projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Staging: vt665x: Typedef and macro cleanup Part 1
[deliverable/linux.git] / drivers / staging / vt6656 / dpc.c
CommitLineData
92b96797
FB		 1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
41
42#if !defined(__DEVICE_H__)
43#include "device.h"
44#endif
45#if !defined(__RXTX_H__)
46#include "rxtx.h"
47#endif
48#if !defined(__TETHER_H__)
49#include "tether.h"
50#endif
51#if !defined(__CARD_H__)
52#include "card.h"
53#endif
54#if !defined(__BSSDB_H__)
55#include "bssdb.h"
56#endif
57#if !defined(__MAC_H__)
58#include "mac.h"
59#endif
60#if !defined(__BASEBAND_H__)
61#include "baseband.h"
62#endif
63#if !defined(__UMEM_H__)
64#include "umem.h"
65#endif
66#if !defined(__MICHAEL_H__)
67#include "michael.h"
68#endif
69#if !defined(__TKIP_H__)
70#include "tkip.h"
71#endif
72#if !defined(__TCRC_H__)
73#include "tcrc.h"
74#endif
75#if !defined(__WCTL_H__)
76#include "wctl.h"
77#endif
78#if !defined(__TBIT_H__)
79#include "tbit.h"
80#endif
81#if !defined(__HOSTAP_H__)
82#include "hostap.h"
83#endif
84#if !defined(__RF_H__)
85#include "rf.h"
86#endif
87#if !defined(__IOWPA_H__)
88#include "iowpa.h"
89#endif
90#if !defined(__AES_H__)
91#include "aes_ccmp.h"
92#endif
93#if !defined(__DATARATE_H__)
94#include "datarate.h"
95#endif
96#if !defined(__USBPIPE_H__)
97#include "usbpipe.h"
98#endif
99
100
101/*--------------------- Static Definitions -------------------------*/
102
103/*--------------------- Static Classes ----------------------------*/
104
105/*--------------------- Static Variables --------------------------*/
106//static int msglevel =MSG_LEVEL_DEBUG;
107static int msglevel =MSG_LEVEL_INFO;
108
109const BYTE acbyRxRate[MAX_RATE] =
110{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
111
112
113/*--------------------- Static Functions --------------------------*/
114
115/*--------------------- Static Definitions -------------------------*/
116
117/*--------------------- Static Functions --------------------------*/
118
119static BYTE s_byGetRateIdx(IN BYTE byRate);
120
121
122static
123VOID
124s_vGetDASA(
125 IN PBYTE pbyRxBufferAddr,
126 OUT PUINT pcbHeaderSize,
127 OUT PSEthernetHeader psEthHeader
128 );
129
130static
131VOID
132s_vProcessRxMACHeader (
133 IN PSDevice pDevice,
134 IN PBYTE pbyRxBufferAddr,
135 IN UINT cbPacketSize,
136 IN BOOL bIsWEP,
137 IN BOOL bExtIV,
138 OUT PUINT pcbHeadSize
139 );
140
141static BOOL s_bAPModeRxCtl(
142 IN PSDevice pDevice,
143 IN PBYTE pbyFrame,
144 IN INT iSANodeIndex
145 );
146
147
148
149static BOOL s_bAPModeRxData (
150 IN PSDevice pDevice,
151 IN struct sk_buff* skb,
152 IN UINT FrameSize,
153 IN UINT cbHeaderOffset,
154 IN INT iSANodeIndex,
155 IN INT iDANodeIndex
156 );
157
158
159static BOOL s_bHandleRxEncryption(
160 IN PSDevice pDevice,
161 IN PBYTE pbyFrame,
162 IN UINT FrameSize,
163 IN PBYTE pbyRsr,
164 OUT PBYTE pbyNewRsr,
165 OUT PSKeyItem *pKeyOut,
193a823c 166 int * pbExtIV,
92b96797
FB		 167 OUT PWORD pwRxTSC15_0,
168 OUT PDWORD pdwRxTSC47_16
169 );
170
171static BOOL s_bHostWepRxEncryption(
172
173 IN PSDevice pDevice,
174 IN PBYTE pbyFrame,
175 IN UINT FrameSize,
176 IN PBYTE pbyRsr,
177 IN BOOL bOnFly,
178 IN PSKeyItem pKey,
179 OUT PBYTE pbyNewRsr,
193a823c 180 int * pbExtIV,
92b96797
FB		 181 OUT PWORD pwRxTSC15_0,
182 OUT PDWORD pdwRxTSC47_16
183
184 );
185
186/*--------------------- Export Variables --------------------------*/
187
188/*+
189 *
190 * Description:
191 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
192 *
193 * Parameters:
194 * In:
195 * pDevice
196 * dwRxBufferAddr - Address of Rcv Buffer
197 * cbPacketSize - Rcv Packet size
198 * bIsWEP - If Rcv with WEP
199 * Out:
200 * pcbHeaderSize - 802.11 header size
201 *
202 * Return Value: None
203 *
204-*/
205static
206VOID
207s_vProcessRxMACHeader (
208 IN PSDevice pDevice,
209 IN PBYTE pbyRxBufferAddr,
210 IN UINT cbPacketSize,
211 IN BOOL bIsWEP,
212 IN BOOL bExtIV,
213 OUT PUINT pcbHeadSize
214 )
215{
216 PBYTE pbyRxBuffer;
217 UINT cbHeaderSize = 0;
218 PWORD pwType;
219 PS802_11Header pMACHeader;
220 int ii;
221
222
223 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
224
225 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
226
227 if (bIsWEP) {
228 if (bExtIV) {
229 // strip IV&ExtIV , add 8 byte
230 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
231 } else {
232 // strip IV , add 4 byte
233 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
234 }
235 }
236 else {
237 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
238 };
239
240 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
241 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
242 cbHeaderSize += 6;
243 }
244 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
245 cbHeaderSize += 6;
246 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
