projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Staging: bcm: Fix spelling error in PHSModule.c
[deliverable/linux.git] / drivers / staging / vt6656 / dpc.c
CommitLineData
92b96797
FB		 1/*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
92b96797 41#include "device.h"
92b96797 42#include "rxtx.h"
92b96797 43#include "tether.h"
92b96797 44#include "card.h"
92b96797 45#include "bssdb.h"
92b96797 46#include "mac.h"
92b96797 47#include "baseband.h"
92b96797 48#include "michael.h"
92b96797 49#include "tkip.h"
92b96797 50#include "tcrc.h"
92b96797 51#include "wctl.h"
92b96797 52#include "hostap.h"
92b96797 53#include "rf.h"
92b96797 54#include "iowpa.h"
92b96797 55#include "aes_ccmp.h"
92b96797 56#include "datarate.h"
92b96797 57#include "usbpipe.h"
92b96797
FB		 58
59/*--------------------- Static Definitions -------------------------*/
60
61/*--------------------- Static Classes ----------------------------*/
62
63/*--------------------- Static Variables --------------------------*/
64//static int msglevel =MSG_LEVEL_DEBUG;
65static int msglevel =MSG_LEVEL_INFO;
66
67const BYTE acbyRxRate[MAX_RATE] =
68{2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
69
70
71/*--------------------- Static Functions --------------------------*/
72
73/*--------------------- Static Definitions -------------------------*/
74
75/*--------------------- Static Functions --------------------------*/
76
592ccfeb 77static BYTE s_byGetRateIdx(BYTE byRate);
92b96797
FB		 78
79static
8611a29a 80void
92b96797 81s_vGetDASA(
592ccfeb 82 PBYTE pbyRxBufferAddr,
93a94c42 83 unsigned int *pcbHeaderSize,
6f8c13c7 84 PSEthernetHeader psEthHeader
92b96797
FB		 85 );
86
45c73bb1
MP		 87static void s_vProcessRxMACHeader(struct vnt_private *pDevice,
88 u8 *pbyRxBufferAddr, u32 cbPacketSize, int bIsWEP, int bExtIV,
89 u32 *pcbHeadSize);
92b96797 90
45c73bb1
MP		 91static int s_bAPModeRxCtl(struct vnt_private *pDevice, u8 *pbyFrame,
92 s32 iSANodeIndex);
92b96797 93
45c73bb1
MP		 94static int s_bAPModeRxData(struct vnt_private *pDevice, struct sk_buff *skb,
95 u32 FrameSize, u32 cbHeaderOffset, s32 iSANodeIndex, s32 iDANodeIndex);
92b96797 96
45c73bb1
MP		 97static int s_bHandleRxEncryption(struct vnt_private *pDevice, u8 *pbyFrame,
98 u32 FrameSize, u8 *pbyRsr, u8 *pbyNewRsr, PSKeyItem *pKeyOut,
99 s32 *pbExtIV, u16 *pwRxTSC15_0, u32 *pdwRxTSC47_16);
92b96797 100
45c73bb1
MP		 101static int s_bHostWepRxEncryption(struct vnt_private *pDevice, u8 *pbyFrame,
102 u32 FrameSize, u8 *pbyRsr, int bOnFly, PSKeyItem pKey, u8 *pbyNewRsr,
103 s32 *pbExtIV, u16 *pwRxTSC15_0, u32 *pdwRxTSC47_16);
92b96797
FB		 104
105/*--------------------- Export Variables --------------------------*/
106
107/*+
108 *
109 * Description:
110 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
111 *
112 * Parameters:
113 * In:
114 * pDevice
115 * dwRxBufferAddr - Address of Rcv Buffer
116 * cbPacketSize - Rcv Packet size
117 * bIsWEP - If Rcv with WEP
118 * Out:
119 * pcbHeaderSize - 802.11 header size
120 *
121 * Return Value: None
122 *
123-*/
45c73bb1
MP		 124
125static void s_vProcessRxMACHeader(struct vnt_private *pDevice,
126 u8 *pbyRxBufferAddr, u32 cbPacketSize, int bIsWEP, int bExtIV,
127 u32 *pcbHeadSize)
92b96797 128{
45c73bb1
MP		 129 u8 *pbyRxBuffer;
130 u32 cbHeaderSize = 0;
131 u16 *pwType;
132 PS802_11Header pMACHeader;
133 int ii;
92b96797
FB		 134
135
136 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
137
138 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
139
140 if (bIsWEP) {
141 if (bExtIV) {
142 // strip IV&ExtIV , add 8 byte
143 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
144 } else {
145 // strip IV , add 4 byte
146 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
147 }
148 }
149 else {
150 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
151 };
152
153 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
4722a26c 154 if (!compare_ether_addr(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
92b96797 155 cbHeaderSize += 6;
4722a26c 156 } else if (!compare_ether_addr(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
92b96797
FB		 157 cbHeaderSize += 6;
158 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
aa209eef 159 if ((*pwType == cpu_to_be16(ETH_P_IPX)) ||
203e4615
AM		 160 (*pwType == cpu_to_le16(0xF380))) {
161 cbHeaderSize -= 8;
92b96797
FB		 162 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
163 if (bIsWEP) {
164 if (bExtIV) {
165 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
166 } else {
167 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
168 }
169 }
170 else {
171 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
172 }
173 }
174 }
175 else {
176 cbHeaderSize -= 2;
