projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mjg59/platf...
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / staging / vt6656 / dpc.c
CommitLineData
92b96797
FB		 1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
92b96797 41#include "device.h"
92b96797 42#include "rxtx.h"
92b96797 43#include "tether.h"
92b96797 44#include "card.h"
92b96797 45#include "bssdb.h"
92b96797 46#include "mac.h"
92b96797 47#include "baseband.h"
92b96797 48#include "michael.h"
92b96797 49#include "tkip.h"
92b96797 50#include "tcrc.h"
92b96797 51#include "wctl.h"
92b96797 52#include "hostap.h"
92b96797 53#include "rf.h"
92b96797 54#include "iowpa.h"
92b96797 55#include "aes_ccmp.h"
92b96797 56#include "datarate.h"
92b96797 57#include "usbpipe.h"
92b96797
FB		 58
59/*--------------------- Static Definitions -------------------------*/
60
61/*--------------------- Static Classes ----------------------------*/
62
63/*--------------------- Static Variables --------------------------*/
64//static int msglevel =MSG_LEVEL_DEBUG;
65static int msglevel =MSG_LEVEL_INFO;
66
67const BYTE acbyRxRate[MAX_RATE] =
68{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
69
70
71/*--------------------- Static Functions --------------------------*/
72
73/*--------------------- Static Definitions -------------------------*/
74
75/*--------------------- Static Functions --------------------------*/
76
592ccfeb 77static BYTE s_byGetRateIdx(BYTE byRate);
92b96797
FB		 78
79static
8611a29a 80void
92b96797 81s_vGetDASA(
592ccfeb 82 PBYTE pbyRxBufferAddr,
6f8c13c7
AM		 83 PUINT pcbHeaderSize,
84 PSEthernetHeader psEthHeader
92b96797
FB		 85 );
86
87static
8611a29a 88void
92b96797 89s_vProcessRxMACHeader (
592ccfeb
AM		 90 PSDevice pDevice,
91 PBYTE pbyRxBufferAddr,
cc856e61 92 unsigned int cbPacketSize,
592ccfeb
AM		 93 BOOL bIsWEP,
94 BOOL bExtIV,
6f8c13c7 95 PUINT pcbHeadSize
92b96797
FB		 96 );
97
98static BOOL s_bAPModeRxCtl(
592ccfeb
AM		 99 PSDevice pDevice,
100 PBYTE pbyFrame,
213d2e93 101 signed int iSANodeIndex
92b96797
FB		 102 );
103
104
105
106static BOOL s_bAPModeRxData (
592ccfeb
AM		 107 PSDevice pDevice,
108 struct sk_buff *skb,
cc856e61
AM		 109 unsigned int FrameSize,
110 unsigned int cbHeaderOffset,
213d2e93
AM		 111 signed int iSANodeIndex,
112 signed int iDANodeIndex
92b96797
FB		 113 );
114
115
116static BOOL s_bHandleRxEncryption(
592ccfeb
AM		 117 PSDevice pDevice,
118 PBYTE pbyFrame,
cc856e61 119 unsigned int FrameSize,
592ccfeb 120 PBYTE pbyRsr,
6f8c13c7
AM		 121 PBYTE pbyNewRsr,
122 PSKeyItem * pKeyOut,
193a823c 123 int * pbExtIV,
6f8c13c7
AM		 124 PWORD pwRxTSC15_0,
125 PDWORD pdwRxTSC47_16
92b96797
FB		 126 );
127
128static BOOL s_bHostWepRxEncryption(
129
592ccfeb
AM		 130 PSDevice pDevice,
131 PBYTE pbyFrame,
cc856e61 132 unsigned int FrameSize,
592ccfeb
AM		 133 PBYTE pbyRsr,
134 BOOL bOnFly,
135 PSKeyItem pKey,
6f8c13c7 136 PBYTE pbyNewRsr,
193a823c 137 int * pbExtIV,
6f8c13c7
AM		 138 PWORD pwRxTSC15_0,
139 PDWORD pdwRxTSC47_16
92b96797
FB		 140
141 );
142
143/*--------------------- Export Variables --------------------------*/
144
145/*+
146 *
147 * Description:
148 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
149 *
150 * Parameters:
151 * In:
152 * pDevice
153 * dwRxBufferAddr - Address of Rcv Buffer
154 * cbPacketSize - Rcv Packet size
155 * bIsWEP - If Rcv with WEP
156 * Out:
157 * pcbHeaderSize - 802.11 header size
158 *
159 * Return Value: None
160 *
161-*/
162static
8611a29a 163void
92b96797 164s_vProcessRxMACHeader (
592ccfeb
AM		 165 PSDevice pDevice,
166 PBYTE pbyRxBufferAddr,
cc856e61 167 unsigned int cbPacketSize,
592ccfeb
AM		 168 BOOL bIsWEP,
169 BOOL bExtIV,
6f8c13c7 170 PUINT pcbHeadSize
92b96797
FB		 171 )
172{
173 PBYTE pbyRxBuffer;
cc856e61 174 unsigned int cbHeaderSize = 0;
92b96797
FB		 175 PWORD pwType;
176 PS802_11Header pMACHeader;
177 int ii;
178
179
180 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
181
182 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
183
184 if (bIsWEP) {
185 if (bExtIV) {
186 // strip IV&ExtIV , add 8 byte
187 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
188 } else {
189 // strip IV , add 4 byte
190 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
191 }
192 }
193 else {
194 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
195 };
196
197 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
198 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
199 cbHeaderSize += 6;
200 }
201 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
202 cbHeaderSize += 6;
203 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
204 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
205 }
206 else {
207 cbHeaderSize -= 8;
208 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
209 if (bIsWEP) {
210 if (bExtIV) {
211 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
212 } else {
213 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