247 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
248 }
249 else {
250 cbHeaderSize -= 8;
251 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
252 if (bIsWEP) {
253 if (bExtIV) {
254 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
255 } else {
256 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
257 }
258 }
259 else {
260 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
261 }
262 }
263 }
264 else {
265 cbHeaderSize -= 2;
266 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
267 if (bIsWEP) {
268 if (bExtIV) {
269 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
270 } else {
271 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
272 }
273 }
274 else {
275 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
276 }
277 }
278
279 cbHeaderSize -= (U_ETHER_ADDR_LEN * 2);
280 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
281 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
282 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
283 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
284 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
285
286 *pcbHeadSize = cbHeaderSize;
287}
288
289
290
291
292static BYTE s_byGetRateIdx (IN BYTE byRate)
293{
294 BYTE byRateIdx;
295
296 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
297 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
298 return byRateIdx;
299 }
300 return 0;
301}
302
303
304static
305VOID
306s_vGetDASA (
307 IN PBYTE pbyRxBufferAddr,
308 OUT PUINT pcbHeaderSize,
309 OUT PSEthernetHeader psEthHeader
310 )
311{
312 UINT cbHeaderSize = 0;
313 PS802_11Header pMACHeader;
314 int ii;
315
316 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
317
318 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
319 if (pMACHeader->wFrameCtl & FC_FROMDS) {
320 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
321 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
322 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
323 }
324 }
325 else {
326 // IBSS mode
327 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
328 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
329 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
330 }
331 }
332 }
333 else {
334 // Is AP mode..
335 if (pMACHeader->wFrameCtl & FC_FROMDS) {
336 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
337 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
338 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
339 cbHeaderSize += 6;
340 }
341 }
342 else {
343 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
344 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
345 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
346 }
347 }
348 };
349 *pcbHeaderSize = cbHeaderSize;
350}
351
352
353
354
355BOOL
356RXbBulkInProcessData (
357 IN PSDevice pDevice,
358 IN PRCB pRCB,
359 IN ULONG BytesToIndicate
360 )
361{
362
363 struct net_device_stats* pStats=&pDevice->stats;
364 struct sk_buff* skb;
365 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
366 PSRxMgmtPacket pRxPacket = &(pMgmt->sRxPacket);
367 PS802_11Header p802_11Header;
368 PBYTE pbyRsr;
369 PBYTE pbyNewRsr;
370 PBYTE pbyRSSI;
371 PQWORD pqwTSFTime;
372 PBYTE pbyFrame;
373 BOOL bDeFragRx = FALSE;
374 UINT cbHeaderOffset;
375 UINT FrameSize;
376 WORD wEtherType = 0;
377 INT iSANodeIndex = -1;
378 INT iDANodeIndex = -1;
379 UINT ii;
380 UINT cbIVOffset;
381 PBYTE pbyRxSts;
382 PBYTE pbyRxRate;
383 PBYTE pbySQ;
384#ifdef Calcu_LinkQual
385 PBYTE pby3SQ;
386#endif
387 UINT cbHeaderSize;
388 PSKeyItem pKey = NULL;
389 WORD wRxTSC15_0 = 0;
390 DWORD dwRxTSC47_16 = 0;
391 SKeyItem STempKey;
392 // 802.11h RPI
393 //LONG ldBm = 0;
394 BOOL bIsWEP = FALSE;
395 BOOL bExtIV = FALSE;
396 DWORD dwWbkStatus;
397 PRCB pRCBIndicate = pRCB;
398 PBYTE pbyDAddress;
399 PWORD pwPLCP_Length;
400 BYTE abyVaildRate[MAX_RATE] = {2,4,11,22,12,18,24,36,48,72,96,108};
401 WORD wPLCPwithPadding;
402 PS802_11Header pMACHeader;
403 BOOL bRxeapol_key = FALSE;
404
405
406
407 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- RXbBulkInProcessData---\n");
408
409 skb = pRCB->skb;
410
411 //[31:16]RcvByteCount ( not include 4-byte Status )
412 dwWbkStatus = *( (PDWORD)(skb->data) );
413 FrameSize = (UINT)(dwWbkStatus >> 16);
414 FrameSize += 4;
415
416 if (BytesToIndicate != FrameSize) {
417 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
418 return FALSE;
419 }
420
421 if ((BytesToIndicate > 2372)||(BytesToIndicate <= 40)) {
422 // Frame Size error drop this packet.
423 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
424 return FALSE;
425 }
426
427 pbyDAddress = (PBYTE)(skb->data);
428 pbyRxSts = pbyDAddress+4;
429 pbyRxRate = pbyDAddress+5;
430
431 //real Frame Size = USBFrameSize -4WbkStatus - 4RxStatus - 8TSF - 4RSR - 4SQ3 - ?Padding
432 //if SQ3 the range is 24~27, if no SQ3 the range is 20~23
433 //real Frame size in PLCPLength field.
