 }
622 }
623 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
624
625 // hostap Deamon handle 802.11 management
626 if (pDevice->bEnableHostapd) {
627 skb->dev = pDevice->apdev;
628 //skb->data += 4;
629 //skb->tail += 4;
630 skb->data += 8;
631 skb->tail += 8;
632 skb_put(skb, FrameSize);
d899d403 633 skb_reset_mac_header(skb);
92b96797
FB		 634 skb->pkt_type = PACKET_OTHERHOST;
635 skb->protocol = htons(ETH_P_802_2);
636 memset(skb->cb, 0, sizeof(skb->cb));
637 netif_rx(skb);
638 return TRUE;
639 }
640
641 //
642 // Insert the RCB in the Recv Mng list
643 //
644 EnqueueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList, pRCBIndicate);
645 pDevice->NumRecvMngList++;
646 if ( bDeFragRx == FALSE) {
647 pRCB->Ref++;
648 }
649 if (pDevice->bIsRxMngWorkItemQueued == FALSE) {
650 pDevice->bIsRxMngWorkItemQueued = TRUE;
651 tasklet_schedule(&pDevice->RxMngWorkItem);
652 }
653
654 }
655 else {
656 // Control Frame
657 };
658 return FALSE;
659 }
660 else {
661 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
662 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
8a3d91b0 663 if ( !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 664 if (bDeFragRx) {
665 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
666 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
667 pDevice->dev->name);
668 }
669 }
670 return FALSE;
671 }
672 }
673 else {
674 // discard DATA packet while not associate || BSSID error
675 if ((pDevice->bLinkPass == FALSE) ||
8a3d91b0 676 !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 677 if (bDeFragRx) {
678 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
679 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
680 pDevice->dev->name);
681 }
682 }
683 return FALSE;
684 }
685 //mike add:station mode check eapol-key challenge--->
686 {
687 BYTE Protocol_Version; //802.1x Authentication
688 BYTE Packet_Type; //802.1x Authentication
689 BYTE Descriptor_type;
690 WORD Key_info;
691 if (bIsWEP)
692 cbIVOffset = 8;
693 else
694 cbIVOffset = 0;
695 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
696 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
697 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
698 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
699 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
700 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
701 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
702 bRxeapol_key = TRUE;
703 Descriptor_type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2];
704 Key_info = (skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+1]<<8) |skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+2] ;
705 if(Descriptor_type==2) { //RSN
706 // printk("WPA2_Rx_eapol-key_info<-----:%x\n",Key_info);
707 }
708 else if(Descriptor_type==254) {
709 // printk("WPA_Rx_eapol-key_info<-----:%x\n",Key_info);
710 }
711 }
712 }
713 }
714 //mike add:station mode check eapol-key challenge<---
715 }
716 }
717
718
719// Data frame Handle
720
721
722 if (pDevice->bEnablePSMode) {
723 if (IS_FC_MOREDATA((pbyFrame))) {
8a3d91b0 724 if (*pbyRsr & RSR_ADDROK) {
92b96797
FB		 725 //PSbSendPSPOLL((PSDevice)pDevice);
726 }
727 }
728 else {
729 if (pMgmt->bInTIMWake == TRUE) {
730 pMgmt->bInTIMWake = FALSE;
731 }
732 }
9fc86028 733 }
92b96797
FB		 734
735 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
736 if (pDevice->bDiversityEnable && (FrameSize>50) &&
737 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
738 (pDevice->bLinkPass == TRUE)) {
739 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
740 }
741
742 // ++++++++ For BaseBand Algorithm +++++++++++++++
743 pDevice->uCurrRSSI = *pbyRSSI;
744 pDevice->byCurrSQ = *pbySQ;
745
746 // todo
747/*
748 if ((*pbyRSSI != 0) &&
749 (pMgmt->pCurrBSS!=NULL)) {
750 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
a0a1f61a 751 // Monitor if RSSI is too strong.
