1 // SPDX-License-Identifier: GPL-2.0
2 /******************************************************************************
4 * Copyright(c) 2007 - 2012 Realtek Corporation. All rights reserved.
6 ******************************************************************************/
9 #include <linux/jiffies.h>
11 #include <net/cfg80211.h>
12 #include <asm/unaligned.h>
14 static u8 SNAP_ETH_TYPE_IPX[2] = {0x81, 0x37};
15 static u8 SNAP_ETH_TYPE_APPLETALK_AARP[2] = {0x80, 0xf3};
17 static void rtw_signal_stat_timer_hdl(struct timer_list *t);
19 void _rtw_init_sta_recv_priv(struct sta_recv_priv *psta_recvpriv)
21 memset((u8 *)psta_recvpriv, 0, sizeof(struct sta_recv_priv));
23 spin_lock_init(&psta_recvpriv->lock);
25 /* for (i = 0; i<MAX_RX_NUMBLKS; i++) */
26 /* _rtw_init_queue(&psta_recvpriv->blk_strms[i]); */
28 INIT_LIST_HEAD(&psta_recvpriv->defrag_q.queue);
29 spin_lock_init(&psta_recvpriv->defrag_q.lock);
32 signed int _rtw_init_recv_priv(struct recv_priv *precvpriv, struct adapter *padapter)
35 union recv_frame *precvframe;
36 signed int res = _SUCCESS;
38 spin_lock_init(&precvpriv->lock);
40 INIT_LIST_HEAD(&precvpriv->free_recv_queue.queue);
41 spin_lock_init(&precvpriv->free_recv_queue.lock);
42 INIT_LIST_HEAD(&precvpriv->recv_pending_queue.queue);
43 spin_lock_init(&precvpriv->recv_pending_queue.lock);
44 INIT_LIST_HEAD(&precvpriv->uc_swdec_pending_queue.queue);
45 spin_lock_init(&precvpriv->uc_swdec_pending_queue.lock);
47 precvpriv->adapter = padapter;
49 precvpriv->free_recvframe_cnt = NR_RECVFRAME;
51 precvpriv->pallocated_frame_buf = vzalloc(NR_RECVFRAME * sizeof(union recv_frame) + RXFRAME_ALIGN_SZ);
53 if (!precvpriv->pallocated_frame_buf) {
58 precvpriv->precv_frame_buf = (u8 *)N_BYTE_ALIGMENT((SIZE_PTR)(precvpriv->pallocated_frame_buf), RXFRAME_ALIGN_SZ);
59 /* precvpriv->precv_frame_buf = precvpriv->pallocated_frame_buf + RXFRAME_ALIGN_SZ - */
60 /* ((SIZE_PTR) (precvpriv->pallocated_frame_buf) &(RXFRAME_ALIGN_SZ-1)); */
62 precvframe = (union recv_frame *) precvpriv->precv_frame_buf;
65 for (i = 0; i < NR_RECVFRAME; i++) {
66 INIT_LIST_HEAD(&(precvframe->u.list));
68 list_add_tail(&(precvframe->u.list), &(precvpriv->free_recv_queue.queue));
70 rtw_os_recv_resource_alloc(padapter, precvframe);
72 precvframe->u.hdr.len = 0;
74 precvframe->u.hdr.adapter = padapter;
79 res = rtw_hal_init_recv_priv(padapter);
81 timer_setup(&precvpriv->signal_stat_timer, rtw_signal_stat_timer_hdl,
84 precvpriv->signal_stat_sampling_interval = 2000; /* ms */
86 rtw_set_signal_stat_timer(precvpriv);
92 void _rtw_free_recv_priv(struct recv_priv *precvpriv)
94 struct adapter *padapter = precvpriv->adapter;
96 rtw_free_uc_swdec_pending_queue(padapter);
98 rtw_os_recv_resource_free(precvpriv);
100 vfree(precvpriv->pallocated_frame_buf);
102 rtw_hal_free_recv_priv(padapter);
105 union recv_frame *_rtw_alloc_recvframe(struct __queue *pfree_recv_queue)
108 union recv_frame *precvframe;
109 struct list_head *plist, *phead;
110 struct adapter *padapter;
111 struct recv_priv *precvpriv;
113 if (list_empty(&pfree_recv_queue->queue))
116 phead = get_list_head(pfree_recv_queue);
118 plist = get_next(phead);
120 precvframe = (union recv_frame *)plist;
122 list_del_init(&precvframe->u.hdr.list);
123 padapter = precvframe->u.hdr.adapter;
125 precvpriv = &padapter->recvpriv;
126 if (pfree_recv_queue == &precvpriv->free_recv_queue)
127 precvpriv->free_recvframe_cnt--;
133 union recv_frame *rtw_alloc_recvframe(struct __queue *pfree_recv_queue)
135 union recv_frame *precvframe;
137 spin_lock_bh(&pfree_recv_queue->lock);
139 precvframe = _rtw_alloc_recvframe(pfree_recv_queue);
141 spin_unlock_bh(&pfree_recv_queue->lock);
146 int rtw_free_recvframe(union recv_frame *precvframe, struct __queue *pfree_recv_queue)
148 struct adapter *padapter = precvframe->u.hdr.adapter;
149 struct recv_priv *precvpriv = &padapter->recvpriv;
151 rtw_os_free_recvframe(precvframe);
154 spin_lock_bh(&pfree_recv_queue->lock);
156 list_del_init(&(precvframe->u.hdr.list));
158 precvframe->u.hdr.len = 0;
160 list_add_tail(&(precvframe->u.hdr.list), get_list_head(pfree_recv_queue));
163 if (pfree_recv_queue == &precvpriv->free_recv_queue)
164 precvpriv->free_recvframe_cnt++;
166 spin_unlock_bh(&pfree_recv_queue->lock);
173 signed int _rtw_enqueue_recvframe(union recv_frame *precvframe, struct __queue *queue)
176 struct adapter *padapter = precvframe->u.hdr.adapter;
177 struct recv_priv *precvpriv = &padapter->recvpriv;
179 /* INIT_LIST_HEAD(&(precvframe->u.hdr.list)); */
180 list_del_init(&(precvframe->u.hdr.list));
183 list_add_tail(&(precvframe->u.hdr.list), get_list_head(queue));
186 if (queue == &precvpriv->free_recv_queue)
187 precvpriv->free_recvframe_cnt++;
192 signed int rtw_enqueue_recvframe(union recv_frame *precvframe, struct __queue *queue)
196 /* _spinlock(&pfree_recv_queue->lock); */
197 spin_lock_bh(&queue->lock);
198 ret = _rtw_enqueue_recvframe(precvframe, queue);
199 /* spin_unlock(&pfree_recv_queue->lock); */
200 spin_unlock_bh(&queue->lock);
206 signed int rtw_enqueue_recvframe(union recv_frame *precvframe, struct __queue *queue)
208 return rtw_free_recvframe(precvframe, queue);
216 caller : defrag ; recvframe_chk_defrag in recv_thread (passive)
217 pframequeue: defrag_queue : will be accessed in recv_thread (passive)
219 using spinlock to protect
223 void rtw_free_recvframe_queue(struct __queue *pframequeue, struct __queue *pfree_recv_queue)
225 union recv_frame *precvframe;
226 struct list_head *plist, *phead;
228 spin_lock(&pframequeue->lock);
230 phead = get_list_head(pframequeue);
231 plist = get_next(phead);
233 while (phead != plist) {
234 precvframe = (union recv_frame *)plist;
236 plist = get_next(plist);
238 rtw_free_recvframe(precvframe, pfree_recv_queue);
241 spin_unlock(&pframequeue->lock);
244 u32 rtw_free_uc_swdec_pending_queue(struct adapter *adapter)
247 union recv_frame *pending_frame;
248 while ((pending_frame = rtw_alloc_recvframe(&adapter->recvpriv.uc_swdec_pending_queue))) {
249 rtw_free_recvframe(pending_frame, &adapter->recvpriv.free_recv_queue);
257 signed int rtw_enqueue_recvbuf_to_head(struct recv_buf *precvbuf, struct __queue *queue)
259 spin_lock_bh(&queue->lock);
261 list_del_init(&precvbuf->list);
262 list_add(&precvbuf->list, get_list_head(queue));
264 spin_unlock_bh(&queue->lock);
269 signed int rtw_enqueue_recvbuf(struct recv_buf *precvbuf, struct __queue *queue)
271 spin_lock_bh(&queue->lock);
273 list_del_init(&precvbuf->list);
275 list_add_tail(&precvbuf->list, get_list_head(queue));
276 spin_unlock_bh(&queue->lock);
281 struct recv_buf *rtw_dequeue_recvbuf(struct __queue *queue)
283 struct recv_buf *precvbuf;
284 struct list_head *plist, *phead;
286 spin_lock_bh(&queue->lock);
288 if (list_empty(&queue->queue))
291 phead = get_list_head(queue);
