0001
0002
0003
0004
0005
0006
0007
0008
0009 #include <crypto/hash.h>
0010 #include <linux/circ_buf.h>
0011 #include <linux/if_arp.h>
0012 #include <net/iw_handler.h>
0013 #include <uapi/linux/llc.h>
0014 #include "eap_packet.h"
0015 #include "ks_wlan.h"
0016 #include "ks_hostif.h"
0017
0018 #define MICHAEL_MIC_KEY_LEN 8
0019 #define MICHAEL_MIC_LEN 8
0020
0021 static inline void inc_smeqhead(struct ks_wlan_private *priv)
0022 {
0023 priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE;
0024 }
0025
0026 static inline void inc_smeqtail(struct ks_wlan_private *priv)
0027 {
0028 priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE;
0029 }
0030
0031 static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv)
0032 {
0033 return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail,
0034 SME_EVENT_BUFF_SIZE);
0035 }
0036
0037 static inline u8 get_byte(struct ks_wlan_private *priv)
0038 {
0039 u8 data;
0040
0041 data = *priv->rxp++;
0042
0043 --(priv->rx_size);
0044 return data;
0045 }
0046
0047 static inline u16 get_word(struct ks_wlan_private *priv)
0048 {
0049 u16 data;
0050
0051 data = (get_byte(priv) & 0xff);
0052 data |= ((get_byte(priv) << 8) & 0xff00);
0053 return data;
0054 }
0055
0056 static inline u32 get_dword(struct ks_wlan_private *priv)
0057 {
0058 u32 data;
0059
0060 data = (get_byte(priv) & 0xff);
0061 data |= ((get_byte(priv) << 8) & 0x0000ff00);
0062 data |= ((get_byte(priv) << 16) & 0x00ff0000);
0063 data |= ((get_byte(priv) << 24) & 0xff000000);
0064 return data;
0065 }
0066
0067 static void ks_wlan_hw_wakeup_task(struct work_struct *work)
0068 {
0069 struct ks_wlan_private *priv;
0070 int ps_status;
0071 long time_left;
0072
0073 priv = container_of(work, struct ks_wlan_private, wakeup_work);
0074 ps_status = atomic_read(&priv->psstatus.status);
0075
0076 if (ps_status == PS_SNOOZE) {
0077 ks_wlan_hw_wakeup_request(priv);
0078 time_left = wait_for_completion_interruptible_timeout(
0079 &priv->psstatus.wakeup_wait,
0080 msecs_to_jiffies(20));
0081 if (time_left <= 0) {
0082 netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n");
0083 schedule_work(&priv->wakeup_work);
0084 return;
0085 }
0086 }
0087 }
0088
0089 static void ks_wlan_do_power_save(struct ks_wlan_private *priv)
0090 {
0091 if (is_connect_status(priv->connect_status))
0092 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST);
0093 else
0094 priv->dev_state = DEVICE_STATE_READY;
0095 }
0096
0097 static
0098 int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info)
0099 {
0100 struct local_ap *ap;
0101 union iwreq_data wrqu;
0102 struct net_device *netdev = priv->net_dev;
0103 u8 size;
0104
0105 ap = &priv->current_ap;
0106
0107 if (is_disconnect_status(priv->connect_status)) {
0108 memset(ap, 0, sizeof(struct local_ap));
0109 return -EPERM;
0110 }
0111
0112 ether_addr_copy(ap->bssid, ap_info->bssid);
0113 memcpy(ap->ssid.body, priv->reg.ssid.body,
0114 priv->reg.ssid.size);
0115 ap->ssid.size = priv->reg.ssid.size;
0116 memcpy(ap->rate_set.body, ap_info->rate_set.body,
0117 ap_info->rate_set.size);
0118 ap->rate_set.size = ap_info->rate_set.size;
0119 if (ap_info->ext_rate_set.size != 0) {
0120 memcpy(&ap->rate_set.body[ap->rate_set.size],
0121 ap_info->ext_rate_set.body,
0122 ap_info->ext_rate_set.size);
0123 ap->rate_set.size += ap_info->ext_rate_set.size;
0124 }
0125 ap->channel = ap_info->ds_parameter.channel;
0126 ap->rssi = ap_info->rssi;
0127 ap->sq = ap_info->sq;
0128 ap->noise = ap_info->noise;
0129 ap->capability = le16_to_cpu(ap_info->capability);
0130 size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ?
0131 ap_info->rsn.size : RSN_IE_BODY_MAX;
0132 if ((ap_info->rsn_mode & RSN_MODE_WPA2) &&
0133 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) {
0134 ap->rsn_ie.id = RSN_INFO_ELEM_ID;
0135 ap->rsn_ie.size = size;
0136 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size);
0137 } else if ((ap_info->rsn_mode & RSN_MODE_WPA) &&
0138 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) {
0139 ap->wpa_ie.id = WPA_INFO_ELEM_ID;
0140 ap->wpa_ie.size = size;
0141 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size);
0142 } else {
0143 ap->rsn_ie.id = 0;
0144 ap->rsn_ie.size = 0;
0145 ap->wpa_ie.id = 0;
0146 ap->wpa_ie.size = 0;
0147 }
0148
0149 wrqu.data.length = 0;
0150 wrqu.data.flags = 0;
0151 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
0152 if (is_connect_status(priv->connect_status)) {
0153 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid);
0154 netdev_dbg(priv->net_dev,
0155 "IWEVENT: connect bssid=%pM\n",
0156 wrqu.ap_addr.sa_data);
0157 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
0158 }
0159 netdev_dbg(priv->net_dev, "Link AP\n"
0160 "- bssid=%pM\n"
0161 "- essid=%s\n"
0162 "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n"
0163 "- channel=%d\n"
0164 "- rssi=%d\n"
0165 "- sq=%d\n"
0166 "- capability=%04X\n"
0167 "- rsn.mode=%d\n"
0168 "- rsn.size=%d\n"
0169 "- ext_rate_set_size=%d\n"
0170 "- rate_set_size=%d\n",
0171 ap->bssid,
0172 &ap->ssid.body[0],
0173 ap->rate_set.body[0], ap->rate_set.body[1],
0174 ap->rate_set.body[2], ap->rate_set.body[3],
0175 ap->rate_set.body[4], ap->rate_set.body[5],
0176 ap->rate_set.body[6], ap->rate_set.body[7],
0177 ap->channel, ap->rssi, ap->sq, ap->capability,
0178 ap_info->rsn_mode, ap_info->rsn.size,
0179 ap_info->ext_rate_set.size, ap_info->rate_set.size);
0180
0181 return 0;
0182 }
0183
0184 static u8 read_ie(unsigned char *bp, u8 max, u8 *body)
0185 {
0186 u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max;
0187
0188 memcpy(body, bp + 2, size);
0189 return size;
0190 }
0191
0192 static int
0193 michael_mic(u8 *key, u8 *data, unsigned int len, u8 priority, u8 *result)
0194 {
0195 u8 pad_data[4] = { priority, 0, 0, 0 };
0196 struct crypto_shash *tfm = NULL;
0197 struct shash_desc *desc = NULL;
0198 int ret;
0199
0200 tfm = crypto_alloc_shash("michael_mic", 0, 0);
0201 if (IS_ERR(tfm)) {
0202 ret = PTR_ERR(tfm);
0203 goto err;
0204 }
0205
0206 ret = crypto_shash_setkey(tfm, key, MICHAEL_MIC_KEY_LEN);
0207 if (ret < 0)
0208 goto err_free_tfm;
0209
0210 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL);
0211 if (!desc) {
0212 ret = -ENOMEM;
0213 goto err_free_tfm;
0214 }
0215
0216 desc->tfm = tfm;
0217
0218 ret = crypto_shash_init(desc);
0219 if (ret < 0)
0220 goto err_free_desc;
0221
0222
0223
0224
0225
0226
0227
0228
0229
0230
0231
0232
0233 ret = crypto_shash_update(desc, data, 12);
0234 if (ret < 0)
0235 goto err_free_desc;
0236
0237 ret = crypto_shash_update(desc, pad_data, 4);
0238 if (ret < 0)
0239 goto err_free_desc;
0240
0241 ret = crypto_shash_finup(desc, data + 12, len - 12, result);
0242
0243 err_free_desc:
0244 kfree_sensitive(desc);
0245
0246 err_free_tfm:
0247 crypto_free_shash(tfm);
0248
0249 err:
0250 return ret;
0251 }
0252
0253 static
0254 int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info,
0255 struct local_ap *ap)
0256 {
0257 unsigned char *bp;
0258 int bsize, offset;
0259
0260 memset(ap, 0, sizeof(struct local_ap));
0261
0262 ether_addr_copy(ap->bssid, ap_info->bssid);
0263 ap->rssi = ap_info->rssi;
0264 ap->sq = ap_info->sq;
0265 ap->noise = ap_info->noise;
0266 ap->capability = le16_to_cpu(ap_info->capability);
0267 ap->channel = ap_info->ch_info;
0268
0269 bp = ap_info->body;
0270 bsize = le16_to_cpu(ap_info->body_size);
0271 offset = 0;
0272
0273 while (bsize > offset) {
0274 switch (*bp) {
0275 case WLAN_EID_SSID:
0276 ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN,
0277 ap->ssid.body);
0278 break;
0279 case WLAN_EID_SUPP_RATES:
0280 case WLAN_EID_EXT_SUPP_RATES:
0281 if ((*(bp + 1) + ap->rate_set.size) <=
0282 RATE_SET_MAX_SIZE) {
0283 memcpy(&ap->rate_set.body[ap->rate_set.size],
0284 bp + 2, *(bp + 1));
0285 ap->rate_set.size += *(bp + 1);
0286 } else {
0287 memcpy(&ap->rate_set.body[ap->rate_set.size],
0288 bp + 2,
0289 RATE_SET_MAX_SIZE - ap->rate_set.size);
