1 /****************************************************************************** 2 3 Copyright(c) 2003 - 2005 Intel Corporation. All rights reserved. 4 5 This program is free software; you can redistribute it and/or modify it 6 under the terms of version 2 of the GNU General Public License as 7 published by the Free Software Foundation. 8 9 This program is distributed in the hope that it will be useful, but WITHOUT 10 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 12 more details. 13 14 You should have received a copy of the GNU General Public License along with 15 this program; if not, write to the Free Software Foundation, Inc., 59 16 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 17 18 The full GNU General Public License is included in this distribution in the 19 file called LICENSE. 20 21 Contact Information: 22 Intel Linux Wireless <ilw@linux.intel.com> 23 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 24 25 ******************************************************************************/ 26 #include <linux/compiler.h> 27 #include <linux/errno.h> 28 #include <linux/if_arp.h> 29 #include <linux/in6.h> 30 #include <linux/in.h> 31 #include <linux/ip.h> 32 #include <linux/kernel.h> 33 #include <linux/module.h> 34 #include <linux/netdevice.h> 35 #include <linux/proc_fs.h> 36 #include <linux/skbuff.h> 37 #include <linux/slab.h> 38 #include <linux/tcp.h> 39 #include <linux/types.h> 40 #include <linux/wireless.h> 41 #include <linux/etherdevice.h> 42 #include <linux/uaccess.h> 43 44 #include "libipw.h" 45 46 /* 47 48 802.11 Data Frame 49 50 ,-------------------------------------------------------------------. 51 Bytes | 2 | 2 | 6 | 6 | 6 | 2 | 0..2312 | 4 | 52 |------|------|---------|---------|---------|------|---------|------| 53 Desc. | ctrl | dura | DA/RA | TA | SA | Sequ | Frame | fcs | 54 | | tion | (BSSID) | | | ence | data | | 55 `--------------------------------------------------| |------' 56 Total: 28 non-data bytes `----.----' 57 | 58 .- 'Frame data' expands, if WEP enabled, to <----------' 59 | 60 V 61 ,-----------------------. 62 Bytes | 4 | 0-2296 | 4 | 63 |-----|-----------|-----| 64 Desc. | IV | Encrypted | ICV | 65 | | Packet | | 66 `-----| |-----' 67 `-----.-----' 68 | 69 .- 'Encrypted Packet' expands to 70 | 71 V 72 ,---------------------------------------------------. 73 Bytes | 1 | 1 | 1 | 3 | 2 | 0-2304 | 74 |------|------|---------|----------|------|---------| 75 Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP | 76 | DSAP | SSAP | | | | Packet | 77 | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8| | | 78 `---------------------------------------------------- 79 Total: 8 non-data bytes 80 81 802.3 Ethernet Data Frame 82 83 ,-----------------------------------------. 84 Bytes | 6 | 6 | 2 | Variable | 4 | 85 |-------|-------|------|-----------|------| 86 Desc. | Dest. | Source| Type | IP Packet | fcs | 87 | MAC | MAC | | | | 88 `-----------------------------------------' 89 Total: 18 non-data bytes 90 91 In the event that fragmentation is required, the incoming payload is split into 92 N parts of size ieee->fts. The first fragment contains the SNAP header and the 93 remaining packets are just data. 94 95 If encryption is enabled, each fragment payload size is reduced by enough space 96 to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP) 97 So if you have 1500 bytes of payload with ieee->fts set to 500 without 98 encryption it will take 3 frames. With WEP it will take 4 frames as the 99 payload of each frame is reduced to 492 bytes. 