[deliverable/linux.git] / net / ieee80211 / ieee80211_tx.c

/******************************************************************************

  Copyright(c) 2003 - 2005 Intel Corporation. All rights reserved.

  This program is free software; you can redistribute it and/or modify it
  under the terms of version 2 of the GNU General Public License as
  published by the Free Software Foundation.

  This program is distributed in the hope that it will be useful, but WITHOUT
  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  more details.

  You should have received a copy of the GNU General Public License along with
  this program; if not, write to the Free Software Foundation, Inc., 59
  Temple Place - Suite 330, Boston, MA  02111-1307, USA.

  The full GNU General Public License is included in this distribution in the
  file called LICENSE.

  Contact Information:
  James P. Ketrenos <ipw2100-admin@linux.intel.com>
  Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497

******************************************************************************/
#include <linux/compiler.h>
#include <linux/errno.h>
#include <linux/if_arp.h>
#include <linux/in6.h>
#include <linux/in.h>
#include <linux/ip.h>
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/netdevice.h>
#include <linux/proc_fs.h>
#include <linux/skbuff.h>
#include <linux/slab.h>
#include <linux/tcp.h>
#include <linux/types.h>
#include <linux/wireless.h>
#include <linux/etherdevice.h>
#include <asm/uaccess.h>

#include <net/ieee80211.h>

/*

802.11 Data Frame

      ,-------------------------------------------------------------------.
Bytes |  2   |  2   |    6    |    6    |    6    |  2   | 0..2312 |   4  |
      |------|------|---------|---------|---------|------|---------|------|
Desc. | ctrl | dura |  DA/RA  |   TA    |    SA   | Sequ |  Frame  |  fcs |
      |      | tion | (BSSID) |         |         | ence |  data   |      |
      `--------------------------------------------------|         |------'
Total: 28 non-data bytes                                 `----.----'
							      |
       .- 'Frame data' expands, if WEP enabled, to <----------'
       |
       V
      ,-----------------------.
Bytes |  4  |   0-2296  |  4  |
      |-----|-----------|-----|
Desc. | IV  | Encrypted | ICV |
      |     | Packet    |     |
      `-----|           |-----'
	    `-----.-----'
		  |
       .- 'Encrypted Packet' expands to
       |
       V
      ,---------------------------------------------------.
Bytes |  1   |  1   |    1    |    3     |  2   |  0-2304 |
      |------|------|---------|----------|------|---------|
Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP      |
      | DSAP | SSAP |         |          |      | Packet  |
      | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8|      |         |
      `----------------------------------------------------
Total: 8 non-data bytes

802.3 Ethernet Data Frame

      ,-----------------------------------------.
Bytes |   6   |   6   |  2   |  Variable |   4  |
      |-------|-------|------|-----------|------|
Desc. | Dest. | Source| Type | IP Packet |  fcs |
      |  MAC  |  MAC  |      |           |      |
      `-----------------------------------------'
Total: 18 non-data bytes

In the event that fragmentation is required, the incoming payload is split into
N parts of size ieee->fts.  The first fragment contains the SNAP header and the
remaining packets are just data.

If encryption is enabled, each fragment payload size is reduced by enough space
to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
So if you have 1500 bytes of payload with ieee->fts set to 500 without
encryption it will take 3 frames.  With WEP it will take 4 frames as the
payload of each frame is reduced to 492 bytes.

* SKB visualization
*
*  ,- skb->data
* |
* |    ETHERNET HEADER        ,-<-- PAYLOAD
* |                           |     14 bytes from skb->data
* |  2 bytes for Type --> ,T. |     (sizeof ethhdr)
* |                       | | |
* |,-Dest.--. ,--Src.---. | | |
* |  6 bytes| | 6 bytes | | | |
* v         | |         | | | |
* 0         | v       1 | v | v           2
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
*     ^     | ^         | ^ |
*     |     | |         | | |
*     |     | |         | `T' <---- 2 bytes for Type
*     |     | |         |
*     |     | '---SNAP--' <-------- 6 bytes for SNAP
*     |     |
*     `-IV--' <-------------------- 4 bytes for IV (WEP)
*
*      SNAP HEADER
*
*/

static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };

static int ieee80211_copy_snap(u8 * data, u16 h_proto)
{
	struct ieee80211_snap_hdr *snap;
	u8 *oui;

	snap = (struct ieee80211_snap_hdr *)data;
	snap->dsap = 0xaa;
	snap->ssap = 0xaa;
	snap->ctrl = 0x03;

	if (h_proto == 0x8137 || h_proto == 0x80f3)
		oui = P802_1H_OUI;
	else
		oui = RFC1042_OUI;
	snap->oui[0] = oui[0];
	snap->oui[1] = oui[1];
	snap->oui[2] = oui[2];

	h_proto = htons(h_proto);
	memcpy(data + SNAP_SIZE, &h_proto, sizeof(u16));

	return SNAP_SIZE + sizeof(u16);
}

static int ieee80211_encrypt_fragment(struct ieee80211_device *ieee,
					     struct sk_buff *frag, int hdr_len)
{
	struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
	int res;

	if (crypt == NULL)
		return -1;

	/* To encrypt, frame format is:
	 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */
	atomic_inc(&crypt->refcnt);
	res = 0;
	if (crypt->ops && crypt->ops->encrypt_mpdu)
		res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv);

	atomic_dec(&crypt->refcnt);
	if (res < 0) {
		printk(KERN_INFO "%s: Encryption failed: len=%d.\n",
		       ieee->dev->name, frag->len);
		ieee->ieee_stats.tx_discards++;
		return -1;
	}

	return 0;
}

void ieee80211_txb_free(struct ieee80211_txb *txb)
{
	int i;
	if (unlikely(!txb))
		return;
	for (i = 0; i < txb->nr_frags; i++)
		if (txb->fragments[i])
			dev_kfree_skb_any(txb->fragments[i]);
	kfree(txb);
}

static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
						 int headroom, gfp_t gfp_mask)
{
	struct ieee80211_txb *txb;
	int i;
	txb = kmalloc(sizeof(struct ieee80211_txb) + (sizeof(u8 *) * nr_frags),
		      gfp_mask);
	if (!txb)
		return NULL;

