1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Driver for KeyStream wireless LAN cards. 4 * 5 * Copyright (C) 2005-2008 KeyStream Corp. 6 * Copyright (C) 2009 Renesas Technology Corp. 7 */ 8 9 #include <crypto/hash.h> 10 #include <linux/circ_buf.h> 11 #include <linux/if_arp.h> 12 #include <net/iw_handler.h> 13 #include <uapi/linux/llc.h> 14 #include "eap_packet.h" 15 #include "ks_wlan.h" 16 #include "ks_hostif.h" 17 18 #define MICHAEL_MIC_KEY_LEN 8 19 #define MICHAEL_MIC_LEN 8 20 21 static inline void inc_smeqhead(struct ks_wlan_private *priv) 22 { 23 priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE; 24 } 25 26 static inline void inc_smeqtail(struct ks_wlan_private *priv) 27 { 28 priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE; 29 } 30 31 static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv) 32 { 33 return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail, 34 SME_EVENT_BUFF_SIZE); 35 } 36 37 static inline u8 get_byte(struct ks_wlan_private *priv) 38 { 39 u8 data; 40 41 data = *priv->rxp++; 42 /* length check in advance ! */ 43 --(priv->rx_size); 44 return data; 45 } 46 47 static inline u16 get_word(struct ks_wlan_private *priv) 48 { 49 u16 data; 50 51 data = (get_byte(priv) & 0xff); 52 data |= ((get_byte(priv) << 8) & 0xff00); 53 return data; 54 } 55 56 static inline u32 get_dword(struct ks_wlan_private *priv) 57 { 58 u32 data; 59 60 data = (get_byte(priv) & 0xff); 61 data |= ((get_byte(priv) << 8) & 0x0000ff00); 62 data |= ((get_byte(priv) << 16) & 0x00ff0000); 63 data |= ((get_byte(priv) << 24) & 0xff000000); 64 return data; 65 } 66 67 static void ks_wlan_hw_wakeup_task(struct work_struct *work) 68 { 69 struct ks_wlan_private *priv; 70 int ps_status; 71 long time_left; 72 73 priv = container_of(work, struct ks_wlan_private, wakeup_work); 74 ps_status = atomic_read(&priv->psstatus.status); 75 76 if (ps_status == PS_SNOOZE) { 77 ks_wlan_hw_wakeup_request(priv); 78 time_left = wait_for_completion_interruptible_timeout( 79 &priv->psstatus.wakeup_wait, 80 msecs_to_jiffies(20)); 81 if (time_left <= 0) { 82 netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n"); 83 schedule_work(&priv->wakeup_work); 84 return; 85 } 86 } 87 88 /* power save */ 89 if (atomic_read(&priv->sme_task.count) > 0) 90 tasklet_enable(&priv->sme_task); 91 } 92 93 static void ks_wlan_do_power_save(struct ks_wlan_private *priv) 94 { 95 if (is_connect_status(priv->connect_status)) 96 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST); 97 else 98 priv->dev_state = DEVICE_STATE_READY; 99 } 100 101 static 102 int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info) 103 { 104 struct local_ap *ap; 105 union iwreq_data wrqu; 106 struct net_device *netdev = priv->net_dev; 107 u8 size; 108 109 ap = &priv->current_ap; 110 111 if (is_disconnect_status(priv->connect_status)) { 112 memset(ap, 0, sizeof(struct local_ap)); 113 return -EPERM; 114 } 115 116 ether_addr_copy(ap->bssid, ap_info->bssid); 117 memcpy(ap->ssid.body, priv->reg.ssid.body, 118 priv->reg.ssid.size); 119 ap->ssid.size = priv->reg.ssid.size; 120 memcpy(ap->rate_set.body, ap_info->rate_set.body, 121 ap_info->rate_set.size); 122 ap->rate_set.size = ap_info->rate_set.size; 123 if (ap_info->ext_rate_set.size != 0) { 124 memcpy(&ap->rate_set.body[ap->rate_set.size], 125 ap_info->ext_rate_set.body, 126 ap_info->ext_rate_set.size); 127 ap->rate_set.size += ap_info->ext_rate_set.size; 128 } 129 ap->channel = ap_info->ds_parameter.channel; 130 ap->rssi = ap_info->rssi; 131 ap->sq = ap_info->sq; 132 ap->noise = ap_info->noise; 133 ap->capability = le16_to_cpu(ap_info->capability); 134 size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ? 135 ap_info->rsn.size : RSN_IE_BODY_MAX; 136 if ((ap_info->rsn_mode & RSN_MODE_WPA2) && 137 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) { 138 ap->rsn_ie.id = RSN_INFO_ELEM_ID; 139 ap->rsn_ie.size = size; 140 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size); 141 } else if ((ap_info->rsn_mode & RSN_MODE_WPA) && 142 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) { 143 ap->wpa_ie.id = WPA_INFO_ELEM_ID; 144 ap->wpa_ie.size = size; 145 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size); 146 } else { 147 ap->rsn_ie.id = 0; 148 ap->rsn_ie.size = 0; 149 ap->wpa_ie.id = 0; 150 ap->wpa_ie.size = 0; 151 } 152 153 wrqu.data.length = 0; 154 wrqu.data.flags = 0; 155 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 156 if (is_connect_status(priv->connect_status)) { 157 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid); 158 netdev_dbg(priv->net_dev, 159 "IWEVENT: connect bssid=%pM\n", 160 wrqu.ap_addr.sa_data); 161 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL); 162 } 163 netdev_dbg(priv->net_dev, "Link AP\n" 164 "- bssid=%pM\n" 165 "- essid=%s\n" 166 "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n" 167 "- channel=%d\n" 168 "- rssi=%d\n" 169 "- sq=%d\n" 170 "- capability=%04X\n" 171 "- rsn.mode=%d\n" 172 "- rsn.size=%d\n" 173 "- ext_rate_set_size=%d\n" 174 "- rate_set_size=%d\n", 175 ap->bssid, 176 &ap->ssid.body[0], 177 ap->rate_set.body[0], ap->rate_set.body[1], 178 ap->rate_set.body[2], ap->rate_set.body[3], 179 ap->rate_set.body[4], ap->rate_set.body[5], 180 ap->rate_set.body[6], ap->rate_set.body[7], 181 ap->channel, ap->rssi, ap->sq, ap->capability, 182 ap_info->rsn_mode, ap_info->rsn.size, 183 ap_info->ext_rate_set.size, ap_info->rate_set.size); 184 185 return 0; 186 } 187 188 static u8 read_ie(unsigned char *bp, u8 max, u8 *body) 189 { 190 u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max; 191 192 memcpy(body, bp + 2, size); 193 return size; 194 } 195 196 static int 197 michael_mic(u8 *key, u8 *data, unsigned int len, u8 priority, u8 *result) 198 { 199 u8 pad_data[4] = { priority, 0, 0, 0 }; 200 struct crypto_shash *tfm = NULL; 201 struct shash_desc *desc = NULL; 202 int ret; 203 204 tfm = crypto_alloc_shash("michael_mic", 0, 0); 205 if (IS_ERR(tfm)) { 206 ret = PTR_ERR(tfm); 207 goto err; 208 } 209 210 ret = crypto_shash_setkey(tfm, key, MICHAEL_MIC_KEY_LEN); 211 if (ret < 0) 212 goto err_free_tfm; 213 214 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL); 215 if (!desc) { 216 ret = -ENOMEM; 217 goto err_free_tfm; 218 } 219 220 desc->tfm = tfm; 221 222 ret = crypto_shash_init(desc); 223 if (ret < 0) 224 goto err_free_desc; 225 226 // Compute the MIC value 227 /* 228 * IEEE802.11i page 47 229 * Figure 43g TKIP MIC processing format 230 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 231 * |6 |6 |1 |3 |M |1 |1 |1 |1 |1 |1 |1 |1 | Octet 232 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 233 * |DA|SA|Priority|0 |Data|M0|M1|M2|M3|M4|M5|M6|M7| 234 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 235 */ 236 237 ret = crypto_shash_update(desc, data, 12); 238 if (ret < 0) 239 goto err_free_desc; 240 241 ret = crypto_shash_update(desc, pad_data, 4); 242 if (ret < 0) 243 goto err_free_desc; 244 245 ret = crypto_shash_finup(desc, data + 12, len - 12, result); 246 247 err_free_desc: 248 kfree_sensitive(desc); 249 250 err_free_tfm: 251 crypto_free_shash(tfm); 252 253 err: 254 return ret; 255 } 256 257 static 258 int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info, 259 struct local_ap *ap) 260 { 261 unsigned char *bp; 262 int bsize, offset; 263 264 memset(ap, 0, sizeof(struct local_ap)); 265 266 ether_addr_copy(ap->bssid, ap_info->bssid); 267 ap->rssi = ap_info->rssi; 268 ap->sq = ap_info->sq; 269 ap->noise = ap_info->noise; 270 ap->capability = le16_to_cpu(ap_info->capability); 271 ap->channel = ap_info->ch_info; 272 273 bp = ap_info->body; 274 bsize = le16_to_cpu(ap_info->body_size); 275 offset = 0; 276 277 while (bsize > offset) { 278 switch (*bp) { /* Information Element ID */ 279 case WLAN_EID_SSID: 280 ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN, 281 ap->ssid.body); 282 break; 283 case WLAN_EID_SUPP_RATES: 284 case WLAN_EID_EXT_SUPP_RATES: 285 if ((*(bp + 1) + ap->rate_set.size) <= 286 RATE_SET_MAX_SIZE) { 287 memcpy(&ap->rate_set.body[ap->rate_set.size], 288 bp + 2, *(bp + 1)); 289 ap->rate_set.size += *(bp + 1); 290 } else { 291 memcpy(&ap->rate_set.body[ap->rate_set.size], 292 bp + 2, 293 RATE_SET_MAX_SIZE - ap->rate_set.size); 294 ap->rate_set.size += 295 (RATE_SET_MAX_SIZE - ap->rate_set.size); 296 } 297 break; 298 case WLAN_EID_RSN: 299 ap->rsn_ie.id = *bp; 300 ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX, 301 ap->rsn_ie.body); 302 break; 303 case WLAN_EID_VENDOR_SPECIFIC: /* WPA */ 304 /* WPA OUI check */ 305 if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) { 306 ap->wpa_ie.id = *bp; 307 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX, 