Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 7bb8dc2d7eb5594ec890e822bb0517446d369698 / . / drivers / staging / vt6655 / dpc.c
blob: acc6d82a9544045ba2f1bae7d8e26f9864f18fbf [file] [log] [blame]
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
41
42#if !defined(__DEVICE_H__)
43#include "device.h"
44#endif
45#if !defined(__RXTX_H__)
46#include "rxtx.h"
47#endif
48#if !defined(__TETHER_H__)
49#include "tether.h"
50#endif
51#if !defined(__CARD_H__)
52#include "card.h"
53#endif
54#if !defined(__BSSDB_H__)
55#include "bssdb.h"
56#endif
57#if !defined(__MAC_H__)
58#include "mac.h"
59#endif
60#if !defined(__BASEBAND_H__)
61#include "baseband.h"
62#endif
63#if !defined(__UMEM_H__)
64#include "umem.h"
65#endif
66#if !defined(__MICHAEL_H__)
67#include "michael.h"
68#endif
69#if !defined(__TKIP_H__)
70#include "tkip.h"
71#endif
72#if !defined(__TCRC_H__)
73#include "tcrc.h"
74#endif
75#if !defined(__WCTL_H__)
76#include "wctl.h"
77#endif
78#if !defined(__WROUTE_H__)
79#include "wroute.h"
80#endif
81#if !defined(__TBIT_H__)
82#include "tbit.h"
83#endif
84#if !defined(__HOSTAP_H__)
85#include "hostap.h"
86#endif
87#if !defined(__RF_H__)
88#include "rf.h"
89#endif
90#if !defined(__IOWPA_H__)
91#include "iowpa.h"
92#endif
93#if !defined(__AES_H__)
94#include "aes_ccmp.h"
95#endif
96
97//#define PLICE_DEBUG
98
99
100/*--------------------- Static Definitions -------------------------*/
101
102/*--------------------- Static Classes ----------------------------*/
103
104/*--------------------- Static Variables --------------------------*/
105//static int msglevel =MSG_LEVEL_DEBUG;
106static int msglevel =MSG_LEVEL_INFO;
107
108const BYTE acbyRxRate[MAX_RATE] =
109{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
110
111
112/*--------------------- Static Functions --------------------------*/
113
114/*--------------------- Static Definitions -------------------------*/
115
116/*--------------------- Static Functions --------------------------*/
117
118static BYTE s_byGetRateIdx(IN BYTE byRate);
119
120
121static
122VOID
123s_vGetDASA(
124 IN PBYTE pbyRxBufferAddr,
125 OUT PUINT pcbHeaderSize,
126 OUT PSEthernetHeader psEthHeader
127 );
128
129static
130VOID
131s_vProcessRxMACHeader (
132 IN PSDevice pDevice,
133 IN PBYTE pbyRxBufferAddr,
134 IN UINT cbPacketSize,
135 IN BOOL bIsWEP,
136 IN BOOL bExtIV,
137 OUT PUINT pcbHeadSize
138 );
139
140static BOOL s_bAPModeRxCtl(
141 IN PSDevice pDevice,
142 IN PBYTE pbyFrame,
143 IN INT iSANodeIndex
144 );
145
146#ifdef PRIVATE_OBJ
147
148static BOOL s_bAPModeRxData (
149 IN PSDevice pDevice,
150 IN ref_sk_buff* skb,
151 IN UINT FrameSize,
152 IN UINT cbHeaderOffset,
153 IN INT iSANodeIndex,
154 IN INT iDANodeIndex
155 );
156#else
157
158static BOOL s_bAPModeRxData (
159 IN PSDevice pDevice,
160 IN struct sk_buff* skb,
161 IN UINT FrameSize,
162 IN UINT cbHeaderOffset,
163 IN INT iSANodeIndex,
164 IN INT iDANodeIndex
165 );
166#endif
167
168
169static BOOL s_bHandleRxEncryption(
170 IN PSDevice pDevice,
171 IN PBYTE pbyFrame,
172 IN UINT FrameSize,
173 IN PBYTE pbyRsr,
174 OUT PBYTE pbyNewRsr,
175 OUT PSKeyItem *pKeyOut,
176 OUT PBOOL pbExtIV,
177 OUT PWORD pwRxTSC15_0,
178 OUT PDWORD pdwRxTSC47_16
179 );
180
181static BOOL s_bHostWepRxEncryption(
182
183 IN PSDevice pDevice,
184 IN PBYTE pbyFrame,
185 IN UINT FrameSize,
186 IN PBYTE pbyRsr,
187 IN BOOL bOnFly,
188 IN PSKeyItem pKey,
189 OUT PBYTE pbyNewRsr,
190 OUT PBOOL pbExtIV,
191 OUT PWORD pwRxTSC15_0,
192 OUT PDWORD pdwRxTSC47_16
193
194 );
195
196/*--------------------- Export Variables --------------------------*/
197
198/*+
199 *
200 * Description:
201 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
202 *
203 * Parameters:
204 * In:
205 * pDevice
206 * dwRxBufferAddr - Address of Rcv Buffer
207 * cbPacketSize - Rcv Packet size
208 * bIsWEP - If Rcv with WEP
209 * Out:
210 * pcbHeaderSize - 802.11 header size
211 *
212 * Return Value: None
213 *
214-*/
215static
216VOID
217s_vProcessRxMACHeader (
218 IN PSDevice pDevice,
219 IN PBYTE pbyRxBufferAddr,
220 IN UINT cbPacketSize,
221 IN BOOL bIsWEP,
222 IN BOOL bExtIV,
223 OUT PUINT pcbHeadSize
224 )
225{
226 PBYTE pbyRxBuffer;
227 UINT cbHeaderSize = 0;
228 PWORD pwType;
229 PS802_11Header pMACHeader;
230 int ii;
231
232
233 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
234
235 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
236
237 if (bIsWEP) {
238 if (bExtIV) {
239 // strip IV&ExtIV , add 8 byte
240 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
241 } else {
242 // strip IV , add 4 byte
243 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
244 }
245 }
246 else {
247 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
248 };
249
250 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
251 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
252 cbHeaderSize += 6;
253 }
254 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
255 cbHeaderSize += 6;
256 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
257 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
258 }
259 else {
260 cbHeaderSize -= 8;
261 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