	memset(txb, 0, sizeof(struct ieee80211_txb));
	txb->nr_frags = nr_frags;
	txb->frag_size = txb_size;

	for (i = 0; i < nr_frags; i++) {
		txb->fragments[i] = __dev_alloc_skb(txb_size + headroom,
						    gfp_mask);
		if (unlikely(!txb->fragments[i])) {
			i--;
			break;
		}
		skb_reserve(txb->fragments[i], headroom);
	}
	if (unlikely(i != nr_frags)) {
		while (i >= 0)
			dev_kfree_skb_any(txb->fragments[i--]);
		kfree(txb);
		return NULL;
	}
	return txb;
}

static int ieee80211_classify(struct sk_buff *skb)
{
	struct ethhdr *eth;
	struct iphdr *ip;

	eth = (struct ethhdr *)skb->data;
	if (eth->h_proto != htons(ETH_P_IP))
		return 0;

	ip = ip_hdr(skb);
	switch (ip->tos & 0xfc) {
	case 0x20:
		return 2;
	case 0x40:
		return 1;
	case 0x60:
		return 3;
	case 0x80:
		return 4;
	case 0xa0:
		return 5;
	case 0xc0:
		return 6;
	case 0xe0:
		return 7;
	default:
		return 0;
	}
}

/* Incoming skb is converted to a txb which consists of
 * a block of 802.11 fragment packets (stored as skbs) */
int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
{
	struct ieee80211_device *ieee = netdev_priv(dev);
	struct ieee80211_txb *txb = NULL;
	struct ieee80211_hdr_3addrqos *frag_hdr;
	int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size,
	    rts_required;
	unsigned long flags;
	struct net_device_stats *stats = &ieee->stats;
	int ether_type, encrypt, host_encrypt, host_encrypt_msdu, host_build_iv;
	int bytes, fc, hdr_len;
	struct sk_buff *skb_frag;
	struct ieee80211_hdr_3addrqos header = {/* Ensure zero initialized */
		.duration_id = 0,
		.seq_ctl = 0,
		.qos_ctl = 0
	};
	u8 dest[ETH_ALEN], src[ETH_ALEN];
	struct ieee80211_crypt_data *crypt;
	int priority = skb->priority;
	int snapped = 0;

	if (ieee->is_queue_full && (*ieee->is_queue_full) (dev, priority))
		return NETDEV_TX_BUSY;

	spin_lock_irqsave(&ieee->lock, flags);

	/* If there is no driver handler to take the TXB, dont' bother
	 * creating it... */
	if (!ieee->hard_start_xmit) {
		printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name);
		goto success;
	}

	if (unlikely(skb->len < SNAP_SIZE + sizeof(u16))) {
		printk(KERN_WARNING "%s: skb too small (%d).\n",
		       ieee->dev->name, skb->len);
		goto success;
	}

	ether_type = ntohs(((struct ethhdr *)skb->data)->h_proto);

	crypt = ieee->crypt[ieee->tx_keyidx];

	encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
	    ieee->sec.encrypt;

	host_encrypt = ieee->host_encrypt && encrypt && crypt;
	host_encrypt_msdu = ieee->host_encrypt_msdu && encrypt && crypt;
	host_build_iv = ieee->host_build_iv && encrypt && crypt;

	if (!encrypt && ieee->ieee802_1x &&
	    ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
		stats->tx_dropped++;
		goto success;
	}

	/* Save source and destination addresses */
	skb_copy_from_linear_data(skb, dest, ETH_ALEN);
	skb_copy_from_linear_data_offset(skb, ETH_ALEN, src, ETH_ALEN);

	if (host_encrypt || host_build_iv)
		fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA |
		    IEEE80211_FCTL_PROTECTED;
	else
		fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;

	if (ieee->iw_mode == IW_MODE_INFRA) {
		fc |= IEEE80211_FCTL_TODS;
		/* To DS: Addr1 = BSSID, Addr2 = SA, Addr3 = DA */
		memcpy(header.addr1, ieee->bssid, ETH_ALEN);
		memcpy(header.addr2, src, ETH_ALEN);
		memcpy(header.addr3, dest, ETH_ALEN);
	} else if (ieee->iw_mode == IW_MODE_ADHOC) {
		/* not From/To DS: Addr1 = DA, Addr2 = SA, Addr3 = BSSID */
		memcpy(header.addr1, dest, ETH_ALEN);
		memcpy(header.addr2, src, ETH_ALEN);
		memcpy(header.addr3, ieee->bssid, ETH_ALEN);
	}
	hdr_len = IEEE80211_3ADDR_LEN;

	if (ieee->is_qos_active && ieee->is_qos_active(dev, skb)) {
		fc |= IEEE80211_STYPE_QOS_DATA;
		hdr_len += 2;

		skb->priority = ieee80211_classify(skb);
		header.qos_ctl |= cpu_to_le16(skb->priority & IEEE80211_QCTL_TID);
	}
	header.frame_ctl = cpu_to_le16(fc);

	/* Advance the SKB to the start of the payload */
	skb_pull(skb, sizeof(struct ethhdr));

	/* Determine total amount of storage required for TXB packets */
	bytes = skb->len + SNAP_SIZE + sizeof(u16);

	/* Encrypt msdu first on the whole data packet. */
	if ((host_encrypt || host_encrypt_msdu) &&
	    crypt && crypt->ops && crypt->ops->encrypt_msdu) {
		int res = 0;
		int len = bytes + hdr_len + crypt->ops->extra_msdu_prefix_len +
		    crypt->ops->extra_msdu_postfix_len;
		struct sk_buff *skb_new = dev_alloc_skb(len);

		if (unlikely(!skb_new))
			goto failed;

		skb_reserve(skb_new, crypt->ops->extra_msdu_prefix_len);
		memcpy(skb_put(skb_new, hdr_len), &header, hdr_len);
		snapped = 1;
		ieee80211_copy_snap(skb_put(skb_new, SNAP_SIZE + sizeof(u16)),
				    ether_type);
		skb_copy_from_linear_data(skb, skb_put(skb_new, skb->len), skb->len);
		res = crypt->ops->encrypt_msdu(skb_new, hdr_len, crypt->priv);
		if (res < 0) {
			IEEE80211_ERROR("msdu encryption failed\n");
			dev_kfree_skb_any(skb_new);
			goto failed;
		}
		dev_kfree_skb_any(skb);
		skb = skb_new;
		bytes += crypt->ops->extra_msdu_prefix_len +
		    crypt->ops->extra_msdu_postfix_len;
		skb_pull(skb, hdr_len);
	}

	if (host_encrypt || ieee->host_open_frag) {
		/* Determine fragmentation size based on destination (multicast
		 * and broadcast are not fragmented) */
		if (is_multicast_ether_addr(dest) ||
		    is_broadcast_ether_addr(dest))
			frag_size = MAX_FRAG_THRESHOLD;
		else
			frag_size = ieee->fts;

