1 // SPDX-License-Identifier: GPL-2.0
3 * Original code based Host AP (software wireless LAN access point) driver
4 * for Intersil Prism2/2.5/3 - hostap.o module, common routines
6 * Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen
8 * Copyright (c) 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi>
9 * Copyright (c) 2004, Intel Corporation
11 * Few modifications for Realtek's Wi-Fi drivers by
12 * Andrea Merello <andrea.merello@gmail.com>
14 * A special thanks goes to Realtek for their support !
16 #include <linux/compiler.h>
17 #include <linux/errno.h>
18 #include <linux/if_arp.h>
19 #include <linux/in6.h>
22 #include <linux/kernel.h>
23 #include <linux/module.h>
24 #include <linux/netdevice.h>
25 #include <linux/pci.h>
26 #include <linux/proc_fs.h>
27 #include <linux/skbuff.h>
28 #include <linux/slab.h>
29 #include <linux/tcp.h>
30 #include <linux/types.h>
31 #include <linux/wireless.h>
32 #include <linux/etherdevice.h>
33 #include <linux/uaccess.h>
34 #include <linux/ctype.h>
39 static void rtllib_rx_mgt(struct rtllib_device *ieee, struct sk_buff *skb,
40 struct rtllib_rx_stats *stats);
42 static inline void rtllib_monitor_rx(struct rtllib_device *ieee,
44 struct rtllib_rx_stats *rx_status,
48 skb_reset_mac_header(skb);
49 skb_pull(skb, hdr_length);
50 skb->pkt_type = PACKET_OTHERHOST;
51 skb->protocol = htons(ETH_P_80211_RAW);
52 memset(skb->cb, 0, sizeof(skb->cb));
56 /* Called only as a tasklet (software IRQ) */
57 static struct rtllib_frag_entry *
58 rtllib_frag_cache_find(struct rtllib_device *ieee, unsigned int seq,
59 unsigned int frag, u8 tid, u8 *src, u8 *dst)
61 struct rtllib_frag_entry *entry;
64 for (i = 0; i < RTLLIB_FRAG_CACHE_LEN; i++) {
65 entry = &ieee->frag_cache[tid][i];
66 if (entry->skb != NULL &&
67 time_after(jiffies, entry->first_frag_time + 2 * HZ)) {
69 "expiring fragment cache entry seq=%u last_frag=%u\n",
70 entry->seq, entry->last_frag);
71 dev_kfree_skb_any(entry->skb);
75 if (entry->skb != NULL && entry->seq == seq &&
76 (entry->last_frag + 1 == frag || frag == -1) &&
77 memcmp(entry->src_addr, src, ETH_ALEN) == 0 &&
78 memcmp(entry->dst_addr, dst, ETH_ALEN) == 0)
85 /* Called only as a tasklet (software IRQ) */
86 static struct sk_buff *
87 rtllib_frag_cache_get(struct rtllib_device *ieee,
88 struct ieee80211_hdr *hdr)
90 struct sk_buff *skb = NULL;
91 u16 fc = le16_to_cpu(hdr->frame_control);
92 u16 sc = le16_to_cpu(hdr->seq_ctrl);
93 unsigned int frag = WLAN_GET_SEQ_FRAG(sc);
94 unsigned int seq = WLAN_GET_SEQ_SEQ(sc);
95 struct rtllib_frag_entry *entry;
96 struct ieee80211_qos_hdr *hdr_3addrqos;
97 struct ieee80211_qos_hdr_4addr *hdr_4addrqos;
100 if (ieee80211_has_a4(hdr->frame_control) &&
101 RTLLIB_QOS_HAS_SEQ(fc)) {
102 hdr_4addrqos = (struct ieee80211_qos_hdr_4addr *)hdr;
103 tid = le16_to_cpu(hdr_4addrqos->qos_ctrl) & RTLLIB_QCTL_TID;
106 } else if (RTLLIB_QOS_HAS_SEQ(fc)) {
107 hdr_3addrqos = (struct ieee80211_qos_hdr *)hdr;
108 tid = le16_to_cpu(hdr_3addrqos->qos_ctrl) & RTLLIB_QCTL_TID;
116 /* Reserve enough space to fit maximum frame length */
117 skb = dev_alloc_skb(ieee->dev->mtu +
118 sizeof(struct ieee80211_hdr) +
124 (RTLLIB_QOS_HAS_SEQ(fc) ? 2 : 0));
128 entry = &ieee->frag_cache[tid][ieee->frag_next_idx[tid]];
129 ieee->frag_next_idx[tid]++;
130 if (ieee->frag_next_idx[tid] >= RTLLIB_FRAG_CACHE_LEN)
131 ieee->frag_next_idx[tid] = 0;
133 if (entry->skb != NULL)
134 dev_kfree_skb_any(entry->skb);
136 entry->first_frag_time = jiffies;
138 entry->last_frag = frag;
140 ether_addr_copy(entry->src_addr, hdr->addr2);
141 ether_addr_copy(entry->dst_addr, hdr->addr1);
143 /* received a fragment of a frame for which the head fragment
144 * should have already been received
146 entry = rtllib_frag_cache_find(ieee, seq, frag, tid, hdr->addr2,
149 entry->last_frag = frag;
157 /* Called only as a tasklet (software IRQ) */
158 static int rtllib_frag_cache_invalidate(struct rtllib_device *ieee,
159 struct ieee80211_hdr *hdr)
161 u16 fc = le16_to_cpu(hdr->frame_control);
162 u16 sc = le16_to_cpu(hdr->seq_ctrl);
163 unsigned int seq = WLAN_GET_SEQ_SEQ(sc);
164 struct rtllib_frag_entry *entry;
165 struct ieee80211_qos_hdr *hdr_3addrqos;
166 struct ieee80211_qos_hdr_4addr *hdr_4addrqos;
169 if (ieee80211_has_a4(hdr->frame_control) &&
170 RTLLIB_QOS_HAS_SEQ(fc)) {
171 hdr_4addrqos = (struct ieee80211_qos_hdr_4addr *)hdr;
172 tid = le16_to_cpu(hdr_4addrqos->qos_ctrl) & RTLLIB_QCTL_TID;
175 } else if (RTLLIB_QOS_HAS_SEQ(fc)) {
176 hdr_3addrqos = (struct ieee80211_qos_hdr *)hdr;
177 tid = le16_to_cpu(hdr_3addrqos->qos_ctrl) & RTLLIB_QCTL_TID;
184 entry = rtllib_frag_cache_find(ieee, seq, -1, tid, hdr->addr2,
188 netdev_dbg(ieee->dev,
189 "Couldn't invalidate fragment cache entry (seq=%u)\n",
198 /* rtllib_rx_frame_mgtmt
200 * Responsible for handling management control frames
202 * Called by rtllib_rx
205 rtllib_rx_frame_mgmt(struct rtllib_device *ieee, struct sk_buff *skb,
206 struct rtllib_rx_stats *rx_stats, u16 type,
209 /* On the struct stats definition there is written that
210 * this is not mandatory.... but seems that the probe
211 * response parser uses it
213 struct ieee80211_hdr_3addr *hdr = (struct ieee80211_hdr_3addr *)skb->data;
215 rx_stats->len = skb->len;
216 rtllib_rx_mgt(ieee, skb, rx_stats);
217 if ((memcmp(hdr->addr1, ieee->dev->dev_addr, ETH_ALEN))) {
218 dev_kfree_skb_any(skb);
221 rtllib_rx_frame_softmac(ieee, skb, rx_stats, type, stype);
223 dev_kfree_skb_any(skb);
228 /* No encapsulation header if EtherType < 0x600 (=length) */
230 /* Called by rtllib_rx_frame_decrypt */
231 static int rtllib_is_eapol_frame(struct rtllib_device *ieee,
232 struct sk_buff *skb, size_t hdrlen)
234 struct net_device *dev = ieee->dev;
236 struct ieee80211_hdr *hdr;
242 hdr = (struct ieee80211_hdr *)skb->data;
243 fc = le16_to_cpu(hdr->frame_control);
245 /* check that the frame is unicast frame to us */
246 if ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
247 IEEE80211_FCTL_TODS &&
248 memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0 &&
249 memcmp(hdr->addr3, dev->dev_addr, ETH_ALEN) == 0) {
250 /* ToDS frame with own addr BSSID and DA */
251 } else if ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
252 IEEE80211_FCTL_FROMDS &&
253 memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0) {
254 /* FromDS frame with own addr as DA */
259 if (skb->len < 24 + 8)
262 /* check for port access entity Ethernet type */
263 pos = skb->data + hdrlen;
264 ethertype = (pos[6] << 8) | pos[7];
265 if (ethertype == ETH_P_PAE)
271 /* Called only as a tasklet (software IRQ), by rtllib_rx */
273 rtllib_rx_frame_decrypt(struct rtllib_device *ieee, struct sk_buff *skb,
274 struct lib80211_crypt_data *crypt)
276 struct ieee80211_hdr *hdr;
279 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL)
282 if (ieee->hwsec_active) {
283 struct cb_desc *tcb_desc = (struct cb_desc *)
284 (skb->cb + MAX_DEV_ADDR_SIZE);
286 tcb_desc->bHwSec = 1;
288 if (ieee->need_sw_enc)
289 tcb_desc->bHwSec = 0;
292 hdr = (struct ieee80211_hdr *)skb->data;
293 hdrlen = rtllib_get_hdrlen(le16_to_cpu(hdr->frame_control));
295 atomic_inc(&crypt->refcnt);
296 res = crypt->ops->decrypt_mpdu(skb, hdrlen, crypt->priv);
297 atomic_dec(&crypt->refcnt);
299 netdev_dbg(ieee->dev, "decryption failed (SA= %pM) res=%d\n",
302 netdev_dbg(ieee->dev,
303 "Decryption failed ICV mismatch (key %d)\n",
304 skb->data[hdrlen + 3] >> 6);
311 /* Called only as a tasklet (software IRQ), by rtllib_rx */
313 rtllib_rx_frame_decrypt_msdu(struct rtllib_device *ieee, struct sk_buff *skb,
314 int keyidx, struct lib80211_crypt_data *crypt)
316 struct ieee80211_hdr *hdr;
319 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL)
321 if (ieee->hwsec_active) {
322 struct cb_desc *tcb_desc = (struct cb_desc *)
323 (skb->cb + MAX_DEV_ADDR_SIZE);
325 tcb_desc->bHwSec = 1;
327 if (ieee->need_sw_enc)
328 tcb_desc->bHwSec = 0;
331 hdr = (struct ieee80211_hdr *)skb->data;
332 hdrlen = rtllib_get_hdrlen(le16_to_cpu(hdr->frame_control));
334 atomic_inc(&crypt->refcnt);
335 res = crypt->ops->decrypt_msdu(skb, keyidx, hdrlen, crypt->priv);
336 atomic_dec(&crypt->refcnt);
338 netdev_dbg(ieee->dev,
339 "MSDU decryption/MIC verification failed (SA= %pM keyidx=%d)\n",
347 /* this function is stolen from ipw2200 driver*/
348 #define IEEE_PACKET_RETRY_TIME (5 * HZ)
349 static int is_duplicate_packet(struct rtllib_device *ieee,
350 struct ieee80211_hdr *header)
352 u16 fc = le16_to_cpu(header->frame_control);
353 u16 sc = le16_to_cpu(header->seq_ctrl);
354 u16 seq = WLAN_GET_SEQ_SEQ(sc);
355 u16 frag = WLAN_GET_SEQ_FRAG(sc);
356 u16 *last_seq, *last_frag;
357 unsigned long *last_time;
358 struct ieee80211_qos_hdr *hdr_3addrqos;
359 struct ieee80211_qos_hdr_4addr *hdr_4addrqos;
362 if (ieee80211_has_a4(header->frame_control) &&
363 RTLLIB_QOS_HAS_SEQ(fc)) {
364 hdr_4addrqos = (struct ieee80211_qos_hdr_4addr *)header;
365 tid = le16_to_cpu(hdr_4addrqos->qos_ctrl) & RTLLIB_QCTL_TID;
368 } else if (RTLLIB_QOS_HAS_SEQ(fc)) {
369 hdr_3addrqos = (struct ieee80211_qos_hdr *)header;
370 tid = le16_to_cpu(hdr_3addrqos->qos_ctrl) & RTLLIB_QCTL_TID;
377 switch (ieee->iw_mode) {
379 last_seq = &ieee->last_rxseq_num[tid];
380 last_frag = &ieee->last_rxfrag_num[tid];
381 last_time = &ieee->last_packet_time[tid];
387 if ((*last_seq == seq) &&
388 time_after(*last_time + IEEE_PACKET_RETRY_TIME, jiffies)) {
389 if (*last_frag == frag)
391 if (*last_frag + 1 != frag)
392 /* out-of-order fragment */
399 *last_time = jiffies;
407 static bool AddReorderEntry(struct rx_ts_record *ts,
408 struct rx_reorder_entry *pReorderEntry)
410 struct list_head *pList = &ts->rx_pending_pkt_list;
412 while (pList->next != &ts->rx_pending_pkt_list) {
413 if (SN_LESS(pReorderEntry->SeqNum, ((struct rx_reorder_entry *)
