1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Driver for KeyStream wireless LAN cards. 4 * 5 * Copyright (C) 2005-2008 KeyStream Corp. 6 * Copyright (C) 2009 Renesas Technology Corp. 7 */ 8 9#include <crypto/hash.h> 10#include <linux/circ_buf.h> 11#include <linux/if_arp.h> 12#include <net/iw_handler.h> 13#include <uapi/linux/llc.h> 14#include "eap_packet.h" 15#include "ks_wlan.h" 16#include "ks_hostif.h" 17 18#define MICHAEL_MIC_KEY_LEN 8 19#define MICHAEL_MIC_LEN 8 20 21static inline void inc_smeqhead(struct ks_wlan_private *priv) 22{ 23 priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE; 24} 25 26static inline void inc_smeqtail(struct ks_wlan_private *priv) 27{ 28 priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE; 29} 30 31static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv) 32{ 33 return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail, 34 SME_EVENT_BUFF_SIZE); 35} 36 37static inline u8 get_byte(struct ks_wlan_private *priv) 38{ 39 u8 data; 40 41 data = *priv->rxp++; 42 /* length check in advance ! */ 43 --(priv->rx_size); 44 return data; 45} 46 47static inline u16 get_word(struct ks_wlan_private *priv) 48{ 49 u16 data; 50 51 data = (get_byte(priv) & 0xff); 52 data |= ((get_byte(priv) << 8) & 0xff00); 53 return data; 54} 55 56static inline u32 get_dword(struct ks_wlan_private *priv) 57{ 58 u32 data; 59 60 data = (get_byte(priv) & 0xff); 61 data |= ((get_byte(priv) << 8) & 0x0000ff00); 62 data |= ((get_byte(priv) << 16) & 0x00ff0000); 63 data |= ((get_byte(priv) << 24) & 0xff000000); 64 return data; 65} 66 67static void ks_wlan_hw_wakeup_task(struct work_struct *work) 68{ 69 struct ks_wlan_private *priv; 70 int ps_status; 71 long time_left; 72 73 priv = container_of(work, struct ks_wlan_private, wakeup_work); 74 ps_status = atomic_read(&priv->psstatus.status); 75 76 if (ps_status == PS_SNOOZE) { 77 ks_wlan_hw_wakeup_request(priv); 78 time_left = wait_for_completion_interruptible_timeout(&priv->psstatus.wakeup_wait, 79 msecs_to_jiffies(20)); 80 if (time_left <= 0) { 81 netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n"); 82 schedule_work(&priv->wakeup_work); 83 return; 84 } 85 } 86} 87 88static void ks_wlan_do_power_save(struct ks_wlan_private *priv) 89{ 90 if (is_connect_status(priv->connect_status)) 91 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST); 92 else 93 priv->dev_state = DEVICE_STATE_READY; 94} 95 96static 97int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info) 98{ 99 struct local_ap *ap; 100 union iwreq_data wrqu; 101 struct net_device *netdev = priv->net_dev; 102 u8 size; 103 104 ap = &priv->current_ap; 105 106 if (is_disconnect_status(priv->connect_status)) { 107 memset(ap, 0, sizeof(struct local_ap)); 108 return -EPERM; 109 } 110 111 ether_addr_copy(ap->bssid, ap_info->bssid); 112 memcpy(ap->ssid.body, priv->reg.ssid.body, 113 priv->reg.ssid.size); 114 ap->ssid.size = priv->reg.ssid.size; 115 memcpy(ap->rate_set.body, ap_info->rate_set.body, 116 ap_info->rate_set.size); 117 ap->rate_set.size = ap_info->rate_set.size; 118 if (ap_info->ext_rate_set.size != 0) { 119 memcpy(&ap->rate_set.body[ap->rate_set.size], 120 ap_info->ext_rate_set.body, 121 ap_info->ext_rate_set.size); 122 ap->rate_set.size += ap_info->ext_rate_set.size; 123 } 124 ap->channel = ap_info->ds_parameter.channel; 125 ap->rssi = ap_info->rssi; 126 ap->sq = ap_info->sq; 127 ap->noise = ap_info->noise; 128 ap->capability = le16_to_cpu(ap_info->capability); 129 size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ? 130 ap_info->rsn.size : RSN_IE_BODY_MAX; 131 if ((ap_info->rsn_mode & RSN_MODE_WPA2) && 132 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) { 133 ap->rsn_ie.id = RSN_INFO_ELEM_ID; 134 ap->rsn_ie.size = size; 135 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size); 136 } else if ((ap_info->rsn_mode & RSN_MODE_WPA) && 137 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) { 138 ap->wpa_ie.id = WPA_INFO_ELEM_ID; 139 ap->wpa_ie.size = size; 140 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size); 141 } else { 142 ap->rsn_ie.id = 0; 143 ap->rsn_ie.size = 0; 144 ap->wpa_ie.id = 0; 145 ap->wpa_ie.size = 0; 146 } 147 148 wrqu.data.length = 0; 149 wrqu.data.flags = 0; 150 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 151 if (is_connect_status(priv->connect_status)) { 152 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid); 153 netdev_dbg(priv->net_dev, 154 "IWEVENT: connect bssid=%pM\n", 155 wrqu.ap_addr.sa_data); 156 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL); 157 } 158 netdev_dbg(priv->net_dev, "Link AP\n" 159 "- bssid=%pM\n" 160 "- essid=%s\n" 161 "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n" 162 "- channel=%d\n" 163 "- rssi=%d\n" 164 "- sq=%d\n" 165 "- capability=%04X\n" 166 "- rsn.mode=%d\n" 167 "- rsn.size=%d\n" 168 "- ext_rate_set_size=%d\n" 169 "- rate_set_size=%d\n", 170 ap->bssid, 171 &ap->ssid.body[0], 172 ap->rate_set.body[0], ap->rate_set.body[1], 173 ap->rate_set.body[2], ap->rate_set.body[3], 174 ap->rate_set.body[4], ap->rate_set.body[5], 175 ap->rate_set.body[6], ap->rate_set.body[7], 176 ap->channel, ap->rssi, ap->sq, ap->capability, 177 ap_info->rsn_mode, ap_info->rsn.size, 178 ap_info->ext_rate_set.size, ap_info->rate_set.size); 179 180 return 0; 181} 182 183static u8 read_ie(unsigned char *bp, u8 max, u8 *body) 184{ 185 u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max; 186 187 memcpy(body, bp + 2, size); 188 return size; 189} 190 191static int 192michael_mic(u8 *key, u8 *data, unsigned int len, u8 priority, u8 *result) 193{ 194 u8 pad_data[4] = { priority, 0, 0, 0 }; 195 struct crypto_shash *tfm = NULL; 196 struct shash_desc *desc = NULL; 197 int ret; 198 199 tfm = crypto_alloc_shash("michael_mic", 0, 0); 200 if (IS_ERR(tfm)) { 201 ret = PTR_ERR(tfm); 202 goto err; 203 } 204 205 ret = crypto_shash_setkey(tfm, key, MICHAEL_MIC_KEY_LEN); 206 if (ret < 0) 207 goto err_free_tfm; 208 209 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL); 210 if (!desc) { 211 ret = -ENOMEM; 212 goto err_free_tfm; 213 } 214 215 desc->tfm = tfm; 216 217 ret = crypto_shash_init(desc); 218 if (ret < 0) 219 goto err_free_desc; 220 221 // Compute the MIC value 222 /* 223 * IEEE802.11i page 47 224 * Figure 43g TKIP MIC processing format 225 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 226 * |6 |6 |1 |3 |M |1 |1 |1 |1 |1 |1 |1 |1 | Octet 227 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 228 * |DA|SA|Priority|0 |Data|M0|M1|M2|M3|M4|M5|M6|M7| 229 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 230 */ 231 232 ret = crypto_shash_update(desc, data, 12); 233 if (ret < 0) 234 goto err_free_desc; 235 236 ret = crypto_shash_update(desc, pad_data, 4); 237 if (ret < 0) 238 goto err_free_desc; 239 240 ret = crypto_shash_finup(desc, data + 12, len - 12, result); 241 242err_free_desc: 243 kfree_sensitive(desc); 244 245err_free_tfm: 246 crypto_free_shash(tfm); 247 248err: 249 return ret; 250} 251 252static 253int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info, 254 struct local_ap *ap) 255{ 256 unsigned char *bp; 257 int bsize, offset; 258 259 memset(ap, 0, sizeof(struct local_ap)); 260 261 ether_addr_copy(ap->bssid, ap_info->bssid); 262 ap->rssi = ap_info->rssi; 263 ap->sq = ap_info->sq; 264 ap->noise = ap_info->noise; 265 ap->capability = le16_to_cpu(ap_info->capability); 266 ap->channel = ap_info->ch_info; 267 268 bp = ap_info->body; 269 bsize = le16_to_cpu(ap_info->body_size); 270 offset = 0; 271 272 while (bsize > offset) { 273 switch (*bp) { /* Information Element ID */ 274 case WLAN_EID_SSID: 275 ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN, 276 ap->ssid.body); 277 break; 278 case WLAN_EID_SUPP_RATES: 279 case WLAN_EID_EXT_SUPP_RATES: 280 if ((*(bp + 1) + ap->rate_set.size) <= 281 RATE_SET_MAX_SIZE) { 282 memcpy(&ap->rate_set.body[ap->rate_set.size], 283 bp + 2, *(bp + 1)); 284 ap->rate_set.size += *(bp + 1); 285 } else { 286 memcpy(&ap->rate_set.body[ap->rate_set.size], 287 bp + 2, 288 RATE_SET_MAX_SIZE - ap->rate_set.size); 289 ap->rate_set.size += 290 (RATE_SET_MAX_SIZE - ap->rate_set.size); 291 } 292 break; 293 case WLAN_EID_RSN: 294 ap->rsn_ie.id = *bp; 295 ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX, 296 ap->rsn_ie.body); 297 break; 298 case WLAN_EID_VENDOR_SPECIFIC: /* WPA */ 299 /* WPA OUI check */ 300 if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) { 301 ap->wpa_ie.id = *bp; 302 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX, 303 ap->wpa_ie.body); 304 } 305 break; 306 case WLAN_EID_DS_PARAMS: 307 case