262 if (bIsWEP) {
263 if (bExtIV) {
264 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
265 } else {
266 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
267 }
268 }
269 else {
270 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
271 }
272 }
273 }
274 else {
275 cbHeaderSize -= 2;
276 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
277 if (bIsWEP) {
278 if (bExtIV) {
279 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
280 } else {
281 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
282 }
283 }
284 else {
285 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
286 }
287 }
288
289 cbHeaderSize -= (U_ETHER_ADDR_LEN * 2);
290 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
291 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
292 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
293 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
294 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
295
296 *pcbHeadSize = cbHeaderSize;
297}
298
299
300
301
302static BYTE s_byGetRateIdx (IN BYTE byRate)
303{
304 BYTE byRateIdx;
305
306 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
307 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
308 return byRateIdx;
309 }
310 return 0;
311}
312
313
314static
315VOID
316s_vGetDASA (
317 IN PBYTE pbyRxBufferAddr,
318 OUT PUINT pcbHeaderSize,
319 OUT PSEthernetHeader psEthHeader
320 )
321{
322 UINT cbHeaderSize = 0;
323 PS802_11Header pMACHeader;
324 int ii;
325
326 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
327
328 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
329 if (pMACHeader->wFrameCtl & FC_FROMDS) {
330 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
331 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
332 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
333 }
334 }
335 else {
336 // IBSS mode
337 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
338 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
339 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
340 }
341 }
342 }
343 else {
344 // Is AP mode..
345 if (pMACHeader->wFrameCtl & FC_FROMDS) {
346 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
347 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
348 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
349 cbHeaderSize += 6;
350 }
351 }
352 else {
353 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
354 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
355 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
356 }
357 }
358 };
359 *pcbHeaderSize = cbHeaderSize;
360}
361
362
363
364
365//PLICE_DEBUG ->
366
367VOID MngWorkItem(PVOID Context)
368{
369 PSRxMgmtPacket pRxMgmtPacket;
370 PSDevice pDevice = (PSDevice) Context;
371 //printk("Enter MngWorkItem,Queue packet num is %d\n",pDevice->rxManeQueue.packet_num);
372 spin_lock_irq(&pDevice->lock);
373 while(pDevice->rxManeQueue.packet_num != 0)
374 {
375 pRxMgmtPacket = DeQueue(pDevice);
376 vMgrRxManagePacket(pDevice, pDevice->pMgmt, pRxMgmtPacket);
377 }
378 spin_unlock_irq(&pDevice->lock);
379}
380
381
382//PLICE_DEBUG<-
383
384
385
386BOOL
387device_receive_frame (
388 IN PSDevice pDevice,
389 IN PSRxDesc pCurrRD
390 )
391{
392
393 PDEVICE_RD_INFO pRDInfo = pCurrRD->pRDInfo;
394#ifdef PLICE_DEBUG
395 //printk("device_receive_frame:pCurrRD is %x,pRDInfo is %x\n",pCurrRD,pCurrRD->pRDInfo);
396#endif
397 struct net_device_stats* pStats=&pDevice->stats;
398#ifdef PRIVATE_OBJ
399 ref_sk_buff* skb;
400#else
401 struct sk_buff* skb;
402#endif
403 PSMgmtObject pMgmt = pDevice->pMgmt;
404 PSRxMgmtPacket pRxPacket = &(pDevice->pMgmt->sRxPacket);
405 PS802_11Header p802_11Header;
406 PBYTE pbyRsr;
407 PBYTE pbyNewRsr;
408 PBYTE pbyRSSI;
409 PQWORD pqwTSFTime;
410 PWORD pwFrameSize;
411 PBYTE pbyFrame;
412 BOOL bDeFragRx = FALSE;
413 BOOL bIsWEP = FALSE;
414 UINT cbHeaderOffset;
415 UINT FrameSize;
416 WORD wEtherType = 0;
417 INT iSANodeIndex = -1;
418 INT iDANodeIndex = -1;
419 UINT ii;
420 UINT cbIVOffset;
421 BOOL bExtIV = FALSE;
422 PBYTE pbyRxSts;
423 PBYTE pbyRxRate;
424 PBYTE pbySQ;
425 UINT cbHeaderSize;
426 PSKeyItem pKey = NULL;
427 WORD wRxTSC15_0 = 0;
428 DWORD dwRxTSC47_16 = 0;
429 SKeyItem STempKey;
430 // 802.11h RPI
431 DWORD dwDuration = 0;
432 LONG ldBm = 0;
433 LONG ldBmThreshold = 0;
434 PS802_11Header pMACHeader;
435 BOOL bRxeapol_key = FALSE;
436
437// DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- device_receive_frame---\n");
438#ifdef PRIVATE_OBJ
439 skb = &(pRDInfo->ref_skb);
440#else
441
442 skb = pRDInfo->skb;
443#endif
444
445
446//PLICE_DEBUG->
447#if 1
448 pci_unmap_single(pDevice->pcid, pRDInfo->skb_dma,
449 pDevice->rx_buf_sz, PCI_DMA_FROMDEVICE);
450#endif
451//PLICE_DEBUG<-
452 pwFrameSize = (PWORD)(skb->data + 2);
453 FrameSize = cpu_to_le16(pCurrRD->m_rd1RD1.wReqCount) - cpu_to_le16(pCurrRD->m_rd0RD0.wResCount);
454
455 // Max: 2312Payload + 30HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
456 // Min (ACK): 10HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
457 if ((FrameSize > 2364)||(FrameSize <= 32)) {
458 // Frame Size error drop this packet.