177 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
178 if (bIsWEP) {
179 if (bExtIV) {
180 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
181 } else {
182 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
183 }
184 }
185 else {
186 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
187 }
188 }
189
9a0e756c 190 cbHeaderSize -= (ETH_ALEN * 2);
92b96797 191 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
9a0e756c 192 for (ii = 0; ii < ETH_ALEN; ii++)
92b96797 193 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
9a0e756c 194 for (ii = 0; ii < ETH_ALEN; ii++)
92b96797
FB		 195 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
196
197 *pcbHeadSize = cbHeaderSize;
198}
199
200
201
202
592ccfeb 203static BYTE s_byGetRateIdx(BYTE byRate)
92b96797
FB		 204{
205 BYTE byRateIdx;
206
207 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
208 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
209 return byRateIdx;
210 }
211 return 0;
212}
213
214
215static
8611a29a 216void
92b96797 217s_vGetDASA (
592ccfeb 218 PBYTE pbyRxBufferAddr,
93a94c42 219 unsigned int *pcbHeaderSize,
6f8c13c7 220 PSEthernetHeader psEthHeader
92b96797
FB		 221 )
222{
cc856e61 223 unsigned int cbHeaderSize = 0;
9a0e756c
AM		 224 PS802_11Header pMACHeader;
225 int ii;
226
227 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
228
229 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
230 if (pMACHeader->wFrameCtl & FC_FROMDS) {
231 for (ii = 0; ii < ETH_ALEN; ii++) {
232 psEthHeader->abyDstAddr[ii] =
233 pMACHeader->abyAddr1[ii];
234 psEthHeader->abySrcAddr[ii] =
235 pMACHeader->abyAddr3[ii];
236 }
237 } else {
238 /* IBSS mode */
239 for (ii = 0; ii < ETH_ALEN; ii++) {
240 psEthHeader->abyDstAddr[ii] =
241 pMACHeader->abyAddr1[ii];
242 psEthHeader->abySrcAddr[ii] =
243 pMACHeader->abyAddr2[ii];
244 }
245 }
246 } else {
247 /* Is AP mode.. */
248 if (pMACHeader->wFrameCtl & FC_FROMDS) {
249 for (ii = 0; ii < ETH_ALEN; ii++) {
250 psEthHeader->abyDstAddr[ii] =
251 pMACHeader->abyAddr3[ii];
252 psEthHeader->abySrcAddr[ii] =
253 pMACHeader->abyAddr4[ii];
254 cbHeaderSize += 6;
255 }
256 } else {
257 for (ii = 0; ii < ETH_ALEN; ii++) {
258 psEthHeader->abyDstAddr[ii] =
259 pMACHeader->abyAddr3[ii];
260 psEthHeader->abySrcAddr[ii] =
261 pMACHeader->abyAddr2[ii];
262 }
263 }
264 };
92b96797
FB		 265 *pcbHeaderSize = cbHeaderSize;
266}
267
268
45c73bb1
MP		 269int RXbBulkInProcessData(struct vnt_private *pDevice, PRCB pRCB,
270 unsigned long BytesToIndicate)
92b96797 271{
45c73bb1
MP		 272 struct net_device_stats *pStats = &pDevice->stats;
273 struct sk_buff *skb;
274 struct vnt_manager *pMgmt = &pDevice->vnt_mgmt;
275 struct vnt_rx_mgmt *pRxPacket = &pMgmt->sRxPacket;
276 PS802_11Header p802_11Header;
277 u8 *pbyRsr, *pbyNewRsr, *pbyRSSI, *pbyFrame;
7c65fa2a 278 u64 *pqwTSFTime;
e269fc2d 279 u32 bDeFragRx = false;
45c73bb1 280 u32 cbHeaderOffset, cbIVOffset;
cf5d170e 281 u32 FrameSize;
45c73bb1
MP		 282 u16 wEtherType = 0;
283 s32 iSANodeIndex = -1, iDANodeIndex = -1;
284 int ii;
285 u8 *pbyRxSts, *pbyRxRate, *pbySQ, *pby3SQ;
286 u32 cbHeaderSize;
287 PSKeyItem pKey = NULL;
288 u16 wRxTSC15_0 = 0;
289 u32 dwRxTSC47_16 = 0;
290 SKeyItem STempKey;
291 /* signed long ldBm = 0; */
e269fc2d 292 int bIsWEP = false; int bExtIV = false;
cf5d170e 293 u32 dwWbkStatus;
45c73bb1
MP		 294 PRCB pRCBIndicate = pRCB;
295 u8 *pbyDAddress;
296 u16 *pwPLCP_Length;
297 u8 abyVaildRate[MAX_RATE]
298 = {2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
299 u16 wPLCPwithPadding;
300 PS802_11Header pMACHeader;
e269fc2d 301 int bRxeapol_key = false;
92b96797
FB		 302
303
304 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- RXbBulkInProcessData---\n");
305
306 skb = pRCB->skb;
307
cf5d170e
MP		 308 /* [31:16]RcvByteCount ( not include 4-byte Status ) */
309 dwWbkStatus = *((u32 *)(skb->data));
310 FrameSize = dwWbkStatus >> 16;
311 FrameSize += 4;
92b96797 312
cf5d170e
MP		 313 if (BytesToIndicate != FrameSize) {
314 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"------- WRONG Length 1\n");
e269fc2d 315 return false;
cf5d170e 316 }
92b96797 317
bd2bc4c7 318 if ((BytesToIndicate > 2372) || (BytesToIndicate <= 40)) {
92b96797 319 // Frame Size error drop this packet.
bd2bc4c7 320 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "---------- WRONG Length 2\n");
e269fc2d 321 return false;
92b96797
FB		 322 }
323
324 pbyDAddress = (PBYTE)(skb->data);
325 pbyRxSts = pbyDAddress+4;
326 pbyRxRate = pbyDAddress+5;
327
328 //real Frame Size = USBFrameSize -4WbkStatus - 4RxStatus - 8TSF - 4RSR - 4SQ3 - ?Padding
329 //if SQ3 the range is 24~27, if no SQ3 the range is 20~23
330 //real Frame size in PLCPLength field.