414 list_entry(pList->next, struct rx_reorder_entry,
417 else if (SN_EQUAL(pReorderEntry->SeqNum,
418 ((struct rx_reorder_entry *)list_entry(pList->next,
419 struct rx_reorder_entry, List))->SeqNum))
424 pReorderEntry->List.next = pList->next;
425 pReorderEntry->List.next->prev = &pReorderEntry->List;
426 pReorderEntry->List.prev = pList;
427 pList->next = &pReorderEntry->List;
432 void rtllib_indicate_packets(struct rtllib_device *ieee,
433 struct rtllib_rxb **prxbIndicateArray, u8 index)
435 struct net_device_stats *stats = &ieee->stats;
439 for (j = 0; j < index; j++) {
440 struct rtllib_rxb *prxb = prxbIndicateArray[j];
442 for (i = 0; i < prxb->nr_subframes; i++) {
443 struct sk_buff *sub_skb = prxb->subframes[i];
445 /* convert hdr + possible LLC headers into Ethernet header */
446 ethertype = (sub_skb->data[6] << 8) | sub_skb->data[7];
447 if (sub_skb->len >= 8 &&
448 ((memcmp(sub_skb->data, rfc1042_header,
450 ethertype != ETH_P_AARP &&
451 ethertype != ETH_P_IPX) ||
452 memcmp(sub_skb->data, bridge_tunnel_header,
454 /* remove RFC1042 or Bridge-Tunnel encapsulation
455 * and replace EtherType
457 skb_pull(sub_skb, SNAP_SIZE);
458 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->src, ETH_ALEN);
459 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->dst, ETH_ALEN);
462 /* Leave Ethernet header part of hdr and full payload */
464 memcpy(skb_push(sub_skb, 2), &len, 2);
465 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->src, ETH_ALEN);
466 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->dst, ETH_ALEN);
469 /* Indicate the packets to upper layer */
472 stats->rx_bytes += sub_skb->len;
474 memset(sub_skb->cb, 0, sizeof(sub_skb->cb));
475 sub_skb->protocol = eth_type_trans(sub_skb,
477 sub_skb->dev = ieee->dev;
478 sub_skb->dev->stats.rx_packets++;
479 sub_skb->dev->stats.rx_bytes += sub_skb->len;
480 /* 802.11 crc not sufficient */
481 sub_skb->ip_summed = CHECKSUM_NONE;
482 ieee->last_rx_ps_time = jiffies;
491 void rtllib_FlushRxTsPendingPkts(struct rtllib_device *ieee,
492 struct rx_ts_record *ts)
494 struct rx_reorder_entry *pRxReorderEntry;
497 del_timer_sync(&ts->rx_pkt_pending_timer);
498 while (!list_empty(&ts->rx_pending_pkt_list)) {
499 if (RfdCnt >= REORDER_WIN_SIZE) {
500 netdev_info(ieee->dev,
501 "-------------->%s() error! RfdCnt >= REORDER_WIN_SIZE\n",
506 pRxReorderEntry = (struct rx_reorder_entry *)
507 list_entry(ts->rx_pending_pkt_list.prev,
508 struct rx_reorder_entry, List);
509 netdev_dbg(ieee->dev, "%s(): Indicate SeqNum %d!\n", __func__,
510 pRxReorderEntry->SeqNum);
511 list_del_init(&pRxReorderEntry->List);
513 ieee->RfdArray[RfdCnt] = pRxReorderEntry->prxb;
516 list_add_tail(&pRxReorderEntry->List,
517 &ieee->RxReorder_Unused_List);
519 rtllib_indicate_packets(ieee, ieee->RfdArray, RfdCnt);
521 ts->rx_indicate_seq = 0xffff;
524 static void RxReorderIndicatePacket(struct rtllib_device *ieee,
525 struct rtllib_rxb *prxb,
526 struct rx_ts_record *ts, u16 SeqNum)
528 struct rt_hi_throughput *ht_info = ieee->ht_info;
529 struct rx_reorder_entry *pReorderEntry = NULL;
530 u8 WinSize = ht_info->rx_reorder_win_size;
533 bool bMatchWinStart = false, bPktInBuf = false;
536 netdev_dbg(ieee->dev,
537 "%s(): Seq is %d, ts->rx_indicate_seq is %d, WinSize is %d\n",
538 __func__, SeqNum, ts->rx_indicate_seq, WinSize);
540 spin_lock_irqsave(&(ieee->reorder_spinlock), flags);
542 WinEnd = (ts->rx_indicate_seq + WinSize - 1) % 4096;
543 /* Rx Reorder initialize condition.*/
544 if (ts->rx_indicate_seq == 0xffff)
545 ts->rx_indicate_seq = SeqNum;
547 /* Drop out the packet which SeqNum is smaller than WinStart */
548 if (SN_LESS(SeqNum, ts->rx_indicate_seq)) {
549 netdev_dbg(ieee->dev,
550 "Packet Drop! IndicateSeq: %d, NewSeq: %d\n",
551 ts->rx_indicate_seq, SeqNum);
552 ht_info->rx_reorder_drop_counter++;
556 for (i = 0; i < prxb->nr_subframes; i++)
557 dev_kfree_skb(prxb->subframes[i]);
561 spin_unlock_irqrestore(&(ieee->reorder_spinlock), flags);
565 /* Sliding window manipulation. Conditions includes:
566 * 1. Incoming SeqNum is equal to WinStart =>Window shift 1
567 * 2. Incoming SeqNum is larger than the WinEnd => Window shift N
569 if (SN_EQUAL(SeqNum, ts->rx_indicate_seq)) {
570 ts->rx_indicate_seq = (ts->rx_indicate_seq + 1) % 4096;
571 bMatchWinStart = true;
572 } else if (SN_LESS(WinEnd, SeqNum)) {
573 if (SeqNum >= (WinSize - 1))
574 ts->rx_indicate_seq = SeqNum + 1 - WinSize;
576 ts->rx_indicate_seq = 4095 -
577 (WinSize - (SeqNum + 1)) + 1;
578 netdev_dbg(ieee->dev,
579 "Window Shift! IndicateSeq: %d, NewSeq: %d\n",
580 ts->rx_indicate_seq, SeqNum);
583 /* Indication process.
584 * After Packet dropping and Sliding Window shifting as above, we can
585 * now just indicate the packets with the SeqNum smaller than latest
586 * WinStart and struct buffer other packets.
588 * For Rx Reorder condition:
589 * 1. All packets with SeqNum smaller than WinStart => Indicate
590 * 2. All packets with SeqNum larger than or equal to
591 * WinStart => Buffer it.
593 if (bMatchWinStart) {
594 /* Current packet is going to be indicated.*/
595 netdev_dbg(ieee->dev,
596 "Packets indication! IndicateSeq: %d, NewSeq: %d\n",
597 ts->rx_indicate_seq, SeqNum);
598 ieee->prxbIndicateArray[0] = prxb;
601 /* Current packet is going to be inserted into pending list.*/
602 if (!list_empty(&ieee->RxReorder_Unused_List)) {
603 pReorderEntry = (struct rx_reorder_entry *)
604 list_entry(ieee->RxReorder_Unused_List.next,
605 struct rx_reorder_entry, List);
606 list_del_init(&pReorderEntry->List);
608 /* Make a reorder entry and insert
609 * into a the packet list.
611 pReorderEntry->SeqNum = SeqNum;
612 pReorderEntry->prxb = prxb;
614 if (!AddReorderEntry(ts, pReorderEntry)) {
617 netdev_dbg(ieee->dev,
618 "%s(): Duplicate packet is dropped. IndicateSeq: %d, NewSeq: %d\n",
619 __func__, ts->rx_indicate_seq,
621 list_add_tail(&pReorderEntry->List,
622 &ieee->RxReorder_Unused_List);
624 for (i = 0; i < prxb->nr_subframes; i++)
625 dev_kfree_skb(prxb->subframes[i]);
629 netdev_dbg(ieee->dev,
630 "Pkt insert into struct buffer. IndicateSeq: %d, NewSeq: %d\n",
631 ts->rx_indicate_seq, SeqNum);
634 /* Packets are dropped if there are not enough reorder
635 * entries. This part should be modified!! We can just
636 * indicate all the packets in struct buffer and get
639 netdev_err(ieee->dev,
640 "%s(): There is no reorder entry! Packet is dropped!\n",
645 for (i = 0; i < prxb->nr_subframes; i++)
646 dev_kfree_skb(prxb->subframes[i]);
653 /* Check if there is any packet need indicate.*/
654 while (!list_empty(&ts->rx_pending_pkt_list)) {
655 netdev_dbg(ieee->dev, "%s(): start RREORDER indicate\n",
658 pReorderEntry = (struct rx_reorder_entry *)
659 list_entry(ts->rx_pending_pkt_list.prev,
660 struct rx_reorder_entry,
662 if (SN_LESS(pReorderEntry->SeqNum, ts->rx_indicate_seq) ||
663 SN_EQUAL(pReorderEntry->SeqNum, ts->rx_indicate_seq)) {
664 /* This protect struct buffer from overflow. */
665 if (index >= REORDER_WIN_SIZE) {
666 netdev_err(ieee->dev,
667 "%s(): Buffer overflow!\n",
673 list_del_init(&pReorderEntry->List);
675 if (SN_EQUAL(pReorderEntry->SeqNum, ts->rx_indicate_seq))
676 ts->rx_indicate_seq = (ts->rx_indicate_seq + 1) %
679 ieee->prxbIndicateArray[index] = pReorderEntry->prxb;
680 netdev_dbg(ieee->dev, "%s(): Indicate SeqNum %d!\n",
681 __func__, pReorderEntry->SeqNum);
684 list_add_tail(&pReorderEntry->List,
685 &ieee->RxReorder_Unused_List);
692 /* Handling pending timer. Set this timer to prevent from long time
696 spin_unlock_irqrestore(&ieee->reorder_spinlock, flags);
697 if (timer_pending(&ts->rx_pkt_pending_timer))
698 del_timer_sync(&ts->rx_pkt_pending_timer);
699 spin_lock_irqsave(&ieee->reorder_spinlock, flags);
700 ts->rx_timeout_indicate_seq = 0xffff;
702 if (index > REORDER_WIN_SIZE) {
703 netdev_err(ieee->dev,
704 "%s(): Rx Reorder struct buffer full!\n",
706 spin_unlock_irqrestore(&(ieee->reorder_spinlock),
710 rtllib_indicate_packets(ieee, ieee->prxbIndicateArray, index);
714 if (bPktInBuf && ts->rx_timeout_indicate_seq == 0xffff) {
715 netdev_dbg(ieee->dev, "%s(): SET rx timeout timer\n", __func__);
716 ts->rx_timeout_indicate_seq = ts->rx_indicate_seq;
717 spin_unlock_irqrestore(&ieee->reorder_spinlock, flags);
718 mod_timer(&ts->rx_pkt_pending_timer, jiffies +
719 msecs_to_jiffies(ht_info->rx_reorder_pending_time));
720 spin_lock_irqsave(&ieee->reorder_spinlock, flags);
722 spin_unlock_irqrestore(&(ieee->reorder_spinlock), flags);
725 static u8 parse_subframe(struct rtllib_device *ieee, struct sk_buff *skb,
726 struct rtllib_rx_stats *rx_stats,
727 struct rtllib_rxb *rxb, u8 *src, u8 *dst)
729 struct ieee80211_hdr_3addr *hdr = (struct ieee80211_hdr_3addr *)skb->data;
730 u16 fc = le16_to_cpu(hdr->frame_control);
732 u16 LLCOffset = sizeof(struct ieee80211_hdr_3addr);
734 bool bIsAggregateFrame = false;
735 u16 nSubframe_Length;
736 u8 nPadding_Length = 0;
738 struct sk_buff *sub_skb;
739 /* just for debug purpose */
740 SeqNum = WLAN_GET_SEQ_SEQ(le16_to_cpu(hdr->seq_ctrl));
741 if ((RTLLIB_QOS_HAS_SEQ(fc)) &&
742 (((union frameqos *)(skb->data + RTLLIB_3ADDR_LEN))->field.reserved))
743 bIsAggregateFrame = true;
745 if (RTLLIB_QOS_HAS_SEQ(fc))
747 if (rx_stats->bContainHTC)
748 LLCOffset += sHTCLng;
750 ChkLength = LLCOffset;
752 if (skb->len <= ChkLength)
755 skb_pull(skb, LLCOffset);
756 ieee->bIsAggregateFrame = bIsAggregateFrame;
757 if (!bIsAggregateFrame) {
758 rxb->nr_subframes = 1;
760 /* altered by clark 3/30/2010
761 * The struct buffer size of the skb indicated to upper layer
762 * must be less than 5000, or the defraged IP datagram
763 * in the IP layer will exceed "ipfrag_high_tresh" and be
764 * discarded. so there must not use the function
765 * "skb_copy" and "skb_clone" for "skb".