92b96797
FB		 752 pMgmt->pCurrBSS->byRSSIStatCnt++;
753 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
754 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
33d33e42
AM		 755 for (ii = 0; ii < RSSI_STAT_COUNT; ii++) {
756 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
757 pMgmt->pCurrBSS->ldBmMAX =
758 max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
759 }
92b96797
FB		 760 }
761 }
762*/
763
764
765 // -----------------------------------------------
766
767 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
768 BYTE abyMacHdr[24];
769
770 // Only 802.1x packet incoming allowed
771 if (bIsWEP)
772 cbIVOffset = 8;
773 else
774 cbIVOffset = 0;
775 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
776 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
777
778 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
779 if (wEtherType == ETH_P_PAE) {
780 skb->dev = pDevice->apdev;
781
782 if (bIsWEP == TRUE) {
783 // strip IV header(8)
784 memcpy(&abyMacHdr[0], (skb->data + 8), 24);
785 memcpy((skb->data + 8 + cbIVOffset), &abyMacHdr[0], 24);
786 }
787
788 skb->data += (cbIVOffset + 8);
789 skb->tail += (cbIVOffset + 8);
790 skb_put(skb, FrameSize);
d899d403 791 skb_reset_mac_header(skb);
92b96797
FB		 792 skb->pkt_type = PACKET_OTHERHOST;
793 skb->protocol = htons(ETH_P_802_2);
794 memset(skb->cb, 0, sizeof(skb->cb));
795 netif_rx(skb);
796 return TRUE;
797
798 }
799 // check if 802.1x authorized
800 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
801 return FALSE;
802 }
803
804
805 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
806 if (bIsWEP) {
807 FrameSize -= 8; //MIC
808 }
809 }
810
811 //--------------------------------------------------------------------------------
812 // Soft MIC
813 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
814 if (bIsWEP) {
815 PDWORD pdwMIC_L;
816 PDWORD pdwMIC_R;
817 DWORD dwMIC_Priority;
818 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
819 DWORD dwLocalMIC_L = 0;
820 DWORD dwLocalMIC_R = 0;
821 viawget_wpa_header *wpahdr;
822
823
824 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
825 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
826 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
827 }
828 else {
829 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
830 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
831 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
832 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
833 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
834 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
835 } else {
836 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
837 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
838 }
839 }
840
841 MIC_vInit(dwMICKey0, dwMICKey1);
842 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
843 dwMIC_Priority = 0;
844 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
845 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
846 MIC_vAppend((PBYTE)(skb->data + 8 + WLAN_HDR_ADDR3_LEN + 8),
847 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
848 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
849 MIC_vUnInit();
850
851 pdwMIC_L = (PDWORD)(skb->data + 8 + FrameSize);
852 pdwMIC_R = (PDWORD)(skb->data + 8 + FrameSize + 4);
853
854
855 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
856 (pDevice->bRxMICFail == TRUE)) {
857 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
858 pDevice->bRxMICFail = FALSE;
859 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
860 pDevice->s802_11Counter.TKIPLocalMICFailures++;
861 if (bDeFragRx) {
862 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
863 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
864 pDevice->dev->name);
865 }
866 }
92b96797
FB		 867 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
868 //send event to wpa_supplicant
869 //if(pDevice->bWPASuppWextEnabled == TRUE)
870 {
871 union iwreq_data wrqu;
872 struct iw_michaelmicfailure ev;
873 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
874 memset(&ev, 0, sizeof(ev));
875 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
876 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
877 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
878 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
879 ev.flags |= IW_MICFAILURE_PAIRWISE;
880 } else {
881 ev.flags |= IW_MICFAILURE_GROUP;
882 }
883
884 ev.src_addr.sa_family = ARPHRD_ETHER;
885 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
886 memset(&wrqu, 0, sizeof(wrqu));
887 wrqu.data.length = sizeof(ev);
888 PRINT_K("wireless_send_event--->IWEVMICHAELMICFAILURE\n");
889 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
890
891 }
892 #endif
893
894
895 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
896 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
897 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
898 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
899 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
900 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
901 wpahdr->type = VIAWGET_PTK_MIC_MSG;
902 } else {
903 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
904 wpahdr->type = VIAWGET_GTK_MIC_MSG;
