0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015
0016 #include <linux/compiler.h>
0017 #include <linux/errno.h>
0018 #include <linux/if_arp.h>
0019 #include <linux/in6.h>
0020 #include <linux/in.h>
0021 #include <linux/ip.h>
0022 #include <linux/kernel.h>
0023 #include <linux/module.h>
0024 #include <linux/netdevice.h>
0025 #include <linux/pci.h>
0026 #include <linux/proc_fs.h>
0027 #include <linux/skbuff.h>
0028 #include <linux/slab.h>
0029 #include <linux/tcp.h>
0030 #include <linux/types.h>
0031 #include <linux/wireless.h>
0032 #include <linux/etherdevice.h>
0033 #include <linux/uaccess.h>
0034 #include <linux/ctype.h>
0035
0036 #include "rtllib.h"
0037 #include "dot11d.h"
0038
0039 static void rtllib_rx_mgt(struct rtllib_device *ieee, struct sk_buff *skb,
0040 struct rtllib_rx_stats *stats);
0041
0042 static inline void rtllib_monitor_rx(struct rtllib_device *ieee,
0043 struct sk_buff *skb,
0044 struct rtllib_rx_stats *rx_status,
0045 size_t hdr_length)
0046 {
0047 skb->dev = ieee->dev;
0048 skb_reset_mac_header(skb);
0049 skb_pull(skb, hdr_length);
0050 skb->pkt_type = PACKET_OTHERHOST;
0051 skb->protocol = htons(ETH_P_80211_RAW);
0052 memset(skb->cb, 0, sizeof(skb->cb));
0053 netif_rx(skb);
0054 }
0055
0056
0057 static struct rtllib_frag_entry *
0058 rtllib_frag_cache_find(struct rtllib_device *ieee, unsigned int seq,
0059 unsigned int frag, u8 tid, u8 *src, u8 *dst)
0060 {
0061 struct rtllib_frag_entry *entry;
0062 int i;
0063
0064 for (i = 0; i < RTLLIB_FRAG_CACHE_LEN; i++) {
0065 entry = &ieee->frag_cache[tid][i];
0066 if (entry->skb != NULL &&
0067 time_after(jiffies, entry->first_frag_time + 2 * HZ)) {
0068 netdev_dbg(ieee->dev,
0069 "expiring fragment cache entry seq=%u last_frag=%u\n",
0070 entry->seq, entry->last_frag);
0071 dev_kfree_skb_any(entry->skb);
0072 entry->skb = NULL;
0073 }
0074
0075 if (entry->skb != NULL && entry->seq == seq &&
0076 (entry->last_frag + 1 == frag || frag == -1) &&
0077 memcmp(entry->src_addr, src, ETH_ALEN) == 0 &&
0078 memcmp(entry->dst_addr, dst, ETH_ALEN) == 0)
0079 return entry;
0080 }
0081
0082 return NULL;
0083 }
0084
0085
0086 static struct sk_buff *
0087 rtllib_frag_cache_get(struct rtllib_device *ieee,
0088 struct rtllib_hdr_4addr *hdr)
0089 {
0090 struct sk_buff *skb = NULL;
0091 u16 fc = le16_to_cpu(hdr->frame_ctl);
0092 u16 sc = le16_to_cpu(hdr->seq_ctl);
0093 unsigned int frag = WLAN_GET_SEQ_FRAG(sc);
0094 unsigned int seq = WLAN_GET_SEQ_SEQ(sc);
0095 struct rtllib_frag_entry *entry;
0096 struct rtllib_hdr_3addrqos *hdr_3addrqos;
0097 struct rtllib_hdr_4addrqos *hdr_4addrqos;
0098 u8 tid;
0099
0100 if (((fc & RTLLIB_FCTL_DSTODS) == RTLLIB_FCTL_DSTODS) &&
0101 RTLLIB_QOS_HAS_SEQ(fc)) {
0102 hdr_4addrqos = (struct rtllib_hdr_4addrqos *)hdr;
0103 tid = le16_to_cpu(hdr_4addrqos->qos_ctl) & RTLLIB_QCTL_TID;
0104 tid = UP2AC(tid);
0105 tid++;
0106 } else if (RTLLIB_QOS_HAS_SEQ(fc)) {
0107 hdr_3addrqos = (struct rtllib_hdr_3addrqos *)hdr;
0108 tid = le16_to_cpu(hdr_3addrqos->qos_ctl) & RTLLIB_QCTL_TID;
0109 tid = UP2AC(tid);
0110 tid++;
0111 } else {
0112 tid = 0;
0113 }
0114
0115 if (frag == 0) {
0116
0117 skb = dev_alloc_skb(ieee->dev->mtu +
0118 sizeof(struct rtllib_hdr_4addr) +
0119 8 +
0120 2 +
0121 8 +
0122 ETH_ALEN +
0123
0124 (RTLLIB_QOS_HAS_SEQ(fc) ? 2 : 0));
0125 if (!skb)
0126 return NULL;
0127
0128 entry = &ieee->frag_cache[tid][ieee->frag_next_idx[tid]];
0129 ieee->frag_next_idx[tid]++;
0130 if (ieee->frag_next_idx[tid] >= RTLLIB_FRAG_CACHE_LEN)
0131 ieee->frag_next_idx[tid] = 0;
0132
0133 if (entry->skb != NULL)
0134 dev_kfree_skb_any(entry->skb);
0135
0136 entry->first_frag_time = jiffies;
0137 entry->seq = seq;
0138 entry->last_frag = frag;
0139 entry->skb = skb;
0140 ether_addr_copy(entry->src_addr, hdr->addr2);
0141 ether_addr_copy(entry->dst_addr, hdr->addr1);
0142 } else {
0143
0144
0145
0146 entry = rtllib_frag_cache_find(ieee, seq, frag, tid, hdr->addr2,
0147 hdr->addr1);
0148 if (entry != NULL) {
0149 entry->last_frag = frag;
0150 skb = entry->skb;
0151 }
0152 }
0153
0154 return skb;
0155 }
0156
0157
0158
0159 static int rtllib_frag_cache_invalidate(struct rtllib_device *ieee,
0160 struct rtllib_hdr_4addr *hdr)
0161 {
0162 u16 fc = le16_to_cpu(hdr->frame_ctl);
0163 u16 sc = le16_to_cpu(hdr->seq_ctl);
0164 unsigned int seq = WLAN_GET_SEQ_SEQ(sc);
0165 struct rtllib_frag_entry *entry;
0166 struct rtllib_hdr_3addrqos *hdr_3addrqos;
0167 struct rtllib_hdr_4addrqos *hdr_4addrqos;
0168 u8 tid;
0169
0170 if (((fc & RTLLIB_FCTL_DSTODS) == RTLLIB_FCTL_DSTODS) &&
0171 RTLLIB_QOS_HAS_SEQ(fc)) {
0172 hdr_4addrqos = (struct rtllib_hdr_4addrqos *)hdr;
0173 tid = le16_to_cpu(hdr_4addrqos->qos_ctl) & RTLLIB_QCTL_TID;
0174 tid = UP2AC(tid);
0175 tid++;
0176 } else if (RTLLIB_QOS_HAS_SEQ(fc)) {
0177 hdr_3addrqos = (struct rtllib_hdr_3addrqos *)hdr;
0178 tid = le16_to_cpu(hdr_3addrqos->qos_ctl) & RTLLIB_QCTL_TID;
0179 tid = UP2AC(tid);
0180 tid++;
0181 } else {
0182 tid = 0;
0183 }
0184
0185 entry = rtllib_frag_cache_find(ieee, seq, -1, tid, hdr->addr2,
0186 hdr->addr1);
0187
0188 if (entry == NULL) {
0189 netdev_dbg(ieee->dev,
0190 "Couldn't invalidate fragment cache entry (seq=%u)\n",
0191 seq);
0192 return -1;
0193 }
0194
0195 entry->skb = NULL;
0196 return 0;
0197 }
0198
0199
0200
0201
0202
0203
0204
0205 static inline int
0206 rtllib_rx_frame_mgmt(struct rtllib_device *ieee, struct sk_buff *skb,
0207 struct rtllib_rx_stats *rx_stats, u16 type,
0208 u16 stype)
0209 {
0210
0211
0212
0213
0214 struct rtllib_hdr_3addr *hdr = (struct rtllib_hdr_3addr *)skb->data;
0215
0216 rx_stats->len = skb->len;
0217 rtllib_rx_mgt(ieee, skb, rx_stats);
0218 if ((memcmp(hdr->addr1, ieee->dev->dev_addr, ETH_ALEN))) {
0219 dev_kfree_skb_any(skb);
0220 return 0;
0221 }
0222 rtllib_rx_frame_softmac(ieee, skb, rx_stats, type, stype);
0223
0224 dev_kfree_skb_any(skb);
0225
0226 return 0;
0227 }
0228
0229
0230
0231
0232 static unsigned char rfc1042_header[] = {
0233 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00
0234 };
0235
0236 static unsigned char bridge_tunnel_header[] = {
0237 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8
0238 };
0239
0240
0241
0242 static int rtllib_is_eapol_frame(struct rtllib_device *ieee,
0243 struct sk_buff *skb, size_t hdrlen)
0244 {
0245 struct net_device *dev = ieee->dev;
0246 u16 fc, ethertype;
0247 struct rtllib_hdr_4addr *hdr;
0248 u8 *pos;
0249
0250 if (skb->len < 24)
0251 return 0;
0252
0253 hdr = (struct rtllib_hdr_4addr *)skb->data;
0254 fc = le16_to_cpu(hdr->frame_ctl);
0255
0256
0257 if ((fc & (RTLLIB_FCTL_TODS | RTLLIB_FCTL_FROMDS)) ==
0258 RTLLIB_FCTL_TODS &&
0259 memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0 &&
0260 memcmp(hdr->addr3, dev->dev_addr, ETH_ALEN) == 0) {
0261
0262 } else if ((fc & (RTLLIB_FCTL_TODS | RTLLIB_FCTL_FROMDS)) ==
0263 RTLLIB_FCTL_FROMDS &&
0264 memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0) {
0265
0266 } else
0267 return 0;
0268
0269 if (skb->len < 24 + 8)
0270 return 0;
0271
0272
0273 pos = skb->data + hdrlen;
0274 ethertype = (pos[6] << 8) | pos[7];
0275 if (ethertype == ETH_P_PAE)
0276 return 1;
0277
0278 return 0;
0279 }
0280
0281
0282 static inline int
0283 rtllib_rx_frame_decrypt(struct rtllib_device *ieee, struct sk_buff *skb,
0284 struct lib80211_crypt_data *crypt)
0285 {
0286 struct rtllib_hdr_4addr *hdr;
0287 int res, hdrlen;
0288
0289 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL)
0290 return 0;
0291
0292 if (ieee->hwsec_active) {
0293 struct cb_desc *tcb_desc = (struct cb_desc *)
0294 (skb->cb + MAX_DEV_ADDR_SIZE);
0295
0296 tcb_desc->bHwSec = 1;
0297
0298 if (ieee->need_sw_enc)
0299 tcb_desc->bHwSec = 0;
0300 }
0301
0302 hdr = (struct rtllib_hdr_4addr *)skb->data;
0303 hdrlen = rtllib_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
0304
0305 atomic_inc(&crypt->refcnt);
0306 res = crypt->ops->decrypt_mpdu(skb, hdrlen, crypt->priv);
0307 atomic_dec(&crypt->refcnt);
0308 if (res < 0) {
0309 netdev_dbg(ieee->dev, "decryption failed (SA= %pM) res=%d\n",
0310 hdr->addr2, res);
0311 if (res == -2)
0312 netdev_dbg(ieee->dev,
0313 "Decryption failed ICV mismatch (key %d)\n",
0314 skb->data[hdrlen + 3] >> 6);
0315 return -1;
0316 }
0317
0318 return res;
0319 }
0320
0321
0322
0323 static inline int
0324 rtllib_rx_frame_decrypt_msdu(struct rtllib_device *ieee, struct sk_buff *skb,
0325 int keyidx, struct lib80211_crypt_data *crypt)
0326 {
0327 struct rtllib_hdr_4addr *hdr;
0328 int res, hdrlen;
0329
0330 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL)
0331 return 0;
0332 if (ieee->hwsec_active) {
0333 struct cb_desc *tcb_desc = (struct cb_desc *)
0334 (skb->cb + MAX_DEV_ADDR_SIZE);
0335
0336 tcb_desc->bHwSec = 1;
0337
0338 if (ieee->need_sw_enc)
0339 tcb_desc->bHwSec = 0;
0340 }
0341
0342 hdr = (struct rtllib_hdr_4addr *)skb->data;
0343 hdrlen = rtllib_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
0344
0345 atomic_inc(&crypt->refcnt);
0346 res = crypt->ops->decrypt_msdu(skb, keyidx, hdrlen, crypt->priv);
0347 atomic_dec(&crypt->refcnt);
0348 if (res < 0) {
0349 netdev_dbg(ieee->dev,
0350 "MSDU decryption/MIC verification failed (SA= %pM keyidx=%d)\n",
0351 hdr->addr2, keyidx);
0352 return -1;
0353 }
0354
0355 return 0;
0356 }
0357
0358
0359
0360 #define IEEE_PACKET_RETRY_TIME (5*HZ)
0361 static int is_duplicate_packet(struct rtllib_device *ieee,
0362 struct rtllib_hdr_4addr *header)
0363 {
0364 u16 fc = le16_to_cpu(header->frame_ctl);
0365 u16 sc = le16_to_cpu(header->seq_ctl);
0366 u16 seq = WLAN_GET_SEQ_SEQ(sc);
0367 u16 frag = WLAN_GET_SEQ_FRAG(sc);
0368 u16 *last_seq, *last_frag;
0369 unsigned long *last_time;
0370 struct rtllib_hdr_3addrqos *hdr_3addrqos;
0371 struct rtllib_hdr_4addrqos *hdr_4addrqos;
0372 u8 tid;
0373
0374 if (((fc & RTLLIB_FCTL_DSTODS) == RTLLIB_FCTL_DSTODS) &&
0375 RTLLIB_QOS_HAS_SEQ(fc)) {
0376 hdr_4addrqos = (struct rtllib_hdr_4addrqos *)header;
0377 tid = le16_to_cpu(hdr_4addrqos->qos_ctl) & RTLLIB_QCTL_TID;
0378 tid = UP2AC(tid);
0379 tid++;
0380 } else if (RTLLIB_QOS_HAS_SEQ(fc)) {
0381 hdr_3addrqos = (struct rtllib_hdr_3addrqos *)header;