WLAN_EID_FH_PARAMS: 308 case WLAN_EID_CF_PARAMS: 309 case WLAN_EID_TIM: 310 case WLAN_EID_IBSS_PARAMS: 311 case WLAN_EID_COUNTRY: 312 case WLAN_EID_ERP_INFO: 313 break; 314 default: 315 netdev_err(priv->net_dev, 316 "unknown Element ID=%d\n", *bp); 317 break; 318 } 319 320 offset += 2; /* id & size field */ 321 offset += *(bp + 1); /* +size offset */ 322 bp += (*(bp + 1) + 2); /* pointer update */ 323 } 324 325 return 0; 326} 327 328static 329int hostif_data_indication_wpa(struct ks_wlan_private *priv, 330 unsigned short auth_type) 331{ 332 struct ether_hdr *eth_hdr; 333 unsigned short eth_proto; 334 unsigned char recv_mic[MICHAEL_MIC_LEN]; 335 char buf[128]; 336 unsigned long now; 337 struct mic_failure *mic_failure; 338 u8 mic[MICHAEL_MIC_LEN]; 339 union iwreq_data wrqu; 340 unsigned int key_index = auth_type - 1; 341 struct wpa_key *key = &priv->wpa.key[key_index]; 342 343 eth_hdr = (struct ether_hdr *)(priv->rxp); 344 eth_proto = ntohs(eth_hdr->h_proto); 345 346 if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) { 347 netdev_err(priv->net_dev, "invalid data format\n"); 348 priv->nstats.rx_errors++; 349 return -EINVAL; 350 } 351 if (((auth_type == TYPE_PMK1 && 352 priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) || 353 (auth_type == TYPE_GMK1 && 354 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) || 355 (auth_type == TYPE_GMK2 && 356 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) && 357 key->key_len) { 358 int ret; 359 360 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n", 361 eth_proto, priv->rx_size); 362 /* MIC save */ 363 memcpy(&recv_mic[0], 364 (priv->rxp) + ((priv->rx_size) - sizeof(recv_mic)), 365 sizeof(recv_mic)); 366 priv->rx_size = priv->rx_size - sizeof(recv_mic); 367 368 ret = michael_mic(key->rx_mic_key, priv->rxp, priv->rx_size, 369 0, mic); 370 if (ret < 0) 371 return ret; 372 if (memcmp(mic, recv_mic, sizeof(mic)) != 0) { 373 now = jiffies; 374 mic_failure = &priv->wpa.mic_failure; 375 /* MIC FAILURE */ 376 if (mic_failure->last_failure_time && 377 (now - mic_failure->last_failure_time) / HZ >= 60) { 378 mic_failure->failure = 0; 379 } 380 netdev_err(priv->net_dev, "MIC FAILURE\n"); 381 if (mic_failure->failure == 0) { 382 mic_failure->failure = 1; 383 mic_failure->counter = 0; 384 } else if (mic_failure->failure == 1) { 385 mic_failure->failure = 2; 386 mic_failure->counter = 387 (u16)((now - mic_failure->last_failure_time) / HZ); 388 /* range 1-60 */ 389 if (!mic_failure->counter) 390 mic_failure->counter = 1; 391 } 392 priv->wpa.mic_failure.last_failure_time = now; 393 394 /* needed parameters: count, keyid, key type, TSC */ 395 sprintf(buf, 396 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)", 397 key_index, 398 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni", 399 eth_hdr->h_source); 400 memset(&wrqu, 0, sizeof(wrqu)); 401 wrqu.data.length = strlen(buf); 402 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, 403 buf); 404 return -EINVAL; 405 } 406 } 407 return 0; 408} 409 410static 411void hostif_data_indication(struct ks_wlan_private *priv) 412{ 413 unsigned int rx_ind_size; /* indicate data size */ 414 struct sk_buff *skb; 415 u16 auth_type; 416 unsigned char temp[256]; 417 struct ether_hdr *eth_hdr; 418 struct ieee802_1x_hdr *aa1x_hdr; 419 size_t size; 420 int ret; 421 422 /* min length check */ 423 if (priv->rx_size <= ETH_HLEN) { 424 priv->nstats.rx_errors++; 425 return; 426 } 427 428 auth_type = get_word(priv); /* AuthType */ 429 get_word(priv); /* Reserve Area */ 430 431 eth_hdr = (struct ether_hdr *)(priv->rxp); 432 433 /* source address check */ 434 if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) { 435 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n"); 436 netdev_err(priv->net_dev, "eth_hdrernet->h_dest=%pM\n", eth_hdr->h_source); 437 priv->nstats.rx_errors++; 438 return; 439 } 440 441 /* for WPA */ 442 if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) { 443 ret = hostif_data_indication_wpa(priv, auth_type); 444 if (ret) 445 return; 446 } 447 448 if ((priv->connect_status & FORCE_DISCONNECT) || 449 priv->wpa.mic_failure.failure == 2) { 450 return; 451 } 452 453 /* check 13th byte at rx data */ 454 switch (*(priv->rxp + 12)) { 455 case LLC_SAP_SNAP: 456 rx_ind_size = priv->rx_size - 6; 457 skb = dev_alloc_skb(rx_ind_size); 458 if (!skb) { 459 priv->nstats.rx_dropped++; 460 return; 461 } 462 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n", 463 rx_ind_size); 464 465 size = ETH_ALEN * 2; 466 skb_put_data(skb, priv->rxp, size); 467 468 /* (SNAP+UI..) skip */ 469 470 size = rx_ind_size - (ETH_ALEN * 2); 471 skb_put_data(skb, ð_hdr->h_proto, size); 472 473 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE); 474 break; 475 case LLC_SAP_NETBEUI: 476 rx_ind_size = (priv->rx_size + 2); 477 skb = dev_alloc_skb(rx_ind_size); 478 if (!skb) { 479 priv->nstats.rx_dropped++; 480 return; 481 } 482 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n", 483 rx_ind_size); 484 485 /* 8802/FDDI MAC copy */ 486 skb_put_data(skb, priv->rxp, 12); 487 488 /* NETBEUI size add */ 489 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff); 490 temp[1] = ((rx_ind_size - 12) & 0xff); 491 skb_put_data(skb, temp, 2); 492 493 /* copy after Type */ 494 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14); 495 496 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14); 497 break; 498 default: /* other rx data */ 499 netdev_err(priv->net_dev, "invalid data format\n"); 500 priv->nstats.rx_errors++; 501 return; 502 } 503 504 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY && 505 priv->wpa.rsn_enabled) 506 atomic_set(&priv->psstatus.snooze_guard, 1); 507 508 /* rx indication */ 509 skb->dev = priv->net_dev; 510 skb->protocol = eth_type_trans(skb, skb->dev); 511 priv->nstats.rx_packets++; 512 priv->nstats.rx_bytes += rx_ind_size; 513 netif_rx(skb); 514} 515 516static 517void hostif_mib_get_confirm(struct ks_wlan_private *priv) 518{ 519 struct net_device *dev = priv->net_dev; 520 u32 mib_status; 521 u32 mib_attribute; 522 523 mib_status = get_dword(priv); 524 mib_attribute = get_dword(priv); 525 get_word(priv); /* mib_val_size */ 526 get_word(priv); /* mib_val_type */ 527 528 if (mib_status) { 529 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n", 530 mib_attribute, mib_status); 531 return; 532 } 533 534 switch (mib_attribute) { 535 case DOT11_MAC_ADDRESS: 536 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS); 537 ether_addr_copy(priv->eth_addr, priv->rxp); 538 priv->mac_address_valid = true; 539 eth_hw_addr_set(dev, priv->eth_addr); 540 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr); 541 break; 542 case DOT11_PRODUCT_VERSION: 543 priv->version_size = priv->rx_size; 544 memcpy(priv->firmware_version, priv->rxp, priv->rx_size); 545 priv->firmware_version[priv->rx_size] = '\0'; 546 netdev_info(dev, "firmware ver. = %s\n", 547 priv->firmware_version); 548 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION); 549 /* wake_up_interruptible_all(&priv->confirm_wait); */ 550 complete(&priv->confirm_wait); 551 break; 552 case LOCAL_GAIN: 553 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain)); 554 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n", 555 priv->gain.tx_mode, priv->gain.rx_mode, 556 priv->gain.tx_gain, priv->gain.rx_gain); 557 break; 558 case LOCAL_EEPROM_SUM: 559 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum)); 560 if (priv->eeprom_sum.type != 0 && 561 priv->eeprom_sum.type != 1) { 562 netdev_err(dev, "LOCAL_EEPROM_SUM error!\n"); 563 return; 564 } 565 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ? 566 EEPROM_CHECKSUM_NONE : 567 (priv->eeprom_sum.result == 0) ? 