ks_hostif.c (62504B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Driver for KeyStream wireless LAN cards. 4 * 5 * Copyright (C) 2005-2008 KeyStream Corp. 6 * Copyright (C) 2009 Renesas Technology Corp. 7 */ 8 9#include <crypto/hash.h> 10#include <linux/circ_buf.h> 11#include <linux/if_arp.h> 12#include <net/iw_handler.h> 13#include <uapi/linux/llc.h> 14#include "eap_packet.h" 15#include "ks_wlan.h" 16#include "ks_hostif.h" 17 18#define MICHAEL_MIC_KEY_LEN 8 19#define MICHAEL_MIC_LEN 8 20 21static inline void inc_smeqhead(struct ks_wlan_private *priv) 22{ 23 priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE; 24} 25 26static inline void inc_smeqtail(struct ks_wlan_private *priv) 27{ 28 priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE; 29} 30 31static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv) 32{ 33 return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail, 34 SME_EVENT_BUFF_SIZE); 35} 36 37static inline u8 get_byte(struct ks_wlan_private *priv) 38{ 39 u8 data; 40 41 data = *priv->rxp++; 42 /* length check in advance ! */ 43 --(priv->rx_size); 44 return data; 45} 46 47static inline u16 get_word(struct ks_wlan_private *priv) 48{ 49 u16 data; 50 51 data = (get_byte(priv) & 0xff); 52 data |= ((get_byte(priv) << 8) & 0xff00); 53 return data; 54} 55 56static inline u32 get_dword(struct ks_wlan_private *priv) 57{ 58 u32 data; 59 60 data = (get_byte(priv) & 0xff); 61 data |= ((get_byte(priv) << 8) & 0x0000ff00); 62 data |= ((get_byte(priv) << 16) & 0x00ff0000); 63 data |= ((get_byte(priv) << 24) & 0xff000000); 64 return data; 65} 66 67static void ks_wlan_hw_wakeup_task(struct work_struct *work) 68{ 69 struct ks_wlan_private *priv; 70 int ps_status; 71 long time_left; 72 73 priv = container_of(work, struct ks_wlan_private, wakeup_work); 74 ps_status = atomic_read(&priv->psstatus.status); 75 76 if (ps_status == PS_SNOOZE) { 77 ks_wlan_hw_wakeup_request(priv); 78 time_left = wait_for_completion_interruptible_timeout( 79 &priv->psstatus.wakeup_wait, 80 msecs_to_jiffies(20)); 81 if (time_left <= 0) { 82 netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n"); 83 schedule_work(&priv->wakeup_work); 84 return; 85 } 86 } 87} 88 89static void ks_wlan_do_power_save(struct ks_wlan_private *priv) 90{ 91 if (is_connect_status(priv->connect_status)) 92 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST); 93 else 94 priv->dev_state = DEVICE_STATE_READY; 95} 96 97static 98int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info) 99{ 100 struct local_ap *ap; 101 union iwreq_data wrqu; 102 struct net_device *netdev = priv->net_dev; 103 u8 size; 104 105 ap = &priv->current_ap; 106 107 if (is_disconnect_status(priv->connect_status)) { 108 memset(ap, 0, sizeof(struct local_ap)); 109 return -EPERM; 110 } 111 112 ether_addr_copy(ap->bssid, ap_info->bssid); 113 memcpy(ap->ssid.body, priv->reg.ssid.body, 114 priv->reg.ssid.size); 115 ap->ssid.size = priv->reg.ssid.size; 116 memcpy(ap->rate_set.body, ap_info->rate_set.body, 117 ap_info->rate_set.size); 118 ap->rate_set.size = ap_info->rate_set.size; 119 if (ap_info->ext_rate_set.size != 0) { 120 memcpy(&ap->rate_set.body[ap->rate_set.size], 121 ap_info->ext_rate_set.body, 122 ap_info->ext_rate_set.size); 123 ap->rate_set.size += ap_info->ext_rate_set.size; 124 } 125 ap->channel = ap_info->ds_parameter.channel; 126 ap->rssi = ap_info->rssi; 127 ap->sq = ap_info->sq; 128 ap->noise = ap_info->noise; 129 ap->capability = le16_to_cpu(ap_info->capability); 130 size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ? 131 ap_info->rsn.size : RSN_IE_BODY_MAX; 132 if ((ap_info->rsn_mode & RSN_MODE_WPA2) && 133 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) { 134 ap->rsn_ie.id = RSN_INFO_ELEM_ID; 135 ap->rsn_ie.size = size; 136 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size); 137 } else if ((ap_info->rsn_mode & RSN_MODE_WPA) && 138 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) { 139 ap->wpa_ie.id = WPA_INFO_ELEM_ID; 140 ap->wpa_ie.size = size; 141 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size); 142 } else { 143 ap->rsn_ie.id = 0; 144 ap->rsn_ie.size = 0; 145 ap->wpa_ie.id = 0; 146 ap->wpa_ie.size = 0; 147 } 148 149 wrqu.data.length = 0; 150 wrqu.data.flags = 0; 151 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 152 if (is_connect_status(priv->connect_status)) { 153 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid); 154 netdev_dbg(priv->net_dev, 155 "IWEVENT: connect bssid=%pM\n", 156 wrqu.ap_addr.sa_data); 157 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL); 158 } 159 netdev_dbg(priv->net_dev, "Link AP\n" 160 "- bssid=%pM\n" 161 "- essid=%s\n" 162 "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n" 163 "- channel=%d\n" 164 "- rssi=%d\n" 165 "- sq=%d\n" 166 "- capability=%04X\n" 167 "- rsn.mode=%d\n" 168 "- rsn.size=%d\n" 169 "- ext_rate_set_size=%d\n" 170 "- rate_set_size=%d\n", 171 ap->bssid, 172 &ap->ssid.body[0], 173 ap->rate_set.body[0], ap->rate_set.body[1], 174 ap->rate_set.body[2], ap->rate_set.body[3], 175 ap->rate_set.body[4], ap->rate_set.body[5], 176 ap->rate_set.body[6], ap->rate_set.body[7], 177 ap->channel, ap->rssi, ap->sq, ap->capability, 178 ap_info->rsn_mode, ap_info->rsn.size, 179 ap_info->ext_rate_set.size, ap_info->rate_set.size); 180 181 return 0; 182} 183 184static u8 read_ie(unsigned char *bp, u8 max, u8 *body) 185{ 186 u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max; 187 188 memcpy(body, bp + 2, size); 189 return size; 190} 191 192static int 193michael_mic(u8 *key, u8 *data, unsigned int len, u8 priority, u8 *result) 194{ 195 u8 pad_data[4] = { priority, 0, 0, 0 }; 196 struct crypto_shash *tfm = NULL; 197 struct shash_desc *desc = NULL; 198 int ret; 199 200 tfm = crypto_alloc_shash("michael_mic", 0, 0); 201 if (IS_ERR(tfm)) { 202 ret = PTR_ERR(tfm); 203 goto err; 204 } 205 206 ret = crypto_shash_setkey(tfm, key, MICHAEL_MIC_KEY_LEN); 207 if (ret < 0) 208 goto err_free_tfm; 209 210 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL); 211 if (!desc) { 212 ret = -ENOMEM; 213 goto err_free_tfm; 214 } 215 216 desc->tfm = tfm; 217 218 ret = crypto_shash_init(desc); 219 if (ret < 0) 220 goto err_free_desc; 221 222 // Compute the MIC value 223 /* 224 * IEEE802.11i page 47 225 * Figure 43g TKIP MIC processing format 226 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 227 * |6 |6 |1 |3 |M |1 |1 |1 |1 |1 |1 |1 |1 | Octet 228 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 229 * |DA|SA|Priority|0 |Data|M0|M1|M2|M3|M4|M5|M6|M7| 230 * +--+--+--------+--+----+--+--+--+--+--+--+--+--+ 231 */ 232 233 ret = crypto_shash_update(desc, data, 12); 234 if (ret < 0) 235 goto err_free_desc; 236 237 ret = crypto_shash_update(desc, pad_data, 4); 238 if (ret < 0) 239 goto err_free_desc; 240 241 ret = crypto_shash_finup(desc, data + 12, len - 12, result); 242 243err_free_desc: 244 kfree_sensitive(desc); 245 246err_free_tfm: 247 crypto_free_shash(tfm); 248 249err: 250 return ret; 251} 252 253static 254int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info, 255 struct local_ap *ap) 256{ 257 unsigned char *bp; 258 int bsize, offset; 259 260 memset(ap, 0, sizeof(struct local_ap)); 261 262 ether_addr_copy(ap->bssid, ap_info->bssid); 263 ap->rssi = ap_info->rssi; 264 ap->sq = ap_info->sq; 265 ap->noise = ap_info->noise; 266 ap->capability = le16_to_cpu(ap_info->capability); 267 ap->channel = ap_info->ch_info; 268 269 bp = ap_info->body; 270 bsize = le16_to_cpu(ap_info->body_size); 271 offset = 0; 272 273 while (bsize > offset) { 274 switch (*bp) { /* Information Element ID */ 275 case WLAN_EID_SSID: 276 ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN, 277 ap->ssid.body); 278 break; 279 case WLAN_EID_SUPP_RATES: 280 case WLAN_EID_EXT_SUPP_RATES: 281 if ((*(bp + 1) + ap->rate_set.size) <= 282 RATE_SET_MAX_SIZE) { 283 memcpy(&ap->rate_set.body[ap->rate_set.size], 284 bp + 2, *(bp + 1)); 285 ap->rate_set.size += *(bp + 1); 286 } else { 287 memcpy(&ap->rate_set.body[ap->rate_set.size], 288 bp + 2, 289 RATE_SET_MAX_SIZE - ap->rate_set.size); 290 ap->rate_set.size += 291 (RATE_SET_MAX_SIZE - ap->rate_set.size); 292 } 293 break; 294 case WLAN_EID_RSN: 295 ap->rsn_ie.id = *bp; 296 ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX, 297 ap->rsn_ie.body); 298 break; 299 case WLAN_EID_VENDOR_SPECIFIC: /* WPA */ 300 /* WPA OUI check */ 301 if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) { 302 ap->wpa_ie.id = *bp; 303 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX, 304 ap->wpa_ie.body); 305 } 306 break; 307 case WLAN_EID_DS_PARAMS: 