0382 tid = le16_to_cpu(hdr_3addrqos->qos_ctl) & RTLLIB_QCTL_TID;
0383 tid = UP2AC(tid);
0384 tid++;
0385 } else {
0386 tid = 0;
0387 }
0388
0389 switch (ieee->iw_mode) {
0390 case IW_MODE_ADHOC:
0391 {
0392 struct list_head *p;
0393 struct ieee_ibss_seq *entry = NULL;
0394 u8 *mac = header->addr2;
0395 int index = mac[5] % IEEE_IBSS_MAC_HASH_SIZE;
0396
0397 list_for_each(p, &ieee->ibss_mac_hash[index]) {
0398 entry = list_entry(p, struct ieee_ibss_seq, list);
0399 if (!memcmp(entry->mac, mac, ETH_ALEN))
0400 break;
0401 }
0402 if (p == &ieee->ibss_mac_hash[index]) {
0403 entry = kmalloc(sizeof(struct ieee_ibss_seq),
0404 GFP_ATOMIC);
0405 if (!entry)
0406 return 0;
0407
0408 ether_addr_copy(entry->mac, mac);
0409 entry->seq_num[tid] = seq;
0410 entry->frag_num[tid] = frag;
0411 entry->packet_time[tid] = jiffies;
0412 list_add(&entry->list, &ieee->ibss_mac_hash[index]);
0413 return 0;
0414 }
0415 last_seq = &entry->seq_num[tid];
0416 last_frag = &entry->frag_num[tid];
0417 last_time = &entry->packet_time[tid];
0418 break;
0419 }
0420
0421 case IW_MODE_INFRA:
0422 last_seq = &ieee->last_rxseq_num[tid];
0423 last_frag = &ieee->last_rxfrag_num[tid];
0424 last_time = &ieee->last_packet_time[tid];
0425 break;
0426 default:
0427 return 0;
0428 }
0429
0430 if ((*last_seq == seq) &&
0431 time_after(*last_time + IEEE_PACKET_RETRY_TIME, jiffies)) {
0432 if (*last_frag == frag)
0433 goto drop;
0434 if (*last_frag + 1 != frag)
0435
0436 goto drop;
0437 } else
0438 *last_seq = seq;
0439
0440 *last_frag = frag;
0441 *last_time = jiffies;
0442 return 0;
0443
0444 drop:
0445
0446 return 1;
0447 }
0448
0449 static bool AddReorderEntry(struct rx_ts_record *pTS,
0450 struct rx_reorder_entry *pReorderEntry)
0451 {
0452 struct list_head *pList = &pTS->rx_pending_pkt_list;
0453
0454 while (pList->next != &pTS->rx_pending_pkt_list) {
0455 if (SN_LESS(pReorderEntry->SeqNum, ((struct rx_reorder_entry *)
0456 list_entry(pList->next, struct rx_reorder_entry,
0457 List))->SeqNum))
0458 pList = pList->next;
0459 else if (SN_EQUAL(pReorderEntry->SeqNum,
0460 ((struct rx_reorder_entry *)list_entry(pList->next,
0461 struct rx_reorder_entry, List))->SeqNum))
0462 return false;
0463 else
0464 break;
0465 }
0466 pReorderEntry->List.next = pList->next;
0467 pReorderEntry->List.next->prev = &pReorderEntry->List;
0468 pReorderEntry->List.prev = pList;
0469 pList->next = &pReorderEntry->List;
0470
0471 return true;
0472 }
0473
0474 void rtllib_indicate_packets(struct rtllib_device *ieee,
0475 struct rtllib_rxb **prxbIndicateArray, u8 index)
0476 {
0477 struct net_device_stats *stats = &ieee->stats;
0478 u8 i = 0, j = 0;
0479 u16 ethertype;
0480
0481 for (j = 0; j < index; j++) {
0482 struct rtllib_rxb *prxb = prxbIndicateArray[j];
0483
0484 for (i = 0; i < prxb->nr_subframes; i++) {
0485 struct sk_buff *sub_skb = prxb->subframes[i];
0486
0487
0488 ethertype = (sub_skb->data[6] << 8) | sub_skb->data[7];
0489 if (sub_skb->len >= 8 &&
0490 ((memcmp(sub_skb->data, rfc1042_header,
0491 SNAP_SIZE) == 0 &&
0492 ethertype != ETH_P_AARP &&
0493 ethertype != ETH_P_IPX) ||
0494 memcmp(sub_skb->data, bridge_tunnel_header,
0495 SNAP_SIZE) == 0)) {
0496
0497
0498
0499 skb_pull(sub_skb, SNAP_SIZE);
0500 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->src, ETH_ALEN);
0501 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->dst, ETH_ALEN);
0502 } else {
0503 u16 len;
0504
0505 len = sub_skb->len;
0506 memcpy(skb_push(sub_skb, 2), &len, 2);
0507 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->src, ETH_ALEN);
0508 memcpy(skb_push(sub_skb, ETH_ALEN), prxb->dst, ETH_ALEN);
0509 }
0510
0511
0512 if (sub_skb) {
0513 stats->rx_packets++;
0514 stats->rx_bytes += sub_skb->len;
0515
0516 memset(sub_skb->cb, 0, sizeof(sub_skb->cb));
0517 sub_skb->protocol = eth_type_trans(sub_skb,
0518 ieee->dev);
0519 sub_skb->dev = ieee->dev;
0520 sub_skb->dev->stats.rx_packets++;
0521 sub_skb->dev->stats.rx_bytes += sub_skb->len;
0522
0523 sub_skb->ip_summed = CHECKSUM_NONE;
0524 ieee->last_rx_ps_time = jiffies;
0525 netif_rx(sub_skb);
0526 }
0527 }
0528 kfree(prxb);
0529 prxb = NULL;
0530 }
0531 }
0532
0533 void rtllib_FlushRxTsPendingPkts(struct rtllib_device *ieee,
0534 struct rx_ts_record *pTS)
0535 {
0536 struct rx_reorder_entry *pRxReorderEntry;
0537 u8 RfdCnt = 0;
0538
0539 del_timer_sync(&pTS->rx_pkt_pending_timer);
0540 while (!list_empty(&pTS->rx_pending_pkt_list)) {
0541 if (RfdCnt >= REORDER_WIN_SIZE) {
0542 netdev_info(ieee->dev,
0543 "-------------->%s() error! RfdCnt >= REORDER_WIN_SIZE\n",
0544 __func__);
0545 break;
0546 }
0547
0548 pRxReorderEntry = (struct rx_reorder_entry *)
0549 list_entry(pTS->rx_pending_pkt_list.prev,
0550 struct rx_reorder_entry, List);
0551 netdev_dbg(ieee->dev, "%s(): Indicate SeqNum %d!\n", __func__,
0552 pRxReorderEntry->SeqNum);
0553 list_del_init(&pRxReorderEntry->List);
0554
0555 ieee->RfdArray[RfdCnt] = pRxReorderEntry->prxb;
0556
0557 RfdCnt = RfdCnt + 1;
0558 list_add_tail(&pRxReorderEntry->List,
0559 &ieee->RxReorder_Unused_List);
0560 }
0561 rtllib_indicate_packets(ieee, ieee->RfdArray, RfdCnt);
0562
0563 pTS->rx_indicate_seq = 0xffff;
0564 }
0565
0566 static void RxReorderIndicatePacket(struct rtllib_device *ieee,
0567 struct rtllib_rxb *prxb,
0568 struct rx_ts_record *pTS, u16 SeqNum)
0569 {
0570 struct rt_hi_throughput *pHTInfo = ieee->pHTInfo;
0571 struct rx_reorder_entry *pReorderEntry = NULL;
0572 u8 WinSize = pHTInfo->RxReorderWinSize;
0573 u16 WinEnd = 0;
0574 u8 index = 0;
0575 bool bMatchWinStart = false, bPktInBuf = false;
0576 unsigned long flags;
0577
0578 netdev_dbg(ieee->dev,
0579 "%s(): Seq is %d, pTS->rx_indicate_seq is %d, WinSize is %d\n",
0580 __func__, SeqNum, pTS->rx_indicate_seq, WinSize);
0581
0582 spin_lock_irqsave(&(ieee->reorder_spinlock), flags);
0583
0584 WinEnd = (pTS->rx_indicate_seq + WinSize - 1) % 4096;
0585
0586 if (pTS->rx_indicate_seq == 0xffff)
0587 pTS->rx_indicate_seq = SeqNum;
0588
0589
0590 if (SN_LESS(SeqNum, pTS->rx_indicate_seq)) {
0591 netdev_dbg(ieee->dev,
0592 "Packet Drop! IndicateSeq: %d, NewSeq: %d\n",
0593 pTS->rx_indicate_seq, SeqNum);
0594 pHTInfo->RxReorderDropCounter++;
0595 {
0596 int i;
0597
0598 for (i = 0; i < prxb->nr_subframes; i++)
0599 dev_kfree_skb(prxb->subframes[i]);
0600 kfree(prxb);
0601 prxb = NULL;
0602 }
0603 spin_unlock_irqrestore(&(ieee->reorder_spinlock), flags);
0604 return;
0605 }
0606
0607
0608
0609
0610
0611 if (SN_EQUAL(SeqNum, pTS->rx_indicate_seq)) {
0612 pTS->rx_indicate_seq = (pTS->rx_indicate_seq + 1) % 4096;
0613 bMatchWinStart = true;
0614 } else if (SN_LESS(WinEnd, SeqNum)) {
0615 if (SeqNum >= (WinSize - 1))
0616 pTS->rx_indicate_seq = SeqNum + 1 - WinSize;
0617 else
0618 pTS->rx_indicate_seq = 4095 -
0619 (WinSize - (SeqNum + 1)) + 1;
0620 netdev_dbg(ieee->dev,
0621 "Window Shift! IndicateSeq: %d, NewSeq: %d\n",
0622 pTS->rx_indicate_seq, SeqNum);
0623 }
0624
0625
0626
0627
0628
0629
0630
0631
0632
0633
0634
0635 if (bMatchWinStart) {
0636
0637 netdev_dbg(ieee->dev,
0638 "Packets indication! IndicateSeq: %d, NewSeq: %d\n",
0639 pTS->rx_indicate_seq, SeqNum);
0640 ieee->prxbIndicateArray[0] = prxb;
0641 index = 1;
0642 } else {
0643
0644 if (!list_empty(&ieee->RxReorder_Unused_List)) {
0645 pReorderEntry = (struct rx_reorder_entry *)
0646 list_entry(ieee->RxReorder_Unused_List.next,
0647 struct rx_reorder_entry, List);
0648 list_del_init(&pReorderEntry->List);
0649
0650
0651
0652
0653 pReorderEntry->SeqNum = SeqNum;
0654 pReorderEntry->prxb = prxb;
0655
0656 if (!AddReorderEntry(pTS, pReorderEntry)) {
0657 int i;
0658
0659 netdev_dbg(ieee->dev,
0660 "%s(): Duplicate packet is dropped. IndicateSeq: %d, NewSeq: %d\n",
0661 __func__, pTS->rx_indicate_seq,
0662 SeqNum);
0663 list_add_tail(&pReorderEntry->List,
0664 &ieee->RxReorder_Unused_List);
0665
0666 for (i = 0; i < prxb->nr_subframes; i++)
0667 dev_kfree_skb(prxb->subframes[i]);
0668 kfree(prxb);
0669 prxb = NULL;
0670 } else {
0671 netdev_dbg(ieee->dev,
0672 "Pkt insert into struct buffer. IndicateSeq: %d, NewSeq: %d\n",
0673 pTS->rx_indicate_seq, SeqNum);
0674 }
0675 } else {
0676
0677
0678
0679
0680
0681 netdev_err(ieee->dev,
0682 "%s(): There is no reorder entry! Packet is dropped!\n",
0683 __func__);
0684 {
0685 int i;
0686
0687 for (i = 0; i < prxb->nr_subframes; i++)
0688 dev_kfree_skb(prxb->subframes[i]);
0689 kfree(prxb);
0690 prxb = NULL;
0691 }
0692 }
0693 }
0694
0695
0696 while (!list_empty(&pTS->rx_pending_pkt_list)) {
0697 netdev_dbg(ieee->dev, "%s(): start RREORDER indicate\n",
0698 __func__);
0699
0700 pReorderEntry = (struct rx_reorder_entry *)
0701 list_entry(pTS->rx_pending_pkt_list.prev,
0702 struct rx_reorder_entry,
0703 List);
0704 if (SN_LESS(pReorderEntry->SeqNum, pTS->rx_indicate_seq) ||
0705 SN_EQUAL(pReorderEntry->SeqNum, pTS->rx_indicate_seq)) {
0706
0707 if (index >= REORDER_WIN_SIZE) {
0708 netdev_err(ieee->dev,
0709 "%s(): Buffer overflow!\n",
0710 __func__);
0711 bPktInBuf = true;
0712 break;
0713 }
0714
0715 list_del_init(&pReorderEntry->List);
0716
0717 if (SN_EQUAL(pReorderEntry->SeqNum, pTS->rx_indicate_seq))
0718 pTS->rx_indicate_seq = (pTS->rx_indicate_seq + 1) %
0719 4096;
0720
0721 ieee->prxbIndicateArray[index] = pReorderEntry->prxb;
0722 netdev_dbg(ieee->dev, "%s(): Indicate SeqNum %d!\n",
0723 __func__, pReorderEntry->SeqNum);
0724 index++;
0725
0726 list_add_tail(&pReorderEntry->List,
0727 &ieee->RxReorder_Unused_List);
0728 } else {
0729 bPktInBuf = true;
0730 break;
0731 }
0732 }
0733
0734
0735
0736
0737 if (index > 0) {
0738 if (timer_pending(&pTS->rx_pkt_pending_timer))
0739 del_timer_sync(&pTS->rx_pkt_pending_timer);
0740 pTS->rx_timeout_indicate_seq = 0xffff;
0741
0742 if (index > REORDER_WIN_SIZE) {
0743 netdev_err(ieee->dev,
0744 "%s(): Rx Reorder struct buffer full!\n",
0745 __func__);
0746 spin_unlock_irqrestore(&(ieee->reorder_spinlock),
0747 flags);
0748 return;
0749 }
0750 rtllib_indicate_packets(ieee, ieee->prxbIndicateArray, index);
0751 bPktInBuf = false;
0752 }
0753
0754 if (bPktInBuf && pTS->rx_timeout_indicate_seq == 0xffff) {
