1 /******************************************************************************
3 Copyright(c) 2003 - 2004 Intel Corporation. All rights reserved.
5 This program is free software; you can redistribute it and/or modify it
6 under the terms of version 2 of the GNU General Public License as
7 published by the Free Software Foundation.
9 This program is distributed in the hope that it will be useful, but WITHOUT
10 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 You should have received a copy of the GNU General Public License along with
15 this program; if not, write to the Free Software Foundation, Inc., 59
16 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18 The full GNU General Public License is included in this distribution in the
22 James P. Ketrenos <ipw2100-admin@linux.intel.com>
23 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
25 ******************************************************************************
27 Few modifications for Realtek's Wi-Fi drivers by
28 Andrea Merello <andrea.merello@gmail.com>
30 A special thanks goes to Realtek for their support !
32 ******************************************************************************/
34 #include <linux/compiler.h>
35 #include <linux/errno.h>
36 #include <linux/if_arp.h>
37 #include <linux/in6.h>
40 #include <linux/kernel.h>
41 #include <linux/module.h>
42 #include <linux/netdevice.h>
43 #include <linux/pci.h>
44 #include <linux/proc_fs.h>
45 #include <linux/skbuff.h>
46 #include <linux/slab.h>
47 #include <linux/tcp.h>
48 #include <linux/types.h>
49 #include <linux/wireless.h>
50 #include <linux/etherdevice.h>
51 #include <asm/uaccess.h>
52 #include <linux/if_vlan.h>
54 #include "ieee80211.h"
63 802.11 frame_contorl for data frames - 2 bytes
64 ,-----------------------------------------------------------------------------------------.
65 bits | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | a | b | c | d | e |
66 |----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------|
67 val | 0 | 0 | 0 | 1 | x | 0 | 0 | 0 | 1 | 0 | x | x | x | x | x |
68 |----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------|
69 desc | ^-ver-^ | ^type-^ | ^-----subtype-----^ | to |from |more |retry| pwr |more |wep |
70 | | | x=0 data,x=1 data+ack | DS | DS |frag | | mgm |data | |
71 '-----------------------------------------------------------------------------------------'
75 ,--------- 'ctrl' expands to >-----------'
77 ,--'---,-------------------------------------------------------------.
78 Bytes | 2 | 2 | 6 | 6 | 6 | 2 | 0..2312 | 4 |
79 |------|------|---------|---------|---------|------|---------|------|
80 Desc. | ctrl | dura | DA/RA | TA | SA | Sequ | Frame | fcs |
81 | | tion | (BSSID) | | | ence | data | |
82 `--------------------------------------------------| |------'
83 Total: 28 non-data bytes `----.----'
85 .- 'Frame data' expands to <---------------------------'
88 ,---------------------------------------------------.
89 Bytes | 1 | 1 | 1 | 3 | 2 | 0-2304 |
90 |------|------|---------|----------|------|---------|
91 Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP |
92 | DSAP | SSAP | | | | Packet |
93 | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8| | |
94 `-----------------------------------------| |
95 Total: 8 non-data bytes `----.----'
97 .- 'IP Packet' expands, if WEP enabled, to <--'
100 ,-----------------------.
101 Bytes | 4 | 0-2296 | 4 |
102 |-----|-----------|-----|
103 Desc. | IV | Encrypted | ICV |
105 `-----------------------'
106 Total: 8 non-data bytes
109 802.3 Ethernet Data Frame
111 ,-----------------------------------------.
112 Bytes | 6 | 6 | 2 | Variable | 4 |
113 |-------|-------|------|-----------|------|
114 Desc. | Dest. | Source| Type | IP Packet | fcs |
116 `-----------------------------------------'
117 Total: 18 non-data bytes
119 In the event that fragmentation is required, the incoming payload is split into
120 N parts of size ieee->fts. The first fragment contains the SNAP header and the
121 remaining packets are just data.
123 If encryption is enabled, each fragment payload size is reduced by enough space
124 to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
125 So if you have 1500 bytes of payload with ieee->fts set to 500 without
126 encryption it will take 3 frames. With WEP it will take 4 frames as the
127 payload of each frame is reduced to 492 bytes.