434 pwPLCP_Length = (PWORD) (pbyDAddress + 6);
435 //Fix hardware bug => PLCP_Length error
436 if ( ((BytesToIndicate - (*pwPLCP_Length)) > 27) ||
437 ((BytesToIndicate - (*pwPLCP_Length)) < 24) ||
438 (BytesToIndicate < (*pwPLCP_Length)) ) {
439
440 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong PLCP Length %x\n", (int) *pwPLCP_Length);
441 ASSERT(0);
442 return FALSE;
443 }
444 for ( ii=RATE_1M;ii<MAX_RATE;ii++) {
445 if ( *pbyRxRate == abyVaildRate[ii] ) {
446 break;
447 }
448 }
449 if ( ii==MAX_RATE ) {
450 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong RxRate %x\n",(int) *pbyRxRate);
451 return FALSE;
452 }
453
454 wPLCPwithPadding = ( (*pwPLCP_Length / 4) + ( (*pwPLCP_Length % 4) ? 1:0 ) ) *4;
455
456 pqwTSFTime = (PQWORD) (pbyDAddress + 8 + wPLCPwithPadding);
457#ifdef Calcu_LinkQual
458 if(pDevice->byBBType == BB_TYPE_11G) {
459 pby3SQ = pbyDAddress + 8 + wPLCPwithPadding + 12;
460 pbySQ = pby3SQ;
461 }
462 else {
463 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
464 pby3SQ = pbySQ;
465 }
466#else
467 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
468#endif
469 pbyNewRsr = pbyDAddress + 8 + wPLCPwithPadding + 9;
470 pbyRSSI = pbyDAddress + 8 + wPLCPwithPadding + 10;
471 pbyRsr = pbyDAddress + 8 + wPLCPwithPadding + 11;
472
473 FrameSize = *pwPLCP_Length;
474
475 pbyFrame = pbyDAddress + 8;
476 // update receive statistic counter
477
478 STAvUpdateRDStatCounter(&pDevice->scStatistic,
479 *pbyRsr,
480 *pbyNewRsr,
481 *pbyRxSts,
482 *pbyRxRate,
483 pbyFrame,
484 FrameSize
485 );
486
487
488 pMACHeader = (PS802_11Header) pbyFrame;
489
490//mike add: to judge if current AP is activated?
491 if ((pMgmt->eCurrMode == WMAC_MODE_STANDBY) ||
492 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA)) {
493 if (pMgmt->sNodeDBTable[0].bActive) {
494 if(IS_ETH_ADDRESS_EQUAL (pMgmt->abyCurrBSSID, pMACHeader->abyAddr2) ) {
495 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
496 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
497 }
498 }
499 }
500
501 if (!IS_MULTICAST_ADDRESS(pMACHeader->abyAddr1) && !IS_BROADCAST_ADDRESS(pMACHeader->abyAddr1)) {
502 if ( WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) pbyFrame) ) {
503 pDevice->s802_11Counter.FrameDuplicateCount++;
504 return FALSE;
505 }
506
507 if ( !IS_ETH_ADDRESS_EQUAL (pDevice->abyCurrentNetAddr, pMACHeader->abyAddr1) ) {
508 return FALSE;
509 }
510 }
511
512
513 // Use for TKIP MIC
514 s_vGetDASA(pbyFrame, &cbHeaderSize, &pDevice->sRxEthHeader);
515
516 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
517 return FALSE;
518
519 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
520 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
521 p802_11Header = (PS802_11Header) (pbyFrame);
522 // get SA NodeIndex
523 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
524 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
525 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
526 }
527 }
528 }
529
530 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
531 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
532 return FALSE;
533 }
534 }
535
536
537 if (IS_FC_WEP(pbyFrame)) {
538 BOOL bRxDecryOK = FALSE;
539
540 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
541 bIsWEP = TRUE;
542 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
543 pKey = &STempKey;
544 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
545 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
546 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
547 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
548 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
549 memcpy(pKey->abyKey,
550 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
551 pKey->uKeyLength
552 );
553
554 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
555 pbyFrame,
556 FrameSize,
557 pbyRsr,
558 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
559 pKey,
560 pbyNewRsr,
561 &bExtIV,
562 &wRxTSC15_0,
563 &dwRxTSC47_16);
564 } else {
565 bRxDecryOK = s_bHandleRxEncryption(pDevice,
566 pbyFrame,
567 FrameSize,
568 pbyRsr,
569 pbyNewRsr,
570 &pKey,
571 &bExtIV,
572 &wRxTSC15_0,
573 &dwRxTSC47_16);
574 }
575
576 if (bRxDecryOK) {
577 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
578 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
579 if ( (pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
580 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
581 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
582 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
583 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
584
585 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
586 pDevice->s802_11Counter.TKIPICVErrors++;
587 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
588 pDevice->s802_11Counter.CCMPDecryptErrors++;
589 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
590// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
591 }
592 }
593 return FALSE;
594 }
595 } else {
596 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
597 return FALSE;
598 }
599 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
600 FrameSize -= 8; // Message Integrity Code
601 else
602 FrameSize -= 4; // 4 is ICV
603 }
604
605
606 //
607 // RX OK
608 //
609 //remove the CRC length
610 FrameSize -= U_CRC_LEN;
611
612 if ((BITbIsAllBitsOff(*pbyRsr, (RSR_ADDRBROAD | RSR_ADDRMULTI))) && // unicast address