308 ap->wpa_ie.body); 309 } 310 break; 311 case WLAN_EID_DS_PARAMS: 312 case WLAN_EID_FH_PARAMS: 313 case WLAN_EID_CF_PARAMS: 314 case WLAN_EID_TIM: 315 case WLAN_EID_IBSS_PARAMS: 316 case WLAN_EID_COUNTRY: 317 case WLAN_EID_ERP_INFO: 318 break; 319 default: 320 netdev_err(priv->net_dev, 321 "unknown Element ID=%d\n", *bp); 322 break; 323 } 324 325 offset += 2; /* id & size field */ 326 offset += *(bp + 1); /* +size offset */ 327 bp += (*(bp + 1) + 2); /* pointer update */ 328 } 329 330 return 0; 331 } 332 333 static 334 int hostif_data_indication_wpa(struct ks_wlan_private *priv, 335 unsigned short auth_type) 336 { 337 struct ether_hdr *eth_hdr; 338 unsigned short eth_proto; 339 unsigned char recv_mic[MICHAEL_MIC_LEN]; 340 char buf[128]; 341 unsigned long now; 342 struct mic_failure *mic_failure; 343 u8 mic[MICHAEL_MIC_LEN]; 344 union iwreq_data wrqu; 345 unsigned int key_index = auth_type - 1; 346 struct wpa_key *key = &priv->wpa.key[key_index]; 347 348 eth_hdr = (struct ether_hdr *)(priv->rxp); 349 eth_proto = ntohs(eth_hdr->h_proto); 350 351 if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) { 352 netdev_err(priv->net_dev, "invalid data format\n"); 353 priv->nstats.rx_errors++; 354 return -EINVAL; 355 } 356 if (((auth_type == TYPE_PMK1 && 357 priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) || 358 (auth_type == TYPE_GMK1 && 359 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) || 360 (auth_type == TYPE_GMK2 && 361 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) && 362 key->key_len) { 363 int ret; 364 365 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n", 366 eth_proto, priv->rx_size); 367 /* MIC save */ 368 memcpy(&recv_mic[0], 369 (priv->rxp) + ((priv->rx_size) - sizeof(recv_mic)), 370 sizeof(recv_mic)); 371 priv->rx_size = priv->rx_size - sizeof(recv_mic); 372 373 ret = michael_mic(key->rx_mic_key, priv->rxp, priv->rx_size, 374 0, mic); 375 if (ret < 0) 376 return ret; 377 if (memcmp(mic, recv_mic, sizeof(mic)) != 0) { 378 now = jiffies; 379 mic_failure = &priv->wpa.mic_failure; 380 /* MIC FAILURE */ 381 if (mic_failure->last_failure_time && 382 (now - mic_failure->last_failure_time) / HZ >= 60) { 383 mic_failure->failure = 0; 384 } 385 netdev_err(priv->net_dev, "MIC FAILURE\n"); 386 if (mic_failure->failure == 0) { 387 mic_failure->failure = 1; 388 mic_failure->counter = 0; 389 } else if (mic_failure->failure == 1) { 390 mic_failure->failure = 2; 391 mic_failure->counter = 392 (u16)((now - mic_failure->last_failure_time) / HZ); 393 /* range 1-60 */ 394 if (!mic_failure->counter) 395 mic_failure->counter = 1; 396 } 397 priv->wpa.mic_failure.last_failure_time = now; 398 399 /* needed parameters: count, keyid, key type, TSC */ 400 sprintf(buf, 401 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)", 402 key_index, 403 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni", 404 eth_hdr->h_source); 405 memset(&wrqu, 0, sizeof(wrqu)); 406 wrqu.data.length = strlen(buf); 407 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, 408 buf); 409 return -EINVAL; 410 } 411 } 412 return 0; 413 } 414 415 static 416 void hostif_data_indication(struct ks_wlan_private *priv) 417 { 418 unsigned int rx_ind_size; /* indicate data size */ 419 struct sk_buff *skb; 420 u16 auth_type; 421 unsigned char temp[256]; 422 struct ether_hdr *eth_hdr; 423 struct ieee802_1x_hdr *aa1x_hdr; 424 size_t size; 425 int ret; 426 427 /* min length check */ 428 if (priv->rx_size <= ETH_HLEN) { 429 priv->nstats.rx_errors++; 430 return; 431 } 432 433 auth_type = get_word(priv); /* AuthType */ 434 get_word(priv); /* Reserve Area */ 435 436 eth_hdr = (struct ether_hdr *)(priv->rxp); 437 438 /* source address check */ 439 if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) { 440 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n"); 441 netdev_err(priv->net_dev, "eth_hdrernet->h_dest=%pM\n", eth_hdr->h_source); 442 priv->nstats.rx_errors++; 443 return; 444 } 445 446 /* for WPA */ 447 if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) { 448 ret = hostif_data_indication_wpa(priv, auth_type); 449 if (ret) 450 return; 451 } 452 453 if ((priv->connect_status & FORCE_DISCONNECT) || 454 priv->wpa.mic_failure.failure == 2) { 455 return; 456 } 457 458 /* check 13th byte at rx data */ 459 switch (*(priv->rxp + 12)) { 460 case LLC_SAP_SNAP: 461 rx_ind_size = priv->rx_size - 6; 462 skb = dev_alloc_skb(rx_ind_size); 463 if (!skb) { 464 priv->nstats.rx_dropped++; 465 return; 466 } 467 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n", 468 rx_ind_size); 469 470 size = ETH_ALEN * 2; 471 skb_put_data(skb, priv->rxp, size); 472 473 /* (SNAP+UI..) skip */ 474 475 size = rx_ind_size - (ETH_ALEN * 2); 476 skb_put_data(skb, ð_hdr->h_proto, size); 477 478 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE); 479 break; 480 case LLC_SAP_NETBEUI: 481 rx_ind_size = (priv->rx_size + 2); 482 skb = dev_alloc_skb(rx_ind_size); 483 if (!skb) { 484 priv->nstats.rx_dropped++; 485 return; 486 } 487 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n", 488 rx_ind_size); 489 490 /* 8802/FDDI MAC copy */ 491 skb_put_data(skb, priv->rxp, 12); 492 493 /* NETBEUI size add */ 494 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff); 495 temp[1] = ((rx_ind_size - 12) & 0xff); 496 skb_put_data(skb, temp, 2); 497 498 /* copy after Type */ 499 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14); 500 501 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14); 502 break; 503 default: /* other rx data */ 504 netdev_err(priv->net_dev, "invalid data format\n"); 505 priv->nstats.rx_errors++; 506 return; 507 } 508 509 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY && 510 priv->wpa.rsn_enabled) 511 atomic_set(&priv->psstatus.snooze_guard, 1); 512 513 /* rx indication */ 514 skb->dev = priv->net_dev; 515 skb->protocol = eth_type_trans(skb, skb->dev); 516 priv->nstats.rx_packets++; 517 priv->nstats.rx_bytes += rx_ind_size; 518 netif_rx(skb); 519 } 520 521 static 522 void hostif_mib_get_confirm(struct ks_wlan_private *priv) 523 { 524 struct net_device *dev = priv->net_dev; 525 u32 mib_status; 526 u32 mib_attribute; 527 u16 mib_val_size; 528 u16 mib_val_type; 529 530 mib_status = get_dword(priv); 531 mib_attribute = get_dword(priv); 532 mib_val_size = get_word(priv); 533 mib_val_type = get_word(priv); 534 535 if (mib_status) { 536 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n", 537 mib_attribute, mib_status); 538 return; 539 } 540 541 switch (mib_attribute) { 542 case DOT11_MAC_ADDRESS: 543 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS); 544 ether_addr_copy(priv->eth_addr, priv->rxp); 545 priv->mac_address_valid = true; 546 ether_addr_copy(dev->dev_addr, priv->eth_addr); 547 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr); 548 break; 549 case DOT11_PRODUCT_VERSION: 550 priv->version_size = priv->rx_size; 551 memcpy(priv->firmware_version, priv->rxp, priv->rx_size); 552 priv->firmware_version[priv->rx_size] = '\0'; 553 netdev_info(dev, "firmware ver. = %s\n", 554 priv->firmware_version); 555 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION); 556 /* wake_up_interruptible_all(&priv->confirm_wait); */ 557 complete(&priv->confirm_wait); 558 break; 559 case LOCAL_GAIN: 560 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain)); 561 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n", 562 priv->gain.tx_mode, priv->gain.rx_mode, 563 priv->gain.tx_gain, priv->gain.rx_gain); 564 break; 565 case LOCAL_EEPROM_SUM: 566 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum)); 567 if (priv->eeprom_sum.type != 0 && 568 priv->eeprom_sum.type != 1) { 569 netdev_err(dev, "LOCAL_EEPROM_SUM error!\n"); 570 return; 571 } 572 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ? 573 EEPROM_CHECKSUM_NONE : 574 (priv->eeprom_sum.result == 0) ? 