projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge commit 'kumar/merge' into merge
[deliverable/linux.git] / drivers / staging / vt6656 / dpc.c
CommitLineData
92b96797
FB		 1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
92b96797 41#include "device.h"
92b96797 42#include "rxtx.h"
92b96797 43#include "tether.h"
92b96797 44#include "card.h"
92b96797 45#include "bssdb.h"
92b96797 46#include "mac.h"
92b96797 47#include "baseband.h"
92b96797 48#include "michael.h"
92b96797 49#include "tkip.h"
92b96797 50#include "tcrc.h"
92b96797 51#include "wctl.h"
92b96797 52#include "hostap.h"
92b96797 53#include "rf.h"
92b96797 54#include "iowpa.h"
92b96797 55#include "aes_ccmp.h"
92b96797 56#include "datarate.h"
92b96797 57#include "usbpipe.h"
92b96797
FB		 58
59/*--------------------- Static Definitions -------------------------*/
60
61/*--------------------- Static Classes ----------------------------*/
62
63/*--------------------- Static Variables --------------------------*/
64//static int msglevel =MSG_LEVEL_DEBUG;
65static int msglevel =MSG_LEVEL_INFO;
66
67const BYTE acbyRxRate[MAX_RATE] =
68{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
69
70
71/*--------------------- Static Functions --------------------------*/
72
73/*--------------------- Static Definitions -------------------------*/
74
75/*--------------------- Static Functions --------------------------*/
76
77static BYTE s_byGetRateIdx(IN BYTE byRate);
78
79
80static
81VOID
82s_vGetDASA(
83 IN PBYTE pbyRxBufferAddr,
84 OUT PUINT pcbHeaderSize,
85 OUT PSEthernetHeader psEthHeader
86 );
87
88static
89VOID
90s_vProcessRxMACHeader (
91 IN PSDevice pDevice,
92 IN PBYTE pbyRxBufferAddr,
93 IN UINT cbPacketSize,
94 IN BOOL bIsWEP,
95 IN BOOL bExtIV,
96 OUT PUINT pcbHeadSize
97 );
98
99static BOOL s_bAPModeRxCtl(
100 IN PSDevice pDevice,
101 IN PBYTE pbyFrame,
102 IN INT iSANodeIndex
103 );
104
105
106
107static BOOL s_bAPModeRxData (
108 IN PSDevice pDevice,
109 IN struct sk_buff* skb,
110 IN UINT FrameSize,
111 IN UINT cbHeaderOffset,
112 IN INT iSANodeIndex,
113 IN INT iDANodeIndex
114 );
115
116
117static BOOL s_bHandleRxEncryption(
118 IN PSDevice pDevice,
119 IN PBYTE pbyFrame,
120 IN UINT FrameSize,
121 IN PBYTE pbyRsr,
122 OUT PBYTE pbyNewRsr,
123 OUT PSKeyItem *pKeyOut,
193a823c 124 int * pbExtIV,
92b96797
FB		 125 OUT PWORD pwRxTSC15_0,
126 OUT PDWORD pdwRxTSC47_16
127 );
128
129static BOOL s_bHostWepRxEncryption(
130
131 IN PSDevice pDevice,
132 IN PBYTE pbyFrame,
133 IN UINT FrameSize,
134 IN PBYTE pbyRsr,
135 IN BOOL bOnFly,
136 IN PSKeyItem pKey,
137 OUT PBYTE pbyNewRsr,
193a823c 138 int * pbExtIV,
92b96797
FB		 139 OUT PWORD pwRxTSC15_0,
140 OUT PDWORD pdwRxTSC47_16
141
142 );
143
144/*--------------------- Export Variables --------------------------*/
145
146/*+
147 *
148 * Description:
149 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
150 *
151 * Parameters:
152 * In:
153 * pDevice
154 * dwRxBufferAddr - Address of Rcv Buffer
155 * cbPacketSize - Rcv Packet size
156 * bIsWEP - If Rcv with WEP
157 * Out:
158 * pcbHeaderSize - 802.11 header size
159 *
160 * Return Value: None
161 *
162-*/
163static
164VOID
165s_vProcessRxMACHeader (
166 IN PSDevice pDevice,
167 IN PBYTE pbyRxBufferAddr,
168 IN UINT cbPacketSize,
169 IN BOOL bIsWEP,
170 IN BOOL bExtIV,
171 OUT PUINT pcbHeadSize
172 )
173{
174 PBYTE pbyRxBuffer;
175 UINT cbHeaderSize = 0;
176 PWORD pwType;
177 PS802_11Header pMACHeader;
178 int ii;
179
180
181 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
182
183 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
184
185 if (bIsWEP) {
186 if (bExtIV) {
187 // strip IV&ExtIV , add 8 byte
188 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
189 } else {
190 // strip IV , add 4 byte
191 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
192 }
193 }
194 else {
195 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
196 };
197
198 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
199 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
200 cbHeaderSize += 6;
201 }
202 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
203 cbHeaderSize += 6;
204 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
205 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
206 }
207 else {
208 cbHeaderSize -= 8;
209 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
210 if (bIsWEP) {
211 if (bExtIV) {
212 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
213 } else {
214 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
215 }
216 }
217 else {
218 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
219 }
220 }
221 }
222 else {
223 cbHeaderSize -= 2;
224 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
225 if (bIsWEP) {
226 if (bExtIV) {
227 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
228 } else {
229 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
230 }
231 }
232 else {
233 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
234 }
235 }
236
237 cbHeaderSize -= (U_ETHER_ADDR_LEN * 2);
238 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
239 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
240 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
241 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
242 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
243
244 *pcbHeadSize = cbHeaderSize;
245}
246
247
248
249
250static BYTE s_byGetRateIdx (IN BYTE byRate)
251{
252 BYTE byRateIdx;
253
254 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
255 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
256 return byRateIdx;
257 }
258 return 0;
259}
260
261
262static
263VOID
264s_vGetDASA (
265 IN PBYTE pbyRxBufferAddr,
266 OUT PUINT pcbHeaderSize,
267 OUT PSEthernetHeader psEthHeader
268 )
269{
270 UINT cbHeaderSize = 0;
271 PS802_11Header pMACHeader;
272 int ii;
273
274 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
275
276 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
277 if (pMACHeader->wFrameCtl & FC_FROMDS) {
278 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
279 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
280 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
281 }
282 }
283 else {
284 // IBSS mode
285 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
286 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
287 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
288 }
289 }
290 }
291 else {
292 // Is AP mode..
