Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / cc21181217549e0a894dd6b57feacbcb979d831b / . / drivers / staging / vt6655 / dpc.c
blob: 11611982a990abdb5c0680a3e9f01841e40cfb05 [file] [log] [blame]
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
41
42#if !defined(__DEVICE_H__)
43#include "device.h"
44#endif
45#if !defined(__RXTX_H__)
46#include "rxtx.h"
47#endif
48#if !defined(__TETHER_H__)
49#include "tether.h"
50#endif
51#if !defined(__CARD_H__)
52#include "card.h"
53#endif
54#if !defined(__BSSDB_H__)
55#include "bssdb.h"
56#endif
57#if !defined(__MAC_H__)
58#include "mac.h"
59#endif
60#if !defined(__BASEBAND_H__)
61#include "baseband.h"
62#endif
63#if !defined(__UMEM_H__)
64#include "umem.h"
65#endif
66#if !defined(__MICHAEL_H__)
67#include "michael.h"
68#endif
69#if !defined(__TKIP_H__)
70#include "tkip.h"
71#endif
72#if !defined(__TCRC_H__)
73#include "tcrc.h"
74#endif
75#if !defined(__WCTL_H__)
76#include "wctl.h"
77#endif
78#if !defined(__WROUTE_H__)
79#include "wroute.h"
80#endif
81#if !defined(__TBIT_H__)
82#include "tbit.h"
83#endif
84#if !defined(__HOSTAP_H__)
85#include "hostap.h"
86#endif
87#if !defined(__RF_H__)
88#include "rf.h"
89#endif
90#if !defined(__IOWPA_H__)
91#include "iowpa.h"
92#endif
93#if !defined(__AES_H__)
94#include "aes_ccmp.h"
95#endif
96
97//#define PLICE_DEBUG
98
99
100/*--------------------- Static Definitions -------------------------*/
101
102/*--------------------- Static Classes ----------------------------*/
103
104/*--------------------- Static Variables --------------------------*/
105//static int msglevel =MSG_LEVEL_DEBUG;
106static int msglevel =MSG_LEVEL_INFO;
107
108const BYTE acbyRxRate[MAX_RATE] =
109{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
110
111
112/*--------------------- Static Functions --------------------------*/
113
114/*--------------------- Static Definitions -------------------------*/
115
116/*--------------------- Static Functions --------------------------*/
117
118static BYTE s_byGetRateIdx(IN BYTE byRate);
119
120
121static
122VOID
123s_vGetDASA(
124 IN PBYTE pbyRxBufferAddr,
125 OUT PUINT pcbHeaderSize,
126 OUT PSEthernetHeader psEthHeader
127 );
128
129static
130VOID
131s_vProcessRxMACHeader (
132 IN PSDevice pDevice,
133 IN PBYTE pbyRxBufferAddr,
134 IN UINT cbPacketSize,
135 IN BOOL bIsWEP,
136 IN BOOL bExtIV,
137 OUT PUINT pcbHeadSize
138 );
139
140static BOOL s_bAPModeRxCtl(
141 IN PSDevice pDevice,
142 IN PBYTE pbyFrame,
143 IN INT iSANodeIndex
144 );
145
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]146
147static BOOL s_bAPModeRxData (
148 IN PSDevice pDevice,
149 IN struct sk_buff* skb,
150 IN UINT FrameSize,
151 IN UINT cbHeaderOffset,
152 IN INT iSANodeIndex,
153 IN INT iDANodeIndex
154 );
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]155
156
157static BOOL s_bHandleRxEncryption(
158 IN PSDevice pDevice,
159 IN PBYTE pbyFrame,
160 IN UINT FrameSize,
161 IN PBYTE pbyRsr,
162 OUT PBYTE pbyNewRsr,
163 OUT PSKeyItem *pKeyOut,
164 OUT PBOOL pbExtIV,
165 OUT PWORD pwRxTSC15_0,
166 OUT PDWORD pdwRxTSC47_16
167 );
168
169static BOOL s_bHostWepRxEncryption(
170
171 IN PSDevice pDevice,
172 IN PBYTE pbyFrame,
173 IN UINT FrameSize,
174 IN PBYTE pbyRsr,
175 IN BOOL bOnFly,
176 IN PSKeyItem pKey,
177 OUT PBYTE pbyNewRsr,
178 OUT PBOOL pbExtIV,
179 OUT PWORD pwRxTSC15_0,
180 OUT PDWORD pdwRxTSC47_16
181
182 );
183
184/*--------------------- Export Variables --------------------------*/
185
186/*+
187 *
188 * Description:
189 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
190 *
191 * Parameters:
192 * In:
193 * pDevice
194 * dwRxBufferAddr - Address of Rcv Buffer
195 * cbPacketSize - Rcv Packet size
196 * bIsWEP - If Rcv with WEP
197 * Out:
198 * pcbHeaderSize - 802.11 header size
199 *
200 * Return Value: None
201 *
202-*/
203static
204VOID
205s_vProcessRxMACHeader (
206 IN PSDevice pDevice,
207 IN PBYTE pbyRxBufferAddr,
208 IN UINT cbPacketSize,
209 IN BOOL bIsWEP,
210 IN BOOL bExtIV,
211 OUT PUINT pcbHeadSize
212 )
213{
214 PBYTE pbyRxBuffer;
215 UINT cbHeaderSize = 0;
216 PWORD pwType;
217 PS802_11Header pMACHeader;
218 int ii;
219
220
221 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
222
223 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
224
225 if (bIsWEP) {
226 if (bExtIV) {
227 // strip IV&ExtIV , add 8 byte
228 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
229 } else {
230 // strip IV , add 4 byte
231 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
232 }
233 }
234 else {
235 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
236 };
237
238 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
239 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
240 cbHeaderSize += 6;
241 }
242 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
243 cbHeaderSize += 6;
244 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
245 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
246 }
247 else {
248 cbHeaderSize -= 8;
249 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
250 if (bIsWEP) {
251 if (bExtIV) {
252 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