		/* Determine amount of payload per fragment.  Regardless of if
		 * this stack is providing the full 802.11 header, one will
		 * eventually be affixed to this fragment -- so we must account
		 * for it when determining the amount of payload space. */
		bytes_per_frag = frag_size - hdr_len;
		if (ieee->config &
		    (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
			bytes_per_frag -= IEEE80211_FCS_LEN;

		/* Each fragment may need to have room for encryptiong
		 * pre/postfix */
		if (host_encrypt)
			bytes_per_frag -= crypt->ops->extra_mpdu_prefix_len +
			    crypt->ops->extra_mpdu_postfix_len;

		/* Number of fragments is the total
		 * bytes_per_frag / payload_per_fragment */
		nr_frags = bytes / bytes_per_frag;
		bytes_last_frag = bytes % bytes_per_frag;
		if (bytes_last_frag)
			nr_frags++;
		else
			bytes_last_frag = bytes_per_frag;
	} else {
		nr_frags = 1;
		bytes_per_frag = bytes_last_frag = bytes;
		frag_size = bytes + hdr_len;
	}

	rts_required = (frag_size > ieee->rts
			&& ieee->config & CFG_IEEE80211_RTS);
	if (rts_required)
		nr_frags++;

	/* When we allocate the TXB we allocate enough space for the reserve
	 * and full fragment bytes (bytes_per_frag doesn't include prefix,
	 * postfix, header, FCS, etc.) */
	txb = ieee80211_alloc_txb(nr_frags, frag_size,
				  ieee->tx_headroom, GFP_ATOMIC);
	if (unlikely(!txb)) {
		printk(KERN_WARNING "%s: Could not allocate TXB\n",
		       ieee->dev->name);
		goto failed;
	}
	txb->encrypted = encrypt;
	if (host_encrypt)
		txb->payload_size = frag_size * (nr_frags - 1) +
		    bytes_last_frag;
	else
		txb->payload_size = bytes;

	if (rts_required) {
		skb_frag = txb->fragments[0];
		frag_hdr =
		    (struct ieee80211_hdr_3addrqos *)skb_put(skb_frag, hdr_len);

		/*
		 * Set header frame_ctl to the RTS.
		 */
		header.frame_ctl =
		    cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS);
		memcpy(frag_hdr, &header, hdr_len);

		/*
		 * Restore header frame_ctl to the original data setting.
		 */
		header.frame_ctl = cpu_to_le16(fc);

		if (ieee->config &
		    (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
			skb_put(skb_frag, 4);

		txb->rts_included = 1;
		i = 1;
	} else
		i = 0;

	for (; i < nr_frags; i++) {
		skb_frag = txb->fragments[i];

		if (host_encrypt || host_build_iv)
			skb_reserve(skb_frag,
				    crypt->ops->extra_mpdu_prefix_len);

		frag_hdr =
		    (struct ieee80211_hdr_3addrqos *)skb_put(skb_frag, hdr_len);
		memcpy(frag_hdr, &header, hdr_len);

		/* If this is not the last fragment, then add the MOREFRAGS
		 * bit to the frame control */
		if (i != nr_frags - 1) {
			frag_hdr->frame_ctl =
			    cpu_to_le16(fc | IEEE80211_FCTL_MOREFRAGS);
			bytes = bytes_per_frag;
		} else {
			/* The last fragment takes the remaining length */
			bytes = bytes_last_frag;
		}

		if (i == 0 && !snapped) {
			ieee80211_copy_snap(skb_put
					    (skb_frag, SNAP_SIZE + sizeof(u16)),
					    ether_type);
			bytes -= SNAP_SIZE + sizeof(u16);
		}

		skb_copy_from_linear_data(skb, skb_put(skb_frag, bytes), bytes);

		/* Advance the SKB... */
		skb_pull(skb, bytes);

		/* Encryption routine will move the header forward in order
		 * to insert the IV between the header and the payload */
		if (host_encrypt)
			ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
		else if (host_build_iv) {
			atomic_inc(&crypt->refcnt);
			if (crypt->ops->build_iv)
				crypt->ops->build_iv(skb_frag, hdr_len,
				      ieee->sec.keys[ieee->sec.active_key],
				      ieee->sec.key_sizes[ieee->sec.active_key],
				      crypt->priv);
			atomic_dec(&crypt->refcnt);
		}

		if (ieee->config &
		    (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
			skb_put(skb_frag, 4);
	}

      success:
	spin_unlock_irqrestore(&ieee->lock, flags);

	dev_kfree_skb_any(skb);

	if (txb) {
		int ret = (*ieee->hard_start_xmit) (txb, dev, priority);
		if (ret == 0) {
			stats->tx_packets++;
			stats->tx_bytes += txb->payload_size;
			return 0;
		}

		ieee80211_txb_free(txb);
	}

	return 0;

      failed:
	spin_unlock_irqrestore(&ieee->lock, flags);
	netif_stop_queue(dev);
	stats->tx_errors++;
	return 1;
}

/* Incoming 802.11 strucure is converted to a TXB
 * a block of 802.11 fragment packets (stored as skbs) */
int ieee80211_tx_frame(struct ieee80211_device *ieee,
		       struct ieee80211_hdr *frame, int hdr_len, int total_len,
		       int encrypt_mpdu)
{
	struct ieee80211_txb *txb = NULL;
	unsigned long flags;
	struct net_device_stats *stats = &ieee->stats;
	struct sk_buff *skb_frag;
	int priority = -1;
	int fraglen = total_len;
	int headroom = ieee->tx_headroom;
	struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];

	spin_lock_irqsave(&ieee->lock, flags);

	if (encrypt_mpdu && (!ieee->sec.encrypt || !crypt))
		encrypt_mpdu = 0;