575 EEPROM_NG : EEPROM_OK; 576 break; 577 default: 578 netdev_err(priv->net_dev, "mib_attribute=%08x\n", 579 (unsigned int)mib_attribute); 580 break; 581 } 582 } 583 584 static 585 void hostif_mib_set_confirm(struct ks_wlan_private *priv) 586 { 587 u32 mib_status; 588 u32 mib_attribute; 589 590 mib_status = get_dword(priv); 591 mib_attribute = get_dword(priv); 592 593 if (mib_status) { 594 /* in case of error */ 595 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n", 596 mib_attribute, mib_status); 597 } 598 599 switch (mib_attribute) { 600 case DOT11_RTS_THRESHOLD: 601 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM); 602 break; 603 case DOT11_FRAGMENTATION_THRESHOLD: 604 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM); 605 break; 606 case DOT11_WEP_DEFAULT_KEY_ID: 607 if (!priv->wpa.wpa_enabled) 608 hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM); 609 break; 610 case DOT11_WEP_DEFAULT_KEY_VALUE1: 611 if (priv->wpa.rsn_enabled) 612 hostif_sme_enqueue(priv, SME_SET_PMK_TSC); 613 else 614 hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM); 615 break; 616 case DOT11_WEP_DEFAULT_KEY_VALUE2: 617 if (priv->wpa.rsn_enabled) 618 hostif_sme_enqueue(priv, SME_SET_GMK1_TSC); 619 else 620 hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM); 621 break; 622 case DOT11_WEP_DEFAULT_KEY_VALUE3: 623 if (priv->wpa.rsn_enabled) 624 hostif_sme_enqueue(priv, SME_SET_GMK2_TSC); 625 else 626 hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM); 627 break; 628 case DOT11_WEP_DEFAULT_KEY_VALUE4: 629 if (!priv->wpa.rsn_enabled) 630 hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM); 631 break; 632 case DOT11_PRIVACY_INVOKED: 633 if (!priv->wpa.rsn_enabled) 634 hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM); 635 break; 636 case DOT11_RSN_ENABLED: 637 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM); 638 break; 639 case LOCAL_RSN_MODE: 640 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM); 641 break; 642 case LOCAL_MULTICAST_ADDRESS: 643 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST); 644 break; 645 case LOCAL_MULTICAST_FILTER: 646 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM); 647 break; 648 case LOCAL_CURRENTADDRESS: 649 priv->mac_address_valid = true; 650 break; 651 case DOT11_RSN_CONFIG_MULTICAST_CIPHER: 652 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM); 653 break; 654 case DOT11_RSN_CONFIG_UNICAST_CIPHER: 655 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM); 656 break; 657 case DOT11_RSN_CONFIG_AUTH_SUITE: 658 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM); 659 break; 660 case DOT11_GMK1_TSC: 661 if (atomic_read(&priv->psstatus.snooze_guard)) 662 atomic_set(&priv->psstatus.snooze_guard, 0); 663 break; 664 case DOT11_GMK2_TSC: 665 if (atomic_read(&priv->psstatus.snooze_guard)) 666 atomic_set(&priv->psstatus.snooze_guard, 0); 667 break; 668 case DOT11_PMK_TSC: 669 case LOCAL_PMK: 670 case LOCAL_GAIN: 671 case LOCAL_WPS_ENABLE: 672 case LOCAL_WPS_PROBE_REQ: 673 case LOCAL_REGION: 674 default: 675 break; 676 } 677 } 678 679 static 680 void hostif_power_mgmt_confirm(struct ks_wlan_private *priv) 681 { 682 if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE && 683 priv->reg.operation_mode == MODE_INFRASTRUCTURE) { 684 atomic_set(&priv->psstatus.confirm_wait, 0); 685 priv->dev_state = DEVICE_STATE_SLEEP; 686 ks_wlan_hw_power_save(priv); 687 } else { 688 priv->dev_state = DEVICE_STATE_READY; 689 } 690 } 691 692 static 693 void hostif_sleep_confirm(struct ks_wlan_private *priv) 694 { 695 atomic_set(&priv->sleepstatus.doze_request, 1); 696 queue_delayed_work(priv->wq, &priv->rw_dwork, 1); 697 } 698 699 static 700 void hostif_start_confirm(struct ks_wlan_private *priv) 701 { 702 union iwreq_data wrqu; 703 704 wrqu.data.length = 0; 705 wrqu.data.flags = 0; 706 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 707 if (is_connect_status(priv->connect_status)) { 708 eth_zero_addr(wrqu.ap_addr.sa_data); 709 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL); 710 } 711 netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count); 712 hostif_sme_enqueue(priv, SME_START_CONFIRM); 713 } 714 715 static 716 void hostif_connect_indication(struct ks_wlan_private *priv) 717 { 718 u16 connect_code; 719 unsigned int tmp = 0; 720 unsigned int old_status = priv->connect_status; 721 struct net_device *netdev = priv->net_dev; 722 union iwreq_data wrqu0; 723 724 connect_code = get_word(priv); 725 726 switch (connect_code) { 727 case RESULT_CONNECT: 728 if (!(priv->connect_status & FORCE_DISCONNECT)) 729 netif_carrier_on(netdev); 730 tmp = FORCE_DISCONNECT & priv->connect_status; 731 priv->connect_status = tmp + CONNECT_STATUS; 732 break; 733 case RESULT_DISCONNECT: 734 netif_carrier_off(netdev); 735 tmp = FORCE_DISCONNECT & priv->connect_status; 736 priv->connect_status = tmp + DISCONNECT_STATUS; 737 break; 738 default: 739 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n", 740 connect_code, priv->scan_ind_count); 741 netif_carrier_off(netdev); 742 tmp = FORCE_DISCONNECT & priv->connect_status; 743 priv->connect_status = tmp + DISCONNECT_STATUS; 744 break; 745 } 746 747 get_current_ap(priv, (struct link_ap_info *)priv->rxp); 748 if (is_connect_status(priv->connect_status) && 749 is_disconnect_status(old_status)) { 750 /* for power save */ 751 atomic_set(&priv->psstatus.snooze_guard, 0); 752 atomic_set(&priv->psstatus.confirm_wait, 0); 753 } 754 ks_wlan_do_power_save(priv); 755 756 wrqu0.data.length = 0; 757 wrqu0.data.flags = 0; 758 wrqu0.ap_addr.sa_family = ARPHRD_ETHER; 759 if (is_disconnect_status(priv->connect_status) && 760 is_connect_status(old_status)) { 761 eth_zero_addr(wrqu0.ap_addr.sa_data); 762 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n", 763 priv->scan_ind_count); 764 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL); 765 } 766 priv->scan_ind_count = 0; 767 } 768 769 static 770 void hostif_scan_indication(struct ks_wlan_private *priv) 771 { 772 int i; 773 struct ap_info *ap_info; 774 775 netdev_dbg(priv->net_dev, 776 "scan_ind_count = %d\n", priv->scan_ind_count); 777 ap_info = (struct ap_info *)(priv->rxp); 778 779 if (priv->scan_ind_count) { 780 /* bssid check */ 781 for (i = 0; i < priv->aplist.size; i++) { 782 u8 *bssid = priv->aplist.ap[i].bssid; 783 784 if (ether_addr_equal(ap_info->bssid, bssid)) 785 continue; 786 787 if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP) 788 get_ap_information(priv, ap_info, 789 &priv->aplist.ap[i]); 790 return; 791 } 792 } 793 priv->scan_ind_count++; 794 if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) { 795 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n", 796 priv->scan_ind_count, priv->aplist.size); 797 get_ap_information(priv, (struct ap_info *)(priv->rxp), 798 &priv->aplist.ap[priv->scan_ind_count - 1]); 799 priv->aplist.size = priv->scan_ind_count; 800 } else { 801 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n", 802 priv->scan_ind_count); 803 } 804 } 805 806 static 807 void hostif_stop_confirm(struct ks_wlan_private *priv) 808 { 809 unsigned int tmp = 0; 810 unsigned int old_status = priv->connect_status; 811 struct net_device *netdev = priv->net_dev; 812 union iwreq_data wrqu0; 813 814 if (priv->dev_state == DEVICE_STATE_SLEEP) 815 priv->dev_state = DEVICE_STATE_READY; 816 817 /* disconnect indication */ 818 if (is_connect_status(priv->connect_status)) { 819 netif_carrier_off(netdev); 820 tmp = FORCE_DISCONNECT & priv->connect_status; 821 priv->connect_status = tmp | DISCONNECT_STATUS; 822 netdev_info(netdev, "IWEVENT: disconnect\n"); 823 824 wrqu0.data.length = 0; 825 wrqu0.data.flags = 0; 826 wrqu0.ap_addr.sa_family = ARPHRD_ETHER; 827 if (is_disconnect_status(priv->connect_status) && 828 is_connect_status(old_status)) { 829 eth_zero_addr(wrqu0.ap_addr.sa_data); 830 netdev_info(netdev, "IWEVENT: disconnect\n"); 831 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL); 832 } 833 priv->scan_ind_count = 0; 834 } 835 836 hostif_sme_enqueue(priv, SME_STOP_CONFIRM); 837 } 838 839 static 840 void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv) 841 { 842 priv->infra_status = 0; /* infrastructure mode cancel */ 843 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 844 } 845 846 static 847 void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv) 848 { 849 u16 result_code; 850 851 result_code = get_word(priv); 852 priv->infra_status = 1; /* infrastructure mode set */ 853 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 854 } 855 856 static 857 void hostif_adhoc_set_confirm(struct ks_wlan_private *priv) 858 { 859 priv->infra_status = 1; /* infrastructure mode set */ 860 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 861 } 862 863 static 864 void hostif_associate_indication(struct ks_wlan_private *priv) 865 { 866 struct association_request *assoc_req; 867 struct association_response *assoc_resp; 868 unsigned char *pb; 869 union iwreq_data wrqu; 870 char buf[IW_CUSTOM_MAX]; 871 char *pbuf = &buf[0]; 872 int i; 873 874 static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs="; 875 static const char associnfo_leader1[] = " RespIEs="; 876 877 assoc_req = (struct association_request *)(priv->rxp); 878 assoc_resp = (struct association_response *)(assoc_req + 1); 879 pb = (unsigned char *)(assoc_resp + 1); 880 881 memset(&wrqu, 0, sizeof(wrqu)); 882 memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1); 