293 plist = get_next(phead);
295 precvbuf = container_of(plist, struct recv_buf, list);
297 list_del_init(&precvbuf->list);
301 spin_unlock_bh(&queue->lock);
307 static signed int recvframe_chkmic(struct adapter *adapter, union recv_frame *precvframe)
310 signed int i, res = _SUCCESS;
313 u8 bmic_err = false, brpt_micerror = true;
314 u8 *pframe, *payload, *pframemic;
316 /* u8 *iv, rxdata_key_idx = 0; */
317 struct sta_info *stainfo;
318 struct rx_pkt_attrib *prxattrib = &precvframe->u.hdr.attrib;
319 struct security_priv *psecuritypriv = &adapter->securitypriv;
321 struct mlme_ext_priv *pmlmeext = &adapter->mlmeextpriv;
322 struct mlme_ext_info *pmlmeinfo = &(pmlmeext->mlmext_info);
324 stainfo = rtw_get_stainfo(&adapter->stapriv, &prxattrib->ta[0]);
326 if (prxattrib->encrypt == _TKIP_) {
327 /* calculate mic code */
329 if (IS_MCAST(prxattrib->ra)) {
330 /* mickey =&psecuritypriv->dot118021XGrprxmickey.skey[0]; */
331 /* iv = precvframe->u.hdr.rx_data+prxattrib->hdrlen; */
332 /* rxdata_key_idx =(((iv[3])>>6)&0x3) ; */
333 mickey = &psecuritypriv->dot118021XGrprxmickey[prxattrib->key_index].skey[0];
335 /* psecuritypriv->dot118021XGrpKeyid, pmlmeinfo->key_index, rxdata_key_idx); */
337 if (psecuritypriv->binstallGrpkey == false) {
342 mickey = &stainfo->dot11tkiprxmickey.skey[0];
345 datalen = precvframe->u.hdr.len-prxattrib->hdrlen-prxattrib->iv_len-prxattrib->icv_len-8;/* icv_len included the mic code */
346 pframe = precvframe->u.hdr.rx_data;
347 payload = pframe+prxattrib->hdrlen+prxattrib->iv_len;
349 rtw_seccalctkipmic(mickey, pframe, payload, datalen, &miccode[0], (unsigned char)prxattrib->priority); /* care the length of the data */
351 pframemic = payload+datalen;
355 for (i = 0; i < 8; i++) {
356 if (miccode[i] != *(pframemic + i))
361 if (bmic_err == true) {
362 /* double check key_index for some timing issue , */
363 /* cannot compare with psecuritypriv->dot118021XGrpKeyid also cause timing issue */
364 if ((IS_MCAST(prxattrib->ra) == true) && (prxattrib->key_index != pmlmeinfo->key_index))
365 brpt_micerror = false;
367 if (prxattrib->bdecrypted && brpt_micerror)
368 rtw_handle_tkip_mic_err(adapter, (u8)IS_MCAST(prxattrib->ra));
374 if (!psecuritypriv->bcheck_grpkey &&
375 IS_MCAST(prxattrib->ra))
376 psecuritypriv->bcheck_grpkey = true;
380 recvframe_pull_tail(precvframe, 8);
389 /* decrypt and set the ivlen, icvlen of the recv_frame */
390 static union recv_frame *decryptor(struct adapter *padapter, union recv_frame *precv_frame)
393 struct rx_pkt_attrib *prxattrib = &precv_frame->u.hdr.attrib;
394 struct security_priv *psecuritypriv = &padapter->securitypriv;
395 union recv_frame *return_packet = precv_frame;
398 if (prxattrib->encrypt > 0) {
399 u8 *iv = precv_frame->u.hdr.rx_data+prxattrib->hdrlen;
400 prxattrib->key_index = (((iv[3])>>6)&0x3);
402 if (prxattrib->key_index > WEP_KEYS) {
403 switch (prxattrib->encrypt) {
406 prxattrib->key_index = psecuritypriv->dot11PrivacyKeyIndex;
411 prxattrib->key_index = psecuritypriv->dot118021XGrpKeyid;
417 if ((prxattrib->encrypt > 0) && ((prxattrib->bdecrypted == 0) || (psecuritypriv->sw_decrypt == true))) {
418 psecuritypriv->hw_decrypted = false;
420 switch (prxattrib->encrypt) {
423 rtw_wep_decrypt(padapter, (u8 *)precv_frame);
426 res = rtw_tkip_decrypt(padapter, (u8 *)precv_frame);
429 res = rtw_aes_decrypt(padapter, (u8 *)precv_frame);
434 } else if (prxattrib->bdecrypted == 1 && prxattrib->encrypt > 0 &&
435 (psecuritypriv->busetkipkey == 1 || prxattrib->encrypt != _TKIP_)
437 psecuritypriv->hw_decrypted = true;
442 rtw_free_recvframe(return_packet, &padapter->recvpriv.free_recv_queue);
443 return_packet = NULL;
445 prxattrib->bdecrypted = true;
447 return return_packet;
450 /* set the security information in the recv_frame */
451 static union recv_frame *portctrl(struct adapter *adapter, union recv_frame *precv_frame)
453 u8 *psta_addr = NULL;
456 struct recv_frame_hdr *pfhdr;
457 struct sta_info *psta;
458 struct sta_priv *pstapriv;
459 union recv_frame *prtnframe;
461 u16 eapol_type = 0x888e;/* for Funia BD's WPA issue */
462 struct rx_pkt_attrib *pattrib;
464 pstapriv = &adapter->stapriv;
466 auth_alg = adapter->securitypriv.dot11AuthAlgrthm;
468 ptr = precv_frame->u.hdr.rx_data;
469 pfhdr = &precv_frame->u.hdr;
470 pattrib = &pfhdr->attrib;
471 psta_addr = pattrib->ta;
475 psta = rtw_get_stainfo(pstapriv, psta_addr);
478 if ((psta) && (psta->ieee8021x_blocked)) {
482 /* only accept EAPOL frame */
484 prtnframe = precv_frame;
487 ptr = ptr + pfhdr->attrib.hdrlen + pfhdr->attrib.iv_len + LLC_HEADER_LENGTH;
488 memcpy(&be_tmp, ptr, 2);
489 ether_type = ntohs(be_tmp);
491 if (ether_type == eapol_type)
492 prtnframe = precv_frame;
494 /* free this frame */
495 rtw_free_recvframe(precv_frame, &adapter->recvpriv.free_recv_queue);
500 /* check decryption status, and decrypt the frame if needed */
502 prtnframe = precv_frame;
503 /* check is the EAPOL frame or not (Rekey) */
504 /* if (ether_type == eapol_type) { */
507 /* prtnframe =precv_frame; */
513 prtnframe = precv_frame;
518 static signed int recv_decache(union recv_frame *precv_frame, u8 bretry, struct stainfo_rxcache *prxcache)
520 signed int tid = precv_frame->u.hdr.attrib.priority;
522 u16 seq_ctrl = ((precv_frame->u.hdr.attrib.seq_num&0xffff) << 4) |
523 (precv_frame->u.hdr.attrib.frag_num & 0xf);
528 if (1) { /* if (bretry) */
529 if (seq_ctrl == prxcache->tid_rxseq[tid])
533 prxcache->tid_rxseq[tid] = seq_ctrl;
539 static void process_pwrbit_data(struct adapter *padapter, union recv_frame *precv_frame)
541 unsigned char pwrbit;
542 u8 *ptr = precv_frame->u.hdr.rx_data;
543 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
544 struct sta_priv *pstapriv = &padapter->stapriv;
545 struct sta_info *psta = NULL;
547 psta = rtw_get_stainfo(pstapriv, pattrib->src);
549 pwrbit = GetPwrMgt(ptr);
553 if (!(psta->state & WIFI_SLEEP_STATE)) {
554 /* psta->state |= WIFI_SLEEP_STATE; */
555 /* pstapriv->sta_dz_bitmap |= BIT(psta->aid); */
557 stop_sta_xmit(padapter, psta);
561 if (psta->state & WIFI_SLEEP_STATE) {
562 /* psta->state ^= WIFI_SLEEP_STATE; */
563 /* pstapriv->sta_dz_bitmap &= ~BIT(psta->aid); */
565 wakeup_sta_to_xmit(padapter, psta);
572 static void process_wmmps_data(struct adapter *padapter, union recv_frame *precv_frame)
574 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
575 struct sta_priv *pstapriv = &padapter->stapriv;
576 struct sta_info *psta = NULL;
578 psta = rtw_get_stainfo(pstapriv, pattrib->src);
583 if (!psta->qos_option)
586 if (!(psta->qos_info&0xf))
589 if (psta->state&WIFI_SLEEP_STATE) {
592 switch (pattrib->priority) {
595 wmmps_ac = psta->uapsd_bk&BIT(1);
599 wmmps_ac = psta->uapsd_vi&BIT(1);
603 wmmps_ac = psta->uapsd_vo&BIT(1);
608 wmmps_ac = psta->uapsd_be&BIT(1);