	/* If there is no driver handler to take the TXB, dont' bother
	 * creating it... */
	if (!ieee->hard_start_xmit) {
		printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name);
		goto success;
	}

	if (unlikely(total_len < 24)) {
		printk(KERN_WARNING "%s: skb too small (%d).\n",
		       ieee->dev->name, total_len);
		goto success;
	}

	if (encrypt_mpdu) {
		frame->frame_ctl |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
		fraglen += crypt->ops->extra_mpdu_prefix_len +
			   crypt->ops->extra_mpdu_postfix_len;
		headroom += crypt->ops->extra_mpdu_prefix_len;
	}

	/* When we allocate the TXB we allocate enough space for the reserve
	 * and full fragment bytes (bytes_per_frag doesn't include prefix,
	 * postfix, header, FCS, etc.) */
	txb = ieee80211_alloc_txb(1, fraglen, headroom, GFP_ATOMIC);
	if (unlikely(!txb)) {
		printk(KERN_WARNING "%s: Could not allocate TXB\n",
		       ieee->dev->name);
		goto failed;
	}
	txb->encrypted = 0;
	txb->payload_size = fraglen;

	skb_frag = txb->fragments[0];

	memcpy(skb_put(skb_frag, total_len), frame, total_len);

	if (ieee->config &
	    (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
		skb_put(skb_frag, 4);

	/* To avoid overcomplicating things, we do the corner-case frame
	 * encryption in software. The only real situation where encryption is
	 * needed here is during software-based shared key authentication. */
	if (encrypt_mpdu)
		ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);

      success:
	spin_unlock_irqrestore(&ieee->lock, flags);

	if (txb) {
		if ((*ieee->hard_start_xmit) (txb, ieee->dev, priority) == 0) {
			stats->tx_packets++;
			stats->tx_bytes += txb->payload_size;
			return 0;
		}
		ieee80211_txb_free(txb);
	}
	return 0;

      failed:
	spin_unlock_irqrestore(&ieee->lock, flags);
	stats->tx_errors++;
	return 1;
}