568 EEPROM_NG : EEPROM_OK; 569 break; 570 default: 571 netdev_err(priv->net_dev, "mib_attribute=%08x\n", 572 (unsigned int)mib_attribute); 573 break; 574 } 575} 576 577static 578void hostif_mib_set_confirm(struct ks_wlan_private *priv) 579{ 580 u32 mib_status; 581 u32 mib_attribute; 582 583 mib_status = get_dword(priv); 584 mib_attribute = get_dword(priv); 585 586 if (mib_status) { 587 /* in case of error */ 588 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n", 589 mib_attribute, mib_status); 590 } 591 592 switch (mib_attribute) { 593 case DOT11_RTS_THRESHOLD: 594 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM); 595 break; 596 case DOT11_FRAGMENTATION_THRESHOLD: 597 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM); 598 break; 599 case DOT11_WEP_DEFAULT_KEY_ID: 600 if (!priv->wpa.wpa_enabled) 601 hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM); 602 break; 603 case DOT11_WEP_DEFAULT_KEY_VALUE1: 604 if (priv->wpa.rsn_enabled) 605 hostif_sme_enqueue(priv, SME_SET_PMK_TSC); 606 else 607 hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM); 608 break; 609 case DOT11_WEP_DEFAULT_KEY_VALUE2: 610 if (priv->wpa.rsn_enabled) 611 hostif_sme_enqueue(priv, SME_SET_GMK1_TSC); 612 else 613 hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM); 614 break; 615 case DOT11_WEP_DEFAULT_KEY_VALUE3: 616 if (priv->wpa.rsn_enabled) 617 hostif_sme_enqueue(priv, SME_SET_GMK2_TSC); 618 else 619 hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM); 620 break; 621 case DOT11_WEP_DEFAULT_KEY_VALUE4: 622 if (!priv->wpa.rsn_enabled) 623 hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM); 624 break; 625 case DOT11_PRIVACY_INVOKED: 626 if (!priv->wpa.rsn_enabled) 627 hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM); 628 break; 629 case DOT11_RSN_ENABLED: 630 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM); 631 break; 632 case LOCAL_RSN_MODE: 633 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM); 634 break; 635 case LOCAL_MULTICAST_ADDRESS: 636 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST); 637 break; 638 case LOCAL_MULTICAST_FILTER: 639 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM); 640 break; 641 case LOCAL_CURRENTADDRESS: 642 priv->mac_address_valid = true; 643 break; 644 case DOT11_RSN_CONFIG_MULTICAST_CIPHER: 645 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM); 646 break; 647 case DOT11_RSN_CONFIG_UNICAST_CIPHER: 648 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM); 649 break; 650 case DOT11_RSN_CONFIG_AUTH_SUITE: 651 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM); 652 break; 653 case DOT11_GMK1_TSC: 654 if (atomic_read(&priv->psstatus.snooze_guard)) 655 atomic_set(&priv->psstatus.snooze_guard, 0); 656 break; 657 case DOT11_GMK2_TSC: 658 if (atomic_read(&priv->psstatus.snooze_guard)) 659 atomic_set(&priv->psstatus.snooze_guard, 0); 660 break; 661 case DOT11_PMK_TSC: 662 case LOCAL_PMK: 663 case LOCAL_GAIN: 664 case LOCAL_WPS_ENABLE: 665 case LOCAL_WPS_PROBE_REQ: 666 case LOCAL_REGION: 667 default: 668 break; 669 } 670} 671 672static 673void hostif_power_mgmt_confirm(struct ks_wlan_private *priv) 674{ 675 if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE && 676 priv->reg.operation_mode == MODE_INFRASTRUCTURE) { 677 atomic_set(&priv->psstatus.confirm_wait, 0); 678 priv->dev_state = DEVICE_STATE_SLEEP; 679 ks_wlan_hw_power_save(priv); 680 } else { 681 priv->dev_state = DEVICE_STATE_READY; 682 } 683} 684 685static 686void hostif_sleep_confirm(struct ks_wlan_private *priv) 687{ 688 atomic_set(&priv->sleepstatus.doze_request, 1); 689 queue_delayed_work(priv->wq, &priv->rw_dwork, 1); 690} 691 692static 693void hostif_start_confirm(struct ks_wlan_private *priv) 694{ 695 union iwreq_data wrqu; 696 697 wrqu.data.length = 0; 698 wrqu.data.flags = 0; 699 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 700 if (is_connect_status(priv->connect_status)) { 701 eth_zero_addr(wrqu.ap_addr.sa_data); 702 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL); 703 } 704 netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count); 705 hostif_sme_enqueue(priv, SME_START_CONFIRM); 706} 707 708static 709void hostif_connect_indication(struct ks_wlan_private *priv) 710{ 711 u16 connect_code; 712 unsigned int tmp = 0; 713 unsigned int old_status = priv->connect_status; 714 struct net_device *netdev = priv->net_dev; 715 union iwreq_data wrqu0; 716 717 connect_code = get_word(priv); 718 719 switch (connect_code) { 720 case RESULT_CONNECT: 721 if (!(priv->connect_status & FORCE_DISCONNECT)) 722 netif_carrier_on(netdev); 723 tmp = FORCE_DISCONNECT & priv->connect_status; 724 priv->connect_status = tmp + CONNECT_STATUS; 725 break; 726 case RESULT_DISCONNECT: 727 netif_carrier_off(netdev); 728 tmp = FORCE_DISCONNECT & priv->connect_status; 729 priv->connect_status = tmp + DISCONNECT_STATUS; 730 break; 731 default: 732 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n", 733 connect_code, priv->scan_ind_count); 734 netif_carrier_off(netdev); 735 tmp = FORCE_DISCONNECT & priv->connect_status; 736 priv->connect_status = tmp + DISCONNECT_STATUS; 737 break; 738 } 739 740 get_current_ap(priv, (struct link_ap_info *)priv->rxp); 741 if (is_connect_status(priv->connect_status) && 742 is_disconnect_status(old_status)) { 743 /* for power save */ 744 atomic_set(&priv->psstatus.snooze_guard, 0); 745 atomic_set(&priv->psstatus.confirm_wait, 0); 746 } 747 ks_wlan_do_power_save(priv); 748 749 wrqu0.data.length = 0; 750 wrqu0.data.flags = 0; 751 wrqu0.ap_addr.sa_family = ARPHRD_ETHER; 752 if (is_disconnect_status(priv->connect_status) && 753 is_connect_status(old_status)) { 754 eth_zero_addr(wrqu0.ap_addr.sa_data); 755 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n", 756 priv->scan_ind_count); 757 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL); 758 } 759 priv->scan_ind_count = 0; 760} 761 762static 763void hostif_scan_indication(struct ks_wlan_private *priv) 764{ 765 int i; 766 struct ap_info *ap_info; 767 768 netdev_dbg(priv->net_dev, 769 "scan_ind_count = %d\n", priv->scan_ind_count); 770 ap_info = (struct ap_info *)(priv->rxp); 771 772 if (priv->scan_ind_count) { 773 /* bssid check */ 774 for (i = 0; i < priv->aplist.size; i++) { 775 u8 *bssid = priv->aplist.ap[i].bssid; 776 777 if (ether_addr_equal(ap_info->bssid, bssid)) 778 continue; 779 780 if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP) 781 get_ap_information(priv, ap_info, 782 &priv->aplist.ap[i]); 783 return; 784 } 785 } 786 priv->scan_ind_count++; 787 if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) { 788 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n", 789 priv->scan_ind_count, priv->aplist.size); 790 get_ap_information(priv, (struct ap_info *)(priv->rxp), 791 &priv->aplist.ap[priv->scan_ind_count - 1]); 792 priv->aplist.size = priv->scan_ind_count; 793 } else { 794 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n", 795 priv->scan_ind_count); 796 } 797} 798 799static 800void hostif_stop_confirm(struct ks_wlan_private *priv) 801{ 802 unsigned int tmp = 0; 803 unsigned int old_status = priv->connect_status; 804 struct net_device *netdev = priv->net_dev; 805 union iwreq_data wrqu0; 806 807 if (priv->dev_state == DEVICE_STATE_SLEEP) 808 priv->dev_state = DEVICE_STATE_READY; 809 810 /* disconnect indication */ 811 if (is_connect_status(priv->connect_status)) { 812 netif_carrier_off(netdev); 813 tmp = FORCE_DISCONNECT & priv->connect_status; 814 priv->connect_status = tmp | DISCONNECT_STATUS; 815 netdev_info(netdev, "IWEVENT: disconnect\n"); 816 817 wrqu0.data.length = 0; 818 wrqu0.data.flags = 0; 819 wrqu0.ap_addr.sa_family = ARPHRD_ETHER; 820 if (is_disconnect_status(priv->connect_status) && 821 is_connect_status(old_status)) { 822 eth_zero_addr(wrqu0.ap_addr.sa_data); 823 netdev_info(netdev, "IWEVENT: disconnect\n"); 824 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL); 825 } 826 priv->scan_ind_count = 0; 827 } 828 829 hostif_sme_enqueue(priv, SME_STOP_CONFIRM); 830} 831 832static 833void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv) 834{ 835 priv->infra_status = 0; /* infrastructure mode cancel */ 836 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 837} 838 839static 840void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv) 841{ 842 get_word(priv); /* result_code */ 843 priv->infra_status = 1; /* infrastructure mode set */ 844 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 845} 846 847static 848void hostif_adhoc_set_confirm(struct ks_wlan_private *priv) 849{ 850 priv->infra_status = 1; /* infrastructure mode set */ 851 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 852} 853 854static 855void hostif_associate_indication(struct ks_wlan_private *priv) 856{ 857 struct association_request *assoc_req; 858 struct association_response *assoc_resp; 859 unsigned char *pb; 860 union iwreq_data wrqu; 861 char buf[IW_CUSTOM_MAX]; 862 char *pbuf = &buf[0]; 863 int i; 864 865 static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs="; 866 static const char associnfo_leader1[] = " RespIEs="; 867 868 assoc_req = (struct association_request *)(priv->rxp); 869 assoc_resp = (struct association_response *)(assoc_req + 1); 870 pb = (unsigned char *)(assoc_resp + 1); 871 872 memset(&wrqu, 0, sizeof(wrqu)); 873 memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1); 874 wrqu.data.length += sizeof(associnfo_leader0) - 1; 875 pbuf += sizeof(associnfo_leader0) - 1; 876 877 