100 101 * SKB visualization 102 * 103 * ,- skb->data 104 * | 105 * | ETHERNET HEADER ,-<-- PAYLOAD 106 * | | 14 bytes from skb->data 107 * | 2 bytes for Type --> ,T. | (sizeof ethhdr) 108 * | | | | 109 * |,-Dest.--. ,--Src.---. | | | 110 * | 6 bytes| | 6 bytes | | | | 111 * v | | | | | | 112 * 0 | v 1 | v | v 2 113 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 114 * ^ | ^ | ^ | 115 * | | | | | | 116 * | | | | `T' <---- 2 bytes for Type 117 * | | | | 118 * | | '---SNAP--' <-------- 6 bytes for SNAP 119 * | | 120 * `-IV--' <-------------------- 4 bytes for IV (WEP) 121 * 122 * SNAP HEADER 123 * 124 */ 125 126 static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 }; 127 static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 }; 128 129 static int libipw_copy_snap(u8 * data, __be16 h_proto) 130 { 131 struct libipw_snap_hdr *snap; 132 u8 *oui; 133 134 snap = (struct libipw_snap_hdr *)data; 135 snap->dsap = 0xaa; 136 snap->ssap = 0xaa; 137 snap->ctrl = 0x03; 138 139 if (h_proto == htons(ETH_P_AARP) || h_proto == htons(ETH_P_IPX)) 140 oui = P802_1H_OUI; 141 else 142 oui = RFC1042_OUI; 143 snap->oui[0] = oui[0]; 144 snap->oui[1] = oui[1]; 145 snap->oui[2] = oui[2]; 146 147 memcpy(data + SNAP_SIZE, &h_proto, sizeof(u16)); 148 149 return SNAP_SIZE + sizeof(u16); 150 } 151 152 static int libipw_encrypt_fragment(struct libipw_device *ieee, 153 struct sk_buff *frag, int hdr_len) 154 { 155 struct lib80211_crypt_data *crypt = 156 ieee->crypt_info.crypt[ieee->crypt_info.tx_keyidx]; 157 int res; 158 159 if (crypt == NULL) 160 return -1; 161 162 /* To encrypt, frame format is: 163 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */ 164 atomic_inc(&crypt->refcnt); 165 res = 0; 166 if (crypt->ops && crypt->ops->encrypt_mpdu) 167 res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv); 168 169 atomic_dec(&crypt->refcnt); 170 if (res < 0) { 171 printk(KERN_INFO "%s: Encryption failed: len=%d.\n", 172 ieee->dev->name, frag->len); 173 ieee->ieee_stats.tx_discards++; 174 return -1; 175 } 176 177 return 0; 178 } 179 180 void libipw_txb_free(struct libipw_txb *txb) 181 { 182 int i; 183 if (unlikely(!txb)) 184 return; 185 for (i = 0; i < txb->nr_frags; i++) 186 if (txb->fragments[i]) 187 dev_kfree_skb_any(txb->fragments[i]); 188 kfree(txb); 189 } 190 191 static struct libipw_txb *libipw_alloc_txb(int nr_frags, int txb_size, 192 int headroom, gfp_t gfp_mask) 193 { 194 struct libipw_txb *txb; 195 int i; 196 txb = kmalloc(sizeof(struct libipw_txb) + (sizeof(u8 *) * nr_frags), 197 gfp_mask); 198 if (!txb) 199 return NULL; 200 201 memset(txb, 0, sizeof(struct libipw_txb)); 202 txb->nr_frags = nr_frags; 203 txb->frag_size = txb_size; 204 205 for (i = 0; i < nr_frags; i++) { 206 txb->fragments[i] = __dev_alloc_skb(txb_size + headroom, 