905 }
906 wpahdr->resp_ie_len = 0;
907 wpahdr->req_ie_len = 0;
908 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
909 pDevice->skb->dev = pDevice->wpadev;
d899d403 910 skb_reset_mac_header(pDevice->skb);
92b96797
FB		 911 pDevice->skb->pkt_type = PACKET_HOST;
912 pDevice->skb->protocol = htons(ETH_P_802_2);
913 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
914 netif_rx(pDevice->skb);
915 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
9fc86028 916 }
92b96797
FB		 917
918 return FALSE;
919
920 }
921 }
922 } //---end of SOFT MIC-----------------------------------------------------------------------
923
924 // ++++++++++ Reply Counter Check +++++++++++++
925
926 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
927 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
928 if (bIsWEP) {
929 WORD wLocalTSC15_0 = 0;
930 DWORD dwLocalTSC47_16 = 0;
cc856e61 931 unsigned long long RSC = 0;
92b96797 932 // endian issues
cc856e61 933 RSC = *((unsigned long long *) &(pKey->KeyRSC));
92b96797
FB		 934 wLocalTSC15_0 = (WORD) RSC;
935 dwLocalTSC47_16 = (DWORD) (RSC>>16);
936
937 RSC = dwRxTSC47_16;
938 RSC <<= 16;
939 RSC += wRxTSC15_0;
3e362598 940 memcpy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
92b96797
FB		 941
942 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
943 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
944 // check RSC
945 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
946 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
947 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
948 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
949 if (pKey->byCipherSuite == KEY_CTL_TKIP)
950 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
951 pDevice->s802_11Counter.TKIPReplays++;
952 else
953 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
954 pDevice->s802_11Counter.CCMPReplays++;
955
956 if (bDeFragRx) {
957 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
958 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
959 pDevice->dev->name);
960 }
961 }
962 return FALSE;
963 }
964 }
965 }
966 } // ----- End of Reply Counter Check --------------------------
967
968
969 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+8), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
970 FrameSize -= cbHeaderOffset;
971 cbHeaderOffset += 8; // 8 is Rcv buffer header
972
973 // Null data, framesize = 12
974 if (FrameSize < 12)
975 return FALSE;
976
977 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
978 if (s_bAPModeRxData(pDevice,
979 skb,
980 FrameSize,
981 cbHeaderOffset,
982 iSANodeIndex,
983 iDANodeIndex
984 ) == FALSE) {
985
986 if (bDeFragRx) {
987 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
988 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
989 pDevice->dev->name);
990 }
991 }
992 return FALSE;
993 }
994
995 }
996
997 skb->data += cbHeaderOffset;
998 skb->tail += cbHeaderOffset;
999 skb_put(skb, FrameSize);
1000 skb->protocol=eth_type_trans(skb, skb->dev);
1001 skb->ip_summed=CHECKSUM_NONE;
1002 pStats->rx_bytes +=skb->len;
1003 pStats->rx_packets++;
1004 netif_rx(skb);
1005 if (bDeFragRx) {
1006 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1007 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1008 pDevice->dev->name);
1009 }
1010 return FALSE;
1011 }
1012
1013 return TRUE;
1014}
1015
1016
1017static BOOL s_bAPModeRxCtl (
592ccfeb
AM		 1018 PSDevice pDevice,
1019 PBYTE pbyFrame,
213d2e93 1020 signed int iSANodeIndex
92b96797
FB		 1021 )
1022{
1023 PS802_11Header p802_11Header;
1024 CMD_STATUS Status;
1025 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1026
1027
1028 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1029
1030 p802_11Header = (PS802_11Header) (pbyFrame);
1031 if (!IS_TYPE_MGMT(pbyFrame)) {
1032
1033 // Data & PS-Poll packet
1034 // check frame class
1035 if (iSANodeIndex > 0) {
1036 // frame class 3 fliter & checking
1037 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1038 // send deauth notification
1039 // reason = (6) class 2 received from nonauth sta
1040 vMgrDeAuthenBeginSta(pDevice,
1041 pMgmt,
1042 (PBYTE)(p802_11Header->abyAddr2),
1043 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1044 &Status
1045 );
1046 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1047 return TRUE;
9fc86028 1048 }
92b96797
FB		 1049 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1050 // send deassoc notification
1051 // reason = (7) class 3 received from nonassoc sta
1052 vMgrDisassocBeginSta(pDevice,
1053 pMgmt,
1054 (PBYTE)(p802_11Header->abyAddr2),
1055 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1056 &Status
1057 );
1058 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1059 return TRUE;
9fc86028 1060 }
92b96797
FB		 1061
1062 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1063 // delcare received ps-poll event
1064 if (IS_CTL_PSPOLL(pbyFrame)) {
1065 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
0cbd8d98
AM		 1066 bScheduleCommand((void *) pDevice,
1067 WLAN_CMD_RX_PSPOLL,
1068 NULL);
92b96797
FB		 1069 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1070 }
1071 else {
1072 // check Data PS state
1073 // if PW bit off, send out all PS bufferring packets.