331 pwPLCP_Length = (PWORD) (pbyDAddress + 6);
332 //Fix hardware bug => PLCP_Length error
333 if ( ((BytesToIndicate - (*pwPLCP_Length)) > 27) ||
334 ((BytesToIndicate - (*pwPLCP_Length)) < 24) ||
335 (BytesToIndicate < (*pwPLCP_Length)) ) {
336
337 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong PLCP Length %x\n", (int) *pwPLCP_Length);
338 ASSERT(0);
e269fc2d 339 return false;
92b96797
FB		 340 }
341 for ( ii=RATE_1M;ii<MAX_RATE;ii++) {
342 if ( *pbyRxRate == abyVaildRate[ii] ) {
343 break;
344 }
345 }
346 if ( ii==MAX_RATE ) {
347 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong RxRate %x\n",(int) *pbyRxRate);
e269fc2d 348 return false;
92b96797
FB		 349 }
350
351 wPLCPwithPadding = ( (*pwPLCP_Length / 4) + ( (*pwPLCP_Length % 4) ? 1:0 ) ) *4;
352
7c65fa2a 353 pqwTSFTime = (u64 *)(pbyDAddress + 8 + wPLCPwithPadding);
92b96797
FB		 354 if(pDevice->byBBType == BB_TYPE_11G) {
355 pby3SQ = pbyDAddress + 8 + wPLCPwithPadding + 12;
356 pbySQ = pby3SQ;
357 }
358 else {
359 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
360 pby3SQ = pbySQ;
361 }
92b96797
FB		 362 pbyNewRsr = pbyDAddress + 8 + wPLCPwithPadding + 9;
363 pbyRSSI = pbyDAddress + 8 + wPLCPwithPadding + 10;
364 pbyRsr = pbyDAddress + 8 + wPLCPwithPadding + 11;
365
366 FrameSize = *pwPLCP_Length;
367
368 pbyFrame = pbyDAddress + 8;
369 // update receive statistic counter
370
371 STAvUpdateRDStatCounter(&pDevice->scStatistic,
372 *pbyRsr,
373 *pbyNewRsr,
374 *pbyRxSts,
375 *pbyRxRate,
376 pbyFrame,
377 FrameSize
378 );
379
380
381 pMACHeader = (PS802_11Header) pbyFrame;
382
383//mike add: to judge if current AP is activated?
384 if ((pMgmt->eCurrMode == WMAC_MODE_STANDBY) ||
385 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA)) {
386 if (pMgmt->sNodeDBTable[0].bActive) {
4722a26c 387 if (!compare_ether_addr(pMgmt->abyCurrBSSID, pMACHeader->abyAddr2)) {
92b96797
FB		 388 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
389 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
390 }
391 }
392 }
393
14fc4235 394 if (!is_multicast_ether_addr(pMACHeader->abyAddr1)) {
92b96797
FB		 395 if ( WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) pbyFrame) ) {
396 pDevice->s802_11Counter.FrameDuplicateCount++;
e269fc2d 397 return false;
92b96797
FB		 398 }
399
4722a26c
AM		 400 if (compare_ether_addr(pDevice->abyCurrentNetAddr,
401 pMACHeader->abyAddr1)) {
e269fc2d 402 return false;
92b96797
FB		 403 }
404 }
405
406
407 // Use for TKIP MIC
408 s_vGetDASA(pbyFrame, &cbHeaderSize, &pDevice->sRxEthHeader);
409
4722a26c
AM		 410 if (!compare_ether_addr((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]),
411 pDevice->abyCurrentNetAddr))
e269fc2d 412 return false;
92b96797
FB		 413
414 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
415 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
416 p802_11Header = (PS802_11Header) (pbyFrame);
417 // get SA NodeIndex
418 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
419 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
420 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
421 }
422 }
423 }
424
425 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
4e9b5e2b 426 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == true) {
e269fc2d 427 return false;
92b96797
FB		 428 }
429 }
430
431
432 if (IS_FC_WEP(pbyFrame)) {
e269fc2d 433 bool bRxDecryOK = false;
92b96797
FB		 434
435 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
4e9b5e2b 436 bIsWEP = true;
92b96797
FB		 437 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
438 pKey = &STempKey;
439 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
440 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
441 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
442 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
443 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
444 memcpy(pKey->abyKey,
445 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
446 pKey->uKeyLength
447 );
448
449 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
450 pbyFrame,
451 FrameSize,
452 pbyRsr,
453 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
454 pKey,
455 pbyNewRsr,
456 &bExtIV,
457 &wRxTSC15_0,
458 &dwRxTSC47_16);
459 } else {
460 bRxDecryOK = s_bHandleRxEncryption(pDevice,
461 pbyFrame,
462 FrameSize,
463 pbyRsr,
464 pbyNewRsr,
465 &pKey,
466 &bExtIV,
467 &wRxTSC15_0,
468 &dwRxTSC47_16);
469 }
470
471 if (bRxDecryOK) {
472 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
473 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
474 if ( (pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
475 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
476 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
477 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
478 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
479
480 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
481 pDevice->s802_11Counter.TKIPICVErrors++;
482 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
483 pDevice->s802_11Counter.CCMPDecryptErrors++;
484 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
485// pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
486 }
487 }
e269fc2d 488 return false;
92b96797
FB		 489 }
490 } else {
491 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
e269fc2d 492 return false;
92b96797
FB		 493 }
494 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
495 FrameSize -= 8; // Message Integrity Code
496 else
497 FrameSize -= 4; // 4 is ICV
498 }
499
500
501 //
502 // RX OK
503 //
abad19d0
AM		 504 /* remove the FCS/CRC length */
505 FrameSize -= ETH_FCS_LEN;
92b96797 506
8a3d91b0 507 if ( !(*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) && // unicast address
92b96797