293 if (pMACHeader->wFrameCtl & FC_FROMDS) {
294 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
295 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
296 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
297 cbHeaderSize += 6;
298 }
299 }
300 else {
301 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
302 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
303 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
304 }
305 }
306 };
307 *pcbHeaderSize = cbHeaderSize;
308}
309
310
311
312
313BOOL
314RXbBulkInProcessData (
315 IN PSDevice pDevice,
316 IN PRCB pRCB,
317 IN ULONG BytesToIndicate
318 )
319{
320
321 struct net_device_stats* pStats=&pDevice->stats;
322 struct sk_buff* skb;
323 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
324 PSRxMgmtPacket pRxPacket = &(pMgmt->sRxPacket);
325 PS802_11Header p802_11Header;
326 PBYTE pbyRsr;
327 PBYTE pbyNewRsr;
328 PBYTE pbyRSSI;
329 PQWORD pqwTSFTime;
330 PBYTE pbyFrame;
331 BOOL bDeFragRx = FALSE;
332 UINT cbHeaderOffset;
333 UINT FrameSize;
334 WORD wEtherType = 0;
335 INT iSANodeIndex = -1;
336 INT iDANodeIndex = -1;
337 UINT ii;
338 UINT cbIVOffset;
339 PBYTE pbyRxSts;
340 PBYTE pbyRxRate;
341 PBYTE pbySQ;
342#ifdef Calcu_LinkQual
343 PBYTE pby3SQ;
344#endif
345 UINT cbHeaderSize;
346 PSKeyItem pKey = NULL;
347 WORD wRxTSC15_0 = 0;
348 DWORD dwRxTSC47_16 = 0;
349 SKeyItem STempKey;
350 // 802.11h RPI
351 //LONG ldBm = 0;
352 BOOL bIsWEP = FALSE;
353 BOOL bExtIV = FALSE;
354 DWORD dwWbkStatus;
355 PRCB pRCBIndicate = pRCB;
356 PBYTE pbyDAddress;
357 PWORD pwPLCP_Length;
358 BYTE abyVaildRate[MAX_RATE] = {2,4,11,22,12,18,24,36,48,72,96,108};
359 WORD wPLCPwithPadding;
360 PS802_11Header pMACHeader;
361 BOOL bRxeapol_key = FALSE;
362
363
364
365 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- RXbBulkInProcessData---\n");
366
367 skb = pRCB->skb;
368
369 //[31:16]RcvByteCount ( not include 4-byte Status )
370 dwWbkStatus = *( (PDWORD)(skb->data) );
371 FrameSize = (UINT)(dwWbkStatus >> 16);
372 FrameSize += 4;
373
374 if (BytesToIndicate != FrameSize) {
375 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
376 return FALSE;
377 }
378
379 if ((BytesToIndicate > 2372)||(BytesToIndicate <= 40)) {
380 // Frame Size error drop this packet.
381 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
382 return FALSE;
383 }
384
385 pbyDAddress = (PBYTE)(skb->data);
386 pbyRxSts = pbyDAddress+4;
387 pbyRxRate = pbyDAddress+5;
388
389 //real Frame Size = USBFrameSize -4WbkStatus - 4RxStatus - 8TSF - 4RSR - 4SQ3 - ?Padding
390 //if SQ3 the range is 24~27, if no SQ3 the range is 20~23
391 //real Frame size in PLCPLength field.
392 pwPLCP_Length = (PWORD) (pbyDAddress + 6);
393 //Fix hardware bug => PLCP_Length error
394 if ( ((BytesToIndicate - (*pwPLCP_Length)) > 27) ||
395 ((BytesToIndicate - (*pwPLCP_Length)) < 24) ||
396 (BytesToIndicate < (*pwPLCP_Length)) ) {
397
398 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong PLCP Length %x\n", (int) *pwPLCP_Length);
399 ASSERT(0);
400 return FALSE;
401 }
402 for ( ii=RATE_1M;ii<MAX_RATE;ii++) {
403 if ( *pbyRxRate == abyVaildRate[ii] ) {
404 break;
405 }
406 }
407 if ( ii==MAX_RATE ) {
408 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong RxRate %x\n",(int) *pbyRxRate);
409 return FALSE;
410 }
411
412 wPLCPwithPadding = ( (*pwPLCP_Length / 4) + ( (*pwPLCP_Length % 4) ? 1:0 ) ) *4;
413
414 pqwTSFTime = (PQWORD) (pbyDAddress + 8 + wPLCPwithPadding);
415#ifdef Calcu_LinkQual
416 if(pDevice->byBBType == BB_TYPE_11G) {
417 pby3SQ = pbyDAddress + 8 + wPLCPwithPadding + 12;
418 pbySQ = pby3SQ;
419 }
420 else {
421 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
422 pby3SQ = pbySQ;
423 }
424#else
425 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
426#endif
427 pbyNewRsr = pbyDAddress + 8 + wPLCPwithPadding + 9;
428 pbyRSSI = pbyDAddress + 8 + wPLCPwithPadding + 10;
429 pbyRsr = pbyDAddress + 8 + wPLCPwithPadding + 11;
430
431 FrameSize = *pwPLCP_Length;
432
433 pbyFrame = pbyDAddress + 8;
434 // update receive statistic counter
435
436 STAvUpdateRDStatCounter(&pDevice->scStatistic,
437 *pbyRsr,
438 *pbyNewRsr,
439 *pbyRxSts,
440 *pbyRxRate,
441 pbyFrame,
442 FrameSize
443 );
444
445
446 pMACHeader = (PS802_11Header) pbyFrame;
447
448//mike add: to judge if current AP is activated?