613 (IS_FRAGMENT_PKT((pbyFrame)))
614 ) {
615 // defragment
616 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (pbyFrame), FrameSize, bIsWEP, bExtIV);
617 pDevice->s802_11Counter.ReceivedFragmentCount++;
618 if (bDeFragRx) {
619 // defrag complete
620 // TODO skb, pbyFrame
621 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
622 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
623 pbyFrame = skb->data + 8;
624 }
625 else {
626 return FALSE;
627 }
628 }
629
630 //
631 // Management & Control frame Handle
632 //
633 if ((IS_TYPE_DATA((pbyFrame))) == FALSE) {
634 // Handle Control & Manage Frame
635
636 if (IS_TYPE_MGMT((pbyFrame))) {
637 PBYTE pbyData1;
638 PBYTE pbyData2;
639
640 pRxPacket = &(pRCB->sMngPacket);
641 pRxPacket->p80211Header = (PUWLAN_80211HDR)(pbyFrame);
642 pRxPacket->cbMPDULen = FrameSize;
643 pRxPacket->uRSSI = *pbyRSSI;
644 pRxPacket->bySQ = *pbySQ;
645 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
646 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
647 if (bIsWEP) {
648 // strip IV
649 pbyData1 = WLAN_HDR_A3_DATA_PTR(pbyFrame);
650 pbyData2 = WLAN_HDR_A3_DATA_PTR(pbyFrame) + 4;
651 for (ii = 0; ii < (FrameSize - 4); ii++) {
652 *pbyData1 = *pbyData2;
653 pbyData1++;
654 pbyData2++;
655 }
656 }
657
658 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
659
660 if ( *pbyRxSts == 0 ) {
661 //Discard beacon packet which channel is 0
662 if ( (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_BEACON) ||
663 (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_PROBERESP) ) {
664 return TRUE;
665 }
666 }
667 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
668
669 // hostap Deamon handle 802.11 management
670 if (pDevice->bEnableHostapd) {
671 skb->dev = pDevice->apdev;
672 //skb->data += 4;
673 //skb->tail += 4;
674 skb->data += 8;
675 skb->tail += 8;
676 skb_put(skb, FrameSize);
d899d403 677 skb_reset_mac_header(skb);
92b96797
FB		 678 skb->pkt_type = PACKET_OTHERHOST;
679 skb->protocol = htons(ETH_P_802_2);
680 memset(skb->cb, 0, sizeof(skb->cb));
681 netif_rx(skb);
682 return TRUE;
683 }
684
685 //
686 // Insert the RCB in the Recv Mng list
687 //
688 EnqueueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList, pRCBIndicate);
689 pDevice->NumRecvMngList++;
690 if ( bDeFragRx == FALSE) {
691 pRCB->Ref++;
692 }
693 if (pDevice->bIsRxMngWorkItemQueued == FALSE) {
694 pDevice->bIsRxMngWorkItemQueued = TRUE;
695 tasklet_schedule(&pDevice->RxMngWorkItem);
696 }
697
698 }
699 else {
700 // Control Frame
701 };
702 return FALSE;
703 }
704 else {
705 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
706 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
707 if (BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
708 if (bDeFragRx) {
709 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
710 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
711 pDevice->dev->name);
712 }
713 }
714 return FALSE;
715 }
716 }
717 else {
718 // discard DATA packet while not associate || BSSID error
719 if ((pDevice->bLinkPass == FALSE) ||
720 BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
721 if (bDeFragRx) {
722 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
723 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
724 pDevice->dev->name);
725 }
726 }
727 return FALSE;
728 }
729 //mike add:station mode check eapol-key challenge--->
730 {
731 BYTE Protocol_Version; //802.1x Authentication
732 BYTE Packet_Type; //802.1x Authentication
733 BYTE Descriptor_type;
734 WORD Key_info;
735 if (bIsWEP)
736 cbIVOffset = 8;
737 else
738 cbIVOffset = 0;
739 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
740 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
741 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
742 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
743 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
744 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
745 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
746 bRxeapol_key = TRUE;
747 Descriptor_type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2];
748 Key_info = (skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+1]<<8) |skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+2] ;
749 if(Descriptor_type==2) { //RSN
750 // printk("WPA2_Rx_eapol-key_info<-----:%x\n",Key_info);
751 }
752 else if(Descriptor_type==254) {
753 // printk("WPA_Rx_eapol-key_info<-----:%x\n",Key_info);
754 }
755 }
756 }
757 }
758 //mike add:station mode check eapol-key challenge<---
759 }
760 }
761
762
763// Data frame Handle
764
765
766 if (pDevice->bEnablePSMode) {
767 if (IS_FC_MOREDATA((pbyFrame))) {
768 if (BITbIsBitOn(*pbyRsr, RSR_ADDROK)) {
769 //PSbSendPSPOLL((PSDevice)pDevice);
770 }
771 }
772 else {
773 if (pMgmt->bInTIMWake == TRUE) {
774 pMgmt->bInTIMWake = FALSE;
775 }
776 }
777 };
778
779 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
780 if (pDevice->bDiversityEnable && (FrameSize>50) &&
781 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
782 (pDevice->bLinkPass == TRUE)) {
783 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
784 }
785
786 // ++++++++ For BaseBand Algorithm +++++++++++++++
787 pDevice->uCurrRSSI = *pbyRSSI;
788 pDevice->byCurrSQ = *pbySQ;
789
790 // todo
791/*
792 if ((*pbyRSSI != 0) &&
793 (pMgmt->pCurrBSS!=NULL)) {
794 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
795 // Moniter if RSSI is too strong.