for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++) 878 pbuf += sprintf(pbuf, "%02x", *(pb + i)); 879 wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2; 880 881 memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1); 882 wrqu.data.length += sizeof(associnfo_leader1) - 1; 883 pbuf += sizeof(associnfo_leader1) - 1; 884 885 pb += le16_to_cpu(assoc_req->req_ies_size); 886 for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++) 887 pbuf += sprintf(pbuf, "%02x", *(pb + i)); 888 wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2; 889 890 pbuf += sprintf(pbuf, ")"); 891 wrqu.data.length += 1; 892 893 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf); 894} 895 896static 897void hostif_bss_scan_confirm(struct ks_wlan_private *priv) 898{ 899 u32 result_code; 900 struct net_device *dev = priv->net_dev; 901 union iwreq_data wrqu; 902 903 result_code = get_dword(priv); 904 netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n", 905 result_code, priv->scan_ind_count); 906 907 priv->sme_i.sme_flag &= ~SME_AP_SCAN; 908 hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM); 909 910 wrqu.data.length = 0; 911 wrqu.data.flags = 0; 912 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); 913 priv->scan_ind_count = 0; 914} 915 916static 917void hostif_phy_information_confirm(struct ks_wlan_private *priv) 918{ 919 struct iw_statistics *wstats = &priv->wstats; 920 u8 rssi, signal; 921 u8 link_speed; 922 u32 transmitted_frame_count, received_fragment_count; 923 u32 failed_count, fcs_error_count; 924 925 rssi = get_byte(priv); 926 signal = get_byte(priv); 927 get_byte(priv); /* noise */ 928 link_speed = get_byte(priv); 929 transmitted_frame_count = get_dword(priv); 930 received_fragment_count = get_dword(priv); 931 failed_count = get_dword(priv); 932 fcs_error_count = get_dword(priv); 933 934 netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n", 935 rssi, signal); 936 priv->current_rate = (link_speed & RATE_MASK); 937 wstats->qual.qual = signal; 938 wstats->qual.level = 256 - rssi; 939 wstats->qual.noise = 0; /* invalid noise value */ 940 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM; 941 942 netdev_dbg(priv->net_dev, "\n rssi=%u\n" 943 " signal=%u\n" 944 " link_speed=%ux500Kbps\n" 945 " transmitted_frame_count=%u\n" 946 " received_fragment_count=%u\n" 947 " failed_count=%u\n" 948 " fcs_error_count=%u\n", 949 rssi, signal, link_speed, transmitted_frame_count, 950 received_fragment_count, failed_count, fcs_error_count); 951 /* wake_up_interruptible_all(&priv->confirm_wait); */ 952 complete(&priv->confirm_wait); 953} 954 955static 956void hostif_mic_failure_confirm(struct ks_wlan_private *priv) 957{ 958 netdev_dbg(priv->net_dev, "mic_failure=%u\n", 959 priv->wpa.mic_failure.failure); 960 hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM); 961} 962 963static 964void hostif_event_check(struct ks_wlan_private *priv) 965{ 966 u16 event; 967 968 event = get_word(priv); 969 switch (event) { 970 case HIF_DATA_IND: 971 hostif_data_indication(priv); 972 break; 973 case HIF_MIB_GET_CONF: 974 hostif_mib_get_confirm(priv); 975 break; 976 case HIF_MIB_SET_CONF: 977 hostif_mib_set_confirm(priv); 978 break; 979 case HIF_POWER_MGMT_CONF: 980 hostif_power_mgmt_confirm(priv); 981 break; 982 case HIF_SLEEP_CONF: 983 hostif_sleep_confirm(priv); 984 break; 985 case HIF_START_CONF: 986 hostif_start_confirm(priv); 987 break; 988 case HIF_CONNECT_IND: 989 hostif_connect_indication(priv); 990 break; 991 case HIF_STOP_CONF: 992 hostif_stop_confirm(priv); 993 break; 994 case HIF_PS_ADH_SET_CONF: 995 hostif_ps_adhoc_set_confirm(priv); 996 break; 997 case HIF_INFRA_SET_CONF: 998 case HIF_INFRA_SET2_CONF: 999 hostif_infrastructure_set_confirm(priv); 1000 break; 1001 case HIF_ADH_SET_CONF: 1002 case HIF_ADH_SET2_CONF: 1003 hostif_adhoc_set_confirm(priv); 1004 break; 1005 case HIF_ASSOC_INFO_IND: 1006 hostif_associate_indication(priv); 1007 break; 1008 case HIF_MIC_FAILURE_CONF: 1009 hostif_mic_failure_confirm(priv); 1010 break; 1011 case HIF_SCAN_CONF: 1012 hostif_bss_scan_confirm(priv); 1013 break; 1014 case HIF_PHY_INFO_CONF: 1015 case HIF_PHY_INFO_IND: 1016 hostif_phy_information_confirm(priv); 1017 break; 1018 case HIF_SCAN_IND: 1019 hostif_scan_indication(priv); 1020 break; 1021 case HIF_AP_SET_CONF: 1022 default: 1023 netdev_err(priv->net_dev, "undefined event[%04X]\n", event); 1024 /* wake_up_all(&priv->confirm_wait); */ 1025 complete(&priv->confirm_wait); 1026 break; 1027 } 1028 1029 /* add event to hostt buffer */ 1030 priv->hostt.buff[priv->hostt.qtail] = event; 1031 priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE; 1032} 1033 1034/* allocate size bytes, set header size and event */ 1035static void *hostif_generic_request(size_t size, int event) 1036{ 1037 struct hostif_hdr *p; 1038 1039 p = kzalloc(hif_align_size(size), GFP_ATOMIC); 1040 if (!p) 1041 return NULL; 1042 1043 p->size = cpu_to_le16(size - sizeof(p->size)); 1044 p->event = cpu_to_le16(event); 1045 1046 return p; 1047} 1048 1049int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb) 1050{ 1051 unsigned int skb_len = 0; 1052 unsigned char *buffer = NULL; 1053 unsigned int length = 0; 1054 struct hostif_data_request *pp; 1055 unsigned char *p; 1056 unsigned short eth_proto; 1057 struct ether_hdr *eth_hdr; 1058 unsigned short keyinfo = 0; 1059 struct ieee802_1x_hdr *aa1x_hdr; 1060 struct wpa_eapol_key *eap_key; 1061 struct ethhdr *eth; 1062 size_t size; 1063 int ret; 1064 1065 skb_len = skb->len; 1066 if (skb_len > ETH_FRAME_LEN) { 1067 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len); 1068 ret = -EOVERFLOW; 1069 goto err_kfree_skb; 1070 } 1071 1072 if (is_disconnect_status(priv->connect_status) || 1073 (priv->connect_status & FORCE_DISCONNECT) || 1074 priv->wpa.mic_failure.stop) { 1075 if (netif_queue_stopped(priv->net_dev)) 1076 netif_wake_queue(priv->net_dev); 1077 1078 dev_kfree_skb(skb); 1079 1080 return 0; 1081 } 1082 1083 /* power save wakeup */ 1084 if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) { 1085 if (!netif_queue_stopped(priv->net_dev)) 1086 netif_stop_queue(priv->net_dev); 1087 } 1088 1089 size = sizeof(*pp) + 6 + skb_len + 8; 1090 pp = kmalloc(hif_align_size(size), GFP_ATOMIC); 1091 if (!pp) { 1092 ret = -ENOMEM; 1093 goto err_kfree_skb; 1094 } 1095 1096 p = (unsigned char *)pp->data; 1097 1098 buffer = skb->data; 1099 length = skb->len; 1100 1101 /* skb check */ 1102 eth = (struct ethhdr *)skb->data; 1103 if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) { 1104 netdev_err(priv->net_dev, 1105 "Invalid mac address: ethernet->h_source=%pM\n", 1106 eth->h_source); 1107 ret = -ENXIO; 1108 goto err_kfree; 1109 } 1110 1111 /* dest and src MAC address copy */ 1112 size = ETH_ALEN * 2; 1113 memcpy(p, buffer, size); 1114 p += size; 1115 buffer += size; 1116 length -= size; 1117 1118 /* EtherType/Length check */ 1119 if (*(buffer + 1) + (*buffer << 8) > 1500) { 1120 /* ProtocolEAP = *(buffer+1) + (*buffer << 8); */ 1121 /* SAP/CTL/OUI(6 byte) add */ 1122 *p++ = 0xAA; /* DSAP */ 1123 *p++ = 0xAA; /* SSAP */ 1124 *p++ = 0x03; /* CTL */ 1125 *p++ = 0x00; /* OUI ("000000") */ 1126 *p++ = 0x00; /* OUI ("000000") */ 1127 *p++ = 0x00; /* OUI ("000000") */ 1128 skb_len += 6; 1129 } else { 1130 /* Length(2 byte) delete */ 1131 buffer += 2; 1132 length -= 2; 1133 skb_len -= 2; 1134 } 1135 1136 /* pp->data copy */ 1137 memcpy(p, buffer, length); 1138 1139 p += length; 1140 1141 /* for WPA */ 1142 eth_hdr = (struct ether_hdr *)&pp->data[0]; 1143 eth_proto = ntohs(eth_hdr->h_proto); 1144 1145 /* for MIC FAILURE REPORT check */ 1146 if (eth_proto == ETH_P_PAE && 1147 priv->wpa.mic_failure.failure > 0) { 1148 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1); 1149 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) { 1150 eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1); 1151 keyinfo = ntohs(eap_key->key_info); 1152 } 1153 } 1154 1155 if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) { 1156 /* no encryption */ 1157 if (eth_proto == ETH_P_PAE && 1158 priv->wpa.key[1].key_len == 0 && 1159 priv->wpa.key[2].key_len == 0 && 1160 priv->wpa.key[3].key_len == 0) { 1161 pp->auth_type = cpu_to_le16(TYPE_AUTH); 1162 } else { 1163 if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) { 1164 u8 mic[MICHAEL_MIC_LEN]; 1165 1166 ret = michael_mic(priv->wpa.key[0].tx_mic_key, 1167 &pp->data[0], skb_len, 1168 0, mic); 1169 if (ret < 0) 1170 goto err_kfree; 1171 1172 memcpy(p, mic, sizeof(mic)); 1173 length += sizeof(mic); 1174 skb_len += sizeof(mic); 1175 p += sizeof(mic); 1176 pp->auth_type = 1177 cpu_to_le16(TYPE_DATA); 1178 } else if (priv->wpa.pairwise_suite == 1179 IW_AUTH_CIPHER_CCMP) { 1180 pp->auth_type = 1181 cpu_to_le16(TYPE_DATA); 1182 } 1183 } 1184 } else { 1185 if (eth_proto == ETH_P_PAE) 1186 pp->auth_type = cpu_to_le16(TYPE_AUTH); 1187 else 1188 pp->auth_type = cpu_to_le16(TYPE_DATA); 1189 } 1190 1191 /* header value set */ 1192 pp->header.size = 1193 cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len)); 1194 pp->header.event = cpu_to_le16(HIF_DATA_REQ); 1195 1196 /* tx request */ 1197 ret = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len), 1198 send_packet_complete, skb); 1199 1200 /* MIC FAILURE REPORT check */ 1201 if (eth_proto == ETH_P_PAE && 1202 priv->wpa.mic_failure.failure > 0) { 1203 if (keyinfo & WPA_KEY_INFO_ERROR && 1204 keyinfo & WPA_KEY_INFO_REQUEST) { 1205 netdev_err(priv->net_dev, 1206 "MIC ERROR Report SET : %04X\n", keyinfo); 1207 hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST); 1208 } 1209 if (priv->wpa.mic_failure.failure == 2) 1210 priv->wpa.mic_failure.stop = 1; 1211 } 1212 1213 return ret; 1214 1215err_kfree: 1216 kfree(pp); 1217err_kfree_skb: 1218 dev_kfree_skb(skb); 1219 1220 return ret; 1221} 1222 1223static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv) 1224{ 1225 if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET) 1226 atomic_inc(&priv->psstatus.confirm_wait); 1227} 1228 1229static inline void send_request_to_device(struct ks_wlan_private *priv, 1230 void *data, size_t size) 1231{ 1232 ps_confirm_wait_inc(priv); 1233 ks_wlan_hw_tx(priv, data, size, NULL, NULL); 1234} 1235 1236static void hostif_mib_get_request(struct ks_wlan_private *priv, 1237 u32 mib_attribute) 1238{ 1239 struct hostif_mib_get_request *pp; 1240 1241 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ); 1242 if (!pp) 1243 return; 1244 1245 pp->mib_attribute = cpu_to_le32(mib_attribute); 1246 1247 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1248} 1249 1250static void hostif_mib_set_request(struct ks_wlan_private *priv, 1251 enum mib_attribute attr, 1252 enum mib_data_type type, 1253 void *data, size_t size) 1254{ 1255 struct hostif_mib_set_request_t *pp; 1256 1257 if (priv->dev_state < DEVICE_STATE_BOOT) 1258 return; 1259 1260 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ); 1261 if (!pp) 1262 return; 1263 1264 pp->mib_attribute = cpu_to_le32(attr); 1265 pp->mib_value.size = cpu_to_le16(size); 1266 pp->mib_value.type = cpu_to_le16(type); 1267 memcpy(&pp->mib_value.body, data, size); 1268 1269 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size)); 1270} 1271 1272static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv, 1273 enum mib_attribute attr, int val) 1274{ 1275 __le32 v = cpu_to_le32(val); 1276 size_t size = sizeof(v); 1277 1278 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size); 1279} 1280 1281static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv, 1282 enum mib_attribute attr, 1283 bool val) 1284{ 1285 __le32 v = cpu_to_le32(val); 1286 size_t size = sizeof(v); 1287 1288 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size); 1289} 1290 1291static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv, 1292 enum mib_attribute attr, 1293 void *data, size_t size) 1294{ 1295 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size); 1296} 1297 1298static 1299void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode) 1300{ 1301 struct hostif_start_request *pp; 1302 1303 pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ); 1304 if (!pp) 1305 return; 1306 1307 pp->mode = cpu_to_le16(mode); 1308 1309 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1310 1311 priv->aplist.size = 0; 1312 priv->scan_ind_count = 0; 1313} 1314 1315static __le16 ks_wlan_cap(struct ks_wlan_private *priv) 1316{ 1317 u16 capability = 0x0000; 1318 1319 if (priv->reg.preamble == SHORT_PREAMBLE) 1320 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE; 1321 1322 capability &= ~(WLAN_CAPABILITY_PBCC); /* pbcc not support */ 1323 1324 if (priv->reg.phy_type != D_11B_ONLY_MODE) { 1325 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 1326 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM); 1327 } 1328 1329 return cpu_to_le16(capability); 1330} 1331 1332static void init_request(struct ks_wlan_private *priv, 1333 struct hostif_request *req) 1334{ 1335 req->phy_type = cpu_to_le16(priv->reg.phy_type); 1336 req->cts_mode = cpu_to_le16(priv->reg.cts_mode); 1337 req->scan_type = cpu_to_le16(priv->reg.scan_type); 1338 req->rate_set.size = priv->reg.rate_set.size; 1339 req->capability = ks_wlan_cap(priv); 1340 memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0], 1341 priv->reg.rate_set.size); 1342} 1343 1344static 1345void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv) 1346{ 1347 struct hostif_ps_adhoc_set_request *pp; 1348 1349 pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ); 1350 if (!pp) 1351 return; 1352 1353 init_request(priv, &pp->request); 1354 pp->channel = cpu_to_le16(priv->reg.channel); 1355 1356 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1357} 1358 1359static 1360void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event) 1361{ 1362 struct hostif_infrastructure_set_request *pp; 1363 1364 pp = hostif_generic_request(sizeof(*pp), event); 1365 if (!pp) 1366 return; 1367 1368 init_request(priv, &pp->request); 1369 pp->ssid.size = priv->reg.ssid.size; 1370 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1371 pp->beacon_lost_count = 1372 cpu_to_le16(priv->reg.beacon_lost_count); 1373 pp->auth_type = cpu_to_le16(priv->reg.authenticate_type); 1374 1375 pp->channel_list.body[0] = 1; 1376 pp->channel_list.body[1] = 8; 1377 pp->channel_list.body[2] = 2; 1378 pp->channel_list.body[3] = 9; 1379 pp->channel_list.body[4] = 3; 1380 pp->channel_list.body[5] = 10; 1381 pp->channel_list.body[6] = 4; 1382 pp->channel_list.body[7] = 11; 1383 pp->channel_list.body[8] = 5; 1384 pp->channel_list.body[9] = 12; 1385 pp->channel_list.body[10] = 6; 1386 pp->channel_list.body[11] = 13; 1387 pp->channel_list.body[12] = 7; 1388 if (priv->reg.phy_type == D_11G_ONLY_MODE) { 1389 pp->channel_list.size = 13; 1390 } else { 1391 pp->channel_list.body[13] = 14; 1392 pp->channel_list.size = 14; 1393 } 1394 1395 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1396} 1397 1398static 1399void hostif_adhoc_set_request(struct ks_wlan_private *priv) 1400{ 1401 struct hostif_adhoc_set_request *pp; 1402 1403 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ); 1404 if (!pp) 1405 return; 1406 1407 init_request(priv, &pp->request); 1408 pp->channel = cpu_to_le16(priv->reg.channel); 1409 pp->ssid.size = priv->reg.ssid.size; 1410 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1411 1412 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1413} 1414 1415static 1416void hostif_adhoc_set2_request(struct ks_wlan_private *priv) 1417{ 1418 struct hostif_adhoc_set2_request *pp; 1419 1420 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ); 1421 if (!pp) 1422 return; 1423 1424 init_request(priv, &pp->request); 1425 pp->ssid.size = priv->reg.ssid.size; 1426 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1427 1428 pp->channel_list.body[0] = priv->reg.channel; 1429 pp->channel_list.size = 1; 1430 memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN); 1431 1432 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1433} 1434 1435static 1436void hostif_stop_request(struct ks_wlan_private *priv) 1437{ 1438 struct hostif_stop_request *pp; 1439 1440 pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ); 1441 if (!pp) 1442 return; 1443 1444 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1445} 1446 1447static 1448void hostif_phy_information_request(struct ks_wlan_private *priv) 1449{ 1450 struct hostif_phy_information_request *pp; 1451 1452 pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ); 1453 if (!pp) 1454 return; 1455 1456 if (priv->reg.phy_info_timer) { 1457 pp->type = cpu_to_le16(TIME_TYPE); 1458 pp->time = cpu_to_le16(priv->reg.phy_info_timer); 1459 } else { 1460 pp->type = cpu_to_le16(NORMAL_TYPE); 1461 pp->time = cpu_to_le16(0); 1462 } 1463 1464 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1465} 1466 1467static 1468void hostif_power_mgmt_request(struct ks_wlan_private *priv, 1469 u32 mode, u32 wake_up, u32 receive_dtims) 1470{ 1471 struct hostif_power_mgmt_request *pp; 1472 1473 pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ); 1474 if (!pp) 1475 return; 1476 1477 pp->mode = cpu_to_le32(mode); 1478 pp->wake_up = cpu_to_le32(wake_up); 1479 