308 case WLAN_EID_FH_PARAMS: 309 case WLAN_EID_CF_PARAMS: 310 case WLAN_EID_TIM: 311 case WLAN_EID_IBSS_PARAMS: 312 case WLAN_EID_COUNTRY: 313 case WLAN_EID_ERP_INFO: 314 break; 315 default: 316 netdev_err(priv->net_dev, 317 "unknown Element ID=%d\n", *bp); 318 break; 319 } 320 321 offset += 2; /* id & size field */ 322 offset += *(bp + 1); /* +size offset */ 323 bp += (*(bp + 1) + 2); /* pointer update */ 324 } 325 326 return 0; 327} 328 329static 330int hostif_data_indication_wpa(struct ks_wlan_private *priv, 331 unsigned short auth_type) 332{ 333 struct ether_hdr *eth_hdr; 334 unsigned short eth_proto; 335 unsigned char recv_mic[MICHAEL_MIC_LEN]; 336 char buf[128]; 337 unsigned long now; 338 struct mic_failure *mic_failure; 339 u8 mic[MICHAEL_MIC_LEN]; 340 union iwreq_data wrqu; 341 unsigned int key_index = auth_type - 1; 342 struct wpa_key *key = &priv->wpa.key[key_index]; 343 344 eth_hdr = (struct ether_hdr *)(priv->rxp); 345 eth_proto = ntohs(eth_hdr->h_proto); 346 347 if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) { 348 netdev_err(priv->net_dev, "invalid data format\n"); 349 priv->nstats.rx_errors++; 350 return -EINVAL; 351 } 352 if (((auth_type == TYPE_PMK1 && 353 priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) || 354 (auth_type == TYPE_GMK1 && 355 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) || 356 (auth_type == TYPE_GMK2 && 357 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) && 358 key->key_len) { 359 int ret; 360 361 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n", 362 eth_proto, priv->rx_size); 363 /* MIC save */ 364 memcpy(&recv_mic[0], 365 (priv->rxp) + ((priv->rx_size) - sizeof(recv_mic)), 366 sizeof(recv_mic)); 367 priv->rx_size = priv->rx_size - sizeof(recv_mic); 368 369 ret = michael_mic(key->rx_mic_key, priv->rxp, priv->rx_size, 370 0, mic); 371 if (ret < 0) 372 return ret; 373 if (memcmp(mic, recv_mic, sizeof(mic)) != 0) { 374 now = jiffies; 375 mic_failure = &priv->wpa.mic_failure; 376 /* MIC FAILURE */ 377 if (mic_failure->last_failure_time && 378 (now - mic_failure->last_failure_time) / HZ >= 60) { 379 mic_failure->failure = 0; 380 } 381 netdev_err(priv->net_dev, "MIC FAILURE\n"); 382 if (mic_failure->failure == 0) { 383 mic_failure->failure = 1; 384 mic_failure->counter = 0; 385 } else if (mic_failure->failure == 1) { 386 mic_failure->failure = 2; 387 mic_failure->counter = 388 (u16)((now - mic_failure->last_failure_time) / HZ); 389 /* range 1-60 */ 390 if (!mic_failure->counter) 391 mic_failure->counter = 1; 392 } 393 priv->wpa.mic_failure.last_failure_time = now; 394 395 /* needed parameters: count, keyid, key type, TSC */ 396 sprintf(buf, 397 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)", 398 key_index, 399 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni", 400 eth_hdr->h_source); 401 memset(&wrqu, 0, sizeof(wrqu)); 402 wrqu.data.length = strlen(buf); 403 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, 404 buf); 405 return -EINVAL; 406 } 407 } 408 return 0; 409} 410 411static 412void hostif_data_indication(struct ks_wlan_private *priv) 413{ 414 unsigned int rx_ind_size; /* indicate data size */ 415 struct sk_buff *skb; 416 u16 auth_type; 417 unsigned char temp[256]; 418 struct ether_hdr *eth_hdr; 419 struct ieee802_1x_hdr *aa1x_hdr; 420 size_t size; 421 int ret; 422 423 /* min length check */ 424 if (priv->rx_size <= ETH_HLEN) { 425 priv->nstats.rx_errors++; 426 return; 427 } 428 429 auth_type = get_word(priv); /* AuthType */ 430 get_word(priv); /* Reserve Area */ 431 432 eth_hdr = (struct ether_hdr *)(priv->rxp); 433 434 /* source address check */ 435 if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) { 436 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n"); 437 netdev_err(priv->net_dev, "eth_hdrernet->h_dest=%pM\n", eth_hdr->h_source); 438 priv->nstats.rx_errors++; 439 return; 440 } 441 442 /* for WPA */ 443 if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) { 444 ret = hostif_data_indication_wpa(priv, auth_type); 445 if (ret) 446 return; 447 } 448 449 if ((priv->connect_status & FORCE_DISCONNECT) || 450 priv->wpa.mic_failure.failure == 2) { 451 return; 452 } 453 454 /* check 13th byte at rx data */ 455 switch (*(priv->rxp + 12)) { 456 case LLC_SAP_SNAP: 457 rx_ind_size = priv->rx_size - 6; 458 skb = dev_alloc_skb(rx_ind_size); 459 if (!skb) { 460 priv->nstats.rx_dropped++; 461 return; 462 } 463 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n", 464 rx_ind_size); 465 466 size = ETH_ALEN * 2; 467 skb_put_data(skb, priv->rxp, size); 468 469 /* (SNAP+UI..) skip */ 470 471 size = rx_ind_size - (ETH_ALEN * 2); 472 skb_put_data(skb, ð_hdr->h_proto, size); 473 474 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE); 475 break; 476 case LLC_SAP_NETBEUI: 477 rx_ind_size = (priv->rx_size + 2); 478 skb = dev_alloc_skb(rx_ind_size); 479 if (!skb) { 480 priv->nstats.rx_dropped++; 481 return; 482 } 483 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n", 484 rx_ind_size); 485 486 /* 8802/FDDI MAC copy */ 487 skb_put_data(skb, priv->rxp, 12); 488 489 /* NETBEUI size add */ 490 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff); 491 temp[1] = ((rx_ind_size - 12) & 0xff); 492 skb_put_data(skb, temp, 2); 493 494 /* copy after Type */ 495 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14); 496 497 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14); 498 break; 499 default: /* other rx data */ 500 netdev_err(priv->net_dev, "invalid data format\n"); 501 priv->nstats.rx_errors++; 502 return; 503 } 504 505 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY && 506 priv->wpa.rsn_enabled) 507 atomic_set(&priv->psstatus.snooze_guard, 1); 508 509 /* rx indication */ 510 skb->dev = priv->net_dev; 511 skb->protocol = eth_type_trans(skb, skb->dev); 512 priv->nstats.rx_packets++; 513 priv->nstats.rx_bytes += rx_ind_size; 514 netif_rx(skb); 515} 516 517static 518void hostif_mib_get_confirm(struct ks_wlan_private *priv) 519{ 520 struct net_device *dev = priv->net_dev; 521 u32 mib_status; 522 u32 mib_attribute; 523 524 mib_status = get_dword(priv); 525 mib_attribute = get_dword(priv); 526 get_word(priv); /* mib_val_size */ 527 get_word(priv); /* mib_val_type */ 528 529 if (mib_status) { 530 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n", 531 mib_attribute, mib_status); 532 return; 533 } 534 535 switch (mib_attribute) { 536 case DOT11_MAC_ADDRESS: 537 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS); 538 ether_addr_copy(priv->eth_addr, priv->rxp); 539 priv->mac_address_valid = true; 540 eth_hw_addr_set(dev, priv->eth_addr); 541 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr); 542 break; 543 case DOT11_PRODUCT_VERSION: 544 priv->version_size = priv->rx_size; 545 memcpy(priv->firmware_version, priv->rxp, priv->rx_size); 546 priv->firmware_version[priv->rx_size] = '\0'; 547 netdev_info(dev, "firmware ver. = %s\n", 548 priv->firmware_version); 549 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION); 550 /* wake_up_interruptible_all(&priv->confirm_wait); */ 551 complete(&priv->confirm_wait); 552 break; 553 case LOCAL_GAIN: 554 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain)); 555 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n", 556 priv->gain.tx_mode, priv->gain.rx_mode, 557 priv->gain.tx_gain, priv->gain.rx_gain); 558 break; 559 case LOCAL_EEPROM_SUM: 560 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum)); 561 if (priv->eeprom_sum.type != 0 && 562 priv->eeprom_sum.type != 1) { 563 netdev_err(dev, "LOCAL_EEPROM_SUM error!\n"); 564 return; 565 } 566 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ? 567 EEPROM_CHECKSUM_NONE : 568 (priv->eeprom_sum.result == 0) ? 