FB		 508 (IS_FRAGMENT_PKT((pbyFrame)))
509 ) {
510 // defragment
511 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (pbyFrame), FrameSize, bIsWEP, bExtIV);
512 pDevice->s802_11Counter.ReceivedFragmentCount++;
513 if (bDeFragRx) {
514 // defrag complete
515 // TODO skb, pbyFrame
516 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
517 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
518 pbyFrame = skb->data + 8;
519 }
520 else {
e269fc2d 521 return false;
92b96797
FB		 522 }
523 }
524
525 //
526 // Management & Control frame Handle
527 //
e269fc2d 528 if ((IS_TYPE_DATA((pbyFrame))) == false) {
92b96797
FB		 529 // Handle Control & Manage Frame
530
531 if (IS_TYPE_MGMT((pbyFrame))) {
532 PBYTE pbyData1;
533 PBYTE pbyData2;
534
535 pRxPacket = &(pRCB->sMngPacket);
536 pRxPacket->p80211Header = (PUWLAN_80211HDR)(pbyFrame);
537 pRxPacket->cbMPDULen = FrameSize;
538 pRxPacket->uRSSI = *pbyRSSI;
539 pRxPacket->bySQ = *pbySQ;
7c65fa2a 540 pRxPacket->qwLocalTSF = cpu_to_le64(*pqwTSFTime);
92b96797
FB		 541 if (bIsWEP) {
542 // strip IV
543 pbyData1 = WLAN_HDR_A3_DATA_PTR(pbyFrame);
544 pbyData2 = WLAN_HDR_A3_DATA_PTR(pbyFrame) + 4;
545 for (ii = 0; ii < (FrameSize - 4); ii++) {
546 *pbyData1 = *pbyData2;
547 pbyData1++;
548 pbyData2++;
549 }
550 }
551
552 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
553
554 if ( *pbyRxSts == 0 ) {
555 //Discard beacon packet which channel is 0
556 if ( (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_BEACON) ||
557 (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_PROBERESP) ) {
e269fc2d 558 return false;
92b96797
FB		 559 }
560 }
561 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
562
563 // hostap Deamon handle 802.11 management
564 if (pDevice->bEnableHostapd) {
565 skb->dev = pDevice->apdev;
566 //skb->data += 4;
567 //skb->tail += 4;
568 skb->data += 8;
569 skb->tail += 8;
570 skb_put(skb, FrameSize);
d899d403 571 skb_reset_mac_header(skb);
92b96797
FB		 572 skb->pkt_type = PACKET_OTHERHOST;
573 skb->protocol = htons(ETH_P_802_2);
574 memset(skb->cb, 0, sizeof(skb->cb));
575 netif_rx(skb);
4e9b5e2b 576 return true;
92b96797
FB		 577 }
578
579 //
580 // Insert the RCB in the Recv Mng list
581 //
582 EnqueueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList, pRCBIndicate);
583 pDevice->NumRecvMngList++;
e269fc2d 584 if ( bDeFragRx == false) {
92b96797
FB		 585 pRCB->Ref++;
586 }
e269fc2d 587 if (pDevice->bIsRxMngWorkItemQueued == false) {
4e9b5e2b 588 pDevice->bIsRxMngWorkItemQueued = true;
92b96797
FB		 589 tasklet_schedule(&pDevice->RxMngWorkItem);
590 }
591
592 }
593 else {
594 // Control Frame
595 };
e269fc2d 596 return false;
92b96797
FB		 597 }
598 else {
599 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
600 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
8a3d91b0 601 if ( !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 602 if (bDeFragRx) {
603 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
604 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
605 pDevice->dev->name);
606 }
607 }
e269fc2d 608 return false;
92b96797
FB		 609 }
610 }
611 else {
612 // discard DATA packet while not associate || BSSID error
e269fc2d 613 if ((pDevice->bLinkPass == false) ||
8a3d91b0 614 !(*pbyRsr & RSR_BSSIDOK)) {
92b96797
FB		 615 if (bDeFragRx) {
616 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
617 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
618 pDevice->dev->name);
619 }
620 }
e269fc2d 621 return false;
92b96797
FB		 622 }
623 //mike add:station mode check eapol-key challenge--->
624 {
625 BYTE Protocol_Version; //802.1x Authentication
626 BYTE Packet_Type; //802.1x Authentication
627 BYTE Descriptor_type;
628 WORD Key_info;
629 if (bIsWEP)
630 cbIVOffset = 8;
631 else
632 cbIVOffset = 0;
633 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
634 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
635 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
636 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
637 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
638 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
639 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
4e9b5e2b 640 bRxeapol_key = true;
92b96797
FB		 641 Descriptor_type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2];
642 Key_info = (skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+1]<<8) |skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+2] ;
643 if(Descriptor_type==2) { //RSN
644 // printk("WPA2_Rx_eapol-key_info<-----:%x\n",Key_info);
645 }
646 else if(Descriptor_type==254) {
647 // printk("WPA_Rx_eapol-key_info<-----:%x\n",Key_info);
648 }
649 }
650 }
651 }
652 //mike add:station mode check eapol-key challenge<---
653 }
654 }
655
656
657// Data frame Handle
658
659
660 if (pDevice->bEnablePSMode) {
661 if (IS_FC_MOREDATA((pbyFrame))) {
8a3d91b0 662 if (*pbyRsr & RSR_ADDROK) {
92b96797
FB		 663 //PSbSendPSPOLL((PSDevice)pDevice);
664 }
665 }
666 else {
4e9b5e2b 667 if (pMgmt->bInTIMWake == true) {
e269fc2d 668 pMgmt->bInTIMWake = false;
92b96797
FB		 669 }
670 }
9fc86028 671 }
92b96797
FB		 672
673 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
674 if (pDevice->bDiversityEnable && (FrameSize>50) &&
675 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
4e9b5e2b 676 (pDevice->bLinkPass == true)) {
92b96797
FB		 677 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
678 }
679
680 // ++++++++ For BaseBand Algorithm +++++++++++++++
681 pDevice->uCurrRSSI = *pbyRSSI;
682 pDevice->byCurrSQ = *pbySQ;
683
684 // todo
685/*
686 if ((*pbyRSSI != 0) &&
687 (pMgmt->pCurrBSS!=NULL)) {
688 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
a0a1f61a 689 // Monitor if RSSI is too strong.