214 }
215 }
216 else {
217 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
218 }
219 }
220 }
221 else {
222 cbHeaderSize -= 2;
223 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
224 if (bIsWEP) {
225 if (bExtIV) {
226 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
227 } else {
228 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
229 }
230 }
231 else {
232 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
233 }
234 }
235
9a0e756c 236 cbHeaderSize -= (ETH_ALEN * 2);
92b96797 237 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
9a0e756c 238 for (ii = 0; ii < ETH_ALEN; ii++)
92b96797 239 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
9a0e756c 240 for (ii = 0; ii < ETH_ALEN; ii++)
92b96797
FB		 241 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
242
243 *pcbHeadSize = cbHeaderSize;
244}
245
246
247
248
592ccfeb 249static BYTE s_byGetRateIdx(BYTE byRate)
92b96797
FB		 250{
251 BYTE byRateIdx;
252
253 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
254 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
255 return byRateIdx;
256 }
257 return 0;
258}
259
260
261static
8611a29a 262void
92b96797 263s_vGetDASA (
592ccfeb 264 PBYTE pbyRxBufferAddr,
6f8c13c7
AM		 265 PUINT pcbHeaderSize,
266 PSEthernetHeader psEthHeader
92b96797
FB		 267 )
268{
cc856e61 269 unsigned int cbHeaderSize = 0;
9a0e756c
AM		 270 PS802_11Header pMACHeader;
271 int ii;
272
273 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
274
275 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
276 if (pMACHeader->wFrameCtl & FC_FROMDS) {
277 for (ii = 0; ii < ETH_ALEN; ii++) {
278 psEthHeader->abyDstAddr[ii] =
279 pMACHeader->abyAddr1[ii];
280 psEthHeader->abySrcAddr[ii] =
281 pMACHeader->abyAddr3[ii];
282 }
283 } else {
284 /* IBSS mode */
285 for (ii = 0; ii < ETH_ALEN; ii++) {
286 psEthHeader->abyDstAddr[ii] =
287 pMACHeader->abyAddr1[ii];
288 psEthHeader->abySrcAddr[ii] =
289 pMACHeader->abyAddr2[ii];
290 }
291 }
292 } else {
293 /* Is AP mode.. */
294 if (pMACHeader->wFrameCtl & FC_FROMDS) {
295 for (ii = 0; ii < ETH_ALEN; ii++) {
296 psEthHeader->abyDstAddr[ii] =
297 pMACHeader->abyAddr3[ii];
298 psEthHeader->abySrcAddr[ii] =
299 pMACHeader->abyAddr4[ii];
300 cbHeaderSize += 6;
301 }
302 } else {
303 for (ii = 0; ii < ETH_ALEN; ii++) {
304 psEthHeader->abyDstAddr[ii] =
305 pMACHeader->abyAddr3[ii];
306 psEthHeader->abySrcAddr[ii] =
307 pMACHeader->abyAddr2[ii];
308 }
309 }
310 };
92b96797
FB		 311 *pcbHeaderSize = cbHeaderSize;
312}
313
314
315
316
317BOOL
318RXbBulkInProcessData (
592ccfeb
AM		 319 PSDevice pDevice,
320 PRCB pRCB,
cc856e61 321 unsigned long BytesToIndicate
92b96797
FB		 322 )
323{
324
325 struct net_device_stats* pStats=&pDevice->stats;
326 struct sk_buff* skb;
327 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
328 PSRxMgmtPacket pRxPacket = &(pMgmt->sRxPacket);
329 PS802_11Header p802_11Header;
330 PBYTE pbyRsr;
331 PBYTE pbyNewRsr;
332 PBYTE pbyRSSI;
333 PQWORD pqwTSFTime;
334 PBYTE pbyFrame;
335 BOOL bDeFragRx = FALSE;
cc856e61
AM		 336 unsigned int cbHeaderOffset;
337 unsigned int FrameSize;
92b96797 338 WORD wEtherType = 0;
213d2e93
AM		 339 signed int iSANodeIndex = -1;
340 signed int iDANodeIndex = -1;
cc856e61
AM		 341 unsigned int ii;
342 unsigned int cbIVOffset;
92b96797
FB		 343 PBYTE pbyRxSts;
344 PBYTE pbyRxRate;
345 PBYTE pbySQ;
346#ifdef Calcu_LinkQual
347 PBYTE pby3SQ;
348#endif
cc856e61 349 unsigned int cbHeaderSize;
92b96797
FB		 350 PSKeyItem pKey = NULL;
351 WORD wRxTSC15_0 = 0;
352 DWORD dwRxTSC47_16 = 0;
353 SKeyItem STempKey;
354 // 802.11h RPI
213d2e93 355 /* signed long ldBm = 0; */
92b96797
FB		 356 BOOL bIsWEP = FALSE;
357 BOOL bExtIV = FALSE;
358 DWORD dwWbkStatus;
359 PRCB pRCBIndicate = pRCB;
360 PBYTE pbyDAddress;
361 PWORD pwPLCP_Length;
362 BYTE abyVaildRate[MAX_RATE] = {2,4,11,22,12,18,24,36,48,72,96,108};
363 WORD wPLCPwithPadding;
364 PS802_11Header pMACHeader;
365 BOOL bRxeapol_key = FALSE;
366
367
368
369 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- RXbBulkInProcessData---\n");
370
371 skb = pRCB->skb;
372
373 //[31:16]RcvByteCount ( not include 4-byte Status )
374 dwWbkStatus = *( (PDWORD)(skb->data) );
cc856e61 375 FrameSize = (unsigned int)(dwWbkStatus >> 16);
92b96797
FB		 376 FrameSize += 4;
377
378 if (BytesToIndicate != FrameSize) {
379 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
380 return FALSE;
381 }
382
383 if ((BytesToIndicate > 2372)||(BytesToIndicate <= 40)) {
384 // Frame Size error drop this packet.
385 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
386 return FALSE;
387 }
388
389 pbyDAddress = (PBYTE)(skb->data);
390 pbyRxSts = pbyDAddress+4;
391 pbyRxRate = pbyDAddress+5;
392
393 //real Frame Size = USBFrameSize -4WbkStatus - 4RxStatus - 8TSF - 4RSR - 4SQ3 - ?Padding
394 //if SQ3 the range is 24~27, if no SQ3 the range is 20~23
395 //real Frame size in PLCPLength field.