569 EEPROM_NG : EEPROM_OK; 570 break; 571 default: 572 netdev_err(priv->net_dev, "mib_attribute=%08x\n", 573 (unsigned int)mib_attribute); 574 break; 575 } 576} 577 578static 579void hostif_mib_set_confirm(struct ks_wlan_private *priv) 580{ 581 u32 mib_status; 582 u32 mib_attribute; 583 584 mib_status = get_dword(priv); 585 mib_attribute = get_dword(priv); 586 587 if (mib_status) { 588 /* in case of error */ 589 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n", 590 mib_attribute, mib_status); 591 } 592 593 switch (mib_attribute) { 594 case DOT11_RTS_THRESHOLD: 595 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM); 596 break; 597 case DOT11_FRAGMENTATION_THRESHOLD: 598 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM); 599 break; 600 case DOT11_WEP_DEFAULT_KEY_ID: 601 if (!priv->wpa.wpa_enabled) 602 hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM); 603 break; 604 case DOT11_WEP_DEFAULT_KEY_VALUE1: 605 if (priv->wpa.rsn_enabled) 606 hostif_sme_enqueue(priv, SME_SET_PMK_TSC); 607 else 608 hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM); 609 break; 610 case DOT11_WEP_DEFAULT_KEY_VALUE2: 611 if (priv->wpa.rsn_enabled) 612 hostif_sme_enqueue(priv, SME_SET_GMK1_TSC); 613 else 614 hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM); 615 break; 616 case DOT11_WEP_DEFAULT_KEY_VALUE3: 617 if (priv->wpa.rsn_enabled) 618 hostif_sme_enqueue(priv, SME_SET_GMK2_TSC); 619 else 620 hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM); 621 break; 622 case DOT11_WEP_DEFAULT_KEY_VALUE4: 623 if (!priv->wpa.rsn_enabled) 624 hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM); 625 break; 626 case DOT11_PRIVACY_INVOKED: 627 if (!priv->wpa.rsn_enabled) 628 hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM); 629 break; 630 case DOT11_RSN_ENABLED: 631 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM); 632 break; 633 case LOCAL_RSN_MODE: 634 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM); 635 break; 636 case LOCAL_MULTICAST_ADDRESS: 637 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST); 638 break; 639 case LOCAL_MULTICAST_FILTER: 640 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM); 641 break; 642 case LOCAL_CURRENTADDRESS: 643 priv->mac_address_valid = true; 644 break; 645 case DOT11_RSN_CONFIG_MULTICAST_CIPHER: 646 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM); 647 break; 648 case DOT11_RSN_CONFIG_UNICAST_CIPHER: 649 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM); 650 break; 651 case DOT11_RSN_CONFIG_AUTH_SUITE: 652 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM); 653 break; 654 case DOT11_GMK1_TSC: 655 if (atomic_read(&priv->psstatus.snooze_guard)) 656 atomic_set(&priv->psstatus.snooze_guard, 0); 657 break; 658 case DOT11_GMK2_TSC: 659 if (atomic_read(&priv->psstatus.snooze_guard)) 660 atomic_set(&priv->psstatus.snooze_guard, 0); 661 break; 662 case DOT11_PMK_TSC: 663 case LOCAL_PMK: 664 case LOCAL_GAIN: 665 case LOCAL_WPS_ENABLE: 666 case LOCAL_WPS_PROBE_REQ: 667 case LOCAL_REGION: 668 default: 669 break; 670 } 671} 672 673static 674void hostif_power_mgmt_confirm(struct ks_wlan_private *priv) 675{ 676 if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE && 677 priv->reg.operation_mode == MODE_INFRASTRUCTURE) { 678 atomic_set(&priv->psstatus.confirm_wait, 0); 679 priv->dev_state = DEVICE_STATE_SLEEP; 680 ks_wlan_hw_power_save(priv); 681 } else { 682 priv->dev_state = DEVICE_STATE_READY; 683 } 684} 685 686static 687void hostif_sleep_confirm(struct ks_wlan_private *priv) 688{ 689 atomic_set(&priv->sleepstatus.doze_request, 1); 690 queue_delayed_work(priv->wq, &priv->rw_dwork, 1); 691} 692 693static 694void hostif_start_confirm(struct ks_wlan_private *priv) 695{ 696 union iwreq_data wrqu; 697 698 wrqu.data.length = 0; 699 wrqu.data.flags = 0; 700 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 701 if (is_connect_status(priv->connect_status)) { 702 eth_zero_addr(wrqu.ap_addr.sa_data); 703 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL); 704 } 705 netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count); 706 hostif_sme_enqueue(priv, SME_START_CONFIRM); 707} 708 709static 710void hostif_connect_indication(struct ks_wlan_private *priv) 711{ 712 u16 connect_code; 713 unsigned int tmp = 0; 714 unsigned int old_status = priv->connect_status; 715 struct net_device *netdev = priv->net_dev; 716 union iwreq_data wrqu0; 717 718 connect_code = get_word(priv); 719 720 switch (connect_code) { 721 case RESULT_CONNECT: 722 if (!(priv->connect_status & FORCE_DISCONNECT)) 723 netif_carrier_on(netdev); 724 tmp = FORCE_DISCONNECT & priv->connect_status; 725 priv->connect_status = tmp + CONNECT_STATUS; 726 break; 727 case RESULT_DISCONNECT: 728 netif_carrier_off(netdev); 729 tmp = FORCE_DISCONNECT & priv->connect_status; 730 priv->connect_status = tmp + DISCONNECT_STATUS; 731 break; 732 default: 733 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n", 734 connect_code, priv->scan_ind_count); 735 netif_carrier_off(netdev); 736 tmp = FORCE_DISCONNECT & priv->connect_status; 737 priv->connect_status = tmp + DISCONNECT_STATUS; 738 break; 739 } 740 741 get_current_ap(priv, (struct link_ap_info *)priv->rxp); 742 if (is_connect_status(priv->connect_status) && 743 is_disconnect_status(old_status)) { 744 /* for power save */ 745 atomic_set(&priv->psstatus.snooze_guard, 0); 746 atomic_set(&priv->psstatus.confirm_wait, 0); 747 } 748 ks_wlan_do_power_save(priv); 749 750 wrqu0.data.length = 0; 751 wrqu0.data.flags = 0; 752 wrqu0.ap_addr.sa_family = ARPHRD_ETHER; 753 if (is_disconnect_status(priv->connect_status) && 754 is_connect_status(old_status)) { 755 eth_zero_addr(wrqu0.ap_addr.sa_data); 756 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n", 757 priv->scan_ind_count); 758 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL); 759 } 760 priv->scan_ind_count = 0; 761} 762 763static 764void hostif_scan_indication(struct ks_wlan_private *priv) 765{ 766 int i; 767 struct ap_info *ap_info; 768 769 netdev_dbg(priv->net_dev, 770 "scan_ind_count = %d\n", priv->scan_ind_count); 771 ap_info = (struct ap_info *)(priv->rxp); 772 773 if (priv->scan_ind_count) { 774 /* bssid check */ 775 for (i = 0; i < priv->aplist.size; i++) { 776 u8 *bssid = priv->aplist.ap[i].bssid; 777 778 if (ether_addr_equal(ap_info->bssid, bssid)) 779 continue; 780 781 if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP) 782 get_ap_information(priv, ap_info, 783 &priv->aplist.ap[i]); 784 return; 785 } 786 } 787 priv->scan_ind_count++; 788 if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) { 789 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n", 790 priv->scan_ind_count, priv->aplist.size); 791 get_ap_information(priv, (struct ap_info *)(priv->rxp), 792 &priv->aplist.ap[priv->scan_ind_count - 1]); 793 priv->aplist.size = priv->scan_ind_count; 794 } else { 795 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n", 796 priv->scan_ind_count); 797 } 798} 799 800static 801void hostif_stop_confirm(struct ks_wlan_private *priv) 802{ 803 unsigned int tmp = 0; 804 unsigned int old_status = priv->connect_status; 805 struct net_device *netdev = priv->net_dev; 806 union iwreq_data wrqu0; 807 808 if (priv->dev_state == DEVICE_STATE_SLEEP) 809 priv->dev_state = DEVICE_STATE_READY; 810 811 /* disconnect indication */ 812 if (is_connect_status(priv->connect_status)) { 813 netif_carrier_off(netdev); 814 tmp = FORCE_DISCONNECT & priv->connect_status; 815 priv->connect_status = tmp | DISCONNECT_STATUS; 816 netdev_info(netdev, "IWEVENT: disconnect\n"); 817 818 wrqu0.data.length = 0; 819 wrqu0.data.flags = 0; 820 wrqu0.ap_addr.sa_family = ARPHRD_ETHER; 821 if (is_disconnect_status(priv->connect_status) && 822 is_connect_status(old_status)) { 823 eth_zero_addr(wrqu0.ap_addr.sa_data); 824 netdev_info(netdev, "IWEVENT: disconnect\n"); 825 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL); 826 } 827 priv->scan_ind_count = 0; 828 } 829 830 hostif_sme_enqueue(priv, SME_STOP_CONFIRM); 831} 832 833static 834void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv) 835{ 836 priv->infra_status = 0; /* infrastructure mode cancel */ 837 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 838} 839 840static 841void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv) 842{ 843 get_word(priv); /* result_code */ 844 priv->infra_status = 1; /* infrastructure mode set */ 845 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 846} 847 848static 849void hostif_adhoc_set_confirm(struct ks_wlan_private *priv) 850{ 851 priv->infra_status = 1; /* infrastructure mode set */ 852 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM); 853} 854 855static 856void hostif_associate_indication(struct ks_wlan_private *priv) 857{ 858 struct association_request *assoc_req; 859 struct association_response *assoc_resp; 860 unsigned char *pb; 861 union iwreq_data wrqu; 862 char buf[IW_CUSTOM_MAX]; 863 char *pbuf = &buf[0]; 864 int i; 865 866 static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs="; 867 static const char associnfo_leader1[] = " RespIEs="; 868 869 assoc_req = (struct association_request *)(priv->rxp); 870 assoc_resp = (struct association_response *)(assoc_req + 1); 871 pb = (unsigned char *)(assoc_resp + 1); 872 873 memset(&wrqu, 0, sizeof(wrqu)); 874 memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1); 875 wrqu.data.length += sizeof(associnfo_leader0) - 1; 876 pbuf += sizeof(associnfo_leader0) - 1; 877 878 