768 /* Allocate new skb for releasing to upper layer */
769 sub_skb = dev_alloc_skb(RTLLIB_SKBBUFFER_SIZE);
772 skb_reserve(sub_skb, 12);
773 skb_put_data(sub_skb, skb->data, skb->len);
774 sub_skb->dev = ieee->dev;
776 rxb->subframes[0] = sub_skb;
778 memcpy(rxb->src, src, ETH_ALEN);
779 memcpy(rxb->dst, dst, ETH_ALEN);
780 rxb->subframes[0]->dev = ieee->dev;
784 rxb->nr_subframes = 0;
785 memcpy(rxb->src, src, ETH_ALEN);
786 memcpy(rxb->dst, dst, ETH_ALEN);
787 while (skb->len > ETHERNET_HEADER_SIZE) {
788 /* Offset 12 denote 2 mac address */
789 nSubframe_Length = *((u16 *)(skb->data + 12));
790 nSubframe_Length = (nSubframe_Length >> 8) +
791 (nSubframe_Length << 8);
793 if (skb->len < (ETHERNET_HEADER_SIZE + nSubframe_Length)) {
794 netdev_info(ieee->dev,
795 "%s: A-MSDU parse error!! pRfd->nTotalSubframe : %d\n",
796 __func__, rxb->nr_subframes);
797 netdev_info(ieee->dev,
798 "%s: A-MSDU parse error!! Subframe Length: %d\n",
799 __func__, nSubframe_Length);
800 netdev_info(ieee->dev,
801 "nRemain_Length is %d and nSubframe_Length is : %d\n",
802 skb->len, nSubframe_Length);
803 netdev_info(ieee->dev,
804 "The Packet SeqNum is %d\n",
809 /* move the data point to data content */
810 skb_pull(skb, ETHERNET_HEADER_SIZE);
812 /* altered by clark 3/30/2010
813 * The struct buffer size of the skb indicated to upper layer
814 * must be less than 5000, or the defraged IP datagram
815 * in the IP layer will exceed "ipfrag_high_tresh" and be
816 * discarded. so there must not use the function
817 * "skb_copy" and "skb_clone" for "skb".
820 /* Allocate new skb for releasing to upper layer */
821 sub_skb = dev_alloc_skb(nSubframe_Length + 12);
824 skb_reserve(sub_skb, 12);
825 skb_put_data(sub_skb, skb->data, nSubframe_Length);
827 sub_skb->dev = ieee->dev;
828 rxb->subframes[rxb->nr_subframes++] = sub_skb;
829 if (rxb->nr_subframes >= MAX_SUBFRAME_COUNT) {
830 netdev_dbg(ieee->dev,
831 "ParseSubframe(): Too many Subframes! Packets dropped!\n");
834 skb_pull(skb, nSubframe_Length);
837 nPadding_Length = 4 - ((nSubframe_Length +
838 ETHERNET_HEADER_SIZE) % 4);
839 if (nPadding_Length == 4)
842 if (skb->len < nPadding_Length)
845 skb_pull(skb, nPadding_Length);
849 return rxb->nr_subframes;
852 static size_t rtllib_rx_get_hdrlen(struct rtllib_device *ieee,
854 struct rtllib_rx_stats *rx_stats)
856 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
857 u16 fc = le16_to_cpu(hdr->frame_control);
860 hdrlen = rtllib_get_hdrlen(fc);
861 if (HTCCheck(ieee, skb->data)) {
863 netdev_info(ieee->dev, "%s: find HTCControl!\n",
866 rx_stats->bContainHTC = true;
869 if (RTLLIB_QOS_HAS_SEQ(fc))
870 rx_stats->bIsQosData = true;
875 static int rtllib_rx_check_duplicate(struct rtllib_device *ieee,
876 struct sk_buff *skb, u8 multicast)
878 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
882 fc = le16_to_cpu(hdr->frame_control);
883 sc = le16_to_cpu(hdr->seq_ctrl);
884 frag = WLAN_GET_SEQ_FRAG(sc);
886 if (!ieee->ht_info->cur_rx_reorder_enable ||
887 !ieee->current_network.qos_data.active ||
888 !IsDataFrame(skb->data) ||
889 IsLegacyDataFrame(skb->data)) {
890 if (!ieee80211_is_beacon(hdr->frame_control)) {
891 if (is_duplicate_packet(ieee, hdr))
895 struct rx_ts_record *ts = NULL;
897 if (rtllib_get_ts(ieee, (struct ts_common_info **)&ts, hdr->addr2,
898 (u8)Frame_QoSTID((u8 *)(skb->data)), RX_DIR, true)) {
899 if ((fc & (1 << 11)) && (frag == ts->rx_last_frag_num) &&
900 (WLAN_GET_SEQ_SEQ(sc) == ts->rx_last_seq_num))
902 ts->rx_last_frag_num = frag;
903 ts->rx_last_seq_num = WLAN_GET_SEQ_SEQ(sc);
905 netdev_warn(ieee->dev, "%s(): No TS! Skip the check!\n",
914 static void rtllib_rx_extract_addr(struct rtllib_device *ieee,
915 struct ieee80211_hdr *hdr, u8 *dst,
918 u16 fc = le16_to_cpu(hdr->frame_control);
920 switch (fc & (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
921 case IEEE80211_FCTL_FROMDS:
922 ether_addr_copy(dst, hdr->addr1);
923 ether_addr_copy(src, hdr->addr3);
924 ether_addr_copy(bssid, hdr->addr2);
926 case IEEE80211_FCTL_TODS:
927 ether_addr_copy(dst, hdr->addr3);
928 ether_addr_copy(src, hdr->addr2);
929 ether_addr_copy(bssid, hdr->addr1);
931 case IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS:
932 ether_addr_copy(dst, hdr->addr3);
933 ether_addr_copy(src, hdr->addr4);
934 ether_addr_copy(bssid, ieee->current_network.bssid);
937 ether_addr_copy(dst, hdr->addr1);
938 ether_addr_copy(src, hdr->addr2);
939 ether_addr_copy(bssid, hdr->addr3);
944 static int rtllib_rx_data_filter(struct rtllib_device *ieee, struct ieee80211_hdr *hdr,
945 u8 *dst, u8 *src, u8 *bssid, u8 *addr2)
948 u16 fc = le16_to_cpu(hdr->frame_control);
949 type = WLAN_FC_GET_TYPE(fc);
950 stype = WLAN_FC_GET_STYPE(fc);
952 /* Filter frames from different BSS */
953 if (ieee80211_has_a4(hdr->frame_control) &&
954 !ether_addr_equal(ieee->current_network.bssid, bssid) &&
955 !is_zero_ether_addr(ieee->current_network.bssid)) {
959 /* Nullfunc frames may have PS-bit set, so they must be passed to
960 * hostap_handle_sta_rx() before being dropped here.
962 if (stype != IEEE80211_STYPE_DATA &&
963 stype != IEEE80211_STYPE_DATA_CFACK &&
964 stype != IEEE80211_STYPE_DATA_CFPOLL &&
965 stype != IEEE80211_STYPE_DATA_CFACKPOLL &&
966 stype != IEEE80211_STYPE_QOS_DATA) {
967 if (stype != IEEE80211_STYPE_NULLFUNC)
968 netdev_dbg(ieee->dev,
969 "RX: dropped data frame with no data (type=0x%02x, subtype=0x%02x)\n",
974 /* packets from our adapter are dropped (echo) */
975 if (!memcmp(src, ieee->dev->dev_addr, ETH_ALEN))
978 /* {broad,multi}cast packets to our BSS go through */
979 if (is_multicast_ether_addr(dst)) {
980 if (memcmp(bssid, ieee->current_network.bssid,
987 static int rtllib_rx_get_crypt(struct rtllib_device *ieee, struct sk_buff *skb,
988 struct lib80211_crypt_data **crypt, size_t hdrlen)
990 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
991 u16 fc = le16_to_cpu(hdr->frame_control);
994 if (skb->len >= hdrlen + 3)
995 idx = skb->data[hdrlen + 3] >> 6;
997 *crypt = ieee->crypt_info.crypt[idx];
998 /* allow NULL decrypt to indicate an station specific override
999 * for default encryption
1001 if (*crypt && ((*crypt)->ops == NULL ||
1002 (*crypt)->ops->decrypt_mpdu == NULL))
1005 if (!*crypt && (fc & IEEE80211_FCTL_PROTECTED)) {
1006 /* This seems to be triggered by some (multicast?)