796 pMgmt->pCurrBSS->byRSSIStatCnt++;
797 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
798 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
799 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
800 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
801 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
802 }
803 }
804 }
805*/
806
807
808 // -----------------------------------------------
809
810 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
811 BYTE abyMacHdr[24];
812
813 // Only 802.1x packet incoming allowed
814 if (bIsWEP)
815 cbIVOffset = 8;
816 else
817 cbIVOffset = 0;
818 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
819 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
820
821 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
822 if (wEtherType == ETH_P_PAE) {
823 skb->dev = pDevice->apdev;
824
825 if (bIsWEP == TRUE) {
826 // strip IV header(8)
827 memcpy(&abyMacHdr[0], (skb->data + 8), 24);
828 memcpy((skb->data + 8 + cbIVOffset), &abyMacHdr[0], 24);
829 }
830
831 skb->data += (cbIVOffset + 8);
832 skb->tail += (cbIVOffset + 8);
833 skb_put(skb, FrameSize);
d899d403 834 skb_reset_mac_header(skb);
92b96797
FB		 835 skb->pkt_type = PACKET_OTHERHOST;
836 skb->protocol = htons(ETH_P_802_2);
837 memset(skb->cb, 0, sizeof(skb->cb));
838 netif_rx(skb);
839 return TRUE;
840
841 }
842 // check if 802.1x authorized
843 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
844 return FALSE;
845 }
846
847
848 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
849 if (bIsWEP) {
850 FrameSize -= 8; //MIC
851 }
852 }
853
854 //--------------------------------------------------------------------------------
855 // Soft MIC
856 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
857 if (bIsWEP) {
858 PDWORD pdwMIC_L;
859 PDWORD pdwMIC_R;
860 DWORD dwMIC_Priority;
861 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
862 DWORD dwLocalMIC_L = 0;
863 DWORD dwLocalMIC_R = 0;
864 viawget_wpa_header *wpahdr;
865
866
867 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
868 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
869 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
870 }
871 else {
872 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
873 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
874 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
875 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
876 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
877 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
878 } else {
879 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
880 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
881 }
882 }
883
884 MIC_vInit(dwMICKey0, dwMICKey1);
885 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
886 dwMIC_Priority = 0;
887 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
888 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
889 MIC_vAppend((PBYTE)(skb->data + 8 + WLAN_HDR_ADDR3_LEN + 8),
890 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
891 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
892 MIC_vUnInit();
893
894 pdwMIC_L = (PDWORD)(skb->data + 8 + FrameSize);
895 pdwMIC_R = (PDWORD)(skb->data + 8 + FrameSize + 4);
896
897
898 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
899 (pDevice->bRxMICFail == TRUE)) {
900 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
901 pDevice->bRxMICFail = FALSE;
902 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
903 pDevice->s802_11Counter.TKIPLocalMICFailures++;
904 if (bDeFragRx) {
905 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
906 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
907 pDevice->dev->name);
908 }
909 }
910 //2008-0409-07, <Add> by Einsn Liu
911 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
912 //send event to wpa_supplicant
913 //if(pDevice->bWPASuppWextEnabled == TRUE)
914 {
915 union iwreq_data wrqu;
916 struct iw_michaelmicfailure ev;
917 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
918 memset(&ev, 0, sizeof(ev));
919 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
920 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
921 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
922 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
923 ev.flags |= IW_MICFAILURE_PAIRWISE;
924 } else {
925 ev.flags |= IW_MICFAILURE_GROUP;
926 }
927
928 ev.src_addr.sa_family = ARPHRD_ETHER;
929 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
930 memset(&wrqu, 0, sizeof(wrqu));
931 wrqu.data.length = sizeof(ev);
932 PRINT_K("wireless_send_event--->IWEVMICHAELMICFAILURE\n");
933 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
934
935 }
936 #endif
937
938
939 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
940 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
941 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
942 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
943 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
944 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
945 wpahdr->type = VIAWGET_PTK_MIC_MSG;
946 } else {
947 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
948 wpahdr->type = VIAWGET_GTK_MIC_MSG;
949 }
950 wpahdr->resp_ie_len = 0;
951 wpahdr->req_ie_len = 0;
952 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
953 pDevice->skb->dev = pDevice->wpadev;
d899d403 954 skb_reset_mac_header(pDevice->skb);
92b96797
FB		 955 pDevice->skb->pkt_type = PACKET_HOST;
956 pDevice->skb->protocol = htons(ETH_P_802_2);
957 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
958 netif_rx(pDevice->skb);
959 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
960 };
961
962 return FALSE;
963
964 }
965 }
966 } //---end of SOFT MIC-----------------------------------------------------------------------
967
968 // ++++++++++ Reply Counter Check +++++++++++++
969
970 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
971 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
972 if (bIsWEP) {
973 WORD wLocalTSC15_0 = 0;
974 DWORD dwLocalTSC47_16 = 0;
975 ULONGLONG RSC = 0;
976 // endian issues
977 RSC = *((ULONGLONG *) &(pKey->KeyRSC));
978 wLocalTSC15_0 = (WORD) RSC;
979 dwLocalTSC47_16 = (DWORD) (RSC>>16);
980
981 RSC = dwRxTSC47_16;
982 RSC <<= 16;
983 RSC += wRxTSC15_0;
984 MEMvCopy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
985
986 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
987 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
988 // check RSC
989 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
990 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
991 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
992 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
993 if (pKey->byCipherSuite == KEY_CTL_TKIP)
994 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
995 pDevice->s802_11Counter.TKIPReplays++;
996 else
997 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
998 pDevice->s802_11Counter.CCMPReplays++;
999
1000 if (bDeFragRx) {
1001 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1002 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1003 pDevice->dev->name);
1004 }
1005 }
1006 return FALSE;
1007 }
1008 }
1009 }
1010 } // ----- End of Reply Counter Check --------------------------
1011
1012
1013 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+8), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
1014 FrameSize -= cbHeaderOffset;