for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++) 879 pbuf += sprintf(pbuf, "%02x", *(pb + i)); 880 wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2; 881 882 memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1); 883 wrqu.data.length += sizeof(associnfo_leader1) - 1; 884 pbuf += sizeof(associnfo_leader1) - 1; 885 886 pb += le16_to_cpu(assoc_req->req_ies_size); 887 for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++) 888 pbuf += sprintf(pbuf, "%02x", *(pb + i)); 889 wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2; 890 891 pbuf += sprintf(pbuf, ")"); 892 wrqu.data.length += 1; 893 894 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf); 895} 896 897static 898void hostif_bss_scan_confirm(struct ks_wlan_private *priv) 899{ 900 u32 result_code; 901 struct net_device *dev = priv->net_dev; 902 union iwreq_data wrqu; 903 904 result_code = get_dword(priv); 905 netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n", 906 result_code, priv->scan_ind_count); 907 908 priv->sme_i.sme_flag &= ~SME_AP_SCAN; 909 hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM); 910 911 wrqu.data.length = 0; 912 wrqu.data.flags = 0; 913 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); 914 priv->scan_ind_count = 0; 915} 916 917static 918void hostif_phy_information_confirm(struct ks_wlan_private *priv) 919{ 920 struct iw_statistics *wstats = &priv->wstats; 921 u8 rssi, signal; 922 u8 link_speed; 923 u32 transmitted_frame_count, received_fragment_count; 924 u32 failed_count, fcs_error_count; 925 926 rssi = get_byte(priv); 927 signal = get_byte(priv); 928 get_byte(priv); /* noise */ 929 link_speed = get_byte(priv); 930 transmitted_frame_count = get_dword(priv); 931 received_fragment_count = get_dword(priv); 932 failed_count = get_dword(priv); 933 fcs_error_count = get_dword(priv); 934 935 netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n", 936 rssi, signal); 937 priv->current_rate = (link_speed & RATE_MASK); 938 wstats->qual.qual = signal; 939 wstats->qual.level = 256 - rssi; 940 wstats->qual.noise = 0; /* invalid noise value */ 941 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM; 942 943 netdev_dbg(priv->net_dev, "\n rssi=%u\n" 944 " signal=%u\n" 945 " link_speed=%ux500Kbps\n" 946 " transmitted_frame_count=%u\n" 947 " received_fragment_count=%u\n" 948 " failed_count=%u\n" 949 " fcs_error_count=%u\n", 950 rssi, signal, link_speed, transmitted_frame_count, 951 received_fragment_count, failed_count, fcs_error_count); 952 /* wake_up_interruptible_all(&priv->confirm_wait); */ 953 complete(&priv->confirm_wait); 954} 955 956static 957void hostif_mic_failure_confirm(struct ks_wlan_private *priv) 958{ 959 netdev_dbg(priv->net_dev, "mic_failure=%u\n", 960 priv->wpa.mic_failure.failure); 961 hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM); 962} 963 964static 965void hostif_event_check(struct ks_wlan_private *priv) 966{ 967 u16 event; 968 969 event = get_word(priv); 970 switch (event) { 971 case HIF_DATA_IND: 972 hostif_data_indication(priv); 973 break; 974 case HIF_MIB_GET_CONF: 975 hostif_mib_get_confirm(priv); 976 break; 977 case HIF_MIB_SET_CONF: 978 hostif_mib_set_confirm(priv); 979 break; 980 case HIF_POWER_MGMT_CONF: 981 hostif_power_mgmt_confirm(priv); 982 break; 983 case HIF_SLEEP_CONF: 984 hostif_sleep_confirm(priv); 985 break; 986 case HIF_START_CONF: 987 hostif_start_confirm(priv); 988 break; 989 case HIF_CONNECT_IND: 990 hostif_connect_indication(priv); 991 break; 992 case HIF_STOP_CONF: 993 hostif_stop_confirm(priv); 994 break; 995 case HIF_PS_ADH_SET_CONF: 996 hostif_ps_adhoc_set_confirm(priv); 997 break; 998 case HIF_INFRA_SET_CONF: 999 case HIF_INFRA_SET2_CONF: 1000 hostif_infrastructure_set_confirm(priv); 1001 break; 1002 case HIF_ADH_SET_CONF: 1003 case HIF_ADH_SET2_CONF: 1004 hostif_adhoc_set_confirm(priv); 1005 break; 1006 case HIF_ASSOC_INFO_IND: 1007 hostif_associate_indication(priv); 1008 break; 1009 case HIF_MIC_FAILURE_CONF: 1010 hostif_mic_failure_confirm(priv); 1011 break; 1012 case HIF_SCAN_CONF: 1013 hostif_bss_scan_confirm(priv); 1014 break; 1015 case HIF_PHY_INFO_CONF: 1016 case HIF_PHY_INFO_IND: 1017 hostif_phy_information_confirm(priv); 1018 break; 1019 case HIF_SCAN_IND: 1020 hostif_scan_indication(priv); 1021 break; 1022 case HIF_AP_SET_CONF: 1023 default: 1024 netdev_err(priv->net_dev, "undefined event[%04X]\n", event); 1025 /* wake_up_all(&priv->confirm_wait); */ 1026 complete(&priv->confirm_wait); 1027 break; 1028 } 1029 1030 /* add event to hostt buffer */ 1031 priv->hostt.buff[priv->hostt.qtail] = event; 1032 priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE; 1033} 1034 1035/* allocate size bytes, set header size and event */ 1036static void *hostif_generic_request(size_t size, int event) 1037{ 1038 struct hostif_hdr *p; 1039 1040 p = kzalloc(hif_align_size(size), GFP_ATOMIC); 1041 if (!p) 1042 return NULL; 1043 1044 p->size = cpu_to_le16(size - sizeof(p->size)); 1045 p->event = cpu_to_le16(event); 1046 1047 return p; 1048} 1049 1050int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb) 1051{ 1052 unsigned int skb_len = 0; 1053 unsigned char *buffer = NULL; 1054 unsigned int length = 0; 1055 struct hostif_data_request *pp; 1056 unsigned char *p; 1057 unsigned short eth_proto; 1058 struct ether_hdr *eth_hdr; 1059 unsigned short keyinfo = 0; 1060 struct ieee802_1x_hdr *aa1x_hdr; 1061 struct wpa_eapol_key *eap_key; 1062 struct ethhdr *eth; 1063 size_t size; 1064 int ret; 1065 1066 skb_len = skb->len; 1067 if (skb_len > ETH_FRAME_LEN) { 1068 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len); 1069 ret = -EOVERFLOW; 1070 goto err_kfree_skb; 1071 } 1072 1073 if (is_disconnect_status(priv->connect_status) || 1074 (priv->connect_status & FORCE_DISCONNECT) || 1075 priv->wpa.mic_failure.stop) { 1076 if (netif_queue_stopped(priv->net_dev)) 1077 netif_wake_queue(priv->net_dev); 1078 1079 dev_kfree_skb(skb); 1080 1081 return 0; 1082 } 1083 1084 /* power save wakeup */ 1085 if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) { 1086 if (!netif_queue_stopped(priv->net_dev)) 1087 netif_stop_queue(priv->net_dev); 1088 } 1089 1090 size = sizeof(*pp) + 6 + skb_len + 8; 1091 pp = kmalloc(hif_align_size(size), GFP_ATOMIC); 1092 if (!pp) { 1093 ret = -ENOMEM; 1094 goto err_kfree_skb; 1095 } 1096 1097 p = (unsigned char *)pp->data; 1098 1099 buffer = skb->data; 1100 length = skb->len; 1101 1102 /* skb check */ 1103 eth = (struct ethhdr *)skb->data; 1104 if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) { 1105 netdev_err(priv->net_dev, 1106 "Invalid mac address: ethernet->h_source=%pM\n", 1107 eth->h_source); 1108 ret = -ENXIO; 1109 goto err_kfree; 1110 } 1111 1112 /* dest and src MAC address copy */ 1113 size = ETH_ALEN * 2; 1114 memcpy(p, buffer, size); 1115 p += size; 1116 buffer += size; 1117 length -= size; 1118 1119 /* EtherType/Length check */ 1120 if (*(buffer + 1) + (*buffer << 8) > 1500) { 1121 /* ProtocolEAP = *(buffer+1) + (*buffer << 8); */ 1122 /* SAP/CTL/OUI(6 byte) add */ 1123 *p++ = 0xAA; /* DSAP */ 1124 *p++ = 0xAA; /* SSAP */ 1125 *p++ = 0x03; /* CTL */ 1126 *p++ = 0x00; /* OUI ("000000") */ 1127 *p++ = 0x00; /* OUI ("000000") */ 1128 *p++ = 0x00; /* OUI ("000000") */ 1129 skb_len += 6; 1130 } else { 1131 /* Length(2 byte) delete */ 1132 buffer += 2; 1133 length -= 2; 1134 skb_len -= 2; 1135 } 1136 1137 /* pp->data copy */ 1138 memcpy(p, buffer, length); 1139 1140 p += length; 1141 1142 /* for WPA */ 1143 eth_hdr = (struct ether_hdr *)&pp->data[0]; 1144 eth_proto = ntohs(eth_hdr->h_proto); 1145 1146 /* for MIC FAILURE REPORT check */ 1147 if (eth_proto == ETH_P_PAE && 1148 priv->wpa.mic_failure.failure > 0) { 1149 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1); 1150 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) { 1151 eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1); 1152 keyinfo = ntohs(eap_key->key_info); 1153 } 1154 } 1155 1156 if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) { 1157 /* no encryption */ 1158 if (eth_proto == ETH_P_PAE && 1159 priv->wpa.key[1].key_len == 0 && 1160 priv->wpa.key[2].key_len == 0 && 1161 priv->wpa.key[3].key_len == 0) { 1162 pp->auth_type = cpu_to_le16(TYPE_AUTH); 1163 } else { 1164 if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) { 1165 u8 mic[MICHAEL_MIC_LEN]; 1166 1167 ret = michael_mic(priv->wpa.key[0].tx_mic_key, 1168 &pp->data[0], skb_len, 1169 0, mic); 1170 if (ret < 0) 1171 goto err_kfree; 1172 1173 memcpy(p, mic, sizeof(mic)); 1174 length += sizeof(mic); 1175 skb_len += sizeof(mic); 1176 p += sizeof(mic); 1177 