449 if ((pMgmt->eCurrMode == WMAC_MODE_STANDBY) ||
450 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA)) {
451 if (pMgmt->sNodeDBTable[0].bActive) {
452 if(IS_ETH_ADDRESS_EQUAL (pMgmt->abyCurrBSSID, pMACHeader->abyAddr2) ) {
453 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
454 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
455 }
456 }
457 }
458
459 if (!IS_MULTICAST_ADDRESS(pMACHeader->abyAddr1) && !IS_BROADCAST_ADDRESS(pMACHeader->abyAddr1)) {
460 if ( WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) pbyFrame) ) {
461 pDevice->s802_11Counter.FrameDuplicateCount++;
462 return FALSE;
463 }
464
465 if ( !IS_ETH_ADDRESS_EQUAL (pDevice->abyCurrentNetAddr, pMACHeader->abyAddr1) ) {
466 return FALSE;
467 }
468 }
469
470
471 // Use for TKIP MIC
472 s_vGetDASA(pbyFrame, &cbHeaderSize, &pDevice->sRxEthHeader);
473
474 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
475 return FALSE;
476
477 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
478 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
479 p802_11Header = (PS802_11Header) (pbyFrame);
480 // get SA NodeIndex
481 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
482 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
483 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
484 }
485 }
486 }
487
488 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
489 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
490 return FALSE;
491 }
492 }
493
494
495 if (IS_FC_WEP(pbyFrame)) {
496 BOOL bRxDecryOK = FALSE;
497
498 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
499 bIsWEP = TRUE;
500 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
501 pKey = &STempKey;
502 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
503 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
504 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
505 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
506 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
507 memcpy(pKey->abyKey,
508 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
509 pKey->uKeyLength
510 );
511
512 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
513 pbyFrame,
514 FrameSize,
515 pbyRsr,
516 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
517 pKey,
518 pbyNewRsr,
519 &bExtIV,
520 &wRxTSC15_0,
521 &dwRxTSC47_16);
522 } else {
523 bRxDecryOK = s_bHandleRxEncryption(pDevice,
524 pbyFrame,
525 FrameSize,
526 pbyRsr,
527 pbyNewRsr,
528 &pKey,
529 &bExtIV,
530 &wRxTSC15_0,
531 &dwRxTSC47_16);
532 }
533
534 if (bRxDecryOK) {
535 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
536 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
537 if ( (pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
538 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
539 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
540 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
541 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
542
543 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
544 pDevice->s802_11Counter.TKIPICVErrors++;
545 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
546 pDevice->s802_11Counter.CCMPDecryptErrors++;
547 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
548// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
549 }
550 }
551 return FALSE;
552 }
553 } else {
554 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
555 return FALSE;
556 }
557 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
558 FrameSize -= 8; // Message Integrity Code
559 else
560 FrameSize -= 4; // 4 is ICV
561 }
562
563
564 //
565 // RX OK
566 //
567 //remove the CRC length
568 FrameSize -= U_CRC_LEN;
569
8a3d91b0 570 if ( !(*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) && // unicast address
92b96797
FB		 571 (IS_FRAGMENT_PKT((pbyFrame)))
572 ) {
573 // defragment
574 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (pbyFrame), FrameSize, bIsWEP, bExtIV);
575 pDevice->s802_11Counter.ReceivedFragmentCount++;
576 if (bDeFragRx) {
577 // defrag complete
578 // TODO skb, pbyFrame
579 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
580 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
581 pbyFrame = skb->data + 8;
582 }
583 else {
584 return FALSE;
585 }
586 }
587
588 //
589 // Management & Control frame Handle
590 //
591 if ((IS_TYPE_DATA((pbyFrame))) == FALSE) {
592 // Handle Control & Manage Frame
593
594 if (IS_TYPE_MGMT((pbyFrame))) {
595 PBYTE pbyData1;
596 PBYTE pbyData2;
597
598 pRxPacket = &(pRCB->sMngPacket);
599 pRxPacket->p80211Header = (PUWLAN_80211HDR)(pbyFrame);
600 pRxPacket->cbMPDULen = FrameSize;