883 wrqu.data.length += sizeof(associnfo_leader0) - 1; 884 pbuf += sizeof(associnfo_leader0) - 1; 885 886 for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++) 887 pbuf += sprintf(pbuf, "%02x", *(pb + i)); 888 wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2; 889 890 memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1); 891 wrqu.data.length += sizeof(associnfo_leader1) - 1; 892 pbuf += sizeof(associnfo_leader1) - 1; 893 894 pb += le16_to_cpu(assoc_req->req_ies_size); 895 for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++) 896 pbuf += sprintf(pbuf, "%02x", *(pb + i)); 897 wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2; 898 899 pbuf += sprintf(pbuf, ")"); 900 wrqu.data.length += 1; 901 902 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf); 903 } 904 905 static 906 void hostif_bss_scan_confirm(struct ks_wlan_private *priv) 907 { 908 u32 result_code; 909 struct net_device *dev = priv->net_dev; 910 union iwreq_data wrqu; 911 912 result_code = get_dword(priv); 913 netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n", 914 result_code, priv->scan_ind_count); 915 916 priv->sme_i.sme_flag &= ~SME_AP_SCAN; 917 hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM); 918 919 wrqu.data.length = 0; 920 wrqu.data.flags = 0; 921 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); 922 priv->scan_ind_count = 0; 923 } 924 925 static 926 void hostif_phy_information_confirm(struct ks_wlan_private *priv) 927 { 928 struct iw_statistics *wstats = &priv->wstats; 929 u8 rssi, signal, noise; 930 u8 link_speed; 931 u32 transmitted_frame_count, received_fragment_count; 932 u32 failed_count, fcs_error_count; 933 934 rssi = get_byte(priv); 935 signal = get_byte(priv); 936 noise = get_byte(priv); 937 link_speed = get_byte(priv); 938 transmitted_frame_count = get_dword(priv); 939 received_fragment_count = get_dword(priv); 940 failed_count = get_dword(priv); 941 fcs_error_count = get_dword(priv); 942 943 netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n", 944 rssi, signal); 945 priv->current_rate = (link_speed & RATE_MASK); 946 wstats->qual.qual = signal; 947 wstats->qual.level = 256 - rssi; 948 wstats->qual.noise = 0; /* invalid noise value */ 949 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM; 950 951 netdev_dbg(priv->net_dev, "\n rssi=%u\n" 952 " signal=%u\n" 953 " link_speed=%ux500Kbps\n" 954 " transmitted_frame_count=%u\n" 955 " received_fragment_count=%u\n" 956 " failed_count=%u\n" 957 " fcs_error_count=%u\n", 958 rssi, signal, link_speed, transmitted_frame_count, 959 received_fragment_count, failed_count, fcs_error_count); 960 /* wake_up_interruptible_all(&priv->confirm_wait); */ 961 complete(&priv->confirm_wait); 962 } 963 964 static 965 void hostif_mic_failure_confirm(struct ks_wlan_private *priv) 966 { 967 netdev_dbg(priv->net_dev, "mic_failure=%u\n", 968 priv->wpa.mic_failure.failure); 969 hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM); 970 } 971 972 static 973 void hostif_event_check(struct ks_wlan_private *priv) 974 { 975 u16 event; 976 977 event = get_word(priv); 978 switch (event) { 979 case HIF_DATA_IND: 980 hostif_data_indication(priv); 981 break; 982 case HIF_MIB_GET_CONF: 983 hostif_mib_get_confirm(priv); 984 break; 985 case HIF_MIB_SET_CONF: 986 hostif_mib_set_confirm(priv); 987 break; 988 case HIF_POWER_MGMT_CONF: 989 hostif_power_mgmt_confirm(priv); 990 break; 991 case HIF_SLEEP_CONF: 992 hostif_sleep_confirm(priv); 993 break; 994 case HIF_START_CONF: 995 hostif_start_confirm(priv); 996 break; 997 case HIF_CONNECT_IND: 998 hostif_connect_indication(priv); 999 break; 1000 case HIF_STOP_CONF: 1001 hostif_stop_confirm(priv); 1002 break; 1003 case HIF_PS_ADH_SET_CONF: 1004 hostif_ps_adhoc_set_confirm(priv); 1005 break; 1006 case HIF_INFRA_SET_CONF: 1007 case HIF_INFRA_SET2_CONF: 1008 hostif_infrastructure_set_confirm(priv); 1009 break; 1010 case HIF_ADH_SET_CONF: 1011 case HIF_ADH_SET2_CONF: 1012 hostif_adhoc_set_confirm(priv); 1013 break; 1014 case HIF_ASSOC_INFO_IND: 1015 hostif_associate_indication(priv); 1016 break; 1017 case HIF_MIC_FAILURE_CONF: 1018 hostif_mic_failure_confirm(priv); 1019 break; 1020 case HIF_SCAN_CONF: 1021 hostif_bss_scan_confirm(priv); 1022 break; 1023 case HIF_PHY_INFO_CONF: 1024 case HIF_PHY_INFO_IND: 1025 hostif_phy_information_confirm(priv); 1026 break; 1027 case HIF_SCAN_IND: 1028 hostif_scan_indication(priv); 1029 break; 1030 case HIF_AP_SET_CONF: 1031 default: 1032 netdev_err(priv->net_dev, "undefined event[%04X]\n", event); 1033 /* wake_up_all(&priv->confirm_wait); */ 1034 complete(&priv->confirm_wait); 1035 break; 1036 } 1037 1038 /* add event to hostt buffer */ 1039 priv->hostt.buff[priv->hostt.qtail] = event; 1040 priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE; 1041 } 1042 1043 /* allocate size bytes, set header size and event */ 1044 static void *hostif_generic_request(size_t size, int event) 1045 { 1046 struct hostif_hdr *p; 1047 1048 p = kzalloc(hif_align_size(size), GFP_ATOMIC); 1049 if (!p) 1050 return NULL; 1051 1052 p->size = cpu_to_le16(size - sizeof(p->size)); 1053 p->event = cpu_to_le16(event); 1054 1055 return p; 1056 } 1057 1058 int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb) 1059 { 1060 unsigned int skb_len = 0; 1061 unsigned char *buffer = NULL; 1062 unsigned int length = 0; 1063 struct hostif_data_request *pp; 1064 unsigned char *p; 1065 unsigned short eth_proto; 1066 struct ether_hdr *eth_hdr; 1067 unsigned short keyinfo = 0; 1068 struct ieee802_1x_hdr *aa1x_hdr; 1069 struct wpa_eapol_key *eap_key; 1070 struct ethhdr *eth; 1071 size_t size; 1072 int ret; 1073 1074 skb_len = skb->len; 1075 if (skb_len > ETH_FRAME_LEN) { 1076 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len); 1077 ret = -EOVERFLOW; 1078 goto err_kfree_skb; 1079 } 1080 1081 if (is_disconnect_status(priv->connect_status) || 1082 (priv->connect_status & FORCE_DISCONNECT) || 1083 priv->wpa.mic_failure.stop) { 1084 if (netif_queue_stopped(priv->net_dev)) 1085 netif_wake_queue(priv->net_dev); 1086 1087 dev_kfree_skb(skb); 1088 1089 return 0; 1090 } 1091 1092 /* power save wakeup */ 1093 if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) { 1094 if (!netif_queue_stopped(priv->net_dev)) 1095 netif_stop_queue(priv->net_dev); 1096 } 1097 1098 size = sizeof(*pp) + 6 + skb_len + 8; 1099 pp = kmalloc(hif_align_size(size), GFP_ATOMIC); 1100 if (!pp) { 1101 ret = -ENOMEM; 1102 goto err_kfree_skb; 1103 } 1104 1105 p = (unsigned char *)pp->data; 1106 1107 buffer = skb->data; 1108 length = skb->len; 1109 1110 /* skb check */ 1111 eth = (struct ethhdr *)skb->data; 1112 if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) { 1113 netdev_err(priv->net_dev, 1114 "Invalid mac address: ethernet->h_source=%pM\n", 1115 eth->h_source); 1116 ret = -ENXIO; 1117 goto err_kfree; 1118 } 1119 1120 /* dest and src MAC address copy */ 1121 size = ETH_ALEN * 2; 1122 memcpy(p, buffer, size); 1123 p += size; 1124 buffer += size; 1125 length -= size; 1126 1127 /* EtherType/Length check */ 1128 if (*(buffer + 1) + (*buffer << 8) > 1500) { 1129 /* ProtocolEAP = *(buffer+1) + (*buffer << 8); */ 1130 /* SAP/CTL/OUI(6 byte) add */ 1131 *p++ = 0xAA; /* DSAP */ 1132 *p++ = 0xAA; /* SSAP */ 1133 *p++ = 0x03; /* CTL */ 1134 *p++ = 0x00; /* OUI ("000000") */ 1135 *p++ = 0x00; /* OUI ("000000") */ 1136 *p++ = 0x00; /* OUI ("000000") */ 1137 skb_len += 6; 1138 } else { 1139 /* Length(2 byte) delete */ 1140 buffer += 2; 1141 length -= 2; 1142 skb_len -= 2; 1143 } 1144 1145 /* pp->data copy */ 1146 memcpy(p, buffer, length); 1147 1148 p += length; 1149 1150 /* for WPA */ 1151 eth_hdr = (struct ether_hdr *)&pp->data[0]; 1152 eth_proto = ntohs(eth_hdr->h_proto); 1153 1154 /* for MIC FAILURE REPORT check */ 1155 if (eth_proto == ETH_P_PAE && 1156 priv->wpa.mic_failure.failure > 0) { 1157 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1); 1158 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) { 1159 eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1); 1160 keyinfo = ntohs(eap_key->key_info); 1161 } 1162 } 1163 1164 if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) { 1165 /* no encryption */ 1166 if (eth_proto == ETH_P_PAE && 1167 priv->wpa.key[1].key_len == 0 && 1168 priv->wpa.key[2].key_len == 0 && 1169 priv->wpa.key[3].key_len == 0) { 1170 pp->auth_type = cpu_to_le16(TYPE_AUTH); 1171 } else { 1172 if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) { 1173 u8 mic[MICHAEL_MIC_LEN]; 1174 1175 ret = michael_mic(priv->wpa.key[0].tx_mic_key, 1176 &pp->data[0], skb_len, 1177 0, mic); 1178 if (ret < 0) 1179 goto err_kfree; 1180 1181 memcpy(p, mic, sizeof(mic)); 