396 pwPLCP_Length = (PWORD) (pbyDAddress + 6);
397 //Fix hardware bug => PLCP_Length error
398 if ( ((BytesToIndicate - (*pwPLCP_Length)) > 27) ||
399 ((BytesToIndicate - (*pwPLCP_Length)) < 24) ||
400 (BytesToIndicate < (*pwPLCP_Length)) ) {
401
402 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong PLCP Length %x\n", (int) *pwPLCP_Length);
403 ASSERT(0);
404 return FALSE;
405 }
406 for ( ii=RATE_1M;ii<MAX_RATE;ii++) {
407 if ( *pbyRxRate == abyVaildRate[ii] ) {
408 break;
409 }
410 }
411 if ( ii==MAX_RATE ) {
412 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong RxRate %x\n",(int) *pbyRxRate);
413 return FALSE;
414 }
415
416 wPLCPwithPadding = ( (*pwPLCP_Length / 4) + ( (*pwPLCP_Length % 4) ? 1:0 ) ) *4;
417
418 pqwTSFTime = (PQWORD) (pbyDAddress + 8 + wPLCPwithPadding);
419#ifdef Calcu_LinkQual
420 if(pDevice->byBBType == BB_TYPE_11G) {
421 pby3SQ = pbyDAddress + 8 + wPLCPwithPadding + 12;
422 pbySQ = pby3SQ;
423 }
424 else {
425 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
426 pby3SQ = pbySQ;
427 }
428#else
429 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
430#endif
431 pbyNewRsr = pbyDAddress + 8 + wPLCPwithPadding + 9;
432 pbyRSSI = pbyDAddress + 8 + wPLCPwithPadding + 10;
433 pbyRsr = pbyDAddress + 8 + wPLCPwithPadding + 11;
434
435 FrameSize = *pwPLCP_Length;
436
437 pbyFrame = pbyDAddress + 8;
438 // update receive statistic counter
439
440 STAvUpdateRDStatCounter(&pDevice->scStatistic,
441 *pbyRsr,
442 *pbyNewRsr,
443 *pbyRxSts,
444 *pbyRxRate,
445 pbyFrame,
446 FrameSize
447 );
448
449
450 pMACHeader = (PS802_11Header) pbyFrame;
451
452//mike add: to judge if current AP is activated?
453 if ((pMgmt->eCurrMode == WMAC_MODE_STANDBY) ||
454 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA)) {
455 if (pMgmt->sNodeDBTable[0].bActive) {
456 if(IS_ETH_ADDRESS_EQUAL (pMgmt->abyCurrBSSID, pMACHeader->abyAddr2) ) {
457 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
458 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
459 }
460 }
461 }
462
463 if (!IS_MULTICAST_ADDRESS(pMACHeader->abyAddr1) && !IS_BROADCAST_ADDRESS(pMACHeader->abyAddr1)) {
464 if ( WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) pbyFrame) ) {
465 pDevice->s802_11Counter.FrameDuplicateCount++;
466 return FALSE;
467 }
468
469 if ( !IS_ETH_ADDRESS_EQUAL (pDevice->abyCurrentNetAddr, pMACHeader->abyAddr1) ) {
470 return FALSE;
471 }
472 }
473
474
475 // Use for TKIP MIC
476 s_vGetDASA(pbyFrame, &cbHeaderSize, &pDevice->sRxEthHeader);
477
478 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
479 return FALSE;
480
481 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
482 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
483 p802_11Header = (PS802_11Header) (pbyFrame);
484 // get SA NodeIndex
485 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
486 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
487 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
488 }
489 }
490 }
491
492 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
493 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
494 return FALSE;
495 }
496 }
497
498
499 if (IS_FC_WEP(pbyFrame)) {
500 BOOL bRxDecryOK = FALSE;
501
502 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
503 bIsWEP = TRUE;
504 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
505 pKey = &STempKey;
506 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
507 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
508 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
509 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
510 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
511 memcpy(pKey->abyKey,
512 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
513 pKey->uKeyLength
514 );
515
516 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
517 pbyFrame,
518 FrameSize,
519 pbyRsr,
520 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
521 pKey,
522 pbyNewRsr,
523 &bExtIV,
524 &wRxTSC15_0,
525 &dwRxTSC47_16);
526 } else {
527 bRxDecryOK = s_bHandleRxEncryption(pDevice,
528 pbyFrame,
529 FrameSize,
530 pbyRsr,
531 pbyNewRsr,
532 &pKey,
533 &bExtIV,
534 &wRxTSC15_0,
535 &dwRxTSC47_16);
536 }
537
538 if (bRxDecryOK) {
539 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
540 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
541 if ( (pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
542 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
543 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
544 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
545 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
546
547 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
548 pDevice->s802_11Counter.TKIPICVErrors++;
549 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
550 pDevice->s802_11Counter.CCMPDecryptErrors++;
551 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
552// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
553 }
554 }
555 return FALSE;
556 }
557 } else {
558 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
559 return FALSE;
560 }
561 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
562 FrameSize -= 8; // Message Integrity Code
563 else
564 FrameSize -= 4; // 4 is ICV
565 }
566
567
568 //
569 // RX OK
570 //
571 //remove the CRC length
572 FrameSize -= U_CRC_LEN;
573
8a3d91b0 574 if ( !(*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) && // unicast address
92b96797