1007 * frames from other than current BSS, so just drop the
1008 * frames silently instead of filling system log with
1011 netdev_dbg(ieee->dev,
1012 "Decryption failed (not set) (SA= %pM)\n",
1020 static int rtllib_rx_decrypt(struct rtllib_device *ieee, struct sk_buff *skb,
1021 struct rtllib_rx_stats *rx_stats,
1022 struct lib80211_crypt_data *crypt, size_t hdrlen)
1024 struct ieee80211_hdr *hdr;
1029 hdr = (struct ieee80211_hdr *)skb->data;
1030 fc = le16_to_cpu(hdr->frame_control);
1031 sc = le16_to_cpu(hdr->seq_ctrl);
1032 frag = WLAN_GET_SEQ_FRAG(sc);
1034 if ((!rx_stats->Decrypted))
1035 ieee->need_sw_enc = 1;
1037 ieee->need_sw_enc = 0;
1039 keyidx = rtllib_rx_frame_decrypt(ieee, skb, crypt);
1040 if ((fc & IEEE80211_FCTL_PROTECTED) && (keyidx < 0)) {
1041 netdev_info(ieee->dev, "%s: decrypt frame error\n", __func__);
1045 hdr = (struct ieee80211_hdr *)skb->data;
1046 if ((frag != 0 || (fc & IEEE80211_FCTL_MOREFRAGS))) {
1048 struct sk_buff *frag_skb = rtllib_frag_cache_get(ieee, hdr);
1050 netdev_dbg(ieee->dev, "Rx Fragment received (%u)\n", frag);
1053 netdev_dbg(ieee->dev,
1054 "Rx cannot get skb from fragment cache (morefrag=%d seq=%u frag=%u)\n",
1055 (fc & IEEE80211_FCTL_MOREFRAGS) != 0,
1056 WLAN_GET_SEQ_SEQ(sc), frag);
1063 if (frag_skb->tail + flen > frag_skb->end) {
1064 netdev_warn(ieee->dev,
1065 "%s: host decrypted and reassembled frame did not fit skb\n",
1067 rtllib_frag_cache_invalidate(ieee, hdr);
1072 /* copy first fragment (including full headers) into
1073 * beginning of the fragment cache skb
1075 skb_put_data(frag_skb, skb->data, flen);
1077 /* append frame payload to the end of the fragment
1080 skb_put_data(frag_skb, skb->data + hdrlen, flen);
1082 dev_kfree_skb_any(skb);
1085 if (fc & IEEE80211_FCTL_MOREFRAGS) {
1086 /* more fragments expected - leave the skb in fragment
1087 * cache for now; it will be delivered to upper layers
1088 * after all fragments have been received
1093 /* this was the last fragment and the frame will be
1094 * delivered, so remove skb from fragment cache
1097 hdr = (struct ieee80211_hdr *)skb->data;
1098 rtllib_frag_cache_invalidate(ieee, hdr);
1101 /* skb: hdr + (possible reassembled) full MSDU payload; possibly still
1102 * encrypted/authenticated
1104 if ((fc & IEEE80211_FCTL_PROTECTED) &&
1105 rtllib_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt)) {
1106 netdev_info(ieee->dev, "%s: ==>decrypt msdu error\n", __func__);
1110 hdr = (struct ieee80211_hdr *)skb->data;
1111 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) {
1112 if (/*ieee->ieee802_1x &&*/
1113 rtllib_is_eapol_frame(ieee, skb, hdrlen)) {
1114 /* pass unencrypted EAPOL frames even if encryption is
1117 struct eapol *eap = (struct eapol *)(skb->data +
1119 netdev_dbg(ieee->dev,
1120 "RX: IEEE 802.1X EAPOL frame: %s\n",
1121 eap_get_type(eap->type));
1123 netdev_dbg(ieee->dev,
1124 "encryption configured, but RX frame not encrypted (SA= %pM)\n",
1130 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) &&
1131 rtllib_is_eapol_frame(ieee, skb, hdrlen)) {
1132 struct eapol *eap = (struct eapol *)(skb->data + 24);
1134 netdev_dbg(ieee->dev, "RX: IEEE 802.1X EAPOL frame: %s\n",
1135 eap_get_type(eap->type));
1138 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep &&
1139 !rtllib_is_eapol_frame(ieee, skb, hdrlen)) {
1140 netdev_dbg(ieee->dev,
1141 "dropped unencrypted RX data frame from %pM (drop_unencrypted=1)\n",
1149 static void rtllib_rx_check_leave_lps(struct rtllib_device *ieee, u8 unicast,
1153 if (ieee->link_state == MAC80211_LINKED) {
1154 if (((ieee->link_detect_info.NumRxUnicastOkInPeriod +
1155 ieee->link_detect_info.NumTxOkInPeriod) > 8) ||
1156 (ieee->link_detect_info.NumRxUnicastOkInPeriod > 2)) {
1157 ieee->leisure_ps_leave(ieee->dev);
1161 ieee->last_rx_ps_time = jiffies;
1164 static void rtllib_rx_indicate_pkt_legacy(struct rtllib_device *ieee,
1165 struct rtllib_rx_stats *rx_stats,
1166 struct rtllib_rxb *rxb,
1170 struct net_device *dev = ieee->dev;
1175 netdev_info(dev, "%s: rxb is NULL!!\n", __func__);
1179 for (i = 0; i < rxb->nr_subframes; i++) {
1180 struct sk_buff *sub_skb = rxb->subframes[i];
1183 /* convert hdr + possible LLC headers
1184 * into Ethernet header
1186 ethertype = (sub_skb->data[6] << 8) | sub_skb->data[7];
1187 if (sub_skb->len >= 8 &&
1188 ((memcmp(sub_skb->data, rfc1042_header, SNAP_SIZE) == 0 &&
1189 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
1190 memcmp(sub_skb->data, bridge_tunnel_header, SNAP_SIZE) == 0)) {
1191 /* remove RFC1042 or Bridge-Tunnel encapsulation
1192 * and replace EtherType
1194 skb_pull(sub_skb, SNAP_SIZE);
1195 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1197 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1201 /* Leave Ethernet header part of hdr
1205 memcpy(skb_push(sub_skb, 2), &len, 2);
1206 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1208 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1212 ieee->stats.rx_packets++;
1213 ieee->stats.rx_bytes += sub_skb->len;
1215 if (is_multicast_ether_addr(dst))
1216 ieee->stats.multicast++;
1218 /* Indicate the packets to upper layer */
1219 memset(sub_skb->cb, 0, sizeof(sub_skb->cb));
1220 sub_skb->protocol = eth_type_trans(sub_skb, dev);
1222 sub_skb->dev->stats.rx_packets++;
1223 sub_skb->dev->stats.rx_bytes += sub_skb->len;
1224 /* 802.11 crc not sufficient */
1225 sub_skb->ip_summed = CHECKSUM_NONE;
1232 static int rtllib_rx_InfraAdhoc(struct rtllib_device *ieee, struct sk_buff *skb,
1233 struct rtllib_rx_stats *rx_stats)
1235 struct net_device *dev = ieee->dev;
1236 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1237 struct lib80211_crypt_data *crypt = NULL;
1238 struct rtllib_rxb *rxb = NULL;
1239 struct rx_ts_record *ts = NULL;
1240 u16 fc, sc, SeqNum = 0;
1241 u8 type, stype, multicast = 0, unicast = 0, nr_subframes = 0, TID = 0;
1244 u8 bssid[ETH_ALEN] = {0};
1247 bool bToOtherSTA = false;
1250 fc = le16_to_cpu(hdr->frame_control);
1251 type = WLAN_FC_GET_TYPE(fc);
1252 stype = WLAN_FC_GET_STYPE(fc);
1253 sc = le16_to_cpu(hdr->seq_ctrl);
1255 /*Filter pkt not to me*/
1256 multicast = is_multicast_ether_addr(hdr->addr1);
1257 unicast = !multicast;
1258 if (unicast && !ether_addr_equal(dev->dev_addr, hdr->addr1))
1261 /*Filter pkt has too small length */
1262 hdrlen = rtllib_rx_get_hdrlen(ieee, skb, rx_stats);
1263 if (skb->len < hdrlen) {
1265 "%s():ERR!!! skb->len is smaller than hdrlen\n",
1270 /* Filter Duplicate pkt */
1271 ret = rtllib_rx_check_duplicate(ieee, skb, multicast);
1275 /* Filter CTRL Frame */
1276 if (type == RTLLIB_FTYPE_CTL)
1279 /* Filter MGNT Frame */
1280 if (type == RTLLIB_FTYPE_MGMT) {
1283 if (rtllib_rx_frame_mgmt(ieee, skb, rx_stats, type, stype))
1289 /* Filter WAPI DATA Frame */
1291 /* Update statstics for AP roaming */
1293 ieee->link_detect_info.NumRecvDataInPeriod++;
1294 ieee->link_detect_info.NumRxOkInPeriod++;
1297 /* Data frame - extract src/dst addresses */
1298 rtllib_rx_extract_addr(ieee, hdr, dst, src, bssid);
1300 /* Filter Data frames */
1301 ret = rtllib_rx_data_filter(ieee, hdr, dst, src, bssid, hdr->addr2);
1305 if (skb->len == hdrlen)
1308 /* Send pspoll based on moredata */
1309 if ((ieee->iw_mode == IW_MODE_INFRA) &&
1310 (ieee->sta_sleep == LPS_IS_SLEEP) &&
1311 (ieee->polling) && (!bToOtherSTA)) {
1312 if (WLAN_FC_MORE_DATA(fc)) {
1313 /* more data bit is set, let's request a new frame
1316 rtllib_sta_ps_send_pspoll_frame(ieee);
1318 ieee->polling = false;
1322 /* Get crypt if encrypted */
1323 ret = rtllib_rx_get_crypt(ieee, skb, &crypt, hdrlen);
1327 /* Decrypt data frame (including reassemble) */
1328 ret = rtllib_rx_decrypt(ieee, skb, rx_stats, crypt, hdrlen);
1334 /* Get TS for Rx Reorder */
1335 hdr = (struct ieee80211_hdr *)skb->data;
1336 if (ieee->current_network.qos_data.active && IsQoSDataFrame(skb->data)
1337 && !is_multicast_ether_addr(hdr->addr1)
1338 && (!bToOtherSTA)) {
1339 TID = Frame_QoSTID(skb->data);
1340 SeqNum = WLAN_GET_SEQ_SEQ(sc);
1341 rtllib_get_ts(ieee, (struct ts_common_info **)&ts, hdr->addr2, TID,
1343 if (TID != 0 && TID != 3)
1344 ieee->bis_any_nonbepkts = true;
1347 /* Parse rx data frame (For AMSDU) */
1348 /* skb: hdr + (possible reassembled) full plaintext payload */
1349 rxb = kmalloc(sizeof(struct rtllib_rxb), GFP_ATOMIC);
1353 /* to parse amsdu packets */
1354 /* qos data packets & reserved bit is 1 */
1355 if (parse_subframe(ieee, skb, rx_stats, rxb, src, dst) == 0) {
1356 /* only to free rxb, and not submit the packets
1359 for (i = 0; i < rxb->nr_subframes; i++)
1360 dev_kfree_skb(rxb->subframes[i]);
1366 /* Update WAPI PN */
1368 /* Check if leave LPS */
1370 if (ieee->bIsAggregateFrame)
1371 nr_subframes = rxb->nr_subframes;
1375 ieee->link_detect_info.NumRxUnicastOkInPeriod += nr_subframes;
1376 rtllib_rx_check_leave_lps(ieee, unicast, nr_subframes);
1379 /* Indicate packets to upper layer or Rx Reorder */
1380 if (!ieee->ht_info->cur_rx_reorder_enable || ts == NULL || bToOtherSTA)
1381 rtllib_rx_indicate_pkt_legacy(ieee, rx_stats, rxb, dst, src);
1383 RxReorderIndicatePacket(ieee, rxb, ts, SeqNum);
1391 ieee->stats.rx_dropped++;
1393 /* Returning 0 indicates to caller that we have not handled the SKB--
1394 * so it is still allocated and can be used again by underlying
1395 * hardware as a DMA target
1400 static int rtllib_rx_Monitor(struct rtllib_device *ieee, struct sk_buff *skb,
1401 struct rtllib_rx_stats *rx_stats)
1403 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1404 u16 fc = le16_to_cpu(hdr->frame_control);
1405 size_t hdrlen = rtllib_get_hdrlen(fc);
1407 if (skb->len < hdrlen) {
1408 netdev_info(ieee->dev,
1409 "%s():ERR!!! skb->len is smaller than hdrlen\n",
1414 if (HTCCheck(ieee, skb->data)) {
1415 if (net_ratelimit())
1416 netdev_info(ieee->dev, "%s: Find HTCControl!\n",
1421 ieee->stats.rx_packets++;
1422 ieee->stats.rx_bytes += skb->len;
1423 rtllib_monitor_rx(ieee, skb, rx_stats, hdrlen);
1428 /* All received frames are sent to this function. @skb contains the frame in
1429 * IEEE 802.11 format, i.e., in the format it was sent over air.