pp->auth_type = 1178 cpu_to_le16(TYPE_DATA); 1179 } else if (priv->wpa.pairwise_suite == 1180 IW_AUTH_CIPHER_CCMP) { 1181 pp->auth_type = 1182 cpu_to_le16(TYPE_DATA); 1183 } 1184 } 1185 } else { 1186 if (eth_proto == ETH_P_PAE) 1187 pp->auth_type = cpu_to_le16(TYPE_AUTH); 1188 else 1189 pp->auth_type = cpu_to_le16(TYPE_DATA); 1190 } 1191 1192 /* header value set */ 1193 pp->header.size = 1194 cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len)); 1195 pp->header.event = cpu_to_le16(HIF_DATA_REQ); 1196 1197 /* tx request */ 1198 ret = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len), 1199 send_packet_complete, skb); 1200 1201 /* MIC FAILURE REPORT check */ 1202 if (eth_proto == ETH_P_PAE && 1203 priv->wpa.mic_failure.failure > 0) { 1204 if (keyinfo & WPA_KEY_INFO_ERROR && 1205 keyinfo & WPA_KEY_INFO_REQUEST) { 1206 netdev_err(priv->net_dev, 1207 "MIC ERROR Report SET : %04X\n", keyinfo); 1208 hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST); 1209 } 1210 if (priv->wpa.mic_failure.failure == 2) 1211 priv->wpa.mic_failure.stop = 1; 1212 } 1213 1214 return ret; 1215 1216err_kfree: 1217 kfree(pp); 1218err_kfree_skb: 1219 dev_kfree_skb(skb); 1220 1221 return ret; 1222} 1223 1224static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv) 1225{ 1226 if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET) 1227 atomic_inc(&priv->psstatus.confirm_wait); 1228} 1229 1230static inline void send_request_to_device(struct ks_wlan_private *priv, 1231 void *data, size_t size) 1232{ 1233 ps_confirm_wait_inc(priv); 1234 ks_wlan_hw_tx(priv, data, size, NULL, NULL); 1235} 1236 1237static void hostif_mib_get_request(struct ks_wlan_private *priv, 1238 u32 mib_attribute) 1239{ 1240 struct hostif_mib_get_request *pp; 1241 1242 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ); 1243 if (!pp) 1244 return; 1245 1246 pp->mib_attribute = cpu_to_le32(mib_attribute); 1247 1248 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1249} 1250 1251static void hostif_mib_set_request(struct ks_wlan_private *priv, 1252 enum mib_attribute attr, 1253 enum mib_data_type type, 1254 void *data, size_t size) 1255{ 1256 struct hostif_mib_set_request_t *pp; 1257 1258 if (priv->dev_state < DEVICE_STATE_BOOT) 1259 return; 1260 1261 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ); 1262 if (!pp) 1263 return; 1264 1265 pp->mib_attribute = cpu_to_le32(attr); 1266 pp->mib_value.size = cpu_to_le16(size); 1267 pp->mib_value.type = cpu_to_le16(type); 1268 memcpy(&pp->mib_value.body, data, size); 1269 1270 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size)); 1271} 1272 1273static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv, 1274 enum mib_attribute attr, int val) 1275{ 1276 __le32 v = cpu_to_le32(val); 1277 size_t size = sizeof(v); 1278 1279 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size); 1280} 1281 1282static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv, 1283 enum mib_attribute attr, 1284 bool val) 1285{ 1286 __le32 v = cpu_to_le32(val); 1287 size_t size = sizeof(v); 1288 1289 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size); 1290} 1291 1292static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv, 1293 enum mib_attribute attr, 1294 void *data, size_t size) 1295{ 1296 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size); 1297} 1298 1299static 1300void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode) 1301{ 1302 struct hostif_start_request *pp; 1303 1304 pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ); 1305 if (!pp) 1306 return; 1307 1308 pp->mode = cpu_to_le16(mode); 1309 1310 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1311 1312 priv->aplist.size = 0; 1313 priv->scan_ind_count = 0; 1314} 1315 1316static __le16 ks_wlan_cap(struct ks_wlan_private *priv) 1317{ 1318 u16 capability = 0x0000; 1319 1320 if (priv->reg.preamble == SHORT_PREAMBLE) 1321 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE; 1322 1323 capability &= ~(WLAN_CAPABILITY_PBCC); /* pbcc not support */ 1324 1325 if (priv->reg.phy_type != D_11B_ONLY_MODE) { 1326 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME; 1327 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM); 1328 } 1329 1330 return cpu_to_le16(capability); 1331} 1332 1333static void init_request(struct ks_wlan_private *priv, 1334 struct hostif_request *req) 1335{ 1336 req->phy_type = cpu_to_le16(priv->reg.phy_type); 1337 req->cts_mode = cpu_to_le16(priv->reg.cts_mode); 1338 req->scan_type = cpu_to_le16(priv->reg.scan_type); 1339 req->rate_set.size = priv->reg.rate_set.size; 1340 req->capability = ks_wlan_cap(priv); 1341 memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0], 1342 priv->reg.rate_set.size); 1343} 1344 1345static 1346void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv) 1347{ 1348 struct hostif_ps_adhoc_set_request *pp; 1349 1350 pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ); 1351 if (!pp) 1352 return; 1353 1354 init_request(priv, &pp->request); 1355 pp->channel = cpu_to_le16(priv->reg.channel); 1356 1357 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1358} 1359 1360static 1361void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event) 1362{ 1363 struct hostif_infrastructure_set_request *pp; 1364 1365 pp = hostif_generic_request(sizeof(*pp), event); 1366 if (!pp) 1367 return; 1368 1369 init_request(priv, &pp->request); 1370 pp->ssid.size = priv->reg.ssid.size; 1371 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1372 pp->beacon_lost_count = 1373 cpu_to_le16(priv->reg.beacon_lost_count); 1374 pp->auth_type = cpu_to_le16(priv->reg.authenticate_type); 1375 1376 pp->channel_list.body[0] = 1; 1377 pp->channel_list.body[1] = 8; 1378 pp->channel_list.body[2] = 2; 1379 pp->channel_list.body[3] = 9; 1380 pp->channel_list.body[4] = 3; 1381 pp->channel_list.body[5] = 10; 1382 pp->channel_list.body[6] = 4; 1383 pp->channel_list.body[7] = 11; 1384 pp->channel_list.body[8] = 5; 1385 pp->channel_list.body[9] = 12; 1386 pp->channel_list.body[10] = 6; 1387 pp->channel_list.body[11] = 13; 1388 pp->channel_list.body[12] = 7; 1389 if (priv->reg.phy_type == D_11G_ONLY_MODE) { 1390 pp->channel_list.size = 13; 1391 } else { 1392 pp->channel_list.body[13] = 14; 1393 pp->channel_list.size = 14; 1394 } 1395 1396 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1397} 1398 1399static 1400void hostif_adhoc_set_request(struct ks_wlan_private *priv) 1401{ 1402 struct hostif_adhoc_set_request *pp; 1403 1404 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ); 1405 if (!pp) 1406 return; 1407 1408 init_request(priv, &pp->request); 1409 pp->channel = cpu_to_le16(priv->reg.channel); 1410 pp->ssid.size = priv->reg.ssid.size; 1411 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1412 1413 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1414} 1415 1416static 1417void hostif_adhoc_set2_request(struct ks_wlan_private *priv) 1418{ 1419 struct hostif_adhoc_set2_request *pp; 1420 1421 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ); 1422 if (!pp) 1423 return; 1424 1425 init_request(priv, &pp->request); 1426 pp->ssid.size = priv->reg.ssid.size; 1427 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size); 1428 1429 pp->channel_list.body[0] = priv->reg.channel; 1430 pp->channel_list.size = 1; 1431 memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN); 1432 1433 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1434} 1435 1436static 1437void hostif_stop_request(struct ks_wlan_private *priv) 1438{ 1439 struct hostif_stop_request *pp; 1440 1441 pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ); 1442 if (!pp) 1443 return; 1444 1445 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1446} 1447 1448static 1449void hostif_phy_information_request(struct ks_wlan_private *priv) 1450{ 1451 struct hostif_phy_information_request *pp; 1452 1453 pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ); 1454 if (!pp) 1455 return; 1456 1457 if (priv->reg.phy_info_timer) { 1458 pp->type = cpu_to_le16(TIME_TYPE); 1459 pp->time = cpu_to_le16(priv->reg.phy_info_timer); 1460 } else { 1461 pp->type = cpu_to_le16(NORMAL_TYPE); 1462 pp->time = cpu_to_le16(0); 1463 } 1464 1465 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1466} 1467 1468static 1469void hostif_power_mgmt_request(struct ks_wlan_private *priv, 1470 u32 mode, u32 wake_up, u32 receive_dtims) 1471{ 1472 struct hostif_power_mgmt_request *pp; 1473 1474 pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ); 1475 if (!pp) 1476 return; 1477 1478 pp->mode = cpu_to_le32(mode); 1479 pp->wake_up = cpu_to_le32(wake_up); 1480 