253 } else {
254 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
255 }
256 }
257 else {
258 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
259 }
260 }
261 }
262 else {
263 cbHeaderSize -= 2;
264 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
265 if (bIsWEP) {
266 if (bExtIV) {
267 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
268 } else {
269 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
270 }
271 }
272 else {
273 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
274 }
275 }
276
277 cbHeaderSize -= (U_ETHER_ADDR_LEN * 2);
278 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
279 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
280 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
281 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
282 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
283
284 *pcbHeadSize = cbHeaderSize;
285}
286
287
288
289
290static BYTE s_byGetRateIdx (IN BYTE byRate)
291{
292 BYTE byRateIdx;
293
294 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
295 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
296 return byRateIdx;
297 }
298 return 0;
299}
300
301
302static
303VOID
304s_vGetDASA (
305 IN PBYTE pbyRxBufferAddr,
306 OUT PUINT pcbHeaderSize,
307 OUT PSEthernetHeader psEthHeader
308 )
309{
310 UINT cbHeaderSize = 0;
311 PS802_11Header pMACHeader;
312 int ii;
313
314 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
315
316 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
317 if (pMACHeader->wFrameCtl & FC_FROMDS) {
318 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
319 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
320 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
321 }
322 }
323 else {
324 // IBSS mode
325 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
326 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
327 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
328 }
329 }
330 }
331 else {
332 // Is AP mode..
333 if (pMACHeader->wFrameCtl & FC_FROMDS) {
334 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
335 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
336 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
337 cbHeaderSize += 6;
338 }
339 }
340 else {
341 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
342 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
343 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
344 }
345 }
346 };
347 *pcbHeaderSize = cbHeaderSize;
348}
349
350
351
352
353//PLICE_DEBUG ->
354
355VOID MngWorkItem(PVOID Context)
356{
357 PSRxMgmtPacket pRxMgmtPacket;
358 PSDevice pDevice = (PSDevice) Context;
359 //printk("Enter MngWorkItem,Queue packet num is %d\n",pDevice->rxManeQueue.packet_num);
360 spin_lock_irq(&pDevice->lock);
361 while(pDevice->rxManeQueue.packet_num != 0)
362 {
363 pRxMgmtPacket = DeQueue(pDevice);
364 vMgrRxManagePacket(pDevice, pDevice->pMgmt, pRxMgmtPacket);
365 }
366 spin_unlock_irq(&pDevice->lock);
367}
368
369
370//PLICE_DEBUG<-
371
372
373
374BOOL
375device_receive_frame (
376 IN PSDevice pDevice,
377 IN PSRxDesc pCurrRD
378 )
379{
380
381 PDEVICE_RD_INFO pRDInfo = pCurrRD->pRDInfo;
382#ifdef PLICE_DEBUG
383 //printk("device_receive_frame:pCurrRD is %x,pRDInfo is %x\n",pCurrRD,pCurrRD->pRDInfo);
384#endif
385 struct net_device_stats* pStats=&pDevice->stats;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]386 struct sk_buff* skb;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]387 PSMgmtObject pMgmt = pDevice->pMgmt;
388 PSRxMgmtPacket pRxPacket = &(pDevice->pMgmt->sRxPacket);
389 PS802_11Header p802_11Header;
390 PBYTE pbyRsr;
391 PBYTE pbyNewRsr;
392 PBYTE pbyRSSI;
393 PQWORD pqwTSFTime;
394 PWORD pwFrameSize;
395 PBYTE pbyFrame;
396 BOOL bDeFragRx = FALSE;
397 BOOL bIsWEP = FALSE;
398 UINT cbHeaderOffset;
399 UINT FrameSize;
400 WORD wEtherType = 0;
401 INT iSANodeIndex = -1;
402 INT iDANodeIndex = -1;
403 UINT ii;
404 UINT cbIVOffset;
405 BOOL bExtIV = FALSE;
406 PBYTE pbyRxSts;
407 PBYTE pbyRxRate;
408 PBYTE pbySQ;
409 UINT cbHeaderSize;
410 PSKeyItem pKey = NULL;
411 WORD wRxTSC15_0 = 0;
412 DWORD dwRxTSC47_16 = 0;
413 SKeyItem STempKey;
414 // 802.11h RPI
415 DWORD dwDuration = 0;
416 LONG ldBm = 0;
417 LONG ldBmThreshold = 0;
418 PS802_11Header pMACHeader;
419 BOOL bRxeapol_key = FALSE;
420
421// DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- device_receive_frame---\n");
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]422
423 skb = pRDInfo->skb;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]424
425
426//PLICE_DEBUG->
427#if 1
428 pci_unmap_single(pDevice->pcid, pRDInfo->skb_dma,
429 pDevice->rx_buf_sz, PCI_DMA_FROMDEVICE);
430#endif
431//PLICE_DEBUG<-
432 pwFrameSize = (PWORD)(skb->data + 2);
433 FrameSize = cpu_to_le16(pCurrRD->m_rd1RD1.wReqCount) - cpu_to_le16(pCurrRD->m_rd0RD0.wResCount);
434
435 // Max: 2312Payload + 30HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
436 // Min (ACK): 10HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
437 if ((FrameSize > 2364)||(FrameSize <= 32)) {
438 // Frame Size error drop this packet.