1074 if (!IS_FC_POWERMGT(pbyFrame)) {
1075 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1076 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
0cbd8d98
AM		 1077 bScheduleCommand((void *) pDevice,
1078 WLAN_CMD_RX_PSPOLL,
1079 NULL);
92b96797
FB		 1080 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1081 }
1082 }
1083 }
1084 else {
1085 if (IS_FC_POWERMGT(pbyFrame)) {
1086 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1087 // Once if STA in PS state, enable multicast bufferring
1088 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1089 }
1090 else {
1091 // clear all pending PS frame.
1092 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1093 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1094 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
0cbd8d98
AM		 1095 bScheduleCommand((void *) pDevice,
1096 WLAN_CMD_RX_PSPOLL,
1097 NULL);
92b96797
FB		 1098 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1099
1100 }
1101 }
1102 }
1103 }
1104 else {
1105 vMgrDeAuthenBeginSta(pDevice,
1106 pMgmt,
1107 (PBYTE)(p802_11Header->abyAddr2),
1108 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1109 &Status
1110 );
1111 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
d6a32aa1
AS		 1112 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%pM\n",
1113 p802_11Header->abyAddr3);
1114 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%pM\n",
1115 p802_11Header->abyAddr2);
1116 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%pM\n",
1117 p802_11Header->abyAddr1);
92b96797
FB		 1118 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1119 return TRUE;
1120 }
1121 }
1122 }
1123 return FALSE;
1124
1125}
1126
1127static BOOL s_bHandleRxEncryption (
592ccfeb
AM		 1128 PSDevice pDevice,
1129 PBYTE pbyFrame,
cc856e61 1130 unsigned int FrameSize,
592ccfeb 1131 PBYTE pbyRsr,
6f8c13c7
AM		 1132 PBYTE pbyNewRsr,
1133 PSKeyItem * pKeyOut,
193a823c 1134 int * pbExtIV,
6f8c13c7
AM		 1135 PWORD pwRxTSC15_0,
1136 PDWORD pdwRxTSC47_16
92b96797
FB		 1137 )
1138{
cc856e61 1139 unsigned int PayloadLen = FrameSize;
92b96797
FB		 1140 PBYTE pbyIV;
1141 BYTE byKeyIdx;
1142 PSKeyItem pKey = NULL;
1143 BYTE byDecMode = KEY_CTL_WEP;
1144 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1145
1146
1147 *pwRxTSC15_0 = 0;
1148 *pdwRxTSC47_16 = 0;
1149
1150 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1151 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1152 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1153 pbyIV += 6; // 6 is 802.11 address4
1154 PayloadLen -= 6;
1155 }
1156 byKeyIdx = (*(pbyIV+3) & 0xc0);
1157 byKeyIdx >>= 6;
1158 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1159
1160 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1161 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1162 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1163 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1164 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1165 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1166 (pMgmt->byCSSPK != KEY_CTL_NONE)) {
1167 // unicast pkt use pairwise key
1168 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1169 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1170 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
1171 byDecMode = KEY_CTL_TKIP;
1172 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
1173 byDecMode = KEY_CTL_CCMP;
1174 }
1175 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1176 } else {
1177 // use group key
1178 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1179 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1180 byDecMode = KEY_CTL_TKIP;
1181 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1182 byDecMode = KEY_CTL_CCMP;
1183 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1184 }
1185 }
1186 // our WEP only support Default Key
1187 if (pKey == NULL) {
1188 // use default group key
1189 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1190 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1191 byDecMode = KEY_CTL_TKIP;
1192 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1193 byDecMode = KEY_CTL_CCMP;
1194 }
1195 *pKeyOut = pKey;
1196