459 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
460 return FALSE;
461 }
462
463 pbyRxSts = (PBYTE) (skb->data);
464 pbyRxRate = (PBYTE) (skb->data + 1);
465 pbyRsr = (PBYTE) (skb->data + FrameSize - 1);
466 pbyRSSI = (PBYTE) (skb->data + FrameSize - 2);
467 pbyNewRsr = (PBYTE) (skb->data + FrameSize - 3);
468 pbySQ = (PBYTE) (skb->data + FrameSize - 4);
469 pqwTSFTime = (PQWORD) (skb->data + FrameSize - 12);
470 pbyFrame = (PBYTE)(skb->data + 4);
471
472 // get packet size
473 FrameSize = cpu_to_le16(*pwFrameSize);
474
475 if ((FrameSize > 2346)|(FrameSize < 14)) { // Max: 2312Payload + 30HD +4CRC
476 // Min: 14 bytes ACK
477 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
478 return FALSE;
479 }
480//PLICE_DEBUG->
481#if 1
482 // update receive statistic counter
483 STAvUpdateRDStatCounter(&pDevice->scStatistic,
484 *pbyRsr,
485 *pbyNewRsr,
486 *pbyRxRate,
487 pbyFrame,
488 FrameSize);
489
490#endif
491
492 pMACHeader=(PS802_11Header)((PBYTE) (skb->data)+8);
493//PLICE_DEBUG<-
494 if (pDevice->bMeasureInProgress == TRUE) {
495 if ((*pbyRsr & RSR_CRCOK) != 0) {
496 pDevice->byBasicMap |= 0x01;
497 }
498 dwDuration = (FrameSize << 4);
499 dwDuration /= acbyRxRate[*pbyRxRate%MAX_RATE];
500 if (*pbyRxRate <= RATE_11M) {
501 if (BITbIsBitOn(*pbyRxSts, 0x01)) {
502 // long preamble
503 dwDuration += 192;
504 } else {
505 // short preamble
506 dwDuration += 96;
507 }
508 } else {
509 dwDuration += 16;
510 }
511 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
512 ldBmThreshold = -57;
513 for (ii = 7; ii > 0;) {
514 if (ldBm > ldBmThreshold) {
515 break;
516 }
517 ldBmThreshold -= 5;
518 ii--;
519 }
520 pDevice->dwRPIs[ii] += dwDuration;
521 return FALSE;
522 }
523
524 if (!IS_MULTICAST_ADDRESS(pbyFrame) && !IS_BROADCAST_ADDRESS(pbyFrame)) {
525 if (WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) (skb->data + 4))) {
526 pDevice->s802_11Counter.FrameDuplicateCount++;
527 return FALSE;
528 }
529 }
530
531
532 // Use for TKIP MIC
533 s_vGetDASA(skb->data+4, &cbHeaderSize, &pDevice->sRxEthHeader);
534
535 // filter packet send from myself
536 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
537 return FALSE;
538
539 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
540 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
541 p802_11Header = (PS802_11Header) (pbyFrame);
542 // get SA NodeIndex
543 if (BSSDBbIsSTAInNodeDB(pMgmt, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
544#ifdef PRIVATE_OBJ
545 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = get_jiffies();
546#else
547 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
548#endif
549 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
550 }
551 }
552 }
553
554 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
555 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
556 return FALSE;
557 }
558 }
559 if (IS_FC_WEP(pbyFrame)) {
560 BOOL bRxDecryOK = FALSE;
561
562 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
563 bIsWEP = TRUE;
564 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
565 pKey = &STempKey;
566 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
567 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
568 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
569 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
570 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
571 memcpy(pKey->abyKey,
572 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
573 pKey->uKeyLength
574 );
575
576 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
577 pbyFrame,
578 FrameSize,
579 pbyRsr,
580 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
581 pKey,
582 pbyNewRsr,
583 &bExtIV,
584 &wRxTSC15_0,
585 &dwRxTSC47_16);
586 } else {
587 bRxDecryOK = s_bHandleRxEncryption(pDevice,
588 pbyFrame,
589 FrameSize,
590 pbyRsr,
591 pbyNewRsr,
592 &pKey,
593 &bExtIV,
594 &wRxTSC15_0,
595 &dwRxTSC47_16);
596 }
597
598 if (bRxDecryOK) {
599 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
600 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
601 if ( (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
602 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
603 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
604 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
605 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
606
607 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
608 pDevice->s802_11Counter.TKIPICVErrors++;
609 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
610 pDevice->s802_11Counter.CCMPDecryptErrors++;
611 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
612// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
613 }
614 }
615 return FALSE;
616 }
617 } else {
618 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
619 return FALSE;
620 }
621 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
622 FrameSize -= 8; // Message Integrity Code
623 else
624 FrameSize -= 4; // 4 is ICV
625 }
626
627
628 //
629 // RX OK
630 //
631 //remove the CRC length
632 FrameSize -= U_CRC_LEN;
633
634 if ((BITbIsAllBitsOff(*pbyRsr, (RSR_ADDRBROAD | RSR_ADDRMULTI))) && // unicast address
635 (IS_FRAGMENT_PKT((skb->data+4)))
636 ) {
637 // defragment
638 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (skb->data+4), FrameSize, bIsWEP, bExtIV);
639 pDevice->s802_11Counter.ReceivedFragmentCount++;