613 if (psta->sleepq_ac_len > 0)
614 /* process received triggered frame */
615 xmit_delivery_enabled_frames(padapter, psta);
617 /* issue one qos null frame with More data bit = 0 and the EOSP bit set (= 1) */
618 issue_qos_nulldata(padapter, psta->hwaddr, (u16)pattrib->priority, 0, 0);
623 static void count_rx_stats(struct adapter *padapter, union recv_frame *prframe, struct sta_info *sta)
626 struct sta_info *psta = NULL;
627 struct stainfo_stats *pstats = NULL;
628 struct rx_pkt_attrib *pattrib = &prframe->u.hdr.attrib;
629 struct recv_priv *precvpriv = &padapter->recvpriv;
631 sz = get_recvframe_len(prframe);
632 precvpriv->rx_bytes += sz;
634 padapter->mlmepriv.LinkDetectInfo.NumRxOkInPeriod++;
636 if ((!MacAddr_isBcst(pattrib->dst)) && (!IS_MCAST(pattrib->dst)))
637 padapter->mlmepriv.LinkDetectInfo.NumRxUnicastOkInPeriod++;
642 psta = prframe->u.hdr.psta;
645 pstats = &psta->sta_stats;
647 pstats->rx_data_pkts++;
648 pstats->rx_bytes += sz;
651 traffic_check_for_leave_lps(padapter, false, 0);
654 static signed int sta2sta_data_frame(struct adapter *adapter, union recv_frame *precv_frame,
655 struct sta_info **psta)
657 u8 *ptr = precv_frame->u.hdr.rx_data;
658 signed int ret = _SUCCESS;
659 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
660 struct sta_priv *pstapriv = &adapter->stapriv;
661 struct mlme_priv *pmlmepriv = &adapter->mlmepriv;
662 u8 *mybssid = get_bssid(pmlmepriv);
663 u8 *myhwaddr = myid(&adapter->eeprompriv);
665 signed int bmcast = IS_MCAST(pattrib->dst);
667 if ((check_fwstate(pmlmepriv, WIFI_ADHOC_STATE) == true) ||
668 (check_fwstate(pmlmepriv, WIFI_ADHOC_MASTER_STATE) == true)) {
670 /* filter packets that SA is myself or multicast or broadcast */
671 if (!memcmp(myhwaddr, pattrib->src, ETH_ALEN)) {
676 if ((memcmp(myhwaddr, pattrib->dst, ETH_ALEN)) && (!bmcast)) {
681 if (!memcmp(pattrib->bssid, "\x0\x0\x0\x0\x0\x0", ETH_ALEN) ||
682 !memcmp(mybssid, "\x0\x0\x0\x0\x0\x0", ETH_ALEN) ||
683 (memcmp(pattrib->bssid, mybssid, ETH_ALEN))) {
688 sta_addr = pattrib->src;
690 } else if (check_fwstate(pmlmepriv, WIFI_STATION_STATE) == true) {
691 /* For Station mode, sa and bssid should always be BSSID, and DA is my mac-address */
692 if (memcmp(pattrib->bssid, pattrib->src, ETH_ALEN)) {
697 sta_addr = pattrib->bssid;
698 } else if (check_fwstate(pmlmepriv, WIFI_AP_STATE) == true) {
700 /* For AP mode, if DA == MCAST, then BSSID should be also MCAST */
701 if (!IS_MCAST(pattrib->bssid)) {
705 } else { /* not mc-frame */
706 /* For AP mode, if DA is non-MCAST, then it must be BSSID, and bssid == BSSID */
707 if (memcmp(pattrib->bssid, pattrib->dst, ETH_ALEN)) {
712 sta_addr = pattrib->src;
715 } else if (check_fwstate(pmlmepriv, WIFI_MP_STATE) == true) {
716 memcpy(pattrib->dst, GetAddr1Ptr(ptr), ETH_ALEN);
717 memcpy(pattrib->src, GetAddr2Ptr(ptr), ETH_ALEN);
718 memcpy(pattrib->bssid, GetAddr3Ptr(ptr), ETH_ALEN);
719 memcpy(pattrib->ra, pattrib->dst, ETH_ALEN);
720 memcpy(pattrib->ta, pattrib->src, ETH_ALEN);
729 *psta = rtw_get_bcmc_stainfo(adapter);
731 *psta = rtw_get_stainfo(pstapriv, sta_addr); /* get ap_info */
742 static signed int ap2sta_data_frame(struct adapter *adapter, union recv_frame *precv_frame,
743 struct sta_info **psta)
745 u8 *ptr = precv_frame->u.hdr.rx_data;
746 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
747 signed int ret = _SUCCESS;
748 struct sta_priv *pstapriv = &adapter->stapriv;
749 struct mlme_priv *pmlmepriv = &adapter->mlmepriv;
750 u8 *mybssid = get_bssid(pmlmepriv);
751 u8 *myhwaddr = myid(&adapter->eeprompriv);
752 signed int bmcast = IS_MCAST(pattrib->dst);
754 if ((check_fwstate(pmlmepriv, WIFI_STATION_STATE) == true) &&
755 (check_fwstate(pmlmepriv, _FW_LINKED) == true ||
756 check_fwstate(pmlmepriv, _FW_UNDER_LINKING) == true)
759 /* filter packets that SA is myself or multicast or broadcast */
760 if (!memcmp(myhwaddr, pattrib->src, ETH_ALEN)) {
765 /* da should be for me */
766 if ((memcmp(myhwaddr, pattrib->dst, ETH_ALEN)) && (!bmcast)) {
773 if (!memcmp(pattrib->bssid, "\x0\x0\x0\x0\x0\x0", ETH_ALEN) ||
774 !memcmp(mybssid, "\x0\x0\x0\x0\x0\x0", ETH_ALEN) ||
775 (memcmp(pattrib->bssid, mybssid, ETH_ALEN))) {
778 issue_deauth(adapter, pattrib->bssid, WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA);
785 *psta = rtw_get_bcmc_stainfo(adapter);
787 *psta = rtw_get_stainfo(pstapriv, pattrib->bssid); /* get ap_info */
794 if (GetFrameSubType(ptr) & BIT(6)) {
795 /* No data, will not indicate to upper layer, temporily count it here */
796 count_rx_stats(adapter, precv_frame, *psta);
797 ret = RTW_RX_HANDLED;
801 } else if ((check_fwstate(pmlmepriv, WIFI_MP_STATE) == true) &&
802 (check_fwstate(pmlmepriv, _FW_LINKED) == true)) {
803 memcpy(pattrib->dst, GetAddr1Ptr(ptr), ETH_ALEN);
804 memcpy(pattrib->src, GetAddr2Ptr(ptr), ETH_ALEN);
805 memcpy(pattrib->bssid, GetAddr3Ptr(ptr), ETH_ALEN);
806 memcpy(pattrib->ra, pattrib->dst, ETH_ALEN);
807 memcpy(pattrib->ta, pattrib->src, ETH_ALEN);
810 memcpy(pattrib->bssid, mybssid, ETH_ALEN);
813 *psta = rtw_get_stainfo(pstapriv, pattrib->bssid); /* get sta_info */
820 } else if (check_fwstate(pmlmepriv, WIFI_AP_STATE) == true) {
822 ret = RTW_RX_HANDLED;
825 if (!memcmp(myhwaddr, pattrib->dst, ETH_ALEN) && (!bmcast)) {
826 *psta = rtw_get_stainfo(pstapriv, pattrib->bssid); /* get sta_info */
829 /* for AP multicast issue , modify by yiwei */
830 static unsigned long send_issue_deauth_time;
832 if (jiffies_to_msecs(jiffies - send_issue_deauth_time) > 10000 || send_issue_deauth_time == 0) {
833 send_issue_deauth_time = jiffies;
835 issue_deauth(adapter, pattrib->bssid, WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA);
847 static signed int sta2ap_data_frame(struct adapter *adapter, union recv_frame *precv_frame,
848 struct sta_info **psta)
850 u8 *ptr = precv_frame->u.hdr.rx_data;
851 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
852 struct sta_priv *pstapriv = &adapter->stapriv;
853 struct mlme_priv *pmlmepriv = &adapter->mlmepriv;
854 unsigned char *mybssid = get_bssid(pmlmepriv);
855 signed int ret = _SUCCESS;
857 if (check_fwstate(pmlmepriv, WIFI_AP_STATE) == true) {
858 /* For AP mode, RA =BSSID, TX =STA(SRC_ADDR), A3 =DST_ADDR */
859 if (memcmp(pattrib->bssid, mybssid, ETH_ALEN)) {
864 *psta = rtw_get_stainfo(pstapriv, pattrib->src);
866 issue_deauth(adapter, pattrib->src, WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA);
868 ret = RTW_RX_HANDLED;
872 process_pwrbit_data(adapter, precv_frame);
874 if ((GetFrameSubType(ptr) & WIFI_QOS_DATA_TYPE) == WIFI_QOS_DATA_TYPE)
875 process_wmmps_data(adapter, precv_frame);
877 if (GetFrameSubType(ptr) & BIT(6)) {
878 /* No data, will not indicate to upper layer, temporily count it here */
879 count_rx_stats(adapter, precv_frame, *psta);