1197 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1198
1199 if (pKey == NULL) {
1200 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1201 if (byDecMode == KEY_CTL_WEP) {
1202// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1203 } else if (pDevice->bLinkPass == TRUE) {
1204// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1205 }
1206 return FALSE;
1207 }
1208 if (byDecMode != pKey->byCipherSuite) {
1209 if (byDecMode == KEY_CTL_WEP) {
1210// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1211 } else if (pDevice->bLinkPass == TRUE) {
1212// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1213 }
1214 *pKeyOut = NULL;
1215 return FALSE;
1216 }
1217 if (byDecMode == KEY_CTL_WEP) {
1218 // handle WEP
1219 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1220 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1221 // Software WEP
1222 // 1. 3253A
1223 // 2. WEP 256
1224
1225 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1226 memcpy(pDevice->abyPRNG, pbyIV, 3);
1227 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1228 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1229 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1230
1231 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1232 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1233 }
1234 }
1235 } else if ((byDecMode == KEY_CTL_TKIP) ||
1236 (byDecMode == KEY_CTL_CCMP)) {
1237 // TKIP/AES
1238
1239 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1240 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1241 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1242 if (byDecMode == KEY_CTL_TKIP) {
1243 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1244 } else {
1245 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1246 }
1247 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1248
1249 if ((byDecMode == KEY_CTL_TKIP) &&
1250 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1251 // Software TKIP
1252 // 1. 3253 A
1253 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1254 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1255 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1256 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1257 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1258 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1259 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1260 } else {
1261 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1262 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1263 }
1264 }
1265 }// end of TKIP/AES
1266
1267 if ((*(pbyIV+3) & 0x20) != 0)
1268 *pbExtIV = TRUE;
1269 return TRUE;
1270}
1271
1272
1273static BOOL s_bHostWepRxEncryption (
592ccfeb
AM		 1274 PSDevice pDevice,
1275 PBYTE pbyFrame,
cc856e61 1276 unsigned int FrameSize,
592ccfeb
AM		 1277 PBYTE pbyRsr,
1278 BOOL bOnFly,
1279 PSKeyItem pKey,
6f8c13c7 1280 PBYTE pbyNewRsr,
193a823c 1281 int * pbExtIV,
6f8c13c7
AM		 1282 PWORD pwRxTSC15_0,
1283 PDWORD pdwRxTSC47_16
92b96797
FB		 1284 )
1285{
1286 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
cc856e61 1287 unsigned int PayloadLen = FrameSize;
92b96797
FB		 1288 PBYTE pbyIV;
1289 BYTE byKeyIdx;
1290 BYTE byDecMode = KEY_CTL_WEP;
1291 PS802_11Header pMACHeader;
1292
1293
1294
1295 *pwRxTSC15_0 = 0;
1296 *pdwRxTSC47_16 = 0;
1297
1298 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1299 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1300 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1301 pbyIV += 6; // 6 is 802.11 address4
1302 PayloadLen -= 6;
1303 }
1304 byKeyIdx = (*(pbyIV+3) & 0xc0);
1305 byKeyIdx >>= 6;
1306 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1307
1308
1309 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1310 byDecMode = KEY_CTL_TKIP;
1311 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1312 byDecMode = KEY_CTL_CCMP;
1313
1314 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1315
1316 if (byDecMode != pKey->byCipherSuite) {
1317 if (byDecMode == KEY_CTL_WEP) {
1318// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1319 } else if (pDevice->bLinkPass == TRUE) {
1320// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1321 }
1322 return FALSE;
1323 }
1324