EXPORT_SYMBOL(ieee80211_tx_frame);
EXPORT_SYMBOL(ieee80211_txb_free);
Commit	Line	Data
b453872c JG	1	/******************************************************************************
b453872c JG	2
ebeaddcc	3	Copyright(c) 2003 - 2005 Intel Corporation. All rights reserved.
b453872c JG	4
	5	This program is free software; you can redistribute it and/or modify it
	6	under the terms of version 2 of the GNU General Public License as
	7	published by the Free Software Foundation.
	8
	9	This program is distributed in the hope that it will be useful, but WITHOUT
	10	ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	11	FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
	12	more details.
	13
	14	You should have received a copy of the GNU General Public License along with
	15	this program; if not, write to the Free Software Foundation, Inc., 59
	16	Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	17
	18	The full GNU General Public License is included in this distribution in the
	19	file called LICENSE.
	20
	21	Contact Information:
	22	James P. Ketrenos <ipw2100-admin@linux.intel.com>
	23	Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
	24
	25	******************************************************************************/
	26	#include <linux/compiler.h>
b453872c JG	27	#include <linux/errno.h>
	28	#include <linux/if_arp.h>
	29	#include <linux/in6.h>
	30	#include <linux/in.h>
	31	#include <linux/ip.h>
	32	#include <linux/kernel.h>
	33	#include <linux/module.h>
	34	#include <linux/netdevice.h>
b453872c JG	35	#include <linux/proc_fs.h>
	36	#include <linux/skbuff.h>
	37	#include <linux/slab.h>
	38	#include <linux/tcp.h>
	39	#include <linux/types.h>
b453872c JG	40	#include <linux/wireless.h>
	41	#include <linux/etherdevice.h>
	42	#include <asm/uaccess.h>
	43
	44	#include <net/ieee80211.h>
	45
b453872c JG	46	/*
b453872c JG	47
b453872c JG	48	802.11 Data Frame
	49
	50	,-------------------------------------------------------------------.
	51	Bytes \| 2 \| 2 \| 6 \| 6 \| 6 \| 2 \| 0..2312 \| 4 \|
	52	\|------\|------\|---------\|---------\|---------\|------\|---------\|------\|
	53	Desc. \| ctrl \| dura \| DA/RA \| TA \| SA \| Sequ \| Frame \| fcs \|
	54	\| \| tion \| (BSSID) \| \| \| ence \| data \| \|
	55	`--------------------------------------------------\| \|------'
	56	Total: 28 non-data bytes `----.----'
64265651	57	\|
44d7a8cf DV	58	.- 'Frame data' expands, if WEP enabled, to <----------'
	59	\|
	60	V
	61	,-----------------------.
	62	Bytes \| 4 \| 0-2296 \| 4 \|
	63	\|-----\|-----------\|-----\|
	64	Desc. \| IV \| Encrypted \| ICV \|
	65	\| \| Packet \| \|
	66	`-----\| \|-----'
64265651 YH	67	`-----.-----'
64265651 YH	68	\|
44d7a8cf	69	.- 'Encrypted Packet' expands to
b453872c JG	70	\|
	71	V
	72	,---------------------------------------------------.
	73	Bytes \| 1 \| 1 \| 1 \| 3 \| 2 \| 0-2304 \|
	74	\|------\|------\|---------\|----------\|------\|---------\|
	75	Desc. \| SNAP \| SNAP \| Control \|Eth Tunnel\| Type \| IP \|
	76	\| DSAP \| SSAP \| \| \| \| Packet \|
	77	\| 0xAA \| 0xAA \|0x03 (UI)\|0x00-00-F8\| \| \|
44d7a8cf	78	`----------------------------------------------------
b453872c JG	79	Total: 8 non-data bytes
b453872c JG	80
b453872c JG	81	802.3 Ethernet Data Frame
	82
	83	,-----------------------------------------.
	84	Bytes \| 6 \| 6 \| 2 \| Variable \| 4 \|
	85	\|-------\|-------\|------\|-----------\|------\|
	86	Desc. \| Dest. \| Source\| Type \| IP Packet \| fcs \|
	87	\| MAC \| MAC \| \| \| \|
	88	`-----------------------------------------'
	89	Total: 18 non-data bytes
	90
	91	In the event that fragmentation is required, the incoming payload is split into
	92	N parts of size ieee->fts. The first fragment contains the SNAP header and the
	93	remaining packets are just data.
	94
	95	If encryption is enabled, each fragment payload size is reduced by enough space
	96	to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
	97	So if you have 1500 bytes of payload with ieee->fts set to 500 without
	98	encryption it will take 3 frames. With WEP it will take 4 frames as the
	99	payload of each frame is reduced to 492 bytes.
	100
	101	* SKB visualization
	102	*
	103	* ,- skb->data
	104	* \|
	105	* \| ETHERNET HEADER ,-<-- PAYLOAD
	106	* \| \| 14 bytes from skb->data
	107	* \| 2 bytes for Type --> ,T. \| (sizeof ethhdr)
	108	* \| \| \| \|
	109	* \|,-Dest.--. ,--Src.---. \| \| \|
	110	* \| 6 bytes\| \| 6 bytes \| \| \| \|
	111	* v \| \| \| \| \| \|
	112	* 0 \| v 1 \| v \| v 2
	113	* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
	114	* ^ \| ^ \| ^ \|
	115	* \| \| \| \| \| \|
	116	* \| \| \| \| `T' <---- 2 bytes for Type
	117	* \| \| \| \|
	118	* \| \| '---SNAP--' <-------- 6 bytes for SNAP
	119	* \| \|
	120	* `-IV--' <-------------------- 4 bytes for IV (WEP)
	121	*
	122	* SNAP HEADER
	123	*
	124	*/
	125
	126	static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
	127	static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
	128
858119e1	129	static int ieee80211_copy_snap(u8 * data, u16 h_proto)
b453872c JG	130	{
	131	struct ieee80211_snap_hdr *snap;
	132	u8 *oui;
	133
	134	snap = (struct ieee80211_snap_hdr *)data;
	135	snap->dsap = 0xaa;
	136	snap->ssap = 0xaa;
	137	snap->ctrl = 0x03;
	138
	139	if (h_proto == 0x8137 \|\| h_proto == 0x80f3)
	140	oui = P802_1H_OUI;
	141	else
	142	oui = RFC1042_OUI;
	143	snap->oui[0] = oui[0];
	144	snap->oui[1] = oui[1];
	145	snap->oui[2] = oui[2];
	146
01e1f045 DD	147	h_proto = htons(h_proto);
01e1f045 DD	148	memcpy(data + SNAP_SIZE, &h_proto, sizeof(u16));