0290 ap->rate_set.size +=
0291 (RATE_SET_MAX_SIZE - ap->rate_set.size);
0292 }
0293 break;
0294 case WLAN_EID_RSN:
0295 ap->rsn_ie.id = *bp;
0296 ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
0297 ap->rsn_ie.body);
0298 break;
0299 case WLAN_EID_VENDOR_SPECIFIC:
0300
0301 if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) {
0302 ap->wpa_ie.id = *bp;
0303 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
0304 ap->wpa_ie.body);
0305 }
0306 break;
0307 case WLAN_EID_DS_PARAMS:
0308 case WLAN_EID_FH_PARAMS:
0309 case WLAN_EID_CF_PARAMS:
0310 case WLAN_EID_TIM:
0311 case WLAN_EID_IBSS_PARAMS:
0312 case WLAN_EID_COUNTRY:
0313 case WLAN_EID_ERP_INFO:
0314 break;
0315 default:
0316 netdev_err(priv->net_dev,
0317 "unknown Element ID=%d\n", *bp);
0318 break;
0319 }
0320
0321 offset += 2;
0322 offset += *(bp + 1);
0323 bp += (*(bp + 1) + 2);
0324 }
0325
0326 return 0;
0327 }
0328
0329 static
0330 int hostif_data_indication_wpa(struct ks_wlan_private *priv,
0331 unsigned short auth_type)
0332 {
0333 struct ether_hdr *eth_hdr;
0334 unsigned short eth_proto;
0335 unsigned char recv_mic[MICHAEL_MIC_LEN];
0336 char buf[128];
0337 unsigned long now;
0338 struct mic_failure *mic_failure;
0339 u8 mic[MICHAEL_MIC_LEN];
0340 union iwreq_data wrqu;
0341 unsigned int key_index = auth_type - 1;
0342 struct wpa_key *key = &priv->wpa.key[key_index];
0343
0344 eth_hdr = (struct ether_hdr *)(priv->rxp);
0345 eth_proto = ntohs(eth_hdr->h_proto);
0346
0347 if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) {
0348 netdev_err(priv->net_dev, "invalid data format\n");
0349 priv->nstats.rx_errors++;
0350 return -EINVAL;
0351 }
0352 if (((auth_type == TYPE_PMK1 &&
0353 priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) ||
0354 (auth_type == TYPE_GMK1 &&
0355 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) ||
0356 (auth_type == TYPE_GMK2 &&
0357 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) &&
0358 key->key_len) {
0359 int ret;
0360
0361 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n",
0362 eth_proto, priv->rx_size);
0363
0364 memcpy(&recv_mic[0],
0365 (priv->rxp) + ((priv->rx_size) - sizeof(recv_mic)),
0366 sizeof(recv_mic));
0367 priv->rx_size = priv->rx_size - sizeof(recv_mic);
0368
0369 ret = michael_mic(key->rx_mic_key, priv->rxp, priv->rx_size,
0370 0, mic);
0371 if (ret < 0)
0372 return ret;
0373 if (memcmp(mic, recv_mic, sizeof(mic)) != 0) {
0374 now = jiffies;
0375 mic_failure = &priv->wpa.mic_failure;
0376
0377 if (mic_failure->last_failure_time &&
0378 (now - mic_failure->last_failure_time) / HZ >= 60) {
0379 mic_failure->failure = 0;
0380 }
0381 netdev_err(priv->net_dev, "MIC FAILURE\n");
0382 if (mic_failure->failure == 0) {
0383 mic_failure->failure = 1;
0384 mic_failure->counter = 0;
0385 } else if (mic_failure->failure == 1) {
0386 mic_failure->failure = 2;
0387 mic_failure->counter =
0388 (u16)((now - mic_failure->last_failure_time) / HZ);
0389
0390 if (!mic_failure->counter)
0391 mic_failure->counter = 1;
0392 }
0393 priv->wpa.mic_failure.last_failure_time = now;
0394
0395
0396 sprintf(buf,
0397 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)",
0398 key_index,
0399 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni",
0400 eth_hdr->h_source);
0401 memset(&wrqu, 0, sizeof(wrqu));
0402 wrqu.data.length = strlen(buf);
0403 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu,
0404 buf);
0405 return -EINVAL;
0406 }
0407 }
0408 return 0;
0409 }
0410
0411 static
0412 void hostif_data_indication(struct ks_wlan_private *priv)
0413 {
0414 unsigned int rx_ind_size;
0415 struct sk_buff *skb;
0416 u16 auth_type;
0417 unsigned char temp[256];
0418 struct ether_hdr *eth_hdr;
0419 struct ieee802_1x_hdr *aa1x_hdr;
0420 size_t size;
0421 int ret;
0422
0423
0424 if (priv->rx_size <= ETH_HLEN) {
0425 priv->nstats.rx_errors++;
0426 return;
0427 }
0428
0429 auth_type = get_word(priv);
0430 get_word(priv);
0431
0432 eth_hdr = (struct ether_hdr *)(priv->rxp);
0433
0434
0435 if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) {
0436 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n");
0437 netdev_err(priv->net_dev, "eth_hdrernet->h_dest=%pM\n", eth_hdr->h_source);
0438 priv->nstats.rx_errors++;
0439 return;
0440 }
0441
0442
0443 if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) {
0444 ret = hostif_data_indication_wpa(priv, auth_type);
0445 if (ret)
0446 return;
0447 }
0448
0449 if ((priv->connect_status & FORCE_DISCONNECT) ||
0450 priv->wpa.mic_failure.failure == 2) {
0451 return;
0452 }
0453
0454
0455 switch (*(priv->rxp + 12)) {
0456 case LLC_SAP_SNAP:
0457 rx_ind_size = priv->rx_size - 6;
0458 skb = dev_alloc_skb(rx_ind_size);
0459 if (!skb) {
0460 priv->nstats.rx_dropped++;
0461 return;
0462 }
0463 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n",
0464 rx_ind_size);
0465
0466 size = ETH_ALEN * 2;
0467 skb_put_data(skb, priv->rxp, size);
0468
0469
0470
0471 size = rx_ind_size - (ETH_ALEN * 2);
0472 skb_put_data(skb, ð_hdr->h_proto, size);
0473
0474 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE);
0475 break;
0476 case LLC_SAP_NETBEUI:
0477 rx_ind_size = (priv->rx_size + 2);
0478 skb = dev_alloc_skb(rx_ind_size);
0479 if (!skb) {
0480 priv->nstats.rx_dropped++;
0481 return;
0482 }
0483 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n",
0484 rx_ind_size);
0485
0486
0487 skb_put_data(skb, priv->rxp, 12);
0488
0489
0490 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff);
0491 temp[1] = ((rx_ind_size - 12) & 0xff);
0492 skb_put_data(skb, temp, 2);
0493
0494
0495 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14);
0496
0497 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14);
0498 break;
0499 default:
0500 netdev_err(priv->net_dev, "invalid data format\n");
0501 priv->nstats.rx_errors++;
0502 return;
0503 }
0504
0505 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY &&
0506 priv->wpa.rsn_enabled)
0507 atomic_set(&priv->psstatus.snooze_guard, 1);
0508
0509
0510 skb->dev = priv->net_dev;
0511 skb->protocol = eth_type_trans(skb, skb->dev);
0512 priv->nstats.rx_packets++;
0513 priv->nstats.rx_bytes += rx_ind_size;
0514 netif_rx(skb);
0515 }
0516
0517 static
0518 void hostif_mib_get_confirm(struct ks_wlan_private *priv)
0519 {
0520 struct net_device *dev = priv->net_dev;
0521 u32 mib_status;
0522 u32 mib_attribute;
0523
0524 mib_status = get_dword(priv);
0525 mib_attribute = get_dword(priv);
0526 get_word(priv);
0527 get_word(priv);
0528
0529 if (mib_status) {
0530 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n",
0531 mib_attribute, mib_status);
0532 return;
0533 }
0534
0535 switch (mib_attribute) {
0536 case DOT11_MAC_ADDRESS:
0537 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS);
0538 ether_addr_copy(priv->eth_addr, priv->rxp);
0539 priv->mac_address_valid = true;
0540 eth_hw_addr_set(dev, priv->eth_addr);
0541 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr);
0542 break;
0543 case DOT11_PRODUCT_VERSION:
0544 priv->version_size = priv->rx_size;
0545 memcpy(priv->firmware_version, priv->rxp, priv->rx_size);
0546 priv->firmware_version[priv->rx_size] = '\0';
0547 netdev_info(dev, "firmware ver. = %s\n",
0548 priv->firmware_version);
0549 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION);
0550
0551 complete(&priv->confirm_wait);
0552 break;
0553 case LOCAL_GAIN:
0554 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain));
0555 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n",
0556 priv->gain.tx_mode, priv->gain.rx_mode,
0557 priv->gain.tx_gain, priv->gain.rx_gain);
0558 break;
0559 case LOCAL_EEPROM_SUM:
0560 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum));
0561 if (priv->eeprom_sum.type != 0 &&
0562 priv->eeprom_sum.type != 1) {
0563 netdev_err(dev, "LOCAL_EEPROM_SUM error!\n");
0564 return;
0565 }
0566 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ?
0567 EEPROM_CHECKSUM_NONE :
0568 (priv->eeprom_sum.result == 0) ?