0755 netdev_dbg(ieee->dev, "%s(): SET rx timeout timer\n", __func__);
0756 pTS->rx_timeout_indicate_seq = pTS->rx_indicate_seq;
0757 mod_timer(&pTS->rx_pkt_pending_timer, jiffies +
0758 msecs_to_jiffies(pHTInfo->RxReorderPendingTime));
0759 }
0760 spin_unlock_irqrestore(&(ieee->reorder_spinlock), flags);
0761 }
0762
0763 static u8 parse_subframe(struct rtllib_device *ieee, struct sk_buff *skb,
0764 struct rtllib_rx_stats *rx_stats,
0765 struct rtllib_rxb *rxb, u8 *src, u8 *dst)
0766 {
0767 struct rtllib_hdr_3addr *hdr = (struct rtllib_hdr_3addr *)skb->data;
0768 u16 fc = le16_to_cpu(hdr->frame_ctl);
0769
0770 u16 LLCOffset = sizeof(struct rtllib_hdr_3addr);
0771 u16 ChkLength;
0772 bool bIsAggregateFrame = false;
0773 u16 nSubframe_Length;
0774 u8 nPadding_Length = 0;
0775 u16 SeqNum = 0;
0776 struct sk_buff *sub_skb;
0777
0778 SeqNum = WLAN_GET_SEQ_SEQ(le16_to_cpu(hdr->seq_ctl));
0779 if ((RTLLIB_QOS_HAS_SEQ(fc)) &&
0780 (((union frameqos *)(skb->data + RTLLIB_3ADDR_LEN))->field.reserved))
0781 bIsAggregateFrame = true;
0782
0783 if (RTLLIB_QOS_HAS_SEQ(fc))
0784 LLCOffset += 2;
0785 if (rx_stats->bContainHTC)
0786 LLCOffset += sHTCLng;
0787
0788 ChkLength = LLCOffset;
0789
0790 if (skb->len <= ChkLength)
0791 return 0;
0792
0793 skb_pull(skb, LLCOffset);
0794 ieee->bIsAggregateFrame = bIsAggregateFrame;
0795 if (!bIsAggregateFrame) {
0796 rxb->nr_subframes = 1;
0797
0798
0799
0800
0801
0802
0803
0804
0805
0806
0807 sub_skb = dev_alloc_skb(RTLLIB_SKBBUFFER_SIZE);
0808 if (!sub_skb)
0809 return 0;
0810 skb_reserve(sub_skb, 12);
0811 skb_put_data(sub_skb, skb->data, skb->len);
0812 sub_skb->dev = ieee->dev;
0813
0814 rxb->subframes[0] = sub_skb;
0815
0816 memcpy(rxb->src, src, ETH_ALEN);
0817 memcpy(rxb->dst, dst, ETH_ALEN);
0818 rxb->subframes[0]->dev = ieee->dev;
0819 return 1;
0820 }
0821
0822 rxb->nr_subframes = 0;
0823 memcpy(rxb->src, src, ETH_ALEN);
0824 memcpy(rxb->dst, dst, ETH_ALEN);
0825 while (skb->len > ETHERNET_HEADER_SIZE) {
0826
0827 nSubframe_Length = *((u16 *)(skb->data + 12));
0828 nSubframe_Length = (nSubframe_Length >> 8) +
0829 (nSubframe_Length << 8);
0830
0831 if (skb->len < (ETHERNET_HEADER_SIZE + nSubframe_Length)) {
0832 netdev_info(ieee->dev,
0833 "%s: A-MSDU parse error!! pRfd->nTotalSubframe : %d\n",
0834 __func__, rxb->nr_subframes);
0835 netdev_info(ieee->dev,
0836 "%s: A-MSDU parse error!! Subframe Length: %d\n",
0837 __func__, nSubframe_Length);
0838 netdev_info(ieee->dev,
0839 "nRemain_Length is %d and nSubframe_Length is : %d\n",
0840 skb->len, nSubframe_Length);
0841 netdev_info(ieee->dev,
0842 "The Packet SeqNum is %d\n",
0843 SeqNum);
0844 return 0;
0845 }
0846
0847
0848 skb_pull(skb, ETHERNET_HEADER_SIZE);
0849
0850
0851
0852
0853
0854
0855
0856
0857
0858
0859 sub_skb = dev_alloc_skb(nSubframe_Length + 12);
0860 if (!sub_skb)
0861 return 0;
0862 skb_reserve(sub_skb, 12);
0863 skb_put_data(sub_skb, skb->data, nSubframe_Length);
0864
0865 sub_skb->dev = ieee->dev;
0866 rxb->subframes[rxb->nr_subframes++] = sub_skb;
0867 if (rxb->nr_subframes >= MAX_SUBFRAME_COUNT) {
0868 netdev_dbg(ieee->dev,
0869 "ParseSubframe(): Too many Subframes! Packets dropped!\n");
0870 break;
0871 }
0872 skb_pull(skb, nSubframe_Length);
0873
0874 if (skb->len != 0) {
0875 nPadding_Length = 4 - ((nSubframe_Length +
0876 ETHERNET_HEADER_SIZE) % 4);
0877 if (nPadding_Length == 4)
0878 nPadding_Length = 0;
0879
0880 if (skb->len < nPadding_Length)
0881 return 0;
0882
0883 skb_pull(skb, nPadding_Length);
0884 }
0885 }
0886
0887 return rxb->nr_subframes;
0888 }
0889
0890
0891 static size_t rtllib_rx_get_hdrlen(struct rtllib_device *ieee,
0892 struct sk_buff *skb,
0893 struct rtllib_rx_stats *rx_stats)
0894 {
0895 struct rtllib_hdr_4addr *hdr = (struct rtllib_hdr_4addr *)skb->data;
0896 u16 fc = le16_to_cpu(hdr->frame_ctl);
0897 size_t hdrlen;
0898
0899 hdrlen = rtllib_get_hdrlen(fc);
0900 if (HTCCheck(ieee, skb->data)) {
0901 if (net_ratelimit())
0902 netdev_info(ieee->dev, "%s: find HTCControl!\n",
0903 __func__);
0904 hdrlen += 4;
0905 rx_stats->bContainHTC = true;
0906 }
0907
0908 if (RTLLIB_QOS_HAS_SEQ(fc))
0909 rx_stats->bIsQosData = true;
0910
0911 return hdrlen;
0912 }
0913
0914 static int rtllib_rx_check_duplicate(struct rtllib_device *ieee,
0915 struct sk_buff *skb, u8 multicast)
0916 {
0917 struct rtllib_hdr_4addr *hdr = (struct rtllib_hdr_4addr *)skb->data;
0918 u16 fc, sc;
0919 u8 frag, type, stype;
0920
0921 fc = le16_to_cpu(hdr->frame_ctl);
0922 type = WLAN_FC_GET_TYPE(fc);
0923 stype = WLAN_FC_GET_STYPE(fc);
0924 sc = le16_to_cpu(hdr->seq_ctl);
0925 frag = WLAN_GET_SEQ_FRAG(sc);
0926
0927 if (!ieee->pHTInfo->bCurRxReorderEnable ||
0928 !ieee->current_network.qos_data.active ||
0929 !IsDataFrame(skb->data) ||
0930 IsLegacyDataFrame(skb->data)) {
0931 if (!((type == RTLLIB_FTYPE_MGMT) &&
0932 (stype == RTLLIB_STYPE_BEACON))) {
0933 if (is_duplicate_packet(ieee, hdr))
0934 return -1;
0935 }
0936 } else {
0937 struct rx_ts_record *pRxTS = NULL;
0938
0939 if (GetTs(ieee, (struct ts_common_info **)&pRxTS, hdr->addr2,
0940 (u8)Frame_QoSTID((u8 *)(skb->data)), RX_DIR, true)) {
0941 if ((fc & (1<<11)) && (frag == pRxTS->rx_last_frag_num) &&
0942 (WLAN_GET_SEQ_SEQ(sc) == pRxTS->rx_last_seq_num))
0943 return -1;
0944 pRxTS->rx_last_frag_num = frag;
0945 pRxTS->rx_last_seq_num = WLAN_GET_SEQ_SEQ(sc);
0946 } else {
0947 netdev_warn(ieee->dev, "%s(): No TS! Skip the check!\n",
0948 __func__);
0949 return -1;
0950 }
0951 }
0952
0953 return 0;
0954 }
0955
0956 static void rtllib_rx_extract_addr(struct rtllib_device *ieee,
0957 struct rtllib_hdr_4addr *hdr, u8 *dst,
0958 u8 *src, u8 *bssid)
0959 {
0960 u16 fc = le16_to_cpu(hdr->frame_ctl);
0961
0962 switch (fc & (RTLLIB_FCTL_FROMDS | RTLLIB_FCTL_TODS)) {
0963 case RTLLIB_FCTL_FROMDS:
0964 ether_addr_copy(dst, hdr->addr1);
0965 ether_addr_copy(src, hdr->addr3);
0966 ether_addr_copy(bssid, hdr->addr2);
0967 break;
0968 case RTLLIB_FCTL_TODS:
0969 ether_addr_copy(dst, hdr->addr3);
0970 ether_addr_copy(src, hdr->addr2);
0971 ether_addr_copy(bssid, hdr->addr1);
0972 break;
0973 case RTLLIB_FCTL_FROMDS | RTLLIB_FCTL_TODS:
0974 ether_addr_copy(dst, hdr->addr3);
0975 ether_addr_copy(src, hdr->addr4);
0976 ether_addr_copy(bssid, ieee->current_network.bssid);
0977 break;
0978 default:
0979 ether_addr_copy(dst, hdr->addr1);
0980 ether_addr_copy(src, hdr->addr2);
0981 ether_addr_copy(bssid, hdr->addr3);
0982 break;
0983 }
0984 }
0985
0986 static int rtllib_rx_data_filter(struct rtllib_device *ieee, u16 fc,
0987 u8 *dst, u8 *src, u8 *bssid, u8 *addr2)
0988 {
0989 u8 type, stype;
0990
0991 type = WLAN_FC_GET_TYPE(fc);
0992 stype = WLAN_FC_GET_STYPE(fc);
0993
0994
0995 if (((fc & RTLLIB_FCTL_DSTODS) != RTLLIB_FCTL_DSTODS) &&
0996 !ether_addr_equal(ieee->current_network.bssid, bssid) &&
0997 !is_zero_ether_addr(ieee->current_network.bssid)) {
0998 return -1;
0999 }
1000
1001
1002 if (ieee->IntelPromiscuousModeInfo.bPromiscuousOn &&
1003 ieee->IntelPromiscuousModeInfo.bFilterSourceStationFrame) {
1004 if ((fc & RTLLIB_FCTL_TODS) && !(fc & RTLLIB_FCTL_FROMDS) &&
1005 !ether_addr_equal(dst, ieee->current_network.bssid) &&
1006 ether_addr_equal(bssid, ieee->current_network.bssid)) {
1007 return -1;
1008 }
1009 }
1010
1011
1012
1013
1014 if (!ieee->IntelPromiscuousModeInfo.bPromiscuousOn) {
1015 if (stype != RTLLIB_STYPE_DATA &&
1016 stype != RTLLIB_STYPE_DATA_CFACK &&
1017 stype != RTLLIB_STYPE_DATA_CFPOLL &&
1018 stype != RTLLIB_STYPE_DATA_CFACKPOLL &&
1019 stype != RTLLIB_STYPE_QOS_DATA) {
1020 if (stype != RTLLIB_STYPE_NULLFUNC)
1021 netdev_dbg(ieee->dev,
1022 "RX: dropped data frame with no data (type=0x%02x, subtype=0x%02x)\n",
1023 type, stype);
1024 return -1;
1025 }
1026 }
1027
1028 if (ieee->iw_mode != IW_MODE_MESH) {
1029
1030 if (!memcmp(src, ieee->dev->dev_addr, ETH_ALEN))
1031 return -1;
1032
1033
1034 if (is_multicast_ether_addr(dst)) {
1035 if (memcmp(bssid, ieee->current_network.bssid,
1036 ETH_ALEN))
1037 return -1;
1038 }
1039 }
1040 return 0;
1041 }
1042
1043 static int rtllib_rx_get_crypt(struct rtllib_device *ieee, struct sk_buff *skb,
1044 struct lib80211_crypt_data **crypt, size_t hdrlen)
1045 {
1046 struct rtllib_hdr_4addr *hdr = (struct rtllib_hdr_4addr *)skb->data;
1047 u16 fc = le16_to_cpu(hdr->frame_ctl);
1048 int idx = 0;
1049
1050 if (ieee->host_decrypt) {
1051 if (skb->len >= hdrlen + 3)
1052 idx = skb->data[hdrlen + 3] >> 6;
1053
1054 *crypt = ieee->crypt_info.crypt[idx];
1055
1056
1057
1058 if (*crypt && ((*crypt)->ops == NULL ||
1059 (*crypt)->ops->decrypt_mpdu == NULL))
1060 *crypt = NULL;
1061
1062 if (!*crypt && (fc & RTLLIB_FCTL_WEP)) {
1063
1064
1065
1066
1067
1068 netdev_dbg(ieee->dev,
1069 "Decryption failed (not set) (SA= %pM)\n",
1070 hdr->addr2);
1071 return -1;
1072 }
1073 }
1074
1075 return 0;
1076 }
1077
1078 static int rtllib_rx_decrypt(struct rtllib_device *ieee, struct sk_buff *skb,
1079 struct rtllib_rx_stats *rx_stats,
1080 struct lib80211_crypt_data *crypt, size_t hdrlen)
1081 {
1082 struct rtllib_hdr_4addr *hdr;
1083 int keyidx = 0;
1084 u16 fc, sc;
1085 u8 frag;
1086
1087 hdr = (struct rtllib_hdr_4addr *)skb->data;
1088 fc = le16_to_cpu(hdr->frame_ctl);
1089 sc = le16_to_cpu(hdr->seq_ctl);
1090 frag = WLAN_GET_SEQ_FRAG(sc);
1091
1092 if ((!rx_stats->Decrypted))
1093 ieee->need_sw_enc = 1;
1094 else
1095 ieee->need_sw_enc = 0;
1096
1097 keyidx = rtllib_rx_frame_decrypt(ieee, skb, crypt);
1098 if (ieee->host_decrypt && (fc & RTLLIB_FCTL_WEP) && (keyidx < 0)) {
1099 netdev_info(ieee->dev, "%s: decrypt frame error\n", __func__);
1100 return -1;
1101 }
1102
1103 hdr = (struct rtllib_hdr_4addr *)skb->data;
1104 if ((frag != 0 || (fc & RTLLIB_FCTL_MOREFRAGS))) {
1105 int flen;
1106 struct sk_buff *frag_skb = rtllib_frag_cache_get(ieee, hdr);
1107
1108 netdev_dbg(ieee->dev, "Rx Fragment received (%u)\n", frag);
1109
1110 if (!frag_skb) {
1111 netdev_dbg(ieee->dev,
1112 "Rx cannot get skb from fragment cache (morefrag=%d seq=%u frag=%u)\n",
1113 (fc & RTLLIB_FCTL_MOREFRAGS) != 0,
1114 WLAN_GET_SEQ_SEQ(sc), frag);
1115 return -1;
1116 }
1117 flen = skb->len;
1118 if (frag != 0)