1325 if (byDecMode == KEY_CTL_WEP) {
1326 // handle WEP
1327 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1328 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1329 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1330 (bOnFly == FALSE)) {
1331 // Software WEP
1332 // 1. 3253A
1333 // 2. WEP 256
1334 // 3. NotOnFly
1335
1336 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1337 memcpy(pDevice->abyPRNG, pbyIV, 3);
1338 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1339 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1340 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1341
1342 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1343 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1344 }
1345 }
1346 } else if ((byDecMode == KEY_CTL_TKIP) ||
1347 (byDecMode == KEY_CTL_CCMP)) {
1348 // TKIP/AES
1349
1350 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1351 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1352 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1353
1354 if (byDecMode == KEY_CTL_TKIP) {
1355 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1356 } else {
1357 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1358 }
1359 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1360
1361 if (byDecMode == KEY_CTL_TKIP) {
1362
1363 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1364 // Software TKIP
1365 // 1. 3253 A
1366 // 2. NotOnFly
1367 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1368 pMACHeader = (PS802_11Header) (pbyFrame);
1369 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1370 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1371 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1372 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1373 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1374 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1375 } else {
1376 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1377 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1378 }
1379 }
1380 }
1381
1382 if (byDecMode == KEY_CTL_CCMP) {
1383 if (bOnFly == FALSE) {
1384 // Software CCMP
1385 // NotOnFly
1386 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1387 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1388 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1389 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1390 } else {
1391 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1392 }
1393 }
1394 }
1395
1396 }// end of TKIP/AES
1397
1398 if ((*(pbyIV+3) & 0x20) != 0)
1399 *pbExtIV = TRUE;
1400 return TRUE;
1401}
1402
1403
1404
1405static BOOL s_bAPModeRxData (
592ccfeb
AM		 1406 PSDevice pDevice,
1407 struct sk_buff *skb,
cc856e61
AM		 1408 unsigned int FrameSize,
1409 unsigned int cbHeaderOffset,
213d2e93
AM		 1410 signed int iSANodeIndex,
1411 signed int iDANodeIndex
92b96797
FB		 1412 )
1413
1414{
1415 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1416 BOOL bRelayAndForward = FALSE;
1417 BOOL bRelayOnly = FALSE;
1418 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1419 WORD wAID;
1420
1421
1422 struct sk_buff* skbcpy = NULL;
1423
1424 if (FrameSize > CB_MAX_BUF_SIZE)
1425 return FALSE;
1426 // check DA
4b50fb40 1427 if (is_multicast_ether_addr((PBYTE)(skb->data+cbHeaderOffset))) {
92b96797
FB		 1428 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1429
1430 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1431
1432 // if any node in PS mode, buffer packet until DTIM.
1433 if (skbcpy == NULL) {
1434 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1435 }
1436 else {
1437 skbcpy->dev = pDevice->dev;
1438 skbcpy->len = FrameSize;
1439 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1440 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1441 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1442 // set tx map
1443 pMgmt->abyPSTxMap[0] |= byMask[0];
1444 }
1445 }
1446 else {
1447 bRelayAndForward = TRUE;
1448 }
1449 }
1450 else {
1451 // check if relay
1452 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1453 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1454 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1455 // queue this skb until next PS tx, and then release.