1182 length += sizeof(mic); 1183 skb_len += sizeof(mic); 1184 p += sizeof(mic); 1185 pp->auth_type = 1186 cpu_to_le16(TYPE_DATA); 1187 } else if (priv->wpa.pairwise_suite == 1188 IW_AUTH_CIPHER_CCMP) { 1189 pp->auth_type = 1190 cpu_to_le16(TYPE_DATA); 1191 } 1192 } 1193 } else { 1194 if (eth_proto == ETH_P_PAE) 1195 pp->auth_type = cpu_to_le16(TYPE_AUTH); 1196 else 1197 pp->auth_type = cpu_to_le16(TYPE_DATA); 1198 } 1199 1200 /* header value set */ 1201 pp->header.size = 1202 cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len)); 1203 pp->header.event = cpu_to_le16(HIF_DATA_REQ); 1204 1205 /* tx request */ 1206 ret = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len), 1207 send_packet_complete, skb); 1208 1209 /* MIC FAILURE REPORT check */ 1210 if (eth_proto == ETH_P_PAE && 1211 priv->wpa.mic_failure.failure > 0) { 1212 if (keyinfo & WPA_KEY_INFO_ERROR && 1213 keyinfo & WPA_KEY_INFO_REQUEST) { 1214 netdev_err(priv->net_dev, 1215 "MIC ERROR Report SET : %04X\n", keyinfo); 1216 hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST); 1217 } 1218 if (priv->wpa.mic_failure.failure == 2) 1219 priv->wpa.mic_failure.stop = 1; 1220 } 1221 1222 return ret; 1223 1224 err_kfree: 1225 kfree(pp); 1226 err_kfree_skb: 1227 dev_kfree_skb(skb); 1228 1229 return ret; 1230 } 1231 1232 static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv) 1233 { 1234 if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET) 1235 atomic_inc(&priv->psstatus.confirm_wait); 1236 } 1237 1238 static inline void send_request_to_device(struct ks_wlan_private *priv, 1239 void *data, size_t size) 1240 { 1241 ps_confirm_wait_inc(priv); 1242 ks_wlan_hw_tx(priv, data, size, NULL, NULL); 1243 } 1244 1245 static void hostif_mib_get_request(struct ks_wlan_private *priv, 1246 u32 mib_attribute) 1247 { 1248 struct hostif_mib_get_request *pp; 1249 1250 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ); 1251 if (!pp) 1252 return; 1253 1254 pp->mib_attribute = cpu_to_le32(mib_attribute); 1255 1256 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1257 } 1258 1259 static void hostif_mib_set_request(struct ks_wlan_private *priv, 1260 enum mib_attribute attr, 1261 enum mib_data_type type, 1262 void *data, size_t size) 1263 { 1264 struct hostif_mib_set_request_t *pp; 1265 1266 if (priv->dev_state < DEVICE_STATE_BOOT) 1267 return; 1268 1269 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ); 1270 if (!pp) 1271 return; 1272 1273 pp->mib_attribute = cpu_to_le32(attr); 1274 pp->mib_value.size = cpu_to_le16(size); 1275 pp->mib_value.type = cpu_to_le16(type); 1276 memcpy(&pp->mib_value.body, data, size); 1277 1278 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size)); 1279 } 1280 1281 static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv, 1282 enum mib_attribute attr, int val) 1283 { 1284 __le32 v = cpu_to_le32(val); 1285 size_t size = sizeof(v); 1286 1287 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size); 1288 } 1289 1290 static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv, 1291 enum mib_attribute attr, 1292 bool val) 1293 { 1294 __le32 v = cpu_to_le32(val); 1295 size_t size = sizeof(v); 1296 1297 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size); 1298 } 1299 1300 static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv, 1301 enum mib_attribute attr, 1302 void *data, size_t size) 1303 { 1304 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size); 1305 } 1306 1307 static 1308 void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode) 1309 { 1310 struct hostif_start_request *pp; 1311 1312 pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ); 1313 if (!pp) 1314 return; 1315 1316 pp->mode = cpu_to_le16(mode); 1317 1318 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1319 1320 priv->aplist.size = 0; 1321 priv->scan_ind_count = 0; 1322 } 1323 1324 static __le16 ks_wlan_cap(struct ks_wlan_private *priv) 1325 { 1326 u16 capability = 0x0000; 1327 1328 if (priv->reg.preamble == SHORT_PREAMBLE) 1329 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE; 1330 1331 capability &= ~(WLAN_CAPABILITY_PBCC); /* pbcc not support */ 1332 1333 if (priv->reg.phy_type != D_11B_ONLY_MODE) { 1334 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 1335 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM); 1336 } 1337 1338 return cpu_to_le16(capability); 1339 } 1340 1341 static void init_request(struct ks_wlan_private *priv, 1342 struct hostif_request *req) 1343 { 1344 req->phy_type = cpu_to_le16(priv->reg.phy_type); 1345 req->cts_mode = cpu_to_le16(priv->reg.cts_mode); 1346 req->scan_type = cpu_to_le16(priv->reg.scan_type); 1347 req->rate_set.size = priv->reg.rate_set.size; 1348 req->capability = ks_wlan_cap(priv); 1349 memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0], 1350 priv->reg.rate_set.size); 1351 } 1352 1353 static 1354 void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv) 1355 { 1356 struct hostif_ps_adhoc_set_request *pp; 1357 1358 pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ); 1359 if (!pp) 1360 return; 1361 1362 init_request(priv, &pp->request); 1363 pp->channel = cpu_to_le16(priv->reg.channel); 1364 1365 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1366 } 1367 1368 static 1369 void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event) 1370 { 1371 struct hostif_infrastructure_set_request *pp; 1372 1373 pp = hostif_generic_request(sizeof(*pp), event); 1374 if (!pp) 1375 return; 1376 1377 init_request(priv, &pp->request); 1378 pp->ssid.size = priv->reg.ssid.size; 1379 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1380 pp->beacon_lost_count = 1381 cpu_to_le16(priv->reg.beacon_lost_count); 1382 pp->auth_type = cpu_to_le16(priv->reg.authenticate_type); 1383 1384 pp->channel_list.body[0] = 1; 1385 pp->channel_list.body[1] = 8; 1386 pp->channel_list.body[2] = 2; 1387 pp->channel_list.body[3] = 9; 1388 pp->channel_list.body[4] = 3; 1389 pp->channel_list.body[5] = 10; 1390 pp->channel_list.body[6] = 4; 1391 pp->channel_list.body[7] = 11; 1392 pp->channel_list.body[8] = 5; 1393 pp->channel_list.body[9] = 12; 1394 pp->channel_list.body[10] = 6; 1395 pp->channel_list.body[11] = 13; 1396 pp->channel_list.body[12] = 7; 1397 if (priv->reg.phy_type == D_11G_ONLY_MODE) { 1398 pp->channel_list.size = 13; 1399 } else { 1400 pp->channel_list.body[13] = 14; 1401 pp->channel_list.size = 14; 1402 } 1403 1404 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1405 } 1406 1407 static 1408 void hostif_adhoc_set_request(struct ks_wlan_private *priv) 1409 { 1410 struct hostif_adhoc_set_request *pp; 1411 1412 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ); 1413 if (!pp) 1414 return; 1415 1416 init_request(priv, &pp->request); 1417 pp->channel = cpu_to_le16(priv->reg.channel); 1418 pp->ssid.size = priv->reg.ssid.size; 1419 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1420 1421 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1422 } 1423 1424 static 1425 void hostif_adhoc_set2_request(struct ks_wlan_private *priv) 1426 { 1427 struct hostif_adhoc_set2_request *pp; 1428 1429 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ); 1430 if (!pp) 1431 return; 1432 1433 init_request(priv, &pp->request); 1434 pp->ssid.size = priv->reg.ssid.size; 1435 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1436 1437 pp->channel_list.body[0] = priv->reg.channel; 1438 pp->channel_list.size = 1; 1439 memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN); 1440 1441 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1442 } 1443 1444 static 1445 void hostif_stop_request(struct ks_wlan_private *priv) 1446 { 1447 struct hostif_stop_request *pp; 1448 1449 pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ); 1450 if (!pp) 1451 return; 1452 1453 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1454 } 1455 1456 static 1457 void hostif_phy_information_request(struct ks_wlan_private *priv) 1458 { 1459 struct hostif_phy_information_request *pp; 1460 1461 pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ); 1462 if (!pp) 1463 return; 1464 1465 if (priv->reg.phy_info_timer) { 1466 pp->type = cpu_to_le16(TIME_TYPE); 1467 pp->time = cpu_to_le16(priv->reg.phy_info_timer); 1468 } else { 1469 pp->type = cpu_to_le16(NORMAL_TYPE); 1470 pp->time = cpu_to_le16(0); 1471 } 1472 1473 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1474 } 1475 1476 static 1477 void hostif_power_mgmt_request(struct ks_wlan_private *priv, 1478 u32 mode, u32 wake_up, u32 receive_dtims) 1479 { 1480 struct hostif_power_mgmt_request *pp; 1481 1482 pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ); 1483 if (!pp) 1484 