640 if (bDeFragRx) {
641 // defrag complete
642#ifdef PRIVATE_OBJ
643 skb = &(pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].ref_skb);
644#else
645 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
646#endif
647 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
648
649 }
650 else {
651 return FALSE;
652 }
653 }
654
655
656// Management & Control frame Handle
657 if ((IS_TYPE_DATA((skb->data+4))) == FALSE) {
658 // Handle Control & Manage Frame
659
660 if (IS_TYPE_MGMT((skb->data+4))) {
661 PBYTE pbyData1;
662 PBYTE pbyData2;
663
664 pRxPacket->p80211Header = (PUWLAN_80211HDR)(skb->data+4);
665 pRxPacket->cbMPDULen = FrameSize;
666 pRxPacket->uRSSI = *pbyRSSI;
667 pRxPacket->bySQ = *pbySQ;
668 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
669 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
670 if (bIsWEP) {
671 // strip IV
672 pbyData1 = WLAN_HDR_A3_DATA_PTR(skb->data+4);
673 pbyData2 = WLAN_HDR_A3_DATA_PTR(skb->data+4) + 4;
674 for (ii = 0; ii < (FrameSize - 4); ii++) {
675 *pbyData1 = *pbyData2;
676 pbyData1++;
677 pbyData2++;
678 }
679 }
680 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
681 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
682//PLICE_DEBUG->
683//EnQueue(pDevice,pRxPacket);
684
685#ifdef THREAD
686 EnQueue(pDevice,pRxPacket);
687
688 //printk("enque time is %x\n",jiffies);
689 //up(&pDevice->mlme_semaphore);
690 //Enque (pDevice->FirstRecvMngList,pDevice->LastRecvMngList,pMgmt);
691#else
692
693#ifdef TASK_LET
694 EnQueue(pDevice,pRxPacket);
695 tasklet_schedule(&pDevice->RxMngWorkItem);
696#else
697//printk("RxMan\n");
698 vMgrRxManagePacket((HANDLE)pDevice, pDevice->pMgmt, pRxPacket);
699 //tasklet_schedule(&pDevice->RxMngWorkItem);
700#endif
701
702#endif
703//PLICE_DEBUG<-
704 //vMgrRxManagePacket((HANDLE)pDevice, pDevice->pMgmt, pRxPacket);
705 // hostap Deamon handle 802.11 management
706 if (pDevice->bEnableHostapd) {
707 skb->dev = pDevice->apdev;
708#ifdef PRIVATE_OBJ
709 ref_skb_add_offset(skb->skb, 4);
710 ref_skb_set_dev(pDevice->apdev, skb->skb);
711 skb_put(skb->skb, FrameSize);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]712 skb->mac_header = skb->data;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]713 *(skb->pkt_type) = PACKET_OTHERHOST;
714 *(skb->protocol) = htons(ETH_P_802_2);
715 memset(skb->cb, 0, sizeof(skb->cb));
716 netif_rx(skb->skb);
717#else
718 skb->data += 4;
719 skb->tail += 4;
720 skb_put(skb, FrameSize);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]721 skb->mac_header = skb->data;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]722 skb->pkt_type = PACKET_OTHERHOST;
723 skb->protocol = htons(ETH_P_802_2);
724 memset(skb->cb, 0, sizeof(skb->cb));
725 netif_rx(skb);
726#endif
727 return TRUE;
728 }
729 }
730 else {
731 // Control Frame
732 };
733 return FALSE;
734 }
735 else {
736 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
737 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
738 if (BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
739 if (bDeFragRx) {
740 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
741 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
742 pDevice->dev->name);
743 }
744 }
745 return FALSE;
746 }
747 }
748 else {
749 // discard DATA packet while not associate || BSSID error
750 if ((pDevice->bLinkPass == FALSE) ||
751 BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
752 if (bDeFragRx) {
753 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
754 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
755 pDevice->dev->name);
756 }
757 }
758 return FALSE;
759 }
760
761 //mike add:station mode check eapol-key challenge--->
762 {
763 BYTE Protocol_Version; //802.1x Authentication
764 BYTE Packet_Type; //802.1x Authentication
765 if (bIsWEP)
766 cbIVOffset = 8;
767 else
768 cbIVOffset = 0;
769 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
770 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
771 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
772 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
773 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
774 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
775 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
776 bRxeapol_key = TRUE;
777 }
778 }
779 }
780 //mike add:station mode check eapol-key challenge<---
781 }
782 }
783
784// Data frame Handle
785
786 if (pDevice->bEnablePSMode) {
787 if (IS_FC_MOREDATA((skb->data+4))) {
788 if (BITbIsBitOn(*pbyRsr, RSR_ADDROK)) {
789 //PSbSendPSPOLL((PSDevice)pDevice);
790 }
791 }
792 else {
793 if (pDevice->pMgmt->bInTIMWake == TRUE) {
794 pDevice->pMgmt->bInTIMWake = FALSE;
795 }
796 }
797 };
798
799 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
800 if (pDevice->bDiversityEnable && (FrameSize>50) &&
801 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
802 (pDevice->bLinkPass == TRUE)) {
803 //printk("device_receive_frame: RxRate is %d\n",*pbyRxRate);
804 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
805 }
806
807
808 if (pDevice->byLocalID != REV_ID_VT3253_B1) {
809 pDevice->uCurrRSSI = *pbyRSSI;
810 }
811 pDevice->byCurrSQ = *pbySQ;
812
813 if ((*pbyRSSI != 0) &&
814 (pMgmt->pCurrBSS!=NULL)) {
815 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
816 // Moniter if RSSI is too strong.