92b96797
FB		 690 pMgmt->pCurrBSS->byRSSIStatCnt++;
691 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
692 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
33d33e42
AM		 693 for (ii = 0; ii < RSSI_STAT_COUNT; ii++) {
694 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
695 pMgmt->pCurrBSS->ldBmMAX =
696 max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
697 }
92b96797
FB		 698 }
699 }
700*/
701
702
703 // -----------------------------------------------
704
4e9b5e2b 705 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == true)){
92b96797
FB		 706 BYTE abyMacHdr[24];
707
708 // Only 802.1x packet incoming allowed
709 if (bIsWEP)
710 cbIVOffset = 8;
711 else
712 cbIVOffset = 0;
713 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
714 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
715
716 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
717 if (wEtherType == ETH_P_PAE) {
718 skb->dev = pDevice->apdev;
719
4e9b5e2b 720 if (bIsWEP == true) {
92b96797
FB		 721 // strip IV header(8)
722 memcpy(&abyMacHdr[0], (skb->data + 8), 24);
723 memcpy((skb->data + 8 + cbIVOffset), &abyMacHdr[0], 24);
724 }
725
726 skb->data += (cbIVOffset + 8);
727 skb->tail += (cbIVOffset + 8);
728 skb_put(skb, FrameSize);
d899d403 729 skb_reset_mac_header(skb);
92b96797
FB		 730 skb->pkt_type = PACKET_OTHERHOST;
731 skb->protocol = htons(ETH_P_802_2);
732 memset(skb->cb, 0, sizeof(skb->cb));
733 netif_rx(skb);
4e9b5e2b 734 return true;
92b96797
FB		 735
736 }
737 // check if 802.1x authorized
738 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
e269fc2d 739 return false;
92b96797
FB		 740 }
741
742
743 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
744 if (bIsWEP) {
745 FrameSize -= 8; //MIC
746 }
747 }
748
749 //--------------------------------------------------------------------------------
750 // Soft MIC
751 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
752 if (bIsWEP) {
753 PDWORD pdwMIC_L;
754 PDWORD pdwMIC_R;
755 DWORD dwMIC_Priority;
756 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
757 DWORD dwLocalMIC_L = 0;
758 DWORD dwLocalMIC_R = 0;
92b96797
FB		 759
760
761 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
762 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
763 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
764 }
765 else {
766 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
767 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
768 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
769 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
770 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
771 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
772 } else {
773 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
774 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
775 }
776 }
777
778 MIC_vInit(dwMICKey0, dwMICKey1);
779 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
780 dwMIC_Priority = 0;
781 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
782 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
783 MIC_vAppend((PBYTE)(skb->data + 8 + WLAN_HDR_ADDR3_LEN + 8),
784 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
785 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
786 MIC_vUnInit();
787
788 pdwMIC_L = (PDWORD)(skb->data + 8 + FrameSize);
789 pdwMIC_R = (PDWORD)(skb->data + 8 + FrameSize + 4);
790
791
792 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
4e9b5e2b 793 (pDevice->bRxMICFail == true)) {
92b96797 794 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
e269fc2d 795 pDevice->bRxMICFail = false;
92b96797
FB		 796 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
797 pDevice->s802_11Counter.TKIPLocalMICFailures++;
798 if (bDeFragRx) {
799 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
800 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
801 pDevice->dev->name);
802 }
803 }
92b96797 804 //send event to wpa_supplicant
4e9b5e2b 805 //if(pDevice->bWPASuppWextEnabled == true)
92b96797
FB		 806 {
807 union iwreq_data wrqu;
808 struct iw_michaelmicfailure ev;
809 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
810 memset(&ev, 0, sizeof(ev));
811 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
812 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
813 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
814 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
815 ev.flags |= IW_MICFAILURE_PAIRWISE;
816 } else {
817 ev.flags |= IW_MICFAILURE_GROUP;
818 }
819
820 ev.src_addr.sa_family = ARPHRD_ETHER;
821 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
822 memset(&wrqu, 0, sizeof(wrqu));
823 wrqu.data.length = sizeof(ev);
824 PRINT_K("wireless_send_event--->IWEVMICHAELMICFAILURE\n");
825 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
826
827 }
92b96797 828
e269fc2d 829 return false;
92b96797
FB		 830
831 }
832 }
833 } //---end of SOFT MIC-----------------------------------------------------------------------
834
835 // ++++++++++ Reply Counter Check +++++++++++++
836
837 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
838 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
839 if (bIsWEP) {
840 WORD wLocalTSC15_0 = 0;
841 DWORD dwLocalTSC47_16 = 0;
cc856e61 842 unsigned long long RSC = 0;
92b96797 843 // endian issues
cc856e61 844 RSC = *((unsigned long long *) &(pKey->KeyRSC));
92b96797
FB		 845 wLocalTSC15_0 = (WORD) RSC;
846 dwLocalTSC47_16 = (DWORD) (RSC>>16);
847
848 RSC = dwRxTSC47_16;
849 RSC <<= 16;
850 RSC += wRxTSC15_0;
7c65fa2a 851 memcpy(&(pKey->KeyRSC), &RSC, sizeof(u64));
92b96797 852
14c5ef57
MP		 853 if (pDevice->vnt_mgmt.eCurrMode == WMAC_MODE_ESS_STA &&
854 pDevice->vnt_mgmt.eCurrState == WMAC_STATE_ASSOC) {
855 /* check RSC */
92b96797
FB		 856 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
857 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
858 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
859 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
860 if (pKey->byCipherSuite == KEY_CTL_TKIP)
861 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
862 pDevice->s802_11Counter.TKIPReplays++;
863 else
864 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
865 pDevice->s802_11Counter.CCMPReplays++;
866
867 if (bDeFragRx) {
868 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
869 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
870 pDevice->dev->name);
871 }
872 }
e269fc2d 873 return false;
92b96797
FB		 874 }
875 }
876 }
877 } // ----- End of Reply Counter Check --------------------------
878
879
880 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+8), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
881 FrameSize -= cbHeaderOffset;
882 cbHeaderOffset += 8; // 8 is Rcv buffer header
883
884 // Null data, framesize = 12
885 if (FrameSize < 12)
e269fc2d 886 return false;
92b96797
FB		 887
888 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
889 if (s_bAPModeRxData(pDevice,
890 skb,
891 FrameSize,
892 cbHeaderOffset,
893 iSANodeIndex,
894 iDANodeIndex
e269fc2d 895 ) == false) {
92b96797
FB		 896
897 if (bDeFragRx) {
898 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
899 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
900 pDevice->dev->name);
901 }
902 }
e269fc2d 903 return false;
92b96797
FB		 904 }
905
906 }
907
908 skb->data += cbHeaderOffset;
909 skb->tail += cbHeaderOffset;
910 skb_put(skb, FrameSize);
911 skb->protocol=eth_type_trans(skb, skb->dev);
912 skb->ip_summed=CHECKSUM_NONE;
913 pStats->rx_bytes +=skb->len;
914 pStats->rx_packets++;
915 netif_rx(skb);
916 if (bDeFragRx) {
917 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
918 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
919 pDevice->dev->name);
920 }
e269fc2d 921 return false;
92b96797
FB		 922 }
923
4e9b5e2b 924 return true;
92b96797
FB		 925}
926
45c73bb1
MP		 927static int s_bAPModeRxCtl(struct vnt_private *pDevice, u8 *pbyFrame,
928 s32 iSANodeIndex)
92b96797 929{
14c5ef57 930 struct vnt_manager *pMgmt = &pDevice->vnt_mgmt;
45c73bb1
MP		 931 PS802_11Header p802_11Header;
932 CMD_STATUS Status;
92b96797
FB		 933
934
935 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
936
937 p802_11Header = (PS802_11Header) (pbyFrame);
938 if (!IS_TYPE_MGMT(pbyFrame)) {
939
940 // Data & PS-Poll packet
941 // check frame class
942 if (iSANodeIndex > 0) {
943 // frame class 3 fliter & checking
944 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
945 // send deauth notification
946 // reason = (6) class 2 received from nonauth sta
947 vMgrDeAuthenBeginSta(pDevice,
948 pMgmt,
949 (PBYTE)(p802_11Header->abyAddr2),
950 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
951 &Status
952 );
953 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
4e9b5e2b 954 return true;
9fc86028 955 }
92b96797
FB		 956 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
957 // send deassoc notification
958 // reason = (7) class 3 received from nonassoc sta
959 vMgrDisassocBeginSta(pDevice,
960 pMgmt,
961 (PBYTE)(p802_11Header->abyAddr2),
962 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
963 &Status
964 );
965 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
4e9b5e2b 966 return true;
9fc86028 967 }
92b96797
FB		 968
969 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
970 // delcare received ps-poll event
971 if (IS_CTL_PSPOLL(pbyFrame)) {
4e9b5e2b 972 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = true;
0cbd8d98
AM		 973 bScheduleCommand((void *) pDevice,
974 WLAN_CMD_RX_PSPOLL,
975 NULL);
92b96797
FB		 976 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
977 }
978 else {
979 // check Data PS state
980 // if PW bit off, send out all PS bufferring packets.