133 * | ETHERNET HEADER ,-<-- PAYLOAD
134 * | | 14 bytes from skb->data
135 * | 2 bytes for Type --> ,T. | (sizeof ethhdr)
137 * |,-Dest.--. ,--Src.---. | | |
138 * | 6 bytes| | 6 bytes | | | |
141 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
144 * | | | | `T' <---- 2 bytes for Type
146 * | | '---SNAP--' <-------- 6 bytes for SNAP
148 * `-IV--' <-------------------- 4 bytes for IV (WEP)
154 static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
155 static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
157 static inline int ieee80211_put_snap(u8 *data, u16 h_proto)
159 struct ieee80211_snap_hdr *snap;
162 snap = (struct ieee80211_snap_hdr *)data;
167 if (h_proto == 0x8137 || h_proto == 0x80f3)
171 snap->oui[0] = oui[0];
172 snap->oui[1] = oui[1];
173 snap->oui[2] = oui[2];
175 *(u16 *)(data + SNAP_SIZE) = htons(h_proto);
177 return SNAP_SIZE + sizeof(u16);
180 int ieee80211_encrypt_fragment(struct ieee80211_device *ieee,
181 struct sk_buff *frag, int hdr_len)
183 struct ieee80211_crypt_data* crypt = ieee->crypt[ieee->tx_keyidx];
187 * added to care about null crypt condition, to solve that system hangs
188 * when shared keys error
190 if (!crypt || !crypt->ops)
193 #ifdef CONFIG_IEEE80211_CRYPT_TKIP
194 struct ieee80211_hdr_4addr *header;
196 if (ieee->tkip_countermeasures &&
197 crypt && crypt->ops && strcmp(crypt->ops->name, "TKIP") == 0) {
198 header = (struct ieee80211_hdr_4addr *)frag->data;
199 if (net_ratelimit()) {
200 netdev_dbg(ieee->dev, "TKIP countermeasures: dropped "
201 "TX packet to %pM\n", header->addr1);
207 * To encrypt, frame format is:
208 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes)
210 * PR: FIXME: Copied from hostap. Check fragmentation/MSDU/MPDU
213 * Host-based IEEE 802.11 fragmentation for TX is not yet supported, so
214 * call both MSDU and MPDU encryption functions from here.
216 atomic_inc(&crypt->refcnt);
218 if (crypt->ops->encrypt_msdu)
219 res = crypt->ops->encrypt_msdu(frag, hdr_len, crypt->priv);
220 if (res == 0 && crypt->ops->encrypt_mpdu)
221 res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv);
223 atomic_dec(&crypt->refcnt);
225 netdev_info(ieee->dev, "Encryption failed: len=%d.\n", frag->len);
226 ieee->ieee_stats.tx_discards++;
234 void ieee80211_txb_free(struct ieee80211_txb *txb)
239 for (i = 0; i < txb->nr_frags; i++)
240 if (txb->fragments[i])
241 dev_kfree_skb_any(txb->fragments[i]);
245 static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
248 struct ieee80211_txb *txb;
251 sizeof(struct ieee80211_txb) + (sizeof(u8 *) * nr_frags),
256 memset(txb, 0, sizeof(struct ieee80211_txb));
257 txb->nr_frags = nr_frags;
258 txb->frag_size = txb_size;
260 for (i = 0; i < nr_frags; i++) {
261 txb->fragments[i] = dev_alloc_skb(txb_size);
262 if (unlikely(!txb->fragments[i])) {
267 if (unlikely(i != nr_frags)) {
269 dev_kfree_skb_any(txb->fragments[i--]);
277 * Classify the to-be send data packet
278 * Need to acquire the sent queue index.