601 pRxPacket->uRSSI = *pbyRSSI;
602 pRxPacket->bySQ = *pbySQ;
603 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
604 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
605 if (bIsWEP) {
606 // strip IV
607 pbyData1 = WLAN_HDR_A3_DATA_PTR(pbyFrame);
608 pbyData2 = WLAN_HDR_A3_DATA_PTR(pbyFrame) + 4;
609 for (ii = 0; ii < (FrameSize - 4); ii++) {
610 *pbyData1 = *pbyData2;
611 pbyData1++;
612 pbyData2++;
613 }
614 }
615
616 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
617
618 if ( *pbyRxSts == 0 ) {
619 //Discard beacon packet which channel is 0
620 if ( (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_BEACON) ||
621 (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_PROBERESP) ) {
622 return TRUE;
623 }
624 }
625 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
626
627 // hostap Deamon handle 802.11 management
628 if (pDevice->bEnableHostapd) {
629 skb->dev = pDevice->apdev;
630 //skb->data += 4;
631 //skb->tail += 4;
632 skb->data += 8;
633 skb->tail += 8;
634 skb_put(skb, FrameSize);
d899d403 635 skb_reset_mac_header(skb);
92b96797
FB		 636 skb->pkt_type = PACKET_OTHERHOST;
637 skb->protocol = htons(ETH_P_802_2);
638 memset(skb->cb, 0, sizeof(skb->cb));
639 netif_rx(skb);
640 return TRUE;
641 }
642
643 //
644 // Insert the RCB in the Recv Mng list
645 //
646 EnqueueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList, pRCBIndicate);
647 pDevice->NumRecvMngList++;
648 if ( bDeFragRx == FALSE) {
649 pRCB->Ref++;
650 }
651 if (pDevice->bIsRxMngWorkItemQueued == FALSE) {
652 pDevice->bIsRxMngWorkItemQueued = TRUE;
653 tasklet_schedule(&pDevice->RxMngWorkItem);
654 }
655
656 }
657 else {
658 // Control Frame
659 };
660 return FALSE;
661 }
662 else {
663 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
664 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
8a3d91b0 665 if ( !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 666 if (bDeFragRx) {
667 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
668 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
669 pDevice->dev->name);
670 }
671 }
672 return FALSE;
673 }
674 }
675 else {
676 // discard DATA packet while not associate || BSSID error
677 if ((pDevice->bLinkPass == FALSE) ||
8a3d91b0 678 !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 679 if (bDeFragRx) {
680 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
681 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
682 pDevice->dev->name);
683 }
684 }
685 return FALSE;
686 }
687 //mike add:station mode check eapol-key challenge--->
688 {
689 BYTE Protocol_Version; //802.1x Authentication
690 BYTE Packet_Type; //802.1x Authentication
691 BYTE Descriptor_type;
692 WORD Key_info;
693 if (bIsWEP)
694 cbIVOffset = 8;
695 else
696 cbIVOffset = 0;
697 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
698 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
699 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
700 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
701 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
702 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
703 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
704 bRxeapol_key = TRUE;
705 Descriptor_type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2];
706 Key_info = (skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+1]<<8) |skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+2] ;
707 if(Descriptor_type==2) { //RSN
708 // printk("WPA2_Rx_eapol-key_info<-----:%x\n",Key_info);
709 }
710 else if(Descriptor_type==254) {
711 // printk("WPA_Rx_eapol-key_info<-----:%x\n",Key_info);
712 }
713 }
714 }
715 }
716 //mike add:station mode check eapol-key challenge<---
717 }
718 }
719
720
721// Data frame Handle
722
723
724 if (pDevice->bEnablePSMode) {
725 if (IS_FC_MOREDATA((pbyFrame))) {
8a3d91b0 726 if (*pbyRsr & RSR_ADDROK) {
92b96797
FB		 727 //PSbSendPSPOLL((PSDevice)pDevice);
728 }
729 }
730 else {
731 if (pMgmt->bInTIMWake == TRUE) {
732 pMgmt->bInTIMWake = FALSE;
733 }
734 }
735 };
736
737 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
738 if (pDevice->bDiversityEnable && (FrameSize>50) &&
739 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
740 (pDevice->bLinkPass == TRUE)) {
741 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
742 }
743
744 // ++++++++ For BaseBand Algorithm +++++++++++++++
745 pDevice->uCurrRSSI = *pbyRSSI;
746 pDevice->byCurrSQ = *pbySQ;
747
748 // todo
749/*
750 if ((*pbyRSSI != 0) &&
751 (pMgmt->pCurrBSS!=NULL)) {
752 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
753 // Moniter if RSSI is too strong.