0569 EEPROM_NG : EEPROM_OK;
0570 break;
0571 default:
0572 netdev_err(priv->net_dev, "mib_attribute=%08x\n",
0573 (unsigned int)mib_attribute);
0574 break;
0575 }
0576 }
0577
0578 static
0579 void hostif_mib_set_confirm(struct ks_wlan_private *priv)
0580 {
0581 u32 mib_status;
0582 u32 mib_attribute;
0583
0584 mib_status = get_dword(priv);
0585 mib_attribute = get_dword(priv);
0586
0587 if (mib_status) {
0588
0589 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n",
0590 mib_attribute, mib_status);
0591 }
0592
0593 switch (mib_attribute) {
0594 case DOT11_RTS_THRESHOLD:
0595 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM);
0596 break;
0597 case DOT11_FRAGMENTATION_THRESHOLD:
0598 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM);
0599 break;
0600 case DOT11_WEP_DEFAULT_KEY_ID:
0601 if (!priv->wpa.wpa_enabled)
0602 hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM);
0603 break;
0604 case DOT11_WEP_DEFAULT_KEY_VALUE1:
0605 if (priv->wpa.rsn_enabled)
0606 hostif_sme_enqueue(priv, SME_SET_PMK_TSC);
0607 else
0608 hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM);
0609 break;
0610 case DOT11_WEP_DEFAULT_KEY_VALUE2:
0611 if (priv->wpa.rsn_enabled)
0612 hostif_sme_enqueue(priv, SME_SET_GMK1_TSC);
0613 else
0614 hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM);
0615 break;
0616 case DOT11_WEP_DEFAULT_KEY_VALUE3:
0617 if (priv->wpa.rsn_enabled)
0618 hostif_sme_enqueue(priv, SME_SET_GMK2_TSC);
0619 else
0620 hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM);
0621 break;
0622 case DOT11_WEP_DEFAULT_KEY_VALUE4:
0623 if (!priv->wpa.rsn_enabled)
0624 hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM);
0625 break;
0626 case DOT11_PRIVACY_INVOKED:
0627 if (!priv->wpa.rsn_enabled)
0628 hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM);
0629 break;
0630 case DOT11_RSN_ENABLED:
0631 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM);
0632 break;
0633 case LOCAL_RSN_MODE:
0634 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM);
0635 break;
0636 case LOCAL_MULTICAST_ADDRESS:
0637 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST);
0638 break;
0639 case LOCAL_MULTICAST_FILTER:
0640 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM);
0641 break;
0642 case LOCAL_CURRENTADDRESS:
0643 priv->mac_address_valid = true;
0644 break;
0645 case DOT11_RSN_CONFIG_MULTICAST_CIPHER:
0646 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM);
0647 break;
0648 case DOT11_RSN_CONFIG_UNICAST_CIPHER:
0649 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM);
0650 break;
0651 case DOT11_RSN_CONFIG_AUTH_SUITE:
0652 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM);
0653 break;
0654 case DOT11_GMK1_TSC:
0655 if (atomic_read(&priv->psstatus.snooze_guard))
0656 atomic_set(&priv->psstatus.snooze_guard, 0);
0657 break;
0658 case DOT11_GMK2_TSC:
0659 if (atomic_read(&priv->psstatus.snooze_guard))
0660 atomic_set(&priv->psstatus.snooze_guard, 0);
0661 break;
0662 case DOT11_PMK_TSC:
0663 case LOCAL_PMK:
0664 case LOCAL_GAIN:
0665 case LOCAL_WPS_ENABLE:
0666 case LOCAL_WPS_PROBE_REQ:
0667 case LOCAL_REGION:
0668 default:
0669 break;
0670 }
0671 }
0672
0673 static
0674 void hostif_power_mgmt_confirm(struct ks_wlan_private *priv)
0675 {
0676 if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE &&
0677 priv->reg.operation_mode == MODE_INFRASTRUCTURE) {
0678 atomic_set(&priv->psstatus.confirm_wait, 0);
0679 priv->dev_state = DEVICE_STATE_SLEEP;
0680 ks_wlan_hw_power_save(priv);
0681 } else {
0682 priv->dev_state = DEVICE_STATE_READY;
0683 }
0684 }
0685
0686 static
0687 void hostif_sleep_confirm(struct ks_wlan_private *priv)
0688 {
0689 atomic_set(&priv->sleepstatus.doze_request, 1);
0690 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
0691 }
0692
0693 static
0694 void hostif_start_confirm(struct ks_wlan_private *priv)
0695 {
0696 union iwreq_data wrqu;
0697
0698 wrqu.data.length = 0;
0699 wrqu.data.flags = 0;
0700 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
0701 if (is_connect_status(priv->connect_status)) {
0702 eth_zero_addr(wrqu.ap_addr.sa_data);
0703 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
0704 }
0705 netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count);
0706 hostif_sme_enqueue(priv, SME_START_CONFIRM);
0707 }
0708
0709 static
0710 void hostif_connect_indication(struct ks_wlan_private *priv)
0711 {
0712 u16 connect_code;
0713 unsigned int tmp = 0;
0714 unsigned int old_status = priv->connect_status;
0715 struct net_device *netdev = priv->net_dev;
0716 union iwreq_data wrqu0;
0717
0718 connect_code = get_word(priv);
0719
0720 switch (connect_code) {
0721 case RESULT_CONNECT:
0722 if (!(priv->connect_status & FORCE_DISCONNECT))
0723 netif_carrier_on(netdev);
0724 tmp = FORCE_DISCONNECT & priv->connect_status;
0725 priv->connect_status = tmp + CONNECT_STATUS;
0726 break;
0727 case RESULT_DISCONNECT:
0728 netif_carrier_off(netdev);
0729 tmp = FORCE_DISCONNECT & priv->connect_status;
0730 priv->connect_status = tmp + DISCONNECT_STATUS;
0731 break;
0732 default:
0733 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n",
0734 connect_code, priv->scan_ind_count);
0735 netif_carrier_off(netdev);
0736 tmp = FORCE_DISCONNECT & priv->connect_status;
0737 priv->connect_status = tmp + DISCONNECT_STATUS;
0738 break;
0739 }
0740
0741 get_current_ap(priv, (struct link_ap_info *)priv->rxp);
0742 if (is_connect_status(priv->connect_status) &&
0743 is_disconnect_status(old_status)) {
0744
0745 atomic_set(&priv->psstatus.snooze_guard, 0);
0746 atomic_set(&priv->psstatus.confirm_wait, 0);
0747 }
0748 ks_wlan_do_power_save(priv);
0749
0750 wrqu0.data.length = 0;
0751 wrqu0.data.flags = 0;
0752 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
0753 if (is_disconnect_status(priv->connect_status) &&
0754 is_connect_status(old_status)) {
0755 eth_zero_addr(wrqu0.ap_addr.sa_data);
0756 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n",
0757 priv->scan_ind_count);
0758 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
0759 }
0760 priv->scan_ind_count = 0;
0761 }
0762
0763 static
0764 void hostif_scan_indication(struct ks_wlan_private *priv)
0765 {
0766 int i;
0767 struct ap_info *ap_info;
0768
0769 netdev_dbg(priv->net_dev,
0770 "scan_ind_count = %d\n", priv->scan_ind_count);
0771 ap_info = (struct ap_info *)(priv->rxp);
0772
0773 if (priv->scan_ind_count) {
0774
0775 for (i = 0; i < priv->aplist.size; i++) {
0776 u8 *bssid = priv->aplist.ap[i].bssid;
0777
0778 if (ether_addr_equal(ap_info->bssid, bssid))
0779 continue;
0780
0781 if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP)
0782 get_ap_information(priv, ap_info,
0783 &priv->aplist.ap[i]);
0784 return;
0785 }
0786 }
0787 priv->scan_ind_count++;
0788 if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) {
0789 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n",
0790 priv->scan_ind_count, priv->aplist.size);
0791 get_ap_information(priv, (struct ap_info *)(priv->rxp),
0792 &priv->aplist.ap[priv->scan_ind_count - 1]);
0793 priv->aplist.size = priv->scan_ind_count;
0794 } else {
0795 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n",
0796 priv->scan_ind_count);
0797 }
0798 }
0799
0800 static
0801 void hostif_stop_confirm(struct ks_wlan_private *priv)
0802 {
0803 unsigned int tmp = 0;
0804 unsigned int old_status = priv->connect_status;
0805 struct net_device *netdev = priv->net_dev;
0806 union iwreq_data wrqu0;
0807
0808 if (priv->dev_state == DEVICE_STATE_SLEEP)
0809 priv->dev_state = DEVICE_STATE_READY;
0810
0811
0812 if (is_connect_status(priv->connect_status)) {
0813 netif_carrier_off(netdev);
0814 tmp = FORCE_DISCONNECT & priv->connect_status;
0815 priv->connect_status = tmp | DISCONNECT_STATUS;
0816 netdev_info(netdev, "IWEVENT: disconnect\n");
0817
0818 wrqu0.data.length = 0;
0819 wrqu0.data.flags = 0;
0820 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
0821 if (is_disconnect_status(priv->connect_status) &&
0822 is_connect_status(old_status)) {
0823 eth_zero_addr(wrqu0.ap_addr.sa_data);
0824 netdev_info(netdev, "IWEVENT: disconnect\n");
0825 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
0826 }
0827 priv->scan_ind_count = 0;
0828 }
0829
0830 hostif_sme_enqueue(priv, SME_STOP_CONFIRM);
0831 }
0832
0833 static
0834 void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv)
0835 {
0836 priv->infra_status = 0;
0837 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
0838 }
0839
0840 static
0841 void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv)
0842 {
0843 get_word(priv);
0844 priv->infra_status = 1;
0845 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
0846 }
0847
0848 static
0849 void hostif_adhoc_set_confirm(struct ks_wlan_private *priv)
0850 {
0851 priv->infra_status = 1;
0852 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
0853 }
0854