b453872c JG	149
	150	return SNAP_SIZE + sizeof(u16);
	151	}
	152
858119e1	153	static int ieee80211_encrypt_fragment(struct ieee80211_device *ieee,
0edd5b44	154	struct sk_buff *frag, int hdr_len)
b453872c	155	{
0edd5b44	156	struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
b453872c JG	157	int res;
b453872c JG	158
f0f15ab5 HL	159	if (crypt == NULL)
	160	return -1;
	161
b453872c JG	162	/* To encrypt, frame format is:
b453872c JG	163	* IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */
b453872c JG	164	atomic_inc(&crypt->refcnt);
b453872c JG	165	res = 0;
f0f15ab5	166	if (crypt->ops && crypt->ops->encrypt_mpdu)
b453872c JG	167	res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv);
	168
	169	atomic_dec(&crypt->refcnt);
	170	if (res < 0) {
	171	printk(KERN_INFO "%s: Encryption failed: len=%d.\n",
	172	ieee->dev->name, frag->len);
	173	ieee->ieee_stats.tx_discards++;
	174	return -1;
	175	}
	176
	177	return 0;
	178	}
	179
0edd5b44 JG	180	void ieee80211_txb_free(struct ieee80211_txb *txb)
0edd5b44 JG	181	{
b453872c JG	182	int i;
	183	if (unlikely(!txb))
	184	return;
	185	for (i = 0; i < txb->nr_frags; i++)
	186	if (txb->fragments[i])
	187	dev_kfree_skb_any(txb->fragments[i]);
	188	kfree(txb);
	189	}
	190
e157249d	191	static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
d3f7bf4f	192	int headroom, gfp_t gfp_mask)
b453872c JG	193	{
	194	struct ieee80211_txb *txb;
	195	int i;
0edd5b44 JG	196	txb = kmalloc(sizeof(struct ieee80211_txb) + (sizeof(u8 ) nr_frags),
0edd5b44 JG	197	gfp_mask);
b453872c JG	198	if (!txb)
	199	return NULL;
	200
0a989b24	201	memset(txb, 0, sizeof(struct ieee80211_txb));
b453872c JG	202	txb->nr_frags = nr_frags;
	203	txb->frag_size = txb_size;
	204
	205	for (i = 0; i < nr_frags; i++) {
d3f7bf4f MB	206	txb->fragments[i] = __dev_alloc_skb(txb_size + headroom,
d3f7bf4f MB	207	gfp_mask);
b453872c JG	208	if (unlikely(!txb->fragments[i])) {
	209	i--;
	210	break;
	211	}
d3f7bf4f	212	skb_reserve(txb->fragments[i], headroom);
b453872c JG	213	}
	214	if (unlikely(i != nr_frags)) {
	215	while (i >= 0)
	216	dev_kfree_skb_any(txb->fragments[i--]);
	217	kfree(txb);
	218	return NULL;
	219	}
	220	return txb;
	221	}
	222
73858062 ZY	223	static int ieee80211_classify(struct sk_buff *skb)
	224	{
	225	struct ethhdr *eth;
	226	struct iphdr *ip;
	227
	228	eth = (struct ethhdr *)skb->data;
1c9e8ef7	229	if (eth->h_proto != htons(ETH_P_IP))
73858062 ZY	230	return 0;
73858062 ZY	231
eddc9ec5	232	ip = ip_hdr(skb);
73858062 ZY	233	switch (ip->tos & 0xfc) {
	234	case 0x20:
	235	return 2;
	236	case 0x40:
	237	return 1;
	238	case 0x60:
	239	return 3;
	240	case 0x80:
	241	return 4;
	242	case 0xa0:
	243	return 5;
	244	case 0xc0:
	245	return 6;
	246	case 0xe0:
	247	return 7;
	248	default:
	249	return 0;
	250	}
	251	}
	252
1264fc04	253	/* Incoming skb is converted to a txb which consists of
3cdd00c5	254	* a block of 802.11 fragment packets (stored as skbs) */
0edd5b44	255	int ieee80211_xmit(struct sk_buff skb, struct net_device dev)
b453872c JG	256	{
	257	struct ieee80211_device *ieee = netdev_priv(dev);
	258	struct ieee80211_txb *txb = NULL;
73858062	259	struct ieee80211_hdr_3addrqos *frag_hdr;
3cdd00c5 JK	260	int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size,
3cdd00c5 JK	261	rts_required;
b453872c JG	262	unsigned long flags;
b453872c JG	263	struct net_device_stats *stats = &ieee->stats;
31b59eae	264	int ether_type, encrypt, host_encrypt, host_encrypt_msdu, host_build_iv;
b453872c JG	265	int bytes, fc, hdr_len;
b453872c JG	266	struct sk_buff *skb_frag;
73858062	267	struct ieee80211_hdr_3addrqos header = {/* Ensure zero initialized */
b453872c	268	.duration_id = 0,
73858062 ZY	269	.seq_ctl = 0,
73858062 ZY	270	.qos_ctl = 0
b453872c JG	271	};
b453872c JG	272	u8 dest[ETH_ALEN], src[ETH_ALEN];
0edd5b44	273	struct ieee80211_crypt_data *crypt;
2c0aa2a5	274	int priority = skb->priority;
1264fc04	275	int snapped = 0;
b453872c	276
2c0aa2a5 JK	277	if (ieee->is_queue_full && (*ieee->is_queue_full) (dev, priority))
	278	return NETDEV_TX_BUSY;
	279
b453872c JG	280	spin_lock_irqsave(&ieee->lock, flags);
	281
	282	/* If there is no driver handler to take the TXB, dont' bother
	283	* creating it... */
	284	if (!ieee->hard_start_xmit) {
0edd5b44	285	printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name);
b453872c JG	286	goto success;
	287	}
	288
	289	if (unlikely(skb->len < SNAP_SIZE + sizeof(u16))) {
	290	printk(KERN_WARNING "%s: skb too small (%d).\n",
	291	ieee->dev->name, skb->len);
	292	goto success;
	293	}
	294
	295	ether_type = ntohs(((struct ethhdr *)skb->data)->h_proto);
	296
	297	crypt = ieee->crypt[ieee->tx_keyidx];
	298
	299	encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
f1bf6638	300	ieee->sec.encrypt;
31b59eae	301
f0f15ab5 HL	302	host_encrypt = ieee->host_encrypt && encrypt && crypt;
	303	host_encrypt_msdu = ieee->host_encrypt_msdu && encrypt && crypt;
	304	host_build_iv = ieee->host_build_iv && encrypt && crypt;
b453872c JG	305
	306	if (!encrypt && ieee->ieee802_1x &&
	307	ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
	308	stats->tx_dropped++;
	309	goto success;
	310	}
	311
b453872c	312	/* Save source and destination addresses */
d626f62b ACM	313	skb_copy_from_linear_data(skb, dest, ETH_ALEN);
d626f62b ACM	314	skb_copy_from_linear_data_offset(skb, ETH_ALEN, src, ETH_ALEN);
b453872c	315
a4bf26f3	316	if (host_encrypt \|\| host_build_iv)
b453872c	317	fc = IEEE80211_FTYPE_DATA \| IEEE80211_STYPE_DATA \|
0edd5b44	318	IEEE80211_FCTL_PROTECTED;