return; 1485 1486 pp->mode = cpu_to_le32(mode); 1487 pp->wake_up = cpu_to_le32(wake_up); 1488 pp->receive_dtims = cpu_to_le32(receive_dtims); 1489 1490 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1491 } 1492 1493 static 1494 void hostif_sleep_request(struct ks_wlan_private *priv, 1495 enum sleep_mode_type mode) 1496 { 1497 struct hostif_sleep_request *pp; 1498 1499 if (mode == SLP_SLEEP) { 1500 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ); 1501 if (!pp) 1502 return; 1503 1504 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1505 } else if (mode == SLP_ACTIVE) { 1506 atomic_set(&priv->sleepstatus.wakeup_request, 1); 1507 queue_delayed_work(priv->wq, &priv->rw_dwork, 1); 1508 } else { 1509 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode); 1510 return; 1511 } 1512 } 1513 1514 static 1515 void hostif_bss_scan_request(struct ks_wlan_private *priv, 1516 unsigned long scan_type, u8 *scan_ssid, 1517 u8 scan_ssid_len) 1518 { 1519 struct hostif_bss_scan_request *pp; 1520 1521 pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ); 1522 if (!pp) 1523 return; 1524 1525 pp->scan_type = scan_type; 1526 1527 pp->ch_time_min = cpu_to_le32(110); /* default value */ 1528 pp->ch_time_max = cpu_to_le32(130); /* default value */ 1529 pp->channel_list.body[0] = 1; 1530 pp->channel_list.body[1] = 8; 1531 pp->channel_list.body[2] = 2; 1532 pp->channel_list.body[3] = 9; 1533 pp->channel_list.body[4] = 3; 1534 pp->channel_list.body[5] = 10; 1535 pp->channel_list.body[6] = 4; 1536 pp->channel_list.body[7] = 11; 1537 pp->channel_list.body[8] = 5; 1538 pp->channel_list.body[9] = 12; 1539 pp->channel_list.body[10] = 6; 1540 pp->channel_list.body[11] = 13; 1541 pp->channel_list.body[12] = 7; 1542 if (priv->reg.phy_type == D_11G_ONLY_MODE) { 1543 pp->channel_list.size = 13; 1544 } else { 1545 pp->channel_list.body[13] = 14; 1546 pp->channel_list.size = 14; 1547 } 1548 pp->ssid.size = 0; 1549 1550 /* specified SSID SCAN */ 1551 if (scan_ssid_len > 0 && scan_ssid_len <= 32) { 1552 pp->ssid.size = scan_ssid_len; 1553 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len); 1554 } 1555 1556 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1557 1558 priv->aplist.size = 0; 1559 priv->scan_ind_count = 0; 1560 } 1561 1562 static 1563 void hostif_mic_failure_request(struct ks_wlan_private *priv, 1564 u16 failure_count, u16 timer) 1565 { 1566 struct hostif_mic_failure_request *pp; 1567 1568 pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ); 1569 if (!pp) 1570 return; 1571 1572 pp->failure_count = cpu_to_le16(failure_count); 1573 pp->timer = cpu_to_le16(timer); 1574 1575 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1576 } 1577 1578 /* Device I/O Receive indicate */ 1579 static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p, 1580 unsigned int size) 1581 { 1582 if (!priv->is_device_open) 1583 return; 1584 1585 spin_lock(&priv->dev_read_lock); 1586 priv->dev_data[atomic_read(&priv->rec_count)] = p; 1587 priv->dev_size[atomic_read(&priv->rec_count)] = size; 1588 1589 if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) { 1590 /* rx event count inc */ 1591 atomic_inc(&priv->event_count); 1592 } 1593 atomic_inc(&priv->rec_count); 1594 if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT) 1595 atomic_set(&priv->rec_count, 0); 1596 1597 wake_up_interruptible_all(&priv->devread_wait); 1598 1599 spin_unlock(&priv->dev_read_lock); 1600 } 1601 1602 void hostif_receive(struct ks_wlan_private *priv, unsigned char *p, 1603 unsigned int size) 1604 { 1605 devio_rec_ind(priv, p, size); 1606 1607 priv->rxp = p; 1608 priv->rx_size = size; 1609 1610 if (get_word(priv) == priv->rx_size) 1611 hostif_event_check(priv); 1612 } 1613 1614 static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type) 1615 { 1616 switch (type) { 1617 case SME_WEP_INDEX_REQUEST: 1618 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID, 1619 priv->reg.wep_index); 1620 break; 1621 case SME_WEP_KEY1_REQUEST: 1622 if (priv->wpa.wpa_enabled) 1623 return; 1624 hostif_mib_set_request_ostring(priv, 1625 DOT11_WEP_DEFAULT_KEY_VALUE1, 1626 &priv->reg.wep_key[0].val[0], 1627 priv->reg.wep_key[0].size); 1628 break; 1629 case SME_WEP_KEY2_REQUEST: 1630 if (priv->wpa.wpa_enabled) 1631 return; 1632 hostif_mib_set_request_ostring(priv, 1633 DOT11_WEP_DEFAULT_KEY_VALUE2, 1634 &priv->reg.wep_key[1].val[0], 1635 priv->reg.wep_key[1].size); 1636 break; 1637 case SME_WEP_KEY3_REQUEST: 1638 if (priv->wpa.wpa_enabled) 1639 return; 1640 hostif_mib_set_request_ostring(priv, 1641 DOT11_WEP_DEFAULT_KEY_VALUE3, 1642 &priv->reg.wep_key[2].val[0], 1643 priv->reg.wep_key[2].size); 1644 break; 1645 case SME_WEP_KEY4_REQUEST: 1646 if (priv->wpa.wpa_enabled) 1647 return; 1648 hostif_mib_set_request_ostring(priv, 1649 DOT11_WEP_DEFAULT_KEY_VALUE4, 1650 &priv->reg.wep_key[3].val[0], 1651 priv->reg.wep_key[3].size); 1652 break; 1653 case SME_WEP_FLAG_REQUEST: 1654 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED, 1655 priv->reg.privacy_invoked); 1656 break; 1657 } 1658 } 1659 1660 struct wpa_suite { 1661 __le16 size; 1662 unsigned char suite[4][CIPHER_ID_LEN]; 1663 } __packed; 1664 1665 struct rsn_mode { 1666 __le32 rsn_mode; 1667 __le16 rsn_capability; 1668 } __packed; 1669 1670 static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type) 1671 { 1672 struct wpa_suite wpa_suite; 1673 struct rsn_mode rsn_mode; 1674 size_t size; 1675 u32 mode; 1676 const u8 *buf = NULL; 1677 1678 memset(&wpa_suite, 0, sizeof(wpa_suite)); 1679 1680 switch (type) { 1681 case SME_RSN_UCAST_REQUEST: 1682 wpa_suite.size = cpu_to_le16(1); 1683 switch (priv->wpa.pairwise_suite) { 1684 case IW_AUTH_CIPHER_NONE: 1685 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1686 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE; 1687 break; 1688 case IW_AUTH_CIPHER_WEP40: 1689 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1690 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40; 1691 break; 1692 case IW_AUTH_CIPHER_TKIP: 1693 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1694 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP; 1695 break; 1696 case IW_AUTH_CIPHER_CCMP: 1697 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1698 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP; 1699 break; 1700 case IW_AUTH_CIPHER_WEP104: 1701 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1702 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104; 1703 break; 1704 } 1705 1706 if (buf) 1707 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN); 1708 size = sizeof(wpa_suite.size) + 1709 (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size)); 1710 hostif_mib_set_request_ostring(priv, 1711 DOT11_RSN_CONFIG_UNICAST_CIPHER, 1712 &wpa_suite, size); 1713 break; 1714 case SME_RSN_MCAST_REQUEST: 1715 switch (priv->wpa.group_suite) { 1716 case IW_AUTH_CIPHER_NONE: 1717 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1718 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE; 1719 break; 1720 case IW_AUTH_CIPHER_WEP40: 1721 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1722 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40; 1723 break; 1724 case IW_AUTH_CIPHER_TKIP: 1725 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1726 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP; 1727 break; 1728 case IW_AUTH_CIPHER_CCMP: 1729 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1730 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP; 1731 break; 1732 case IW_AUTH_CIPHER_WEP104: 1733 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1734 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104; 1735 break; 1736 } 1737 if (buf) 1738 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN); 1739 hostif_mib_set_request_ostring(priv, 1740 DOT11_RSN_CONFIG_MULTICAST_CIPHER, 1741 &wpa_suite.suite[0][0], 1742 CIPHER_ID_LEN); 1743 break; 1744 case SME_RSN_AUTH_REQUEST: 1745 wpa_suite.size = cpu_to_le16(1); 1746 switch (priv->wpa.key_mgmt_suite) { 1747 case IW_AUTH_KEY_MGMT_802_1X: 1748 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1749 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X; 1750 break; 1751 case IW_AUTH_KEY_MGMT_PSK: 1752 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1753 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK; 1754 break; 1755 case 0: 1756 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1757 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE; 1758 break; 1759 case 4: 1760 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1761 KEY_MGMT_ID_WPA2_WPANONE : 1762 KEY_MGMT_ID_WPA_WPANONE; 1763 break; 1764 } 1765 1766 if (buf) 1767 memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN); 1768 size = sizeof(wpa_suite.size) + 1769 (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size)); 1770 hostif_mib_set_request_ostring(priv, 1771 DOT11_RSN_CONFIG_AUTH_SUITE, 1772 &wpa_suite, size); 1773 break; 1774 case SME_RSN_ENABLED_REQUEST: 1775 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED, 1776 priv->wpa.rsn_enabled); 1777 break; 1778 case SME_RSN_MODE_REQUEST: 1779 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1780 RSN_MODE_WPA2 : 1781 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ? 