1456
1457 skb->data += cbHeaderOffset;
1458 skb->tail += cbHeaderOffset;
1459 skb_put(skb, FrameSize);
1460 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1461
1462 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1463 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1464 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1465 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1466 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1467 return TRUE;
1468 }
1469 else {
1470 bRelayOnly = TRUE;
1471 }
1472 }
9fc86028 1473 }
92b96797
FB		 1474 }
1475
1476 if (bRelayOnly || bRelayAndForward) {
1477 // relay this packet right now
1478 if (bRelayAndForward)
1479 iDANodeIndex = 0;
1480
1481 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
cc856e61
AM		 1482 bRelayPacketSend(pDevice, (PBYTE) (skb->data + cbHeaderOffset),
1483 FrameSize, (unsigned int) iDANodeIndex);
92b96797
FB		 1484 }
1485
1486 if (bRelayOnly)
1487 return FALSE;
1488 }
1489 // none associate, don't forward
1490 if (pDevice->uAssocCount == 0)
1491 return FALSE;
1492
1493 return TRUE;
1494}
1495
1496
1497
1498
8611a29a 1499void RXvWorkItem(void *Context)
92b96797
FB		 1500{
1501 PSDevice pDevice = (PSDevice) Context;
6487c49e 1502 int ntStatus;
92b96797
FB		 1503 PRCB pRCB=NULL;
1504
1505 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Polling Thread\n");
1506 spin_lock_irq(&pDevice->lock);
731047f9
AM		 1507
1508 while ((pDevice->Flags & fMP_POST_READS) &&
92b96797
FB		 1509 MP_IS_READY(pDevice) &&
1510 (pDevice->NumRecvFreeList != 0) ) {
1511 pRCB = pDevice->FirstRecvFreeList;
1512 pDevice->NumRecvFreeList--;
1513 ASSERT(pRCB);// cannot be NULL
1514 DequeueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList);
1515 ntStatus = PIPEnsBulkInUsbRead(pDevice, pRCB);
1516 }
1517 pDevice->bIsRxWorkItemQueued = FALSE;
1518 spin_unlock_irq(&pDevice->lock);
1519
1520}
1521
1522
8611a29a 1523void
92b96797 1524RXvFreeRCB(
592ccfeb
AM		 1525 PRCB pRCB,
1526 BOOL bReAllocSkb
92b96797
FB		 1527 )
1528{
1529 PSDevice pDevice = (PSDevice)pRCB->pDevice;
1530
1531
1532 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->RXvFreeRCB\n");
1533
1534 ASSERT(!pRCB->Ref); // should be 0
1535 ASSERT(pRCB->pDevice); // shouldn't be NULL
1536
1537 if (bReAllocSkb == TRUE) {
1538 pRCB->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1539 // todo error handling
1540 if (pRCB->skb == NULL) {
1541 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR" Failed to re-alloc rx skb\n");
1542 }else {
1543 pRCB->skb->dev = pDevice->dev;
1544 }
1545 }
1546 //
1547 // Insert the RCB back in the Recv free list
1548 //
1549 EnqueueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList, pRCB);
1550 pDevice->NumRecvFreeList++;
1551
1552
731047f9 1553 if ((pDevice->Flags & fMP_POST_READS) && MP_IS_READY(pDevice) &&
92b96797
FB		 1554 (pDevice->bIsRxWorkItemQueued == FALSE) ) {
1555
1556 pDevice->bIsRxWorkItemQueued = TRUE;
1557 tasklet_schedule(&pDevice->ReadWorkItem);
1558 }
1559 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"<----RXFreeRCB %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1560}
1561
1562
8611a29a 1563void RXvMngWorkItem(void *Context)
92b96797
FB		 1564{
1565 PSDevice pDevice = (PSDevice) Context;
1566 PRCB pRCB=NULL;
1567 PSRxMgmtPacket pRxPacket;
1568 BOOL bReAllocSkb = FALSE;
1569
1570 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Mng Thread\n");
1571
1572 spin_lock_irq(&pDevice->lock);
1573 while (pDevice->NumRecvMngList!=0)
1574 {
1575 pRCB = pDevice->FirstRecvMngList;
1576 pDevice->NumRecvMngList--;
1577 DequeueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList);
1578 if(!pRCB){
1579 break;
1580 }
1581 ASSERT(pRCB);// cannot be NULL
1582 pRxPacket = &(pRCB->sMngPacket);
0cbd8d98 1583 vMgrRxManagePacket((void *) pDevice, &(pDevice->sMgmtObj), pRxPacket);
92b96797
FB		 1584 pRCB->Ref--;
1585 if(pRCB->Ref == 0) {
1586 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RxvFreeMng %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1587 RXvFreeRCB(pRCB, bReAllocSkb);
1588 } else {
1589 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Rx Mng Only we have the right to free RCB\n");
1590 }
1591 }
1592
ba5c2b3d
FABP		 1593 pDevice->bIsRxMngWorkItemQueued = FALSE;
1594 spin_unlock_irq(&pDevice->lock);
92b96797
FB		 1595
1596}
1597
1598
kernel source for telekom puls (alcatel/mediatek)