pp->receive_dtims = cpu_to_le32(receive_dtims); 1480 1481 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1482} 1483 1484static 1485void hostif_sleep_request(struct ks_wlan_private *priv, 1486 enum sleep_mode_type mode) 1487{ 1488 struct hostif_sleep_request *pp; 1489 1490 if (mode == SLP_SLEEP) { 1491 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ); 1492 if (!pp) 1493 return; 1494 1495 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1496 } else if (mode == SLP_ACTIVE) { 1497 atomic_set(&priv->sleepstatus.wakeup_request, 1); 1498 queue_delayed_work(priv->wq, &priv->rw_dwork, 1); 1499 } else { 1500 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode); 1501 return; 1502 } 1503} 1504 1505static 1506void hostif_bss_scan_request(struct ks_wlan_private *priv, 1507 unsigned long scan_type, u8 *scan_ssid, 1508 u8 scan_ssid_len) 1509{ 1510 struct hostif_bss_scan_request *pp; 1511 1512 pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ); 1513 if (!pp) 1514 return; 1515 1516 pp->scan_type = scan_type; 1517 1518 pp->ch_time_min = cpu_to_le32(110); /* default value */ 1519 pp->ch_time_max = cpu_to_le32(130); /* default value */ 1520 pp->channel_list.body[0] = 1; 1521 pp->channel_list.body[1] = 8; 1522 pp->channel_list.body[2] = 2; 1523 pp->channel_list.body[3] = 9; 1524 pp->channel_list.body[4] = 3; 1525 pp->channel_list.body[5] = 10; 1526 pp->channel_list.body[6] = 4; 1527 pp->channel_list.body[7] = 11; 1528 pp->channel_list.body[8] = 5; 1529 pp->channel_list.body[9] = 12; 1530 pp->channel_list.body[10] = 6; 1531 pp->channel_list.body[11] = 13; 1532 pp->channel_list.body[12] = 7; 1533 if (priv->reg.phy_type == D_11G_ONLY_MODE) { 1534 pp->channel_list.size = 13; 1535 } else { 1536 pp->channel_list.body[13] = 14; 1537 pp->channel_list.size = 14; 1538 } 1539 pp->ssid.size = 0; 1540 1541 /* specified SSID SCAN */ 1542 if (scan_ssid_len > 0 && scan_ssid_len <= 32) { 1543 pp->ssid.size = scan_ssid_len; 1544 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len); 1545 } 1546 1547 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1548 1549 priv->aplist.size = 0; 1550 priv->scan_ind_count = 0; 1551} 1552 1553static 1554void hostif_mic_failure_request(struct ks_wlan_private *priv, 1555 u16 failure_count, u16 timer) 1556{ 1557 struct hostif_mic_failure_request *pp; 1558 1559 pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ); 1560 if (!pp) 1561 return; 1562 1563 pp->failure_count = cpu_to_le16(failure_count); 1564 pp->timer = cpu_to_le16(timer); 1565 1566 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1567} 1568 1569/* Device I/O Receive indicate */ 1570static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p, 1571 unsigned int size) 1572{ 1573 if (!priv->is_device_open) 1574 return; 1575 1576 spin_lock(&priv->dev_read_lock); 1577 priv->dev_data[atomic_read(&priv->rec_count)] = p; 1578 priv->dev_size[atomic_read(&priv->rec_count)] = size; 1579 1580 if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) { 1581 /* rx event count inc */ 1582 atomic_inc(&priv->event_count); 1583 } 1584 atomic_inc(&priv->rec_count); 1585 if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT) 1586 atomic_set(&priv->rec_count, 0); 1587 1588 wake_up_interruptible_all(&priv->devread_wait); 1589 1590 spin_unlock(&priv->dev_read_lock); 1591} 1592 1593void hostif_receive(struct ks_wlan_private *priv, unsigned char *p, 1594 unsigned int size) 1595{ 1596 devio_rec_ind(priv, p, size); 1597 1598 priv->rxp = p; 1599 priv->rx_size = size; 1600 1601 if (get_word(priv) == priv->rx_size) 1602 hostif_event_check(priv); 1603} 1604 1605static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type) 1606{ 1607 switch (type) { 1608 case SME_WEP_INDEX_REQUEST: 1609 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID, 1610 priv->reg.wep_index); 1611 break; 1612 case SME_WEP_KEY1_REQUEST: 1613 if (priv->wpa.wpa_enabled) 1614 return; 1615 hostif_mib_set_request_ostring(priv, 1616 DOT11_WEP_DEFAULT_KEY_VALUE1, 1617 &priv->reg.wep_key[0].val[0], 1618 priv->reg.wep_key[0].size); 1619 break; 1620 case SME_WEP_KEY2_REQUEST: 1621 if (priv->wpa.wpa_enabled) 1622 return; 1623 hostif_mib_set_request_ostring(priv, 1624 DOT11_WEP_DEFAULT_KEY_VALUE2, 1625 &priv->reg.wep_key[1].val[0], 1626 priv->reg.wep_key[1].size); 1627 break; 1628 case SME_WEP_KEY3_REQUEST: 1629 if (priv->wpa.wpa_enabled) 1630 return; 1631 hostif_mib_set_request_ostring(priv, 1632 DOT11_WEP_DEFAULT_KEY_VALUE3, 1633 &priv->reg.wep_key[2].val[0], 1634 priv->reg.wep_key[2].size); 1635 break; 1636 case SME_WEP_KEY4_REQUEST: 1637 if (priv->wpa.wpa_enabled) 1638 return; 1639 hostif_mib_set_request_ostring(priv, 1640 DOT11_WEP_DEFAULT_KEY_VALUE4, 1641 &priv->reg.wep_key[3].val[0], 1642 priv->reg.wep_key[3].size); 1643 break; 1644 case SME_WEP_FLAG_REQUEST: 1645 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED, 1646 priv->reg.privacy_invoked); 1647 break; 1648 } 1649} 1650 1651struct wpa_suite { 1652 __le16 size; 1653 unsigned char suite[4][CIPHER_ID_LEN]; 1654} __packed; 1655 1656struct rsn_mode { 1657 __le32 rsn_mode; 1658 __le16 rsn_capability; 1659} __packed; 1660 1661static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type) 1662{ 1663 struct wpa_suite wpa_suite; 1664 struct rsn_mode rsn_mode; 1665 size_t size; 1666 u32 mode; 1667 const u8 *buf = NULL; 1668 1669 memset(&wpa_suite, 0, sizeof(wpa_suite)); 1670 1671 switch (type) { 1672 case SME_RSN_UCAST_REQUEST: 1673 wpa_suite.size = cpu_to_le16(1); 1674 switch (priv->wpa.pairwise_suite) { 1675 case IW_AUTH_CIPHER_NONE: 1676 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1677 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE; 1678 break; 1679 case IW_AUTH_CIPHER_WEP40: 1680 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1681 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40; 1682 break; 1683 case IW_AUTH_CIPHER_TKIP: 1684 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1685 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP; 1686 break; 1687 case IW_AUTH_CIPHER_CCMP: 1688 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1689 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP; 1690 break; 1691 case IW_AUTH_CIPHER_WEP104: 1692 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1693 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104; 1694 break; 1695 } 1696 1697 if (buf) 1698 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN); 1699 size = sizeof(wpa_suite.size) + 1700 (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size)); 1701 hostif_mib_set_request_ostring(priv, 1702 DOT11_RSN_CONFIG_UNICAST_CIPHER, 1703 &wpa_suite, size); 1704 break; 1705 case SME_RSN_MCAST_REQUEST: 1706 switch (priv->wpa.group_suite) { 1707 case IW_AUTH_CIPHER_NONE: 1708 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1709 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE; 1710 break; 1711 case IW_AUTH_CIPHER_WEP40: 1712 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1713 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40; 1714 break; 1715 case IW_AUTH_CIPHER_TKIP: 1716 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1717 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP; 1718 break; 1719 case IW_AUTH_CIPHER_CCMP: 1720 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1721 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP; 1722 break; 1723 case IW_AUTH_CIPHER_WEP104: 1724 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1725 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104; 1726 break; 1727 } 1728 if (buf) 1729 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN); 1730 hostif_mib_set_request_ostring(priv, 1731 DOT11_RSN_CONFIG_MULTICAST_CIPHER, 1732 &wpa_suite.suite[0][0], 1733 CIPHER_ID_LEN); 1734 break; 1735 case SME_RSN_AUTH_REQUEST: 1736 wpa_suite.size = cpu_to_le16(1); 1737 switch (priv->wpa.key_mgmt_suite) { 1738 case IW_AUTH_KEY_MGMT_802_1X: 1739 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1740 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X; 1741 break; 1742 case IW_AUTH_KEY_MGMT_PSK: 1743 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1744 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK; 1745 break; 1746 case 0: 1747 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1748 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE; 1749 break; 1750 case 4: 1751 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1752 KEY_MGMT_ID_WPA2_WPANONE : 1753 KEY_MGMT_ID_WPA_WPANONE; 1754 break; 1755 } 1756 1757 if (buf) 1758 memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN); 1759 size = sizeof(wpa_suite.size) + 1760 (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size)); 1761 hostif_mib_set_request_ostring(priv, 1762 DOT11_RSN_CONFIG_AUTH_SUITE, 1763 &wpa_suite, size); 1764 break; 1765 case SME_RSN_ENABLED_REQUEST: 1766 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED, 1767 priv->wpa.rsn_enabled); 1768 break; 1769 case SME_RSN_MODE_REQUEST: 1770 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1771 RSN_MODE_WPA2 : 1772 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ? 