439 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
440 return FALSE;
441 }
442
443 pbyRxSts = (PBYTE) (skb->data);
444 pbyRxRate = (PBYTE) (skb->data + 1);
445 pbyRsr = (PBYTE) (skb->data + FrameSize - 1);
446 pbyRSSI = (PBYTE) (skb->data + FrameSize - 2);
447 pbyNewRsr = (PBYTE) (skb->data + FrameSize - 3);
448 pbySQ = (PBYTE) (skb->data + FrameSize - 4);
449 pqwTSFTime = (PQWORD) (skb->data + FrameSize - 12);
450 pbyFrame = (PBYTE)(skb->data + 4);
451
452 // get packet size
453 FrameSize = cpu_to_le16(*pwFrameSize);
454
455 if ((FrameSize > 2346)|(FrameSize < 14)) { // Max: 2312Payload + 30HD +4CRC
456 // Min: 14 bytes ACK
457 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
458 return FALSE;
459 }
460//PLICE_DEBUG->
461#if 1
462 // update receive statistic counter
463 STAvUpdateRDStatCounter(&pDevice->scStatistic,
464 *pbyRsr,
465 *pbyNewRsr,
466 *pbyRxRate,
467 pbyFrame,
468 FrameSize);
469
470#endif
471
472 pMACHeader=(PS802_11Header)((PBYTE) (skb->data)+8);
473//PLICE_DEBUG<-
474 if (pDevice->bMeasureInProgress == TRUE) {
475 if ((*pbyRsr & RSR_CRCOK) != 0) {
476 pDevice->byBasicMap |= 0x01;
477 }
478 dwDuration = (FrameSize << 4);
479 dwDuration /= acbyRxRate[*pbyRxRate%MAX_RATE];
480 if (*pbyRxRate <= RATE_11M) {
481 if (BITbIsBitOn(*pbyRxSts, 0x01)) {
482 // long preamble
483 dwDuration += 192;
484 } else {
485 // short preamble
486 dwDuration += 96;
487 }
488 } else {
489 dwDuration += 16;
490 }
491 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
492 ldBmThreshold = -57;
493 for (ii = 7; ii > 0;) {
494 if (ldBm > ldBmThreshold) {
495 break;
496 }
497 ldBmThreshold -= 5;
498 ii--;
499 }
500 pDevice->dwRPIs[ii] += dwDuration;
501 return FALSE;
502 }
503
504 if (!IS_MULTICAST_ADDRESS(pbyFrame) && !IS_BROADCAST_ADDRESS(pbyFrame)) {
505 if (WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) (skb->data + 4))) {
506 pDevice->s802_11Counter.FrameDuplicateCount++;
507 return FALSE;
508 }
509 }
510
511
512 // Use for TKIP MIC
513 s_vGetDASA(skb->data+4, &cbHeaderSize, &pDevice->sRxEthHeader);
514
515 // filter packet send from myself
516 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
517 return FALSE;
518
519 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
520 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
521 p802_11Header = (PS802_11Header) (pbyFrame);
522 // get SA NodeIndex
523 if (BSSDBbIsSTAInNodeDB(pMgmt, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]524 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]525 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
526 }
527 }
528 }
529
530 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
531 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
532 return FALSE;
533 }
534 }
535 if (IS_FC_WEP(pbyFrame)) {
536 BOOL bRxDecryOK = FALSE;
537
538 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
539 bIsWEP = TRUE;
540 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
541 pKey = &STempKey;
542 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
543 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
544 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
545 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
546 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
547 memcpy(pKey->abyKey,
548 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
549 pKey->uKeyLength
550 );
551
552 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
553 pbyFrame,
554 FrameSize,
555 pbyRsr,
556 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
557 pKey,
558 pbyNewRsr,
559 &bExtIV,
560 &wRxTSC15_0,
561 &dwRxTSC47_16);
562 } else {
563 bRxDecryOK = s_bHandleRxEncryption(pDevice,
564 pbyFrame,
565 FrameSize,
566 pbyRsr,
567 pbyNewRsr,
568 &pKey,
569 &bExtIV,
570 &wRxTSC15_0,
571 &dwRxTSC47_16);
572 }
573
574 if (bRxDecryOK) {
575 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
576 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
577 if ( (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
578 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
579 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
580 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
581 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
582
583 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
584 pDevice->s802_11Counter.TKIPICVErrors++;
585 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
586 pDevice->s802_11Counter.CCMPDecryptErrors++;
587 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
588// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
589 }
590 }
591 return FALSE;
592 }
593 } else {
594 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
595 return FALSE;
596 }
597 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
598 FrameSize -= 8; // Message Integrity Code
599 else
600 FrameSize -= 4; // 4 is ICV
601 }
602
603
604 //
605 // RX OK
606 //
607 //remove the CRC length
608 FrameSize -= U_CRC_LEN;
609
610 if ((BITbIsAllBitsOff(*pbyRsr, (RSR_ADDRBROAD | RSR_ADDRMULTI))) && // unicast address
611 (IS_FRAGMENT_PKT((skb->data+4)))
612 ) {