754 pMgmt->pCurrBSS->byRSSIStatCnt++;
755 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
756 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
757 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
758 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
759 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
760 }
761 }
762 }
763*/
764
765
766 // -----------------------------------------------
767
768 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
769 BYTE abyMacHdr[24];
770
771 // Only 802.1x packet incoming allowed
772 if (bIsWEP)
773 cbIVOffset = 8;
774 else
775 cbIVOffset = 0;
776 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
777 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
778
779 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
780 if (wEtherType == ETH_P_PAE) {
781 skb->dev = pDevice->apdev;
782
783 if (bIsWEP == TRUE) {
784 // strip IV header(8)
785 memcpy(&abyMacHdr[0], (skb->data + 8), 24);
786 memcpy((skb->data + 8 + cbIVOffset), &abyMacHdr[0], 24);
787 }
788
789 skb->data += (cbIVOffset + 8);
790 skb->tail += (cbIVOffset + 8);
791 skb_put(skb, FrameSize);
d899d403 792 skb_reset_mac_header(skb);
92b96797
FB		 793 skb->pkt_type = PACKET_OTHERHOST;
794 skb->protocol = htons(ETH_P_802_2);
795 memset(skb->cb, 0, sizeof(skb->cb));
796 netif_rx(skb);
797 return TRUE;
798
799 }
800 // check if 802.1x authorized
801 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
802 return FALSE;
803 }
804
805
806 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
807 if (bIsWEP) {
808 FrameSize -= 8; //MIC
809 }
810 }
811
812 //--------------------------------------------------------------------------------
813 // Soft MIC
814 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
815 if (bIsWEP) {
816 PDWORD pdwMIC_L;
817 PDWORD pdwMIC_R;
818 DWORD dwMIC_Priority;
819 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
820 DWORD dwLocalMIC_L = 0;
821 DWORD dwLocalMIC_R = 0;
822 viawget_wpa_header *wpahdr;
823
824
825 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
826 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
827 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
828 }
829 else {
830 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
831 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
832 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
833 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
834 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
835 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
836 } else {
837 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
838 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
839 }
840 }
841
842 MIC_vInit(dwMICKey0, dwMICKey1);
843 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
844 dwMIC_Priority = 0;
845 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
846 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
847 MIC_vAppend((PBYTE)(skb->data + 8 + WLAN_HDR_ADDR3_LEN + 8),
848 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
849 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
850 MIC_vUnInit();
851
852 pdwMIC_L = (PDWORD)(skb->data + 8 + FrameSize);
853 pdwMIC_R = (PDWORD)(skb->data + 8 + FrameSize + 4);
854
855
856 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
857 (pDevice->bRxMICFail == TRUE)) {
858 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
859 pDevice->bRxMICFail = FALSE;
860 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
861 pDevice->s802_11Counter.TKIPLocalMICFailures++;
862 if (bDeFragRx) {
863 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
864 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
865 pDevice->dev->name);
866 }
867 }
868 //2008-0409-07, <Add> by Einsn Liu
869 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
870 //send event to wpa_supplicant
871 //if(pDevice->bWPASuppWextEnabled == TRUE)
872 {
873 union iwreq_data wrqu;
874 struct iw_michaelmicfailure ev;
875 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
876 memset(&ev, 0, sizeof(ev));
877 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
878 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
879 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
880 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
881 ev.flags |= IW_MICFAILURE_PAIRWISE;
882 } else {
883 ev.flags |= IW_MICFAILURE_GROUP;
884 }
885
886 ev.src_addr.sa_family = ARPHRD_ETHER;
887 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
888 memset(&wrqu, 0, sizeof(wrqu));
889 wrqu.data.length = sizeof(ev);
890 PRINT_K("wireless_send_event--->IWEVMICHAELMICFAILURE\n");
891 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
892
893 }
894 #endif
895
896
897 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
898 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
899 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
900 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
901 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
902 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
903 wpahdr->type = VIAWGET_PTK_MIC_MSG;
904 } else {
905 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
906 wpahdr->type = VIAWGET_GTK_MIC_MSG;
907 }
908 wpahdr->resp_ie_len = 0;
909 wpahdr->req_ie_len = 0;
910 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
911 pDevice->skb->dev = pDevice->wpadev;
d899d403 912 skb_reset_mac_header(pDevice->skb);
92b96797
FB		 913 pDevice->skb->pkt_type = PACKET_HOST;
914 pDevice->skb->protocol = htons(ETH_P_802_2);
915 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
916 netif_rx(pDevice->skb);
917 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
918 };
919
920 return FALSE;
921
922 }
923 }
924 } //---end of SOFT MIC-----------------------------------------------------------------------
925
926 // ++++++++++ Reply Counter Check +++++++++++++
927
928 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
929 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
930 if (bIsWEP) {
931 WORD wLocalTSC15_0 = 0;
932 DWORD dwLocalTSC47_16 = 0;
933 ULONGLONG RSC = 0;
934 // endian issues
935 RSC = *((ULONGLONG *) &(pKey->KeyRSC));
936 wLocalTSC15_0 = (WORD) RSC;
937 dwLocalTSC47_16 = (DWORD) (RSC>>16);
938
939 RSC = dwRxTSC47_16;
940 RSC <<= 16;
941 RSC += wRxTSC15_0;
3e362598 942 memcpy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
92b96797
FB		 943
944 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
945 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
946 // check RSC
947 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
948 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
949 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
950 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
951 if (pKey->byCipherSuite == KEY_CTL_TKIP)
952 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
953 pDevice->s802_11Counter.TKIPReplays++;
954 else
955 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
956 pDevice->s802_11Counter.CCMPReplays++;
957
958 if (bDeFragRx) {
959 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
960 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
961 pDevice->dev->name);
962 }
963 }
964 return FALSE;
965 }
966 }
967 }
968 } // ----- End of Reply Counter Check --------------------------
969
970
971 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+8), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
972 FrameSize -= cbHeaderOffset;
973 cbHeaderOffset += 8; // 8 is Rcv buffer header
974
975 // Null data, framesize = 12
976 if (FrameSize < 12)
977 return FALSE;
978
979 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
980 if (s_bAPModeRxData(pDevice,
981 skb,
982 FrameSize,
983 cbHeaderOffset,
984 iSANodeIndex,
985 iDANodeIndex
986 ) == FALSE) {
987
988 if (bDeFragRx) {
989 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
990 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
991 pDevice->dev->name);
992 }
993 }
994 return FALSE;
995 }
996
997 }
998
999 skb->data += cbHeaderOffset;
1000 skb->tail += cbHeaderOffset;
1001 skb_put(skb, FrameSize);
1002 skb->protocol=eth_type_trans(skb, skb->dev);
1003 skb->ip_summed=CHECKSUM_NONE;
1004 pStats->rx_bytes +=skb->len;
1005 pStats->rx_packets++;
1006 netif_rx(skb);
1007 if (bDeFragRx) {
1008 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1009 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1010 pDevice->dev->name);
1011 }
1012 return FALSE;
1013 }
1014
1015 return TRUE;
1016}
1017
1018
1019static BOOL s_bAPModeRxCtl (
1020 IN PSDevice pDevice,
1021 IN PBYTE pbyFrame,
1022 IN INT iSANodeIndex
1023 )
1024{
1025 PS802_11Header p802_11Header;
1026 CMD_STATUS Status;
1027 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1028
1029
1030 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1031
1032 p802_11Header = (PS802_11Header) (pbyFrame);
1033 if (!IS_TYPE_MGMT(pbyFrame)) {
1034
1035 // Data & PS-Poll packet
1036 // check frame class
1037 if (iSANodeIndex > 0) {
1038 // frame class 3 fliter & checking
1039 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1040 // send deauth notification
1041 // reason = (6) class 2 received from nonauth sta
1042 vMgrDeAuthenBeginSta(pDevice,
1043 pMgmt,
1044 (PBYTE)(p802_11Header->abyAddr2),
1045 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1046 &Status
1047 );
1048 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1049 return TRUE;
1050 };
1051 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1052 // send deassoc notification
1053 // reason = (7) class 3 received from nonassoc sta
1054 vMgrDisassocBeginSta(pDevice,
1055 pMgmt,
1056 (PBYTE)(p802_11Header->abyAddr2),
1057 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1058 &Status
1059 );
1060 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1061 return TRUE;
1062 };
1063
1064 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1065 // delcare received ps-poll event
1066 if (IS_CTL_PSPOLL(pbyFrame)) {
1067 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1068 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1069 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1070 }
1071 else {
1072 // check Data PS state
1073 // if PW bit off, send out all PS bufferring packets.