880 ret = RTW_RX_HANDLED;
884 u8 *myhwaddr = myid(&adapter->eeprompriv);
885 if (memcmp(pattrib->ra, myhwaddr, ETH_ALEN)) {
886 ret = RTW_RX_HANDLED;
889 issue_deauth(adapter, pattrib->src, WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA);
890 ret = RTW_RX_HANDLED;
898 static signed int validate_recv_ctrl_frame(struct adapter *padapter, union recv_frame *precv_frame)
900 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
901 struct sta_priv *pstapriv = &padapter->stapriv;
902 u8 *pframe = precv_frame->u.hdr.rx_data;
903 struct sta_info *psta = NULL;
904 /* uint len = precv_frame->u.hdr.len; */
906 if (GetFrameType(pframe) != WIFI_CTRL_TYPE)
909 /* receive the frames that ra(a1) is my address */
910 if (memcmp(GetAddr1Ptr(pframe), myid(&padapter->eeprompriv), ETH_ALEN))
913 psta = rtw_get_stainfo(pstapriv, GetAddr2Ptr(pframe));
917 /* for rx pkt statistics */
918 psta->sta_stats.rx_ctrl_pkts++;
920 /* only handle ps-poll */
921 if (GetFrameSubType(pframe) == WIFI_PSPOLL) {
925 aid = GetAid(pframe);
926 if (psta->aid != aid)
929 switch (pattrib->priority) {
932 wmmps_ac = psta->uapsd_bk&BIT(0);
936 wmmps_ac = psta->uapsd_vi&BIT(0);
940 wmmps_ac = psta->uapsd_vo&BIT(0);
945 wmmps_ac = psta->uapsd_be&BIT(0);
952 if (psta->state & WIFI_STA_ALIVE_CHK_STATE) {
953 psta->expire_to = pstapriv->expire_to;
954 psta->state ^= WIFI_STA_ALIVE_CHK_STATE;
957 if ((psta->state&WIFI_SLEEP_STATE) && (pstapriv->sta_dz_bitmap&BIT(psta->aid))) {
958 struct list_head *xmitframe_plist, *xmitframe_phead;
959 struct xmit_frame *pxmitframe = NULL;
960 struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
962 /* spin_lock_bh(&psta->sleep_q.lock); */
963 spin_lock_bh(&pxmitpriv->lock);
965 xmitframe_phead = get_list_head(&psta->sleep_q);
966 xmitframe_plist = get_next(xmitframe_phead);
968 if (xmitframe_phead != xmitframe_plist) {
969 pxmitframe = container_of(xmitframe_plist, struct xmit_frame, list);
971 xmitframe_plist = get_next(xmitframe_plist);
973 list_del_init(&pxmitframe->list);
977 if (psta->sleepq_len > 0)
978 pxmitframe->attrib.mdata = 1;
980 pxmitframe->attrib.mdata = 0;
982 pxmitframe->attrib.triggered = 1;
984 rtw_hal_xmitframe_enqueue(padapter, pxmitframe);
986 if (psta->sleepq_len == 0) {
987 pstapriv->tim_bitmap &= ~BIT(psta->aid);
989 /* update BCN for TIM IE */
990 /* update_BCNTIM(padapter); */
991 update_beacon(padapter, WLAN_EID_TIM, NULL, true);
994 /* spin_unlock_bh(&psta->sleep_q.lock); */
995 spin_unlock_bh(&pxmitpriv->lock);
998 /* spin_unlock_bh(&psta->sleep_q.lock); */
999 spin_unlock_bh(&pxmitpriv->lock);
1001 if (pstapriv->tim_bitmap&BIT(psta->aid)) {
1002 if (psta->sleepq_len == 0) {
1003 /* issue nulldata with More data bit = 0 to indicate we have no buffered packets */
1004 issue_nulldata_in_interrupt(padapter, psta->hwaddr);
1006 psta->sleepq_len = 0;
1009 pstapriv->tim_bitmap &= ~BIT(psta->aid);
1011 /* update BCN for TIM IE */
1012 /* update_BCNTIM(padapter); */
1013 update_beacon(padapter, WLAN_EID_TIM, NULL, true);
1023 /* perform defrag */
1024 static union recv_frame *recvframe_defrag(struct adapter *adapter,
1025 struct __queue *defrag_q)
1027 struct list_head *plist, *phead;
1030 struct recv_frame_hdr *pfhdr, *pnfhdr;
1031 union recv_frame *prframe, *pnextrframe;
1032 struct __queue *pfree_recv_queue;
1035 pfree_recv_queue = &adapter->recvpriv.free_recv_queue;
1037 phead = get_list_head(defrag_q);
1038 plist = get_next(phead);
1039 prframe = (union recv_frame *)plist;
1040 pfhdr = &prframe->u.hdr;
1041 list_del_init(&(prframe->u.list));
1043 if (curfragnum != pfhdr->attrib.frag_num) {
1044 /* the first fragment number must be 0 */
1045 /* free the whole queue */
1046 rtw_free_recvframe(prframe, pfree_recv_queue);
1047 rtw_free_recvframe_queue(defrag_q, pfree_recv_queue);
1054 plist = get_list_head(defrag_q);
1056 plist = get_next(plist);
1058 while (phead != plist) {
1059 pnextrframe = (union recv_frame *)plist;
1060 pnfhdr = &pnextrframe->u.hdr;
1063 /* check the fragment sequence (2nd ~n fragment frame) */
1065 if (curfragnum != pnfhdr->attrib.frag_num) {
1066 /* the fragment number must be increasing (after decache) */
1067 /* release the defrag_q & prframe */
1068 rtw_free_recvframe(prframe, pfree_recv_queue);
1069 rtw_free_recvframe_queue(defrag_q, pfree_recv_queue);
1075 /* copy the 2nd~n fragment frame's payload to the first fragment */
1076 /* get the 2nd~last fragment frame's payload */
1078 wlanhdr_offset = pnfhdr->attrib.hdrlen + pnfhdr->attrib.iv_len;
1080 recvframe_pull(pnextrframe, wlanhdr_offset);
1082 /* append to first fragment frame's tail (if privacy frame, pull the ICV) */
1083 recvframe_pull_tail(prframe, pfhdr->attrib.icv_len);
1086 memcpy(pfhdr->rx_tail, pnfhdr->rx_data, pnfhdr->len);
1088 recvframe_put(prframe, pnfhdr->len);
1090 pfhdr->attrib.icv_len = pnfhdr->attrib.icv_len;
1091 plist = get_next(plist);
1095 /* free the defrag_q queue and return the prframe */
1096 rtw_free_recvframe_queue(defrag_q, pfree_recv_queue);
1101 /* check if need to defrag, if needed queue the frame to defrag_q */
1102 static union recv_frame *recvframe_chk_defrag(struct adapter *padapter, union recv_frame *precv_frame)
1107 struct recv_frame_hdr *pfhdr;
1108 struct sta_info *psta;
1109 struct sta_priv *pstapriv;
1110 struct list_head *phead;
1111 union recv_frame *prtnframe = NULL;
1112 struct __queue *pfree_recv_queue, *pdefrag_q;
1114 pstapriv = &padapter->stapriv;
1116 pfhdr = &precv_frame->u.hdr;
1118 pfree_recv_queue = &padapter->recvpriv.free_recv_queue;
1120 /* need to define struct of wlan header frame ctrl */
1121 ismfrag = pfhdr->attrib.mfrag;
1122 fragnum = pfhdr->attrib.frag_num;
1124 psta_addr = pfhdr->attrib.ta;
1125 psta = rtw_get_stainfo(pstapriv, psta_addr);
1127 u8 type = GetFrameType(pfhdr->rx_data);
1128 if (type != WIFI_DATA_TYPE) {
1129 psta = rtw_get_bcmc_stainfo(padapter);
1130 pdefrag_q = &psta->sta_recvpriv.defrag_q;
1134 pdefrag_q = &psta->sta_recvpriv.defrag_q;
1136 if ((ismfrag == 0) && (fragnum == 0))
1137 prtnframe = precv_frame;/* isn't a fragment frame */
1140 /* 0~(n-1) fragment frame */
1141 /* enqueue to defraf_g */
1144 /* the first fragment */
1145 if (!list_empty(&pdefrag_q->queue))
1146 /* free current defrag_q */
1147 rtw_free_recvframe_queue(pdefrag_q, pfree_recv_queue);
1150 /* Then enqueue the 0~(n-1) fragment into the defrag_q */
1152 /* spin_lock(&pdefrag_q->lock); */
1153 phead = get_list_head(pdefrag_q);
1154 list_add_tail(&pfhdr->list, phead);
1155 /* spin_unlock(&pdefrag_q->lock); */
1160 /* can't find this ta's defrag_queue, so free this recv_frame */
1161 rtw_free_recvframe(precv_frame, pfree_recv_queue);
1167 if ((ismfrag == 0) && (fragnum != 0)) {
1168 /* the last fragment frame */
1169 /* enqueue the last fragment */
1171 /* spin_lock(&pdefrag_q->lock); */