FB		 575 (IS_FRAGMENT_PKT((pbyFrame)))
576 ) {
577 // defragment
578 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (pbyFrame), FrameSize, bIsWEP, bExtIV);
579 pDevice->s802_11Counter.ReceivedFragmentCount++;
580 if (bDeFragRx) {
581 // defrag complete
582 // TODO skb, pbyFrame
583 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
584 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
585 pbyFrame = skb->data + 8;
586 }
587 else {
588 return FALSE;
589 }
590 }
591
592 //
593 // Management & Control frame Handle
594 //
595 if ((IS_TYPE_DATA((pbyFrame))) == FALSE) {
596 // Handle Control & Manage Frame
597
598 if (IS_TYPE_MGMT((pbyFrame))) {
599 PBYTE pbyData1;
600 PBYTE pbyData2;
601
602 pRxPacket = &(pRCB->sMngPacket);
603 pRxPacket->p80211Header = (PUWLAN_80211HDR)(pbyFrame);
604 pRxPacket->cbMPDULen = FrameSize;
605 pRxPacket->uRSSI = *pbyRSSI;
606 pRxPacket->bySQ = *pbySQ;
607 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
608 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
609 if (bIsWEP) {
610 // strip IV
611 pbyData1 = WLAN_HDR_A3_DATA_PTR(pbyFrame);
612 pbyData2 = WLAN_HDR_A3_DATA_PTR(pbyFrame) + 4;
613 for (ii = 0; ii < (FrameSize - 4); ii++) {
614 *pbyData1 = *pbyData2;
615 pbyData1++;
616 pbyData2++;
617 }
618 }
619
620 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
621
622 if ( *pbyRxSts == 0 ) {
623 //Discard beacon packet which channel is 0
624 if ( (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_BEACON) ||
625 (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_PROBERESP) ) {
626 return TRUE;
627 }
628 }
629 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
630
631 // hostap Deamon handle 802.11 management
632 if (pDevice->bEnableHostapd) {
633 skb->dev = pDevice->apdev;
634 //skb->data += 4;
635 //skb->tail += 4;
636 skb->data += 8;
637 skb->tail += 8;
638 skb_put(skb, FrameSize);
d899d403 639 skb_reset_mac_header(skb);
92b96797
FB		 640 skb->pkt_type = PACKET_OTHERHOST;
641 skb->protocol = htons(ETH_P_802_2);
642 memset(skb->cb, 0, sizeof(skb->cb));
643 netif_rx(skb);
644 return TRUE;
645 }
646
647 //
648 // Insert the RCB in the Recv Mng list
649 //
650 EnqueueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList, pRCBIndicate);
651 pDevice->NumRecvMngList++;
652 if ( bDeFragRx == FALSE) {
653 pRCB->Ref++;
654 }
655 if (pDevice->bIsRxMngWorkItemQueued == FALSE) {
656 pDevice->bIsRxMngWorkItemQueued = TRUE;
657 tasklet_schedule(&pDevice->RxMngWorkItem);
658 }
659
660 }
661 else {
662 // Control Frame
663 };
664 return FALSE;
665 }
666 else {
667 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
668 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
8a3d91b0 669 if ( !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 670 if (bDeFragRx) {
671 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
672 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
673 pDevice->dev->name);
674 }
675 }
676 return FALSE;
677 }
678 }
679 else {
680 // discard DATA packet while not associate || BSSID error
681 if ((pDevice->bLinkPass == FALSE) ||
8a3d91b0 682 !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 683 if (bDeFragRx) {
684 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
685 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
686 pDevice->dev->name);
687 }
688 }
689 return FALSE;
690 }
691 //mike add:station mode check eapol-key challenge--->
692 {
693 BYTE Protocol_Version; //802.1x Authentication
694 BYTE Packet_Type; //802.1x Authentication
695 BYTE Descriptor_type;
696 WORD Key_info;
697 if (bIsWEP)
698 cbIVOffset = 8;
699 else
700 cbIVOffset = 0;
701 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
702 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
703 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
704 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
705 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
706 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
707 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
708 bRxeapol_key = TRUE;
709 Descriptor_type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2];
710 Key_info = (skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+1]<<8) |skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+2] ;
711 if(Descriptor_type==2) { //RSN
712 // printk("WPA2_Rx_eapol-key_info<-----:%x\n",Key_info);
713 }
714 else if(Descriptor_type==254) {
715 // printk("WPA_Rx_eapol-key_info<-----:%x\n",Key_info);
716 }
717 }
718 }
719 }
720 //mike add:station mode check eapol-key challenge<---
721 }
722 }
723
724
725// Data frame Handle
726
727
728 if (pDevice->bEnablePSMode) {
729 if (IS_FC_MOREDATA((pbyFrame))) {
8a3d91b0 730 if (*pbyRsr & RSR_ADDROK) {
92b96797
FB		 731 //PSbSendPSPOLL((PSDevice)pDevice);
732 }
733 }
734 else {
735 if (pMgmt->bInTIMWake == TRUE) {
736 pMgmt->bInTIMWake = FALSE;
737 }
738 }
739 };
740
741 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
742 if (pDevice->bDiversityEnable && (FrameSize>50) &&
743 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
744 (pDevice->bLinkPass == TRUE)) {
745 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
746 }
747
748 // ++++++++ For BaseBand Algorithm +++++++++++++++
749 pDevice->uCurrRSSI = *pbyRSSI;
750 pDevice->byCurrSQ = *pbySQ;
751
752 // todo
753/*
754 if ((*pbyRSSI != 0) &&
755 (pMgmt->pCurrBSS!=NULL)) {
756 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
757 // Moniter if RSSI is too strong.