280 static int ieee80211_classify(struct sk_buff *skb,
281 struct ieee80211_network *network)
283 struct ether_header *eh = (struct ether_header *)skb->data;
284 unsigned int wme_UP = 0;
286 if (!network->QoS_Enable) {
291 if (eh->ether_type == __constant_htons(ETHERTYPE_IP)) {
292 const struct iphdr *ih = (struct iphdr *)(skb->data +
293 sizeof(struct ether_header));
294 wme_UP = (ih->tos >> 5)&0x07;
295 } else if (vlan_tx_tag_present(skb)) {/* vtag packet */
296 #ifndef VLAN_PRI_SHIFT
297 #define VLAN_PRI_SHIFT 13 /* Shift to find VLAN user priority */
298 #define VLAN_PRI_MASK 7 /* Mask for user priority bits in VLAN */
300 u32 tag = vlan_tx_tag_get(skb);
301 wme_UP = (tag >> VLAN_PRI_SHIFT) & VLAN_PRI_MASK;
302 } else if (ETH_P_PAE == ntohs(((struct ethhdr *)skb->data)->h_proto)) {
306 skb->priority = wme_UP;
310 /* SKBs are added to the ieee->tx_queue. */
311 int ieee80211_rtl_xmit(struct sk_buff *skb, struct net_device *dev)
313 struct ieee80211_device *ieee = netdev_priv(dev);
314 struct ieee80211_txb *txb = NULL;
315 struct ieee80211_hdr_3addrqos *frag_hdr;
316 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size;
318 struct net_device_stats *stats = &ieee->stats;
319 int ether_type, encrypt;
320 int bytes, fc, qos_ctl, hdr_len;
321 struct sk_buff *skb_frag;
322 struct ieee80211_hdr_3addrqos header = { /* Ensure zero initialized */
327 u8 dest[ETH_ALEN], src[ETH_ALEN];
329 struct ieee80211_crypt_data* crypt;
331 spin_lock_irqsave(&ieee->lock, flags);
334 * If there is no driver handler to take the TXB, don't bother
337 if ((!ieee->hard_start_xmit &&
338 !(ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE)) ||
339 ((!ieee->softmac_data_hard_start_xmit &&
340 (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE)))) {
341 netdev_warn(ieee->dev, "No xmit handler.\n");
345 ieee80211_classify(skb,&ieee->current_network);
346 if (likely(ieee->raw_tx == 0)){
348 if (unlikely(skb->len < SNAP_SIZE + sizeof(u16))) {
349 netdev_warn(ieee->dev, "skb too small (%d).\n", skb->len);
353 ether_type = ntohs(((struct ethhdr *)skb->data)->h_proto);
355 crypt = ieee->crypt[ieee->tx_keyidx];
357 encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
358 ieee->host_encrypt && crypt && crypt->ops;
360 if (!encrypt && ieee->ieee802_1x &&
361 ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
366 #ifdef CONFIG_IEEE80211_DEBUG
367 if (crypt && !encrypt && ether_type == ETH_P_PAE) {
368 struct eapol *eap = (struct eapol *)(skb->data +
369 sizeof(struct ethhdr) - SNAP_SIZE - sizeof(u16));
370 IEEE80211_DEBUG_EAP("TX: IEEE 802.11 EAPOL frame: %s\n",
371 eap_get_type(eap->type));
375 /* Save source and destination addresses */
376 memcpy(&dest, skb->data, ETH_ALEN);
377 memcpy(&src, skb->data+ETH_ALEN, ETH_ALEN);
379 /* Advance the SKB to the start of the payload */
380 skb_pull(skb, sizeof(struct ethhdr));
382 /* Determine total amount of storage required for TXB packets */
383 bytes = skb->len + SNAP_SIZE + sizeof(u16);
385 if (ieee->current_network.QoS_Enable) {
387 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_QOS_DATA |
390 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_QOS_DATA;
394 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA |
397 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;
400 if (ieee->iw_mode == IW_MODE_INFRA) {
401 fc |= IEEE80211_FCTL_TODS;
402 /* To DS: Addr1 = BSSID, Addr2 = SA, Addr3 = DA */
403 memcpy(&header.addr1, ieee->current_network.bssid, ETH_ALEN);
404 memcpy(&header.addr2, &src, ETH_ALEN);
405 memcpy(&header.addr3, &dest, ETH_ALEN);
406 } else if (ieee->iw_mode == IW_MODE_ADHOC) {
408 * not From/To DS: Addr1 = DA, Addr2 = SA,
411 memcpy(&header.addr1, dest, ETH_ALEN);
412 memcpy(&header.addr2, src, ETH_ALEN);
413 memcpy(&header.addr3, ieee->current_network.bssid, ETH_ALEN);
415 header.frame_ctl = cpu_to_le16(fc);
418 * Determine fragmentation size based on destination (multicast
419 * and broadcast are not fragmented)
421 if (is_multicast_ether_addr(header.addr1)) {
422 frag_size = MAX_FRAG_THRESHOLD;
423 qos_ctl = QOS_CTL_NOTCONTAIN_ACK;
426 frag_size = ieee->fts;
430 if (ieee->current_network.QoS_Enable) {
431 hdr_len = IEEE80211_3ADDR_LEN + 2;
432 /* skb->priority is set in the ieee80211_classify() */
433 qos_ctl |= skb->priority;
434 header.qos_ctl = cpu_to_le16(qos_ctl);
436 hdr_len = IEEE80211_3ADDR_LEN;
440 * Determine amount of payload per fragment. Regardless of if
441 * this stack is providing the full 802.11 header, one will
442 * eventually be affixed to this fragment -- so we must account
443 * for it when determining the amount of payload space.