b453872c JG	319	else
	320	fc = IEEE80211_FTYPE_DATA \| IEEE80211_STYPE_DATA;
	321
	322	if (ieee->iw_mode == IW_MODE_INFRA) {
	323	fc \|= IEEE80211_FCTL_TODS;
1264fc04	324	/* To DS: Addr1 = BSSID, Addr2 = SA, Addr3 = DA */
18294d87 JK	325	memcpy(header.addr1, ieee->bssid, ETH_ALEN);
	326	memcpy(header.addr2, src, ETH_ALEN);
	327	memcpy(header.addr3, dest, ETH_ALEN);
b453872c	328	} else if (ieee->iw_mode == IW_MODE_ADHOC) {
1264fc04	329	/* not From/To DS: Addr1 = DA, Addr2 = SA, Addr3 = BSSID */
18294d87 JK	330	memcpy(header.addr1, dest, ETH_ALEN);
	331	memcpy(header.addr2, src, ETH_ALEN);
	332	memcpy(header.addr3, ieee->bssid, ETH_ALEN);
b453872c	333	}
b453872c JG	334	hdr_len = IEEE80211_3ADDR_LEN;
b453872c JG	335
73858062 ZY	336	if (ieee->is_qos_active && ieee->is_qos_active(dev, skb)) {
	337	fc \|= IEEE80211_STYPE_QOS_DATA;
	338	hdr_len += 2;
	339
	340	skb->priority = ieee80211_classify(skb);
65b6a277	341	header.qos_ctl \|= cpu_to_le16(skb->priority & IEEE80211_QCTL_TID);
73858062 ZY	342	}
	343	header.frame_ctl = cpu_to_le16(fc);
	344
	345	/* Advance the SKB to the start of the payload */
	346	skb_pull(skb, sizeof(struct ethhdr));
	347
	348	/* Determine total amount of storage required for TXB packets */
	349	bytes = skb->len + SNAP_SIZE + sizeof(u16);
	350
1264fc04 JK	351	/* Encrypt msdu first on the whole data packet. */
	352	if ((host_encrypt \|\| host_encrypt_msdu) &&
	353	crypt && crypt->ops && crypt->ops->encrypt_msdu) {
	354	int res = 0;
	355	int len = bytes + hdr_len + crypt->ops->extra_msdu_prefix_len +
	356	crypt->ops->extra_msdu_postfix_len;
	357	struct sk_buff *skb_new = dev_alloc_skb(len);
31b59eae	358
1264fc04 JK	359	if (unlikely(!skb_new))
1264fc04 JK	360	goto failed;
31b59eae	361
1264fc04 JK	362	skb_reserve(skb_new, crypt->ops->extra_msdu_prefix_len);
	363	memcpy(skb_put(skb_new, hdr_len), &header, hdr_len);
	364	snapped = 1;
	365	ieee80211_copy_snap(skb_put(skb_new, SNAP_SIZE + sizeof(u16)),
	366	ether_type);
d626f62b	367	skb_copy_from_linear_data(skb, skb_put(skb_new, skb->len), skb->len);
1264fc04 JK	368	res = crypt->ops->encrypt_msdu(skb_new, hdr_len, crypt->priv);
	369	if (res < 0) {
	370	IEEE80211_ERROR("msdu encryption failed\n");
	371	dev_kfree_skb_any(skb_new);
	372	goto failed;
	373	}
	374	dev_kfree_skb_any(skb);
	375	skb = skb_new;
	376	bytes += crypt->ops->extra_msdu_prefix_len +
	377	crypt->ops->extra_msdu_postfix_len;
	378	skb_pull(skb, hdr_len);
	379	}
	380
	381	if (host_encrypt \|\| ieee->host_open_frag) {
	382	/* Determine fragmentation size based on destination (multicast
	383	* and broadcast are not fragmented) */
5b74eda7 HL	384	if (is_multicast_ether_addr(dest) \|\|
5b74eda7 HL	385	is_broadcast_ether_addr(dest))
1264fc04 JK	386	frag_size = MAX_FRAG_THRESHOLD;
	387	else
	388	frag_size = ieee->fts;
	389
	390	/* Determine amount of payload per fragment. Regardless of if
	391	* this stack is providing the full 802.11 header, one will
	392	* eventually be affixed to this fragment -- so we must account
	393	* for it when determining the amount of payload space. */
efa53ebe	394	bytes_per_frag = frag_size - hdr_len;
1264fc04 JK	395	if (ieee->config &
	396	(CFG_IEEE80211_COMPUTE_FCS \| CFG_IEEE80211_RESERVE_FCS))
	397	bytes_per_frag -= IEEE80211_FCS_LEN;
	398
	399	/* Each fragment may need to have room for encryptiong
	400	* pre/postfix */
	401	if (host_encrypt)
	402	bytes_per_frag -= crypt->ops->extra_mpdu_prefix_len +
	403	crypt->ops->extra_mpdu_postfix_len;
	404
	405	/* Number of fragments is the total
	406	* bytes_per_frag / payload_per_fragment */
	407	nr_frags = bytes / bytes_per_frag;
	408	bytes_last_frag = bytes % bytes_per_frag;
	409	if (bytes_last_frag)
	410	nr_frags++;
	411	else
	412	bytes_last_frag = bytes_per_frag;
	413	} else {
	414	nr_frags = 1;
	415	bytes_per_frag = bytes_last_frag = bytes;
efa53ebe	416	frag_size = bytes + hdr_len;
1264fc04	417	}
b453872c	418
3cdd00c5 JK	419	rts_required = (frag_size > ieee->rts
	420	&& ieee->config & CFG_IEEE80211_RTS);
	421	if (rts_required)
	422	nr_frags++;
3cdd00c5	423
b453872c JG	424	/* When we allocate the TXB we allocate enough space for the reserve
	425	* and full fragment bytes (bytes_per_frag doesn't include prefix,
	426	* postfix, header, FCS, etc.) */
d3f7bf4f MB	427	txb = ieee80211_alloc_txb(nr_frags, frag_size,
d3f7bf4f MB	428	ieee->tx_headroom, GFP_ATOMIC);
b453872c JG	429	if (unlikely(!txb)) {
	430	printk(KERN_WARNING "%s: Could not allocate TXB\n",
	431	ieee->dev->name);
	432	goto failed;
	433	}
	434	txb->encrypted = encrypt;
1264fc04 JK	435	if (host_encrypt)
	436	txb->payload_size = frag_size * (nr_frags - 1) +
	437	bytes_last_frag;
	438	else
	439	txb->payload_size = bytes;
b453872c	440
3cdd00c5 JK	441	if (rts_required) {
	442	skb_frag = txb->fragments[0];
	443	frag_hdr =
73858062	444	(struct ieee80211_hdr_3addrqos *)skb_put(skb_frag, hdr_len);
3cdd00c5 JK	445
	446	/*
	447	* Set header frame_ctl to the RTS.
	448	*/
	449	header.frame_ctl =
	450	cpu_to_le16(IEEE80211_FTYPE_CTL \| IEEE80211_STYPE_RTS);
	451	memcpy(frag_hdr, &header, hdr_len);
	452
	453	/*
	454	* Restore header frame_ctl to the original data setting.
	455	*/
	456	header.frame_ctl = cpu_to_le16(fc);
	457
	458	if (ieee->config &
	459	(CFG_IEEE80211_COMPUTE_FCS \| CFG_IEEE80211_RESERVE_FCS))
	460	skb_put(skb_frag, 4);
	461
	462	txb->rts_included = 1;
	463	i = 1;
	464	} else
	465	i = 0;
	466
	467	for (; i < nr_frags; i++) {
b453872c JG	468	skb_frag = txb->fragments[i];
b453872c JG	469
31b59eae	470	if (host_encrypt \|\| host_build_iv)