pp->receive_dtims = cpu_to_le32(receive_dtims); 1481 1482 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1483} 1484 1485static 1486void hostif_sleep_request(struct ks_wlan_private *priv, 1487 enum sleep_mode_type mode) 1488{ 1489 struct hostif_sleep_request *pp; 1490 1491 if (mode == SLP_SLEEP) { 1492 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ); 1493 if (!pp) 1494 return; 1495 1496 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1497 } else if (mode == SLP_ACTIVE) { 1498 atomic_set(&priv->sleepstatus.wakeup_request, 1); 1499 queue_delayed_work(priv->wq, &priv->rw_dwork, 1); 1500 } else { 1501 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode); 1502 return; 1503 } 1504} 1505 1506static 1507void hostif_bss_scan_request(struct ks_wlan_private *priv, 1508 unsigned long scan_type, u8 *scan_ssid, 1509 u8 scan_ssid_len) 1510{ 1511 struct hostif_bss_scan_request *pp; 1512 1513 pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ); 1514 if (!pp) 1515 return; 1516 1517 pp->scan_type = scan_type; 1518 1519 pp->ch_time_min = cpu_to_le32(110); /* default value */ 1520 pp->ch_time_max = cpu_to_le32(130); /* default value */ 1521 pp->channel_list.body[0] = 1; 1522 pp->channel_list.body[1] = 8; 1523 pp->channel_list.body[2] = 2; 1524 pp->channel_list.body[3] = 9; 1525 pp->channel_list.body[4] = 3; 1526 pp->channel_list.body[5] = 10; 1527 pp->channel_list.body[6] = 4; 1528 pp->channel_list.body[7] = 11; 1529 pp->channel_list.body[8] = 5; 1530 pp->channel_list.body[9] = 12; 1531 pp->channel_list.body[10] = 6; 1532 pp->channel_list.body[11] = 13; 1533 pp->channel_list.body[12] = 7; 1534 if (priv->reg.phy_type == D_11G_ONLY_MODE) { 1535 pp->channel_list.size = 13; 1536 } else { 1537 pp->channel_list.body[13] = 14; 1538 pp->channel_list.size = 14; 1539 } 1540 pp->ssid.size = 0; 1541 1542 /* specified SSID SCAN */ 1543 if (scan_ssid_len > 0 && scan_ssid_len <= 32) { 1544 pp->ssid.size = scan_ssid_len; 1545 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len); 1546 } 1547 1548 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1549 1550 priv->aplist.size = 0; 1551 priv->scan_ind_count = 0; 1552} 1553 1554static 1555void hostif_mic_failure_request(struct ks_wlan_private *priv, 1556 u16 failure_count, u16 timer) 1557{ 1558 struct hostif_mic_failure_request *pp; 1559 1560 pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ); 1561 if (!pp) 1562 return; 1563 1564 pp->failure_count = cpu_to_le16(failure_count); 1565 pp->timer = cpu_to_le16(timer); 1566 1567 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp))); 1568} 1569 1570/* Device I/O Receive indicate */ 1571static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p, 1572 unsigned int size) 1573{ 1574 if (!priv->is_device_open) 1575 return; 1576 1577 spin_lock(&priv->dev_read_lock); 1578 priv->dev_data[atomic_read(&priv->rec_count)] = p; 1579 priv->dev_size[atomic_read(&priv->rec_count)] = size; 1580 1581 if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) { 1582 /* rx event count inc */ 1583 atomic_inc(&priv->event_count); 1584 } 1585 atomic_inc(&priv->rec_count); 1586 if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT) 1587 atomic_set(&priv->rec_count, 0); 1588 1589 wake_up_interruptible_all(&priv->devread_wait); 1590 1591 spin_unlock(&priv->dev_read_lock); 1592} 1593 1594void hostif_receive(struct ks_wlan_private *priv, unsigned char *p, 1595 unsigned int size) 1596{ 1597 devio_rec_ind(priv, p, size); 1598 1599 priv->rxp = p; 1600 priv->rx_size = size; 1601 1602 if (get_word(priv) == priv->rx_size) 1603 hostif_event_check(priv); 1604} 1605 1606static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type) 1607{ 1608 switch (type) { 1609 case SME_WEP_INDEX_REQUEST: 1610 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID, 1611 priv->reg.wep_index); 1612 break; 1613 case SME_WEP_KEY1_REQUEST: 1614 if (priv->wpa.wpa_enabled) 1615 return; 1616 hostif_mib_set_request_ostring(priv, 1617 DOT11_WEP_DEFAULT_KEY_VALUE1, 1618 &priv->reg.wep_key[0].val[0], 1619 priv->reg.wep_key[0].size); 1620 break; 1621 case SME_WEP_KEY2_REQUEST: 1622 if (priv->wpa.wpa_enabled) 1623 return; 1624 hostif_mib_set_request_ostring(priv, 1625 DOT11_WEP_DEFAULT_KEY_VALUE2, 1626 &priv->reg.wep_key[1].val[0], 1627 priv->reg.wep_key[1].size); 1628 break; 1629 case SME_WEP_KEY3_REQUEST: 1630 if (priv->wpa.wpa_enabled) 1631 return; 1632 hostif_mib_set_request_ostring(priv, 1633 DOT11_WEP_DEFAULT_KEY_VALUE3, 1634 &priv->reg.wep_key[2].val[0], 1635 priv->reg.wep_key[2].size); 1636 break; 1637 case SME_WEP_KEY4_REQUEST: 1638 if (priv->wpa.wpa_enabled) 1639 return; 1640 hostif_mib_set_request_ostring(priv, 1641 DOT11_WEP_DEFAULT_KEY_VALUE4, 1642 &priv->reg.wep_key[3].val[0], 1643 priv->reg.wep_key[3].size); 1644 break; 1645 case SME_WEP_FLAG_REQUEST: 1646 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED, 1647 priv->reg.privacy_invoked); 1648 break; 1649 } 1650} 1651 1652struct wpa_suite { 1653 __le16 size; 1654 unsigned char suite[4][CIPHER_ID_LEN]; 1655} __packed; 1656 1657struct rsn_mode { 1658 __le32 rsn_mode; 1659 __le16 rsn_capability; 1660} __packed; 1661 1662static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type) 1663{ 1664 struct wpa_suite wpa_suite; 1665 struct rsn_mode rsn_mode; 1666 size_t size; 1667 u32 mode; 1668 const u8 *buf = NULL; 1669 1670 memset(&wpa_suite, 0, sizeof(wpa_suite)); 1671 1672 switch (type) { 1673 case SME_RSN_UCAST_REQUEST: 1674 wpa_suite.size = cpu_to_le16(1); 1675 switch (priv->wpa.pairwise_suite) { 1676 case IW_AUTH_CIPHER_NONE: 1677 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1678 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE; 1679 break; 1680 case IW_AUTH_CIPHER_WEP40: 1681 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1682 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40; 1683 break; 1684 case IW_AUTH_CIPHER_TKIP: 1685 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1686 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP; 1687 break; 1688 case IW_AUTH_CIPHER_CCMP: 1689 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1690 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP; 1691 break; 1692 case IW_AUTH_CIPHER_WEP104: 1693 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1694 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104; 1695 break; 1696 } 1697 1698 if (buf) 1699 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN); 1700 size = sizeof(wpa_suite.size) + 1701 (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size)); 1702 hostif_mib_set_request_ostring(priv, 1703 DOT11_RSN_CONFIG_UNICAST_CIPHER, 1704 &wpa_suite, size); 1705 break; 1706 case SME_RSN_MCAST_REQUEST: 1707 switch (priv->wpa.group_suite) { 1708 case IW_AUTH_CIPHER_NONE: 1709 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1710 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE; 1711 break; 1712 case IW_AUTH_CIPHER_WEP40: 1713 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1714 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40; 1715 break; 1716 case IW_AUTH_CIPHER_TKIP: 1717 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1718 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP; 1719 break; 1720 case IW_AUTH_CIPHER_CCMP: 1721 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1722 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP; 1723 break; 1724 case IW_AUTH_CIPHER_WEP104: 1725 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1726 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104; 1727 break; 1728 } 1729 if (buf) 1730 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN); 1731 hostif_mib_set_request_ostring(priv, 1732 DOT11_RSN_CONFIG_MULTICAST_CIPHER, 1733 &wpa_suite.suite[0][0], 1734 CIPHER_ID_LEN); 1735 break; 1736 case SME_RSN_AUTH_REQUEST: 1737 wpa_suite.size = cpu_to_le16(1); 1738 switch (priv->wpa.key_mgmt_suite) { 1739 case IW_AUTH_KEY_MGMT_802_1X: 1740 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1741 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X; 1742 break; 1743 case IW_AUTH_KEY_MGMT_PSK: 1744 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1745 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK; 1746 break; 1747 case 0: 1748 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1749 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE; 1750 break; 1751 case 4: 1752 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1753 KEY_MGMT_ID_WPA2_WPANONE : 1754 KEY_MGMT_ID_WPA_WPANONE; 1755 break; 1756 } 1757 1758 if (buf) 1759 memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN); 1760 size = sizeof(wpa_suite.size) + 1761 (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size)); 1762 hostif_mib_set_request_ostring(priv, 1763 DOT11_RSN_CONFIG_AUTH_SUITE, 1764 &wpa_suite, size); 1765 break; 1766 case SME_RSN_ENABLED_REQUEST: 1767 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED, 1768 priv->wpa.rsn_enabled); 1769 break; 1770 case SME_RSN_MODE_REQUEST: 1771 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ? 