1119 flen -= hdrlen;
1120
1121 if (frag_skb->tail + flen > frag_skb->end) {
1122 netdev_warn(ieee->dev,
1123 "%s: host decrypted and reassembled frame did not fit skb\n",
1124 __func__);
1125 rtllib_frag_cache_invalidate(ieee, hdr);
1126 return -1;
1127 }
1128
1129 if (frag == 0) {
1130
1131
1132
1133 skb_put_data(frag_skb, skb->data, flen);
1134 } else {
1135
1136
1137
1138 skb_put_data(frag_skb, skb->data + hdrlen, flen);
1139 }
1140 dev_kfree_skb_any(skb);
1141 skb = NULL;
1142
1143 if (fc & RTLLIB_FCTL_MOREFRAGS) {
1144
1145
1146
1147
1148 return -2;
1149 }
1150
1151
1152
1153
1154 skb = frag_skb;
1155 hdr = (struct rtllib_hdr_4addr *)skb->data;
1156 rtllib_frag_cache_invalidate(ieee, hdr);
1157 }
1158
1159
1160
1161
1162 if (ieee->host_decrypt && (fc & RTLLIB_FCTL_WEP) &&
1163 rtllib_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt)) {
1164 netdev_info(ieee->dev, "%s: ==>decrypt msdu error\n", __func__);
1165 return -1;
1166 }
1167
1168 hdr = (struct rtllib_hdr_4addr *)skb->data;
1169 if (crypt && !(fc & RTLLIB_FCTL_WEP) && !ieee->open_wep) {
1170 if (
1171 rtllib_is_eapol_frame(ieee, skb, hdrlen)) {
1172
1173
1174
1175
1176 struct eapol *eap = (struct eapol *)(skb->data +
1177 24);
1178 netdev_dbg(ieee->dev,
1179 "RX: IEEE 802.1X EAPOL frame: %s\n",
1180 eap_get_type(eap->type));
1181 } else {
1182 netdev_dbg(ieee->dev,
1183 "encryption configured, but RX frame not encrypted (SA= %pM)\n",
1184 hdr->addr2);
1185 return -1;
1186 }
1187 }
1188
1189 if (crypt && !(fc & RTLLIB_FCTL_WEP) &&
1190 rtllib_is_eapol_frame(ieee, skb, hdrlen)) {
1191 struct eapol *eap = (struct eapol *)(skb->data + 24);
1192
1193 netdev_dbg(ieee->dev, "RX: IEEE 802.1X EAPOL frame: %s\n",
1194 eap_get_type(eap->type));
1195 }
1196
1197 if (crypt && !(fc & RTLLIB_FCTL_WEP) && !ieee->open_wep &&
1198 !rtllib_is_eapol_frame(ieee, skb, hdrlen)) {
1199 netdev_dbg(ieee->dev,
1200 "dropped unencrypted RX data frame from %pM (drop_unencrypted=1)\n",
1201 hdr->addr2);
1202 return -1;
1203 }
1204
1205 return 0;
1206 }
1207
1208 static void rtllib_rx_check_leave_lps(struct rtllib_device *ieee, u8 unicast,
1209 u8 nr_subframes)
1210 {
1211 if (unicast) {
1212
1213 if (ieee->state == RTLLIB_LINKED) {
1214 if (((ieee->LinkDetectInfo.NumRxUnicastOkInPeriod +
1215 ieee->LinkDetectInfo.NumTxOkInPeriod) > 8) ||
1216 (ieee->LinkDetectInfo.NumRxUnicastOkInPeriod > 2)) {
1217 if (ieee->LeisurePSLeave)
1218 ieee->LeisurePSLeave(ieee->dev);
1219 }
1220 }
1221 }
1222 ieee->last_rx_ps_time = jiffies;
1223 }
1224
1225 static void rtllib_rx_indicate_pkt_legacy(struct rtllib_device *ieee,
1226 struct rtllib_rx_stats *rx_stats,
1227 struct rtllib_rxb *rxb,
1228 u8 *dst,
1229 u8 *src)
1230 {
1231 struct net_device *dev = ieee->dev;
1232 u16 ethertype;
1233 int i = 0;
1234
1235 if (rxb == NULL) {
1236 netdev_info(dev, "%s: rxb is NULL!!\n", __func__);
1237 return;
1238 }
1239
1240 for (i = 0; i < rxb->nr_subframes; i++) {
1241 struct sk_buff *sub_skb = rxb->subframes[i];
1242
1243 if (sub_skb) {
1244
1245
1246
1247 ethertype = (sub_skb->data[6] << 8) | sub_skb->data[7];
1248 if (sub_skb->len >= 8 &&
1249 ((memcmp(sub_skb->data, rfc1042_header, SNAP_SIZE) == 0 &&
1250 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
1251 memcmp(sub_skb->data, bridge_tunnel_header, SNAP_SIZE) == 0)) {
1252
1253
1254
1255 skb_pull(sub_skb, SNAP_SIZE);
1256 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1257 src);
1258 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1259 dst);
1260 } else {
1261 u16 len;
1262
1263
1264
1265 len = sub_skb->len;
1266 memcpy(skb_push(sub_skb, 2), &len, 2);
1267 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1268 src);
1269 ether_addr_copy(skb_push(sub_skb, ETH_ALEN),
1270 dst);
1271 }
1272
1273 ieee->stats.rx_packets++;
1274 ieee->stats.rx_bytes += sub_skb->len;
1275
1276 if (is_multicast_ether_addr(dst))
1277 ieee->stats.multicast++;
1278
1279
1280 memset(sub_skb->cb, 0, sizeof(sub_skb->cb));
1281 sub_skb->protocol = eth_type_trans(sub_skb, dev);
1282 sub_skb->dev = dev;
1283 sub_skb->dev->stats.rx_packets++;
1284 sub_skb->dev->stats.rx_bytes += sub_skb->len;
1285
1286 sub_skb->ip_summed = CHECKSUM_NONE;
1287 netif_rx(sub_skb);
1288 }
1289 }
1290 kfree(rxb);
1291 }
1292
1293 static int rtllib_rx_InfraAdhoc(struct rtllib_device *ieee, struct sk_buff *skb,
1294 struct rtllib_rx_stats *rx_stats)
1295 {
1296 struct net_device *dev = ieee->dev;
1297 struct rtllib_hdr_4addr *hdr = (struct rtllib_hdr_4addr *)skb->data;
1298 struct lib80211_crypt_data *crypt = NULL;
1299 struct rtllib_rxb *rxb = NULL;
1300 struct rx_ts_record *pTS = NULL;
1301 u16 fc, sc, SeqNum = 0;
1302 u8 type, stype, multicast = 0, unicast = 0, nr_subframes = 0, TID = 0;
1303 u8 dst[ETH_ALEN];
1304 u8 src[ETH_ALEN];
1305 u8 bssid[ETH_ALEN] = {0};
1306
1307 size_t hdrlen = 0;
1308 bool bToOtherSTA = false;
1309 int ret = 0, i = 0;
1310
1311 fc = le16_to_cpu(hdr->frame_ctl);
1312 type = WLAN_FC_GET_TYPE(fc);
1313 stype = WLAN_FC_GET_STYPE(fc);
1314 sc = le16_to_cpu(hdr->seq_ctl);
1315
1316
1317 multicast = is_multicast_ether_addr(hdr->addr1);
1318 unicast = !multicast;
1319 if (unicast && !ether_addr_equal(dev->dev_addr, hdr->addr1)) {
1320 if (ieee->bNetPromiscuousMode)
1321 bToOtherSTA = true;
1322 else
1323 goto rx_dropped;
1324 }
1325
1326
1327 hdrlen = rtllib_rx_get_hdrlen(ieee, skb, rx_stats);
1328 if (skb->len < hdrlen) {
1329 netdev_info(dev,
1330 "%s():ERR!!! skb->len is smaller than hdrlen\n",
1331 __func__);
1332 goto rx_dropped;
1333 }
1334
1335
1336 ret = rtllib_rx_check_duplicate(ieee, skb, multicast);
1337 if (ret < 0)
1338 goto rx_dropped;
1339
1340
1341 if (type == RTLLIB_FTYPE_CTL)
1342 goto rx_dropped;
1343
1344
1345 if (type == RTLLIB_FTYPE_MGMT) {
1346 if (bToOtherSTA)
1347 goto rx_dropped;
1348 if (rtllib_rx_frame_mgmt(ieee, skb, rx_stats, type, stype))
1349 goto rx_dropped;
1350 else
1351 goto rx_exit;
1352 }
1353
1354
1355
1356
1357 if (!bToOtherSTA) {
1358 ieee->LinkDetectInfo.NumRecvDataInPeriod++;
1359 ieee->LinkDetectInfo.NumRxOkInPeriod++;
1360 }
1361
1362
1363 rtllib_rx_extract_addr(ieee, hdr, dst, src, bssid);
1364
1365
1366 ret = rtllib_rx_data_filter(ieee, fc, dst, src, bssid, hdr->addr2);
1367 if (ret < 0)
1368 goto rx_dropped;
1369
1370 if (skb->len == hdrlen)
1371 goto rx_dropped;
1372
1373
1374 if ((ieee->iw_mode == IW_MODE_INFRA) &&
1375 (ieee->sta_sleep == LPS_IS_SLEEP) &&
1376 (ieee->polling) && (!bToOtherSTA)) {
1377 if (WLAN_FC_MORE_DATA(fc)) {
1378
1379
1380
1381 rtllib_sta_ps_send_pspoll_frame(ieee);
1382 } else {
1383 ieee->polling = false;
1384 }
1385 }
1386
1387
1388 ret = rtllib_rx_get_crypt(ieee, skb, &crypt, hdrlen);
1389 if (ret == -1)
1390 goto rx_dropped;
1391
1392
1393 ret = rtllib_rx_decrypt(ieee, skb, rx_stats, crypt, hdrlen);
1394 if (ret == -1)
1395 goto rx_dropped;
1396 else if (ret == -2)
1397 goto rx_exit;
1398
1399
1400 hdr = (struct rtllib_hdr_4addr *)skb->data;
1401 if (ieee->current_network.qos_data.active && IsQoSDataFrame(skb->data)
1402 && !is_multicast_ether_addr(hdr->addr1)
1403 && (!bToOtherSTA)) {
1404 TID = Frame_QoSTID(skb->data);
1405 SeqNum = WLAN_GET_SEQ_SEQ(sc);
1406 GetTs(ieee, (struct ts_common_info **)&pTS, hdr->addr2, TID,
1407 RX_DIR, true);
1408 if (TID != 0 && TID != 3)
1409 ieee->bis_any_nonbepkts = true;
1410 }
1411
1412
1413
1414 rxb = kmalloc(sizeof(struct rtllib_rxb), GFP_ATOMIC);
1415 if (!rxb)
1416 goto rx_dropped;
1417
1418
1419
1420 if (parse_subframe(ieee, skb, rx_stats, rxb, src, dst) == 0) {
1421
1422
1423
1424 for (i = 0; i < rxb->nr_subframes; i++)
1425 dev_kfree_skb(rxb->subframes[i]);
1426 kfree(rxb);
1427 rxb = NULL;
1428 goto rx_dropped;
1429 }
1430
1431
1432
1433
1434 if (!bToOtherSTA) {
1435 if (ieee->bIsAggregateFrame)
1436 nr_subframes = rxb->nr_subframes;
1437 else
1438 nr_subframes = 1;
1439 if (unicast)
1440 ieee->LinkDetectInfo.NumRxUnicastOkInPeriod += nr_subframes;
1441 rtllib_rx_check_leave_lps(ieee, unicast, nr_subframes);
1442 }
1443
1444
1445 if (!ieee->pHTInfo->bCurRxReorderEnable || pTS == NULL || bToOtherSTA)
1446 rtllib_rx_indicate_pkt_legacy(ieee, rx_stats, rxb, dst, src);
1447 else
1448 RxReorderIndicatePacket(ieee, rxb, pTS, SeqNum);
1449
1450 dev_kfree_skb(skb);
1451
1452 rx_exit:
1453 return 1;
1454
1455 rx_dropped:
1456 ieee->stats.rx_dropped++;
1457
1458
1459
1460
1461
1462 return 0;
1463 }
1464
1465 static int rtllib_rx_Master(struct rtllib_device *ieee, struct sk_buff *skb,
1466 struct rtllib_rx_stats *rx_stats)
1467 {
1468 return 0;
1469 }
1470
1471 static int rtllib_rx_Monitor(struct rtllib_device *ieee, struct sk_buff *skb,
1472 struct rtllib_rx_stats *rx_stats)
1473 {
1474 struct rtllib_hdr_4addr *hdr = (struct rtllib_hdr_4addr *)skb->data;
1475 u16 fc = le16_to_cpu(hdr->frame_ctl);
1476 size_t hdrlen = rtllib_get_hdrlen(fc);
1477
1478 if (skb->len < hdrlen) {
1479 netdev_info(ieee->dev,
1480 "%s():ERR!!! skb->len is smaller than hdrlen\n",
1481 __func__);
1482 return 0;
1483 }
1484
1485 if (HTCCheck(ieee, skb->data)) {
1486 if (net_ratelimit())
1487 netdev_info(ieee->dev, "%s: Find HTCControl!\n",
1488 __func__);
1489 hdrlen += 4;
1490 }
1491
1492 rtllib_monitor_rx(ieee, skb, rx_stats, hdrlen);
1493 ieee->stats.rx_packets++;
1494 ieee->stats.rx_bytes += skb->len;
1495
1496 return 1;
1497 }
1498
1499 static int rtllib_rx_Mesh(struct rtllib_device *ieee, struct sk_buff *skb,
1500 struct rtllib_rx_stats *rx_stats)
1501 {
1502 return 0;
1503 }
1504
1505
1506
1507
1508
1509 int rtllib_rx(struct rtllib_device *ieee, struct sk_buff *skb,
1510 struct rtllib_rx_stats *rx_stats)
1511 {
1512 int ret = 0;
1513
1514 if (!ieee || !skb || !rx_stats) {
1515 pr_info("%s: Input parameters NULL!\n", __func__);
1516 goto rx_dropped;
1517 }
1518 if (skb->len < 10) {
1519 netdev_info(ieee->dev, "%s: SKB length < 10\n", __func__);
1520 goto rx_dropped;
1521 }
1522
1523 switch (ieee->iw_mode) {
1524 case IW_MODE_ADHOC:
1525 case IW_MODE_INFRA:
1526 ret = rtllib_rx_InfraAdhoc(ieee, skb, rx_stats);
1527 break;
1528 case IW_MODE_MASTER:
1529 case IW_MODE_REPEAT:
1530 ret = rtllib_rx_Master(ieee, skb, rx_stats);
1531 break;
1532 case IW_MODE_MONITOR:
1533 ret = rtllib_rx_Monitor(ieee, skb, rx_stats);
1534 break;
1535 case IW_MODE_MESH:
1536 ret = rtllib_rx_Mesh(ieee, skb, rx_stats);
1537 break;
1538 default:
1539 netdev_info(ieee->dev, "%s: ERR iw mode!!!\n", __func__);
1540 break;
1541 }
1542
1543 return ret;
1544
1545 rx_dropped:
1546 if (ieee)
1547 ieee->stats.rx_dropped++;
1548 return 0;
1549 }
1550 EXPORT_SYMBOL(rtllib_rx);
1551
1552 static u8 qos_oui[QOS_OUI_LEN] = { 0x00, 0x50, 0xF2 };
1553
1554
1555 static int rtllib_verify_qos_info(struct rtllib_qos_information_element
1556 *info_element, int sub_type)
1557 {
1558
1559 if (info_element->elementID != QOS_ELEMENT_ID)
1560 return -1;
1561 if (info_element->qui_subtype != sub_type)
1562 return -1;
1563 if (memcmp(info_element->qui, qos_oui, QOS_OUI_LEN))
1564 return -1;
1565 if (info_element->qui_type != QOS_OUI_TYPE)
1566 return -1;
1567 if (info_element->version != QOS_VERSION_1)
1568 return -1;
1569
1570 return 0;
1571 }
1572
1573
1574
1575 static int rtllib_read_qos_param_element(
1576 struct rtllib_qos_parameter_info *element_param,
1577 struct rtllib_info_element *info_element)
1578 {
1579 size_t size = sizeof(*element_param);
1580
1581 if (!element_param || !info_element || info_element->len != size - 2)
1582 return -1;
1583
1584 memcpy(element_param, info_element, size);
1585 return rtllib_verify_qos_info(&element_param->info_element,
1586 QOS_OUI_PARAM_SUB_TYPE);
1587 }
1588
1589
1590 static int rtllib_read_qos_info_element(
1591 struct rtllib_qos_information_element *element_info,
1592 struct rtllib_info_element *info_element)
1593 {
1594 size_t size = sizeof(*element_info);
1595
1596 if (!element_info || !info_element || info_element->len != size - 2)
1597 return -1;
1598
1599 memcpy(element_info, info_element, size);
1600 return rtllib_verify_qos_info(element_info, QOS_OUI_INFO_SUB_TYPE);
1601 }
1602
1603
1604
1605 static int rtllib_qos_convert_ac_to_parameters(struct rtllib_qos_parameter_info *param_elm,
1606 struct rtllib_qos_data *qos_data)
1607 {
1608 struct rtllib_qos_ac_parameter *ac_params;
1609 struct rtllib_qos_parameters *qos_param = &(qos_data->parameters);
1610 int i;
1611 u8 aci;
1612 u8 acm;
1613
1614 qos_data->wmm_acm = 0;
1615 for (i = 0; i < QOS_QUEUE_NUM; i++) {
1616 ac_params = &(param_elm->ac_params_record[i]);
1617
1618 aci = (ac_params->aci_aifsn & 0x60) >> 5;
1619 acm = (ac_params->aci_aifsn & 0x10) >> 4;
1620
1621 if (aci >= QOS_QUEUE_NUM)
1622 continue;
1623 switch (aci) {
1624 case 1:
1625
1626 if (acm)
1627 qos_data->wmm_acm |= (0x01<<0)|(0x01<<3);
1628 break;
1629 case 2:
1630
1631 if (acm)
1632 qos_data->wmm_acm |= (0x01<<4)|(0x01<<5);
1633 break;
1634 case 3:
1635
1636 if (acm)
1637 qos_data->wmm_acm |= (0x01<<6)|(0x01<<7);
1638 break;
1639 case 0:
1640 default:
1641
1642 if (acm)
1643 qos_data->wmm_acm |= (0x01<<1)|(0x01<<2);
1644 break;
1645 }
1646
1647 qos_param->aifs[aci] = (ac_params->aci_aifsn) & 0x0f;
1648
1649
1650 qos_param->aifs[aci] = max_t(u8, qos_param->aifs[aci], 2);
1651
1652 qos_param->cw_min[aci] = cpu_to_le16(ac_params->ecw_min_max &
1653 0x0F);
1654
1655 qos_param->cw_max[aci] = cpu_to_le16((ac_params->ecw_min_max &
1656 0xF0) >> 4);
1657
1658 qos_param->flag[aci] =
1659 (ac_params->aci_aifsn & 0x10) ? 0x01 : 0x00;
1660 qos_param->tx_op_limit[aci] = ac_params->tx_op_limit;
1661 }
1662 return 0;
1663 }
1664
1665
1666
1667
1668
1669 static int rtllib_parse_qos_info_param_IE(struct rtllib_device *ieee,
1670 struct rtllib_info_element
1671 *info_element,
1672 struct rtllib_network *network)
1673 {
1674 int rc = 0;
1675 struct rtllib_qos_information_element qos_info_element;
1676
1677 rc = rtllib_read_qos_info_element(&qos_info_element, info_element);
1678
1679 if (rc == 0) {
1680 network->qos_data.param_count = qos_info_element.ac_info & 0x0F;
1681 network->flags |= NETWORK_HAS_QOS_INFORMATION;
1682 } else {
1683 struct rtllib_qos_parameter_info param_element;
1684
1685 rc = rtllib_read_qos_param_element(¶m_element,
1686 info_element);
1687 if (rc == 0) {
1688 rtllib_qos_convert_ac_to_parameters(¶m_element,
1689 &(network->qos_data));
1690 network->flags |= NETWORK_HAS_QOS_PARAMETERS;
1691 network->qos_data.param_count =
1692 param_element.info_element.ac_info & 0x0F;
1693 }
1694 }
1695
1696 if (rc == 0) {
1697 netdev_dbg(ieee->dev, "QoS is supported\n");
1698 network->qos_data.supported = 1;
1699 }
1700 return rc;
1701 }
1702
1703 static const char *get_info_element_string(u16 id)
1704 {
1705 switch (id) {
1706 case MFIE_TYPE_SSID:
1707 return "SSID";
1708 case MFIE_TYPE_RATES:
1709 return "RATES";
1710 case MFIE_TYPE_FH_SET:
1711 return "FH_SET";
1712 case MFIE_TYPE_DS_SET:
1713 return "DS_SET";
1714 case MFIE_TYPE_CF_SET:
1715 return "CF_SET";
1716 case MFIE_TYPE_TIM:
1717 return "TIM";
1718 case MFIE_TYPE_IBSS_SET:
1719 return "IBSS_SET";
1720 case MFIE_TYPE_COUNTRY:
1721 return "COUNTRY";
1722 case MFIE_TYPE_HOP_PARAMS:
1723 return "HOP_PARAMS";
1724 case MFIE_TYPE_HOP_TABLE:
1725 return "HOP_TABLE";
1726 case MFIE_TYPE_REQUEST:
1727 return "REQUEST";
1728 case MFIE_TYPE_CHALLENGE:
1729 return "CHALLENGE";
1730 case MFIE_TYPE_POWER_CONSTRAINT:
1731 return "POWER_CONSTRAINT";
1732 case MFIE_TYPE_POWER_CAPABILITY:
1733 return "POWER_CAPABILITY";
1734 case MFIE_TYPE_TPC_REQUEST:
1735 return "TPC_REQUEST";
1736 case MFIE_TYPE_TPC_REPORT:
1737 return "TPC_REPORT";
1738 case MFIE_TYPE_SUPP_CHANNELS:
1739 return "SUPP_CHANNELS";
1740 case MFIE_TYPE_CSA:
1741 return "CSA";
1742 case MFIE_TYPE_MEASURE_REQUEST:
1743 return "MEASURE_REQUEST";
1744 case MFIE_TYPE_MEASURE_REPORT:
1745 return "MEASURE_REPORT";
1746 case MFIE_TYPE_QUIET:
1747 return "QUIET";
1748 case MFIE_TYPE_IBSS_DFS:
1749 return "IBSS_DFS";
1750 case MFIE_TYPE_RSN:
1751 return "RSN";
1752 case MFIE_TYPE_RATES_EX:
1753 return "RATES_EX";
1754 case MFIE_TYPE_GENERIC:
1755 return "GENERIC";
1756 case MFIE_TYPE_QOS_PARAMETER:
1757 return "QOS_PARAMETER";
1758 default:
1759 return "UNKNOWN";
1760 }
1761 }
1762
1763 static inline void rtllib_extract_country_ie(
1764 struct rtllib_device *ieee,
1765 struct rtllib_info_element *info_element,
1766 struct rtllib_network *network,
1767 u8 *addr2)
1768 {
1769 if (IS_DOT11D_ENABLE(ieee)) {
1770 if (info_element->len != 0) {
1771 memcpy(network->CountryIeBuf, info_element->data,
1772 info_element->len);
1773 network->CountryIeLen = info_element->len;
1774
1775 if (!IS_COUNTRY_IE_VALID(ieee)) {
1776 if (rtllib_act_scanning(ieee, false) &&
1777 ieee->FirstIe_InScan)
1778 netdev_info(ieee->dev,
1779 "Received beacon ContryIE, SSID: <%s>\n",
1780 network->ssid);
1781 dot11d_update_country(ieee, addr2,
1782 info_element->len,
1783 info_element->data);
1784 }
1785 }
1786
1787 if (IS_EQUAL_CIE_SRC(ieee, addr2))
1788 UPDATE_CIE_WATCHDOG(ieee);
1789 }
1790 }
1791
1792 static void rtllib_parse_mife_generic(struct rtllib_device *ieee,
1793 struct rtllib_info_element *info_element,
1794 struct rtllib_network *network,
1795 u16 *tmp_htcap_len,
1796 u16 *tmp_htinfo_len)
1797 {
1798 u16 ht_realtek_agg_len = 0;
1799 u8 ht_realtek_agg_buf[MAX_IE_LEN];
1800
1801 if (!rtllib_parse_qos_info_param_IE(ieee, info_element, network))
1802 return;
1803 if (info_element->len >= 4 &&
1804 info_element->data[0] == 0x00 &&
1805 info_element->data[1] == 0x50 &&
1806 info_element->data[2] == 0xf2 &&
1807 info_element->data[3] == 0x01) {
1808 network->wpa_ie_len = min(info_element->len + 2,
1809 MAX_WPA_IE_LEN);
1810 memcpy(network->wpa_ie, info_element, network->wpa_ie_len);
1811 return;
1812 }
1813 if (info_element->len == 7 &&
1814 info_element->data[0] == 0x00 &&
1815 info_element->data[1] == 0xe0 &&
1816 info_element->data[2] == 0x4c &&
1817 info_element->data[3] == 0x01 &&
1818 info_element->data[4] == 0x02)
1819 network->Turbo_Enable = 1;
1820
1821 if (*tmp_htcap_len == 0) {
1822 if (info_element->len >= 4 &&
1823 info_element->data[0] == 0x00 &&
1824 info_element->data[1] == 0x90 &&
1825 info_element->data[2] == 0x4c &&
1826 info_element->data[3] == 0x033) {
1827 *tmp_htcap_len = min_t(u8, info_element->len,
1828 MAX_IE_LEN);
1829 if (*tmp_htcap_len != 0) {
1830 network->bssht.bd_ht_spec_ver = HT_SPEC_VER_EWC;
1831 network->bssht.bd_ht_cap_len = min_t(u16, *tmp_htcap_len,
1832 sizeof(network->bssht.bd_ht_cap_buf));
1833 memcpy(network->bssht.bd_ht_cap_buf,
1834 info_element->data,
1835 network->bssht.bd_ht_cap_len);
1836 }
1837 }
1838 if (*tmp_htcap_len != 0) {
1839 network->bssht.bd_support_ht = true;
1840 network->bssht.bd_ht_1r = ((((struct ht_capab_ele *)(network->bssht.bd_ht_cap_buf))->MCS[1]) == 0);
1841 } else {
1842 network->bssht.bd_support_ht = false;
1843 network->bssht.bd_ht_1r = false;
1844 }
1845 }
1846
1847
1848 if (*tmp_htinfo_len == 0) {
1849 if (info_element->len >= 4 &&
1850 info_element->data[0] == 0x00 &&
1851 info_element->data[1] == 0x90 &&
1852 info_element->data[2] == 0x4c &&
1853 info_element->data[3] == 0x034) {
1854 *tmp_htinfo_len = min_t(u8, info_element->len,
1855 MAX_IE_LEN);
1856 if (*tmp_htinfo_len != 0) {
1857 network->bssht.bd_ht_spec_ver = HT_SPEC_VER_EWC;
1858 network->bssht.bd_ht_info_len = min_t(u16, *tmp_htinfo_len,
1859 sizeof(network->bssht.bd_ht_info_buf));
1860 memcpy(network->bssht.bd_ht_info_buf,
1861 info_element->data,
1862 network->bssht.bd_ht_info_len);
1863 }
1864 }
1865 }
1866
1867 if (network->bssht.bd_support_ht) {
1868 if (info_element->len >= 4 &&
1869 info_element->data[0] == 0x00 &&
1870 info_element->data[1] == 0xe0 &&
1871 info_element->data[2] == 0x4c &&
1872 info_element->data[3] == 0x02) {
1873 ht_realtek_agg_len = min_t(u8, info_element->len,
1874 MAX_IE_LEN);
1875 memcpy(ht_realtek_agg_buf, info_element->data,
1876 info_element->len);
1877 }
1878 if (ht_realtek_agg_len >= 5) {
1879 network->realtek_cap_exit = true;
1880 network->bssht.bd_rt2rt_aggregation = true;
1881
1882 if ((ht_realtek_agg_buf[4] == 1) &&
1883 (ht_realtek_agg_buf[5] & 0x02))
1884 network->bssht.bd_rt2rt_long_slot_time = true;
1885
1886 if ((ht_realtek_agg_buf[4] == 1) &&