758 pMgmt->pCurrBSS->byRSSIStatCnt++;
759 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
760 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
761 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
762 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
763 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
764 }
765 }
766 }
767*/
768
769
770 // -----------------------------------------------
771
772 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
773 BYTE abyMacHdr[24];
774
775 // Only 802.1x packet incoming allowed
776 if (bIsWEP)
777 cbIVOffset = 8;
778 else
779 cbIVOffset = 0;
780 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
781 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
782
783 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
784 if (wEtherType == ETH_P_PAE) {
785 skb->dev = pDevice->apdev;
786
787 if (bIsWEP == TRUE) {
788 // strip IV header(8)
789 memcpy(&abyMacHdr[0], (skb->data + 8), 24);
790 memcpy((skb->data + 8 + cbIVOffset), &abyMacHdr[0], 24);
791 }
792
793 skb->data += (cbIVOffset + 8);
794 skb->tail += (cbIVOffset + 8);
795 skb_put(skb, FrameSize);
d899d403 796 skb_reset_mac_header(skb);
92b96797
FB		 797 skb->pkt_type = PACKET_OTHERHOST;
798 skb->protocol = htons(ETH_P_802_2);
799 memset(skb->cb, 0, sizeof(skb->cb));
800 netif_rx(skb);
801 return TRUE;
802
803 }
804 // check if 802.1x authorized
805 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
806 return FALSE;
807 }
808
809
810 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
811 if (bIsWEP) {
812 FrameSize -= 8; //MIC
813 }
814 }
815
816 //--------------------------------------------------------------------------------
817 // Soft MIC
818 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
819 if (bIsWEP) {
820 PDWORD pdwMIC_L;
821 PDWORD pdwMIC_R;
822 DWORD dwMIC_Priority;
823 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
824 DWORD dwLocalMIC_L = 0;
825 DWORD dwLocalMIC_R = 0;
826 viawget_wpa_header *wpahdr;
827
828
829 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
830 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
831 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
832 }
833 else {
834 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
835 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
836 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
837 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
838 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
839 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
840 } else {
841 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
842 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
843 }
844 }
845
846 MIC_vInit(dwMICKey0, dwMICKey1);
847 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
848 dwMIC_Priority = 0;
849 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
850 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
851 MIC_vAppend((PBYTE)(skb->data + 8 + WLAN_HDR_ADDR3_LEN + 8),
852 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
853 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
854 MIC_vUnInit();
855
856 pdwMIC_L = (PDWORD)(skb->data + 8 + FrameSize);
857 pdwMIC_R = (PDWORD)(skb->data + 8 + FrameSize + 4);
858
859
860 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
861 (pDevice->bRxMICFail == TRUE)) {
862 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
863 pDevice->bRxMICFail = FALSE;
864 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
865 pDevice->s802_11Counter.TKIPLocalMICFailures++;
866 if (bDeFragRx) {
867 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
868 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
869 pDevice->dev->name);
870 }
871 }
872 //2008-0409-07, <Add> by Einsn Liu
873 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
874 //send event to wpa_supplicant
875 //if(pDevice->bWPASuppWextEnabled == TRUE)
876 {
877 union iwreq_data wrqu;
878 struct iw_michaelmicfailure ev;
879 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
880 memset(&ev, 0, sizeof(ev));
881 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
882 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
883 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
884 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
885 ev.flags |= IW_MICFAILURE_PAIRWISE;
886 } else {
887 ev.flags |= IW_MICFAILURE_GROUP;
888 }
889
890 ev.src_addr.sa_family = ARPHRD_ETHER;
891 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
892 memset(&wrqu, 0, sizeof(wrqu));
893 wrqu.data.length = sizeof(ev);
894 PRINT_K("wireless_send_event--->IWEVMICHAELMICFAILURE\n");
895 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
896
897 }
898 #endif
899
900
901 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
902 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
903 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
904 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
905 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
906 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
907 wpahdr->type = VIAWGET_PTK_MIC_MSG;
908 } else {
909 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
910 wpahdr->type = VIAWGET_GTK_MIC_MSG;
911 }
912 wpahdr->resp_ie_len = 0;
913 wpahdr->req_ie_len = 0;
914 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
915 pDevice->skb->dev = pDevice->wpadev;
d899d403 916 skb_reset_mac_header(pDevice->skb);
92b96797
FB		 917 pDevice->skb->pkt_type = PACKET_HOST;
918 pDevice->skb->protocol = htons(ETH_P_802_2);
919 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
920 netif_rx(pDevice->skb);
921 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
922 };
923
924 return FALSE;
925
926 }
927 }
928 } //---end of SOFT MIC-----------------------------------------------------------------------
929
930 // ++++++++++ Reply Counter Check +++++++++++++
931
932 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
933 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
934 if (bIsWEP) {
935 WORD wLocalTSC15_0 = 0;
936 DWORD dwLocalTSC47_16 = 0;
cc856e61 937 unsigned long long RSC = 0;
92b96797 938 // endian issues
cc856e61 939 RSC = *((unsigned long long *) &(pKey->KeyRSC));
92b96797
FB		 940 wLocalTSC15_0 = (WORD) RSC;
941 dwLocalTSC47_16 = (DWORD) (RSC>>16);
942
943 RSC = dwRxTSC47_16;
944 RSC <<= 16;
945 RSC += wRxTSC15_0;
3e362598 946 memcpy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
92b96797
FB		 947
948 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
949 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
950 // check RSC
951 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
952 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
953 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
954 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
955 if (pKey->byCipherSuite == KEY_CTL_TKIP)
956 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
957 pDevice->s802_11Counter.TKIPReplays++;
958 else
959 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
960 pDevice->s802_11Counter.CCMPReplays++;
961
962 if (bDeFragRx) {
963 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
964 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
965 pDevice->dev->name);
966 }
967 }
968 return FALSE;
969 }
970 }
971 }
972 } // ----- End of Reply Counter Check --------------------------
973
974
975 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+8), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
976 FrameSize -= cbHeaderOffset;
977 cbHeaderOffset += 8; // 8 is Rcv buffer header
978