1015 cbHeaderOffset += 8; // 8 is Rcv buffer header
1016
1017 // Null data, framesize = 12
1018 if (FrameSize < 12)
1019 return FALSE;
1020
1021 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1022 if (s_bAPModeRxData(pDevice,
1023 skb,
1024 FrameSize,
1025 cbHeaderOffset,
1026 iSANodeIndex,
1027 iDANodeIndex
1028 ) == FALSE) {
1029
1030 if (bDeFragRx) {
1031 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1032 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1033 pDevice->dev->name);
1034 }
1035 }
1036 return FALSE;
1037 }
1038
1039 }
1040
1041 skb->data += cbHeaderOffset;
1042 skb->tail += cbHeaderOffset;
1043 skb_put(skb, FrameSize);
1044 skb->protocol=eth_type_trans(skb, skb->dev);
1045 skb->ip_summed=CHECKSUM_NONE;
1046 pStats->rx_bytes +=skb->len;
1047 pStats->rx_packets++;
1048 netif_rx(skb);
1049 if (bDeFragRx) {
1050 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1051 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1052 pDevice->dev->name);
1053 }
1054 return FALSE;
1055 }
1056
1057 return TRUE;
1058}
1059
1060
1061static BOOL s_bAPModeRxCtl (
1062 IN PSDevice pDevice,
1063 IN PBYTE pbyFrame,
1064 IN INT iSANodeIndex
1065 )
1066{
1067 PS802_11Header p802_11Header;
1068 CMD_STATUS Status;
1069 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1070
1071
1072 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1073
1074 p802_11Header = (PS802_11Header) (pbyFrame);
1075 if (!IS_TYPE_MGMT(pbyFrame)) {
1076
1077 // Data & PS-Poll packet
1078 // check frame class
1079 if (iSANodeIndex > 0) {
1080 // frame class 3 fliter & checking
1081 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1082 // send deauth notification
1083 // reason = (6) class 2 received from nonauth sta
1084 vMgrDeAuthenBeginSta(pDevice,
1085 pMgmt,
1086 (PBYTE)(p802_11Header->abyAddr2),
1087 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1088 &Status
1089 );
1090 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1091 return TRUE;
1092 };
1093 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1094 // send deassoc notification
1095 // reason = (7) class 3 received from nonassoc sta
1096 vMgrDisassocBeginSta(pDevice,
1097 pMgmt,
1098 (PBYTE)(p802_11Header->abyAddr2),
1099 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1100 &Status
1101 );
1102 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1103 return TRUE;
1104 };
1105
1106 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1107 // delcare received ps-poll event
1108 if (IS_CTL_PSPOLL(pbyFrame)) {
1109 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1110 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1111 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1112 }
1113 else {
1114 // check Data PS state
1115 // if PW bit off, send out all PS bufferring packets.
1116 if (!IS_FC_POWERMGT(pbyFrame)) {
1117 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1118 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1119 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1120 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1121 }
1122 }
1123 }
1124 else {
1125 if (IS_FC_POWERMGT(pbyFrame)) {
1126 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1127 // Once if STA in PS state, enable multicast bufferring
1128 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1129 }
1130 else {
1131 // clear all pending PS frame.
1132 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1133 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1134 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1135 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1136 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1137
1138 }
1139 }
1140 }
1141 }
1142 else {
1143 vMgrDeAuthenBeginSta(pDevice,
1144 pMgmt,
1145 (PBYTE)(p802_11Header->abyAddr2),
1146 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1147 &Status
1148 );
1149 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1150 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
1151 p802_11Header->abyAddr3[0],
1152 p802_11Header->abyAddr3[1],
1153 p802_11Header->abyAddr3[2],
1154 p802_11Header->abyAddr3[3],
1155 p802_11Header->abyAddr3[4],
1156 p802_11Header->abyAddr3[5]
1157 );
1158 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
1159 p802_11Header->abyAddr2[0],
1160 p802_11Header->abyAddr2[1],
1161 p802_11Header->abyAddr2[2],
1162 p802_11Header->abyAddr2[3],
1163 p802_11Header->abyAddr2[4],
1164 p802_11Header->abyAddr2[5]
1165 );
1166 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
1167 p802_11Header->abyAddr1[0],
1168 p802_11Header->abyAddr1[1],
1169 p802_11Header->abyAddr1[2],
1170 p802_11Header->abyAddr1[3],
1171 p802_11Header->abyAddr1[4],
1172 p802_11Header->abyAddr1[5]
1173 );
1174 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1175 return TRUE;
1176 }
1177 }
1178 }
1179 return FALSE;
1180
1181}
1182
1183static BOOL s_bHandleRxEncryption (
1184 IN PSDevice pDevice,
1185 IN PBYTE pbyFrame,
1186 IN UINT FrameSize,
1187 IN PBYTE pbyRsr,
1188 OUT PBYTE pbyNewRsr,
1189 OUT PSKeyItem *pKeyOut,
193a823c 1190 int * pbExtIV,
92b96797
FB		 1191 OUT PWORD pwRxTSC15_0,
1192 OUT PDWORD pdwRxTSC47_16
1193 )
1194{
1195 UINT PayloadLen = FrameSize;
1196 PBYTE pbyIV;
1197 BYTE byKeyIdx;
1198 PSKeyItem pKey = NULL;
1199 BYTE byDecMode = KEY_CTL_WEP;
1200 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1201
1202
1203 *pwRxTSC15_0 = 0;
1204 *pdwRxTSC47_16 = 0;
1205
1206 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1207 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1208 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1209 pbyIV += 6; // 6 is 802.11 address4
1210 PayloadLen -= 6;
1211 }
1212 byKeyIdx = (*(pbyIV+3) & 0xc0);
1213 byKeyIdx >>= 6;
1214 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1215
1216 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1217 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1218 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1219 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1220 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1221 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1222 (pMgmt->byCSSPK != KEY_CTL_NONE)) {
1223 // unicast pkt use pairwise key
1224 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1225 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1226 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
1227 byDecMode = KEY_CTL_TKIP;
1228 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
1229 byDecMode = KEY_CTL_CCMP;
1230 }
1231 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1232 } else {
1233 // use group key
1234 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1235 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1236 byDecMode = KEY_CTL_TKIP;
1237 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1238 byDecMode = KEY_CTL_CCMP;
1239 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1240 }
1241 }
1242 // our WEP only support Default Key
1243 if (pKey == NULL) {
1244 // use default group key
1245 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1246 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1247 byDecMode = KEY_CTL_TKIP;
1248 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1249 byDecMode = KEY_CTL_CCMP;
1250 }
1251 *pKeyOut = pKey;
1252
1253 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1254
1255 if (pKey == NULL) {