817 pMgmt->pCurrBSS->byRSSIStatCnt++;
818 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
819 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
820 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
821 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
822 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
823 }
824 }
825 }
826
827 // -----------------------------------------------
828
829 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
830 BYTE abyMacHdr[24];
831
832 // Only 802.1x packet incoming allowed
833 if (bIsWEP)
834 cbIVOffset = 8;
835 else
836 cbIVOffset = 0;
837 wEtherType = (skb->data[cbIVOffset + 4 + 24 + 6] << 8) |
838 skb->data[cbIVOffset + 4 + 24 + 6 + 1];
839
840 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
841 if (wEtherType == ETH_P_PAE) {
842 skb->dev = pDevice->apdev;
843
844 if (bIsWEP == TRUE) {
845 // strip IV header(8)
846 memcpy(&abyMacHdr[0], (skb->data + 4), 24);
847 memcpy((skb->data + 4 + cbIVOffset), &abyMacHdr[0], 24);
848 }
849#ifdef PRIVATE_OBJ
850 ref_skb_add_offset(skb->skb, (cbIVOffset + 4));
851 ref_skb_set_dev(pDevice->apdev, skb->skb);
852 skb_put(skb->skb, FrameSize);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]853 skb->mac_header = skb->data;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]854 *(skb->pkt_type) = PACKET_OTHERHOST;
855 *(skb->protocol) = htons(ETH_P_802_2);
856 memset(skb->cb, 0, sizeof(skb->cb));
857 netif_rx(skb->skb);
858#else
859 skb->data += (cbIVOffset + 4);
860 skb->tail += (cbIVOffset + 4);
861 skb_put(skb, FrameSize);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]862 skb->mac_header = skb->data;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]863
864 skb->pkt_type = PACKET_OTHERHOST;
865 skb->protocol = htons(ETH_P_802_2);
866 memset(skb->cb, 0, sizeof(skb->cb));
867 netif_rx(skb);
868#endif
869 return TRUE;
870
871}
872 // check if 802.1x authorized
873 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
874 return FALSE;
875 }
876
877
878 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
879 if (bIsWEP) {
880 FrameSize -= 8; //MIC
881 }
882 }
883
884 //--------------------------------------------------------------------------------
885 // Soft MIC
886 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
887 if (bIsWEP) {
888 PDWORD pdwMIC_L;
889 PDWORD pdwMIC_R;
890 DWORD dwMIC_Priority;
891 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
892 DWORD dwLocalMIC_L = 0;
893 DWORD dwLocalMIC_R = 0;
894 viawget_wpa_header *wpahdr;
895
896
897 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
898 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
899 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
900 }
901 else {
902 if (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
903 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
904 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
905 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
906 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
907 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
908 } else {
909 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
910 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
911 }
912 }
913
914 MIC_vInit(dwMICKey0, dwMICKey1);
915 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
916 dwMIC_Priority = 0;
917 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
918 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
919 MIC_vAppend((PBYTE)(skb->data + 4 + WLAN_HDR_ADDR3_LEN + 8),
920 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
921 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
922 MIC_vUnInit();
923
924 pdwMIC_L = (PDWORD)(skb->data + 4 + FrameSize);
925 pdwMIC_R = (PDWORD)(skb->data + 4 + FrameSize + 4);
926 //DBG_PRN_GRP12(("RxL: %lx, RxR: %lx\n", *pdwMIC_L, *pdwMIC_R));
927 //DBG_PRN_GRP12(("LocalL: %lx, LocalR: %lx\n", dwLocalMIC_L, dwLocalMIC_R));
928 //DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"dwMICKey0= %lx,dwMICKey1= %lx \n", dwMICKey0, dwMICKey1);
929
930
931 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
932 (pDevice->bRxMICFail == TRUE)) {
933 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
934 pDevice->bRxMICFail = FALSE;
935 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
936 pDevice->s802_11Counter.TKIPLocalMICFailures++;
937 if (bDeFragRx) {
938 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
939 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
940 pDevice->dev->name);
941 }
942 }
943
944//2008-0409-07, <Add> by Einsn Liu
945 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
946 //send event to wpa_supplicant
947 //if(pDevice->bWPADevEnable == TRUE)
948 {
949 union iwreq_data wrqu;
950 struct iw_michaelmicfailure ev;
951 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
952 memset(&ev, 0, sizeof(ev));
953 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
954 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
955 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
956 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
957 ev.flags |= IW_MICFAILURE_PAIRWISE;
958 } else {
959 ev.flags |= IW_MICFAILURE_GROUP;
960 }
961
962 ev.src_addr.sa_family = ARPHRD_ETHER;
963 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
964 memset(&wrqu, 0, sizeof(wrqu));
965 wrqu.data.length = sizeof(ev);
966 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
967
968 }
969 #endif
970 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
971 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
972 if ((pDevice->pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
973 (pDevice->pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
974 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
975 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
976 wpahdr->type = VIAWGET_PTK_MIC_MSG;
977 } else {
978 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
979 wpahdr->type = VIAWGET_GTK_MIC_MSG;
980 }
981 wpahdr->resp_ie_len = 0;
982 wpahdr->req_ie_len = 0;
983 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
984 pDevice->skb->dev = pDevice->wpadev;
Forest Bond7bb8dc22009-06-01 20:00:35 -0400[diff] [blame^]985 pDevice->skb->mac_header = pDevice->skb->data;
986 pDevice->skb->pkt_type = PACKET_HOST;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]987 pDevice->skb->protocol = htons(ETH_P_802_2);
988 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
989 netif_rx(pDevice->skb);