0855 static
0856 void hostif_associate_indication(struct ks_wlan_private *priv)
0857 {
0858 struct association_request *assoc_req;
0859 struct association_response *assoc_resp;
0860 unsigned char *pb;
0861 union iwreq_data wrqu;
0862 char buf[IW_CUSTOM_MAX];
0863 char *pbuf = &buf[0];
0864 int i;
0865
0866 static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs=";
0867 static const char associnfo_leader1[] = " RespIEs=";
0868
0869 assoc_req = (struct association_request *)(priv->rxp);
0870 assoc_resp = (struct association_response *)(assoc_req + 1);
0871 pb = (unsigned char *)(assoc_resp + 1);
0872
0873 memset(&wrqu, 0, sizeof(wrqu));
0874 memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1);
0875 wrqu.data.length += sizeof(associnfo_leader0) - 1;
0876 pbuf += sizeof(associnfo_leader0) - 1;
0877
0878 for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++)
0879 pbuf += sprintf(pbuf, "%02x", *(pb + i));
0880 wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2;
0881
0882 memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1);
0883 wrqu.data.length += sizeof(associnfo_leader1) - 1;
0884 pbuf += sizeof(associnfo_leader1) - 1;
0885
0886 pb += le16_to_cpu(assoc_req->req_ies_size);
0887 for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++)
0888 pbuf += sprintf(pbuf, "%02x", *(pb + i));
0889 wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2;
0890
0891 pbuf += sprintf(pbuf, ")");
0892 wrqu.data.length += 1;
0893
0894 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf);
0895 }
0896
0897 static
0898 void hostif_bss_scan_confirm(struct ks_wlan_private *priv)
0899 {
0900 u32 result_code;
0901 struct net_device *dev = priv->net_dev;
0902 union iwreq_data wrqu;
0903
0904 result_code = get_dword(priv);
0905 netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n",
0906 result_code, priv->scan_ind_count);
0907
0908 priv->sme_i.sme_flag &= ~SME_AP_SCAN;
0909 hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM);
0910
0911 wrqu.data.length = 0;
0912 wrqu.data.flags = 0;
0913 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
0914 priv->scan_ind_count = 0;
0915 }
0916
0917 static
0918 void hostif_phy_information_confirm(struct ks_wlan_private *priv)
0919 {
0920 struct iw_statistics *wstats = &priv->wstats;
0921 u8 rssi, signal;
0922 u8 link_speed;
0923 u32 transmitted_frame_count, received_fragment_count;
0924 u32 failed_count, fcs_error_count;
0925
0926 rssi = get_byte(priv);
0927 signal = get_byte(priv);
0928 get_byte(priv);
0929 link_speed = get_byte(priv);
0930 transmitted_frame_count = get_dword(priv);
0931 received_fragment_count = get_dword(priv);
0932 failed_count = get_dword(priv);
0933 fcs_error_count = get_dword(priv);
0934
0935 netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n",
0936 rssi, signal);
0937 priv->current_rate = (link_speed & RATE_MASK);
0938 wstats->qual.qual = signal;
0939 wstats->qual.level = 256 - rssi;
0940 wstats->qual.noise = 0;
0941 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
0942
0943 netdev_dbg(priv->net_dev, "\n rssi=%u\n"
0944 " signal=%u\n"
0945 " link_speed=%ux500Kbps\n"
0946 " transmitted_frame_count=%u\n"
0947 " received_fragment_count=%u\n"
0948 " failed_count=%u\n"
0949 " fcs_error_count=%u\n",
0950 rssi, signal, link_speed, transmitted_frame_count,
0951 received_fragment_count, failed_count, fcs_error_count);
0952
0953 complete(&priv->confirm_wait);
0954 }
0955
0956 static
0957 void hostif_mic_failure_confirm(struct ks_wlan_private *priv)
0958 {
0959 netdev_dbg(priv->net_dev, "mic_failure=%u\n",
0960 priv->wpa.mic_failure.failure);
0961 hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM);
0962 }
0963
0964 static
0965 void hostif_event_check(struct ks_wlan_private *priv)
0966 {
0967 u16 event;
0968
0969 event = get_word(priv);
0970 switch (event) {
0971 case HIF_DATA_IND:
0972 hostif_data_indication(priv);
0973 break;
0974 case HIF_MIB_GET_CONF:
0975 hostif_mib_get_confirm(priv);
0976 break;
0977 case HIF_MIB_SET_CONF:
0978 hostif_mib_set_confirm(priv);
0979 break;
0980 case HIF_POWER_MGMT_CONF:
0981 hostif_power_mgmt_confirm(priv);
0982 break;
0983 case HIF_SLEEP_CONF:
0984 hostif_sleep_confirm(priv);
0985 break;
0986 case HIF_START_CONF:
0987 hostif_start_confirm(priv);
0988 break;
0989 case HIF_CONNECT_IND:
0990 hostif_connect_indication(priv);
0991 break;
0992 case HIF_STOP_CONF:
0993 hostif_stop_confirm(priv);
0994 break;
0995 case HIF_PS_ADH_SET_CONF:
0996 hostif_ps_adhoc_set_confirm(priv);
0997 break;
0998 case HIF_INFRA_SET_CONF:
0999 case HIF_INFRA_SET2_CONF:
1000 hostif_infrastructure_set_confirm(priv);
1001 break;
1002 case HIF_ADH_SET_CONF:
1003 case HIF_ADH_SET2_CONF:
1004 hostif_adhoc_set_confirm(priv);
1005 break;
1006 case HIF_ASSOC_INFO_IND:
1007 hostif_associate_indication(priv);
1008 break;
1009 case HIF_MIC_FAILURE_CONF:
1010 hostif_mic_failure_confirm(priv);
1011 break;
1012 case HIF_SCAN_CONF:
1013 hostif_bss_scan_confirm(priv);
1014 break;
1015 case HIF_PHY_INFO_CONF:
1016 case HIF_PHY_INFO_IND:
1017 hostif_phy_information_confirm(priv);
1018 break;
1019 case HIF_SCAN_IND:
1020 hostif_scan_indication(priv);
1021 break;
1022 case HIF_AP_SET_CONF:
1023 default:
1024 netdev_err(priv->net_dev, "undefined event[%04X]\n", event);
1025
1026 complete(&priv->confirm_wait);
1027 break;
1028 }
1029
1030
1031 priv->hostt.buff[priv->hostt.qtail] = event;
1032 priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE;
1033 }
1034
1035
1036 static void *hostif_generic_request(size_t size, int event)
1037 {
1038 struct hostif_hdr *p;
1039
1040 p = kzalloc(hif_align_size(size), GFP_ATOMIC);
1041 if (!p)
1042 return NULL;
1043
1044 p->size = cpu_to_le16(size - sizeof(p->size));
1045 p->event = cpu_to_le16(event);
1046
1047 return p;
1048 }
1049
1050 int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb)
1051 {
1052 unsigned int skb_len = 0;
1053 unsigned char *buffer = NULL;
1054 unsigned int length = 0;
1055 struct hostif_data_request *pp;
1056 unsigned char *p;
1057 unsigned short eth_proto;
1058 struct ether_hdr *eth_hdr;
1059 unsigned short keyinfo = 0;
1060 struct ieee802_1x_hdr *aa1x_hdr;
1061 struct wpa_eapol_key *eap_key;
1062 struct ethhdr *eth;
1063 size_t size;
1064 int ret;
1065
1066 skb_len = skb->len;
1067 if (skb_len > ETH_FRAME_LEN) {
1068 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len);
1069 ret = -EOVERFLOW;
1070 goto err_kfree_skb;
1071 }
1072
1073 if (is_disconnect_status(priv->connect_status) ||
1074 (priv->connect_status & FORCE_DISCONNECT) ||
1075 priv->wpa.mic_failure.stop) {
1076 if (netif_queue_stopped(priv->net_dev))
1077 netif_wake_queue(priv->net_dev);
1078
1079 dev_kfree_skb(skb);
1080
1081 return 0;
1082 }
1083
1084
1085 if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) {
1086 if (!netif_queue_stopped(priv->net_dev))
1087 netif_stop_queue(priv->net_dev);
1088 }
1089
1090 size = sizeof(*pp) + 6 + skb_len + 8;
1091 pp = kmalloc(hif_align_size(size), GFP_ATOMIC);
1092 if (!pp) {
1093 ret = -ENOMEM;
1094 goto err_kfree_skb;
1095 }
1096
1097 p = (unsigned char *)pp->data;
1098
1099 buffer = skb->data;
1100 length = skb->len;
1101
1102
1103 eth = (struct ethhdr *)skb->data;
1104 if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) {
1105 netdev_err(priv->net_dev,
1106 "Invalid mac address: ethernet->h_source=%pM\n",
1107 eth->h_source);
1108 ret = -ENXIO;
1109 goto err_kfree;
1110 }
1111
1112
1113 size = ETH_ALEN * 2;
1114 memcpy(p, buffer, size);
1115 p += size;
1116 buffer += size;
1117 length -= size;
1118
1119
1120 if (*(buffer + 1) + (*buffer << 8) > 1500) {
1121
1122
1123 *p++ = 0xAA;
1124 *p++ = 0xAA;
1125 *p++ = 0x03;
1126 *p++ = 0x00;
1127 *p++ = 0x00;
1128 *p++ = 0x00;
1129 skb_len += 6;
1130 } else {
1131
1132 buffer += 2;
1133 length -= 2;
1134 skb_len -= 2;
1135 }
1136
1137
1138 memcpy(p, buffer, length);
1139
1140 p += length;
1141
1142
1143 eth_hdr = (struct ether_hdr *)&pp->data[0];
1144 eth_proto = ntohs(eth_hdr->h_proto);
1145
1146
1147 if (eth_proto == ETH_P_PAE &&
1148 priv->wpa.mic_failure.failure > 0) {
1149 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1);
1150 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) {
1151 eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1);
1152 keyinfo = ntohs(eap_key->key_info);
1153 }
1154 }
1155
1156 if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) {
1157
1158 if (eth_proto == ETH_P_PAE &&
1159 priv->wpa.key[1].key_len == 0 &&
1160 priv->wpa.key[2].key_len == 0 &&
1161 priv->wpa.key[3].key_len == 0) {
1162 pp->auth_type = cpu_to_le16(TYPE_AUTH);
1163 } else {
1164 if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) {
1165 u8 mic[MICHAEL_MIC_LEN];
1166
1167 ret = michael_mic(priv->wpa.key[0].tx_mic_key,
1168 &pp->data[0], skb_len,
1169 0, mic);
1170 if (ret < 0)
1171 goto err_kfree;
1172