981 if (!IS_FC_POWERMGT(pbyFrame)) {
e269fc2d 982 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = false;
4e9b5e2b 983 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = true;
0cbd8d98
AM		 984 bScheduleCommand((void *) pDevice,
985 WLAN_CMD_RX_PSPOLL,
986 NULL);
92b96797
FB		 987 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
988 }
989 }
990 }
991 else {
992 if (IS_FC_POWERMGT(pbyFrame)) {
4e9b5e2b 993 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = true;
92b96797 994 // Once if STA in PS state, enable multicast bufferring
4e9b5e2b 995 pMgmt->sNodeDBTable[0].bPSEnable = true;
92b96797
FB		 996 }
997 else {
998 // clear all pending PS frame.
999 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
e269fc2d 1000 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = false;
4e9b5e2b 1001 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = true;
0cbd8d98
AM		 1002 bScheduleCommand((void *) pDevice,
1003 WLAN_CMD_RX_PSPOLL,
1004 NULL);
92b96797
FB		 1005 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1006
1007 }
1008 }
1009 }
1010 }
1011 else {
1012 vMgrDeAuthenBeginSta(pDevice,
1013 pMgmt,
1014 (PBYTE)(p802_11Header->abyAddr2),
1015 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1016 &Status
1017 );
1018 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
d6a32aa1
AS		 1019 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%pM\n",
1020 p802_11Header->abyAddr3);
1021 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%pM\n",
1022 p802_11Header->abyAddr2);
1023 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%pM\n",
1024 p802_11Header->abyAddr1);
92b96797 1025 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
4e9b5e2b 1026 return true;
92b96797
FB		 1027 }
1028 }
1029 }
e269fc2d 1030 return false;
92b96797
FB		 1031
1032}
1033
45c73bb1
MP		 1034static int s_bHandleRxEncryption(struct vnt_private *pDevice, u8 *pbyFrame,
1035 u32 FrameSize, u8 *pbyRsr, u8 *pbyNewRsr, PSKeyItem *pKeyOut,
1036 s32 *pbExtIV, u16 *pwRxTSC15_0, u32 *pdwRxTSC47_16)
92b96797 1037{
45c73bb1
MP		 1038 struct vnt_manager *pMgmt = &pDevice->vnt_mgmt;
1039 u32 PayloadLen = FrameSize;
1040 u8 *pbyIV;
1041 u8 byKeyIdx;
1042 PSKeyItem pKey = NULL;
1043 u8 byDecMode = KEY_CTL_WEP;
92b96797
FB		 1044
1045
1046 *pwRxTSC15_0 = 0;
1047 *pdwRxTSC47_16 = 0;
1048
1049 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1050 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1051 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1052 pbyIV += 6; // 6 is 802.11 address4
1053 PayloadLen -= 6;
1054 }
1055 byKeyIdx = (*(pbyIV+3) & 0xc0);
1056 byKeyIdx >>= 6;
1057 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1058
1059 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1060 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1061 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1062 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1063 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1064 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1065 (pMgmt->byCSSPK != KEY_CTL_NONE)) {
1066 // unicast pkt use pairwise key
1067 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
4e9b5e2b 1068 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == true) {
92b96797
FB		 1069 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
1070 byDecMode = KEY_CTL_TKIP;
1071 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
1072 byDecMode = KEY_CTL_CCMP;
1073 }
1074 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1075 } else {
1076 // use group key
1077 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1078 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1079 byDecMode = KEY_CTL_TKIP;
1080 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1081 byDecMode = KEY_CTL_CCMP;
1082 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1083 }
1084 }
1085 // our WEP only support Default Key
1086 if (pKey == NULL) {
1087 // use default group key
1088 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1089 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1090 byDecMode = KEY_CTL_TKIP;
1091 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1092 byDecMode = KEY_CTL_CCMP;
1093 }
1094 *pKeyOut = pKey;
1095
1096 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1097
1098 if (pKey == NULL) {
1099 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1100 if (byDecMode == KEY_CTL_WEP) {
1101// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
4e9b5e2b 1102 } else if (pDevice->bLinkPass == true) {
92b96797
FB		 1103// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1104 }
e269fc2d 1105 return false;
92b96797
FB		 1106 }
1107 if (byDecMode != pKey->byCipherSuite) {
1108 if (byDecMode == KEY_CTL_WEP) {
1109// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
4e9b5e2b 1110 } else if (pDevice->bLinkPass == true) {
92b96797
FB		 1111// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1112 }
1113 *pKeyOut = NULL;
e269fc2d 1114 return false;
92b96797
FB		 1115 }
1116 if (byDecMode == KEY_CTL_WEP) {
1117 // handle WEP
1118 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
4e9b5e2b 1119 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == true)) {
92b96797
FB		 1120 // Software WEP
1121 // 1. 3253A
1122 // 2. WEP 256
1123
1124 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1125 memcpy(pDevice->abyPRNG, pbyIV, 3);
1126 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1127 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1128 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1129
1130 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1131 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1132 }
1133 }
1134 } else if ((byDecMode == KEY_CTL_TKIP) ||
1135 (byDecMode == KEY_CTL_CCMP)) {
1136 // TKIP/AES
1137
1138 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1139 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
b4dc03af 1140 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %x\n", *pdwRxTSC47_16);
92b96797
FB		 1141 if (byDecMode == KEY_CTL_TKIP) {
1142 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1143 } else {