990 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
991 };
992
993 return FALSE;
994
995 }
996 }
997 } //---end of SOFT MIC-----------------------------------------------------------------------
998
999 // ++++++++++ Reply Counter Check +++++++++++++
1000
1001 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
1002 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
1003 if (bIsWEP) {
1004 WORD wLocalTSC15_0 = 0;
1005 DWORD dwLocalTSC47_16 = 0;
1006 ULONGLONG RSC = 0;
1007 // endian issues
1008 RSC = *((ULONGLONG *) &(pKey->KeyRSC));
1009 wLocalTSC15_0 = (WORD) RSC;
1010 dwLocalTSC47_16 = (DWORD) (RSC>>16);
1011
1012 RSC = dwRxTSC47_16;
1013 RSC <<= 16;
1014 RSC += wRxTSC15_0;
1015 MEMvCopy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
1016
1017 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
1018 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
1019 // check RSC
1020 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
1021 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
1022 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
1023 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
1024 if (pKey->byCipherSuite == KEY_CTL_TKIP)
1025 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
1026 pDevice->s802_11Counter.TKIPReplays++;
1027 else
1028 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
1029 pDevice->s802_11Counter.CCMPReplays++;
1030
1031 if (bDeFragRx) {
1032 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1033 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1034 pDevice->dev->name);
1035 }
1036 }
1037 return FALSE;
1038 }
1039 }
1040 }
1041 } // ----- End of Reply Counter Check --------------------------
1042
1043
1044
1045 if ((pKey != NULL) && (bIsWEP)) {
1046// pDevice->s802_11Counter.DecryptSuccessCount.QuadPart++;
1047 }
1048
1049
1050 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+4), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
1051 FrameSize -= cbHeaderOffset;
1052 cbHeaderOffset += 4; // 4 is Rcv buffer header
1053
1054 // Null data, framesize = 14
1055 if (FrameSize < 15)
1056 return FALSE;
1057
1058 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1059 if (s_bAPModeRxData(pDevice,
1060 skb,
1061 FrameSize,
1062 cbHeaderOffset,
1063 iSANodeIndex,
1064 iDANodeIndex
1065 ) == FALSE) {
1066
1067 if (bDeFragRx) {
1068 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1069 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1070 pDevice->dev->name);
1071 }
1072 }
1073 return FALSE;
1074 }
1075
1076// if(pDevice->bRxMICFail == FALSE) {
1077// for (ii =0; ii < 100; ii++)
1078// printk(" %02x", *(skb->data + ii));
1079// printk("\n");
1080// }
1081
1082 }
1083
1084#ifdef PRIVATE_OBJ
1085 ref_skb_add_offset(skb->skb, cbHeaderOffset);
1086 skb_put(skb->skb, FrameSize);
1087 *(skb->protocol)=eth_type_trans(skb->skb, skb->dev);
1088
1089#else
1090 skb->data += cbHeaderOffset;
1091 skb->tail += cbHeaderOffset;
1092 skb_put(skb, FrameSize);
1093 skb->protocol=eth_type_trans(skb, skb->dev);
1094#endif
1095
1096
1097 //drop frame not met IEEE 802.3
1098/*
1099 if (pDevice->flags & DEVICE_FLAGS_VAL_PKT_LEN) {
1100#ifdef PRIVATE_OBJ
1101 if ((*(skb->protocol)==htons(ETH_P_802_3)) &&
1102 (*(skb->len)!=htons(skb->mac.ethernet->h_proto))) {
1103#else
1104 if ((skb->protocol==htons(ETH_P_802_3)) &&
1105 (skb->len!=htons(skb->mac.ethernet->h_proto))) {
1106#endif
1107 pStats->rx_length_errors++;
1108 pStats->rx_dropped++;
1109 if (bDeFragRx) {
1110 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1111 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1112 pDevice->dev->name);
1113 }
1114 }
1115 return FALSE;
1116 }
1117 }
1118*/
1119
1120#ifdef PRIVATE_OBJ
1121 *(skb->ip_summed)=CHECKSUM_NONE;
1122 pStats->rx_bytes +=*(skb->len);
1123 pStats->rx_packets++;
1124 netif_rx(skb->skb);
1125#else
1126 skb->ip_summed=CHECKSUM_NONE;
1127 pStats->rx_bytes +=skb->len;
1128 pStats->rx_packets++;
1129 netif_rx(skb);
1130#endif
1131
1132 if (bDeFragRx) {
1133 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1134 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1135 pDevice->dev->name);
1136 }
1137 return FALSE;
1138 }
1139 return TRUE;
1140}
1141
1142
1143static BOOL s_bAPModeRxCtl (
1144 IN PSDevice pDevice,
1145 IN PBYTE pbyFrame,
1146 IN INT iSANodeIndex
1147 )
1148{
1149 PS802_11Header p802_11Header;
1150 CMD_STATUS Status;
1151 PSMgmtObject pMgmt = pDevice->pMgmt;
1152
1153
1154 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1155
1156 p802_11Header = (PS802_11Header) (pbyFrame);
1157 if (!IS_TYPE_MGMT(pbyFrame)) {
1158
1159 // Data & PS-Poll packet
1160 // check frame class
1161 if (iSANodeIndex > 0) {
1162 // frame class 3 fliter & checking
1163 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1164 // send deauth notification
1165 // reason = (6) class 2 received from nonauth sta
1166 vMgrDeAuthenBeginSta(pDevice,
1167 pMgmt,
1168 (PBYTE)(p802_11Header->abyAddr2),
1169 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1170 &Status
1171 );
1172 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1173 return TRUE;
1174 };
1175 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1176 // send deassoc notification
1177 // reason = (7) class 3 received from nonassoc sta
1178 vMgrDisassocBeginSta(pDevice,
1179 pMgmt,
1180 (PBYTE)(p802_11Header->abyAddr2),
1181 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1182 &Status
1183 );
1184 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1185 return TRUE;
1186 };
1187
1188 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1189 // delcare received ps-poll event
1190 if (IS_CTL_PSPOLL(pbyFrame)) {
1191 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1192 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1193 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1194 }
1195 else {
1196 // check Data PS state
1197 // if PW bit off, send out all PS bufferring packets.
1198 if (!IS_FC_POWERMGT(pbyFrame)) {
1199 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1200 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1201 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1202 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1203 }
1204 }
1205 }
1206 else {
1207 if (IS_FC_POWERMGT(pbyFrame)) {
1208 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1209 // Once if STA in PS state, enable multicast bufferring
1210 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1211 }
1212 else {
1213 // clear all pending PS frame.