979 // Null data, framesize = 12
980 if (FrameSize < 12)
981 return FALSE;
982
983 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
984 if (s_bAPModeRxData(pDevice,
985 skb,
986 FrameSize,
987 cbHeaderOffset,
988 iSANodeIndex,
989 iDANodeIndex
990 ) == FALSE) {
991
992 if (bDeFragRx) {
993 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
994 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
995 pDevice->dev->name);
996 }
997 }
998 return FALSE;
999 }
1000
1001 }
1002
1003 skb->data += cbHeaderOffset;
1004 skb->tail += cbHeaderOffset;
1005 skb_put(skb, FrameSize);
1006 skb->protocol=eth_type_trans(skb, skb->dev);
1007 skb->ip_summed=CHECKSUM_NONE;
1008 pStats->rx_bytes +=skb->len;
1009 pStats->rx_packets++;
1010 netif_rx(skb);
1011 if (bDeFragRx) {
1012 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1013 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1014 pDevice->dev->name);
1015 }
1016 return FALSE;
1017 }
1018
1019 return TRUE;
1020}
1021
1022
1023static BOOL s_bAPModeRxCtl (
592ccfeb
AM		 1024 PSDevice pDevice,
1025 PBYTE pbyFrame,
213d2e93 1026 signed int iSANodeIndex
92b96797
FB		 1027 )
1028{
1029 PS802_11Header p802_11Header;
1030 CMD_STATUS Status;
1031 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1032
1033
1034 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1035
1036 p802_11Header = (PS802_11Header) (pbyFrame);
1037 if (!IS_TYPE_MGMT(pbyFrame)) {
1038
1039 // Data & PS-Poll packet
1040 // check frame class
1041 if (iSANodeIndex > 0) {
1042 // frame class 3 fliter & checking
1043 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1044 // send deauth notification
1045 // reason = (6) class 2 received from nonauth sta
1046 vMgrDeAuthenBeginSta(pDevice,
1047 pMgmt,
1048 (PBYTE)(p802_11Header->abyAddr2),
1049 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1050 &Status
1051 );
1052 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1053 return TRUE;
1054 };
1055 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1056 // send deassoc notification
1057 // reason = (7) class 3 received from nonassoc sta
1058 vMgrDisassocBeginSta(pDevice,
1059 pMgmt,
1060 (PBYTE)(p802_11Header->abyAddr2),
1061 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1062 &Status
1063 );
1064 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1065 return TRUE;
1066 };
1067
1068 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1069 // delcare received ps-poll event
1070 if (IS_CTL_PSPOLL(pbyFrame)) {
1071 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
0cbd8d98
AM		 1072 bScheduleCommand((void *) pDevice,
1073 WLAN_CMD_RX_PSPOLL,
1074 NULL);
92b96797
FB		 1075 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1076 }
1077 else {
1078 // check Data PS state
1079 // if PW bit off, send out all PS bufferring packets.
1080 if (!IS_FC_POWERMGT(pbyFrame)) {
1081 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1082 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
0cbd8d98
AM		 1083 bScheduleCommand((void *) pDevice,
1084 WLAN_CMD_RX_PSPOLL,
1085 NULL);
92b96797
FB		 1086 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1087 }
1088 }
1089 }
1090 else {
1091 if (IS_FC_POWERMGT(pbyFrame)) {
1092 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1093 // Once if STA in PS state, enable multicast bufferring
1094 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1095 }
1096 else {
1097 // clear all pending PS frame.
1098 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1099 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1100 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
0cbd8d98
AM		 1101 bScheduleCommand((void *) pDevice,
1102 WLAN_CMD_RX_PSPOLL,
1103 NULL);
92b96797
FB		 1104 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1105
1106 }
1107 }
1108 }
1109 }
1110 else {
1111 vMgrDeAuthenBeginSta(pDevice,
1112 pMgmt,
1113 (PBYTE)(p802_11Header->abyAddr2),
1114 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1115 &Status
1116 );
1117 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1118 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
1119 p802_11Header->abyAddr3[0],
1120 p802_11Header->abyAddr3[1],
1121 p802_11Header->abyAddr3[2],
1122 p802_11Header->abyAddr3[3],
1123 p802_11Header->abyAddr3[4],
1124 p802_11Header->abyAddr3[5]
1125 );
1126 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
1127 p802_11Header->abyAddr2[0],
1128 p802_11Header->abyAddr2[1],
1129 p802_11Header->abyAddr2[2],
1130 p802_11Header->abyAddr2[3],
1131 p802_11Header->abyAddr2[4],
1132 p802_11Header->abyAddr2[5]
1133 );
1134 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
1135 p802_11Header->abyAddr1[0],
1136 p802_11Header->abyAddr1[1],
1137 p802_11Header->abyAddr1[2],
1138 p802_11Header->abyAddr1[3],
1139 p802_11Header->abyAddr1[4],
1140 p802_11Header->abyAddr1[5]
1141 );
1142 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1143 return TRUE;
1144 }
1145 }
1146 }
1147 return FALSE;
1148
1149}
1150
1151static BOOL s_bHandleRxEncryption (
592ccfeb
AM		 1152 PSDevice pDevice,
1153 PBYTE pbyFrame,
cc856e61 1154 unsigned int FrameSize,
592ccfeb 1155 PBYTE pbyRsr,
6f8c13c7
AM		 1156 PBYTE pbyNewRsr,
1157 PSKeyItem * pKeyOut,
193a823c 1158 int * pbExtIV,
6f8c13c7
AM		 1159 PWORD pwRxTSC15_0,
1160 PDWORD pdwRxTSC47_16
92b96797
FB		 1161 )
1162{
cc856e61 1163 unsigned int PayloadLen = FrameSize;
92b96797
FB		 1164 PBYTE pbyIV;
1165 BYTE byKeyIdx;
1166 PSKeyItem pKey = NULL;
1167 BYTE byDecMode = KEY_CTL_WEP;
1168 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1169
1170
1171 *pwRxTSC15_0 = 0;
1172 *pdwRxTSC47_16 = 0;
1173
1174 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1175 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1176 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1177 pbyIV += 6; // 6 is 802.11 address4
1178 PayloadLen -= 6;
1179 }
1180 byKeyIdx = (*(pbyIV+3) & 0xc0);
1181 byKeyIdx >>= 6;
1182 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1183
1184 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1185 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1186 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1187 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1188 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1189 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1190 (pMgmt->byCSSPK != KEY_CTL_NONE)) {
1191 // unicast pkt use pairwise key
1192 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1193 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1194 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
1195 byDecMode = KEY_CTL_TKIP;
1196 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
1197 byDecMode = KEY_CTL_CCMP;
1198 }
1199 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1200 } else {
1201 // use group key
1202 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1203 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1204 byDecMode = KEY_CTL_TKIP;
1205 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1206 byDecMode = KEY_CTL_CCMP;
1207 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1208 }
1209 }
1210 // our WEP only support Default Key
1211 if (pKey == NULL) {
1212 // use default group key
1213 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1214 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1215 byDecMode = KEY_CTL_TKIP;
1216 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1217 byDecMode = KEY_CTL_CCMP;
1218 }
1219 *pKeyOut = pKey;
1220
1221 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1222
1223 if (pKey == NULL) {