1144 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1145 }
1146 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1147
1148 if ((byDecMode == KEY_CTL_TKIP) &&
1149 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1150 // Software TKIP
1151 // 1. 3253 A
1152 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1153 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1154 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1155 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1156 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1157 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1158 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1159 } else {
1160 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1161 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1162 }
1163 }
1164 }// end of TKIP/AES
1165
1166 if ((*(pbyIV+3) & 0x20) != 0)
4e9b5e2b
AM		 1167 *pbExtIV = true;
1168 return true;
92b96797
FB		 1169}
1170
45c73bb1
MP		 1171static int s_bHostWepRxEncryption(struct vnt_private *pDevice, u8 *pbyFrame,
1172 u32 FrameSize, u8 *pbyRsr, int bOnFly, PSKeyItem pKey, u8 *pbyNewRsr,
1173 s32 *pbExtIV, u16 *pwRxTSC15_0, u32 *pdwRxTSC47_16)
92b96797 1174{
45c73bb1
MP		 1175 struct vnt_manager *pMgmt = &pDevice->vnt_mgmt;
1176 PS802_11Header pMACHeader;
1177 u32 PayloadLen = FrameSize;
1178 u8 *pbyIV;
1179 u8 byKeyIdx;
1180 u8 byDecMode = KEY_CTL_WEP;
92b96797 1181
45c73bb1
MP		 1182 *pwRxTSC15_0 = 0;
1183 *pdwRxTSC47_16 = 0;
92b96797
FB		 1184
1185 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1186 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1187 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1188 pbyIV += 6; // 6 is 802.11 address4
1189 PayloadLen -= 6;
1190 }
1191 byKeyIdx = (*(pbyIV+3) & 0xc0);
1192 byKeyIdx >>= 6;
1193 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1194
1195
1196 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1197 byDecMode = KEY_CTL_TKIP;
1198 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1199 byDecMode = KEY_CTL_CCMP;
1200
1201 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1202
1203 if (byDecMode != pKey->byCipherSuite) {
1204 if (byDecMode == KEY_CTL_WEP) {
1205// pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
4e9b5e2b 1206 } else if (pDevice->bLinkPass == true) {
92b96797
FB		 1207// pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1208 }
e269fc2d 1209 return false;
92b96797
FB		 1210 }
1211
1212 if (byDecMode == KEY_CTL_WEP) {
1213 // handle WEP
eb304bdd 1214 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP\n");
92b96797 1215 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
4e9b5e2b 1216 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == true) ||
e269fc2d 1217 (bOnFly == false)) {
92b96797
FB		 1218 // Software WEP
1219 // 1. 3253A
1220 // 2. WEP 256
1221 // 3. NotOnFly
1222
1223 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
3e362598
JL		 1224 memcpy(pDevice->abyPRNG, pbyIV, 3);
1225 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
92b96797
FB		 1226 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1227 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1228
1229 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1230 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1231 }
1232 }
1233 } else if ((byDecMode == KEY_CTL_TKIP) ||
1234 (byDecMode == KEY_CTL_CCMP)) {
1235 // TKIP/AES
1236
1237 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1238 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
b4dc03af 1239 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %x\n", *pdwRxTSC47_16);
92b96797
FB		 1240
1241 if (byDecMode == KEY_CTL_TKIP) {
1242 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1243 } else {
1244 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1245 }
1246 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1247
1248 if (byDecMode == KEY_CTL_TKIP) {
1249
e269fc2d 1250 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == false)) {
92b96797
FB		 1251 // Software TKIP
1252 // 1. 3253 A
1253 // 2. NotOnFly
1254 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1255 pMACHeader = (PS802_11Header) (pbyFrame);
1256 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1257 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1258 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1259 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1260 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1261 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1262 } else {
1263 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1264 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1265 }
1266 }
1267 }
1268
1269 if (byDecMode == KEY_CTL_CCMP) {
e269fc2d 1270 if (bOnFly == false) {
92b96797
FB		 1271 // Software CCMP
1272 // NotOnFly
1273 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1274 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1275 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1276 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1277 } else {
1278 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1279 }
1280 }
1281 }
1282
1283 }// end of TKIP/AES
1284
1285 if ((*(pbyIV+3) & 0x20) != 0)
4e9b5e2b
AM		 1286 *pbExtIV = true;
1287 return true;
92b96797
FB		 1288}
1289
45c73bb1
MP		 1290static int s_bAPModeRxData(struct vnt_private *pDevice, struct sk_buff *skb,
1291 u32 FrameSize, u32 cbHeaderOffset, s32 iSANodeIndex, s32 iDANodeIndex)
92b96797 1292{
45c73bb1
MP		 1293 struct sk_buff *skbcpy;
1294 struct vnt_manager *pMgmt = &pDevice->vnt_mgmt;
e269fc2d
AM		 1295 int bRelayAndForward = false;
1296 int bRelayOnly = false;
45c73bb1
MP		 1297 u8 byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1298 u16 wAID;
92b96797 1299
92b96797
FB		 1300
1301 if (FrameSize > CB_MAX_BUF_SIZE)
e269fc2d 1302 return false;
92b96797 1303 // check DA
4b50fb40 1304 if (is_multicast_ether_addr((PBYTE)(skb->data+cbHeaderOffset))) {
92b96797
FB		 1305 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1306
1307 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1308
1309 // if any node in PS mode, buffer packet until DTIM.