613 // defragment
614 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (skb->data+4), FrameSize, bIsWEP, bExtIV);
615 pDevice->s802_11Counter.ReceivedFragmentCount++;
616 if (bDeFragRx) {
617 // defrag complete
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]618 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]619 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
620
621 }
622 else {
623 return FALSE;
624 }
625 }
626
627
628// Management & Control frame Handle
629 if ((IS_TYPE_DATA((skb->data+4))) == FALSE) {
630 // Handle Control & Manage Frame
631
632 if (IS_TYPE_MGMT((skb->data+4))) {
633 PBYTE pbyData1;
634 PBYTE pbyData2;
635
636 pRxPacket->p80211Header = (PUWLAN_80211HDR)(skb->data+4);
637 pRxPacket->cbMPDULen = FrameSize;
638 pRxPacket->uRSSI = *pbyRSSI;
639 pRxPacket->bySQ = *pbySQ;
640 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
641 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
642 if (bIsWEP) {
643 // strip IV
644 pbyData1 = WLAN_HDR_A3_DATA_PTR(skb->data+4);
645 pbyData2 = WLAN_HDR_A3_DATA_PTR(skb->data+4) + 4;
646 for (ii = 0; ii < (FrameSize - 4); ii++) {
647 *pbyData1 = *pbyData2;
648 pbyData1++;
649 pbyData2++;
650 }
651 }
652 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
653 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
654//PLICE_DEBUG->
655//EnQueue(pDevice,pRxPacket);
656
657#ifdef THREAD
658 EnQueue(pDevice,pRxPacket);
659
660 //printk("enque time is %x\n",jiffies);
661 //up(&pDevice->mlme_semaphore);
662 //Enque (pDevice->FirstRecvMngList,pDevice->LastRecvMngList,pMgmt);
663#else
664
665#ifdef TASK_LET
666 EnQueue(pDevice,pRxPacket);
667 tasklet_schedule(&pDevice->RxMngWorkItem);
668#else
669//printk("RxMan\n");
670 vMgrRxManagePacket((HANDLE)pDevice, pDevice->pMgmt, pRxPacket);
671 //tasklet_schedule(&pDevice->RxMngWorkItem);
672#endif
673
674#endif
675//PLICE_DEBUG<-
676 //vMgrRxManagePacket((HANDLE)pDevice, pDevice->pMgmt, pRxPacket);
677 // hostap Deamon handle 802.11 management
678 if (pDevice->bEnableHostapd) {
679 skb->dev = pDevice->apdev;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]680 skb->data += 4;
681 skb->tail += 4;
682 skb_put(skb, FrameSize);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]683 skb->mac_header = skb->data;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]684 skb->pkt_type = PACKET_OTHERHOST;
685 skb->protocol = htons(ETH_P_802_2);
686 memset(skb->cb, 0, sizeof(skb->cb));
687 netif_rx(skb);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]688 return TRUE;
689 }
690 }
691 else {
692 // Control Frame
693 };
694 return FALSE;
695 }
696 else {
697 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
698 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
699 if (BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
700 if (bDeFragRx) {
701 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
702 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
703 pDevice->dev->name);
704 }
705 }
706 return FALSE;
707 }
708 }
709 else {
710 // discard DATA packet while not associate || BSSID error
711 if ((pDevice->bLinkPass == FALSE) ||
712 BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
713 if (bDeFragRx) {
714 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
715 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
716 pDevice->dev->name);
717 }
718 }
719 return FALSE;
720 }
721
722 //mike add:station mode check eapol-key challenge--->
723 {
724 BYTE Protocol_Version; //802.1x Authentication
725 BYTE Packet_Type; //802.1x Authentication
726 if (bIsWEP)
727 cbIVOffset = 8;
728 else
729 cbIVOffset = 0;
730 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
731 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
732 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
733 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
734 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
735 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
736 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
737 bRxeapol_key = TRUE;
738 }
739 }
740 }
741 //mike add:station mode check eapol-key challenge<---
742 }
743 }
744
745// Data frame Handle
746
747 if (pDevice->bEnablePSMode) {
748 if (IS_FC_MOREDATA((skb->data+4))) {
749 if (BITbIsBitOn(*pbyRsr, RSR_ADDROK)) {
750 //PSbSendPSPOLL((PSDevice)pDevice);
751 }
752 }
753 else {
754 if (pDevice->pMgmt->bInTIMWake == TRUE) {
755 pDevice->pMgmt->bInTIMWake = FALSE;
756 }
757 }
758 };
759
760 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
761 if (pDevice->bDiversityEnable && (FrameSize>50) &&
762 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
763 (pDevice->bLinkPass == TRUE)) {
764 //printk("device_receive_frame: RxRate is %d\n",*pbyRxRate);
765 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
766 }
767
768
769 if (pDevice->byLocalID != REV_ID_VT3253_B1) {
770 pDevice->uCurrRSSI = *pbyRSSI;
771 }
772 pDevice->byCurrSQ = *pbySQ;
773
774 if ((*pbyRSSI != 0) &&
775 (pMgmt->pCurrBSS!=NULL)) {
776 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
777 // Moniter if RSSI is too strong.