207 gfp_mask); 208 if (unlikely(!txb->fragments[i])) { 209 i--; 210 break; 211 } 212 skb_reserve(txb->fragments[i], headroom); 213 } 214 if (unlikely(i != nr_frags)) { 215 while (i >= 0) 216 dev_kfree_skb_any(txb->fragments[i--]); 217 kfree(txb); 218 return NULL; 219 } 220 return txb; 221 } 222 223 static int libipw_classify(struct sk_buff *skb) 224 { 225 struct ethhdr *eth; 226 struct iphdr *ip; 227 228 eth = (struct ethhdr *)skb->data; 229 if (eth->h_proto != htons(ETH_P_IP)) 230 return 0; 231 232 ip = ip_hdr(skb); 233 switch (ip->tos & 0xfc) { 234 case 0x20: 235 return 2; 236 case 0x40: 237 return 1; 238 case 0x60: 239 return 3; 240 case 0x80: 241 return 4; 242 case 0xa0: 243 return 5; 244 case 0xc0: 245 return 6; 246 case 0xe0: 247 return 7; 248 default: 249 return 0; 250 } 251 } 252 253 /* Incoming skb is converted to a txb which consists of 254 * a block of 802.11 fragment packets (stored as skbs) */ 255 netdev_tx_t libipw_xmit(struct sk_buff *skb, struct net_device *dev) 256 { 257 struct libipw_device *ieee = netdev_priv(dev); 258 struct libipw_txb *txb = NULL; 259 struct libipw_hdr_3addrqos *frag_hdr; 260 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size, 261 rts_required; 262 unsigned long flags; 263 int encrypt, host_encrypt, host_encrypt_msdu; 264 __be16 ether_type; 265 int bytes, fc, hdr_len; 266 struct sk_buff *skb_frag; 267 struct libipw_hdr_3addrqos header = {/* Ensure zero initialized */ 268 .duration_id = 0, 269 .seq_ctl = 0, 270 .qos_ctl = 0 271 }; 272 u8 dest[ETH_ALEN], src[ETH_ALEN]; 273 struct lib80211_crypt_data *crypt; 274 int priority = skb->priority; 275 int snapped = 0; 276 277 if (ieee->is_queue_full && (*ieee->is_queue_full) (dev, priority)) 278 return NETDEV_TX_BUSY; 279 280 spin_lock_irqsave(&ieee->lock, flags); 281 282 /* If there is no driver handler to take the TXB, dont' bother 283 * creating it... */ 284 if (!ieee->hard_start_xmit) { 285 printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name); 286 goto success; 287 } 288 289 if (unlikely(skb->len < SNAP_SIZE + sizeof(u16))) { 290 printk(KERN_WARNING "%s: skb too small (%d).\n", 291 ieee->dev->name, skb->len); 292 goto success; 293 } 294 295 ether_type = ((struct ethhdr *)skb->data)->h_proto; 296 297 crypt = ieee->crypt_info.crypt[ieee->crypt_info.tx_keyidx]; 298 299 encrypt = !(ether_type == htons(ETH_P_PAE) && ieee->ieee802_1x) && 300 ieee->sec.encrypt; 301 302 host_encrypt = ieee->host_encrypt && encrypt && crypt; 303 host_encrypt_msdu = ieee->host_encrypt_msdu && encrypt && crypt; 304 305 if (!encrypt && ieee->ieee802_1x && 306 ieee->drop_unencrypted && ether_type != htons(ETH_P_PAE)) { 307 dev->stats.tx_dropped++; 308 goto success; 309 } 310 311 /* Save source and destination addresses */ 312 skb_copy_from_linear_data(skb, dest, ETH_ALEN); 313 skb_copy_from_linear_data_offset(skb, ETH_ALEN, src, ETH_ALEN); 314 315 if (host_encrypt) 316 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA | 317 IEEE80211_FCTL_PROTECTED; 318 else 319 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA; 320 321 if (ieee->iw_mode == IW_MODE_INFRA) { 322 fc |= IEEE80211_FCTL_TODS; 323 /* To DS: Addr1 = BSSID, Addr2 = SA, Addr3 = DA */ 324 memcpy(header.addr1, ieee->bssid, ETH_ALEN); 325 memcpy(header.addr2, src, ETH_ALEN); 326 memcpy(header.addr3, dest, ETH_ALEN); 327 } else if (ieee->iw_mode == IW_MODE_ADHOC) { 328 /* not From/To DS: Addr1 = DA, Addr2 = SA, Addr3 = BSSID */ 329 memcpy(header.addr1, dest, ETH_ALEN); 330 memcpy(header.addr2, src, ETH_ALEN); 331 memcpy(header.addr3, ieee->bssid, ETH_ALEN); 332 } 333 hdr_len = LIBIPW_3ADDR_LEN; 334 335 if (ieee->is_qos_active && ieee->is_qos_active(dev, skb)) { 336 fc |= IEEE80211_STYPE_QOS_DATA; 337 hdr_len += 2; 338 339 skb->priority = libipw_classify(skb); 340 header.qos_ctl |= cpu_to_le16(skb->priority & LIBIPW_QCTL_TID); 341 } 342 header.frame_ctl = cpu_to_le16(fc); 343 344 /* Advance the SKB to the start of the payload */ 345 skb_pull(skb, sizeof(struct ethhdr)); 346 347 /* Determine total amount of storage required for TXB packets */ 348 bytes = skb->len + SNAP_SIZE + sizeof(u16); 349 350 /* Encrypt msdu first on the whole data packet. */ 351 if ((host_encrypt || host_encrypt_msdu) && 352 crypt && crypt->ops && crypt->ops->encrypt_msdu) { 353 int res = 0; 354 int len = bytes + hdr_len + crypt->ops->extra_msdu_prefix_len + 355 crypt->ops->extra_msdu_postfix_len; 356 struct sk_buff *skb_new = dev_alloc_skb(len); 357 358 if (unlikely(!skb_new)) 359 goto failed; 360 361 skb_reserve(skb_new, crypt->ops->extra_msdu_prefix_len); 362 skb_put_data(skb_new, &header, hdr_len); 363 snapped = 1; 364 libipw_copy_snap(skb_put(skb_new, SNAP_SIZE + sizeof(u16)), 365 ether_type); 366 skb_copy_from_linear_data(skb, skb_put(skb_new, skb->len), skb->len); 367 res = crypt->ops->encrypt_msdu(skb_new, hdr_len, crypt->priv); 368 if (res < 0) { 369 LIBIPW_ERROR("msdu encryption failed\n"); 370 dev_kfree_skb_any(skb_new); 371 goto failed; 372 } 373 dev_kfree_skb_any(skb); 374 skb = skb_new; 375 bytes += crypt->ops->extra_msdu_prefix_len + 376 crypt->ops->extra_msdu_postfix_len; 377 skb_pull(skb, hdr_len); 378 } 379 380 if (host_encrypt || ieee->host_open_frag) { 381 /* Determine fragmentation size based on destination (multicast 382 * and broadcast are not fragmented) */ 383 if (is_multicast_ether_addr(dest) || 384 is_broadcast_ether_addr(dest)) 385 frag_size = MAX_FRAG_THRESHOLD; 386 else 387 frag_size = ieee->fts; 388 389 /* Determine amount of payload per fragment. Regardless of if 390 * this stack is providing the full 802.11 header, one will 391 * eventually be affixed to this fragment -- so we must account 392 * for it when determining the amount of payload space. */ 393 bytes_per_frag = frag_size - hdr_len; 394 if (ieee->config & 395 (CFG_LIBIPW_COMPUTE_FCS | CFG_LIBIPW_RESERVE_FCS)) 396 bytes_per_frag -= LIBIPW_FCS_LEN; 397 398 /* Each fragment may need to have room for encryption 399 * pre/postfix */ 400 if (host_encrypt) 401 bytes_per_frag -= crypt->ops->extra_mpdu_prefix_len + 402 crypt->ops->extra_mpdu_postfix_len; 403 404 /* Number of fragments is the total 405 * bytes_per_frag / payload_per_fragment */ 406 nr_frags = bytes / bytes_per_frag; 407 bytes_last_frag = bytes % bytes_per_frag; 408 if (bytes_last_frag) 409 nr_frags++; 410 else 411 bytes_last_frag = bytes_per_frag; 412 } else { 413 nr_frags = 1; 414 bytes_per_frag = bytes_last_frag = bytes; 415 frag_size = bytes + hdr_len; 416 } 417 418 rts_required = (frag_size > ieee->rts 419 && ieee->config & CFG_LIBIPW_RTS); 420 if (rts_required) 421 nr_frags++; 422 423 /* When we allocate the TXB we allocate enough space for the reserve 424 * and full fragment bytes (bytes_per_frag doesn't include prefix, 425 * postfix, header, FCS, etc.) */ 426 txb = libipw_alloc_txb(nr_frags, frag_size, 427 ieee->tx_headroom, GFP_ATOMIC); 428 if (unlikely(!txb)) { 429 printk(KERN_WARNING "%s: Could not allocate TXB\n", 430 ieee->dev->name); 431 goto failed; 432 } 433 txb->encrypted = encrypt; 434 if (host_encrypt) 435 txb->payload_size = frag_size * (nr_frags - 1) + 436 bytes_last_frag; 437 else 438 txb->payload_size = bytes; 439 440 if (rts_required) { 441 skb_frag = txb->fragments[0]; 442 frag_hdr = skb_put(skb_frag, hdr_len); 443 444 /* 445 * Set header frame_ctl to the RTS. 446 */ 447 header.frame_ctl = 448 cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS); 449 memcpy(frag_hdr, &header, hdr_len); 450 451 /* 452 * Restore header frame_ctl to the original data setting. 453 */ 454 header.frame_ctl = cpu_to_le16(fc); 455 456 if (ieee->config & 457 (CFG_LIBIPW_COMPUTE_FCS | CFG_LIBIPW_RESERVE_FCS)) 458 skb_put(skb_frag, 4); 459 460 txb->rts_included = 1; 461 i = 1; 462 } else 463 i = 0; 464 465 for (; i < nr_frags; i++) { 466 skb_frag = txb->fragments[i]; 467 468 if (host_encrypt) 469 skb_reserve(skb_frag, 470 crypt->ops->extra_mpdu_prefix_len); 471 472 frag_hdr = skb_put_data(skb_frag, &header, hdr_len); 473 474 /* If this is not the last fragment, then add the MOREFRAGS 475 * bit to the frame control */ 476 if (i != nr_frags - 1) { 477 frag_hdr->frame_ctl = 478 cpu_to_le16(fc | IEEE80211_FCTL_MOREFRAGS); 479 bytes = bytes_per_frag; 480 } else { 481 /* The last fragment takes the remaining length */ 482 bytes = bytes_last_frag; 483 } 484 485 if (i == 0 && !snapped) { 486 libipw_copy_snap(skb_put 487 (skb_frag, SNAP_SIZE + sizeof(u16)), 488 ether_type); 489 bytes -= SNAP_SIZE + sizeof(u16); 490 } 491 492 skb_copy_from_linear_data(skb, skb_put(skb_frag, bytes), bytes); 493 494 /* Advance the SKB... */ 495 skb_pull(skb, bytes); 496 497 /* Encryption routine will move the header forward in order 498 * to insert the IV between the header and the payload */ 499 if (host_encrypt) 500 libipw_encrypt_fragment(ieee, skb_frag, hdr_len); 501 502 if (ieee->config & 503 (CFG_LIBIPW_COMPUTE_FCS | CFG_LIBIPW_RESERVE_FCS)) 504 skb_put(skb_frag, 4); 505 } 506 507 success: 508 spin_unlock_irqrestore(&ieee->lock, flags); 509 510 dev_kfree_skb_any(skb); 511 512 if (txb) { 513 netdev_tx_t ret = (*ieee->hard_start_xmit)(txb, dev, priority); 514 if (ret == NETDEV_TX_OK) { 515 dev->stats.tx_packets++; 516 dev->stats.tx_bytes += txb->payload_size; 517 return NETDEV_TX_OK; 518 } 519 520 libipw_txb_free(txb); 521 } 522 523 return NETDEV_TX_OK; 524 525 failed: 526 spin_unlock_irqrestore(&ieee->lock, flags); 527 netif_stop_queue(dev); 528 dev->stats.tx_errors++; 529 return NETDEV_TX_BUSY; 530 } 531 EXPORT_SYMBOL(libipw_xmit); 532 533 EXPORT_SYMBOL(libipw_txb_free); 534