1430 * This function is called only as a tasklet (software IRQ).
1432 int rtllib_rx(struct rtllib_device *ieee, struct sk_buff *skb,
1433 struct rtllib_rx_stats *rx_stats)
1437 if (!ieee || !skb || !rx_stats) {
1438 pr_info("%s: Input parameters NULL!\n", __func__);
1441 if (skb->len < 10) {
1442 netdev_info(ieee->dev, "%s: SKB length < 10\n", __func__);
1446 switch (ieee->iw_mode) {
1448 ret = rtllib_rx_InfraAdhoc(ieee, skb, rx_stats);
1450 case IW_MODE_MONITOR:
1451 ret = rtllib_rx_Monitor(ieee, skb, rx_stats);
1454 netdev_info(ieee->dev, "%s: ERR iw mode!!!\n", __func__);
1462 ieee->stats.rx_dropped++;
1465 EXPORT_SYMBOL(rtllib_rx);
1467 static u8 qos_oui[QOS_OUI_LEN] = { 0x00, 0x50, 0xF2 };
1469 /* Make ther structure we read from the beacon packet has the right values */
1470 static int rtllib_verify_qos_info(struct rtllib_qos_information_element
1471 *info_element, int sub_type)
1473 if (info_element->elementID != QOS_ELEMENT_ID)
1475 if (info_element->qui_subtype != sub_type)
1477 if (memcmp(info_element->qui, qos_oui, QOS_OUI_LEN))
1479 if (info_element->qui_type != QOS_OUI_TYPE)
1481 if (info_element->version != QOS_VERSION_1)
1487 /* Parse a QoS parameter element */
1488 static int rtllib_read_qos_param_element(
1489 struct rtllib_qos_parameter_info *element_param,
1490 struct rtllib_info_element *info_element)
1492 size_t size = sizeof(*element_param);
1494 if (!element_param || !info_element || info_element->len != size - 2)
1497 memcpy(element_param, info_element, size);
1498 return rtllib_verify_qos_info(&element_param->info_element,
1499 QOS_OUI_PARAM_SUB_TYPE);
1502 /* Parse a QoS information element */
1503 static int rtllib_read_qos_info_element(
1504 struct rtllib_qos_information_element *element_info,
1505 struct rtllib_info_element *info_element)
1507 size_t size = sizeof(*element_info);
1509 if (!element_info || !info_element || info_element->len != size - 2)
1512 memcpy(element_info, info_element, size);
1513 return rtllib_verify_qos_info(element_info, QOS_OUI_INFO_SUB_TYPE);
1516 /* Write QoS parameters from the ac parameters. */
1517 static int rtllib_qos_convert_ac_to_parameters(struct rtllib_qos_parameter_info *param_elm,
1518 struct rtllib_qos_data *qos_data)
1520 struct rtllib_qos_ac_parameter *ac_params;
1521 struct rtllib_qos_parameters *qos_param = &(qos_data->parameters);
1526 qos_data->wmm_acm = 0;
1527 for (i = 0; i < QOS_QUEUE_NUM; i++) {
1528 ac_params = &(param_elm->ac_params_record[i]);
1530 aci = (ac_params->aci_aifsn & 0x60) >> 5;
1531 acm = (ac_params->aci_aifsn & 0x10) >> 4;
1533 if (aci >= QOS_QUEUE_NUM)
1537 /* BIT(0) | BIT(3) */
1539 qos_data->wmm_acm |= (0x01 << 0) | (0x01 << 3);
1542 /* BIT(4) | BIT(5) */
1544 qos_data->wmm_acm |= (0x01 << 4) | (0x01 << 5);
1547 /* BIT(6) | BIT(7) */
1549 qos_data->wmm_acm |= (0x01 << 6) | (0x01 << 7);
1553 /* BIT(1) | BIT(2) */
1555 qos_data->wmm_acm |= (0x01 << 1) | (0x01 << 2);
1559 qos_param->aifs[aci] = (ac_params->aci_aifsn) & 0x0f;
1561 /* WMM spec P.11: The minimum value for AIFSN shall be 2 */
1562 qos_param->aifs[aci] = max_t(u8, qos_param->aifs[aci], 2);
1564 qos_param->cw_min[aci] = cpu_to_le16(ac_params->ecw_min_max &
1567 qos_param->cw_max[aci] = cpu_to_le16((ac_params->ecw_min_max &
1570 qos_param->flag[aci] =
1571 (ac_params->aci_aifsn & 0x10) ? 0x01 : 0x00;
1572 qos_param->tx_op_limit[aci] = ac_params->tx_op_limit;
1577 /* we have a generic data element which it may contain QoS information or
1578 * parameters element. check the information element length to decide
1579 * which type to read
1581 static int rtllib_parse_qos_info_param_IE(struct rtllib_device *ieee,
1582 struct rtllib_info_element
1584 struct rtllib_network *network)
1587 struct rtllib_qos_information_element qos_info_element;
1589 rc = rtllib_read_qos_info_element(&qos_info_element, info_element);
1592 network->qos_data.param_count = qos_info_element.ac_info & 0x0F;
1593 network->flags |= NETWORK_HAS_QOS_INFORMATION;
1595 struct rtllib_qos_parameter_info param_element;
1597 rc = rtllib_read_qos_param_element(¶m_element,
1600 rtllib_qos_convert_ac_to_parameters(¶m_element,
1601 &(network->qos_data));
1602 network->flags |= NETWORK_HAS_QOS_PARAMETERS;
1603 network->qos_data.param_count =
1604 param_element.info_element.ac_info & 0x0F;
1609 netdev_dbg(ieee->dev, "QoS is supported\n");
1610 network->qos_data.supported = 1;
1615 static const char *get_info_element_string(u16 id)
1618 case MFIE_TYPE_SSID:
1620 case MFIE_TYPE_RATES:
1622 case MFIE_TYPE_FH_SET:
1624 case MFIE_TYPE_DS_SET:
1626 case MFIE_TYPE_CF_SET:
1630 case MFIE_TYPE_IBSS_SET:
1632 case MFIE_TYPE_COUNTRY:
1634 case MFIE_TYPE_HOP_PARAMS:
1635 return "HOP_PARAMS";
1636 case MFIE_TYPE_HOP_TABLE:
1638 case MFIE_TYPE_REQUEST:
1640 case MFIE_TYPE_CHALLENGE:
1642 case MFIE_TYPE_POWER_CONSTRAINT:
1643 return "POWER_CONSTRAINT";
1644 case MFIE_TYPE_POWER_CAPABILITY:
1645 return "POWER_CAPABILITY";
1646 case MFIE_TYPE_TPC_REQUEST:
1647 return "TPC_REQUEST";
1648 case MFIE_TYPE_TPC_REPORT:
1649 return "TPC_REPORT";
1650 case MFIE_TYPE_SUPP_CHANNELS:
1651 return "SUPP_CHANNELS";
1654 case MFIE_TYPE_MEASURE_REQUEST:
1655 return "MEASURE_REQUEST";
1656 case MFIE_TYPE_MEASURE_REPORT:
1657 return "MEASURE_REPORT";
1658 case MFIE_TYPE_QUIET:
1660 case MFIE_TYPE_IBSS_DFS:
1664 case MFIE_TYPE_RATES_EX:
1666 case MFIE_TYPE_GENERIC:
1668 case MFIE_TYPE_QOS_PARAMETER:
1669 return "QOS_PARAMETER";
1675 static inline void rtllib_extract_country_ie(
1676 struct rtllib_device *ieee,
1677 struct rtllib_info_element *info_element,
1678 struct rtllib_network *network,
1681 if (IS_DOT11D_ENABLE(ieee)) {
1682 if (info_element->len != 0) {
1683 memcpy(network->CountryIeBuf, info_element->data,
1685 network->CountryIeLen = info_element->len;
1687 if (!IS_COUNTRY_IE_VALID(ieee)) {
1688 if (rtllib_act_scanning(ieee, false) &&
1689 ieee->FirstIe_InScan)
1690 netdev_info(ieee->dev,
1691 "Received beacon CountryIE, SSID: <%s>\n",
1693 dot11d_update_country(ieee, addr2,
1695 info_element->data);
1699 if (IS_EQUAL_CIE_SRC(ieee, addr2))
1700 UPDATE_CIE_WATCHDOG(ieee);
1704 static void rtllib_parse_mife_generic(struct rtllib_device *ieee,
1705 struct rtllib_info_element *info_element,
1706 struct rtllib_network *network,
1708 u16 *tmp_htinfo_len)
1710 u16 ht_realtek_agg_len = 0;
1711 u8 ht_realtek_agg_buf[MAX_IE_LEN];
1713 if (!rtllib_parse_qos_info_param_IE(ieee, info_element, network))
1715 if (info_element->len >= 4 &&
1716 info_element->data[0] == 0x00 &&
1717 info_element->data[1] == 0x50 &&
1718 info_element->data[2] == 0xf2 &&
1719 info_element->data[3] == 0x01) {
1720 network->wpa_ie_len = min(info_element->len + 2,
1722 memcpy(network->wpa_ie, info_element, network->wpa_ie_len);
1725 if (info_element->len == 7 &&
1726 info_element->data[0] == 0x00 &&
1727 info_element->data[1] == 0xe0 &&
1728 info_element->data[2] == 0x4c &&
1729 info_element->data[3] == 0x01 &&
1730 info_element->data[4] == 0x02)
1731 network->Turbo_Enable = 1;
1733 if (*tmp_htcap_len == 0) {
1734 if (info_element->len >= 4 &&
1735 info_element->data[0] == 0x00 &&
1736 info_element->data[1] == 0x90 &&
1737 info_element->data[2] == 0x4c &&
1738 info_element->data[3] == 0x033) {
1739 *tmp_htcap_len = min_t(u8, info_element->len,
1741 if (*tmp_htcap_len != 0) {
1742 network->bssht.bd_ht_spec_ver = HT_SPEC_VER_EWC;
1743 network->bssht.bd_ht_cap_len = min_t(u16, *tmp_htcap_len,
1744 sizeof(network->bssht.bd_ht_cap_buf));
1745 memcpy(network->bssht.bd_ht_cap_buf,
1747 network->bssht.bd_ht_cap_len);
1750 if (*tmp_htcap_len != 0) {
1751 network->bssht.bd_support_ht = true;
1752 network->bssht.bd_ht_1r = ((((struct ht_capab_ele *)(network->bssht.bd_ht_cap_buf))->MCS[1]) == 0);
1754 network->bssht.bd_support_ht = false;
1755 network->bssht.bd_ht_1r = false;
1759 if (*tmp_htinfo_len == 0) {
1760 if (info_element->len >= 4 &&
1761 info_element->data[0] == 0x00 &&
1762 info_element->data[1] == 0x90 &&
1763 info_element->data[2] == 0x4c &&
1764 info_element->data[3] == 0x034) {
1765 *tmp_htinfo_len = min_t(u8, info_element->len,
1767 if (*tmp_htinfo_len != 0) {
1768 network->bssht.bd_ht_spec_ver = HT_SPEC_VER_EWC;
1769 network->bssht.bd_ht_info_len = min_t(u16, *tmp_htinfo_len,
1770 sizeof(network->bssht.bd_ht_info_buf));
1771 memcpy(network->bssht.bd_ht_info_buf,
1773 network->bssht.bd_ht_info_len);
1778 if (network->bssht.bd_support_ht) {
1779 if (info_element->len >= 4 &&
1780 info_element->data[0] == 0x00 &&
1781 info_element->data[1] == 0xe0 &&
1782 info_element->data[2] == 0x4c &&
1783 info_element->data[3] == 0x02) {
1784 ht_realtek_agg_len = min_t(u8, info_element->len,
1786 memcpy(ht_realtek_agg_buf, info_element->data,
1789 if (ht_realtek_agg_len >= 5) {
1790 network->realtek_cap_exit = true;
1791 network->bssht.bd_rt2rt_aggregation = true;
1793 if ((ht_realtek_agg_buf[4] == 1) &&
1794 (ht_realtek_agg_buf[5] & 0x02))
1795 network->bssht.bd_rt2rt_long_slot_time = true;