1172 phead = get_list_head(pdefrag_q);
1173 list_add_tail(&pfhdr->list, phead);
1174 /* spin_unlock(&pdefrag_q->lock); */
1176 /* call recvframe_defrag to defrag */
1177 precv_frame = recvframe_defrag(padapter, pdefrag_q);
1178 prtnframe = precv_frame;
1181 /* can't find this ta's defrag_queue, so free this recv_frame */
1182 rtw_free_recvframe(precv_frame, pfree_recv_queue);
1189 if ((prtnframe) && (prtnframe->u.hdr.attrib.privacy)) {
1190 /* after defrag we must check tkip mic code */
1191 if (recvframe_chkmic(padapter, prtnframe) == _FAIL) {
1192 rtw_free_recvframe(prtnframe, pfree_recv_queue);
1199 static signed int validate_recv_mgnt_frame(struct adapter *padapter, union recv_frame *precv_frame)
1201 /* struct mlme_priv *pmlmepriv = &adapter->mlmepriv; */
1203 precv_frame = recvframe_chk_defrag(padapter, precv_frame);
1208 /* for rx pkt statistics */
1209 struct sta_info *psta = rtw_get_stainfo(&padapter->stapriv, GetAddr2Ptr(precv_frame->u.hdr.rx_data));
1211 psta->sta_stats.rx_mgnt_pkts++;
1212 if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_BEACON)
1213 psta->sta_stats.rx_beacon_pkts++;
1214 else if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_PROBEREQ)
1215 psta->sta_stats.rx_probereq_pkts++;
1216 else if (GetFrameSubType(precv_frame->u.hdr.rx_data) == WIFI_PROBERSP) {
1217 if (!memcmp(padapter->eeprompriv.mac_addr, GetAddr1Ptr(precv_frame->u.hdr.rx_data), ETH_ALEN))
1218 psta->sta_stats.rx_probersp_pkts++;
1219 else if (is_broadcast_mac_addr(GetAddr1Ptr(precv_frame->u.hdr.rx_data)) ||
1220 is_multicast_mac_addr(GetAddr1Ptr(precv_frame->u.hdr.rx_data)))
1221 psta->sta_stats.rx_probersp_bm_pkts++;
1223 psta->sta_stats.rx_probersp_uo_pkts++;
1228 mgt_dispatcher(padapter, precv_frame);
1234 static signed int validate_recv_data_frame(struct adapter *adapter, union recv_frame *precv_frame)
1237 u8 *psa, *pda, *pbssid;
1238 struct sta_info *psta = NULL;
1239 u8 *ptr = precv_frame->u.hdr.rx_data;
1240 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
1241 struct security_priv *psecuritypriv = &adapter->securitypriv;
1242 signed int ret = _SUCCESS;
1244 bretry = GetRetry(ptr);
1247 pbssid = get_hdr_bssid(ptr);
1254 memcpy(pattrib->dst, pda, ETH_ALEN);
1255 memcpy(pattrib->src, psa, ETH_ALEN);
1257 memcpy(pattrib->bssid, pbssid, ETH_ALEN);
1259 switch (pattrib->to_fr_ds) {
1261 memcpy(pattrib->ra, pda, ETH_ALEN);
1262 memcpy(pattrib->ta, psa, ETH_ALEN);
1263 ret = sta2sta_data_frame(adapter, precv_frame, &psta);
1267 memcpy(pattrib->ra, pda, ETH_ALEN);
1268 memcpy(pattrib->ta, pbssid, ETH_ALEN);
1269 ret = ap2sta_data_frame(adapter, precv_frame, &psta);
1273 memcpy(pattrib->ra, pbssid, ETH_ALEN);
1274 memcpy(pattrib->ta, psa, ETH_ALEN);
1275 ret = sta2ap_data_frame(adapter, precv_frame, &psta);
1279 memcpy(pattrib->ra, GetAddr1Ptr(ptr), ETH_ALEN);
1280 memcpy(pattrib->ta, GetAddr2Ptr(ptr), ETH_ALEN);
1292 } else if (ret == RTW_RX_HANDLED) {
1302 /* psta->rssi = prxcmd->rssi; */
1303 /* psta->signal_quality = prxcmd->sq; */
1304 precv_frame->u.hdr.psta = psta;
1308 pattrib->ack_policy = 0;
1309 /* parsing QC field */
1310 if (pattrib->qos == 1) {
1311 pattrib->priority = GetPriority((ptr + 24));
1312 pattrib->ack_policy = GetAckpolicy((ptr + 24));
1313 pattrib->amsdu = GetAMsdu((ptr + 24));
1314 pattrib->hdrlen = pattrib->to_fr_ds == 3 ? 32 : 26;
1316 if (pattrib->priority != 0 && pattrib->priority != 3)
1317 adapter->recvpriv.bIsAnyNonBEPkts = true;
1320 pattrib->priority = 0;
1321 pattrib->hdrlen = pattrib->to_fr_ds == 3 ? 30 : 24;
1325 if (pattrib->order)/* HT-CTRL 11n */
1326 pattrib->hdrlen += 4;
1328 precv_frame->u.hdr.preorder_ctrl = &psta->recvreorder_ctrl[pattrib->priority];
1330 /* decache, drop duplicate recv packets */
1331 if (recv_decache(precv_frame, bretry, &psta->sta_recvpriv.rxcache) == _FAIL) {
1336 if (pattrib->privacy) {
1337 GET_ENCRY_ALGO(psecuritypriv, psta, pattrib->encrypt, IS_MCAST(pattrib->ra));
1339 SET_ICE_IV_LEN(pattrib->iv_len, pattrib->icv_len, pattrib->encrypt);
1341 pattrib->encrypt = 0;
1342 pattrib->iv_len = pattrib->icv_len = 0;
1349 static signed int validate_80211w_mgmt(struct adapter *adapter, union recv_frame *precv_frame)
1351 struct mlme_priv *pmlmepriv = &adapter->mlmepriv;
1352 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
1353 u8 *ptr = precv_frame->u.hdr.rx_data;
1356 subtype = GetFrameSubType(ptr); /* bit(7)~bit(2) */
1358 /* only support station mode */
1359 if (check_fwstate(pmlmepriv, WIFI_STATION_STATE) && check_fwstate(pmlmepriv, _FW_LINKED) &&
1360 adapter->securitypriv.binstallBIPkey == true) {
1361 /* unicast management frame decrypt */
1362 if (pattrib->privacy && !(IS_MCAST(GetAddr1Ptr(ptr))) &&
1363 (subtype == WIFI_DEAUTH || subtype == WIFI_DISASSOC || subtype == WIFI_ACTION)) {
1367 pattrib->bdecrypted = 0;
1368 pattrib->encrypt = _AES_;
1369 pattrib->hdrlen = sizeof(struct ieee80211_hdr_3addr);
1370 /* set iv and icv length */
1371 SET_ICE_IV_LEN(pattrib->iv_len, pattrib->icv_len, pattrib->encrypt);
1372 memcpy(pattrib->ra, GetAddr1Ptr(ptr), ETH_ALEN);
1373 memcpy(pattrib->ta, GetAddr2Ptr(ptr), ETH_ALEN);
1374 /* actual management data frame body */
1375 data_len = pattrib->pkt_len - pattrib->hdrlen - pattrib->iv_len - pattrib->icv_len;
1376 mgmt_DATA = rtw_zmalloc(data_len);
1378 goto validate_80211w_fail;
1380 precv_frame = decryptor(adapter, precv_frame);
1381 /* save actual management data frame body */
1382 memcpy(mgmt_DATA, ptr+pattrib->hdrlen+pattrib->iv_len, data_len);
1383 /* overwrite the iv field */
1384 memcpy(ptr+pattrib->hdrlen, mgmt_DATA, data_len);
1385 /* remove the iv and icv length */
1386 pattrib->pkt_len = pattrib->pkt_len - pattrib->iv_len - pattrib->icv_len;
1389 goto validate_80211w_fail;
1391 } else if (IS_MCAST(GetAddr1Ptr(ptr)) &&
1392 (subtype == WIFI_DEAUTH || subtype == WIFI_DISASSOC)) {
1393 signed int BIP_ret = _SUCCESS;
1394 /* verify BIP MME IE of broadcast/multicast de-auth/disassoc packet */
1395 BIP_ret = rtw_BIP_verify(adapter, (u8 *)precv_frame);
1396 if (BIP_ret == _FAIL) {
1397 goto validate_80211w_fail;
1398 } else if (BIP_ret == RTW_RX_HANDLED) {
1399 /* issue sa query request */
1400 issue_action_SA_Query(adapter, NULL, 0, 0);
1401 goto validate_80211w_fail;
1403 } else { /* 802.11w protect */
1404 if (subtype == WIFI_ACTION) {
1405 /* according 802.11-2012 standard, these five types are not robust types */
1406 if (ptr[WLAN_HDR_A3_LEN] != RTW_WLAN_CATEGORY_PUBLIC &&
1407 ptr[WLAN_HDR_A3_LEN] != RTW_WLAN_CATEGORY_HT &&
1408 ptr[WLAN_HDR_A3_LEN] != RTW_WLAN_CATEGORY_UNPROTECTED_WNM &&
1409 ptr[WLAN_HDR_A3_LEN] != RTW_WLAN_CATEGORY_SELF_PROTECTED &&
1410 ptr[WLAN_HDR_A3_LEN] != RTW_WLAN_CATEGORY_P2P) {
1411 goto validate_80211w_fail;
1413 } else if (subtype == WIFI_DEAUTH || subtype == WIFI_DISASSOC) {