778 pMgmt->pCurrBSS->byRSSIStatCnt++;
779 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
780 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
781 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
782 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
783 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
784 }
785 }
786 }
787
788 // -----------------------------------------------
789
790 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
791 BYTE abyMacHdr[24];
792
793 // Only 802.1x packet incoming allowed
794 if (bIsWEP)
795 cbIVOffset = 8;
796 else
797 cbIVOffset = 0;
798 wEtherType = (skb->data[cbIVOffset + 4 + 24 + 6] << 8) |
799 skb->data[cbIVOffset + 4 + 24 + 6 + 1];
800
801 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
802 if (wEtherType == ETH_P_PAE) {
803 skb->dev = pDevice->apdev;
804
805 if (bIsWEP == TRUE) {
806 // strip IV header(8)
807 memcpy(&abyMacHdr[0], (skb->data + 4), 24);
808 memcpy((skb->data + 4 + cbIVOffset), &abyMacHdr[0], 24);
809 }
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]810 skb->data += (cbIVOffset + 4);
811 skb->tail += (cbIVOffset + 4);
812 skb_put(skb, FrameSize);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]813 skb->mac_header = skb->data;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]814
815 skb->pkt_type = PACKET_OTHERHOST;
816 skb->protocol = htons(ETH_P_802_2);
817 memset(skb->cb, 0, sizeof(skb->cb));
818 netif_rx(skb);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]819 return TRUE;
820
821}
822 // check if 802.1x authorized
823 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
824 return FALSE;
825 }
826
827
828 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
829 if (bIsWEP) {
830 FrameSize -= 8; //MIC
831 }
832 }
833
834 //--------------------------------------------------------------------------------
835 // Soft MIC
836 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
837 if (bIsWEP) {
838 PDWORD pdwMIC_L;
839 PDWORD pdwMIC_R;
840 DWORD dwMIC_Priority;
841 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
842 DWORD dwLocalMIC_L = 0;
843 DWORD dwLocalMIC_R = 0;
844 viawget_wpa_header *wpahdr;
845
846
847 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
848 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
849 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
850 }
851 else {
852 if (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
853 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
854 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
855 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
856 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
857 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
858 } else {
859 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
860 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
861 }
862 }
863
864 MIC_vInit(dwMICKey0, dwMICKey1);
865 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
866 dwMIC_Priority = 0;
867 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
868 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
869 MIC_vAppend((PBYTE)(skb->data + 4 + WLAN_HDR_ADDR3_LEN + 8),
870 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
871 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
872 MIC_vUnInit();
873
874 pdwMIC_L = (PDWORD)(skb->data + 4 + FrameSize);
875 pdwMIC_R = (PDWORD)(skb->data + 4 + FrameSize + 4);
876 //DBG_PRN_GRP12(("RxL: %lx, RxR: %lx\n", *pdwMIC_L, *pdwMIC_R));
877 //DBG_PRN_GRP12(("LocalL: %lx, LocalR: %lx\n", dwLocalMIC_L, dwLocalMIC_R));
878 //DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"dwMICKey0= %lx,dwMICKey1= %lx \n", dwMICKey0, dwMICKey1);
879
880
881 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
882 (pDevice->bRxMICFail == TRUE)) {
883 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
884 pDevice->bRxMICFail = FALSE;
885 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
886 pDevice->s802_11Counter.TKIPLocalMICFailures++;
887 if (bDeFragRx) {
888 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
889 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
890 pDevice->dev->name);
891 }
892 }
893
894//2008-0409-07, <Add> by Einsn Liu
895 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
896 //send event to wpa_supplicant
897 //if(pDevice->bWPADevEnable == TRUE)
898 {
899 union iwreq_data wrqu;
900 struct iw_michaelmicfailure ev;
901 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
902 memset(&ev, 0, sizeof(ev));
903 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
904 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
905 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
906 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
907 ev.flags |= IW_MICFAILURE_PAIRWISE;
908 } else {
909 ev.flags |= IW_MICFAILURE_GROUP;
910 }
911
912 ev.src_addr.sa_family = ARPHRD_ETHER;
913 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
914 memset(&wrqu, 0, sizeof(wrqu));
915 wrqu.data.length = sizeof(ev);
916 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
917
918 }
919 #endif
920 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
921 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
922 if ((pDevice->pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
923 (pDevice->pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
924 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
925 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
926 wpahdr->type = VIAWGET_PTK_MIC_MSG;
927 } else {
928 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
929 wpahdr->type = VIAWGET_GTK_MIC_MSG;
930 }
931 wpahdr->resp_ie_len = 0;
932 wpahdr->req_ie_len = 0;
933 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
934 pDevice->skb->dev = pDevice->wpadev;
Forest Bond7bb8dc22009-06-01 20:00:35 -0400[diff] [blame]935 pDevice->skb->mac_header = pDevice->skb->data;
936 pDevice->skb->pkt_type = PACKET_HOST;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]937 pDevice->skb->protocol = htons(ETH_P_802_2);
938 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
939 netif_rx(pDevice->skb);
940 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
941 };
942
943 return FALSE;