1797 if ((ht_realtek_agg_buf[4] == 1) &&
1798 (ht_realtek_agg_buf[5] & RT_HT_CAP_USE_92SE))
1799 network->bssht.rt2rt_ht_mode |= RT_HT_CAP_USE_92SE;
1802 if (ht_realtek_agg_len >= 5) {
1803 if ((ht_realtek_agg_buf[5] & RT_HT_CAP_USE_SOFTAP))
1804 network->bssht.rt2rt_ht_mode |= RT_HT_CAP_USE_SOFTAP;
1807 if ((info_element->len >= 3 &&
1808 info_element->data[0] == 0x00 &&
1809 info_element->data[1] == 0x05 &&
1810 info_element->data[2] == 0xb5) ||
1811 (info_element->len >= 3 &&
1812 info_element->data[0] == 0x00 &&
1813 info_element->data[1] == 0x0a &&
1814 info_element->data[2] == 0xf7) ||
1815 (info_element->len >= 3 &&
1816 info_element->data[0] == 0x00 &&
1817 info_element->data[1] == 0x10 &&
1818 info_element->data[2] == 0x18)) {
1819 network->broadcom_cap_exist = true;
1821 if (info_element->len >= 3 &&
1822 info_element->data[0] == 0x00 &&
1823 info_element->data[1] == 0x0c &&
1824 info_element->data[2] == 0x43)
1825 network->ralink_cap_exist = true;
1826 if ((info_element->len >= 3 &&
1827 info_element->data[0] == 0x00 &&
1828 info_element->data[1] == 0x03 &&
1829 info_element->data[2] == 0x7f) ||
1830 (info_element->len >= 3 &&
1831 info_element->data[0] == 0x00 &&
1832 info_element->data[1] == 0x13 &&
1833 info_element->data[2] == 0x74))
1834 network->atheros_cap_exist = true;
1836 if ((info_element->len >= 3 &&
1837 info_element->data[0] == 0x00 &&
1838 info_element->data[1] == 0x50 &&
1839 info_element->data[2] == 0x43))
1840 network->marvell_cap_exist = true;
1841 if (info_element->len >= 3 &&
1842 info_element->data[0] == 0x00 &&
1843 info_element->data[1] == 0x40 &&
1844 info_element->data[2] == 0x96)
1845 network->cisco_cap_exist = true;
1847 if (info_element->len >= 3 &&
1848 info_element->data[0] == 0x00 &&
1849 info_element->data[1] == 0x0a &&
1850 info_element->data[2] == 0xf5)
1851 network->airgo_cap_exist = true;
1853 if (info_element->len > 4 &&
1854 info_element->data[0] == 0x00 &&
1855 info_element->data[1] == 0x40 &&
1856 info_element->data[2] == 0x96 &&
1857 info_element->data[3] == 0x01) {
1858 if (info_element->len == 6) {
1859 memcpy(network->CcxRmState, &info_element->data[4], 2);
1860 if (network->CcxRmState[0] != 0)
1861 network->bCcxRmEnable = true;
1863 network->bCcxRmEnable = false;
1864 network->MBssidMask = network->CcxRmState[1] & 0x07;
1865 if (network->MBssidMask != 0) {
1866 network->bMBssidValid = true;
1867 network->MBssidMask = 0xff <<
1868 (network->MBssidMask);
1869 ether_addr_copy(network->MBssid,
1871 network->MBssid[5] &= network->MBssidMask;
1873 network->bMBssidValid = false;
1876 network->bCcxRmEnable = false;
1879 if (info_element->len > 4 &&
1880 info_element->data[0] == 0x00 &&
1881 info_element->data[1] == 0x40 &&
1882 info_element->data[2] == 0x96 &&
1883 info_element->data[3] == 0x03) {
1884 if (info_element->len == 5) {
1885 network->bWithCcxVerNum = true;
1886 network->BssCcxVerNumber = info_element->data[4];
1888 network->bWithCcxVerNum = false;
1889 network->BssCcxVerNumber = 0;
1892 if (info_element->len > 4 &&
1893 info_element->data[0] == 0x00 &&
1894 info_element->data[1] == 0x50 &&
1895 info_element->data[2] == 0xf2 &&
1896 info_element->data[3] == 0x04) {
1897 netdev_dbg(ieee->dev, "MFIE_TYPE_WZC: %d bytes\n",
1899 network->wzc_ie_len = min(info_element->len + 2, MAX_WZC_IE_LEN);
1900 memcpy(network->wzc_ie, info_element, network->wzc_ie_len);
1904 static void rtllib_parse_mfie_ht_cap(struct rtllib_info_element *info_element,
1905 struct rtllib_network *network,
1908 struct bss_ht *ht = &network->bssht;
1910 *tmp_htcap_len = min_t(u8, info_element->len, MAX_IE_LEN);
1911 if (*tmp_htcap_len != 0) {
1912 ht->bd_ht_spec_ver = HT_SPEC_VER_EWC;
1913 ht->bd_ht_cap_len = min_t(u16, *tmp_htcap_len,
1914 sizeof(ht->bd_ht_cap_buf));
1915 memcpy(ht->bd_ht_cap_buf, info_element->data, ht->bd_ht_cap_len);
1917 ht->bd_support_ht = true;
1918 ht->bd_ht_1r = ((((struct ht_capab_ele *)
1919 ht->bd_ht_cap_buf))->MCS[1]) == 0;
1921 ht->bd_bandwidth = (enum ht_channel_width)
1922 (((struct ht_capab_ele *)
1923 (ht->bd_ht_cap_buf))->ChlWidth);
1925 ht->bd_support_ht = false;
1926 ht->bd_ht_1r = false;
1927 ht->bd_bandwidth = HT_CHANNEL_WIDTH_20;
1931 int rtllib_parse_info_param(struct rtllib_device *ieee,
1932 struct rtllib_info_element *info_element,
1934 struct rtllib_network *network,
1935 struct rtllib_rx_stats *stats)
1939 u16 tmp_htcap_len = 0;
1940 u16 tmp_htinfo_len = 0;
1944 while (length >= sizeof(*info_element)) {
1945 if (sizeof(*info_element) + info_element->len > length) {
1946 netdev_dbg(ieee->dev,
1947 "Info elem: parse failed: info_element->len + 2 > left : info_element->len+2=%zd left=%d, id=%d.\n",
1948 info_element->len + sizeof(*info_element),
1949 length, info_element->id);
1950 /* We stop processing but don't return an error here
1951 * because some misbehaviour APs break this rule. ie.
1957 switch (info_element->id) {
1958 case MFIE_TYPE_SSID:
1959 if (rtllib_is_empty_essid(info_element->data,
1960 info_element->len)) {
1961 network->flags |= NETWORK_EMPTY_ESSID;
1965 network->ssid_len = min(info_element->len,
1966 (u8)IW_ESSID_MAX_SIZE);
1967 memcpy(network->ssid, info_element->data,
1969 if (network->ssid_len < IW_ESSID_MAX_SIZE)
1970 memset(network->ssid + network->ssid_len, 0,
1971 IW_ESSID_MAX_SIZE - network->ssid_len);
1973 netdev_dbg(ieee->dev, "MFIE_TYPE_SSID: '%s' len=%d.\n",
1974 network->ssid, network->ssid_len);
1977 case MFIE_TYPE_RATES:
1979 network->rates_len = min(info_element->len,
1981 for (i = 0; i < network->rates_len; i++) {
1982 network->rates[i] = info_element->data[i];
1983 p += scnprintf(p, sizeof(rates_str) -
1984 (p - rates_str), "%02X ",
1986 if (rtllib_is_ofdm_rate
1987 (info_element->data[i])) {
1988 network->flags |= NETWORK_HAS_OFDM;
1989 if (info_element->data[i] &
1990 RTLLIB_BASIC_RATE_MASK)
1995 if (rtllib_is_cck_rate
1996 (info_element->data[i])) {
1997 network->flags |= NETWORK_HAS_CCK;
2001 netdev_dbg(ieee->dev, "MFIE_TYPE_RATES: '%s' (%d)\n",
2002 rates_str, network->rates_len);
2005 case MFIE_TYPE_RATES_EX:
2007 network->rates_ex_len = min(info_element->len,
2008 MAX_RATES_EX_LENGTH);
2009 for (i = 0; i < network->rates_ex_len; i++) {
2010 network->rates_ex[i] = info_element->data[i];
2011 p += scnprintf(p, sizeof(rates_str) -
2012 (p - rates_str), "%02X ",
2013 network->rates_ex[i]);
2014 if (rtllib_is_ofdm_rate
2015 (info_element->data[i])) {
2016 network->flags |= NETWORK_HAS_OFDM;
2017 if (info_element->data[i] &
2018 RTLLIB_BASIC_RATE_MASK)
2024 netdev_dbg(ieee->dev, "MFIE_TYPE_RATES_EX: '%s' (%d)\n",
2025 rates_str, network->rates_ex_len);
2028 case MFIE_TYPE_DS_SET:
2029 netdev_dbg(ieee->dev, "MFIE_TYPE_DS_SET: %d\n",
2030 info_element->data[0]);
2031 network->channel = info_element->data[0];
2034 case MFIE_TYPE_FH_SET:
2035 netdev_dbg(ieee->dev, "MFIE_TYPE_FH_SET: ignored\n");
2038 case MFIE_TYPE_CF_SET:
2039 netdev_dbg(ieee->dev, "MFIE_TYPE_CF_SET: ignored\n");
2043 if (info_element->len < 4)
2046 network->tim.tim_count = info_element->data[0];
2047 network->tim.tim_period = info_element->data[1];
2049 network->dtim_period = info_element->data[1];
2050 if (ieee->link_state != MAC80211_LINKED)
2052 network->last_dtim_sta_time = jiffies;
2054 network->dtim_data = RTLLIB_DTIM_VALID;
2056 if (info_element->data[2] & 1)
2057 network->dtim_data |= RTLLIB_DTIM_MBCAST;
2059 offset = (info_element->data[2] >> 1) * 2;
2061 if (ieee->assoc_id < 8 * offset ||
2062 ieee->assoc_id > 8 * (offset + info_element->len - 3))
2065 offset = (ieee->assoc_id / 8) - offset;
2066 if (info_element->data[3 + offset] &
2067 (1 << (ieee->assoc_id % 8)))
2068 network->dtim_data |= RTLLIB_DTIM_UCAST;
2070 network->listen_interval = network->dtim_period;
2074 network->erp_value = info_element->data[0];
2075 network->flags |= NETWORK_HAS_ERP_VALUE;
2076 netdev_dbg(ieee->dev, "MFIE_TYPE_ERP_SET: %d\n",
2077 network->erp_value);
2079 case MFIE_TYPE_IBSS_SET:
2080 network->atim_window = info_element->data[0];
2081 netdev_dbg(ieee->dev, "MFIE_TYPE_IBSS_SET: %d\n",
2082 network->atim_window);
2085 case MFIE_TYPE_CHALLENGE:
2086 netdev_dbg(ieee->dev, "MFIE_TYPE_CHALLENGE: ignored\n");
2089 case MFIE_TYPE_GENERIC:
2090 netdev_dbg(ieee->dev, "MFIE_TYPE_GENERIC: %d bytes\n",
2093 rtllib_parse_mife_generic(ieee, info_element, network,
2099 netdev_dbg(ieee->dev, "MFIE_TYPE_RSN: %d bytes\n",
2101 network->rsn_ie_len = min(info_element->len + 2,
2103 memcpy(network->rsn_ie, info_element,
2104 network->rsn_ie_len);
2107 case MFIE_TYPE_HT_CAP:
2108 netdev_dbg(ieee->dev, "MFIE_TYPE_HT_CAP: %d bytes\n",
2111 rtllib_parse_mfie_ht_cap(info_element, network,
2115 case MFIE_TYPE_HT_INFO:
2116 netdev_dbg(ieee->dev, "MFIE_TYPE_HT_INFO: %d bytes\n",
2118 tmp_htinfo_len = min_t(u8, info_element->len,
2120 if (tmp_htinfo_len) {
2121 network->bssht.bd_ht_spec_ver = HT_SPEC_VER_IEEE;
2122 network->bssht.bd_ht_info_len = tmp_htinfo_len >
2123 sizeof(network->bssht.bd_ht_info_buf) ?