1224 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1225 if (byDecMode == KEY_CTL_WEP) {
1226// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1227 } else if (pDevice->bLinkPass == TRUE) {
1228// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1229 }
1230 return FALSE;
1231 }
1232 if (byDecMode != pKey->byCipherSuite) {
1233 if (byDecMode == KEY_CTL_WEP) {
1234// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1235 } else if (pDevice->bLinkPass == TRUE) {
1236// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1237 }
1238 *pKeyOut = NULL;
1239 return FALSE;
1240 }
1241 if (byDecMode == KEY_CTL_WEP) {
1242 // handle WEP
1243 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1244 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1245 // Software WEP
1246 // 1. 3253A
1247 // 2. WEP 256
1248
1249 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1250 memcpy(pDevice->abyPRNG, pbyIV, 3);
1251 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1252 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1253 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1254
1255 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1256 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1257 }
1258 }
1259 } else if ((byDecMode == KEY_CTL_TKIP) ||
1260 (byDecMode == KEY_CTL_CCMP)) {
1261 // TKIP/AES
1262
1263 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1264 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1265 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1266 if (byDecMode == KEY_CTL_TKIP) {
1267 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1268 } else {
1269 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1270 }
1271 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1272
1273 if ((byDecMode == KEY_CTL_TKIP) &&
1274 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1275 // Software TKIP
1276 // 1. 3253 A
1277 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1278 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1279 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1280 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1281 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1282 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1283 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1284 } else {
1285 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1286 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1287 }
1288 }
1289 }// end of TKIP/AES
1290
1291 if ((*(pbyIV+3) & 0x20) != 0)
1292 *pbExtIV = TRUE;
1293 return TRUE;
1294}
1295
1296
1297static BOOL s_bHostWepRxEncryption (
592ccfeb
AM		 1298 PSDevice pDevice,
1299 PBYTE pbyFrame,
cc856e61 1300 unsigned int FrameSize,
592ccfeb
AM		 1301 PBYTE pbyRsr,
1302 BOOL bOnFly,
1303 PSKeyItem pKey,
6f8c13c7 1304 PBYTE pbyNewRsr,
193a823c 1305 int * pbExtIV,
6f8c13c7
AM		 1306 PWORD pwRxTSC15_0,
1307 PDWORD pdwRxTSC47_16
92b96797
FB		 1308 )
1309{
1310 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
cc856e61 1311 unsigned int PayloadLen = FrameSize;
92b96797
FB		 1312 PBYTE pbyIV;
1313 BYTE byKeyIdx;
1314 BYTE byDecMode = KEY_CTL_WEP;
1315 PS802_11Header pMACHeader;
1316
1317
1318
1319 *pwRxTSC15_0 = 0;
1320 *pdwRxTSC47_16 = 0;
1321
1322 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1323 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1324 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1325 pbyIV += 6; // 6 is 802.11 address4
1326 PayloadLen -= 6;
1327 }
1328 byKeyIdx = (*(pbyIV+3) & 0xc0);
1329 byKeyIdx >>= 6;
1330 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1331
1332
1333 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1334 byDecMode = KEY_CTL_TKIP;
1335 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1336 byDecMode = KEY_CTL_CCMP;
1337
1338 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1339
1340 if (byDecMode != pKey->byCipherSuite) {
1341 if (byDecMode == KEY_CTL_WEP) {
1342// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1343 } else if (pDevice->bLinkPass == TRUE) {
1344// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1345 }
1346 return FALSE;
1347 }
1348
1349 if (byDecMode == KEY_CTL_WEP) {
1350 // handle WEP
1351 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1352 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1353 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1354 (bOnFly == FALSE)) {
1355 // Software WEP
1356 // 1. 3253A
1357 // 2. WEP 256
1358 // 3. NotOnFly
1359
1360 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1361 memcpy(pDevice->abyPRNG, pbyIV, 3);
1362 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1363 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1364 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1365
1366 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1367 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1368 }
1369 }
1370 } else if ((byDecMode == KEY_CTL_TKIP) ||
1371 (byDecMode == KEY_CTL_CCMP)) {
1372 // TKIP/AES
1373
1374 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1375 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1376 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1377
1378 if (byDecMode == KEY_CTL_TKIP) {
1379 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1380 } else {
1381 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1382 }
1383 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1384
1385 if (byDecMode == KEY_CTL_TKIP) {
1386
1387 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1388 // Software TKIP
1389 // 1. 3253 A
1390 // 2. NotOnFly
1391 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1392 pMACHeader = (PS802_11Header) (pbyFrame);
1393 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1394 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1395 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1396 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1397 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1398 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1399 } else {
1400 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1401 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1402 }
1403 }
1404 }
1405
1406 if (byDecMode == KEY_CTL_CCMP) {
1407 if (bOnFly == FALSE) {
1408 // Software CCMP
1409 // NotOnFly
1410 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1411 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1412 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1413 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1414 } else {
1415 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1416 }
1417 }
1418 }
1419
1420 }// end of TKIP/AES
1421
1422 if ((*(pbyIV+3) & 0x20) != 0)
1423 *pbExtIV = TRUE;
1424 return TRUE;
1425}
1426
1427
1428
1429static BOOL s_bAPModeRxData (
592ccfeb
AM		 1430 PSDevice pDevice,
1431 struct sk_buff *skb,
cc856e61
AM		 1432 unsigned int FrameSize,
1433 unsigned int cbHeaderOffset,
213d2e93
AM		 1434 signed int iSANodeIndex,
1435 signed int iDANodeIndex
92b96797
FB		 1436 )
1437
1438{
1439 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1440 BOOL bRelayAndForward = FALSE;
1441 BOOL bRelayOnly = FALSE;
1442 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1443 WORD wAID;
1444
1445
1446 struct sk_buff* skbcpy = NULL;
1447
1448 if (FrameSize > CB_MAX_BUF_SIZE)
1449 return FALSE;
1450 // check DA
1451 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1452 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1453
1454 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1455
1456 // if any node in PS mode, buffer packet until DTIM.