1310 if (skbcpy == NULL) {
1311 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1312 }
1313 else {
1314 skbcpy->dev = pDevice->dev;
1315 skbcpy->len = FrameSize;
1316 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1317 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1318 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1319 // set tx map
1320 pMgmt->abyPSTxMap[0] |= byMask[0];
1321 }
1322 }
1323 else {
4e9b5e2b 1324 bRelayAndForward = true;
92b96797
FB		 1325 }
1326 }
1327 else {
1328 // check if relay
1329 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1330 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1331 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1332 // queue this skb until next PS tx, and then release.
1333
1334 skb->data += cbHeaderOffset;
1335 skb->tail += cbHeaderOffset;
1336 skb_put(skb, FrameSize);
1337 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1338
1339 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1340 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1341 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1342 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1343 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
4e9b5e2b 1344 return true;
92b96797
FB		 1345 }
1346 else {
4e9b5e2b 1347 bRelayOnly = true;
92b96797
FB		 1348 }
1349 }
9fc86028 1350 }
92b96797
FB		 1351 }
1352
1353 if (bRelayOnly || bRelayAndForward) {
1354 // relay this packet right now
1355 if (bRelayAndForward)
1356 iDANodeIndex = 0;
1357
1358 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
cc856e61
AM		 1359 bRelayPacketSend(pDevice, (PBYTE) (skb->data + cbHeaderOffset),
1360 FrameSize, (unsigned int) iDANodeIndex);
92b96797
FB		 1361 }
1362
1363 if (bRelayOnly)
e269fc2d 1364 return false;
92b96797
FB		 1365 }
1366 // none associate, don't forward
1367 if (pDevice->uAssocCount == 0)
e269fc2d 1368 return false;
92b96797 1369
4e9b5e2b 1370 return true;
92b96797
FB		 1371}
1372
1373
1374
1375
45c73bb1 1376void RXvWorkItem(struct vnt_private *pDevice)
92b96797 1377{
45c73bb1
MP		 1378 int ntStatus;
1379 PRCB pRCB = NULL;
92b96797
FB		 1380
1381 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Polling Thread\n");
1382 spin_lock_irq(&pDevice->lock);
731047f9
AM		 1383
1384 while ((pDevice->Flags & fMP_POST_READS) &&
92b96797
FB		 1385 MP_IS_READY(pDevice) &&
1386 (pDevice->NumRecvFreeList != 0) ) {
1387 pRCB = pDevice->FirstRecvFreeList;
1388 pDevice->NumRecvFreeList--;
1389 ASSERT(pRCB);// cannot be NULL
1390 DequeueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList);
1391 ntStatus = PIPEnsBulkInUsbRead(pDevice, pRCB);
1392 }
e269fc2d 1393 pDevice->bIsRxWorkItemQueued = false;
92b96797
FB		 1394 spin_unlock_irq(&pDevice->lock);
1395
1396}
1397
1398
45c73bb1 1399void RXvFreeRCB(PRCB pRCB, int bReAllocSkb)
92b96797 1400{
45c73bb1 1401 struct vnt_private *pDevice = pRCB->pDevice;
92b96797
FB		 1402
1403
1404 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->RXvFreeRCB\n");
1405
1406 ASSERT(!pRCB->Ref); // should be 0
1407 ASSERT(pRCB->pDevice); // shouldn't be NULL
1408
e269fc2d 1409 if (bReAllocSkb == false) {
28044e01 1410 kfree_skb(pRCB->skb);
4e9b5e2b 1411 bReAllocSkb = true;
28044e01
MP		 1412 }
1413
4e9b5e2b 1414 if (bReAllocSkb == true) {
92b96797
FB		 1415 pRCB->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1416 // todo error handling
1417 if (pRCB->skb == NULL) {
1418 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR" Failed to re-alloc rx skb\n");
1419 }else {
1420 pRCB->skb->dev = pDevice->dev;
1421 }
1422 }
1423 //
1424 // Insert the RCB back in the Recv free list
1425 //
1426 EnqueueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList, pRCB);
1427 pDevice->NumRecvFreeList++;
1428
1429
731047f9 1430 if ((pDevice->Flags & fMP_POST_READS) && MP_IS_READY(pDevice) &&
e269fc2d 1431 (pDevice->bIsRxWorkItemQueued == false) ) {
92b96797 1432
4e9b5e2b 1433 pDevice->bIsRxWorkItemQueued = true;
92b96797
FB		 1434 tasklet_schedule(&pDevice->ReadWorkItem);
1435 }
1436 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"<----RXFreeRCB %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1437}
1438
1439
45c73bb1 1440void RXvMngWorkItem(struct vnt_private *pDevice)
92b96797 1441{
45c73bb1
MP		 1442 PRCB pRCB = NULL;
1443 struct vnt_rx_mgmt *pRxPacket;
e269fc2d 1444 int bReAllocSkb = false;
92b96797
FB		 1445
1446 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Mng Thread\n");
1447
1448 spin_lock_irq(&pDevice->lock);
1449 while (pDevice->NumRecvMngList!=0)
1450 {
1451 pRCB = pDevice->FirstRecvMngList;
1452 pDevice->NumRecvMngList--;
1453 DequeueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList);
1454 if(!pRCB){
1455 break;
1456 }
1457 ASSERT(pRCB);// cannot be NULL
1458 pRxPacket = &(pRCB->sMngPacket);
14c5ef57 1459 vMgrRxManagePacket(pDevice, &pDevice->vnt_mgmt, pRxPacket);
92b96797
FB		 1460 pRCB->Ref--;
1461 if(pRCB->Ref == 0) {
1462 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RxvFreeMng %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1463 RXvFreeRCB(pRCB, bReAllocSkb);
1464 } else {
1465 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Rx Mng Only we have the right to free RCB\n");
1466 }
1467 }
1468
e269fc2d 1469 pDevice->bIsRxMngWorkItemQueued = false;
ba5c2b3d 1470 spin_unlock_irq(&pDevice->lock);
92b96797
FB		 1471
1472}
1473
1474
Linux kernel - Deliverables
This page took 0.44766 seconds and 5 git commands to generate.