1173 memcpy(p, mic, sizeof(mic));
1174 length += sizeof(mic);
1175 skb_len += sizeof(mic);
1176 p += sizeof(mic);
1177 pp->auth_type =
1178 cpu_to_le16(TYPE_DATA);
1179 } else if (priv->wpa.pairwise_suite ==
1180 IW_AUTH_CIPHER_CCMP) {
1181 pp->auth_type =
1182 cpu_to_le16(TYPE_DATA);
1183 }
1184 }
1185 } else {
1186 if (eth_proto == ETH_P_PAE)
1187 pp->auth_type = cpu_to_le16(TYPE_AUTH);
1188 else
1189 pp->auth_type = cpu_to_le16(TYPE_DATA);
1190 }
1191
1192
1193 pp->header.size =
1194 cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len));
1195 pp->header.event = cpu_to_le16(HIF_DATA_REQ);
1196
1197
1198 ret = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len),
1199 send_packet_complete, skb);
1200
1201
1202 if (eth_proto == ETH_P_PAE &&
1203 priv->wpa.mic_failure.failure > 0) {
1204 if (keyinfo & WPA_KEY_INFO_ERROR &&
1205 keyinfo & WPA_KEY_INFO_REQUEST) {
1206 netdev_err(priv->net_dev,
1207 "MIC ERROR Report SET : %04X\n", keyinfo);
1208 hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST);
1209 }
1210 if (priv->wpa.mic_failure.failure == 2)
1211 priv->wpa.mic_failure.stop = 1;
1212 }
1213
1214 return ret;
1215
1216 err_kfree:
1217 kfree(pp);
1218 err_kfree_skb:
1219 dev_kfree_skb(skb);
1220
1221 return ret;
1222 }
1223
1224 static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv)
1225 {
1226 if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET)
1227 atomic_inc(&priv->psstatus.confirm_wait);
1228 }
1229
1230 static inline void send_request_to_device(struct ks_wlan_private *priv,
1231 void *data, size_t size)
1232 {
1233 ps_confirm_wait_inc(priv);
1234 ks_wlan_hw_tx(priv, data, size, NULL, NULL);
1235 }
1236
1237 static void hostif_mib_get_request(struct ks_wlan_private *priv,
1238 u32 mib_attribute)
1239 {
1240 struct hostif_mib_get_request *pp;
1241
1242 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ);
1243 if (!pp)
1244 return;
1245
1246 pp->mib_attribute = cpu_to_le32(mib_attribute);
1247
1248 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1249 }
1250
1251 static void hostif_mib_set_request(struct ks_wlan_private *priv,
1252 enum mib_attribute attr,
1253 enum mib_data_type type,
1254 void *data, size_t size)
1255 {
1256 struct hostif_mib_set_request_t *pp;
1257
1258 if (priv->dev_state < DEVICE_STATE_BOOT)
1259 return;
1260
1261 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ);
1262 if (!pp)
1263 return;
1264
1265 pp->mib_attribute = cpu_to_le32(attr);
1266 pp->mib_value.size = cpu_to_le16(size);
1267 pp->mib_value.type = cpu_to_le16(type);
1268 memcpy(&pp->mib_value.body, data, size);
1269
1270 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size));
1271 }
1272
1273 static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv,
1274 enum mib_attribute attr, int val)
1275 {
1276 __le32 v = cpu_to_le32(val);
1277 size_t size = sizeof(v);
1278
1279 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size);
1280 }
1281
1282 static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv,
1283 enum mib_attribute attr,
1284 bool val)
1285 {
1286 __le32 v = cpu_to_le32(val);
1287 size_t size = sizeof(v);
1288
1289 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size);
1290 }
1291
1292 static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv,
1293 enum mib_attribute attr,
1294 void *data, size_t size)
1295 {
1296 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size);
1297 }
1298
1299 static
1300 void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode)
1301 {
1302 struct hostif_start_request *pp;
1303
1304 pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ);
1305 if (!pp)
1306 return;
1307
1308 pp->mode = cpu_to_le16(mode);
1309
1310 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1311
1312 priv->aplist.size = 0;
1313 priv->scan_ind_count = 0;
1314 }
1315
1316 static __le16 ks_wlan_cap(struct ks_wlan_private *priv)
1317 {
1318 u16 capability = 0x0000;
1319
1320 if (priv->reg.preamble == SHORT_PREAMBLE)
1321 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE;
1322
1323 capability &= ~(WLAN_CAPABILITY_PBCC);
1324
1325 if (priv->reg.phy_type != D_11B_ONLY_MODE) {
1326 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
1327 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM);
1328 }
1329
1330 return cpu_to_le16(capability);
1331 }
1332
1333 static void init_request(struct ks_wlan_private *priv,
1334 struct hostif_request *req)
1335 {
1336 req->phy_type = cpu_to_le16(priv->reg.phy_type);
1337 req->cts_mode = cpu_to_le16(priv->reg.cts_mode);
1338 req->scan_type = cpu_to_le16(priv->reg.scan_type);
1339 req->rate_set.size = priv->reg.rate_set.size;
1340 req->capability = ks_wlan_cap(priv);
1341 memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0],
1342 priv->reg.rate_set.size);
1343 }
1344
1345 static
1346 void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv)
1347 {
1348 struct hostif_ps_adhoc_set_request *pp;
1349
1350 pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ);
1351 if (!pp)
1352 return;
1353
1354 init_request(priv, &pp->request);
1355 pp->channel = cpu_to_le16(priv->reg.channel);
1356
1357 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1358 }
1359
1360 static
1361 void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event)
1362 {
1363 struct hostif_infrastructure_set_request *pp;
1364
1365 pp = hostif_generic_request(sizeof(*pp), event);
1366 if (!pp)
1367 return;
1368
1369 init_request(priv, &pp->request);
1370 pp->ssid.size = priv->reg.ssid.size;
1371 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1372 pp->beacon_lost_count =
1373 cpu_to_le16(priv->reg.beacon_lost_count);
1374 pp->auth_type = cpu_to_le16(priv->reg.authenticate_type);
1375
1376 pp->channel_list.body[0] = 1;
1377 pp->channel_list.body[1] = 8;
1378 pp->channel_list.body[2] = 2;
1379 pp->channel_list.body[3] = 9;
1380 pp->channel_list.body[4] = 3;
1381 pp->channel_list.body[5] = 10;
1382 pp->channel_list.body[6] = 4;
1383 pp->channel_list.body[7] = 11;
1384 pp->channel_list.body[8] = 5;
1385 pp->channel_list.body[9] = 12;
1386 pp->channel_list.body[10] = 6;
1387 pp->channel_list.body[11] = 13;
1388 pp->channel_list.body[12] = 7;
1389 if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1390 pp->channel_list.size = 13;
1391 } else {
1392 pp->channel_list.body[13] = 14;
1393 pp->channel_list.size = 14;
1394 }
1395
1396 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1397 }
1398
1399 static
1400 void hostif_adhoc_set_request(struct ks_wlan_private *priv)
1401 {
1402 struct hostif_adhoc_set_request *pp;
1403
1404 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1405 if (!pp)
1406 return;
1407
1408 init_request(priv, &pp->request);
1409 pp->channel = cpu_to_le16(priv->reg.channel);
1410 pp->ssid.size = priv->reg.ssid.size;
1411 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1412
1413 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1414 }
1415
1416 static
1417 void hostif_adhoc_set2_request(struct ks_wlan_private *priv)
1418 {
1419 struct hostif_adhoc_set2_request *pp;
1420
1421 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1422 if (!pp)
1423 return;
1424
1425 init_request(priv, &pp->request);
1426 pp->ssid.size = priv->reg.ssid.size;
1427 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1428
1429 pp->channel_list.body[0] = priv->reg.channel;
1430 pp->channel_list.size = 1;
1431 memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN);
1432
1433 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1434 }
1435
1436 static
1437 void hostif_stop_request(struct ks_wlan_private *priv)
1438 {
1439 struct hostif_stop_request *pp;
1440
1441 pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ);
1442 if (!pp)
1443 return;
1444
1445 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1446 }
1447
1448 static
1449 void hostif_phy_information_request(struct ks_wlan_private *priv)
1450 {
1451 struct hostif_phy_information_request *pp;
1452
1453 pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ);
1454 if (!pp)
1455 return;
1456
1457 if (priv->reg.phy_info_timer) {
1458 pp->type = cpu_to_le16(TIME_TYPE);
1459 pp->time = cpu_to_le16(priv->reg.phy_info_timer);
1460 } else {
1461 pp->type = cpu_to_le16(NORMAL_TYPE);
1462 pp->time = cpu_to_le16(0);
1463 }
1464
1465 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1466 }
1467
1468 static
1469 void hostif_power_mgmt_request(struct ks_wlan_private *priv,
1470 u32 mode, u32 wake_up, u32 receive_dtims)
1471 {
1472 struct hostif_power_mgmt_request *pp;
1473
1474 pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ);
1475 if (!pp)
1476 return;
1477
1478 pp->mode = cpu_to_le32(mode);
1479 pp->wake_up = cpu_to_le32(wake_up);
1480 pp->receive_dtims = cpu_to_le32(receive_dtims);
1481
1482 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1483 }
1484
1485 static