944
945 }
946 }
947 } //---end of SOFT MIC-----------------------------------------------------------------------
948
949 // ++++++++++ Reply Counter Check +++++++++++++
950
951 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
952 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
953 if (bIsWEP) {
954 WORD wLocalTSC15_0 = 0;
955 DWORD dwLocalTSC47_16 = 0;
956 ULONGLONG RSC = 0;
957 // endian issues
958 RSC = *((ULONGLONG *) &(pKey->KeyRSC));
959 wLocalTSC15_0 = (WORD) RSC;
960 dwLocalTSC47_16 = (DWORD) (RSC>>16);
961
962 RSC = dwRxTSC47_16;
963 RSC <<= 16;
964 RSC += wRxTSC15_0;
965 MEMvCopy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
966
967 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
968 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
969 // check RSC
970 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
971 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
972 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
973 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
974 if (pKey->byCipherSuite == KEY_CTL_TKIP)
975 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
976 pDevice->s802_11Counter.TKIPReplays++;
977 else
978 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
979 pDevice->s802_11Counter.CCMPReplays++;
980
981 if (bDeFragRx) {
982 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
983 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
984 pDevice->dev->name);
985 }
986 }
987 return FALSE;
988 }
989 }
990 }
991 } // ----- End of Reply Counter Check --------------------------
992
993
994
995 if ((pKey != NULL) && (bIsWEP)) {
996// pDevice->s802_11Counter.DecryptSuccessCount.QuadPart++;
997 }
998
999
1000 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+4), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
1001 FrameSize -= cbHeaderOffset;
1002 cbHeaderOffset += 4; // 4 is Rcv buffer header
1003
1004 // Null data, framesize = 14
1005 if (FrameSize < 15)
1006 return FALSE;
1007
1008 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1009 if (s_bAPModeRxData(pDevice,
1010 skb,
1011 FrameSize,
1012 cbHeaderOffset,
1013 iSANodeIndex,
1014 iDANodeIndex
1015 ) == FALSE) {
1016
1017 if (bDeFragRx) {
1018 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1019 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1020 pDevice->dev->name);
1021 }
1022 }
1023 return FALSE;
1024 }
1025
1026// if(pDevice->bRxMICFail == FALSE) {
1027// for (ii =0; ii < 100; ii++)
1028// printk(" %02x", *(skb->data + ii));
1029// printk("\n");
1030// }
1031
1032 }
1033
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1034 skb->data += cbHeaderOffset;
1035 skb->tail += cbHeaderOffset;
1036 skb_put(skb, FrameSize);
1037 skb->protocol=eth_type_trans(skb, skb->dev);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1038
1039
1040 //drop frame not met IEEE 802.3
1041/*
1042 if (pDevice->flags & DEVICE_FLAGS_VAL_PKT_LEN) {
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1043 if ((skb->protocol==htons(ETH_P_802_3)) &&
1044 (skb->len!=htons(skb->mac.ethernet->h_proto))) {
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1045 pStats->rx_length_errors++;
1046 pStats->rx_dropped++;
1047 if (bDeFragRx) {
1048 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1049 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1050 pDevice->dev->name);
1051 }
1052 }
1053 return FALSE;
1054 }
1055 }
1056*/
1057
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1058 skb->ip_summed=CHECKSUM_NONE;
1059 pStats->rx_bytes +=skb->len;
1060 pStats->rx_packets++;
1061 netif_rx(skb);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1062
1063 if (bDeFragRx) {
1064 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1065 DEVICE_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1066 pDevice->dev->name);
1067 }
1068 return FALSE;
1069 }
1070 return TRUE;
1071}
1072
1073
1074static BOOL s_bAPModeRxCtl (
1075 IN PSDevice pDevice,
1076 IN PBYTE pbyFrame,
1077 IN INT iSANodeIndex
1078 )
1079{
1080 PS802_11Header p802_11Header;
1081 CMD_STATUS Status;
1082 PSMgmtObject pMgmt = pDevice->pMgmt;
1083
1084
1085 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1086
1087 p802_11Header = (PS802_11Header) (pbyFrame);
1088 if (!IS_TYPE_MGMT(pbyFrame)) {
1089
1090 // Data & PS-Poll packet
1091 // check frame class
1092 if (iSANodeIndex > 0) {
1093 // frame class 3 fliter & checking
1094 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1095 // send deauth notification
1096 // reason = (6) class 2 received from nonauth sta
1097 vMgrDeAuthenBeginSta(pDevice,
1098 pMgmt,
1099 (PBYTE)(p802_11Header->abyAddr2),
1100 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1101 &Status
1102 );
1103 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1104 return TRUE;
1105 };
1106 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1107 // send deassoc notification
1108 // reason = (7) class 3 received from nonassoc sta
1109 vMgrDisassocBeginSta(pDevice,
1110 pMgmt,
1111 (PBYTE)(p802_11Header->abyAddr2),
1112 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1113 &Status
1114 );
1115 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1116 return TRUE;
1117 };
1118
1119 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1120 // delcare received ps-poll event
1121 if (IS_CTL_PSPOLL(pbyFrame)) {
1122 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1123 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1124 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1125 }
1126 else {
1127 // check Data PS state
1128 // if PW bit off, send out all PS bufferring packets.
1129 if (!IS_FC_POWERMGT(pbyFrame)) {
1130 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1131 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1132 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1133 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1134 }
1135 }
1136 }
1137 else {
1138 if (IS_FC_POWERMGT(pbyFrame)) {
1139 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1140 // Once if STA in PS state, enable multicast bufferring
1141 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1142 }
1143 else {
1144 // clear all pending PS frame.