1782 RSN_MODE_WPA : RSN_MODE_NONE; 1783 rsn_mode.rsn_mode = cpu_to_le32(mode); 1784 rsn_mode.rsn_capability = cpu_to_le16(0); 1785 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE, 1786 &rsn_mode, sizeof(rsn_mode)); 1787 break; 1788 } 1789 } 1790 1791 static 1792 void hostif_sme_mode_setup(struct ks_wlan_private *priv) 1793 { 1794 unsigned char rate_size; 1795 unsigned char rate_octet[RATE_SET_MAX_SIZE]; 1796 int i = 0; 1797 1798 /* rate setting if rate segging is auto for changing phy_type (#94) */ 1799 if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) { 1800 if (priv->reg.phy_type == D_11B_ONLY_MODE) { 1801 priv->reg.rate_set.body[3] = TX_RATE_11M; 1802 priv->reg.rate_set.body[2] = TX_RATE_5M; 1803 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE; 1804 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE; 1805 priv->reg.rate_set.size = 4; 1806 } else { /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */ 1807 priv->reg.rate_set.body[11] = TX_RATE_54M; 1808 priv->reg.rate_set.body[10] = TX_RATE_48M; 1809 priv->reg.rate_set.body[9] = TX_RATE_36M; 1810 priv->reg.rate_set.body[8] = TX_RATE_18M; 1811 priv->reg.rate_set.body[7] = TX_RATE_9M; 1812 priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE; 1813 priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE; 1814 priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE; 1815 priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE; 1816 priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE; 1817 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE; 1818 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE; 1819 priv->reg.rate_set.size = 12; 1820 } 1821 } 1822 1823 /* rate mask by phy setting */ 1824 if (priv->reg.phy_type == D_11B_ONLY_MODE) { 1825 for (i = 0; i < priv->reg.rate_set.size; i++) { 1826 if (!is_11b_rate(priv->reg.rate_set.body[i])) 1827 break; 1828 1829 if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) { 1830 rate_octet[i] = priv->reg.rate_set.body[i] & 1831 RATE_MASK; 1832 } else { 1833 rate_octet[i] = priv->reg.rate_set.body[i]; 1834 } 1835 } 1836 1837 } else { /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */ 1838 for (i = 0; i < priv->reg.rate_set.size; i++) { 1839 if (!is_11bg_rate(priv->reg.rate_set.body[i])) 1840 break; 1841 1842 if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) { 1843 rate_octet[i] = priv->reg.rate_set.body[i] & 1844 RATE_MASK; 1845 } else { 1846 rate_octet[i] = priv->reg.rate_set.body[i]; 1847 } 1848 } 1849 } 1850 rate_size = i; 1851 if (rate_size == 0) { 1852 if (priv->reg.phy_type == D_11G_ONLY_MODE) 1853 rate_octet[0] = TX_RATE_6M | BASIC_RATE; 1854 else 1855 rate_octet[0] = TX_RATE_2M | BASIC_RATE; 1856 rate_size = 1; 1857 } 1858 1859 /* rate set update */ 1860 priv->reg.rate_set.size = rate_size; 1861 memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size); 1862 1863 switch (priv->reg.operation_mode) { 1864 case MODE_PSEUDO_ADHOC: 1865 hostif_ps_adhoc_set_request(priv); 1866 break; 1867 case MODE_INFRASTRUCTURE: 1868 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) { 1869 hostif_infrastructure_set_request(priv, 1870 HIF_INFRA_SET_REQ); 1871 } else { 1872 hostif_infrastructure_set_request(priv, 1873 HIF_INFRA_SET2_REQ); 1874 netdev_dbg(priv->net_dev, 1875 "Infra bssid = %pM\n", priv->reg.bssid); 1876 } 1877 break; 1878 case MODE_ADHOC: 1879 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) { 1880 hostif_adhoc_set_request(priv); 1881 } else { 1882 hostif_adhoc_set2_request(priv); 1883 netdev_dbg(priv->net_dev, 1884 "Adhoc bssid = %pM\n", priv->reg.bssid); 1885 } 1886 break; 1887 default: 1888 break; 1889 } 1890 } 1891 1892 static 1893 void hostif_sme_multicast_set(struct ks_wlan_private *priv) 1894 { 1895 struct net_device *dev = priv->net_dev; 1896 int mc_count; 1897 struct netdev_hw_addr *ha; 1898 char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN]; 1899 int i = 0; 1900 1901 spin_lock(&priv->multicast_spin); 1902 1903 memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN); 1904 1905 if (dev->flags & IFF_PROMISC) { 1906 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1907 MCAST_FILTER_PROMISC); 1908 goto spin_unlock; 1909 } 1910 1911 if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) || 1912 (dev->flags & IFF_ALLMULTI)) { 1913 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1914 MCAST_FILTER_MCASTALL); 1915 goto spin_unlock; 1916 } 1917 1918 if (priv->sme_i.sme_flag & SME_MULTICAST) { 1919 mc_count = netdev_mc_count(dev); 1920 netdev_for_each_mc_addr(ha, dev) { 1921 ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr); 1922 i++; 1923 } 1924 priv->sme_i.sme_flag &= ~SME_MULTICAST; 1925 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS, 1926 &set_address[0], 1927 ETH_ALEN * mc_count); 1928 } else { 1929 priv->sme_i.sme_flag |= SME_MULTICAST; 1930 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1931 MCAST_FILTER_MCAST); 1932 } 1933 1934 spin_unlock: 1935 spin_unlock(&priv->multicast_spin); 1936 } 1937 1938 static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv) 1939 { 1940 u32 mode, wake_up, receive_dtims; 1941 1942 if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 && 1943 priv->reg.power_mgmt != POWER_MGMT_SAVE2) { 1944 mode = POWER_ACTIVE; 1945 wake_up = 0; 1946 receive_dtims = 0; 1947 } else { 1948 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ? 1949 POWER_SAVE : POWER_ACTIVE; 1950 wake_up = 0; 1951 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE && 1952 priv->reg.power_mgmt == POWER_MGMT_SAVE2); 1953 } 1954 1955 hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims); 1956 } 1957 1958 static void hostif_sme_sleep_set(struct ks_wlan_private *priv) 1959 { 1960 if (priv->sleep_mode != SLP_SLEEP && 1961 priv->sleep_mode != SLP_ACTIVE) 1962 return; 1963 1964 hostif_sleep_request(priv, priv->sleep_mode); 1965 } 1966 1967 static 1968 void hostif_sme_set_key(struct ks_wlan_private *priv, int type) 1969 { 1970 switch (type) { 1971 case SME_SET_FLAG: 1972 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED, 1973 priv->reg.privacy_invoked); 1974 break; 1975 case SME_SET_TXKEY: 1976 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID, 1977 priv->wpa.txkey); 1978 break; 1979 case SME_SET_KEY1: 1980 hostif_mib_set_request_ostring(priv, 1981 DOT11_WEP_DEFAULT_KEY_VALUE1, 1982 &priv->wpa.key[0].key_val[0], 1983 priv->wpa.key[0].key_len); 1984 break; 1985 case SME_SET_KEY2: 1986 hostif_mib_set_request_ostring(priv, 1987 DOT11_WEP_DEFAULT_KEY_VALUE2, 1988 &priv->wpa.key[1].key_val[0], 1989 priv->wpa.key[1].key_len); 1990 break; 1991 case SME_SET_KEY3: 1992 hostif_mib_set_request_ostring(priv, 1993 DOT11_WEP_DEFAULT_KEY_VALUE3, 1994 &priv->wpa.key[2].key_val[0], 1995 priv->wpa.key[2].key_len); 1996 break; 1997 case SME_SET_KEY4: 1998 hostif_mib_set_request_ostring(priv, 1999 DOT11_WEP_DEFAULT_KEY_VALUE4, 2000 &priv->wpa.key[3].key_val[0], 2001 priv->wpa.key[3].key_len); 2002 break; 2003 case SME_SET_PMK_TSC: 2004 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC, 2005 &priv->wpa.key[0].rx_seq[0], 2006 WPA_RX_SEQ_LEN); 2007 break; 2008 case SME_SET_GMK1_TSC: 2009 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC, 2010 &priv->wpa.key[1].rx_seq[0], 2011 WPA_RX_SEQ_LEN); 2012 break; 2013 case SME_SET_GMK2_TSC: 2014 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC, 2015 &priv->wpa.key[2].rx_seq[0], 2016 WPA_RX_SEQ_LEN); 2017 break; 2018 } 2019 } 2020 2021 static 2022 void hostif_sme_set_pmksa(struct ks_wlan_private *priv) 2023 { 2024 struct pmk_cache { 2025 __le16 size; 2026 struct { 2027 u8 bssid[ETH_ALEN]; 2028 u8 pmkid[IW_PMKID_LEN]; 2029 } __packed list[PMK_LIST_MAX]; 2030 } __packed pmkcache; 2031 struct pmk *pmk; 2032 size_t size; 2033 int i = 0; 2034 2035 list_for_each_entry(pmk, &priv->pmklist.head, list) { 2036 if (i >= PMK_LIST_MAX) 2037 break; 2038 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid); 2039 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN); 2040 i++; 2041 } 2042 pmkcache.size = cpu_to_le16(priv->pmklist.size); 2043 size = sizeof(priv->pmklist.size) + 2044 ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size); 2045 hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size); 2046 } 2047 2048 /* execute sme */ 2049 static void hostif_sme_execute(struct ks_wlan_private *priv, int event) 2050 { 2051 u16 failure; 2052 2053 switch (event) { 2054 case SME_START: 2055 if (priv->dev_state == DEVICE_STATE_BOOT) 2056 hostif_mib_get_request(priv, DOT11_MAC_ADDRESS); 2057 break; 2058 case SME_MULTICAST_REQUEST: 2059 hostif_sme_multicast_set(priv); 2060 break; 2061 case SME_MACADDRESS_SET_REQUEST: 2062 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS, 2063 &priv->eth_addr[0], ETH_ALEN); 2064 break; 2065 case SME_BSS_SCAN_REQUEST: 2066 hostif_bss_scan_request(priv, priv->reg.scan_type, 2067 priv->scan_ssid, priv->scan_ssid_len); 2068 break; 2069 case SME_POW_MNGMT_REQUEST: 2070 hostif_sme_power_mgmt_set(priv); 2071 break; 2072 case SME_PHY_INFO_REQUEST: 2073 hostif_phy_information_request(priv); 2074 break; 2075 case SME_MIC_FAILURE_REQUEST: 2076 failure = priv->wpa.mic_failure.failure; 2077 if (failure != 1 && failure != 2) { 2078 netdev_err(priv->net_dev, 2079 "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n", 2080 failure); 2081 return; 2082 } 2083 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ? 2084 0 : priv->wpa.mic_failure.counter); 2085 break; 2086 case SME_MIC_FAILURE_CONFIRM: 2087 if (priv->wpa.mic_failure.failure == 2) { 2088 if (priv->wpa.mic_failure.stop) 2089 priv->wpa.mic_failure.stop = 0; 2090 priv->wpa.mic_failure.failure = 0; 2091 hostif_start_request(priv, priv->reg.operation_mode); 2092 } 2093 break; 2094 case SME_GET_MAC_ADDRESS: 2095 if (priv->dev_state == DEVICE_STATE_BOOT) 2096 hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION); 2097 break; 2098 case SME_GET_PRODUCT_VERSION: 2099 if (priv->dev_state == DEVICE_STATE_BOOT) 2100 priv->dev_state = DEVICE_STATE_PREINIT; 2101 break; 2102 case SME_STOP_REQUEST: 2103 hostif_stop_request(priv); 2104 break; 2105 case SME_RTS_THRESHOLD_REQUEST: 2106 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD, 2107 priv->reg.rts); 2108 break; 2109 case SME_FRAGMENTATION_THRESHOLD_REQUEST: 2110 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD, 2111 priv->reg.fragment); 2112 break; 2113 case SME_WEP_INDEX_REQUEST: 2114 case SME_WEP_KEY1_REQUEST: 2115 case SME_WEP_KEY2_REQUEST: 2116 case SME_WEP_KEY3_REQUEST: 2117 case SME_WEP_KEY4_REQUEST: 2118 case SME_WEP_FLAG_REQUEST: 2119 hostif_sme_set_wep(priv, event); 2120 break; 2121 case SME_RSN_UCAST_REQUEST: 2122 case SME_RSN_MCAST_REQUEST: 2123 case SME_RSN_AUTH_REQUEST: 2124 case SME_RSN_ENABLED_REQUEST: 2125 case SME_RSN_MODE_REQUEST: 2126 hostif_sme_set_rsn(priv, event); 2127 break; 2128 case SME_SET_FLAG: 2129 case SME_SET_TXKEY: 2130 case SME_SET_KEY1: 2131 case SME_SET_KEY2: 2132 case SME_SET_KEY3: 2133 case SME_SET_KEY4: 2134 case SME_SET_PMK_TSC: 2135 case SME_SET_GMK1_TSC: 2136 case SME_SET_GMK2_TSC: 2137 hostif_sme_set_key(priv, event); 2138 break; 2139 case SME_SET_PMKSA: 2140 hostif_sme_set_pmksa(priv); 2141 break; 2142 case SME_WPS_ENABLE_REQUEST: 2143 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE, 2144 priv->wps.wps_enabled); 2145 break; 2146 case SME_WPS_PROBE_REQUEST: 2147 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ, 2148 priv->wps.ie, priv->wps.ielen); 2149 break; 2150 case SME_MODE_SET_REQUEST: 2151 hostif_sme_mode_setup(priv); 2152 break; 2153 case SME_SET_GAIN: 2154 hostif_mib_set_request_ostring(priv, LOCAL_GAIN, 2155 &priv->gain, sizeof(priv->gain)); 2156 break; 2157 case SME_GET_GAIN: 2158 hostif_mib_get_request(priv, LOCAL_GAIN); 2159 break; 2160 case SME_GET_EEPROM_CKSUM: 2161 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT; /* initialize */ 2162 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM); 2163 break; 2164 case SME_START_REQUEST: 2165 hostif_start_request(priv, priv->reg.operation_mode); 2166 break; 2167 case SME_START_CONFIRM: 2168 /* for power save */ 2169 atomic_set(&priv->psstatus.snooze_guard, 0); 2170 atomic_set(&priv->psstatus.confirm_wait, 0); 2171 if (priv->dev_state == DEVICE_STATE_PREINIT) 2172 priv->dev_state = DEVICE_STATE_INIT; 2173 /* wake_up_interruptible_all(&priv->confirm_wait); */ 2174 complete(&priv->confirm_wait); 2175 break; 2176 case SME_SLEEP_REQUEST: 2177 hostif_sme_sleep_set(priv); 2178 break; 2179 case SME_SET_REGION: 2180 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region); 2181 break; 2182 case SME_MULTICAST_CONFIRM: 2183 case SME_BSS_SCAN_CONFIRM: 2184 case SME_POW_MNGMT_CONFIRM: 2185 case SME_PHY_INFO_CONFIRM: 2186 case SME_STOP_CONFIRM: 2187 case SME_RTS_THRESHOLD_CONFIRM: 2188 case SME_FRAGMENTATION_THRESHOLD_CONFIRM: 2189 case SME_WEP_INDEX_CONFIRM: 2190 case SME_WEP_KEY1_CONFIRM: 2191 case SME_WEP_KEY2_CONFIRM: 2192 case SME_WEP_KEY3_CONFIRM: 2193 case SME_WEP_KEY4_CONFIRM: 2194 case SME_WEP_FLAG_CONFIRM: 2195 case SME_RSN_UCAST_CONFIRM: 2196 case SME_RSN_MCAST_CONFIRM: 2197 case SME_RSN_AUTH_CONFIRM: 2198 case SME_RSN_ENABLED_CONFIRM: 2199 case SME_RSN_MODE_CONFIRM: 2200 case SME_MODE_SET_CONFIRM: 2201 case SME_TERMINATE: 2202 default: 2203 break; 2204 } 2205 } 2206 2207 static 2208 void hostif_sme_task(struct tasklet_struct *t) 2209 { 2210 struct ks_wlan_private *priv = from_tasklet(priv, t, sme_task); 2211 2212 if (priv->dev_state < DEVICE_STATE_BOOT) 2213 return; 2214 2215 if (cnt_smeqbody(priv) <= 0) 2216 return; 2217 2218 hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]); 2219 inc_smeqhead(priv); 2220 if (cnt_smeqbody(priv) > 0) 2221 tasklet_schedule(&priv->sme_task); 2222 } 2223 2224 /* send to Station Management Entity module */ 2225 void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event) 2226 { 2227 /* enqueue sme event */ 2228 if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) { 2229 priv->sme_i.event_buff[priv->sme_i.qtail] = event; 2230 inc_smeqtail(priv); 2231 } else { 2232 /* in case of buffer overflow */ 2233 netdev_err(priv->net_dev, "sme queue buffer overflow\n"); 2234 } 2235 2236 tasklet_schedule(&priv->sme_task); 2237 } 2238 2239 static inline void hostif_aplist_init(struct ks_wlan_private *priv) 2240 { 2241 size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap); 2242 2243 priv->aplist.size = 0; 2244 memset(&priv->aplist.ap[0], 0, size); 2245 } 2246 2247 static inline void hostif_status_init(struct ks_wlan_private *priv) 2248 { 2249 priv->infra_status = 0; 2250 priv->current_rate = 4; 2251 priv->connect_status = DISCONNECT_STATUS; 2252 } 2253 2254 static inline void hostif_sme_init(struct ks_wlan_private *priv) 2255 { 2256 priv->sme_i.sme_status = SME_IDLE; 2257 priv->sme_i.qhead = 0; 2258 priv->sme_i.qtail = 0; 2259 spin_lock_init(&priv->sme_i.sme_spin); 2260 priv->sme_i.sme_flag = 0; 2261 tasklet_setup(&priv->sme_task, hostif_sme_task); 2262 } 2263 2264 static inline void hostif_wpa_init(struct ks_wlan_private *priv) 2265 { 2266 memset(&priv->wpa, 0, sizeof(priv->wpa)); 2267 priv->wpa.rsn_enabled = false; 2268 priv->wpa.mic_failure.failure = 0; 2269 priv->wpa.mic_failure.last_failure_time = 0; 2270 priv->wpa.mic_failure.stop = 0; 2271 } 2272 2273 static inline void hostif_power_save_init(struct ks_wlan_private *priv) 2274 { 2275 atomic_set(&priv->psstatus.status, PS_NONE); 2276 atomic_set(&priv->psstatus.confirm_wait, 0); 2277 atomic_set(&priv->psstatus.snooze_guard, 0); 2278 init_completion(&priv->psstatus.wakeup_wait); 2279 INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task); 2280 } 2281 2282 static inline void hostif_pmklist_init(struct ks_wlan_private *priv) 2283 { 2284 int i; 2285 2286 memset(&priv->pmklist, 0, sizeof(priv->pmklist)); 2287 INIT_LIST_HEAD(&priv->pmklist.head); 2288 for (i = 0; i < PMK_LIST_MAX; i++) 2289 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list); 2290 } 2291 2292 static inline void hostif_counters_init(struct ks_wlan_private *priv) 2293 { 2294 priv->dev_count = 0; 2295 atomic_set(&priv->event_count, 0); 2296 atomic_set(&priv->rec_count, 0); 2297 } 2298 2299 int hostif_init(struct ks_wlan_private *priv) 2300 { 2301 hostif_aplist_init(priv); 2302 hostif_status_init(priv); 2303 2304 spin_lock_init(&priv->multicast_spin); 2305 spin_lock_init(&priv->dev_read_lock); 2306 init_waitqueue_head(&priv->devread_wait); 2307 2308 hostif_counters_init(priv); 2309 hostif_power_save_init(priv); 2310 hostif_wpa_init(priv); 2311 hostif_pmklist_init(priv); 2312 hostif_sme_init(priv); 2313 2314 return 0; 2315 } 2316 2317 void hostif_exit(struct ks_wlan_private *priv) 2318 { 2319 tasklet_kill(&priv->sme_task); 2320 } 2321