1887 (ht_realtek_agg_buf[5] & RT_HT_CAP_USE_92SE))
1888 network->bssht.rt2rt_ht_mode |= RT_HT_CAP_USE_92SE;
1889 }
1890 }
1891 if (ht_realtek_agg_len >= 5) {
1892 if ((ht_realtek_agg_buf[5] & RT_HT_CAP_USE_SOFTAP))
1893 network->bssht.rt2rt_ht_mode |= RT_HT_CAP_USE_SOFTAP;
1894 }
1895
1896 if ((info_element->len >= 3 &&
1897 info_element->data[0] == 0x00 &&
1898 info_element->data[1] == 0x05 &&
1899 info_element->data[2] == 0xb5) ||
1900 (info_element->len >= 3 &&
1901 info_element->data[0] == 0x00 &&
1902 info_element->data[1] == 0x0a &&
1903 info_element->data[2] == 0xf7) ||
1904 (info_element->len >= 3 &&
1905 info_element->data[0] == 0x00 &&
1906 info_element->data[1] == 0x10 &&
1907 info_element->data[2] == 0x18)) {
1908 network->broadcom_cap_exist = true;
1909 }
1910 if (info_element->len >= 3 &&
1911 info_element->data[0] == 0x00 &&
1912 info_element->data[1] == 0x0c &&
1913 info_element->data[2] == 0x43)
1914 network->ralink_cap_exist = true;
1915 if ((info_element->len >= 3 &&
1916 info_element->data[0] == 0x00 &&
1917 info_element->data[1] == 0x03 &&
1918 info_element->data[2] == 0x7f) ||
1919 (info_element->len >= 3 &&
1920 info_element->data[0] == 0x00 &&
1921 info_element->data[1] == 0x13 &&
1922 info_element->data[2] == 0x74))
1923 network->atheros_cap_exist = true;
1924
1925 if ((info_element->len >= 3 &&
1926 info_element->data[0] == 0x00 &&
1927 info_element->data[1] == 0x50 &&
1928 info_element->data[2] == 0x43))
1929 network->marvell_cap_exist = true;
1930 if (info_element->len >= 3 &&
1931 info_element->data[0] == 0x00 &&
1932 info_element->data[1] == 0x40 &&
1933 info_element->data[2] == 0x96)
1934 network->cisco_cap_exist = true;
1935
1936
1937 if (info_element->len >= 3 &&
1938 info_element->data[0] == 0x00 &&
1939 info_element->data[1] == 0x0a &&
1940 info_element->data[2] == 0xf5)
1941 network->airgo_cap_exist = true;
1942
1943 if (info_element->len > 4 &&
1944 info_element->data[0] == 0x00 &&
1945 info_element->data[1] == 0x40 &&
1946 info_element->data[2] == 0x96 &&
1947 info_element->data[3] == 0x01) {
1948 if (info_element->len == 6) {
1949 memcpy(network->CcxRmState, &info_element->data[4], 2);
1950 if (network->CcxRmState[0] != 0)
1951 network->bCcxRmEnable = true;
1952 else
1953 network->bCcxRmEnable = false;
1954 network->MBssidMask = network->CcxRmState[1] & 0x07;
1955 if (network->MBssidMask != 0) {
1956 network->bMBssidValid = true;
1957 network->MBssidMask = 0xff <<
1958 (network->MBssidMask);
1959 ether_addr_copy(network->MBssid,
1960 network->bssid);
1961 network->MBssid[5] &= network->MBssidMask;
1962 } else {
1963 network->bMBssidValid = false;
1964 }
1965 } else {
1966 network->bCcxRmEnable = false;
1967 }
1968 }
1969 if (info_element->len > 4 &&
1970 info_element->data[0] == 0x00 &&
1971 info_element->data[1] == 0x40 &&
1972 info_element->data[2] == 0x96 &&
1973 info_element->data[3] == 0x03) {
1974 if (info_element->len == 5) {
1975 network->bWithCcxVerNum = true;
1976 network->BssCcxVerNumber = info_element->data[4];
1977 } else {
1978 network->bWithCcxVerNum = false;
1979 network->BssCcxVerNumber = 0;
1980 }
1981 }
1982 if (info_element->len > 4 &&
1983 info_element->data[0] == 0x00 &&
1984 info_element->data[1] == 0x50 &&
1985 info_element->data[2] == 0xf2 &&
1986 info_element->data[3] == 0x04) {
1987 netdev_dbg(ieee->dev, "MFIE_TYPE_WZC: %d bytes\n",
1988 info_element->len);
1989 network->wzc_ie_len = min(info_element->len+2, MAX_WZC_IE_LEN);
1990 memcpy(network->wzc_ie, info_element, network->wzc_ie_len);
1991 }
1992 }
1993
1994 static void rtllib_parse_mfie_ht_cap(struct rtllib_info_element *info_element,
1995 struct rtllib_network *network,
1996 u16 *tmp_htcap_len)
1997 {
1998 struct bss_ht *ht = &network->bssht;
1999
2000 *tmp_htcap_len = min_t(u8, info_element->len, MAX_IE_LEN);
2001 if (*tmp_htcap_len != 0) {
2002 ht->bd_ht_spec_ver = HT_SPEC_VER_EWC;
2003 ht->bd_ht_cap_len = min_t(u16, *tmp_htcap_len,
2004 sizeof(ht->bd_ht_cap_buf));
2005 memcpy(ht->bd_ht_cap_buf, info_element->data, ht->bd_ht_cap_len);
2006
2007 ht->bd_support_ht = true;
2008 ht->bd_ht_1r = ((((struct ht_capab_ele *)
2009 ht->bd_ht_cap_buf))->MCS[1]) == 0;
2010
2011 ht->bd_bandwidth = (enum ht_channel_width)
2012 (((struct ht_capab_ele *)
2013 (ht->bd_ht_cap_buf))->ChlWidth);
2014 } else {
2015 ht->bd_support_ht = false;
2016 ht->bd_ht_1r = false;
2017 ht->bd_bandwidth = HT_CHANNEL_WIDTH_20;
2018 }
2019 }
2020
2021 int rtllib_parse_info_param(struct rtllib_device *ieee,
2022 struct rtllib_info_element *info_element,
2023 u16 length,
2024 struct rtllib_network *network,
2025 struct rtllib_rx_stats *stats)
2026 {
2027 u8 i;
2028 short offset;
2029 u16 tmp_htcap_len = 0;
2030 u16 tmp_htinfo_len = 0;
2031 char rates_str[64];
2032 char *p;
2033
2034 while (length >= sizeof(*info_element)) {
2035 if (sizeof(*info_element) + info_element->len > length) {
2036 netdev_dbg(ieee->dev,
2037 "Info elem: parse failed: info_element->len + 2 > left : info_element->len+2=%zd left=%d, id=%d.\n",
2038 info_element->len + sizeof(*info_element),
2039 length, info_element->id);
2040
2041
2042
2043
2044 break;
2045 }
2046
2047 switch (info_element->id) {
2048 case MFIE_TYPE_SSID:
2049 if (rtllib_is_empty_essid(info_element->data,
2050 info_element->len)) {
2051 network->flags |= NETWORK_EMPTY_ESSID;
2052 break;
2053 }
2054
2055 network->ssid_len = min(info_element->len,
2056 (u8)IW_ESSID_MAX_SIZE);
2057 memcpy(network->ssid, info_element->data,
2058 network->ssid_len);
2059 if (network->ssid_len < IW_ESSID_MAX_SIZE)
2060 memset(network->ssid + network->ssid_len, 0,
2061 IW_ESSID_MAX_SIZE - network->ssid_len);
2062
2063 netdev_dbg(ieee->dev, "MFIE_TYPE_SSID: '%s' len=%d.\n",
2064 network->ssid, network->ssid_len);
2065 break;
2066
2067 case MFIE_TYPE_RATES:
2068 p = rates_str;
2069 network->rates_len = min(info_element->len,
2070 MAX_RATES_LENGTH);
2071 for (i = 0; i < network->rates_len; i++) {
2072 network->rates[i] = info_element->data[i];
2073 p += scnprintf(p, sizeof(rates_str) -
2074 (p - rates_str), "%02X ",
2075 network->rates[i]);
2076 if (rtllib_is_ofdm_rate
2077 (info_element->data[i])) {
2078 network->flags |= NETWORK_HAS_OFDM;
2079 if (info_element->data[i] &
2080 RTLLIB_BASIC_RATE_MASK)
2081 network->flags &=
2082 ~NETWORK_HAS_CCK;
2083 }
2084
2085 if (rtllib_is_cck_rate
2086 (info_element->data[i])) {
2087 network->flags |= NETWORK_HAS_CCK;
2088 }
2089 }
2090
2091 netdev_dbg(ieee->dev, "MFIE_TYPE_RATES: '%s' (%d)\n",
2092 rates_str, network->rates_len);
2093 break;
2094
2095 case MFIE_TYPE_RATES_EX:
2096 p = rates_str;
2097 network->rates_ex_len = min(info_element->len,
2098 MAX_RATES_EX_LENGTH);
2099 for (i = 0; i < network->rates_ex_len; i++) {
2100 network->rates_ex[i] = info_element->data[i];
2101 p += scnprintf(p, sizeof(rates_str) -
2102 (p - rates_str), "%02X ",
2103 network->rates_ex[i]);
2104 if (rtllib_is_ofdm_rate
2105 (info_element->data[i])) {
2106 network->flags |= NETWORK_HAS_OFDM;
2107 if (info_element->data[i] &
2108 RTLLIB_BASIC_RATE_MASK)
2109 network->flags &=
2110 ~NETWORK_HAS_CCK;
2111 }
2112 }
2113
2114 netdev_dbg(ieee->dev, "MFIE_TYPE_RATES_EX: '%s' (%d)\n",
2115 rates_str, network->rates_ex_len);
2116 break;
2117
2118 case MFIE_TYPE_DS_SET:
2119 netdev_dbg(ieee->dev, "MFIE_TYPE_DS_SET: %d\n",
2120 info_element->data[0]);
2121 network->channel = info_element->data[0];
2122 break;
2123
2124 case MFIE_TYPE_FH_SET:
2125 netdev_dbg(ieee->dev, "MFIE_TYPE_FH_SET: ignored\n");
2126 break;
2127
2128 case MFIE_TYPE_CF_SET:
2129 netdev_dbg(ieee->dev, "MFIE_TYPE_CF_SET: ignored\n");
2130 break;
2131
2132 case MFIE_TYPE_TIM:
2133 if (info_element->len < 4)
2134 break;
2135
2136 network->tim.tim_count = info_element->data[0];
2137 network->tim.tim_period = info_element->data[1];
2138
2139 network->dtim_period = info_element->data[1];
2140 if (ieee->state != RTLLIB_LINKED)
2141 break;
2142 network->last_dtim_sta_time = jiffies;
2143
2144 network->dtim_data = RTLLIB_DTIM_VALID;
2145
2146
2147 if (info_element->data[2] & 1)
2148 network->dtim_data |= RTLLIB_DTIM_MBCAST;
2149
2150 offset = (info_element->data[2] >> 1)*2;
2151
2152
2153 if (ieee->assoc_id < 8*offset ||
2154 ieee->assoc_id > 8*(offset + info_element->len - 3))
2155 break;
2156
2157 offset = (ieee->assoc_id / 8) - offset;
2158 if (info_element->data[3 + offset] &
2159 (1 << (ieee->assoc_id % 8)))
2160 network->dtim_data |= RTLLIB_DTIM_UCAST;
2161
2162 network->listen_interval = network->dtim_period;
2163 break;
2164
2165 case MFIE_TYPE_ERP:
2166 network->erp_value = info_element->data[0];
2167 network->flags |= NETWORK_HAS_ERP_VALUE;
2168 netdev_dbg(ieee->dev, "MFIE_TYPE_ERP_SET: %d\n",
2169 network->erp_value);
2170 break;
2171 case MFIE_TYPE_IBSS_SET:
2172 network->atim_window = info_element->data[0];
2173 netdev_dbg(ieee->dev, "MFIE_TYPE_IBSS_SET: %d\n",
2174 network->atim_window);
2175 break;
2176
2177 case MFIE_TYPE_CHALLENGE:
2178 netdev_dbg(ieee->dev, "MFIE_TYPE_CHALLENGE: ignored\n");
2179 break;
2180
2181 case MFIE_TYPE_GENERIC:
2182 netdev_dbg(ieee->dev, "MFIE_TYPE_GENERIC: %d bytes\n",
2183 info_element->len);
2184
2185 rtllib_parse_mife_generic(ieee, info_element, network,
2186 &tmp_htcap_len,
2187 &tmp_htinfo_len);
2188 break;
2189
2190 case MFIE_TYPE_RSN:
2191 netdev_dbg(ieee->dev, "MFIE_TYPE_RSN: %d bytes\n",
2192 info_element->len);
2193 network->rsn_ie_len = min(info_element->len + 2,
2194 MAX_WPA_IE_LEN);
2195 memcpy(network->rsn_ie, info_element,
2196 network->rsn_ie_len);
2197 break;
2198
2199 case MFIE_TYPE_HT_CAP:
2200 netdev_dbg(ieee->dev, "MFIE_TYPE_HT_CAP: %d bytes\n",
2201 info_element->len);
2202
2203 rtllib_parse_mfie_ht_cap(info_element, network,
2204 &tmp_htcap_len);
2205 break;
2206
2207
2208 case MFIE_TYPE_HT_INFO:
2209 netdev_dbg(ieee->dev, "MFIE_TYPE_HT_INFO: %d bytes\n",
2210 info_element->len);
2211 tmp_htinfo_len = min_t(u8, info_element->len,
2212 MAX_IE_LEN);
2213 if (tmp_htinfo_len) {
2214 network->bssht.bd_ht_spec_ver = HT_SPEC_VER_IEEE;
2215 network->bssht.bd_ht_info_len = tmp_htinfo_len >
2216 sizeof(network->bssht.bd_ht_info_buf) ?