1414 /* issue sa query request */
1415 issue_action_SA_Query(adapter, NULL, 0, 0);
1416 goto validate_80211w_fail;
1422 validate_80211w_fail:
1427 static signed int validate_recv_frame(struct adapter *adapter, union recv_frame *precv_frame)
1429 /* shall check frame subtype, to / from ds, da, bssid */
1431 /* then call check if rx seq/frag. duplicated. */
1435 signed int retval = _SUCCESS;
1438 struct rx_pkt_attrib *pattrib = &precv_frame->u.hdr.attrib;
1440 u8 *ptr = precv_frame->u.hdr.rx_data;
1441 u8 ver = (unsigned char) (*ptr)&0x3;
1443 /* add version chk */
1449 type = GetFrameType(ptr);
1450 subtype = GetFrameSubType(ptr); /* bit(7)~bit(2) */
1452 pattrib->to_fr_ds = get_tofr_ds(ptr);
1454 pattrib->frag_num = GetFragNum(ptr);
1455 pattrib->seq_num = GetSequence(ptr);
1457 pattrib->pw_save = GetPwrMgt(ptr);
1458 pattrib->mfrag = GetMFrag(ptr);
1459 pattrib->mdata = GetMData(ptr);
1460 pattrib->privacy = GetPrivacy(ptr);
1461 pattrib->order = GetOrder(ptr);
1462 rtw_hal_get_def_var(adapter, HAL_DEF_DBG_DUMP_RXPKT, &(bDumpRxPkt));
1465 case WIFI_MGT_TYPE: /* mgnt */
1466 if (validate_80211w_mgmt(adapter, precv_frame) == _FAIL) {
1471 retval = validate_recv_mgnt_frame(adapter, precv_frame);
1472 retval = _FAIL; /* only data frame return _SUCCESS */
1474 case WIFI_CTRL_TYPE: /* ctrl */
1475 retval = validate_recv_ctrl_frame(adapter, precv_frame);
1476 retval = _FAIL; /* only data frame return _SUCCESS */
1478 case WIFI_DATA_TYPE: /* data */
1479 pattrib->qos = (subtype & BIT(7)) ? 1:0;
1480 retval = validate_recv_data_frame(adapter, precv_frame);
1481 if (retval == _FAIL) {
1482 struct recv_priv *precvpriv = &adapter->recvpriv;
1483 precvpriv->rx_drop++;
1484 } else if (retval == _SUCCESS) {
1485 #ifdef DBG_RX_DUMP_EAP
1490 rtw_hal_get_def_var(adapter, HAL_DEF_DBG_DUMP_RXPKT, &(bDumpRxPkt));
1491 /* get ether_type */
1492 memcpy(ð_type, ptr + pattrib->hdrlen + pattrib->iv_len + LLC_HEADER_LENGTH, 2);
1493 eth_type = ntohs((unsigned short) eth_type);
1506 /* remove the wlanhdr and add the eth_hdr */
1507 static signed int wlanhdr_to_ethhdr(union recv_frame *precvframe)
1513 struct ieee80211_snap_hdr *psnap;
1515 struct adapter *adapter = precvframe->u.hdr.adapter;
1516 struct mlme_priv *pmlmepriv = &adapter->mlmepriv;
1517 u8 *ptr = precvframe->u.hdr.rx_data; /* point to frame_ctrl field */
1518 struct rx_pkt_attrib *pattrib = &precvframe->u.hdr.attrib;
1520 if (pattrib->encrypt)
1521 recvframe_pull_tail(precvframe, pattrib->icv_len);
1523 psnap = (struct ieee80211_snap_hdr *)(ptr+pattrib->hdrlen + pattrib->iv_len);
1524 psnap_type = ptr+pattrib->hdrlen + pattrib->iv_len+SNAP_SIZE;
1525 /* convert hdr + possible LLC headers into Ethernet header */
1526 /* eth_type = (psnap_type[0] << 8) | psnap_type[1]; */
1527 if ((!memcmp(psnap, rfc1042_header, SNAP_SIZE) &&
1528 (memcmp(psnap_type, SNAP_ETH_TYPE_IPX, 2)) &&
1529 (memcmp(psnap_type, SNAP_ETH_TYPE_APPLETALK_AARP, 2))) ||
1530 /* eth_type != ETH_P_AARP && eth_type != ETH_P_IPX) || */
1531 !memcmp(psnap, bridge_tunnel_header, SNAP_SIZE)) {
1532 /* remove RFC1042 or Bridge-Tunnel encapsulation and replace EtherType */
1535 /* Leave Ethernet header part of hdr and full payload */
1538 rmv_len = pattrib->hdrlen + pattrib->iv_len + (bsnaphdr?SNAP_SIZE:0);
1539 len = precvframe->u.hdr.len - rmv_len;
1541 memcpy(&be_tmp, ptr+rmv_len, 2);
1542 eth_type = ntohs(be_tmp); /* pattrib->ether_type */
1543 pattrib->eth_type = eth_type;
1545 if ((check_fwstate(pmlmepriv, WIFI_MP_STATE) == true)) {
1551 /* append rx status for mp test packets */
1552 ptr = recvframe_pull(precvframe, (rmv_len-sizeof(struct ethhdr)+2)-24);
1555 memcpy(ptr, get_rxmem(precvframe), 24);
1558 ptr = recvframe_pull(precvframe, (rmv_len-sizeof(struct ethhdr) + (bsnaphdr?2:0)));
1563 memcpy(ptr, pattrib->dst, ETH_ALEN);
1564 memcpy(ptr+ETH_ALEN, pattrib->src, ETH_ALEN);
1567 be_tmp = htons(len);
1568 memcpy(ptr+12, &be_tmp, 2);
1574 static int amsdu_to_msdu(struct adapter *padapter, union recv_frame *prframe)
1576 int a_len, padding_len;
1577 u16 nSubframe_Length;
1580 struct sk_buff *sub_pkt, *subframes[MAX_SUBFRAME_COUNT];
1581 struct recv_priv *precvpriv = &padapter->recvpriv;
1582 struct __queue *pfree_recv_queue = &(precvpriv->free_recv_queue);
1586 recvframe_pull(prframe, prframe->u.hdr.attrib.hdrlen);
1588 if (prframe->u.hdr.attrib.iv_len > 0)
1589 recvframe_pull(prframe, prframe->u.hdr.attrib.iv_len);
1591 a_len = prframe->u.hdr.len;
1593 pdata = prframe->u.hdr.rx_data;
1595 while (a_len > ETH_HLEN) {
1597 /* Offset 12 denote 2 mac address */
1598 nSubframe_Length = get_unaligned_be16(pdata + 12);
1600 if (a_len < ETH_HLEN + nSubframe_Length)
1603 sub_pkt = rtw_os_alloc_msdu_pkt(prframe, nSubframe_Length, pdata);
1607 /* move the data point to data content */
1611 subframes[nr_subframes++] = sub_pkt;
1613 if (nr_subframes >= MAX_SUBFRAME_COUNT)
1616 pdata += nSubframe_Length;
1617 a_len -= nSubframe_Length;
1619 padding_len = 4 - ((nSubframe_Length + ETH_HLEN) & (4-1));
1620 if (padding_len == 4)
1623 if (a_len < padding_len)
1626 pdata += padding_len;
1627 a_len -= padding_len;
1631 for (i = 0; i < nr_subframes; i++) {
1632 sub_pkt = subframes[i];
1634 /* Indicate the packets to upper layer */
1636 rtw_os_recv_indicate_pkt(padapter, sub_pkt, &prframe->u.hdr.attrib);
1639 prframe->u.hdr.len = 0;
1640 rtw_free_recvframe(prframe, pfree_recv_queue);/* free this recv_frame */
1645 static int check_indicate_seq(struct recv_reorder_ctrl *preorder_ctrl, u16 seq_num)
1647 struct adapter *padapter = preorder_ctrl->padapter;
1648 struct dvobj_priv *psdpriv = padapter->dvobj;
1649 struct debug_priv *pdbgpriv = &psdpriv->drv_dbg;
1650 u8 wsize = preorder_ctrl->wsize_b;
1651 u16 wend = (preorder_ctrl->indicate_seq + wsize - 1) & 0xFFF;/* 4096; */
1653 /* Rx Reorder initialize condition. */
1654 if (preorder_ctrl->indicate_seq == 0xFFFF) {
1655 preorder_ctrl->indicate_seq = seq_num;
1658 /* Drop out the packet which SeqNum is smaller than WinStart */
1659 if (SN_LESS(seq_num, preorder_ctrl->indicate_seq)) {
1664 /* Sliding window manipulation. Conditions includes: */
1665 /* 1. Incoming SeqNum is equal to WinStart =>Window shift 1 */
1666 /* 2. Incoming SeqNum is larger than the WinEnd => Window shift N */
1668 if (SN_EQUAL(seq_num, preorder_ctrl->indicate_seq)) {
1669 preorder_ctrl->indicate_seq = (preorder_ctrl->indicate_seq + 1) & 0xFFF;
1671 } else if (SN_LESS(wend, seq_num)) {
1672 /* boundary situation, when seq_num cross 0xFFF */
1673 if (seq_num >= (wsize - 1))
1674 preorder_ctrl->indicate_seq = seq_num + 1 - wsize;
1676 preorder_ctrl->indicate_seq = 0xFFF - (wsize - (seq_num + 1)) + 1;
1677 pdbgpriv->dbg_rx_ampdu_window_shift_cnt++;
1683 static int enqueue_reorder_recvframe(struct recv_reorder_ctrl *preorder_ctrl, union recv_frame *prframe)