1074 if (!IS_FC_POWERMGT(pbyFrame)) {
1075 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1076 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1077 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1078 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1079 }
1080 }
1081 }
1082 else {
1083 if (IS_FC_POWERMGT(pbyFrame)) {
1084 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1085 // Once if STA in PS state, enable multicast bufferring
1086 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1087 }
1088 else {
1089 // clear all pending PS frame.
1090 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1091 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1092 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1093 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1094 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1095
1096 }
1097 }
1098 }
1099 }
1100 else {
1101 vMgrDeAuthenBeginSta(pDevice,
1102 pMgmt,
1103 (PBYTE)(p802_11Header->abyAddr2),
1104 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1105 &Status
1106 );
1107 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1108 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
1109 p802_11Header->abyAddr3[0],
1110 p802_11Header->abyAddr3[1],
1111 p802_11Header->abyAddr3[2],
1112 p802_11Header->abyAddr3[3],
1113 p802_11Header->abyAddr3[4],
1114 p802_11Header->abyAddr3[5]
1115 );
1116 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
1117 p802_11Header->abyAddr2[0],
1118 p802_11Header->abyAddr2[1],
1119 p802_11Header->abyAddr2[2],
1120 p802_11Header->abyAddr2[3],
1121 p802_11Header->abyAddr2[4],
1122 p802_11Header->abyAddr2[5]
1123 );
1124 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
1125 p802_11Header->abyAddr1[0],
1126 p802_11Header->abyAddr1[1],
1127 p802_11Header->abyAddr1[2],
1128 p802_11Header->abyAddr1[3],
1129 p802_11Header->abyAddr1[4],
1130 p802_11Header->abyAddr1[5]
1131 );
1132 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1133 return TRUE;
1134 }
1135 }
1136 }
1137 return FALSE;
1138
1139}
1140
1141static BOOL s_bHandleRxEncryption (
1142 IN PSDevice pDevice,
1143 IN PBYTE pbyFrame,
1144 IN UINT FrameSize,
1145 IN PBYTE pbyRsr,
1146 OUT PBYTE pbyNewRsr,
1147 OUT PSKeyItem *pKeyOut,
193a823c 1148 int * pbExtIV,
92b96797
FB		 1149 OUT PWORD pwRxTSC15_0,
1150 OUT PDWORD pdwRxTSC47_16
1151 )
1152{
1153 UINT PayloadLen = FrameSize;
1154 PBYTE pbyIV;
1155 BYTE byKeyIdx;
1156 PSKeyItem pKey = NULL;
1157 BYTE byDecMode = KEY_CTL_WEP;
1158 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1159
1160
1161 *pwRxTSC15_0 = 0;
1162 *pdwRxTSC47_16 = 0;
1163
1164 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1165 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1166 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1167 pbyIV += 6; // 6 is 802.11 address4
1168 PayloadLen -= 6;
1169 }
1170 byKeyIdx = (*(pbyIV+3) & 0xc0);
1171 byKeyIdx >>= 6;
1172 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1173
1174 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1175 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1176 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1177 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1178 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1179 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1180 (pMgmt->byCSSPK != KEY_CTL_NONE)) {
1181 // unicast pkt use pairwise key
1182 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1183 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1184 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
1185 byDecMode = KEY_CTL_TKIP;
1186 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
1187 byDecMode = KEY_CTL_CCMP;
1188 }
1189 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1190 } else {
1191 // use group key
1192 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1193 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1194 byDecMode = KEY_CTL_TKIP;
1195 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1196 byDecMode = KEY_CTL_CCMP;
1197 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1198 }
1199 }
1200 // our WEP only support Default Key
1201 if (pKey == NULL) {
1202 // use default group key
1203 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1204 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1205 byDecMode = KEY_CTL_TKIP;
1206 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1207 byDecMode = KEY_CTL_CCMP;
1208 }
1209 *pKeyOut = pKey;
1210
1211 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1212
1213 if (pKey == NULL) {
1214 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1215 if (byDecMode == KEY_CTL_WEP) {
1216// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1217 } else if (pDevice->bLinkPass == TRUE) {
1218// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1219 }
1220 return FALSE;
1221 }
1222 if (byDecMode != pKey->byCipherSuite) {
1223 if (byDecMode == KEY_CTL_WEP) {
1224// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1225 } else if (pDevice->bLinkPass == TRUE) {
1226// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1227 }
1228 *pKeyOut = NULL;
1229 return FALSE;
1230 }
1231 if (byDecMode == KEY_CTL_WEP) {
1232 // handle WEP
1233 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1234 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1235 // Software WEP
1236 // 1. 3253A
1237 // 2. WEP 256
1238
1239 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1240 memcpy(pDevice->abyPRNG, pbyIV, 3);
1241 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1242 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1243 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1244
1245 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1246 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1247 }
1248 }
1249 } else if ((byDecMode == KEY_CTL_TKIP) ||
1250 (byDecMode == KEY_CTL_CCMP)) {
1251 // TKIP/AES
1252