1264fc04 JK	471	skb_reserve(skb_frag,
1264fc04 JK	472	crypt->ops->extra_mpdu_prefix_len);
b453872c	473
ee34af37	474	frag_hdr =
73858062	475	(struct ieee80211_hdr_3addrqos *)skb_put(skb_frag, hdr_len);
b453872c JG	476	memcpy(frag_hdr, &header, hdr_len);
	477
	478	/* If this is not the last fragment, then add the MOREFRAGS
	479	* bit to the frame control */
	480	if (i != nr_frags - 1) {
0edd5b44 JG	481	frag_hdr->frame_ctl =
0edd5b44 JG	482	cpu_to_le16(fc \| IEEE80211_FCTL_MOREFRAGS);
b453872c JG	483	bytes = bytes_per_frag;
	484	} else {
	485	/* The last fragment takes the remaining length */
	486	bytes = bytes_last_frag;
	487	}
	488
1264fc04 JK	489	if (i == 0 && !snapped) {
	490	ieee80211_copy_snap(skb_put
	491	(skb_frag, SNAP_SIZE + sizeof(u16)),
	492	ether_type);
b453872c JG	493	bytes -= SNAP_SIZE + sizeof(u16);
	494	}
	495
d626f62b	496	skb_copy_from_linear_data(skb, skb_put(skb_frag, bytes), bytes);
b453872c JG	497
	498	/* Advance the SKB... */
	499	skb_pull(skb, bytes);
	500
	501	/* Encryption routine will move the header forward in order
	502	* to insert the IV between the header and the payload */
f1bf6638	503	if (host_encrypt)
b453872c	504	ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
31b59eae	505	else if (host_build_iv) {
31b59eae JK	506	atomic_inc(&crypt->refcnt);
	507	if (crypt->ops->build_iv)
	508	crypt->ops->build_iv(skb_frag, hdr_len,
9184d934 ZY	509	ieee->sec.keys[ieee->sec.active_key],
	510	ieee->sec.key_sizes[ieee->sec.active_key],
	511	crypt->priv);
31b59eae JK	512	atomic_dec(&crypt->refcnt);
31b59eae JK	513	}
f1bf6638	514
b453872c JG	515	if (ieee->config &
	516	(CFG_IEEE80211_COMPUTE_FCS \| CFG_IEEE80211_RESERVE_FCS))
	517	skb_put(skb_frag, 4);
	518	}
	519
0edd5b44	520	success:
b453872c JG	521	spin_unlock_irqrestore(&ieee->lock, flags);
	522
	523	dev_kfree_skb_any(skb);
	524
	525	if (txb) {
9e8571af	526	int ret = (*ieee->hard_start_xmit) (txb, dev, priority);
1264fc04	527	if (ret == 0) {
b453872c JG	528	stats->tx_packets++;
	529	stats->tx_bytes += txb->payload_size;
	530	return 0;
	531	}
2c0aa2a5	532
b453872c JG	533	ieee80211_txb_free(txb);
	534	}
	535
	536	return 0;
	537
0edd5b44	538	failed:
b453872c JG	539	spin_unlock_irqrestore(&ieee->lock, flags);
	540	netif_stop_queue(dev);
	541	stats->tx_errors++;
	542	return 1;
3f552bbf JK	543	}
	544
	545	/* Incoming 802.11 strucure is converted to a TXB
	546	* a block of 802.11 fragment packets (stored as skbs) */
	547	int ieee80211_tx_frame(struct ieee80211_device *ieee,
76ea4c7f DD	548	struct ieee80211_hdr *frame, int hdr_len, int total_len,
76ea4c7f DD	549	int encrypt_mpdu)
3f552bbf JK	550	{
	551	struct ieee80211_txb *txb = NULL;
	552	unsigned long flags;
	553	struct net_device_stats *stats = &ieee->stats;
	554	struct sk_buff *skb_frag;
9e8571af	555	int priority = -1;
4b301536 HL	556	int fraglen = total_len;
	557	int headroom = ieee->tx_headroom;
	558	struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
3f552bbf JK	559
	560	spin_lock_irqsave(&ieee->lock, flags);
	561
4b301536	562	if (encrypt_mpdu && (!ieee->sec.encrypt \|\| !crypt))
76ea4c7f DD	563	encrypt_mpdu = 0;
76ea4c7f DD	564
3f552bbf JK	565	/* If there is no driver handler to take the TXB, dont' bother
	566	* creating it... */
	567	if (!ieee->hard_start_xmit) {
	568	printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name);
	569	goto success;
	570	}
b453872c	571
76ea4c7f	572	if (unlikely(total_len < 24)) {
3f552bbf	573	printk(KERN_WARNING "%s: skb too small (%d).\n",
76ea4c7f	574	ieee->dev->name, total_len);
3f552bbf JK	575	goto success;
	576	}
	577
4b301536	578	if (encrypt_mpdu) {
76ea4c7f	579	frame->frame_ctl \|= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
4b301536 HL	580	fraglen += crypt->ops->extra_mpdu_prefix_len +
	581	crypt->ops->extra_mpdu_postfix_len;
	582	headroom += crypt->ops->extra_mpdu_prefix_len;
	583	}
76ea4c7f	584
3f552bbf JK	585	/* When we allocate the TXB we allocate enough space for the reserve
	586	* and full fragment bytes (bytes_per_frag doesn't include prefix,
	587	* postfix, header, FCS, etc.) */
4b301536	588	txb = ieee80211_alloc_txb(1, fraglen, headroom, GFP_ATOMIC);
3f552bbf JK	589	if (unlikely(!txb)) {
	590	printk(KERN_WARNING "%s: Could not allocate TXB\n",
	591	ieee->dev->name);
	592	goto failed;
	593	}
	594	txb->encrypted = 0;
4b301536	595	txb->payload_size = fraglen;
3f552bbf JK	596
	597	skb_frag = txb->fragments[0];
	598
76ea4c7f	599	memcpy(skb_put(skb_frag, total_len), frame, total_len);
3f552bbf JK	600
	601	if (ieee->config &
	602	(CFG_IEEE80211_COMPUTE_FCS \| CFG_IEEE80211_RESERVE_FCS))
	603	skb_put(skb_frag, 4);
	604
76ea4c7f DD	605	/* To avoid overcomplicating things, we do the corner-case frame
	606	* encryption in software. The only real situation where encryption is
	607	* needed here is during software-based shared key authentication. */
	608	if (encrypt_mpdu)
	609	ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
	610
3f552bbf JK	611	success:
	612	spin_unlock_irqrestore(&ieee->lock, flags);
	613
	614	if (txb) {
9e8571af	615	if ((*ieee->hard_start_xmit) (txb, ieee->dev, priority) == 0) {
3f552bbf JK	616	stats->tx_packets++;
	617	stats->tx_bytes += txb->payload_size;
	618	return 0;
	619	}
	620	ieee80211_txb_free(txb);
	621	}
	622	return 0;
	623
	624	failed:
	625	spin_unlock_irqrestore(&ieee->lock, flags);
	626	stats->tx_errors++;
	627	return 1;
b453872c JG	628	}
b453872c JG	629
3f552bbf	630	EXPORT_SYMBOL(ieee80211_tx_frame);
b453872c	631	EXPORT_SYMBOL(ieee80211_txb_free);