1685 struct rx_pkt_attrib *pattrib = &prframe->u.hdr.attrib;
1686 struct __queue *ppending_recvframe_queue = &preorder_ctrl->pending_recvframe_queue;
1687 struct list_head *phead, *plist;
1688 union recv_frame *pnextrframe;
1689 struct rx_pkt_attrib *pnextattrib;
1691 /* spin_lock_irqsave(&ppending_recvframe_queue->lock, irql); */
1692 /* spin_lock(&ppending_recvframe_queue->lock); */
1695 phead = get_list_head(ppending_recvframe_queue);
1696 plist = get_next(phead);
1698 while (phead != plist) {
1699 pnextrframe = (union recv_frame *)plist;
1700 pnextattrib = &pnextrframe->u.hdr.attrib;
1702 if (SN_LESS(pnextattrib->seq_num, pattrib->seq_num))
1703 plist = get_next(plist);
1704 else if (SN_EQUAL(pnextattrib->seq_num, pattrib->seq_num))
1705 /* Duplicate entry is found!! Do not insert current entry. */
1706 /* spin_unlock_irqrestore(&ppending_recvframe_queue->lock, irql); */
1714 /* spin_lock_irqsave(&ppending_recvframe_queue->lock, irql); */
1715 /* spin_lock(&ppending_recvframe_queue->lock); */
1717 list_del_init(&(prframe->u.hdr.list));
1719 list_add_tail(&(prframe->u.hdr.list), plist);
1721 /* spin_unlock(&ppending_recvframe_queue->lock); */
1722 /* spin_unlock_irqrestore(&ppending_recvframe_queue->lock, irql); */
1728 static void recv_indicatepkts_pkt_loss_cnt(struct debug_priv *pdbgpriv, u64 prev_seq, u64 current_seq)
1730 if (current_seq < prev_seq)
1731 pdbgpriv->dbg_rx_ampdu_loss_count += (4096 + current_seq - prev_seq);
1733 pdbgpriv->dbg_rx_ampdu_loss_count += (current_seq - prev_seq);
1737 static int recv_indicatepkts_in_order(struct adapter *padapter, struct recv_reorder_ctrl *preorder_ctrl, int bforced)
1739 struct list_head *phead, *plist;
1740 union recv_frame *prframe;
1741 struct rx_pkt_attrib *pattrib;
1743 int bPktInBuf = false;
1744 struct recv_priv *precvpriv = &padapter->recvpriv;
1745 struct __queue *ppending_recvframe_queue = &preorder_ctrl->pending_recvframe_queue;
1746 struct dvobj_priv *psdpriv = padapter->dvobj;
1747 struct debug_priv *pdbgpriv = &psdpriv->drv_dbg;
1749 /* spin_lock_irqsave(&ppending_recvframe_queue->lock, irql); */
1750 /* spin_lock(&ppending_recvframe_queue->lock); */
1752 phead = get_list_head(ppending_recvframe_queue);
1753 plist = get_next(phead);
1755 /* Handling some condition for forced indicate case. */
1756 if (bforced == true) {
1757 pdbgpriv->dbg_rx_ampdu_forced_indicate_count++;
1758 if (list_empty(phead)) {
1759 /* spin_unlock_irqrestore(&ppending_recvframe_queue->lock, irql); */
1760 /* spin_unlock(&ppending_recvframe_queue->lock); */
1764 prframe = (union recv_frame *)plist;
1765 pattrib = &prframe->u.hdr.attrib;
1767 recv_indicatepkts_pkt_loss_cnt(pdbgpriv, preorder_ctrl->indicate_seq, pattrib->seq_num);
1768 preorder_ctrl->indicate_seq = pattrib->seq_num;
1772 /* Prepare indication list and indication. */
1773 /* Check if there is any packet need indicate. */
1774 while (!list_empty(phead)) {
1776 prframe = (union recv_frame *)plist;
1777 pattrib = &prframe->u.hdr.attrib;
1779 if (!SN_LESS(preorder_ctrl->indicate_seq, pattrib->seq_num)) {
1780 plist = get_next(plist);
1781 list_del_init(&(prframe->u.hdr.list));
1783 if (SN_EQUAL(preorder_ctrl->indicate_seq, pattrib->seq_num))
1784 preorder_ctrl->indicate_seq = (preorder_ctrl->indicate_seq + 1) & 0xFFF;
1786 /* Set this as a lock to make sure that only one thread is indicating packet. */
1787 /* pTS->RxIndicateState = RXTS_INDICATE_PROCESSING; */
1789 /* Indicate packets */
1791 /* indicate this recv_frame */
1792 if (!pattrib->amsdu) {
1793 if ((padapter->bDriverStopped == false) &&
1794 (padapter->bSurpriseRemoved == false))
1795 rtw_recv_indicatepkt(padapter, prframe);/* indicate this recv_frame */
1797 } else if (pattrib->amsdu == 1) {
1798 if (amsdu_to_msdu(padapter, prframe) != _SUCCESS)
1799 rtw_free_recvframe(prframe, &precvpriv->free_recv_queue);
1802 /* error condition; */
1806 /* Update local variables. */
1816 /* spin_unlock(&ppending_recvframe_queue->lock); */
1817 /* spin_unlock_irqrestore(&ppending_recvframe_queue->lock, irql); */
1822 static int recv_indicatepkt_reorder(struct adapter *padapter, union recv_frame *prframe)
1824 int retval = _SUCCESS;
1825 struct rx_pkt_attrib *pattrib = &prframe->u.hdr.attrib;
1826 struct recv_reorder_ctrl *preorder_ctrl = prframe->u.hdr.preorder_ctrl;
1827 struct __queue *ppending_recvframe_queue = &preorder_ctrl->pending_recvframe_queue;
1828 struct dvobj_priv *psdpriv = padapter->dvobj;
1829 struct debug_priv *pdbgpriv = &psdpriv->drv_dbg;
1831 if (!pattrib->amsdu) {
1833 wlanhdr_to_ethhdr(prframe);
1835 if (pattrib->qos != 1) {
1836 if ((padapter->bDriverStopped == false) &&
1837 (padapter->bSurpriseRemoved == false)) {
1838 rtw_recv_indicatepkt(padapter, prframe);
1847 if (preorder_ctrl->enable == false) {
1848 /* indicate this recv_frame */
1849 preorder_ctrl->indicate_seq = pattrib->seq_num;
1851 rtw_recv_indicatepkt(padapter, prframe);
1853 preorder_ctrl->indicate_seq = (preorder_ctrl->indicate_seq + 1)%4096;
1857 } else if (pattrib->amsdu == 1) { /* temp filter -> means didn't support A-MSDUs in a A-MPDU */
1858 if (preorder_ctrl->enable == false) {
1859 preorder_ctrl->indicate_seq = pattrib->seq_num;
1861 retval = amsdu_to_msdu(padapter, prframe);
1863 preorder_ctrl->indicate_seq = (preorder_ctrl->indicate_seq + 1)%4096;
1865 if (retval != _SUCCESS) {
1872 spin_lock_bh(&ppending_recvframe_queue->lock);
1874 /* s2. check if winstart_b(indicate_seq) needs to been updated */
1875 if (!check_indicate_seq(preorder_ctrl, pattrib->seq_num)) {
1876 pdbgpriv->dbg_rx_ampdu_drop_count++;
1881 /* s3. Insert all packet into Reorder Queue to maintain its ordering. */
1882 if (!enqueue_reorder_recvframe(preorder_ctrl, prframe)) {
1883 /* spin_unlock_irqrestore(&ppending_recvframe_queue->lock, irql); */
1890 /* Indication process. */
1891 /* After Packet dropping and Sliding Window shifting as above, we can now just indicate the packets */
1892 /* with the SeqNum smaller than latest WinStart and buffer other packets. */
1894 /* For Rx Reorder condition: */
1895 /* 1. All packets with SeqNum smaller than WinStart => Indicate */
1896 /* 2. All packets with SeqNum larger than or equal to WinStart => Buffer it. */
1899 /* recv_indicatepkts_in_order(padapter, preorder_ctrl, true); */
1900 if (recv_indicatepkts_in_order(padapter, preorder_ctrl, false) == true) {
1901 _set_timer(&preorder_ctrl->reordering_ctrl_timer, REORDER_WAIT_TIME);
1902 spin_unlock_bh(&ppending_recvframe_queue->lock);
1904 spin_unlock_bh(&ppending_recvframe_queue->lock);
1905 del_timer_sync(&preorder_ctrl->reordering_ctrl_timer);
1911 spin_unlock_bh(&ppending_recvframe_queue->lock);
1917 void rtw_reordering_ctrl_timeout_handler(struct timer_list *t)
1919 struct recv_reorder_ctrl *preorder_ctrl =