1214 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1215 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1216 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1217 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1218 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1219
1220 }
1221 }
1222 }
1223 }
1224 else {
1225 vMgrDeAuthenBeginSta(pDevice,
1226 pMgmt,
1227 (PBYTE)(p802_11Header->abyAddr2),
1228 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1229 &Status
1230 );
1231 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1232 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
1233 p802_11Header->abyAddr3[0],
1234 p802_11Header->abyAddr3[1],
1235 p802_11Header->abyAddr3[2],
1236 p802_11Header->abyAddr3[3],
1237 p802_11Header->abyAddr3[4],
1238 p802_11Header->abyAddr3[5]
1239 );
1240 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
1241 p802_11Header->abyAddr2[0],
1242 p802_11Header->abyAddr2[1],
1243 p802_11Header->abyAddr2[2],
1244 p802_11Header->abyAddr2[3],
1245 p802_11Header->abyAddr2[4],
1246 p802_11Header->abyAddr2[5]
1247 );
1248 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
1249 p802_11Header->abyAddr1[0],
1250 p802_11Header->abyAddr1[1],
1251 p802_11Header->abyAddr1[2],
1252 p802_11Header->abyAddr1[3],
1253 p802_11Header->abyAddr1[4],
1254 p802_11Header->abyAddr1[5]
1255 );
1256 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1257 VNSvInPortB(pDevice->PortOffset + MAC_REG_RCR, &(pDevice->byRxMode));
1258 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc:pDevice->byRxMode = %x\n", pDevice->byRxMode );
1259 return TRUE;
1260 }
1261 }
1262 }
1263 return FALSE;
1264
1265}
1266
1267static BOOL s_bHandleRxEncryption (
1268 IN PSDevice pDevice,
1269 IN PBYTE pbyFrame,
1270 IN UINT FrameSize,
1271 IN PBYTE pbyRsr,
1272 OUT PBYTE pbyNewRsr,
1273 OUT PSKeyItem *pKeyOut,
1274 OUT PBOOL pbExtIV,
1275 OUT PWORD pwRxTSC15_0,
1276 OUT PDWORD pdwRxTSC47_16
1277 )
1278{
1279 UINT PayloadLen = FrameSize;
1280 PBYTE pbyIV;
1281 BYTE byKeyIdx;
1282 PSKeyItem pKey = NULL;
1283 BYTE byDecMode = KEY_CTL_WEP;
1284 PSMgmtObject pMgmt = pDevice->pMgmt;
1285
1286
1287 *pwRxTSC15_0 = 0;
1288 *pdwRxTSC47_16 = 0;
1289
1290 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1291 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1292 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1293 pbyIV += 6; // 6 is 802.11 address4
1294 PayloadLen -= 6;
1295 }
1296 byKeyIdx = (*(pbyIV+3) & 0xc0);
1297 byKeyIdx >>= 6;
1298 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1299
1300 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1301 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1302 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1303 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1304 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1305 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1306 (pDevice->pMgmt->byCSSPK != KEY_CTL_NONE)) {
1307 // unicast pkt use pairwise key
1308 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1309 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1310 if (pDevice->pMgmt->byCSSPK == KEY_CTL_TKIP)
1311 byDecMode = KEY_CTL_TKIP;
1312 else if (pDevice->pMgmt->byCSSPK == KEY_CTL_CCMP)
1313 byDecMode = KEY_CTL_CCMP;
1314 }
1315 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1316 } else {
1317 // use group key
1318 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1319 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1320 byDecMode = KEY_CTL_TKIP;
1321 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1322 byDecMode = KEY_CTL_CCMP;
1323 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1324 }
1325 }
1326 // our WEP only support Default Key
1327 if (pKey == NULL) {
1328 // use default group key
1329 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1330 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1331 byDecMode = KEY_CTL_TKIP;
1332 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1333 byDecMode = KEY_CTL_CCMP;
1334 }
1335 *pKeyOut = pKey;
1336
1337 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
1338
1339 if (pKey == NULL) {
1340 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1341 if (byDecMode == KEY_CTL_WEP) {
1342// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1343 } else if (pDevice->bLinkPass == TRUE) {
1344// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1345 }
1346 return FALSE;
1347 }
1348 if (byDecMode != pKey->byCipherSuite) {
1349 if (byDecMode == KEY_CTL_WEP) {
1350// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1351 } else if (pDevice->bLinkPass == TRUE) {
1352// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1353 }
1354 *pKeyOut = NULL;
1355 return FALSE;
1356 }
1357 if (byDecMode == KEY_CTL_WEP) {
1358 // handle WEP
1359 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1360 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1361 // Software WEP
1362 // 1. 3253A
1363 // 2. WEP 256
1364
1365 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1366 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1367 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1368 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1369 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1370
1371 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1372 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1373 }
1374 }
1375 } else if ((byDecMode == KEY_CTL_TKIP) ||
1376 (byDecMode == KEY_CTL_CCMP)) {
1377 // TKIP/AES
1378
1379 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1380 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1381 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1382 if (byDecMode == KEY_CTL_TKIP) {
1383 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1384 } else {
1385 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1386 }
1387 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1388
1389 if ((byDecMode == KEY_CTL_TKIP) &&
1390 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1391 // Software TKIP
1392 // 1. 3253 A
1393 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1394 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1395 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1396 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1397 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1398 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1399 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1400 } else {
1401 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1402 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1403 }
1404 }
1405 }// end of TKIP/AES
1406
1407 if ((*(pbyIV+3) & 0x20) != 0)
1408 *pbExtIV = TRUE;
1409 return TRUE;
1410}
1411
1412
1413static BOOL s_bHostWepRxEncryption (
1414 IN PSDevice pDevice,
1415 IN PBYTE pbyFrame,
1416 IN UINT FrameSize,
1417 IN PBYTE pbyRsr,
1418 IN BOOL bOnFly,
1419 IN PSKeyItem pKey,
1420 OUT PBYTE pbyNewRsr,
1421 OUT PBOOL pbExtIV,
1422 OUT PWORD pwRxTSC15_0,
1423 OUT PDWORD pdwRxTSC47_16
1424 )
1425{
1426 UINT PayloadLen = FrameSize;
1427 PBYTE pbyIV;
1428 BYTE byKeyIdx;
1429 BYTE byDecMode = KEY_CTL_WEP;