445 bytes_per_frag = frag_size - hdr_len;
447 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
448 bytes_per_frag -= IEEE80211_FCS_LEN;
450 /* Each fragment may need to have room for encryption pre/postfix */
452 bytes_per_frag -= crypt->ops->extra_prefix_len +
453 crypt->ops->extra_postfix_len;
456 * Number of fragments is the total bytes_per_frag /
457 * payload_per_fragment
459 nr_frags = bytes / bytes_per_frag;
460 bytes_last_frag = bytes % bytes_per_frag;
464 bytes_last_frag = bytes_per_frag;
467 * When we allocate the TXB we allocate enough space for the
468 * reserve and full fragment bytes (bytes_per_frag doesn't
469 * include prefix, postfix, header, FCS, etc.)
471 txb = ieee80211_alloc_txb(nr_frags, frag_size, GFP_ATOMIC);
472 if (unlikely(!txb)) {
473 netdev_warn(ieee->dev, "Could not allocate TXB\n");
476 txb->encrypted = encrypt;
477 txb->payload_size = bytes;
479 for (i = 0; i < nr_frags; i++) {
480 skb_frag = txb->fragments[i];
481 skb_frag->priority = UP2AC(skb->priority);
483 skb_reserve(skb_frag, crypt->ops->extra_prefix_len);
485 frag_hdr = (struct ieee80211_hdr_3addrqos *)skb_put(
487 memcpy(frag_hdr, &header, hdr_len);
490 * If this is not the last fragment, then add the MOREFRAGS
491 * bit to the frame control
493 if (i != nr_frags - 1) {
494 frag_hdr->frame_ctl = cpu_to_le16(
495 fc | IEEE80211_FCTL_MOREFRAGS);
496 bytes = bytes_per_frag;
499 /* The last fragment takes the remaining length */
500 bytes = bytes_last_frag;
502 if (ieee->current_network.QoS_Enable) {
504 * add 1 only indicate to corresponding seq
505 * number control 2006/7/12
507 frag_hdr->seq_ctl = cpu_to_le16(
508 ieee->seq_ctrl[UP2AC(skb->priority)+1]<<4 | i);
510 frag_hdr->seq_ctl = cpu_to_le16(
511 ieee->seq_ctrl[0]<<4 | i);
514 /* Put a SNAP header on the first fragment */
517 skb_put(skb_frag, SNAP_SIZE + sizeof(u16)),
519 bytes -= SNAP_SIZE + sizeof(u16);
522 memcpy(skb_put(skb_frag, bytes), skb->data, bytes);
524 /* Advance the SKB... */
525 skb_pull(skb, bytes);
528 * Encryption routine will move the header forward in
529 * order to insert the IV between the header and the
533 ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
535 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
536 skb_put(skb_frag, 4);
538 /* Advance sequence number in data frame. */
539 if (ieee->current_network.QoS_Enable) {
540 if (ieee->seq_ctrl[UP2AC(skb->priority) + 1] == 0xFFF)
541 ieee->seq_ctrl[UP2AC(skb->priority) + 1] = 0;
543 ieee->seq_ctrl[UP2AC(skb->priority) + 1]++;
545 if (ieee->seq_ctrl[0] == 0xFFF)
546 ieee->seq_ctrl[0] = 0;
551 if (unlikely(skb->len < sizeof(struct ieee80211_hdr_3addr))) {
552 netdev_warn(ieee->dev, "skb too small (%d).\n", skb->len);
556 txb = ieee80211_alloc_txb(1, skb->len, GFP_ATOMIC);
558 netdev_warn(ieee->dev, "Could not allocate TXB\n");
563 txb->payload_size = skb->len;
564 memcpy(skb_put(txb->fragments[0], skb->len), skb->data, skb->len);
568 spin_unlock_irqrestore(&ieee->lock, flags);
569 dev_kfree_skb_any(skb);
571 if (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE) {
572 ieee80211_softmac_xmit(txb, ieee);
574 if ((*ieee->hard_start_xmit)(txb, dev) == 0) {
576 stats->tx_bytes += txb->payload_size;
579 ieee80211_txb_free(txb);
586 spin_unlock_irqrestore(&ieee->lock, flags);
587 netif_stop_queue(dev);
589 return NETDEV_TX_BUSY;