1486 void hostif_sleep_request(struct ks_wlan_private *priv,
1487 enum sleep_mode_type mode)
1488 {
1489 struct hostif_sleep_request *pp;
1490
1491 if (mode == SLP_SLEEP) {
1492 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ);
1493 if (!pp)
1494 return;
1495
1496 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1497 } else if (mode == SLP_ACTIVE) {
1498 atomic_set(&priv->sleepstatus.wakeup_request, 1);
1499 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
1500 } else {
1501 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode);
1502 return;
1503 }
1504 }
1505
1506 static
1507 void hostif_bss_scan_request(struct ks_wlan_private *priv,
1508 unsigned long scan_type, u8 *scan_ssid,
1509 u8 scan_ssid_len)
1510 {
1511 struct hostif_bss_scan_request *pp;
1512
1513 pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ);
1514 if (!pp)
1515 return;
1516
1517 pp->scan_type = scan_type;
1518
1519 pp->ch_time_min = cpu_to_le32(110);
1520 pp->ch_time_max = cpu_to_le32(130);
1521 pp->channel_list.body[0] = 1;
1522 pp->channel_list.body[1] = 8;
1523 pp->channel_list.body[2] = 2;
1524 pp->channel_list.body[3] = 9;
1525 pp->channel_list.body[4] = 3;
1526 pp->channel_list.body[5] = 10;
1527 pp->channel_list.body[6] = 4;
1528 pp->channel_list.body[7] = 11;
1529 pp->channel_list.body[8] = 5;
1530 pp->channel_list.body[9] = 12;
1531 pp->channel_list.body[10] = 6;
1532 pp->channel_list.body[11] = 13;
1533 pp->channel_list.body[12] = 7;
1534 if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1535 pp->channel_list.size = 13;
1536 } else {
1537 pp->channel_list.body[13] = 14;
1538 pp->channel_list.size = 14;
1539 }
1540 pp->ssid.size = 0;
1541
1542
1543 if (scan_ssid_len > 0 && scan_ssid_len <= 32) {
1544 pp->ssid.size = scan_ssid_len;
1545 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len);
1546 }
1547
1548 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1549
1550 priv->aplist.size = 0;
1551 priv->scan_ind_count = 0;
1552 }
1553
1554 static
1555 void hostif_mic_failure_request(struct ks_wlan_private *priv,
1556 u16 failure_count, u16 timer)
1557 {
1558 struct hostif_mic_failure_request *pp;
1559
1560 pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ);
1561 if (!pp)
1562 return;
1563
1564 pp->failure_count = cpu_to_le16(failure_count);
1565 pp->timer = cpu_to_le16(timer);
1566
1567 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1568 }
1569
1570
1571 static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p,
1572 unsigned int size)
1573 {
1574 if (!priv->is_device_open)
1575 return;
1576
1577 spin_lock(&priv->dev_read_lock);
1578 priv->dev_data[atomic_read(&priv->rec_count)] = p;
1579 priv->dev_size[atomic_read(&priv->rec_count)] = size;
1580
1581 if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) {
1582
1583 atomic_inc(&priv->event_count);
1584 }
1585 atomic_inc(&priv->rec_count);
1586 if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT)
1587 atomic_set(&priv->rec_count, 0);
1588
1589 wake_up_interruptible_all(&priv->devread_wait);
1590
1591 spin_unlock(&priv->dev_read_lock);
1592 }
1593
1594 void hostif_receive(struct ks_wlan_private *priv, unsigned char *p,
1595 unsigned int size)
1596 {
1597 devio_rec_ind(priv, p, size);
1598
1599 priv->rxp = p;
1600 priv->rx_size = size;
1601
1602 if (get_word(priv) == priv->rx_size)
1603 hostif_event_check(priv);
1604 }
1605
1606 static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type)
1607 {
1608 switch (type) {
1609 case SME_WEP_INDEX_REQUEST:
1610 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1611 priv->reg.wep_index);
1612 break;
1613 case SME_WEP_KEY1_REQUEST:
1614 if (priv->wpa.wpa_enabled)
1615 return;
1616 hostif_mib_set_request_ostring(priv,
1617 DOT11_WEP_DEFAULT_KEY_VALUE1,
1618 &priv->reg.wep_key[0].val[0],
1619 priv->reg.wep_key[0].size);
1620 break;
1621 case SME_WEP_KEY2_REQUEST:
1622 if (priv->wpa.wpa_enabled)
1623 return;
1624 hostif_mib_set_request_ostring(priv,
1625 DOT11_WEP_DEFAULT_KEY_VALUE2,
1626 &priv->reg.wep_key[1].val[0],
1627 priv->reg.wep_key[1].size);
1628 break;
1629 case SME_WEP_KEY3_REQUEST:
1630 if (priv->wpa.wpa_enabled)
1631 return;
1632 hostif_mib_set_request_ostring(priv,
1633 DOT11_WEP_DEFAULT_KEY_VALUE3,
1634 &priv->reg.wep_key[2].val[0],
1635 priv->reg.wep_key[2].size);
1636 break;
1637 case SME_WEP_KEY4_REQUEST:
1638 if (priv->wpa.wpa_enabled)
1639 return;
1640 hostif_mib_set_request_ostring(priv,
1641 DOT11_WEP_DEFAULT_KEY_VALUE4,
1642 &priv->reg.wep_key[3].val[0],
1643 priv->reg.wep_key[3].size);
1644 break;
1645 case SME_WEP_FLAG_REQUEST:
1646 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1647 priv->reg.privacy_invoked);
1648 break;
1649 }
1650 }
1651
1652 struct wpa_suite {
1653 __le16 size;
1654 unsigned char suite[4][CIPHER_ID_LEN];
1655 } __packed;
1656
1657 struct rsn_mode {
1658 __le32 rsn_mode;
1659 __le16 rsn_capability;
1660 } __packed;
1661
1662 static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type)
1663 {
1664 struct wpa_suite wpa_suite;
1665 struct rsn_mode rsn_mode;
1666 size_t size;
1667 u32 mode;
1668 const u8 *buf = NULL;
1669
1670 memset(&wpa_suite, 0, sizeof(wpa_suite));
1671
1672 switch (type) {
1673 case SME_RSN_UCAST_REQUEST:
1674 wpa_suite.size = cpu_to_le16(1);
1675 switch (priv->wpa.pairwise_suite) {
1676 case IW_AUTH_CIPHER_NONE:
1677 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1678 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1679 break;
1680 case IW_AUTH_CIPHER_WEP40:
1681 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1682 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1683 break;
1684 case IW_AUTH_CIPHER_TKIP:
1685 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1686 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1687 break;
1688 case IW_AUTH_CIPHER_CCMP:
1689 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1690 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1691 break;
1692 case IW_AUTH_CIPHER_WEP104:
1693 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1694 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1695 break;
1696 }
1697
1698 if (buf)
1699 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1700 size = sizeof(wpa_suite.size) +
1701 (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size));
1702 hostif_mib_set_request_ostring(priv,
1703 DOT11_RSN_CONFIG_UNICAST_CIPHER,
1704 &wpa_suite, size);
1705 break;
1706 case SME_RSN_MCAST_REQUEST:
1707 switch (priv->wpa.group_suite) {
1708 case IW_AUTH_CIPHER_NONE:
1709 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1710 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1711 break;
1712 case IW_AUTH_CIPHER_WEP40:
1713 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1714 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1715 break;
1716 case IW_AUTH_CIPHER_TKIP:
1717 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1718 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1719 break;
1720 case IW_AUTH_CIPHER_CCMP:
1721 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1722 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1723 break;
1724 case IW_AUTH_CIPHER_WEP104:
1725 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1726 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1727 break;
1728 }
1729 if (buf)
1730 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1731 hostif_mib_set_request_ostring(priv,
1732 DOT11_RSN_CONFIG_MULTICAST_CIPHER,
1733 &wpa_suite.suite[0][0],
1734 CIPHER_ID_LEN);
1735 break;
1736 case SME_RSN_AUTH_REQUEST:
1737 wpa_suite.size = cpu_to_le16(1);
1738 switch (priv->wpa.key_mgmt_suite) {
1739 case IW_AUTH_KEY_MGMT_802_1X:
1740 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1741 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X;
1742 break;
1743 case IW_AUTH_KEY_MGMT_PSK:
1744 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1745 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK;
1746 break;
1747 case 0:
1748 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1749 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE;
1750 break;
1751 case 4:
1752 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1753 KEY_MGMT_ID_WPA2_WPANONE :
1754 KEY_MGMT_ID_WPA_WPANONE;
1755 break;
1756 }
1757
1758 if (buf)
1759 memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN);
1760 size = sizeof(wpa_suite.size) +
1761 (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size));
1762 hostif_mib_set_request_ostring(priv,
1763 DOT11_RSN_CONFIG_AUTH_SUITE,
1764 &wpa_suite, size);
1765 break;
1766 case SME_RSN_ENABLED_REQUEST:
1767 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED,
1768 priv->wpa.rsn_enabled);
1769 break;
1770 case SME_RSN_MODE_REQUEST:
1771 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1772 RSN_MODE_WPA2 :
1773 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ?