1773 RSN_MODE_WPA : RSN_MODE_NONE; 1774 rsn_mode.rsn_mode = cpu_to_le32(mode); 1775 rsn_mode.rsn_capability = cpu_to_le16(0); 1776 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE, 1777 &rsn_mode, sizeof(rsn_mode)); 1778 break; 1779 } 1780} 1781 1782static 1783void hostif_sme_mode_setup(struct ks_wlan_private *priv) 1784{ 1785 unsigned char rate_size; 1786 unsigned char rate_octet[RATE_SET_MAX_SIZE]; 1787 int i = 0; 1788 1789 /* rate setting if rate segging is auto for changing phy_type (#94) */ 1790 if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) { 1791 if (priv->reg.phy_type == D_11B_ONLY_MODE) { 1792 priv->reg.rate_set.body[3] = TX_RATE_11M; 1793 priv->reg.rate_set.body[2] = TX_RATE_5M; 1794 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE; 1795 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE; 1796 priv->reg.rate_set.size = 4; 1797 } else { /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */ 1798 priv->reg.rate_set.body[11] = TX_RATE_54M; 1799 priv->reg.rate_set.body[10] = TX_RATE_48M; 1800 priv->reg.rate_set.body[9] = TX_RATE_36M; 1801 priv->reg.rate_set.body[8] = TX_RATE_18M; 1802 priv->reg.rate_set.body[7] = TX_RATE_9M; 1803 priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE; 1804 priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE; 1805 priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE; 1806 priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE; 1807 priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE; 1808 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE; 1809 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE; 1810 priv->reg.rate_set.size = 12; 1811 } 1812 } 1813 1814 /* rate mask by phy setting */ 1815 if (priv->reg.phy_type == D_11B_ONLY_MODE) { 1816 for (i = 0; i < priv->reg.rate_set.size; i++) { 1817 if (!is_11b_rate(priv->reg.rate_set.body[i])) 1818 break; 1819 1820 if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) { 1821 rate_octet[i] = priv->reg.rate_set.body[i] & 1822 RATE_MASK; 1823 } else { 1824 rate_octet[i] = priv->reg.rate_set.body[i]; 1825 } 1826 } 1827 1828 } else { /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */ 1829 for (i = 0; i < priv->reg.rate_set.size; i++) { 1830 if (!is_11bg_rate(priv->reg.rate_set.body[i])) 1831 break; 1832 1833 if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) { 1834 rate_octet[i] = priv->reg.rate_set.body[i] & 1835 RATE_MASK; 1836 } else { 1837 rate_octet[i] = priv->reg.rate_set.body[i]; 1838 } 1839 } 1840 } 1841 rate_size = i; 1842 if (rate_size == 0) { 1843 if (priv->reg.phy_type == D_11G_ONLY_MODE) 1844 rate_octet[0] = TX_RATE_6M | BASIC_RATE; 1845 else 1846 rate_octet[0] = TX_RATE_2M | BASIC_RATE; 1847 rate_size = 1; 1848 } 1849 1850 /* rate set update */ 1851 priv->reg.rate_set.size = rate_size; 1852 memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size); 1853 1854 switch (priv->reg.operation_mode) { 1855 case MODE_PSEUDO_ADHOC: 1856 hostif_ps_adhoc_set_request(priv); 1857 break; 1858 case MODE_INFRASTRUCTURE: 1859 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) { 1860 hostif_infrastructure_set_request(priv, 1861 HIF_INFRA_SET_REQ); 1862 } else { 1863 hostif_infrastructure_set_request(priv, 1864 HIF_INFRA_SET2_REQ); 1865 netdev_dbg(priv->net_dev, 1866 "Infra bssid = %pM\n", priv->reg.bssid); 1867 } 1868 break; 1869 case MODE_ADHOC: 1870 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) { 1871 hostif_adhoc_set_request(priv); 1872 } else { 1873 hostif_adhoc_set2_request(priv); 1874 netdev_dbg(priv->net_dev, 1875 "Adhoc bssid = %pM\n", priv->reg.bssid); 1876 } 1877 break; 1878 default: 1879 break; 1880 } 1881} 1882 1883static 1884void hostif_sme_multicast_set(struct ks_wlan_private *priv) 1885{ 1886 struct net_device *dev = priv->net_dev; 1887 int mc_count; 1888 struct netdev_hw_addr *ha; 1889 char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN]; 1890 int i = 0; 1891 1892 spin_lock(&priv->multicast_spin); 1893 1894 memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN); 1895 1896 if (dev->flags & IFF_PROMISC) { 1897 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1898 MCAST_FILTER_PROMISC); 1899 goto spin_unlock; 1900 } 1901 1902 if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) || 1903 (dev->flags & IFF_ALLMULTI)) { 1904 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1905 MCAST_FILTER_MCASTALL); 1906 goto spin_unlock; 1907 } 1908 1909 if (priv->sme_i.sme_flag & SME_MULTICAST) { 1910 mc_count = netdev_mc_count(dev); 1911 netdev_for_each_mc_addr(ha, dev) { 1912 ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr); 1913 i++; 1914 } 1915 priv->sme_i.sme_flag &= ~SME_MULTICAST; 1916 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS, 1917 &set_address[0], 1918 ETH_ALEN * mc_count); 1919 } else { 1920 priv->sme_i.sme_flag |= SME_MULTICAST; 1921 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1922 MCAST_FILTER_MCAST); 1923 } 1924 1925spin_unlock: 1926 spin_unlock(&priv->multicast_spin); 1927} 1928 1929static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv) 1930{ 1931 u32 mode, wake_up, receive_dtims; 1932 1933 if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 && 1934 priv->reg.power_mgmt != POWER_MGMT_SAVE2) { 1935 mode = POWER_ACTIVE; 1936 wake_up = 0; 1937 receive_dtims = 0; 1938 } else { 1939 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ? 1940 POWER_SAVE : POWER_ACTIVE; 1941 wake_up = 0; 1942 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE && 1943 priv->reg.power_mgmt == POWER_MGMT_SAVE2); 1944 } 1945 1946 hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims); 1947} 1948 1949static void hostif_sme_sleep_set(struct ks_wlan_private *priv) 1950{ 1951 if (priv->sleep_mode != SLP_SLEEP && 1952 priv->sleep_mode != SLP_ACTIVE) 1953 return; 1954 1955 hostif_sleep_request(priv, priv->sleep_mode); 1956} 1957 1958static 1959void hostif_sme_set_key(struct ks_wlan_private *priv, int type) 1960{ 1961 switch (type) { 1962 case SME_SET_FLAG: 1963 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED, 1964 priv->reg.privacy_invoked); 1965 break; 1966 case SME_SET_TXKEY: 1967 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID, 1968 priv->wpa.txkey); 1969 break; 1970 case SME_SET_KEY1: 1971 hostif_mib_set_request_ostring(priv, 1972 DOT11_WEP_DEFAULT_KEY_VALUE1, 1973 &priv->wpa.key[0].key_val[0], 1974 priv->wpa.key[0].key_len); 1975 break; 1976 case SME_SET_KEY2: 1977 hostif_mib_set_request_ostring(priv, 1978 DOT11_WEP_DEFAULT_KEY_VALUE2, 1979 &priv->wpa.key[1].key_val[0], 1980 priv->wpa.key[1].key_len); 1981 break; 1982 case SME_SET_KEY3: 1983 hostif_mib_set_request_ostring(priv, 1984 DOT11_WEP_DEFAULT_KEY_VALUE3, 1985 &priv->wpa.key[2].key_val[0], 1986 priv->wpa.key[2].key_len); 1987 break; 1988 case SME_SET_KEY4: 1989 hostif_mib_set_request_ostring(priv, 1990 DOT11_WEP_DEFAULT_KEY_VALUE4, 1991 &priv->wpa.key[3].key_val[0], 1992 priv->wpa.key[3].key_len); 1993 break; 1994 case SME_SET_PMK_TSC: 1995 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC, 1996 &priv->wpa.key[0].rx_seq[0], 1997 WPA_RX_SEQ_LEN); 1998 break; 1999 case SME_SET_GMK1_TSC: 2000 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC, 2001 &priv->wpa.key[1].rx_seq[0], 2002 WPA_RX_SEQ_LEN); 2003 break; 2004 case SME_SET_GMK2_TSC: 2005 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC, 2006 &priv->wpa.key[2].rx_seq[0], 2007 WPA_RX_SEQ_LEN); 2008 break; 2009 } 2010} 2011 2012static 2013void hostif_sme_set_pmksa(struct ks_wlan_private *priv) 2014{ 2015 struct pmk_cache { 2016 __le16 size; 2017 struct { 2018 u8 bssid[ETH_ALEN]; 2019 u8 pmkid[IW_PMKID_LEN]; 2020 } __packed list[PMK_LIST_MAX]; 2021 } __packed pmkcache; 2022 struct pmk *pmk; 2023 size_t size; 2024 int i = 0; 2025 2026 list_for_each_entry(pmk, &priv->pmklist.head, list) { 2027 if (i >= PMK_LIST_MAX) 2028 break; 2029 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid); 2030 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN); 2031 i++; 2032 } 2033 pmkcache.size = cpu_to_le16(priv->pmklist.size); 2034 size = sizeof(priv->pmklist.size) + 2035 ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size); 2036 hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size); 2037} 2038 2039/* execute sme */ 2040static void hostif_sme_execute(struct ks_wlan_private *priv, int event) 2041{ 2042 u16 failure; 2043 2044 switch (event) { 2045 case SME_START: 2046 if (priv->dev_state == DEVICE_STATE_BOOT) 2047 hostif_mib_get_request(priv, DOT11_MAC_ADDRESS); 2048 break; 2049 case SME_MULTICAST_REQUEST: 2050 hostif_sme_multicast_set(priv); 2051 break; 2052 case SME_MACADDRESS_SET_REQUEST: 2053 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS, 2054 &priv->eth_addr[0], ETH_ALEN); 2055 break; 2056 case SME_BSS_SCAN_REQUEST: 2057 hostif_bss_scan_request(priv, priv->reg.scan_type, 2058 priv->scan_ssid, priv->scan_ssid_len); 2059 break; 2060 case SME_POW_MNGMT_REQUEST: 2061 hostif_sme_power_mgmt_set(priv); 2062 break; 2063 case SME_PHY_INFO_REQUEST: 2064 hostif_phy_information_request(priv); 2065 break; 2066 case SME_MIC_FAILURE_REQUEST: 2067 failure = priv->wpa.mic_failure.failure; 2068 if (failure != 1 && failure != 2) { 2069 netdev_err(priv->net_dev, 2070 "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n", 2071 failure); 2072 return; 2073 } 2074 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ? 2075 0 : priv->wpa.mic_failure.counter); 2076 break; 2077 case SME_MIC_FAILURE_CONFIRM: 2078 if (priv->wpa.mic_failure.failure == 2) { 2079 if (priv->wpa.mic_failure.stop) 2080 priv->wpa.mic_failure.stop = 0; 2081 priv->wpa.mic_failure.failure = 0; 2082 hostif_start_request(priv, priv->reg.operation_mode); 2083 } 2084 break; 2085 case SME_GET_MAC_ADDRESS: 2086 if (priv->dev_state == DEVICE_STATE_BOOT) 2087 hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION); 2088 break; 2089 case SME_GET_PRODUCT_VERSION: 2090 if (priv->dev_state == DEVICE_STATE_BOOT) 2091 priv->dev_state = DEVICE_STATE_PREINIT; 2092 break; 2093 case SME_STOP_REQUEST: 2094 hostif_stop_request(priv); 2095 break; 2096 case SME_RTS_THRESHOLD_REQUEST: 2097 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD, 2098 priv->reg.rts); 2099 break; 2100 case SME_FRAGMENTATION_THRESHOLD_REQUEST: 2101 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD, 2102 priv->reg.fragment); 2103 break; 2104 case SME_WEP_INDEX_REQUEST: 2105 case SME_WEP_KEY1_REQUEST: 2106 case SME_WEP_KEY2_REQUEST: 2107 case SME_WEP_KEY3_REQUEST: 2108 case SME_WEP_KEY4_REQUEST: 2109 case SME_WEP_FLAG_REQUEST: 2110 hostif_sme_set_wep(priv, event); 2111 break; 2112 case SME_RSN_UCAST_REQUEST: 2113 case SME_RSN_MCAST_REQUEST: 2114 case SME_RSN_AUTH_REQUEST: 2115 case SME_RSN_ENABLED_REQUEST: 2116 case SME_RSN_MODE_REQUEST: 2117 hostif_sme_set_rsn(priv, event); 2118 break; 2119 case SME_SET_FLAG: 2120 case SME_SET_TXKEY: 2121 case SME_SET_KEY1: 2122 case SME_SET_KEY2: 2123 case SME_SET_KEY3: 2124 case SME_SET_KEY4: 2125 case SME_SET_PMK_TSC: 2126 case SME_SET_GMK1_TSC: 2127 case SME_SET_GMK2_TSC: 2128 hostif_sme_set_key(priv, event); 2129 break; 2130 case SME_SET_PMKSA: 2131 hostif_sme_set_pmksa(priv); 2132 break; 2133 case SME_WPS_ENABLE_REQUEST: 2134 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE, 2135 priv->wps.wps_enabled); 2136 break; 2137 case SME_WPS_PROBE_REQUEST: 2138 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ, 2139 priv->wps.ie, priv->wps.ielen); 2140 break; 2141 case SME_MODE_SET_REQUEST: 2142 hostif_sme_mode_setup(priv); 2143 break; 2144 case SME_SET_GAIN: 2145 hostif_mib_set_request_ostring(priv, LOCAL_GAIN, 2146 &priv->gain, sizeof(priv->gain)); 2147 break; 2148 case SME_GET_GAIN: 2149 hostif_mib_get_request(priv, LOCAL_GAIN); 2150 break; 2151 case SME_GET_EEPROM_CKSUM: 2152 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT; /* initialize */ 2153 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM); 2154 break; 2155 case SME_START_REQUEST: 2156 hostif_start_request(priv, priv->reg.operation_mode); 2157 break; 2158 case SME_START_CONFIRM: 2159 /* for power save */ 2160 atomic_set(&priv->psstatus.snooze_guard, 0); 2161 atomic_set(&priv->psstatus.confirm_wait, 0); 2162 if (priv->dev_state == DEVICE_STATE_PREINIT) 2163 priv->dev_state = DEVICE_STATE_INIT; 2164 /* wake_up_interruptible_all(&priv->confirm_wait); */ 2165 complete(&priv->confirm_wait); 2166 break; 2167 case SME_SLEEP_REQUEST: 2168 hostif_sme_sleep_set(priv); 2169 break; 2170 case SME_SET_REGION: 2171 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region); 2172 break; 2173 case SME_MULTICAST_CONFIRM: 2174 case SME_BSS_SCAN_CONFIRM: 2175 case SME_POW_MNGMT_CONFIRM: 2176 case SME_PHY_INFO_CONFIRM: 2177 case SME_STOP_CONFIRM: 2178 case SME_RTS_THRESHOLD_CONFIRM: 2179 case SME_FRAGMENTATION_THRESHOLD_CONFIRM: 2180 case SME_WEP_INDEX_CONFIRM: 2181 case SME_WEP_KEY1_CONFIRM: 2182 case SME_WEP_KEY2_CONFIRM: 2183 case SME_WEP_KEY3_CONFIRM: 2184 case SME_WEP_KEY4_CONFIRM: 2185 case SME_WEP_FLAG_CONFIRM: 2186 case SME_RSN_UCAST_CONFIRM: 2187 case SME_RSN_MCAST_CONFIRM: 2188 case SME_RSN_AUTH_CONFIRM: 2189 case SME_RSN_ENABLED_CONFIRM: 2190 case SME_RSN_MODE_CONFIRM: 2191 case SME_MODE_SET_CONFIRM: 2192 case SME_TERMINATE: 2193 default: 2194 break; 2195 } 2196} 2197 2198static void hostif_sme_work(struct work_struct *work) 2199{ 2200 struct ks_wlan_private *priv; 2201 2202 priv = container_of(work, struct ks_wlan_private, sme_work); 2203 2204 if (priv->dev_state < DEVICE_STATE_BOOT) 2205 return; 2206 2207 if (cnt_smeqbody(priv) <= 0) 2208 return; 2209 2210 hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]); 2211 inc_smeqhead(priv); 2212 if (cnt_smeqbody(priv) > 0) 2213 schedule_work(&priv->sme_work); 2214} 2215 2216/* send to Station Management Entity module */ 2217void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event) 2218{ 2219 /* enqueue sme event */ 2220 if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) { 2221 priv->sme_i.event_buff[priv->sme_i.qtail] = event; 2222 inc_smeqtail(priv); 2223 } else { 2224 /* in case of buffer overflow */ 2225 netdev_err(priv->net_dev, "sme queue buffer overflow\n"); 2226 } 2227 2228 schedule_work(&priv->sme_work); 2229} 2230 2231static inline void hostif_aplist_init(struct ks_wlan_private *priv) 2232{ 2233 size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap); 2234 2235 priv->aplist.size = 0; 2236 memset(&priv->aplist.ap[0], 0, size); 2237} 2238 2239static inline void hostif_status_init(struct ks_wlan_private *priv) 2240{ 2241 priv->infra_status = 0; 2242 priv->current_rate = 4; 2243 priv->connect_status = DISCONNECT_STATUS; 2244} 2245 2246static inline void hostif_sme_init(struct ks_wlan_private *priv) 2247{ 2248 priv->sme_i.sme_status = SME_IDLE; 2249 priv->sme_i.qhead = 0; 2250 priv->sme_i.qtail = 0; 2251 spin_lock_init(&priv->sme_i.sme_spin); 2252 priv->sme_i.sme_flag = 0; 2253 INIT_WORK(&priv->sme_work, hostif_sme_work); 2254} 2255 2256static inline void hostif_wpa_init(struct ks_wlan_private *priv) 2257{ 2258 memset(&priv->wpa, 0, sizeof(priv->wpa)); 2259 priv->wpa.rsn_enabled = false; 2260 priv->wpa.mic_failure.failure = 0; 2261 priv->wpa.mic_failure.last_failure_time = 0; 2262 priv->wpa.mic_failure.stop = 0; 2263} 2264 2265static inline void hostif_power_save_init(struct ks_wlan_private *priv) 2266{ 2267 atomic_set(&priv->psstatus.status, PS_NONE); 2268 atomic_set(&priv->psstatus.confirm_wait, 0); 2269 atomic_set(&priv->psstatus.snooze_guard, 0); 2270 init_completion(&priv->psstatus.wakeup_wait); 2271 INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task); 2272} 2273 2274static inline void hostif_pmklist_init(struct ks_wlan_private *priv) 2275{ 2276 int i; 2277 2278 memset(&priv->pmklist, 0, sizeof(priv->pmklist)); 2279 INIT_LIST_HEAD(&priv->pmklist.head); 2280 for (i = 0; i < PMK_LIST_MAX; i++) 2281 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list); 2282} 2283 2284static inline void hostif_counters_init(struct ks_wlan_private *priv) 2285{ 2286 priv->dev_count = 0; 2287 atomic_set(&priv->event_count, 0); 2288 atomic_set(&priv->rec_count, 0); 2289} 2290 2291int hostif_init(struct ks_wlan_private *priv) 2292{ 2293 hostif_aplist_init(priv); 2294 hostif_status_init(priv); 2295 2296 spin_lock_init(&priv->multicast_spin); 2297 spin_lock_init(&priv->dev_read_lock); 2298 init_waitqueue_head(&priv->devread_wait); 2299 2300 hostif_counters_init(priv); 2301 hostif_power_save_init(priv); 2302 hostif_wpa_init(priv); 2303 hostif_pmklist_init(priv); 2304 hostif_sme_init(priv); 2305 2306 return 0; 2307} 2308 2309void hostif_exit(struct ks_wlan_private *priv) 2310{ 2311 cancel_work_sync(&priv->sme_work); 2312} 2313