1772 RSN_MODE_WPA2 : 1773 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ? 1774 RSN_MODE_WPA : RSN_MODE_NONE; 1775 rsn_mode.rsn_mode = cpu_to_le32(mode); 1776 rsn_mode.rsn_capability = cpu_to_le16(0); 1777 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE, 1778 &rsn_mode, sizeof(rsn_mode)); 1779 break; 1780 } 1781} 1782 1783static 1784void hostif_sme_mode_setup(struct ks_wlan_private *priv) 1785{ 1786 unsigned char rate_size; 1787 unsigned char rate_octet[RATE_SET_MAX_SIZE]; 1788 int i = 0; 1789 1790 /* rate setting if rate segging is auto for changing phy_type (#94) */ 1791 if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) { 1792 if (priv->reg.phy_type == D_11B_ONLY_MODE) { 1793 priv->reg.rate_set.body[3] = TX_RATE_11M; 1794 priv->reg.rate_set.body[2] = TX_RATE_5M; 1795 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE; 1796 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE; 1797 priv->reg.rate_set.size = 4; 1798 } else { /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */ 1799 priv->reg.rate_set.body[11] = TX_RATE_54M; 1800 priv->reg.rate_set.body[10] = TX_RATE_48M; 1801 priv->reg.rate_set.body[9] = TX_RATE_36M; 1802 priv->reg.rate_set.body[8] = TX_RATE_18M; 1803 priv->reg.rate_set.body[7] = TX_RATE_9M; 1804 priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE; 1805 priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE; 1806 priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE; 1807 priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE; 1808 priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE; 1809 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE; 1810 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE; 1811 priv->reg.rate_set.size = 12; 1812 } 1813 } 1814 1815 /* rate mask by phy setting */ 1816 if (priv->reg.phy_type == D_11B_ONLY_MODE) { 1817 for (i = 0; i < priv->reg.rate_set.size; i++) { 1818 if (!is_11b_rate(priv->reg.rate_set.body[i])) 1819 break; 1820 1821 if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) { 1822 rate_octet[i] = priv->reg.rate_set.body[i] & 1823 RATE_MASK; 1824 } else { 1825 rate_octet[i] = priv->reg.rate_set.body[i]; 1826 } 1827 } 1828 1829 } else { /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */ 1830 for (i = 0; i < priv->reg.rate_set.size; i++) { 1831 if (!is_11bg_rate(priv->reg.rate_set.body[i])) 1832 break; 1833 1834 if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) { 1835 rate_octet[i] = priv->reg.rate_set.body[i] & 1836 RATE_MASK; 1837 } else { 1838 rate_octet[i] = priv->reg.rate_set.body[i]; 1839 } 1840 } 1841 } 1842 rate_size = i; 1843 if (rate_size == 0) { 1844 if (priv->reg.phy_type == D_11G_ONLY_MODE) 1845 rate_octet[0] = TX_RATE_6M | BASIC_RATE; 1846 else 1847 rate_octet[0] = TX_RATE_2M | BASIC_RATE; 1848 rate_size = 1; 1849 } 1850 1851 /* rate set update */ 1852 priv->reg.rate_set.size = rate_size; 1853 memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size); 1854 1855 switch (priv->reg.operation_mode) { 1856 case MODE_PSEUDO_ADHOC: 1857 hostif_ps_adhoc_set_request(priv); 1858 break; 1859 case MODE_INFRASTRUCTURE: 1860 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) { 1861 hostif_infrastructure_set_request(priv, 1862 HIF_INFRA_SET_REQ); 1863 } else { 1864 hostif_infrastructure_set_request(priv, 1865 HIF_INFRA_SET2_REQ); 1866 netdev_dbg(priv->net_dev, 1867 "Infra bssid = %pM\n", priv->reg.bssid); 1868 } 1869 break; 1870 case MODE_ADHOC: 1871 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) { 1872 hostif_adhoc_set_request(priv); 1873 } else { 1874 hostif_adhoc_set2_request(priv); 1875 netdev_dbg(priv->net_dev, 1876 "Adhoc bssid = %pM\n", priv->reg.bssid); 1877 } 1878 break; 1879 default: 1880 break; 1881 } 1882} 1883 1884static 1885void hostif_sme_multicast_set(struct ks_wlan_private *priv) 1886{ 1887 struct net_device *dev = priv->net_dev; 1888 int mc_count; 1889 struct netdev_hw_addr *ha; 1890 char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN]; 1891 int i = 0; 1892 1893 spin_lock(&priv->multicast_spin); 1894 1895 memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN); 1896 1897 if (dev->flags & IFF_PROMISC) { 1898 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1899 MCAST_FILTER_PROMISC); 1900 goto spin_unlock; 1901 } 1902 1903 if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) || 1904 (dev->flags & IFF_ALLMULTI)) { 1905 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1906 MCAST_FILTER_MCASTALL); 1907 goto spin_unlock; 1908 } 1909 1910 if (priv->sme_i.sme_flag & SME_MULTICAST) { 1911 mc_count = netdev_mc_count(dev); 1912 netdev_for_each_mc_addr(ha, dev) { 1913 ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr); 1914 i++; 1915 } 1916 priv->sme_i.sme_flag &= ~SME_MULTICAST; 1917 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS, 1918 &set_address[0], 1919 ETH_ALEN * mc_count); 1920 } else { 1921 priv->sme_i.sme_flag |= SME_MULTICAST; 1922 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER, 1923 MCAST_FILTER_MCAST); 1924 } 1925 1926spin_unlock: 1927 spin_unlock(&priv->multicast_spin); 1928} 1929 1930static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv) 1931{ 1932 u32 mode, wake_up, receive_dtims; 1933 1934 if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 && 1935 priv->reg.power_mgmt != POWER_MGMT_SAVE2) { 1936 mode = POWER_ACTIVE; 1937 wake_up = 0; 1938 receive_dtims = 0; 1939 } else { 1940 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ? 1941 POWER_SAVE : POWER_ACTIVE; 1942 wake_up = 0; 1943 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE && 1944 priv->reg.power_mgmt == POWER_MGMT_SAVE2); 1945 } 1946 1947 hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims); 1948} 1949 1950static void hostif_sme_sleep_set(struct ks_wlan_private *priv) 1951{ 1952 if (priv->sleep_mode != SLP_SLEEP && 1953 priv->sleep_mode != SLP_ACTIVE) 1954 return; 1955 1956 hostif_sleep_request(priv, priv->sleep_mode); 1957} 1958 1959static 1960void hostif_sme_set_key(struct ks_wlan_private *priv, int type) 1961{ 1962 switch (type) { 1963 case SME_SET_FLAG: 1964 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED, 1965 priv->reg.privacy_invoked); 1966 break; 1967 case SME_SET_TXKEY: 1968 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID, 1969 priv->wpa.txkey); 1970 break; 1971 case SME_SET_KEY1: 1972 hostif_mib_set_request_ostring(priv, 1973 DOT11_WEP_DEFAULT_KEY_VALUE1, 1974 &priv->wpa.key[0].key_val[0], 1975 priv->wpa.key[0].key_len); 1976 break; 1977 case SME_SET_KEY2: 1978 hostif_mib_set_request_ostring(priv, 1979 DOT11_WEP_DEFAULT_KEY_VALUE2, 1980 &priv->wpa.key[1].key_val[0], 1981 priv->wpa.key[1].key_len); 1982 break; 1983 case SME_SET_KEY3: 1984 hostif_mib_set_request_ostring(priv, 1985 DOT11_WEP_DEFAULT_KEY_VALUE3, 1986 &priv->wpa.key[2].key_val[0], 1987 priv->wpa.key[2].key_len); 1988 break; 1989 case SME_SET_KEY4: 1990 hostif_mib_set_request_ostring(priv, 1991 DOT11_WEP_DEFAULT_KEY_VALUE4, 1992 &priv->wpa.key[3].key_val[0], 1993 priv->wpa.key[3].key_len); 1994 break; 1995 case SME_SET_PMK_TSC: 1996 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC, 1997 &priv->wpa.key[0].rx_seq[0], 1998 WPA_RX_SEQ_LEN); 1999 break; 2000 case SME_SET_GMK1_TSC: 2001 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC, 2002 &priv->wpa.key[1].rx_seq[0], 2003 WPA_RX_SEQ_LEN); 2004 break; 2005 case SME_SET_GMK2_TSC: 2006 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC, 2007 &priv->wpa.key[2].rx_seq[0], 2008 WPA_RX_SEQ_LEN); 2009 break; 2010 } 2011} 2012 2013static 2014void hostif_sme_set_pmksa(struct ks_wlan_private *priv) 2015{ 2016 struct pmk_cache { 2017 __le16 size; 2018 struct { 2019 u8 bssid[ETH_ALEN]; 2020 u8 pmkid[IW_PMKID_LEN]; 2021 } __packed list[PMK_LIST_MAX]; 2022 } __packed pmkcache; 2023 struct pmk *pmk; 2024 size_t size; 2025 int i = 0; 2026 2027 list_for_each_entry(pmk, &priv->pmklist.head, list) { 2028 if (i >= PMK_LIST_MAX) 2029 break; 2030 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid); 2031 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN); 2032 i++; 2033 } 2034 pmkcache.size = cpu_to_le16(priv->pmklist.size); 2035 