1920 from_timer(preorder_ctrl, t, reordering_ctrl_timer);
1921 struct adapter *padapter = preorder_ctrl->padapter;
1922 struct __queue *ppending_recvframe_queue = &preorder_ctrl->pending_recvframe_queue;
1925 if (padapter->bDriverStopped || padapter->bSurpriseRemoved)
1928 spin_lock_bh(&ppending_recvframe_queue->lock);
1930 if (recv_indicatepkts_in_order(padapter, preorder_ctrl, true) == true)
1931 _set_timer(&preorder_ctrl->reordering_ctrl_timer, REORDER_WAIT_TIME);
1933 spin_unlock_bh(&ppending_recvframe_queue->lock);
1937 static int process_recv_indicatepkts(struct adapter *padapter, union recv_frame *prframe)
1939 int retval = _SUCCESS;
1940 /* struct recv_priv *precvpriv = &padapter->recvpriv; */
1941 /* struct rx_pkt_attrib *pattrib = &prframe->u.hdr.attrib; */
1942 struct mlme_priv *pmlmepriv = &padapter->mlmepriv;
1943 struct ht_priv *phtpriv = &pmlmepriv->htpriv;
1945 if (phtpriv->ht_option == true) { /* B/G/N Mode */
1946 /* prframe->u.hdr.preorder_ctrl = &precvpriv->recvreorder_ctrl[pattrib->priority]; */
1948 if (recv_indicatepkt_reorder(padapter, prframe) != _SUCCESS) { /* including perform A-MPDU Rx Ordering Buffer Control */
1950 if ((padapter->bDriverStopped == false) &&
1951 (padapter->bSurpriseRemoved == false)) {
1956 } else { /* B/G mode */
1957 retval = wlanhdr_to_ethhdr(prframe);
1958 if (retval != _SUCCESS)
1961 if ((padapter->bDriverStopped == false) && (padapter->bSurpriseRemoved == false)) {
1962 /* indicate this recv_frame */
1963 rtw_recv_indicatepkt(padapter, prframe);
1975 static int recv_func_prehandle(struct adapter *padapter, union recv_frame *rframe)
1978 struct __queue *pfree_recv_queue = &padapter->recvpriv.free_recv_queue;
1980 /* check the frame crtl field and decache */
1981 ret = validate_recv_frame(padapter, rframe);
1982 if (ret != _SUCCESS) {
1983 rtw_free_recvframe(rframe, pfree_recv_queue);/* free this recv_frame */
1991 static int recv_func_posthandle(struct adapter *padapter, union recv_frame *prframe)
1994 union recv_frame *orig_prframe = prframe;
1995 struct recv_priv *precvpriv = &padapter->recvpriv;
1996 struct __queue *pfree_recv_queue = &padapter->recvpriv.free_recv_queue;
1998 prframe = decryptor(padapter, prframe);
2001 goto _recv_data_drop;
2004 prframe = recvframe_chk_defrag(padapter, prframe);
2006 goto _recv_data_drop;
2008 prframe = portctrl(padapter, prframe);
2011 goto _recv_data_drop;
2014 count_rx_stats(padapter, prframe, NULL);
2016 ret = process_recv_indicatepkts(padapter, prframe);
2017 if (ret != _SUCCESS) {
2018 rtw_free_recvframe(orig_prframe, pfree_recv_queue);/* free this recv_frame */
2019 goto _recv_data_drop;
2023 precvpriv->rx_drop++;
2027 static int recv_func(struct adapter *padapter, union recv_frame *rframe)
2030 struct rx_pkt_attrib *prxattrib = &rframe->u.hdr.attrib;
2031 struct recv_priv *recvpriv = &padapter->recvpriv;
2032 struct security_priv *psecuritypriv = &padapter->securitypriv;
2033 struct mlme_priv *mlmepriv = &padapter->mlmepriv;
2035 /* check if need to handle uc_swdec_pending_queue*/
2036 if (check_fwstate(mlmepriv, WIFI_STATION_STATE) && psecuritypriv->busetkipkey) {
2037 union recv_frame *pending_frame;
2040 while ((pending_frame = rtw_alloc_recvframe(&padapter->recvpriv.uc_swdec_pending_queue))) {
2042 recv_func_posthandle(padapter, pending_frame);
2046 ret = recv_func_prehandle(padapter, rframe);
2048 if (ret == _SUCCESS) {
2050 /* check if need to enqueue into uc_swdec_pending_queue*/
2051 if (check_fwstate(mlmepriv, WIFI_STATION_STATE) &&
2052 !IS_MCAST(prxattrib->ra) && prxattrib->encrypt > 0 &&
2053 (prxattrib->bdecrypted == 0 || psecuritypriv->sw_decrypt == true) &&
2054 psecuritypriv->ndisauthtype == Ndis802_11AuthModeWPAPSK &&
2055 !psecuritypriv->busetkipkey) {
2056 rtw_enqueue_recvframe(rframe, &padapter->recvpriv.uc_swdec_pending_queue);
2058 if (recvpriv->free_recvframe_cnt < NR_RECVFRAME/4) {
2059 /* to prevent from recvframe starvation, get recvframe from uc_swdec_pending_queue to free_recvframe_cnt */
2060 rframe = rtw_alloc_recvframe(&padapter->recvpriv.uc_swdec_pending_queue);
2068 ret = recv_func_posthandle(padapter, rframe);
2076 s32 rtw_recv_entry(union recv_frame *precvframe)
2078 struct adapter *padapter;
2079 struct recv_priv *precvpriv;
2082 padapter = precvframe->u.hdr.adapter;
2084 precvpriv = &padapter->recvpriv;
2086 ret = recv_func(padapter, precvframe);
2088 goto _recv_entry_drop;
2092 precvpriv->rx_pkts++;
2101 static void rtw_signal_stat_timer_hdl(struct timer_list *t)
2103 struct adapter *adapter =
2104 from_timer(adapter, t, recvpriv.signal_stat_timer);
2105 struct recv_priv *recvpriv = &adapter->recvpriv;
2108 u8 avg_signal_strength = 0;
2109 u8 avg_signal_qual = 0;
2110 u32 num_signal_strength = 0;
2111 u32 __maybe_unused num_signal_qual = 0;
2112 u8 _alpha = 5; /* this value is based on converging_constant = 5000 and sampling_interval = 1000 */
2114 if (adapter->recvpriv.is_signal_dbg) {
2115 /* update the user specific value, signal_strength_dbg, to signal_strength, rssi */
2116 adapter->recvpriv.signal_strength = adapter->recvpriv.signal_strength_dbg;
2117 adapter->recvpriv.rssi = (s8)translate_percentage_to_dbm((u8)adapter->recvpriv.signal_strength_dbg);
2120 if (recvpriv->signal_strength_data.update_req == 0) {/* update_req is clear, means we got rx */
2121 avg_signal_strength = recvpriv->signal_strength_data.avg_val;
2122 num_signal_strength = recvpriv->signal_strength_data.total_num;
2123 /* after avg_vals are acquired, we can re-stat the signal values */
2124 recvpriv->signal_strength_data.update_req = 1;
2127 if (recvpriv->signal_qual_data.update_req == 0) {/* update_req is clear, means we got rx */
2128 avg_signal_qual = recvpriv->signal_qual_data.avg_val;
2129 num_signal_qual = recvpriv->signal_qual_data.total_num;
2130 /* after avg_vals are acquired, we can re-stat the signal values */
2131 recvpriv->signal_qual_data.update_req = 1;
2134 if (num_signal_strength == 0) {
2135 if (rtw_get_on_cur_ch_time(adapter) == 0 ||
2136 jiffies_to_msecs(jiffies - rtw_get_on_cur_ch_time(adapter)) < 2 * adapter->mlmeextpriv.mlmext_info.bcn_interval
2142 if (check_fwstate(&adapter->mlmepriv, _FW_UNDER_SURVEY) == true ||
2143 check_fwstate(&adapter->mlmepriv, _FW_LINKED) == false
2148 /* update value of signal_strength, rssi, signal_qual */
2149 tmp_s = (avg_signal_strength+(_alpha-1)*recvpriv->signal_strength);
2151 tmp_s = tmp_s/_alpha + 1;
2153 tmp_s = tmp_s/_alpha;
2157 tmp_q = (avg_signal_qual+(_alpha-1)*recvpriv->signal_qual);
2159 tmp_q = tmp_q/_alpha + 1;
2161 tmp_q = tmp_q/_alpha;
2165 recvpriv->signal_strength = tmp_s;
2166 recvpriv->rssi = (s8)translate_percentage_to_dbm(tmp_s);
2167 recvpriv->signal_qual = tmp_q;
2171 rtw_set_signal_stat_timer(recvpriv);
projects / releases.git / blob