1145 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1146 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1147 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1148 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1149 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1150
1151 }
1152 }
1153 }
1154 }
1155 else {
1156 vMgrDeAuthenBeginSta(pDevice,
1157 pMgmt,
1158 (PBYTE)(p802_11Header->abyAddr2),
1159 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1160 &Status
1161 );
1162 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1163 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
1164 p802_11Header->abyAddr3[0],
1165 p802_11Header->abyAddr3[1],
1166 p802_11Header->abyAddr3[2],
1167 p802_11Header->abyAddr3[3],
1168 p802_11Header->abyAddr3[4],
1169 p802_11Header->abyAddr3[5]
1170 );
1171 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
1172 p802_11Header->abyAddr2[0],
1173 p802_11Header->abyAddr2[1],
1174 p802_11Header->abyAddr2[2],
1175 p802_11Header->abyAddr2[3],
1176 p802_11Header->abyAddr2[4],
1177 p802_11Header->abyAddr2[5]
1178 );
1179 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
1180 p802_11Header->abyAddr1[0],
1181 p802_11Header->abyAddr1[1],
1182 p802_11Header->abyAddr1[2],
1183 p802_11Header->abyAddr1[3],
1184 p802_11Header->abyAddr1[4],
1185 p802_11Header->abyAddr1[5]
1186 );
1187 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1188 VNSvInPortB(pDevice->PortOffset + MAC_REG_RCR, &(pDevice->byRxMode));
1189 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc:pDevice->byRxMode = %x\n", pDevice->byRxMode );
1190 return TRUE;
1191 }
1192 }
1193 }
1194 return FALSE;
1195
1196}
1197
1198static BOOL s_bHandleRxEncryption (
1199 IN PSDevice pDevice,
1200 IN PBYTE pbyFrame,
1201 IN UINT FrameSize,
1202 IN PBYTE pbyRsr,
1203 OUT PBYTE pbyNewRsr,
1204 OUT PSKeyItem *pKeyOut,
1205 OUT PBOOL pbExtIV,
1206 OUT PWORD pwRxTSC15_0,
1207 OUT PDWORD pdwRxTSC47_16
1208 )
1209{
1210 UINT PayloadLen = FrameSize;
1211 PBYTE pbyIV;
1212 BYTE byKeyIdx;
1213 PSKeyItem pKey = NULL;
1214 BYTE byDecMode = KEY_CTL_WEP;
1215 PSMgmtObject pMgmt = pDevice->pMgmt;
1216
1217
1218 *pwRxTSC15_0 = 0;
1219 *pdwRxTSC47_16 = 0;
1220
1221 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1222 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1223 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1224 pbyIV += 6; // 6 is 802.11 address4
1225 PayloadLen -= 6;
1226 }
1227 byKeyIdx = (*(pbyIV+3) & 0xc0);
1228 byKeyIdx >>= 6;
1229 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1230
1231 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1232 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1233 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1234 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1235 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1236 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1237 (pDevice->pMgmt->byCSSPK != KEY_CTL_NONE)) {
1238 // unicast pkt use pairwise key
1239 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1240 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1241 if (pDevice->pMgmt->byCSSPK == KEY_CTL_TKIP)
1242 byDecMode = KEY_CTL_TKIP;
1243 else if (pDevice->pMgmt->byCSSPK == KEY_CTL_CCMP)
1244 byDecMode = KEY_CTL_CCMP;
1245 }
1246 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1247 } else {
1248 // use group key
1249 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1250 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1251 byDecMode = KEY_CTL_TKIP;
1252 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1253 byDecMode = KEY_CTL_CCMP;
1254 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1255 }
1256 }
1257 // our WEP only support Default Key
1258 if (pKey == NULL) {
1259 // use default group key
1260 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1261 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1262 byDecMode = KEY_CTL_TKIP;
1263 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1264 byDecMode = KEY_CTL_CCMP;
1265 }
1266 *pKeyOut = pKey;
1267
1268 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
1269
1270 if (pKey == NULL) {
1271 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1272 if (byDecMode == KEY_CTL_WEP) {
1273// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1274 } else if (pDevice->bLinkPass == TRUE) {
1275// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1276 }
1277 return FALSE;
1278 }
1279 if (byDecMode != pKey->byCipherSuite) {
1280 if (byDecMode == KEY_CTL_WEP) {
1281// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1282 } else if (pDevice->bLinkPass == TRUE) {
1283// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1284 }
1285 *pKeyOut = NULL;
1286 return FALSE;
1287 }
1288 if (byDecMode == KEY_CTL_WEP) {
1289 // handle WEP
1290 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1291 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1292 // Software WEP
1293 // 1. 3253A
1294 // 2. WEP 256
1295
1296 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1297 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1298 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1299 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1300 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1301
1302 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1303 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1304 }
1305 }
1306 } else if ((byDecMode == KEY_CTL_TKIP) ||
1307 (byDecMode == KEY_CTL_CCMP)) {
1308 // TKIP/AES
1309
1310 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1311 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1312 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1313 if (byDecMode == KEY_CTL_TKIP) {
1314 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1315 } else {
1316 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1317 }
1318 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1319
1320 if ((byDecMode == KEY_CTL_TKIP) &&
1321 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1322 // Software TKIP
1323 // 1. 3253 A
1324 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1325 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1326 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1327 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1328 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1329 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1330 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1331 } else {
1332 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1333 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1334 }
1335 }
1336 }// end of TKIP/AES
1337
1338 if ((*(pbyIV+3) & 0x20) != 0)
1339 *pbExtIV = TRUE;
1340 return TRUE;
1341}
1342
1343
1344static BOOL s_bHostWepRxEncryption (
1345 IN PSDevice pDevice,
1346 IN PBYTE pbyFrame,
1347 IN UINT FrameSize,
1348 IN PBYTE pbyRsr,