1430 PS802_11Header pMACHeader;
1431
1432
1433
1434 *pwRxTSC15_0 = 0;
1435 *pdwRxTSC47_16 = 0;
1436
1437 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1438 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1439 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1440 pbyIV += 6; // 6 is 802.11 address4
1441 PayloadLen -= 6;
1442 }
1443 byKeyIdx = (*(pbyIV+3) & 0xc0);
1444 byKeyIdx >>= 6;
1445 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1446
1447
1448 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1449 byDecMode = KEY_CTL_TKIP;
1450 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1451 byDecMode = KEY_CTL_CCMP;
1452
1453 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
1454
1455 if (byDecMode != pKey->byCipherSuite) {
1456 if (byDecMode == KEY_CTL_WEP) {
1457// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1458 } else if (pDevice->bLinkPass == TRUE) {
1459// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1460 }
1461 return FALSE;
1462 }
1463
1464 if (byDecMode == KEY_CTL_WEP) {
1465 // handle WEP
1466 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1467 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1468 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1469 (bOnFly == FALSE)) {
1470 // Software WEP
1471 // 1. 3253A
1472 // 2. WEP 256
1473 // 3. NotOnFly
1474
1475 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1476 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1477 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1478 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1479 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1480
1481 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1482 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1483 }
1484 }
1485 } else if ((byDecMode == KEY_CTL_TKIP) ||
1486 (byDecMode == KEY_CTL_CCMP)) {
1487 // TKIP/AES
1488
1489 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1490 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1491 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1492
1493 if (byDecMode == KEY_CTL_TKIP) {
1494 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1495 } else {
1496 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1497 }
1498 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1499
1500 if (byDecMode == KEY_CTL_TKIP) {
1501 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1502 // Software TKIP
1503 // 1. 3253 A
1504 // 2. NotOnFly
1505 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1506 pMACHeader = (PS802_11Header) (pbyFrame);
1507 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1508 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1509 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1510 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1511 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1512 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1513 } else {
1514 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1515 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1516 }
1517 }
1518 }
1519
1520 if (byDecMode == KEY_CTL_CCMP) {
1521 if (bOnFly == FALSE) {
1522 // Software CCMP
1523 // NotOnFly
1524 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1525 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1526 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1527 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1528 } else {
1529 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1530 }
1531 }
1532 }
1533
1534 }// end of TKIP/AES
1535
1536 if ((*(pbyIV+3) & 0x20) != 0)
1537 *pbExtIV = TRUE;
1538 return TRUE;
1539}
1540
1541
1542
1543
1544#ifdef PRIVATE_OBJ
1545
1546static BOOL s_bAPModeRxData (
1547 IN PSDevice pDevice,
1548 IN ref_sk_buff* skb,
1549 IN UINT FrameSize,
1550 IN UINT cbHeaderOffset,
1551 IN INT iSANodeIndex,
1552 IN INT iDANodeIndex
1553 )
1554
1555#else
1556
1557static BOOL s_bAPModeRxData (
1558 IN PSDevice pDevice,
1559 IN struct sk_buff* skb,
1560 IN UINT FrameSize,
1561 IN UINT cbHeaderOffset,
1562 IN INT iSANodeIndex,
1563 IN INT iDANodeIndex
1564 )
1565#endif
1566{
1567 PSMgmtObject pMgmt = pDevice->pMgmt;
1568 BOOL bRelayAndForward = FALSE;
1569 BOOL bRelayOnly = FALSE;
1570 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1571 WORD wAID;
1572#ifdef PRIVATE_OBJ
1573 struct sk_buff* tmp_skb;
1574 ref_sk_buff s_ref_skb;
1575 ref_sk_buff* skbcpy = &s_ref_skb;
1576#else
1577 struct sk_buff* skbcpy = NULL;
1578#endif
1579
1580
1581
1582 if (FrameSize > CB_MAX_BUF_SIZE)
1583 return FALSE;
1584 // check DA
1585 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1586 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1587
1588#ifdef PRIVATE_OBJ
1589 tmp_skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1590 skbcpy = &s_ref_skb;
1591 ref_skb_remap(pDevice->dev, skbcpy, tmp_skb);
1592#else
1593 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1594#endif
1595 // if any node in PS mode, buffer packet until DTIM.
1596 if (skbcpy == NULL) {
1597 DEVICE_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1598 }
1599 else {
1600 skbcpy->dev = pDevice->dev;
1601#ifdef PRIVATE_OBJ
1602 *(skbcpy->len) = FrameSize;
1603 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1604 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy->skb);
1605#else
1606 skbcpy->len = FrameSize;
1607 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1608 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1609#endif
1610 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1611 // set tx map
1612 pMgmt->abyPSTxMap[0] |= byMask[0];
1613 }
1614 }
1615 else {
1616 bRelayAndForward = TRUE;
1617 }
1618 }
1619 else {
1620 // check if relay
1621 if (BSSDBbIsSTAInNodeDB(pMgmt, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1622 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1623 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1624 // queue this skb until next PS tx, and then release.
1625
1626#ifdef PRIVATE_OBJ
1627 ref_skb_add_offset(skb->skb, cbHeaderOffset);
1628 skb_put(skb->skb, FrameSize);
1629 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb->skb);
1630#else
1631 skb->data += cbHeaderOffset;
1632 skb->tail += cbHeaderOffset;
1633 skb_put(skb, FrameSize);
1634 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1635#endif
1636 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1637 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1638 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1639 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1640 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1641 return TRUE;
1642 }
1643 else {
1644 bRelayOnly = TRUE;
1645 }
1646 }
1647 };
1648 }
1649
1650 if (bRelayOnly || bRelayAndForward) {
1651 // relay this packet right now
1652 if (bRelayAndForward)
1653 iDANodeIndex = 0;
1654
1655 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
1656 ROUTEbRelay(pDevice, (PBYTE)(skb->data + cbHeaderOffset), FrameSize, (UINT)iDANodeIndex);
1657 }
1658
1659 if (bRelayOnly)
1660 return FALSE;
1661 }
1662 // none associate, don't forward
1663 if (pDevice->uAssocCount == 0)
1664 return FALSE;
1665
1666 return TRUE;
1667}
1668