1256 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1257 if (byDecMode == KEY_CTL_WEP) {
1258// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1259 } else if (pDevice->bLinkPass == TRUE) {
1260// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1261 }
1262 return FALSE;
1263 }
1264 if (byDecMode != pKey->byCipherSuite) {
1265 if (byDecMode == KEY_CTL_WEP) {
1266// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1267 } else if (pDevice->bLinkPass == TRUE) {
1268// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1269 }
1270 *pKeyOut = NULL;
1271 return FALSE;
1272 }
1273 if (byDecMode == KEY_CTL_WEP) {
1274 // handle WEP
1275 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1276 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1277 // Software WEP
1278 // 1. 3253A
1279 // 2. WEP 256
1280
1281 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1282 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1283 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1284 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1285 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1286
1287 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1288 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1289 }
1290 }
1291 } else if ((byDecMode == KEY_CTL_TKIP) ||
1292 (byDecMode == KEY_CTL_CCMP)) {
1293 // TKIP/AES
1294
1295 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1296 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1297 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1298 if (byDecMode == KEY_CTL_TKIP) {
1299 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1300 } else {
1301 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1302 }
1303 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1304
1305 if ((byDecMode == KEY_CTL_TKIP) &&
1306 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1307 // Software TKIP
1308 // 1. 3253 A
1309 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1310 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1311 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1312 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1313 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1314 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1315 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1316 } else {
1317 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1318 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1319 }
1320 }
1321 }// end of TKIP/AES
1322
1323 if ((*(pbyIV+3) & 0x20) != 0)
1324 *pbExtIV = TRUE;
1325 return TRUE;
1326}
1327
1328
1329static BOOL s_bHostWepRxEncryption (
1330 IN PSDevice pDevice,
1331 IN PBYTE pbyFrame,
1332 IN UINT FrameSize,
1333 IN PBYTE pbyRsr,
1334 IN BOOL bOnFly,
1335 IN PSKeyItem pKey,
1336 OUT PBYTE pbyNewRsr,
193a823c 1337 int * pbExtIV,
92b96797
FB		 1338 OUT PWORD pwRxTSC15_0,
1339 OUT PDWORD pdwRxTSC47_16
1340 )
1341{
1342 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1343 UINT PayloadLen = FrameSize;
1344 PBYTE pbyIV;
1345 BYTE byKeyIdx;
1346 BYTE byDecMode = KEY_CTL_WEP;
1347 PS802_11Header pMACHeader;
1348
1349
1350
1351 *pwRxTSC15_0 = 0;
1352 *pdwRxTSC47_16 = 0;
1353
1354 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1355 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1356 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1357 pbyIV += 6; // 6 is 802.11 address4
1358 PayloadLen -= 6;
1359 }
1360 byKeyIdx = (*(pbyIV+3) & 0xc0);
1361 byKeyIdx >>= 6;
1362 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1363
1364
1365 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1366 byDecMode = KEY_CTL_TKIP;
1367 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1368 byDecMode = KEY_CTL_CCMP;
1369
1370 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1371
1372 if (byDecMode != pKey->byCipherSuite) {
1373 if (byDecMode == KEY_CTL_WEP) {
1374// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1375 } else if (pDevice->bLinkPass == TRUE) {
1376// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1377 }
1378 return FALSE;
1379 }
1380
1381 if (byDecMode == KEY_CTL_WEP) {
1382 // handle WEP
1383 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1384 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1385 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1386 (bOnFly == FALSE)) {
1387 // Software WEP
1388 // 1. 3253A
1389 // 2. WEP 256
1390 // 3. NotOnFly
1391
1392 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1393 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1394 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1395 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1396 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1397
1398 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1399 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1400 }
1401 }
1402 } else if ((byDecMode == KEY_CTL_TKIP) ||
1403 (byDecMode == KEY_CTL_CCMP)) {
1404 // TKIP/AES
1405
1406 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1407 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1408 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1409
1410 if (byDecMode == KEY_CTL_TKIP) {
1411 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1412 } else {
1413 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1414 }
1415 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1416
1417 if (byDecMode == KEY_CTL_TKIP) {
1418
1419 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1420 // Software TKIP
1421 // 1. 3253 A
1422 // 2. NotOnFly
1423 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1424 pMACHeader = (PS802_11Header) (pbyFrame);
1425 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1426 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1427 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1428 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1429 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1430 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1431 } else {
1432 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1433 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1434 }
1435 }
1436 }
1437
1438 if (byDecMode == KEY_CTL_CCMP) {
1439 if (bOnFly == FALSE) {
1440 // Software CCMP
1441 // NotOnFly
1442 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1443 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1444 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1445 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1446 } else {
1447 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1448 }
1449 }
1450 }
1451
1452 }// end of TKIP/AES
1453
1454 if ((*(pbyIV+3) & 0x20) != 0)
1455 *pbExtIV = TRUE;
1456 return TRUE;
1457}
1458
1459
1460
1461static BOOL s_bAPModeRxData (
1462 IN PSDevice pDevice,
1463 IN struct sk_buff* skb,
1464 IN UINT FrameSize,
1465 IN UINT cbHeaderOffset,
1466 IN INT iSANodeIndex,
1467 IN INT iDANodeIndex
1468 )
1469
1470{
1471 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1472 BOOL bRelayAndForward = FALSE;
1473 BOOL bRelayOnly = FALSE;
1474 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1475 WORD wAID;
1476
1477
1478 struct sk_buff* skbcpy = NULL;
1479
1480 if (FrameSize > CB_MAX_BUF_SIZE)
1481 return FALSE;
1482 // check DA
1483 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1484 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1485
1486 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1487
1488 // if any node in PS mode, buffer packet until DTIM.