1253 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1254 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1255 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1256 if (byDecMode == KEY_CTL_TKIP) {
1257 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1258 } else {
1259 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1260 }
1261 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1262
1263 if ((byDecMode == KEY_CTL_TKIP) &&
1264 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1265 // Software TKIP
1266 // 1. 3253 A
1267 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1268 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1269 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1270 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1271 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1272 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1273 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1274 } else {
1275 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1276 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1277 }
1278 }
1279 }// end of TKIP/AES
1280
1281 if ((*(pbyIV+3) & 0x20) != 0)
1282 *pbExtIV = TRUE;
1283 return TRUE;
1284}
1285
1286
1287static BOOL s_bHostWepRxEncryption (
1288 IN PSDevice pDevice,
1289 IN PBYTE pbyFrame,
1290 IN UINT FrameSize,
1291 IN PBYTE pbyRsr,
1292 IN BOOL bOnFly,
1293 IN PSKeyItem pKey,
1294 OUT PBYTE pbyNewRsr,
193a823c 1295 int * pbExtIV,
92b96797
FB		 1296 OUT PWORD pwRxTSC15_0,
1297 OUT PDWORD pdwRxTSC47_16
1298 )
1299{
1300 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1301 UINT PayloadLen = FrameSize;
1302 PBYTE pbyIV;
1303 BYTE byKeyIdx;
1304 BYTE byDecMode = KEY_CTL_WEP;
1305 PS802_11Header pMACHeader;
1306
1307
1308
1309 *pwRxTSC15_0 = 0;
1310 *pdwRxTSC47_16 = 0;
1311
1312 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1313 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1314 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1315 pbyIV += 6; // 6 is 802.11 address4
1316 PayloadLen -= 6;
1317 }
1318 byKeyIdx = (*(pbyIV+3) & 0xc0);
1319 byKeyIdx >>= 6;
1320 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1321
1322
1323 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1324 byDecMode = KEY_CTL_TKIP;
1325 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1326 byDecMode = KEY_CTL_CCMP;
1327
1328 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1329
1330 if (byDecMode != pKey->byCipherSuite) {
1331 if (byDecMode == KEY_CTL_WEP) {
1332// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1333 } else if (pDevice->bLinkPass == TRUE) {
1334// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1335 }
1336 return FALSE;
1337 }
1338
1339 if (byDecMode == KEY_CTL_WEP) {
1340 // handle WEP
1341 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1342 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1343 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1344 (bOnFly == FALSE)) {
1345 // Software WEP
1346 // 1. 3253A
1347 // 2. WEP 256
1348 // 3. NotOnFly
1349
1350 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1351 memcpy(pDevice->abyPRNG, pbyIV, 3);
1352 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1353 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1354 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1355
1356 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1357 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1358 }
1359 }
1360 } else if ((byDecMode == KEY_CTL_TKIP) ||
1361 (byDecMode == KEY_CTL_CCMP)) {
1362 // TKIP/AES
1363
1364 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1365 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1366 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1367
1368 if (byDecMode == KEY_CTL_TKIP) {
1369 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1370 } else {
1371 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1372 }
1373 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1374
1375 if (byDecMode == KEY_CTL_TKIP) {
1376
1377 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1378 // Software TKIP
1379 // 1. 3253 A
1380 // 2. NotOnFly
1381 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1382 pMACHeader = (PS802_11Header) (pbyFrame);
1383 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1384 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1385 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1386 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1387 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1388 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1389 } else {
1390 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1391 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1392 }
1393 }
1394 }
1395
1396 if (byDecMode == KEY_CTL_CCMP) {
1397 if (bOnFly == FALSE) {
1398 // Software CCMP
1399 // NotOnFly
1400 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1401 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1402 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1403 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1404 } else {
1405 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1406 }
1407 }
1408 }
1409
1410 }// end of TKIP/AES
1411
1412 if ((*(pbyIV+3) & 0x20) != 0)
1413 *pbExtIV = TRUE;
1414 return TRUE;
1415}
1416
1417
1418
1419static BOOL s_bAPModeRxData (
1420 IN PSDevice pDevice,
1421 IN struct sk_buff* skb,
1422 IN UINT FrameSize,
1423 IN UINT cbHeaderOffset,
1424 IN INT iSANodeIndex,
1425 IN INT iDANodeIndex
1426 )
1427
1428{
1429 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1430 BOOL bRelayAndForward = FALSE;
1431 BOOL bRelayOnly = FALSE;
1432 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1433 WORD wAID;
1434
1435
1436 struct sk_buff* skbcpy = NULL;
1437
1438 if (FrameSize > CB_MAX_BUF_SIZE)
1439 return FALSE;
1440 // check DA
1441 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1442 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1443
1444 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1445
1446 // if any node in PS mode, buffer packet until DTIM.