2124 sizeof(network->bssht.bd_ht_info_buf) :
2126 memcpy(network->bssht.bd_ht_info_buf,
2128 network->bssht.bd_ht_info_len);
2132 case MFIE_TYPE_AIRONET:
2133 netdev_dbg(ieee->dev, "MFIE_TYPE_AIRONET: %d bytes\n",
2135 if (info_element->len > IE_CISCO_FLAG_POSITION) {
2136 network->bWithAironetIE = true;
2138 if ((info_element->data[IE_CISCO_FLAG_POSITION]
2139 & SUPPORT_CKIP_MIC) ||
2140 (info_element->data[IE_CISCO_FLAG_POSITION]
2142 network->bCkipSupported = true;
2144 network->bCkipSupported = false;
2146 network->bWithAironetIE = false;
2147 network->bCkipSupported = false;
2150 case MFIE_TYPE_QOS_PARAMETER:
2151 netdev_err(ieee->dev,
2152 "QoS Error need to parse QOS_PARAMETER IE\n");
2155 case MFIE_TYPE_COUNTRY:
2156 netdev_dbg(ieee->dev, "MFIE_TYPE_COUNTRY: %d bytes\n",
2158 rtllib_extract_country_ie(ieee, info_element, network,
2163 netdev_dbg(ieee->dev,
2164 "Unsupported info element: %s (%d)\n",
2165 get_info_element_string(info_element->id),
2170 length -= sizeof(*info_element) + info_element->len;
2172 (struct rtllib_info_element *)&info_element->data[info_element->len];
2175 if (!network->atheros_cap_exist && !network->broadcom_cap_exist &&
2176 !network->cisco_cap_exist && !network->ralink_cap_exist &&
2177 !network->bssht.bd_rt2rt_aggregation)
2178 network->unknown_cap_exist = true;
2180 network->unknown_cap_exist = false;
2184 static long rtllib_translate_todbm(u8 signal_strength_index)
2188 signal_power = (long)((signal_strength_index + 1) >> 1);
2191 return signal_power;
2194 static inline int rtllib_network_init(
2195 struct rtllib_device *ieee,
2196 struct rtllib_probe_response *beacon,
2197 struct rtllib_network *network,
2198 struct rtllib_rx_stats *stats)
2200 memset(&network->qos_data, 0, sizeof(struct rtllib_qos_data));
2202 /* Pull out fixed field data */
2203 ether_addr_copy(network->bssid, beacon->header.addr3);
2204 network->capability = le16_to_cpu(beacon->capability);
2205 network->last_scanned = jiffies;
2206 network->time_stamp[0] = beacon->time_stamp[0];
2207 network->time_stamp[1] = beacon->time_stamp[1];
2208 network->beacon_interval = le16_to_cpu(beacon->beacon_interval);
2209 /* Where to pull this? beacon->listen_interval;*/
2210 network->listen_interval = 0x0A;
2211 network->rates_len = network->rates_ex_len = 0;
2212 network->ssid_len = 0;
2213 network->hidden_ssid_len = 0;
2214 memset(network->hidden_ssid, 0, sizeof(network->hidden_ssid));
2216 network->atim_window = 0;
2217 network->erp_value = (network->capability & WLAN_CAPABILITY_IBSS) ?
2219 network->berp_info_valid = false;
2220 network->broadcom_cap_exist = false;
2221 network->ralink_cap_exist = false;
2222 network->atheros_cap_exist = false;
2223 network->cisco_cap_exist = false;
2224 network->unknown_cap_exist = false;
2225 network->realtek_cap_exit = false;
2226 network->marvell_cap_exist = false;
2227 network->airgo_cap_exist = false;
2228 network->Turbo_Enable = 0;
2229 network->SignalStrength = stats->SignalStrength;
2230 network->RSSI = stats->SignalStrength;
2231 network->CountryIeLen = 0;
2232 memset(network->CountryIeBuf, 0, MAX_IE_LEN);
2233 HTInitializeBssDesc(&network->bssht);
2234 network->flags |= NETWORK_HAS_CCK;
2236 network->wpa_ie_len = 0;
2237 network->rsn_ie_len = 0;
2238 network->wzc_ie_len = 0;
2240 if (rtllib_parse_info_param(ieee,
2241 beacon->info_element,
2242 (stats->len - sizeof(*beacon)),
2249 if (network->flags & NETWORK_HAS_OFDM)
2250 network->mode |= WIRELESS_MODE_G;
2251 if (network->flags & NETWORK_HAS_CCK)
2252 network->mode |= WIRELESS_MODE_B;
2254 if (network->mode == 0) {
2255 netdev_dbg(ieee->dev, "Filtered out '%s (%pM)' network.\n",
2256 escape_essid(network->ssid, network->ssid_len),
2261 if (network->bssht.bd_support_ht) {
2262 if (network->mode & (WIRELESS_MODE_G | WIRELESS_MODE_B))
2263 network->mode = WIRELESS_MODE_N_24G;
2265 if (rtllib_is_empty_essid(network->ssid, network->ssid_len))
2266 network->flags |= NETWORK_EMPTY_ESSID;
2267 stats->signal = 30 + (stats->SignalStrength * 70) / 100;
2268 stats->noise = rtllib_translate_todbm((u8)(100 - stats->signal)) - 25;
2270 memcpy(&network->stats, stats, sizeof(network->stats));
2275 static inline int is_same_network(struct rtllib_network *src,
2276 struct rtllib_network *dst, u8 ssidbroad)
2278 /* A network is only a duplicate if the channel, BSSID, ESSID
2279 * and the capability field (in particular IBSS and BSS) all match.
2280 * We treat all <hidden> with the same BSSID and channel
2283 return (((src->ssid_len == dst->ssid_len) || (!ssidbroad)) &&
2284 (src->channel == dst->channel) &&
2285 !memcmp(src->bssid, dst->bssid, ETH_ALEN) &&
2286 (!memcmp(src->ssid, dst->ssid, src->ssid_len) ||
2288 ((src->capability & WLAN_CAPABILITY_IBSS) ==
2289 (dst->capability & WLAN_CAPABILITY_IBSS)) &&
2290 ((src->capability & WLAN_CAPABILITY_ESS) ==
2291 (dst->capability & WLAN_CAPABILITY_ESS)));
2294 static inline void update_network(struct rtllib_device *ieee,
2295 struct rtllib_network *dst,
2296 struct rtllib_network *src)
2301 memcpy(&dst->stats, &src->stats, sizeof(struct rtllib_rx_stats));
2302 dst->capability = src->capability;
2303 memcpy(dst->rates, src->rates, src->rates_len);
2304 dst->rates_len = src->rates_len;
2305 memcpy(dst->rates_ex, src->rates_ex, src->rates_ex_len);
2306 dst->rates_ex_len = src->rates_ex_len;
2307 if (src->ssid_len > 0) {
2308 if (dst->ssid_len == 0) {
2309 memset(dst->hidden_ssid, 0, sizeof(dst->hidden_ssid));
2310 dst->hidden_ssid_len = src->ssid_len;
2311 memcpy(dst->hidden_ssid, src->ssid, src->ssid_len);
2313 memset(dst->ssid, 0, dst->ssid_len);
2314 dst->ssid_len = src->ssid_len;
2315 memcpy(dst->ssid, src->ssid, src->ssid_len);
2318 dst->mode = src->mode;
2319 dst->flags = src->flags;
2320 dst->time_stamp[0] = src->time_stamp[0];
2321 dst->time_stamp[1] = src->time_stamp[1];
2322 if (src->flags & NETWORK_HAS_ERP_VALUE) {
2323 dst->erp_value = src->erp_value;
2324 dst->berp_info_valid = src->berp_info_valid = true;
2326 dst->beacon_interval = src->beacon_interval;
2327 dst->listen_interval = src->listen_interval;
2328 dst->atim_window = src->atim_window;
2329 dst->dtim_period = src->dtim_period;
2330 dst->dtim_data = src->dtim_data;
2331 dst->last_dtim_sta_time = src->last_dtim_sta_time;
2332 memcpy(&dst->tim, &src->tim, sizeof(struct rtllib_tim_parameters));
2334 dst->bssht.bd_support_ht = src->bssht.bd_support_ht;
2335 dst->bssht.bd_rt2rt_aggregation = src->bssht.bd_rt2rt_aggregation;
2336 dst->bssht.bd_ht_cap_len = src->bssht.bd_ht_cap_len;
2337 memcpy(dst->bssht.bd_ht_cap_buf, src->bssht.bd_ht_cap_buf,
2338 src->bssht.bd_ht_cap_len);
2339 dst->bssht.bd_ht_info_len = src->bssht.bd_ht_info_len;
2340 memcpy(dst->bssht.bd_ht_info_buf, src->bssht.bd_ht_info_buf,
2341 src->bssht.bd_ht_info_len);
2342 dst->bssht.bd_ht_spec_ver = src->bssht.bd_ht_spec_ver;
2343 dst->bssht.bd_rt2rt_long_slot_time = src->bssht.bd_rt2rt_long_slot_time;
2344 dst->broadcom_cap_exist = src->broadcom_cap_exist;
2345 dst->ralink_cap_exist = src->ralink_cap_exist;
2346 dst->atheros_cap_exist = src->atheros_cap_exist;
2347 dst->realtek_cap_exit = src->realtek_cap_exit;
2348 dst->marvell_cap_exist = src->marvell_cap_exist;
2349 dst->cisco_cap_exist = src->cisco_cap_exist;
2350 dst->airgo_cap_exist = src->airgo_cap_exist;
2351 dst->unknown_cap_exist = src->unknown_cap_exist;
2352 memcpy(dst->wpa_ie, src->wpa_ie, src->wpa_ie_len);
2353 dst->wpa_ie_len = src->wpa_ie_len;
2354 memcpy(dst->rsn_ie, src->rsn_ie, src->rsn_ie_len);
2355 dst->rsn_ie_len = src->rsn_ie_len;
2356 memcpy(dst->wzc_ie, src->wzc_ie, src->wzc_ie_len);
2357 dst->wzc_ie_len = src->wzc_ie_len;
2359 dst->last_scanned = jiffies;
2360 /* qos related parameters */
2361 qos_active = dst->qos_data.active;
2362 old_param = dst->qos_data.param_count;
2363 dst->qos_data.supported = src->qos_data.supported;
2364 if (dst->flags & NETWORK_HAS_QOS_PARAMETERS)
2365 memcpy(&dst->qos_data, &src->qos_data,
2366 sizeof(struct rtllib_qos_data));
2367 if (dst->qos_data.supported == 1) {
2369 netdev_dbg(ieee->dev,
2370 "QoS the network %s is QoS supported\n",
2373 netdev_dbg(ieee->dev,
2374 "QoS the network is QoS supported\n");