1457 if (skbcpy == NULL) {
1458 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1459 }
1460 else {
1461 skbcpy->dev = pDevice->dev;
1462 skbcpy->len = FrameSize;
1463 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1464 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1465 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1466 // set tx map
1467 pMgmt->abyPSTxMap[0] |= byMask[0];
1468 }
1469 }
1470 else {
1471 bRelayAndForward = TRUE;
1472 }
1473 }
1474 else {
1475 // check if relay
1476 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1477 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1478 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1479 // queue this skb until next PS tx, and then release.
1480
1481 skb->data += cbHeaderOffset;
1482 skb->tail += cbHeaderOffset;
1483 skb_put(skb, FrameSize);
1484 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1485
1486 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1487 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1488 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1489 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1490 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1491 return TRUE;
1492 }
1493 else {
1494 bRelayOnly = TRUE;
1495 }
1496 }
1497 };
1498 }
1499
1500 if (bRelayOnly || bRelayAndForward) {
1501 // relay this packet right now
1502 if (bRelayAndForward)
1503 iDANodeIndex = 0;
1504
1505 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
cc856e61
AM		 1506 bRelayPacketSend(pDevice, (PBYTE) (skb->data + cbHeaderOffset),
1507 FrameSize, (unsigned int) iDANodeIndex);
92b96797
FB		 1508 }
1509
1510 if (bRelayOnly)
1511 return FALSE;
1512 }
1513 // none associate, don't forward
1514 if (pDevice->uAssocCount == 0)
1515 return FALSE;
1516
1517 return TRUE;
1518}
1519
1520
1521
1522
8611a29a 1523void RXvWorkItem(void *Context)
92b96797
FB		 1524{
1525 PSDevice pDevice = (PSDevice) Context;
1526 NTSTATUS ntStatus;
1527 PRCB pRCB=NULL;
1528
1529 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Polling Thread\n");
1530 spin_lock_irq(&pDevice->lock);
1531 while ( MP_TEST_FLAG(pDevice, fMP_POST_READS) &&
1532 MP_IS_READY(pDevice) &&
1533 (pDevice->NumRecvFreeList != 0) ) {
1534 pRCB = pDevice->FirstRecvFreeList;
1535 pDevice->NumRecvFreeList--;
1536 ASSERT(pRCB);// cannot be NULL
1537 DequeueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList);
1538 ntStatus = PIPEnsBulkInUsbRead(pDevice, pRCB);
1539 }
1540 pDevice->bIsRxWorkItemQueued = FALSE;
1541 spin_unlock_irq(&pDevice->lock);
1542
1543}
1544
1545
8611a29a 1546void
92b96797 1547RXvFreeRCB(
592ccfeb
AM		 1548 PRCB pRCB,
1549 BOOL bReAllocSkb
92b96797
FB		 1550 )
1551{
1552 PSDevice pDevice = (PSDevice)pRCB->pDevice;
1553
1554
1555 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->RXvFreeRCB\n");
1556
1557 ASSERT(!pRCB->Ref); // should be 0
1558 ASSERT(pRCB->pDevice); // shouldn't be NULL
1559
1560 if (bReAllocSkb == TRUE) {
1561 pRCB->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1562 // todo error handling
1563 if (pRCB->skb == NULL) {
1564 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR" Failed to re-alloc rx skb\n");
1565 }else {
1566 pRCB->skb->dev = pDevice->dev;
1567 }
1568 }
1569 //
1570 // Insert the RCB back in the Recv free list
1571 //
1572 EnqueueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList, pRCB);
1573 pDevice->NumRecvFreeList++;
1574
1575
1576 if (MP_TEST_FLAG(pDevice, fMP_POST_READS) && MP_IS_READY(pDevice) &&
1577 (pDevice->bIsRxWorkItemQueued == FALSE) ) {
1578
1579 pDevice->bIsRxWorkItemQueued = TRUE;
1580 tasklet_schedule(&pDevice->ReadWorkItem);
1581 }
1582 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"<----RXFreeRCB %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1583}
1584
1585
8611a29a 1586void RXvMngWorkItem(void *Context)
92b96797
FB		 1587{
1588 PSDevice pDevice = (PSDevice) Context;
1589 PRCB pRCB=NULL;
1590 PSRxMgmtPacket pRxPacket;
1591 BOOL bReAllocSkb = FALSE;
1592
1593 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Mng Thread\n");
1594
1595 spin_lock_irq(&pDevice->lock);
1596 while (pDevice->NumRecvMngList!=0)
1597 {
1598 pRCB = pDevice->FirstRecvMngList;
1599 pDevice->NumRecvMngList--;
1600 DequeueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList);
1601 if(!pRCB){
1602 break;
1603 }
1604 ASSERT(pRCB);// cannot be NULL
1605 pRxPacket = &(pRCB->sMngPacket);
0cbd8d98 1606 vMgrRxManagePacket((void *) pDevice, &(pDevice->sMgmtObj), pRxPacket);
92b96797
FB		 1607 pRCB->Ref--;
1608 if(pRCB->Ref == 0) {
1609 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RxvFreeMng %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1610 RXvFreeRCB(pRCB, bReAllocSkb);
1611 } else {
1612 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Rx Mng Only we have the right to free RCB\n");
1613 }
1614 }
1615
1616 pDevice->bIsRxMngWorkItemQueued = FALSE;
1617 spin_unlock_irq(&pDevice->lock);
1618
1619}
1620
1621
kernel source for telekom puls (alcatel/mediatek)