1489 if (skbcpy == NULL) {
1490 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1491 }
1492 else {
1493 skbcpy->dev = pDevice->dev;
1494 skbcpy->len = FrameSize;
1495 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1496 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1497 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1498 // set tx map
1499 pMgmt->abyPSTxMap[0] |= byMask[0];
1500 }
1501 }
1502 else {
1503 bRelayAndForward = TRUE;
1504 }
1505 }
1506 else {
1507 // check if relay
1508 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1509 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1510 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1511 // queue this skb until next PS tx, and then release.
1512
1513 skb->data += cbHeaderOffset;
1514 skb->tail += cbHeaderOffset;
1515 skb_put(skb, FrameSize);
1516 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1517
1518 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1519 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1520 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1521 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1522 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1523 return TRUE;
1524 }
1525 else {
1526 bRelayOnly = TRUE;
1527 }
1528 }
1529 };
1530 }
1531
1532 if (bRelayOnly || bRelayAndForward) {
1533 // relay this packet right now
1534 if (bRelayAndForward)
1535 iDANodeIndex = 0;
1536
1537 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
1538 bRelayPacketSend(pDevice, (PBYTE)(skb->data + cbHeaderOffset), FrameSize, (UINT)iDANodeIndex);
1539 }
1540
1541 if (bRelayOnly)
1542 return FALSE;
1543 }
1544 // none associate, don't forward
1545 if (pDevice->uAssocCount == 0)
1546 return FALSE;
1547
1548 return TRUE;
1549}
1550
1551
1552
1553
1554VOID
1555RXvWorkItem(
1556 PVOID Context
1557 )
1558{
1559 PSDevice pDevice = (PSDevice) Context;
1560 NTSTATUS ntStatus;
1561 PRCB pRCB=NULL;
1562
1563 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Polling Thread\n");
1564 spin_lock_irq(&pDevice->lock);
1565 while ( MP_TEST_FLAG(pDevice, fMP_POST_READS) &&
1566 MP_IS_READY(pDevice) &&
1567 (pDevice->NumRecvFreeList != 0) ) {
1568 pRCB = pDevice->FirstRecvFreeList;
1569 pDevice->NumRecvFreeList--;
1570 ASSERT(pRCB);// cannot be NULL
1571 DequeueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList);
1572 ntStatus = PIPEnsBulkInUsbRead(pDevice, pRCB);
1573 }
1574 pDevice->bIsRxWorkItemQueued = FALSE;
1575 spin_unlock_irq(&pDevice->lock);
1576
1577}
1578
1579
1580VOID
1581RXvFreeRCB(
1582 IN PRCB pRCB,
1583 IN BOOL bReAllocSkb
1584 )
1585{
1586 PSDevice pDevice = (PSDevice)pRCB->pDevice;
1587
1588
1589 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->RXvFreeRCB\n");
1590
1591 ASSERT(!pRCB->Ref); // should be 0
1592 ASSERT(pRCB->pDevice); // shouldn't be NULL
1593
1594 if (bReAllocSkb == TRUE) {
1595 pRCB->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1596 // todo error handling
1597 if (pRCB->skb == NULL) {
1598 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR" Failed to re-alloc rx skb\n");
1599 }else {
1600 pRCB->skb->dev = pDevice->dev;
1601 }
1602 }
1603 //
1604 // Insert the RCB back in the Recv free list
1605 //
1606 EnqueueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList, pRCB);
1607 pDevice->NumRecvFreeList++;
1608
1609
1610 if (MP_TEST_FLAG(pDevice, fMP_POST_READS) && MP_IS_READY(pDevice) &&
1611 (pDevice->bIsRxWorkItemQueued == FALSE) ) {
1612
1613 pDevice->bIsRxWorkItemQueued = TRUE;
1614 tasklet_schedule(&pDevice->ReadWorkItem);
1615 }
1616 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"<----RXFreeRCB %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1617}
1618
1619
1620VOID
1621RXvMngWorkItem(
1622 PVOID Context
1623 )
1624{
1625 PSDevice pDevice = (PSDevice) Context;
1626 PRCB pRCB=NULL;
1627 PSRxMgmtPacket pRxPacket;
1628 BOOL bReAllocSkb = FALSE;
1629
1630 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Mng Thread\n");
1631
1632 spin_lock_irq(&pDevice->lock);
1633 while (pDevice->NumRecvMngList!=0)
1634 {
1635 pRCB = pDevice->FirstRecvMngList;
1636 pDevice->NumRecvMngList--;
1637 DequeueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList);
1638 if(!pRCB){
1639 break;
1640 }
1641 ASSERT(pRCB);// cannot be NULL
1642 pRxPacket = &(pRCB->sMngPacket);
1643 vMgrRxManagePacket((HANDLE)pDevice, &(pDevice->sMgmtObj), pRxPacket);
1644 pRCB->Ref--;
1645 if(pRCB->Ref == 0) {
1646 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RxvFreeMng %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1647 RXvFreeRCB(pRCB, bReAllocSkb);
1648 } else {
1649 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Rx Mng Only we have the right to free RCB\n");
1650 }
1651 }
1652
1653 pDevice->bIsRxMngWorkItemQueued = FALSE;
1654 spin_unlock_irq(&pDevice->lock);
1655
1656}
1657
1658
Linux kernel - Deliverables
This page took 0.095441 seconds and 5 git commands to generate.