2376 dst->qos_data.active = qos_active;
2377 dst->qos_data.old_param_count = old_param;
2379 dst->wmm_info = src->wmm_info;
2380 if (src->wmm_param[0].ac_aci_acm_aifsn ||
2381 src->wmm_param[1].ac_aci_acm_aifsn ||
2382 src->wmm_param[2].ac_aci_acm_aifsn ||
2383 src->wmm_param[3].ac_aci_acm_aifsn)
2384 memcpy(dst->wmm_param, src->wmm_param, WME_AC_PRAM_LEN);
2386 dst->SignalStrength = src->SignalStrength;
2387 dst->RSSI = src->RSSI;
2388 dst->Turbo_Enable = src->Turbo_Enable;
2390 dst->CountryIeLen = src->CountryIeLen;
2391 memcpy(dst->CountryIeBuf, src->CountryIeBuf, src->CountryIeLen);
2393 dst->bWithAironetIE = src->bWithAironetIE;
2394 dst->bCkipSupported = src->bCkipSupported;
2395 memcpy(dst->CcxRmState, src->CcxRmState, 2);
2396 dst->bCcxRmEnable = src->bCcxRmEnable;
2397 dst->MBssidMask = src->MBssidMask;
2398 dst->bMBssidValid = src->bMBssidValid;
2399 memcpy(dst->MBssid, src->MBssid, 6);
2400 dst->bWithCcxVerNum = src->bWithCcxVerNum;
2401 dst->BssCcxVerNumber = src->BssCcxVerNumber;
2404 static int IsPassiveChannel(struct rtllib_device *rtllib, u8 channel)
2406 if (channel > MAX_CHANNEL_NUMBER) {
2407 netdev_info(rtllib->dev, "%s(): Invalid Channel\n", __func__);
2411 if (rtllib->active_channel_map[channel] == 2)
2417 int rtllib_legal_channel(struct rtllib_device *rtllib, u8 channel)
2419 if (channel > MAX_CHANNEL_NUMBER) {
2420 netdev_info(rtllib->dev, "%s(): Invalid Channel\n", __func__);
2423 if (rtllib->active_channel_map[channel] > 0)
2428 EXPORT_SYMBOL(rtllib_legal_channel);
2430 static inline void rtllib_process_probe_response(
2431 struct rtllib_device *ieee,
2432 struct rtllib_probe_response *beacon,
2433 struct rtllib_rx_stats *stats)
2435 struct rtllib_network *target;
2436 struct rtllib_network *oldest = NULL;
2437 struct rtllib_info_element *info_element = &beacon->info_element[0];
2438 unsigned long flags;
2440 struct rtllib_network *network = kzalloc(sizeof(struct rtllib_network),
2442 __le16 frame_ctl = beacon->header.frame_control;
2447 netdev_dbg(ieee->dev,
2448 "'%s' ( %pM ): %c%c%c%c %c%c%c%c-%c%c%c%c %c%c%c%c\n",
2449 escape_essid(info_element->data, info_element->len),
2450 beacon->header.addr3,
2451 (le16_to_cpu(beacon->capability) & (1 << 0xf)) ? '1' : '0',
2452 (le16_to_cpu(beacon->capability) & (1 << 0xe)) ? '1' : '0',
2453 (le16_to_cpu(beacon->capability) & (1 << 0xd)) ? '1' : '0',
2454 (le16_to_cpu(beacon->capability) & (1 << 0xc)) ? '1' : '0',
2455 (le16_to_cpu(beacon->capability) & (1 << 0xb)) ? '1' : '0',
2456 (le16_to_cpu(beacon->capability) & (1 << 0xa)) ? '1' : '0',
2457 (le16_to_cpu(beacon->capability) & (1 << 0x9)) ? '1' : '0',
2458 (le16_to_cpu(beacon->capability) & (1 << 0x8)) ? '1' : '0',
2459 (le16_to_cpu(beacon->capability) & (1 << 0x7)) ? '1' : '0',
2460 (le16_to_cpu(beacon->capability) & (1 << 0x6)) ? '1' : '0',
2461 (le16_to_cpu(beacon->capability) & (1 << 0x5)) ? '1' : '0',
2462 (le16_to_cpu(beacon->capability) & (1 << 0x4)) ? '1' : '0',
2463 (le16_to_cpu(beacon->capability) & (1 << 0x3)) ? '1' : '0',
2464 (le16_to_cpu(beacon->capability) & (1 << 0x2)) ? '1' : '0',
2465 (le16_to_cpu(beacon->capability) & (1 << 0x1)) ? '1' : '0',
2466 (le16_to_cpu(beacon->capability) & (1 << 0x0)) ? '1' : '0');
2468 if (rtllib_network_init(ieee, beacon, network, stats)) {
2469 netdev_dbg(ieee->dev, "Dropped '%s' ( %pM) via %s.\n",
2470 escape_essid(info_element->data, info_element->len),
2471 beacon->header.addr3,
2472 ieee80211_is_beacon(frame_ctl) ? "BEACON" : "PROBE RESPONSE");
2476 if (!rtllib_legal_channel(ieee, network->channel))
2479 if (ieee80211_is_probe_resp(frame_ctl)) {
2480 if (IsPassiveChannel(ieee, network->channel)) {
2481 netdev_info(ieee->dev,
2482 "GetScanInfo(): For Global Domain, filter probe response at channel(%d).\n",
2488 /* The network parsed correctly -- so now we scan our known networks
2489 * to see if we can find it in our list.
2491 * NOTE: This search is definitely not optimized. Once its doing
2492 * the "right thing" we'll optimize it for efficiency if
2496 /* Search for this entry in the list and update it if it is
2500 spin_lock_irqsave(&ieee->lock, flags);
2501 if (is_same_network(&ieee->current_network, network,
2502 (network->ssid_len ? 1 : 0))) {
2503 update_network(ieee, &ieee->current_network, network);
2504 if ((ieee->current_network.mode == WIRELESS_MODE_N_24G ||
2505 ieee->current_network.mode == WIRELESS_MODE_G) &&
2506 ieee->current_network.berp_info_valid) {
2507 if (ieee->current_network.erp_value & ERP_UseProtection)
2508 ieee->current_network.buseprotection = true;
2510 ieee->current_network.buseprotection = false;
2512 if (ieee80211_is_beacon(frame_ctl)) {
2513 if (ieee->link_state >= MAC80211_LINKED)
2514 ieee->link_detect_info.NumRecvBcnInPeriod++;
2517 list_for_each_entry(target, &ieee->network_list, list) {
2518 if (is_same_network(target, network,
2519 (target->ssid_len ? 1 : 0)))
2521 if ((oldest == NULL) ||
2522 (target->last_scanned < oldest->last_scanned))
2526 /* If we didn't find a match, then get a new network slot to initialize
2527 * with this beacon's information
2529 if (&target->list == &ieee->network_list) {
2530 if (list_empty(&ieee->network_free_list)) {
2531 /* If there are no more slots, expire the oldest */
2532 list_del(&oldest->list);
2534 netdev_dbg(ieee->dev,
2535 "Expired '%s' ( %pM) from network list.\n",
2536 escape_essid(target->ssid, target->ssid_len),
2539 /* Otherwise just pull from the free list */
2540 target = list_entry(ieee->network_free_list.next,
2541 struct rtllib_network, list);
2542 list_del(ieee->network_free_list.next);
2545 netdev_dbg(ieee->dev, "Adding '%s' ( %pM) via %s.\n",
2546 escape_essid(network->ssid, network->ssid_len),
2548 ieee80211_is_beacon(frame_ctl) ? "BEACON" : "PROBE RESPONSE");
2550 memcpy(target, network, sizeof(*target));
2551 list_add_tail(&target->list, &ieee->network_list);
2552 if (ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE)
2553 rtllib_softmac_new_net(ieee, network);
2555 netdev_dbg(ieee->dev, "Updating '%s' ( %pM) via %s.\n",
2556 escape_essid(target->ssid, target->ssid_len),
2558 ieee80211_is_beacon(frame_ctl) ? "BEACON" : "PROBE RESPONSE");
2560 /* we have an entry and we are going to update it. But this
2561 * entry may be already expired. In this case we do the same
2562 * as we found a new net and call the new_net handler
2564 renew = !time_after(target->last_scanned + ieee->scan_age,
2566 if ((!target->ssid_len) &&
2567 (((network->ssid_len > 0) && (target->hidden_ssid_len == 0))
2568 || ((ieee->current_network.ssid_len == network->ssid_len) &&
2569 (strncmp(ieee->current_network.ssid, network->ssid,
2570 network->ssid_len) == 0) &&
2571 (ieee->link_state == MAC80211_NOLINK))))
2573 update_network(ieee, target, network);
2574 if (renew && (ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE))
2575 rtllib_softmac_new_net(ieee, network);
2578 spin_unlock_irqrestore(&ieee->lock, flags);
2579 if (ieee80211_is_beacon(frame_ctl) &&
2580 is_same_network(&ieee->current_network, network,
2581 (network->ssid_len ? 1 : 0)) &&
2582 (ieee->link_state == MAC80211_LINKED)) {
2583 ieee->handle_beacon(ieee->dev, beacon, &ieee->current_network);
2589 static void rtllib_rx_mgt(struct rtllib_device *ieee,
2590 struct sk_buff *skb,
2591 struct rtllib_rx_stats *stats)
2593 struct ieee80211_hdr *header = (struct ieee80211_hdr *)skb->data;
2595 if (!ieee80211_is_probe_resp(header->frame_control) &&
2596 (!ieee80211_is_beacon(header->frame_control)))
2597 ieee->last_rx_ps_time = jiffies;
2599 if (ieee80211_is_beacon(header->frame_control)) {
2600 netdev_dbg(ieee->dev, "received BEACON\n");
2601 rtllib_process_probe_response(
2602 ieee, (struct rtllib_probe_response *)header,
2605 if (ieee->sta_sleep || (ieee->ps != RTLLIB_PS_DISABLED &&
2606 ieee->iw_mode == IW_MODE_INFRA &&
2607 ieee->link_state == MAC80211_LINKED))
2608 schedule_work(&ieee->ps_task);
2609 } else if (ieee80211_is_probe_resp(header->frame_control)) {
2610 netdev_dbg(ieee->dev, "received PROBE RESPONSE\n");
2611 rtllib_process_probe_response(ieee,
2612 (struct rtllib_probe_response *)header, stats);
projects / linux-2.6-microblaze.git / blob