1349 IN BOOL bOnFly,
1350 IN PSKeyItem pKey,
1351 OUT PBYTE pbyNewRsr,
1352 OUT PBOOL pbExtIV,
1353 OUT PWORD pwRxTSC15_0,
1354 OUT PDWORD pdwRxTSC47_16
1355 )
1356{
1357 UINT PayloadLen = FrameSize;
1358 PBYTE pbyIV;
1359 BYTE byKeyIdx;
1360 BYTE byDecMode = KEY_CTL_WEP;
1361 PS802_11Header pMACHeader;
1362
1363
1364
1365 *pwRxTSC15_0 = 0;
1366 *pdwRxTSC47_16 = 0;
1367
1368 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1369 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1370 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1371 pbyIV += 6; // 6 is 802.11 address4
1372 PayloadLen -= 6;
1373 }
1374 byKeyIdx = (*(pbyIV+3) & 0xc0);
1375 byKeyIdx >>= 6;
1376 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1377
1378
1379 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1380 byDecMode = KEY_CTL_TKIP;
1381 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1382 byDecMode = KEY_CTL_CCMP;
1383
1384 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
1385
1386 if (byDecMode != pKey->byCipherSuite) {
1387 if (byDecMode == KEY_CTL_WEP) {
1388// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1389 } else if (pDevice->bLinkPass == TRUE) {
1390// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1391 }
1392 return FALSE;
1393 }
1394
1395 if (byDecMode == KEY_CTL_WEP) {
1396 // handle WEP
1397 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1398 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1399 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1400 (bOnFly == FALSE)) {
1401 // Software WEP
1402 // 1. 3253A
1403 // 2. WEP 256
1404 // 3. NotOnFly
1405
1406 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1407 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1408 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1409 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1410 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1411
1412 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1413 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1414 }
1415 }
1416 } else if ((byDecMode == KEY_CTL_TKIP) ||
1417 (byDecMode == KEY_CTL_CCMP)) {
1418 // TKIP/AES
1419
1420 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1421 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1422 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1423
1424 if (byDecMode == KEY_CTL_TKIP) {
1425 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1426 } else {
1427 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1428 }
1429 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1430
1431 if (byDecMode == KEY_CTL_TKIP) {
1432 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1433 // Software TKIP
1434 // 1. 3253 A
1435 // 2. NotOnFly
1436 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1437 pMACHeader = (PS802_11Header) (pbyFrame);
1438 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1439 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1440 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1441 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1442 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1443 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1444 } else {
1445 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1446 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1447 }
1448 }
1449 }
1450
1451 if (byDecMode == KEY_CTL_CCMP) {
1452 if (bOnFly == FALSE) {
1453 // Software CCMP
1454 // NotOnFly
1455 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1456 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1457 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1458 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1459 } else {
1460 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1461 }
1462 }
1463 }
1464
1465 }// end of TKIP/AES
1466
1467 if ((*(pbyIV+3) & 0x20) != 0)
1468 *pbExtIV = TRUE;
1469 return TRUE;
1470}
1471
1472
1473
1474
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1475
1476static BOOL s_bAPModeRxData (
1477 IN PSDevice pDevice,
1478 IN struct sk_buff* skb,
1479 IN UINT FrameSize,
1480 IN UINT cbHeaderOffset,
1481 IN INT iSANodeIndex,
1482 IN INT iDANodeIndex
1483 )
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1484{
1485 PSMgmtObject pMgmt = pDevice->pMgmt;
1486 BOOL bRelayAndForward = FALSE;
1487 BOOL bRelayOnly = FALSE;
1488 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1489 WORD wAID;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1490 struct sk_buff* skbcpy = NULL;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1491
1492
1493
1494 if (FrameSize > CB_MAX_BUF_SIZE)
1495 return FALSE;
1496 // check DA
1497 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1498 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1499
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1500 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1501 // if any node in PS mode, buffer packet until DTIM.
1502 if (skbcpy == NULL) {
1503 DEVICE_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1504 }
1505 else {
1506 skbcpy->dev = pDevice->dev;
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1507 skbcpy->len = FrameSize;
1508 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1509 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1510 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1511 // set tx map
1512 pMgmt->abyPSTxMap[0] |= byMask[0];
1513 }
1514 }
1515 else {
1516 bRelayAndForward = TRUE;
1517 }
1518 }
1519 else {
1520 // check if relay
1521 if (BSSDBbIsSTAInNodeDB(pMgmt, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1522 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1523 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1524 // queue this skb until next PS tx, and then release.
1525
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1526 skb->data += cbHeaderOffset;
1527 skb->tail += cbHeaderOffset;
1528 skb_put(skb, FrameSize);
1529 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
Forest Bond5449c682009-04-25 10:30:44 -0400[diff] [blame]1530 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1531 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1532 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1533 DEVICE_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1534 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1535 return TRUE;
1536 }
1537 else {
1538 bRelayOnly = TRUE;
1539 }
1540 }
1541 };
1542 }
1543
1544 if (bRelayOnly || bRelayAndForward) {
1545 // relay this packet right now
1546 if (bRelayAndForward)
1547 iDANodeIndex = 0;
1548
1549 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
1550 ROUTEbRelay(pDevice, (PBYTE)(skb->data + cbHeaderOffset), FrameSize, (UINT)iDANodeIndex);
1551 }
1552
1553 if (bRelayOnly)
1554 return FALSE;
1555 }
1556 // none associate, don't forward
1557 if (pDevice->uAssocCount == 0)
1558 return FALSE;
1559
1560 return TRUE;
1561}
1562