2217 sizeof(network->bssht.bd_ht_info_buf) :
2218 tmp_htinfo_len;
2219 memcpy(network->bssht.bd_ht_info_buf,
2220 info_element->data,
2221 network->bssht.bd_ht_info_len);
2222 }
2223 break;
2224
2225 case MFIE_TYPE_AIRONET:
2226 netdev_dbg(ieee->dev, "MFIE_TYPE_AIRONET: %d bytes\n",
2227 info_element->len);
2228 if (info_element->len > IE_CISCO_FLAG_POSITION) {
2229 network->bWithAironetIE = true;
2230
2231 if ((info_element->data[IE_CISCO_FLAG_POSITION]
2232 & SUPPORT_CKIP_MIC) ||
2233 (info_element->data[IE_CISCO_FLAG_POSITION]
2234 & SUPPORT_CKIP_PK))
2235 network->bCkipSupported = true;
2236 else
2237 network->bCkipSupported = false;
2238 } else {
2239 network->bWithAironetIE = false;
2240 network->bCkipSupported = false;
2241 }
2242 break;
2243 case MFIE_TYPE_QOS_PARAMETER:
2244 netdev_err(ieee->dev,
2245 "QoS Error need to parse QOS_PARAMETER IE\n");
2246 break;
2247
2248 case MFIE_TYPE_COUNTRY:
2249 netdev_dbg(ieee->dev, "MFIE_TYPE_COUNTRY: %d bytes\n",
2250 info_element->len);
2251 rtllib_extract_country_ie(ieee, info_element, network,
2252 network->bssid);
2253 break;
2254
2255 default:
2256 netdev_dbg(ieee->dev,
2257 "Unsupported info element: %s (%d)\n",
2258 get_info_element_string(info_element->id),
2259 info_element->id);
2260 break;
2261 }
2262
2263 length -= sizeof(*info_element) + info_element->len;
2264 info_element =
2265 (struct rtllib_info_element *)&info_element->data[info_element->len];
2266 }
2267
2268 if (!network->atheros_cap_exist && !network->broadcom_cap_exist &&
2269 !network->cisco_cap_exist && !network->ralink_cap_exist &&
2270 !network->bssht.bd_rt2rt_aggregation)
2271 network->unknown_cap_exist = true;
2272 else
2273 network->unknown_cap_exist = false;
2274 return 0;
2275 }
2276
2277 static long rtllib_translate_todbm(u8 signal_strength_index)
2278 {
2279 long signal_power;
2280
2281 signal_power = (long)((signal_strength_index + 1) >> 1);
2282 signal_power -= 95;
2283
2284 return signal_power;
2285 }
2286
2287 static inline int rtllib_network_init(
2288 struct rtllib_device *ieee,
2289 struct rtllib_probe_response *beacon,
2290 struct rtllib_network *network,
2291 struct rtllib_rx_stats *stats)
2292 {
2293 memset(&network->qos_data, 0, sizeof(struct rtllib_qos_data));
2294
2295
2296 ether_addr_copy(network->bssid, beacon->header.addr3);
2297 network->capability = le16_to_cpu(beacon->capability);
2298 network->last_scanned = jiffies;
2299 network->time_stamp[0] = beacon->time_stamp[0];
2300 network->time_stamp[1] = beacon->time_stamp[1];
2301 network->beacon_interval = le16_to_cpu(beacon->beacon_interval);
2302
2303 network->listen_interval = 0x0A;
2304 network->rates_len = network->rates_ex_len = 0;
2305 network->ssid_len = 0;
2306 network->hidden_ssid_len = 0;
2307 memset(network->hidden_ssid, 0, sizeof(network->hidden_ssid));
2308 network->flags = 0;
2309 network->atim_window = 0;
2310 network->erp_value = (network->capability & WLAN_CAPABILITY_IBSS) ?
2311 0x3 : 0x0;
2312 network->berp_info_valid = false;
2313 network->broadcom_cap_exist = false;
2314 network->ralink_cap_exist = false;
2315 network->atheros_cap_exist = false;
2316 network->cisco_cap_exist = false;
2317 network->unknown_cap_exist = false;
2318 network->realtek_cap_exit = false;
2319 network->marvell_cap_exist = false;
2320 network->airgo_cap_exist = false;
2321 network->Turbo_Enable = 0;
2322 network->SignalStrength = stats->SignalStrength;
2323 network->RSSI = stats->SignalStrength;
2324 network->CountryIeLen = 0;
2325 memset(network->CountryIeBuf, 0, MAX_IE_LEN);
2326 HTInitializeBssDesc(&network->bssht);
2327 if (stats->freq == RTLLIB_52GHZ_BAND) {
2328
2329 network->channel = stats->received_channel;
2330 } else
2331 network->flags |= NETWORK_HAS_CCK;
2332
2333 network->wpa_ie_len = 0;
2334 network->rsn_ie_len = 0;
2335 network->wzc_ie_len = 0;
2336
2337 if (rtllib_parse_info_param(ieee,
2338 beacon->info_element,
2339 (stats->len - sizeof(*beacon)),
2340 network,
2341 stats))
2342 return 1;
2343
2344 network->mode = 0;
2345 if (stats->freq == RTLLIB_52GHZ_BAND)
2346 network->mode = IEEE_A;
2347 else {
2348 if (network->flags & NETWORK_HAS_OFDM)
2349 network->mode |= IEEE_G;
2350 if (network->flags & NETWORK_HAS_CCK)
2351 network->mode |= IEEE_B;
2352 }
2353
2354 if (network->mode == 0) {
2355 netdev_dbg(ieee->dev, "Filtered out '%s (%pM)' network.\n",
2356 escape_essid(network->ssid, network->ssid_len),
2357 network->bssid);
2358 return 1;
2359 }
2360
2361 if (network->bssht.bd_support_ht) {
2362 if (network->mode == IEEE_A)
2363 network->mode = IEEE_N_5G;
2364 else if (network->mode & (IEEE_G | IEEE_B))
2365 network->mode = IEEE_N_24G;
2366 }
2367 if (rtllib_is_empty_essid(network->ssid, network->ssid_len))
2368 network->flags |= NETWORK_EMPTY_ESSID;
2369 stats->signal = 30 + (stats->SignalStrength * 70) / 100;
2370 stats->noise = rtllib_translate_todbm((u8)(100-stats->signal)) - 25;
2371
2372 memcpy(&network->stats, stats, sizeof(network->stats));
2373
2374 return 0;
2375 }
2376
2377 static inline int is_same_network(struct rtllib_network *src,
2378 struct rtllib_network *dst, u8 ssidbroad)
2379 {
2380
2381
2382
2383
2384
2385 return (((src->ssid_len == dst->ssid_len) || (!ssidbroad)) &&
2386 (src->channel == dst->channel) &&
2387 !memcmp(src->bssid, dst->bssid, ETH_ALEN) &&
2388 (!memcmp(src->ssid, dst->ssid, src->ssid_len) ||
2389 (!ssidbroad)) &&
2390 ((src->capability & WLAN_CAPABILITY_IBSS) ==
2391 (dst->capability & WLAN_CAPABILITY_IBSS)) &&
2392 ((src->capability & WLAN_CAPABILITY_ESS) ==
2393 (dst->capability & WLAN_CAPABILITY_ESS)));
2394 }
2395
2396
2397 static inline void update_network(struct rtllib_device *ieee,
2398 struct rtllib_network *dst,
2399 struct rtllib_network *src)
2400 {
2401 int qos_active;
2402 u8 old_param;
2403
2404 memcpy(&dst->stats, &src->stats, sizeof(struct rtllib_rx_stats));
2405 dst->capability = src->capability;
2406 memcpy(dst->rates, src->rates, src->rates_len);
2407 dst->rates_len = src->rates_len;
2408 memcpy(dst->rates_ex, src->rates_ex, src->rates_ex_len);
2409 dst->rates_ex_len = src->rates_ex_len;
2410 if (src->ssid_len > 0) {
2411 if (dst->ssid_len == 0) {
2412 memset(dst->hidden_ssid, 0, sizeof(dst->hidden_ssid));
2413 dst->hidden_ssid_len = src->ssid_len;
2414 memcpy(dst->hidden_ssid, src->ssid, src->ssid_len);
2415 } else {
2416 memset(dst->ssid, 0, dst->ssid_len);
2417 dst->ssid_len = src->ssid_len;
2418 memcpy(dst->ssid, src->ssid, src->ssid_len);
2419 }
2420 }
2421 dst->mode = src->mode;
2422 dst->flags = src->flags;
2423 dst->time_stamp[0] = src->time_stamp[0];
2424 dst->time_stamp[1] = src->time_stamp[1];
2425 if (src->flags & NETWORK_HAS_ERP_VALUE) {
2426 dst->erp_value = src->erp_value;
2427 dst->berp_info_valid = src->berp_info_valid = true;
2428 }
2429 dst->beacon_interval = src->beacon_interval;
2430 dst->listen_interval = src->listen_interval;
2431 dst->atim_window = src->atim_window;
2432 dst->dtim_period = src->dtim_period;
2433 dst->dtim_data = src->dtim_data;
2434 dst->last_dtim_sta_time = src->last_dtim_sta_time;
2435 memcpy(&dst->tim, &src->tim, sizeof(struct rtllib_tim_parameters));
2436
2437 dst->bssht.bd_support_ht = src->bssht.bd_support_ht;
2438 dst->bssht.bd_rt2rt_aggregation = src->bssht.bd_rt2rt_aggregation;
2439 dst->bssht.bd_ht_cap_len = src->bssht.bd_ht_cap_len;
2440 memcpy(dst->bssht.bd_ht_cap_buf, src->bssht.bd_ht_cap_buf,
2441 src->bssht.bd_ht_cap_len);
2442 dst->bssht.bd_ht_info_len = src->bssht.bd_ht_info_len;
2443 memcpy(dst->bssht.bd_ht_info_buf, src->bssht.bd_ht_info_buf,
2444 src->bssht.bd_ht_info_len);
2445 dst->bssht.bd_ht_spec_ver = src->bssht.bd_ht_spec_ver;
2446 dst->bssht.bd_rt2rt_long_slot_time = src->bssht.bd_rt2rt_long_slot_time;
2447 dst->broadcom_cap_exist = src->broadcom_cap_exist;
2448 dst->ralink_cap_exist = src->ralink_cap_exist;
2449 dst->atheros_cap_exist = src->atheros_cap_exist;
2450 dst->realtek_cap_exit = src->realtek_cap_exit;
2451 dst->marvell_cap_exist = src->marvell_cap_exist;
2452 dst->cisco_cap_exist = src->cisco_cap_exist;
2453 dst->airgo_cap_exist = src->airgo_cap_exist;
2454 dst->unknown_cap_exist = src->unknown_cap_exist;
2455 memcpy(dst->wpa_ie, src->wpa_ie, src->wpa_ie_len);
2456 dst->wpa_ie_len = src->wpa_ie_len;
2457 memcpy(dst->rsn_ie, src->rsn_ie, src->rsn_ie_len);
2458 dst->rsn_ie_len = src->rsn_ie_len;
2459 memcpy(dst->wzc_ie, src->wzc_ie, src->wzc_ie_len);
2460 dst->wzc_ie_len = src->wzc_ie_len;
2461
2462 dst->last_scanned = jiffies;
2463
2464 qos_active = dst->qos_data.active;
2465 old_param = dst->qos_data.param_count;
2466 dst->qos_data.supported = src->qos_data.supported;
2467 if (dst->flags & NETWORK_HAS_QOS_PARAMETERS)
2468 memcpy(&dst->qos_data, &src->qos_data,
2469 sizeof(struct rtllib_qos_data));
2470 if (dst->qos_data.supported == 1) {
2471 if (dst->ssid_len)
2472 netdev_dbg(ieee->dev,
2473 "QoS the network %s is QoS supported\n",
2474 dst->ssid);
2475 else
2476 netdev_dbg(ieee->dev,
2477 "QoS the network is QoS supported\n");
2478 }