size = sizeof(priv->pmklist.size) + 2036 ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size); 2037 hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size); 2038} 2039 2040/* execute sme */ 2041static void hostif_sme_execute(struct ks_wlan_private *priv, int event) 2042{ 2043 u16 failure; 2044 2045 switch (event) { 2046 case SME_START: 2047 if (priv->dev_state == DEVICE_STATE_BOOT) 2048 hostif_mib_get_request(priv, DOT11_MAC_ADDRESS); 2049 break; 2050 case SME_MULTICAST_REQUEST: 2051 hostif_sme_multicast_set(priv); 2052 break; 2053 case SME_MACADDRESS_SET_REQUEST: 2054 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS, 2055 &priv->eth_addr[0], ETH_ALEN); 2056 break; 2057 case SME_BSS_SCAN_REQUEST: 2058 hostif_bss_scan_request(priv, priv->reg.scan_type, 2059 priv->scan_ssid, priv->scan_ssid_len); 2060 break; 2061 case SME_POW_MNGMT_REQUEST: 2062 hostif_sme_power_mgmt_set(priv); 2063 break; 2064 case SME_PHY_INFO_REQUEST: 2065 hostif_phy_information_request(priv); 2066 break; 2067 case SME_MIC_FAILURE_REQUEST: 2068 failure = priv->wpa.mic_failure.failure; 2069 if (failure != 1 && failure != 2) { 2070 netdev_err(priv->net_dev, 2071 "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n", 2072 failure); 2073 return; 2074 } 2075 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ? 2076 0 : priv->wpa.mic_failure.counter); 2077 break; 2078 case SME_MIC_FAILURE_CONFIRM: 2079 if (priv->wpa.mic_failure.failure == 2) { 2080 if (priv->wpa.mic_failure.stop) 2081 priv->wpa.mic_failure.stop = 0; 2082 priv->wpa.mic_failure.failure = 0; 2083 hostif_start_request(priv, priv->reg.operation_mode); 2084 } 2085 break; 2086 case SME_GET_MAC_ADDRESS: 2087 if (priv->dev_state == DEVICE_STATE_BOOT) 2088 hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION); 2089 break; 2090 case SME_GET_PRODUCT_VERSION: 2091 if (priv->dev_state == DEVICE_STATE_BOOT) 2092 priv->dev_state = DEVICE_STATE_PREINIT; 2093 break; 2094 case SME_STOP_REQUEST: 2095 hostif_stop_request(priv); 2096 break; 2097 case SME_RTS_THRESHOLD_REQUEST: 2098 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD, 2099 priv->reg.rts); 2100 break; 2101 case SME_FRAGMENTATION_THRESHOLD_REQUEST: 2102 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD, 2103 priv->reg.fragment); 2104 break; 2105 case SME_WEP_INDEX_REQUEST: 2106 case SME_WEP_KEY1_REQUEST: 2107 case SME_WEP_KEY2_REQUEST: 2108 case SME_WEP_KEY3_REQUEST: 2109 case SME_WEP_KEY4_REQUEST: 2110 case SME_WEP_FLAG_REQUEST: 2111 hostif_sme_set_wep(priv, event); 2112 break; 2113 case SME_RSN_UCAST_REQUEST: 2114 case SME_RSN_MCAST_REQUEST: 2115 case SME_RSN_AUTH_REQUEST: 2116 case SME_RSN_ENABLED_REQUEST: 2117 case SME_RSN_MODE_REQUEST: 2118 hostif_sme_set_rsn(priv, event); 2119 break; 2120 case SME_SET_FLAG: 2121 case SME_SET_TXKEY: 2122 case SME_SET_KEY1: 2123 case SME_SET_KEY2: 2124 case SME_SET_KEY3: 2125 case SME_SET_KEY4: 2126 case SME_SET_PMK_TSC: 2127 case SME_SET_GMK1_TSC: 2128 case SME_SET_GMK2_TSC: 2129 hostif_sme_set_key(priv, event); 2130 break; 2131 case SME_SET_PMKSA: 2132 hostif_sme_set_pmksa(priv); 2133 break; 2134 case SME_WPS_ENABLE_REQUEST: 2135 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE, 2136 priv->wps.wps_enabled); 2137 break; 2138 case SME_WPS_PROBE_REQUEST: 2139 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ, 2140 priv->wps.ie, priv->wps.ielen); 2141 break; 2142 case SME_MODE_SET_REQUEST: 2143 hostif_sme_mode_setup(priv); 2144 break; 2145 case SME_SET_GAIN: 2146 hostif_mib_set_request_ostring(priv, LOCAL_GAIN, 2147 &priv->gain, sizeof(priv->gain)); 2148 break; 2149 case SME_GET_GAIN: 2150 hostif_mib_get_request(priv, LOCAL_GAIN); 2151 break; 2152 case SME_GET_EEPROM_CKSUM: 2153 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT; /* initialize */ 2154 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM); 2155 break; 2156 case SME_START_REQUEST: 2157 hostif_start_request(priv, priv->reg.operation_mode); 2158 break; 2159 case SME_START_CONFIRM: 2160 /* for power save */ 2161 atomic_set(&priv->psstatus.snooze_guard, 0); 2162 atomic_set(&priv->psstatus.confirm_wait, 0); 2163 if (priv->dev_state == DEVICE_STATE_PREINIT) 2164 priv->dev_state = DEVICE_STATE_INIT; 2165 /* wake_up_interruptible_all(&priv->confirm_wait); */ 2166 complete(&priv->confirm_wait); 2167 break; 2168 case SME_SLEEP_REQUEST: 2169 hostif_sme_sleep_set(priv); 2170 break; 2171 case SME_SET_REGION: 2172 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region); 2173 break; 2174 case SME_MULTICAST_CONFIRM: 2175 case SME_BSS_SCAN_CONFIRM: 2176 case SME_POW_MNGMT_CONFIRM: 2177 case SME_PHY_INFO_CONFIRM: 2178 case SME_STOP_CONFIRM: 2179 case SME_RTS_THRESHOLD_CONFIRM: 2180 case SME_FRAGMENTATION_THRESHOLD_CONFIRM: 2181 case SME_WEP_INDEX_CONFIRM: 2182 case SME_WEP_KEY1_CONFIRM: 2183 case SME_WEP_KEY2_CONFIRM: 2184 case SME_WEP_KEY3_CONFIRM: 2185 case SME_WEP_KEY4_CONFIRM: 2186 case SME_WEP_FLAG_CONFIRM: 2187 case SME_RSN_UCAST_CONFIRM: 2188 case SME_RSN_MCAST_CONFIRM: 2189 case SME_RSN_AUTH_CONFIRM: 2190 case SME_RSN_ENABLED_CONFIRM: 2191 case SME_RSN_MODE_CONFIRM: 2192 case SME_MODE_SET_CONFIRM: 2193 case SME_TERMINATE: 2194 default: 2195 break; 2196 } 2197} 2198 2199static void hostif_sme_work(struct work_struct *work) 2200{ 2201 struct ks_wlan_private *priv; 2202 2203 priv = container_of(work, struct ks_wlan_private, sme_work); 2204 2205 if (priv->dev_state < DEVICE_STATE_BOOT) 2206 return; 2207 2208 if (cnt_smeqbody(priv) <= 0) 2209 return; 2210 2211 hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]); 2212 inc_smeqhead(priv); 2213 if (cnt_smeqbody(priv) > 0) 2214 schedule_work(&priv->sme_work); 2215} 2216 2217/* send to Station Management Entity module */ 2218void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event) 2219{ 2220 /* enqueue sme event */ 2221 if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) { 2222 priv->sme_i.event_buff[priv->sme_i.qtail] = event; 2223 inc_smeqtail(priv); 2224 } else { 2225 /* in case of buffer overflow */ 2226 netdev_err(priv->net_dev, "sme queue buffer overflow\n"); 2227 } 2228 2229 schedule_work(&priv->sme_work); 2230} 2231 2232static inline void hostif_aplist_init(struct ks_wlan_private *priv) 2233{ 2234 size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap); 2235 2236 priv->aplist.size = 0; 2237 memset(&priv->aplist.ap[0], 0, size); 2238} 2239 2240static inline void hostif_status_init(struct ks_wlan_private *priv) 2241{ 2242 priv->infra_status = 0; 2243 priv->current_rate = 4; 2244 priv->connect_status = DISCONNECT_STATUS; 2245} 2246 2247static inline void hostif_sme_init(struct ks_wlan_private *priv) 2248{ 2249 priv->sme_i.sme_status = SME_IDLE; 2250 priv->sme_i.qhead = 0; 2251 priv->sme_i.qtail = 0; 2252 spin_lock_init(&priv->sme_i.sme_spin); 2253 priv->sme_i.sme_flag = 0; 2254 INIT_WORK(&priv->sme_work, hostif_sme_work); 2255} 2256 2257static inline void hostif_wpa_init(struct ks_wlan_private *priv) 2258{ 2259 memset(&priv->wpa, 0, sizeof(priv->wpa)); 2260 priv->wpa.rsn_enabled = false; 2261 priv->wpa.mic_failure.failure = 0; 2262 priv->wpa.mic_failure.last_failure_time = 0; 2263 priv->wpa.mic_failure.stop = 0; 2264} 2265 2266static inline void hostif_power_save_init(struct ks_wlan_private *priv) 2267{ 2268 atomic_set(&priv->psstatus.status, PS_NONE); 2269 atomic_set(&priv->psstatus.confirm_wait, 0); 2270 atomic_set(&priv->psstatus.snooze_guard, 0); 2271 init_completion(&priv->psstatus.wakeup_wait); 2272 INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task); 2273} 2274 2275static inline void hostif_pmklist_init(struct ks_wlan_private *priv) 2276{ 2277 int i; 2278 2279 memset(&priv->pmklist, 0, sizeof(priv->pmklist)); 2280 INIT_LIST_HEAD(&priv->pmklist.head); 2281 for (i = 0; i < PMK_LIST_MAX; i++) 2282 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list); 2283} 2284 2285static inline void hostif_counters_init(struct ks_wlan_private *priv) 2286{ 2287 priv->dev_count = 0; 2288 atomic_set(&priv->event_count, 0); 2289 atomic_set(&priv->rec_count, 0); 2290} 2291 2292int hostif_init(struct ks_wlan_private *priv) 2293{ 2294 hostif_aplist_init(priv); 2295 hostif_status_init(priv); 2296 2297 spin_lock_init(&priv->multicast_spin); 2298 spin_lock_init(&priv->dev_read_lock); 2299 init_waitqueue_head(&priv->devread_wait); 2300 2301 hostif_counters_init(priv); 2302 hostif_power_save_init(priv); 2303 hostif_wpa_init(priv); 2304 hostif_pmklist_init(priv); 2305 hostif_sme_init(priv); 2306 2307 return 0; 2308} 2309 2310void hostif_exit(struct ks_wlan_private *priv) 2311{ 2312 cancel_work_sync(&priv->sme_work); 2313}