1447 if (skbcpy == NULL) {
1448 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1449 }
1450 else {
1451 skbcpy->dev = pDevice->dev;
1452 skbcpy->len = FrameSize;
1453 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1454 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1455 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1456 // set tx map
1457 pMgmt->abyPSTxMap[0] |= byMask[0];
1458 }
1459 }
1460 else {
1461 bRelayAndForward = TRUE;
1462 }
1463 }
1464 else {
1465 // check if relay
1466 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1467 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1468 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1469 // queue this skb until next PS tx, and then release.
1470
1471 skb->data += cbHeaderOffset;
1472 skb->tail += cbHeaderOffset;
1473 skb_put(skb, FrameSize);
1474 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1475
1476 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1477 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1478 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1479 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1480 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1481 return TRUE;
1482 }
1483 else {
1484 bRelayOnly = TRUE;
1485 }
1486 }
1487 };
1488 }
1489
1490 if (bRelayOnly || bRelayAndForward) {
1491 // relay this packet right now
1492 if (bRelayAndForward)
1493 iDANodeIndex = 0;
1494
1495 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
1496 bRelayPacketSend(pDevice, (PBYTE)(skb->data + cbHeaderOffset), FrameSize, (UINT)iDANodeIndex);
1497 }
1498
1499 if (bRelayOnly)
1500 return FALSE;
1501 }
1502 // none associate, don't forward
1503 if (pDevice->uAssocCount == 0)
1504 return FALSE;
1505
1506 return TRUE;
1507}
1508
1509
1510
1511
1512VOID
1513RXvWorkItem(
1514 PVOID Context
1515 )
1516{
1517 PSDevice pDevice = (PSDevice) Context;
1518 NTSTATUS ntStatus;
1519 PRCB pRCB=NULL;
1520
1521 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Polling Thread\n");
1522 spin_lock_irq(&pDevice->lock);
1523 while ( MP_TEST_FLAG(pDevice, fMP_POST_READS) &&
1524 MP_IS_READY(pDevice) &&
1525 (pDevice->NumRecvFreeList != 0) ) {
1526 pRCB = pDevice->FirstRecvFreeList;
1527 pDevice->NumRecvFreeList--;
1528 ASSERT(pRCB);// cannot be NULL
1529 DequeueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList);
1530 ntStatus = PIPEnsBulkInUsbRead(pDevice, pRCB);
1531 }
1532 pDevice->bIsRxWorkItemQueued = FALSE;
1533 spin_unlock_irq(&pDevice->lock);
1534
1535}
1536
1537
1538VOID
1539RXvFreeRCB(
1540 IN PRCB pRCB,
1541 IN BOOL bReAllocSkb
1542 )
1543{
1544 PSDevice pDevice = (PSDevice)pRCB->pDevice;
1545
1546
1547 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->RXvFreeRCB\n");
1548
1549 ASSERT(!pRCB->Ref); // should be 0
1550 ASSERT(pRCB->pDevice); // shouldn't be NULL
1551
1552 if (bReAllocSkb == TRUE) {
1553 pRCB->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1554 // todo error handling
1555 if (pRCB->skb == NULL) {
1556 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR" Failed to re-alloc rx skb\n");
1557 }else {
1558 pRCB->skb->dev = pDevice->dev;
1559 }
1560 }
1561 //
1562 // Insert the RCB back in the Recv free list
1563 //
1564 EnqueueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList, pRCB);
1565 pDevice->NumRecvFreeList++;
1566
1567
1568 if (MP_TEST_FLAG(pDevice, fMP_POST_READS) && MP_IS_READY(pDevice) &&
1569 (pDevice->bIsRxWorkItemQueued == FALSE) ) {
1570
1571 pDevice->bIsRxWorkItemQueued = TRUE;
1572 tasklet_schedule(&pDevice->ReadWorkItem);
1573 }
1574 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"<----RXFreeRCB %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1575}
1576
1577
1578VOID
1579RXvMngWorkItem(
1580 PVOID Context
1581 )
1582{
1583 PSDevice pDevice = (PSDevice) Context;
1584 PRCB pRCB=NULL;
1585 PSRxMgmtPacket pRxPacket;
1586 BOOL bReAllocSkb = FALSE;
1587
1588 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Mng Thread\n");
1589
1590 spin_lock_irq(&pDevice->lock);
1591 while (pDevice->NumRecvMngList!=0)
1592 {
1593 pRCB = pDevice->FirstRecvMngList;
1594 pDevice->NumRecvMngList--;
1595 DequeueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList);
1596 if(!pRCB){
1597 break;
1598 }
1599 ASSERT(pRCB);// cannot be NULL
1600 pRxPacket = &(pRCB->sMngPacket);
1601 vMgrRxManagePacket((HANDLE)pDevice, &(pDevice->sMgmtObj), pRxPacket);
1602 pRCB->Ref--;
1603 if(pRCB->Ref == 0) {
1604 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RxvFreeMng %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1605 RXvFreeRCB(pRCB, bReAllocSkb);
1606 } else {
1607 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Rx Mng Only we have the right to free RCB\n");
1608 }
1609 }
1610
1611 pDevice->bIsRxMngWorkItemQueued = FALSE;
1612 spin_unlock_irq(&pDevice->lock);
1613
1614}
1615
1616
Linux kernel - Deliverables
This page took 0.141225 seconds and 5 git commands to generate.