2479 dst->qos_data.active = qos_active;
2480 dst->qos_data.old_param_count = old_param;
2481
2482 dst->wmm_info = src->wmm_info;
2483 if (src->wmm_param[0].ac_aci_acm_aifsn ||
2484 src->wmm_param[1].ac_aci_acm_aifsn ||
2485 src->wmm_param[2].ac_aci_acm_aifsn ||
2486 src->wmm_param[3].ac_aci_acm_aifsn)
2487 memcpy(dst->wmm_param, src->wmm_param, WME_AC_PRAM_LEN);
2488
2489 dst->SignalStrength = src->SignalStrength;
2490 dst->RSSI = src->RSSI;
2491 dst->Turbo_Enable = src->Turbo_Enable;
2492
2493 dst->CountryIeLen = src->CountryIeLen;
2494 memcpy(dst->CountryIeBuf, src->CountryIeBuf, src->CountryIeLen);
2495
2496 dst->bWithAironetIE = src->bWithAironetIE;
2497 dst->bCkipSupported = src->bCkipSupported;
2498 memcpy(dst->CcxRmState, src->CcxRmState, 2);
2499 dst->bCcxRmEnable = src->bCcxRmEnable;
2500 dst->MBssidMask = src->MBssidMask;
2501 dst->bMBssidValid = src->bMBssidValid;
2502 memcpy(dst->MBssid, src->MBssid, 6);
2503 dst->bWithCcxVerNum = src->bWithCcxVerNum;
2504 dst->BssCcxVerNumber = src->BssCcxVerNumber;
2505 }
2506
2507 static inline int is_beacon(u16 fc)
2508 {
2509 return (WLAN_FC_GET_STYPE(fc) == RTLLIB_STYPE_BEACON);
2510 }
2511
2512 static int IsPassiveChannel(struct rtllib_device *rtllib, u8 channel)
2513 {
2514 if (channel > MAX_CHANNEL_NUMBER) {
2515 netdev_info(rtllib->dev, "%s(): Invalid Channel\n", __func__);
2516 return 0;
2517 }
2518
2519 if (rtllib->active_channel_map[channel] == 2)
2520 return 1;
2521
2522 return 0;
2523 }
2524
2525 int rtllib_legal_channel(struct rtllib_device *rtllib, u8 channel)
2526 {
2527 if (channel > MAX_CHANNEL_NUMBER) {
2528 netdev_info(rtllib->dev, "%s(): Invalid Channel\n", __func__);
2529 return 0;
2530 }
2531 if (rtllib->active_channel_map[channel] > 0)
2532 return 1;
2533
2534 return 0;
2535 }
2536 EXPORT_SYMBOL(rtllib_legal_channel);
2537
2538 static inline void rtllib_process_probe_response(
2539 struct rtllib_device *ieee,
2540 struct rtllib_probe_response *beacon,
2541 struct rtllib_rx_stats *stats)
2542 {
2543 struct rtllib_network *target;
2544 struct rtllib_network *oldest = NULL;
2545 struct rtllib_info_element *info_element = &beacon->info_element[0];
2546 unsigned long flags;
2547 short renew;
2548 struct rtllib_network *network = kzalloc(sizeof(struct rtllib_network),
2549 GFP_ATOMIC);
2550 u16 frame_ctl = le16_to_cpu(beacon->header.frame_ctl);
2551
2552 if (!network)
2553 return;
2554
2555 netdev_dbg(ieee->dev,
2556 "'%s' ( %pM ): %c%c%c%c %c%c%c%c-%c%c%c%c %c%c%c%c\n",
2557 escape_essid(info_element->data, info_element->len),
2558 beacon->header.addr3,
2559 (le16_to_cpu(beacon->capability) & (1<<0xf)) ? '1' : '0',
2560 (le16_to_cpu(beacon->capability) & (1<<0xe)) ? '1' : '0',
2561 (le16_to_cpu(beacon->capability) & (1<<0xd)) ? '1' : '0',
2562 (le16_to_cpu(beacon->capability) & (1<<0xc)) ? '1' : '0',
2563 (le16_to_cpu(beacon->capability) & (1<<0xb)) ? '1' : '0',
2564 (le16_to_cpu(beacon->capability) & (1<<0xa)) ? '1' : '0',
2565 (le16_to_cpu(beacon->capability) & (1<<0x9)) ? '1' : '0',
2566 (le16_to_cpu(beacon->capability) & (1<<0x8)) ? '1' : '0',
2567 (le16_to_cpu(beacon->capability) & (1<<0x7)) ? '1' : '0',
2568 (le16_to_cpu(beacon->capability) & (1<<0x6)) ? '1' : '0',
2569 (le16_to_cpu(beacon->capability) & (1<<0x5)) ? '1' : '0',
2570 (le16_to_cpu(beacon->capability) & (1<<0x4)) ? '1' : '0',
2571 (le16_to_cpu(beacon->capability) & (1<<0x3)) ? '1' : '0',
2572 (le16_to_cpu(beacon->capability) & (1<<0x2)) ? '1' : '0',
2573 (le16_to_cpu(beacon->capability) & (1<<0x1)) ? '1' : '0',
2574 (le16_to_cpu(beacon->capability) & (1<<0x0)) ? '1' : '0');
2575
2576 if (rtllib_network_init(ieee, beacon, network, stats)) {
2577 netdev_dbg(ieee->dev, "Dropped '%s' ( %pM) via %s.\n",
2578 escape_essid(info_element->data, info_element->len),
2579 beacon->header.addr3,
2580 is_beacon(frame_ctl) ? "BEACON" : "PROBE RESPONSE");
2581 goto free_network;
2582 }
2583
2584
2585 if (!rtllib_legal_channel(ieee, network->channel))
2586 goto free_network;
2587
2588 if (WLAN_FC_GET_STYPE(frame_ctl) == RTLLIB_STYPE_PROBE_RESP) {
2589 if (IsPassiveChannel(ieee, network->channel)) {
2590 netdev_info(ieee->dev,
2591 "GetScanInfo(): For Global Domain, filter probe response at channel(%d).\n",
2592 network->channel);
2593 goto free_network;
2594 }
2595 }
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609 spin_lock_irqsave(&ieee->lock, flags);
2610 if (is_same_network(&ieee->current_network, network,
2611 (network->ssid_len ? 1 : 0))) {
2612 update_network(ieee, &ieee->current_network, network);
2613 if ((ieee->current_network.mode == IEEE_N_24G ||
2614 ieee->current_network.mode == IEEE_G) &&
2615 ieee->current_network.berp_info_valid) {
2616 if (ieee->current_network.erp_value & ERP_UseProtection)
2617 ieee->current_network.buseprotection = true;
2618 else
2619 ieee->current_network.buseprotection = false;
2620 }
2621 if (is_beacon(frame_ctl)) {
2622 if (ieee->state >= RTLLIB_LINKED)
2623 ieee->LinkDetectInfo.NumRecvBcnInPeriod++;
2624 }
2625 }
2626 list_for_each_entry(target, &ieee->network_list, list) {
2627 if (is_same_network(target, network,
2628 (target->ssid_len ? 1 : 0)))
2629 break;
2630 if ((oldest == NULL) ||
2631 (target->last_scanned < oldest->last_scanned))
2632 oldest = target;
2633 }
2634
2635
2636
2637
2638 if (&target->list == &ieee->network_list) {
2639 if (list_empty(&ieee->network_free_list)) {
2640
2641 list_del(&oldest->list);
2642 target = oldest;
2643 netdev_dbg(ieee->dev,
2644 "Expired '%s' ( %pM) from network list.\n",
2645 escape_essid(target->ssid, target->ssid_len),
2646 target->bssid);
2647 } else {
2648
2649 target = list_entry(ieee->network_free_list.next,
2650 struct rtllib_network, list);
2651 list_del(ieee->network_free_list.next);
2652 }
2653
2654 netdev_dbg(ieee->dev, "Adding '%s' ( %pM) via %s.\n",
2655 escape_essid(network->ssid, network->ssid_len),
2656 network->bssid,
2657 is_beacon(frame_ctl) ? "BEACON" : "PROBE RESPONSE");
2658
2659 memcpy(target, network, sizeof(*target));
2660 list_add_tail(&target->list, &ieee->network_list);
2661 if (ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE)
2662 rtllib_softmac_new_net(ieee, network);
2663 } else {
2664 netdev_dbg(ieee->dev, "Updating '%s' ( %pM) via %s.\n",
2665 escape_essid(target->ssid, target->ssid_len),
2666 target->bssid,
2667 is_beacon(frame_ctl) ? "BEACON" : "PROBE RESPONSE");
2668
2669
2670
2671
2672
2673 renew = !time_after(target->last_scanned + ieee->scan_age,
2674 jiffies);
2675 if ((!target->ssid_len) &&
2676 (((network->ssid_len > 0) && (target->hidden_ssid_len == 0))
2677 || ((ieee->current_network.ssid_len == network->ssid_len) &&
2678 (strncmp(ieee->current_network.ssid, network->ssid,
2679 network->ssid_len) == 0) &&
2680 (ieee->state == RTLLIB_NOLINK))))
2681 renew = 1;
2682 update_network(ieee, target, network);
2683 if (renew && (ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE))
2684 rtllib_softmac_new_net(ieee, network);
2685 }
2686
2687 spin_unlock_irqrestore(&ieee->lock, flags);
2688 if (is_beacon(frame_ctl) &&
2689 is_same_network(&ieee->current_network, network,
2690 (network->ssid_len ? 1 : 0)) &&
2691 (ieee->state == RTLLIB_LINKED)) {
2692 if (ieee->handle_beacon != NULL)
2693 ieee->handle_beacon(ieee->dev, beacon,
2694 &ieee->current_network);
2695 }
2696 free_network:
2697 kfree(network);
2698 }
2699
2700 static void rtllib_rx_mgt(struct rtllib_device *ieee,
2701 struct sk_buff *skb,
2702 struct rtllib_rx_stats *stats)
2703 {
2704 struct rtllib_hdr_4addr *header = (struct rtllib_hdr_4addr *)skb->data;
2705
2706 if ((WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)) !=
2707 RTLLIB_STYPE_PROBE_RESP) &&
2708 (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)) !=
2709 RTLLIB_STYPE_BEACON))
2710 ieee->last_rx_ps_time = jiffies;
2711
2712 switch (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl))) {
2713
2714 case RTLLIB_STYPE_BEACON:
2715 netdev_dbg(ieee->dev, "received BEACON (%d)\n",
2716 WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)));
2717 rtllib_process_probe_response(
2718 ieee, (struct rtllib_probe_response *)header,
2719 stats);
2720
2721 if (ieee->sta_sleep || (ieee->ps != RTLLIB_PS_DISABLED &&
2722 ieee->iw_mode == IW_MODE_INFRA &&
2723 ieee->state == RTLLIB_LINKED))
2724 schedule_work(&ieee->ps_task);
2725
2726 break;
2727
2728 case RTLLIB_STYPE_PROBE_RESP:
2729 netdev_dbg(ieee->dev, "received PROBE RESPONSE (%d)\n",
2730 WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)));
2731 rtllib_process_probe_response(ieee,
2732 (struct rtllib_probe_response *)header, stats);
2733 break;
2734 case RTLLIB_STYPE_PROBE_REQ:
2735 netdev_dbg(ieee->dev, "received PROBE REQUEST (%d)\n",
2736 WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl)));
2737 if ((ieee->softmac_features & IEEE_SOFTMAC_PROBERS) &&
2738 ((ieee->iw_mode == IW_MODE_ADHOC ||
2739 ieee->iw_mode == IW_MODE_MASTER) &&
2740 ieee->state == RTLLIB_LINKED))
2741 rtllib_rx_probe_rq(ieee, skb);
2742 break;
2743 }
2744 }