1774 RSN_MODE_WPA : RSN_MODE_NONE;
1775 rsn_mode.rsn_mode = cpu_to_le32(mode);
1776 rsn_mode.rsn_capability = cpu_to_le16(0);
1777 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE,
1778 &rsn_mode, sizeof(rsn_mode));
1779 break;
1780 }
1781 }
1782
1783 static
1784 void hostif_sme_mode_setup(struct ks_wlan_private *priv)
1785 {
1786 unsigned char rate_size;
1787 unsigned char rate_octet[RATE_SET_MAX_SIZE];
1788 int i = 0;
1789
1790
1791 if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) {
1792 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1793 priv->reg.rate_set.body[3] = TX_RATE_11M;
1794 priv->reg.rate_set.body[2] = TX_RATE_5M;
1795 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1796 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1797 priv->reg.rate_set.size = 4;
1798 } else {
1799 priv->reg.rate_set.body[11] = TX_RATE_54M;
1800 priv->reg.rate_set.body[10] = TX_RATE_48M;
1801 priv->reg.rate_set.body[9] = TX_RATE_36M;
1802 priv->reg.rate_set.body[8] = TX_RATE_18M;
1803 priv->reg.rate_set.body[7] = TX_RATE_9M;
1804 priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE;
1805 priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE;
1806 priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE;
1807 priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE;
1808 priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE;
1809 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1810 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1811 priv->reg.rate_set.size = 12;
1812 }
1813 }
1814
1815
1816 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1817 for (i = 0; i < priv->reg.rate_set.size; i++) {
1818 if (!is_11b_rate(priv->reg.rate_set.body[i]))
1819 break;
1820
1821 if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) {
1822 rate_octet[i] = priv->reg.rate_set.body[i] &
1823 RATE_MASK;
1824 } else {
1825 rate_octet[i] = priv->reg.rate_set.body[i];
1826 }
1827 }
1828
1829 } else {
1830 for (i = 0; i < priv->reg.rate_set.size; i++) {
1831 if (!is_11bg_rate(priv->reg.rate_set.body[i]))
1832 break;
1833
1834 if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) {
1835 rate_octet[i] = priv->reg.rate_set.body[i] &
1836 RATE_MASK;
1837 } else {
1838 rate_octet[i] = priv->reg.rate_set.body[i];
1839 }
1840 }
1841 }
1842 rate_size = i;
1843 if (rate_size == 0) {
1844 if (priv->reg.phy_type == D_11G_ONLY_MODE)
1845 rate_octet[0] = TX_RATE_6M | BASIC_RATE;
1846 else
1847 rate_octet[0] = TX_RATE_2M | BASIC_RATE;
1848 rate_size = 1;
1849 }
1850
1851
1852 priv->reg.rate_set.size = rate_size;
1853 memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size);
1854
1855 switch (priv->reg.operation_mode) {
1856 case MODE_PSEUDO_ADHOC:
1857 hostif_ps_adhoc_set_request(priv);
1858 break;
1859 case MODE_INFRASTRUCTURE:
1860 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1861 hostif_infrastructure_set_request(priv,
1862 HIF_INFRA_SET_REQ);
1863 } else {
1864 hostif_infrastructure_set_request(priv,
1865 HIF_INFRA_SET2_REQ);
1866 netdev_dbg(priv->net_dev,
1867 "Infra bssid = %pM\n", priv->reg.bssid);
1868 }
1869 break;
1870 case MODE_ADHOC:
1871 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1872 hostif_adhoc_set_request(priv);
1873 } else {
1874 hostif_adhoc_set2_request(priv);
1875 netdev_dbg(priv->net_dev,
1876 "Adhoc bssid = %pM\n", priv->reg.bssid);
1877 }
1878 break;
1879 default:
1880 break;
1881 }
1882 }
1883
1884 static
1885 void hostif_sme_multicast_set(struct ks_wlan_private *priv)
1886 {
1887 struct net_device *dev = priv->net_dev;
1888 int mc_count;
1889 struct netdev_hw_addr *ha;
1890 char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN];
1891 int i = 0;
1892
1893 spin_lock(&priv->multicast_spin);
1894
1895 memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN);
1896
1897 if (dev->flags & IFF_PROMISC) {
1898 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1899 MCAST_FILTER_PROMISC);
1900 goto spin_unlock;
1901 }
1902
1903 if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) ||
1904 (dev->flags & IFF_ALLMULTI)) {
1905 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1906 MCAST_FILTER_MCASTALL);
1907 goto spin_unlock;
1908 }
1909
1910 if (priv->sme_i.sme_flag & SME_MULTICAST) {
1911 mc_count = netdev_mc_count(dev);
1912 netdev_for_each_mc_addr(ha, dev) {
1913 ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr);
1914 i++;
1915 }
1916 priv->sme_i.sme_flag &= ~SME_MULTICAST;
1917 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS,
1918 &set_address[0],
1919 ETH_ALEN * mc_count);
1920 } else {
1921 priv->sme_i.sme_flag |= SME_MULTICAST;
1922 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1923 MCAST_FILTER_MCAST);
1924 }
1925
1926 spin_unlock:
1927 spin_unlock(&priv->multicast_spin);
1928 }
1929
1930 static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv)
1931 {
1932 u32 mode, wake_up, receive_dtims;
1933
1934 if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 &&
1935 priv->reg.power_mgmt != POWER_MGMT_SAVE2) {
1936 mode = POWER_ACTIVE;
1937 wake_up = 0;
1938 receive_dtims = 0;
1939 } else {
1940 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ?
1941 POWER_SAVE : POWER_ACTIVE;
1942 wake_up = 0;
1943 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE &&
1944 priv->reg.power_mgmt == POWER_MGMT_SAVE2);
1945 }
1946
1947 hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims);
1948 }
1949
1950 static void hostif_sme_sleep_set(struct ks_wlan_private *priv)
1951 {
1952 if (priv->sleep_mode != SLP_SLEEP &&
1953 priv->sleep_mode != SLP_ACTIVE)
1954 return;
1955
1956 hostif_sleep_request(priv, priv->sleep_mode);
1957 }
1958
1959 static
1960 void hostif_sme_set_key(struct ks_wlan_private *priv, int type)
1961 {
1962 switch (type) {
1963 case SME_SET_FLAG:
1964 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1965 priv->reg.privacy_invoked);
1966 break;
1967 case SME_SET_TXKEY:
1968 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1969 priv->wpa.txkey);
1970 break;
1971 case SME_SET_KEY1:
1972 hostif_mib_set_request_ostring(priv,
1973 DOT11_WEP_DEFAULT_KEY_VALUE1,
1974 &priv->wpa.key[0].key_val[0],
1975 priv->wpa.key[0].key_len);
1976 break;
1977 case SME_SET_KEY2:
1978 hostif_mib_set_request_ostring(priv,
1979 DOT11_WEP_DEFAULT_KEY_VALUE2,
1980 &priv->wpa.key[1].key_val[0],
1981 priv->wpa.key[1].key_len);
1982 break;
1983 case SME_SET_KEY3:
1984 hostif_mib_set_request_ostring(priv,
1985 DOT11_WEP_DEFAULT_KEY_VALUE3,
1986 &priv->wpa.key[2].key_val[0],
1987 priv->wpa.key[2].key_len);
1988 break;
1989 case SME_SET_KEY4:
1990 hostif_mib_set_request_ostring(priv,
1991 DOT11_WEP_DEFAULT_KEY_VALUE4,
1992 &priv->wpa.key[3].key_val[0],
1993 priv->wpa.key[3].key_len);
1994 break;
1995 case SME_SET_PMK_TSC:
1996 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC,
1997 &priv->wpa.key[0].rx_seq[0],
1998 WPA_RX_SEQ_LEN);
1999 break;
2000 case SME_SET_GMK1_TSC:
2001 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC,
2002 &priv->wpa.key[1].rx_seq[0],
2003 WPA_RX_SEQ_LEN);
2004 break;
2005 case SME_SET_GMK2_TSC:
2006 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC,
2007 &priv->wpa.key[2].rx_seq[0],
2008 WPA_RX_SEQ_LEN);
2009 break;
2010 }
2011 }
2012
2013 static
2014 void hostif_sme_set_pmksa(struct ks_wlan_private *priv)
2015 {
2016 struct pmk_cache {
2017 __le16 size;
2018 struct {
2019 u8 bssid[ETH_ALEN];
2020 u8 pmkid[IW_PMKID_LEN];
2021 } __packed list[PMK_LIST_MAX];
2022 } __packed pmkcache;
2023 struct pmk *pmk;
2024 size_t size;
2025 int i = 0;
2026
2027 list_for_each_entry(pmk, &priv->pmklist.head, list) {
2028 if (i >= PMK_LIST_MAX)
2029 break;
2030 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid);
2031 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN);
2032 i++;
2033 }
2034 pmkcache.size = cpu_to_le16(priv->pmklist.size);
2035 size = sizeof(priv->pmklist.size) +
2036 ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size);
2037 hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size);
2038 }
2039
2040
2041 static void hostif_sme_execute(struct ks_wlan_private *priv, int event)
2042 {
2043 u16 failure;
2044
2045 switch (event) {
2046 case SME_START:
2047 if (priv->dev_state == DEVICE_STATE_BOOT)
2048 hostif_mib_get_request(priv, DOT11_MAC_ADDRESS);
2049 break;
2050 case SME_MULTICAST_REQUEST:
2051 hostif_sme_multicast_set(priv);
2052 break;
2053 case SME_MACADDRESS_SET_REQUEST:
2054 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS,
2055 &priv->eth_addr[0], ETH_ALEN);
2056 break;
2057 case SME_BSS_SCAN_REQUEST:
2058 hostif_bss_scan_request(priv, priv->reg.scan_type,
2059 priv->scan_ssid, priv->scan_ssid_len);
2060 break;
2061 case SME_POW_MNGMT_REQUEST:
2062 hostif_sme_power_mgmt_set(priv);
2063 break;
2064 case SME_PHY_INFO_REQUEST:
2065 hostif_phy_information_request(priv);
2066 break;
2067 case SME_MIC_FAILURE_REQUEST:
2068 failure = priv->wpa.mic_failure.failure;
2069 if (failure != 1 && failure != 2) {
2070 netdev_err(priv->net_dev,
2071 "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n",
2072 failure);
2073 return;
2074 }
2075 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ?
2076 0 : priv->wpa.mic_failure.counter);
2077 break;
2078 case SME_MIC_FAILURE_CONFIRM:
2079 if (priv->wpa.mic_failure.failure == 2) {
2080 if (priv->wpa.mic_failure.stop)
2081 priv->wpa.mic_failure.stop = 0;
2082 priv->wpa.mic_failure.failure = 0;
2083 hostif_start_request(priv, priv->reg.operation_mode);
2084 }
2085 break;
2086 case SME_GET_MAC_ADDRESS:
2087 if (priv->dev_state == DEVICE_STATE_BOOT)
2088 hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION);
2089 break;
2090 case SME_GET_PRODUCT_VERSION:
2091 if (priv->dev_state == DEVICE_STATE_BOOT)
2092 priv->dev_state = DEVICE_STATE_PREINIT;
2093 break;
2094 case SME_STOP_REQUEST:
2095 hostif_stop_request(priv);
2096 break;
2097 case SME_RTS_THRESHOLD_REQUEST:
2098 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD,
2099 priv->reg.rts);
2100 break;
2101 case SME_FRAGMENTATION_THRESHOLD_REQUEST:
2102 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD,
2103 priv->reg.fragment);
2104 break;
2105 case SME_WEP_INDEX_REQUEST:
2106 case SME_WEP_KEY1_REQUEST:
2107 case SME_WEP_KEY2_REQUEST:
2108 case SME_WEP_KEY3_REQUEST:
2109 case SME_WEP_KEY4_REQUEST:
2110 case SME_WEP_FLAG_REQUEST:
2111 hostif_sme_set_wep(priv, event);
2112 break;
2113 case SME_RSN_UCAST_REQUEST:
2114 case SME_RSN_MCAST_REQUEST:
2115 case SME_RSN_AUTH_REQUEST:
2116 case SME_RSN_ENABLED_REQUEST:
2117 case SME_RSN_MODE_REQUEST:
2118 hostif_sme_set_rsn(priv, event);
2119 break;
2120 case SME_SET_FLAG:
2121 case SME_SET_TXKEY:
2122 case SME_SET_KEY1:
2123 case SME_SET_KEY2:
2124 case SME_SET_KEY3:
2125 case SME_SET_KEY4:
2126 case SME_SET_PMK_TSC:
2127 case SME_SET_GMK1_TSC:
2128 case SME_SET_GMK2_TSC:
2129 hostif_sme_set_key(priv, event);
2130 break;
2131 case SME_SET_PMKSA:
2132 hostif_sme_set_pmksa(priv);
2133 break;
2134 case SME_WPS_ENABLE_REQUEST:
2135 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE,
2136 priv->wps.wps_enabled);
2137 break;
2138 case SME_WPS_PROBE_REQUEST:
2139 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ,
2140 priv->wps.ie, priv->wps.ielen);
2141 break;
2142 case SME_MODE_SET_REQUEST:
2143 hostif_sme_mode_setup(priv);
2144 break;
2145 case SME_SET_GAIN:
2146 hostif_mib_set_request_ostring(priv, LOCAL_GAIN,
2147 &priv->gain, sizeof(priv->gain));
2148 break;
2149 case SME_GET_GAIN:
2150 hostif_mib_get_request(priv, LOCAL_GAIN);
2151 break;
2152 case SME_GET_EEPROM_CKSUM:
2153 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT;
2154 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM);
2155 break;
2156 case SME_START_REQUEST:
2157 hostif_start_request(priv, priv->reg.operation_mode);
2158 break;
2159 case SME_START_CONFIRM:
2160
2161 atomic_set(&priv->psstatus.snooze_guard, 0);
2162 atomic_set(&priv->psstatus.confirm_wait, 0);
2163 if (priv->dev_state == DEVICE_STATE_PREINIT)
2164 priv->dev_state = DEVICE_STATE_INIT;
2165
2166 complete(&priv->confirm_wait);
2167 break;
2168 case SME_SLEEP_REQUEST:
2169 hostif_sme_sleep_set(priv);
2170 break;
2171 case SME_SET_REGION:
2172 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region);
2173 break;
2174 case SME_MULTICAST_CONFIRM:
2175 case SME_BSS_SCAN_CONFIRM:
2176 case SME_POW_MNGMT_CONFIRM:
2177 case SME_PHY_INFO_CONFIRM:
2178 case SME_STOP_CONFIRM:
2179 case SME_RTS_THRESHOLD_CONFIRM:
2180 case SME_FRAGMENTATION_THRESHOLD_CONFIRM:
2181 case SME_WEP_INDEX_CONFIRM:
2182 case SME_WEP_KEY1_CONFIRM:
2183 case SME_WEP_KEY2_CONFIRM:
2184 case SME_WEP_KEY3_CONFIRM:
2185 case SME_WEP_KEY4_CONFIRM:
2186 case SME_WEP_FLAG_CONFIRM:
2187 case SME_RSN_UCAST_CONFIRM:
2188 case SME_RSN_MCAST_CONFIRM:
2189 case SME_RSN_AUTH_CONFIRM:
2190 case SME_RSN_ENABLED_CONFIRM:
2191 case SME_RSN_MODE_CONFIRM:
2192 case SME_MODE_SET_CONFIRM:
2193 case SME_TERMINATE:
2194 default:
2195 break;
2196 }
2197 }
2198
2199 static void hostif_sme_work(struct work_struct *work)
2200 {
2201 struct ks_wlan_private *priv;
2202
2203 priv = container_of(work, struct ks_wlan_private, sme_work);
2204
2205 if (priv->dev_state < DEVICE_STATE_BOOT)
2206 return;
2207
2208 if (cnt_smeqbody(priv) <= 0)
2209 return;
2210
2211 hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]);
2212 inc_smeqhead(priv);
2213 if (cnt_smeqbody(priv) > 0)
2214 schedule_work(&priv->sme_work);
2215 }
2216
2217
2218 void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event)
2219 {
2220
2221 if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) {
2222 priv->sme_i.event_buff[priv->sme_i.qtail] = event;
2223 inc_smeqtail(priv);
2224 } else {
2225
2226 netdev_err(priv->net_dev, "sme queue buffer overflow\n");
2227 }
2228
2229 schedule_work(&priv->sme_work);
2230 }
2231
2232 static inline void hostif_aplist_init(struct ks_wlan_private *priv)
2233 {
2234 size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap);
2235
2236 priv->aplist.size = 0;
2237 memset(&priv->aplist.ap[0], 0, size);
2238 }
2239
2240 static inline void hostif_status_init(struct ks_wlan_private *priv)
2241 {
2242 priv->infra_status = 0;
2243 priv->current_rate = 4;
2244 priv->connect_status = DISCONNECT_STATUS;
2245 }
2246
2247 static inline void hostif_sme_init(struct ks_wlan_private *priv)
2248 {
2249 priv->sme_i.sme_status = SME_IDLE;
2250 priv->sme_i.qhead = 0;
2251 priv->sme_i.qtail = 0;
2252 spin_lock_init(&priv->sme_i.sme_spin);
2253 priv->sme_i.sme_flag = 0;
2254 INIT_WORK(&priv->sme_work, hostif_sme_work);
2255 }
2256
2257 static inline void hostif_wpa_init(struct ks_wlan_private *priv)
2258 {
2259 memset(&priv->wpa, 0, sizeof(priv->wpa));
2260 priv->wpa.rsn_enabled = false;
2261 priv->wpa.mic_failure.failure = 0;
2262 priv->wpa.mic_failure.last_failure_time = 0;
2263 priv->wpa.mic_failure.stop = 0;
2264 }
2265
2266 static inline void hostif_power_save_init(struct ks_wlan_private *priv)
2267 {
2268 atomic_set(&priv->psstatus.status, PS_NONE);
2269 atomic_set(&priv->psstatus.confirm_wait, 0);
2270 atomic_set(&priv->psstatus.snooze_guard, 0);
2271 init_completion(&priv->psstatus.wakeup_wait);
2272 INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task);
2273 }
2274
2275 static inline void hostif_pmklist_init(struct ks_wlan_private *priv)
2276 {
2277 int i;
2278
2279 memset(&priv->pmklist, 0, sizeof(priv->pmklist));
2280 INIT_LIST_HEAD(&priv->pmklist.head);
2281 for (i = 0; i < PMK_LIST_MAX; i++)
2282 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list);
2283 }
2284
2285 static inline void hostif_counters_init(struct ks_wlan_private *priv)
2286 {
2287 priv->dev_count = 0;
2288 atomic_set(&priv->event_count, 0);
2289 atomic_set(&priv->rec_count, 0);
2290 }
2291
2292 int hostif_init(struct ks_wlan_private *priv)
2293 {
2294 hostif_aplist_init(priv);
2295 hostif_status_init(priv);
2296
2297 spin_lock_init(&priv->multicast_spin);
2298 spin_lock_init(&priv->dev_read_lock);
2299 init_waitqueue_head(&priv->devread_wait);
2300
2301 hostif_counters_init(priv);
2302 hostif_power_save_init(priv);
2303 hostif_wpa_init(priv);
2304 hostif_pmklist_init(priv);
2305 hostif_sme_init(priv);
2306
2307 return 0;
2308 }
2309
2310 void hostif_exit(struct ks_wlan_private *priv)
2311 {
2312 cancel_work_sync(&priv->sme_work);
2313 }
