diff options
Diffstat (limited to 'net/mac80211/ieee80211.c')
-rw-r--r-- | net/mac80211/ieee80211.c | 1373 |
1 files changed, 8 insertions, 1365 deletions
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c index ff2172ffd861..c0094209bed9 100644 --- a/net/mac80211/ieee80211.c +++ b/net/mac80211/ieee80211.c | |||
@@ -45,11 +45,11 @@ void *mac80211_wiphy_privid = &mac80211_wiphy_privid; | |||
45 | 45 | ||
46 | /* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */ | 46 | /* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */ |
47 | /* Ethernet-II snap header (RFC1042 for most EtherTypes) */ | 47 | /* Ethernet-II snap header (RFC1042 for most EtherTypes) */ |
48 | static const unsigned char rfc1042_header[] = | 48 | const unsigned char rfc1042_header[] = |
49 | { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; | 49 | { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; |
50 | 50 | ||
51 | /* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */ | 51 | /* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */ |
52 | static const unsigned char bridge_tunnel_header[] = | 52 | const unsigned char bridge_tunnel_header[] = |
53 | { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 }; | 53 | { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 }; |
54 | 54 | ||
55 | /* No encapsulation header if EtherType < 0x600 (=length) */ | 55 | /* No encapsulation header if EtherType < 0x600 (=length) */ |
@@ -222,9 +222,9 @@ void ieee80211_prepare_rates(struct ieee80211_local *local, | |||
222 | } | 222 | } |
223 | 223 | ||
224 | 224 | ||
225 | static void ieee80211_key_threshold_notify(struct net_device *dev, | 225 | void ieee80211_key_threshold_notify(struct net_device *dev, |
226 | struct ieee80211_key *key, | 226 | struct ieee80211_key *key, |
227 | struct sta_info *sta) | 227 | struct sta_info *sta) |
228 | { | 228 | { |
229 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); | 229 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
230 | struct sk_buff *skb; | 230 | struct sk_buff *skb; |
@@ -258,7 +258,7 @@ static void ieee80211_key_threshold_notify(struct net_device *dev, | |||
258 | } | 258 | } |
259 | 259 | ||
260 | 260 | ||
261 | static u8 * ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len) | 261 | u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len) |
262 | { | 262 | { |
263 | u16 fc; | 263 | u16 fc; |
264 | 264 | ||
@@ -345,13 +345,6 @@ int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb) | |||
345 | } | 345 | } |
346 | EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb); | 346 | EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb); |
347 | 347 | ||
348 | static int ieee80211_get_radiotap_len(struct sk_buff *skb) | ||
349 | { | ||
350 | struct ieee80211_radiotap_header *hdr = | ||
351 | (struct ieee80211_radiotap_header *) skb->data; | ||
352 | |||
353 | return le16_to_cpu(hdr->it_len); | ||
354 | } | ||
355 | 348 | ||
356 | #ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP | 349 | #ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP |
357 | static void ieee80211_dump_frame(const char *ifname, const char *title, | 350 | static void ieee80211_dump_frame(const char *ifname, const char *title, |
@@ -392,7 +385,7 @@ static inline void ieee80211_dump_frame(const char *ifname, const char *title, | |||
392 | #endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */ | 385 | #endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */ |
393 | 386 | ||
394 | 387 | ||
395 | static int ieee80211_is_eapol(const struct sk_buff *skb) | 388 | int ieee80211_is_eapol(const struct sk_buff *skb) |
396 | { | 389 | { |
397 | const struct ieee80211_hdr *hdr; | 390 | const struct ieee80211_hdr *hdr; |
398 | u16 fc; | 391 | u16 fc; |
@@ -2762,188 +2755,7 @@ static int header_parse_80211(struct sk_buff *skb, unsigned char *haddr) | |||
2762 | return ETH_ALEN; | 2755 | return ETH_ALEN; |
2763 | } | 2756 | } |
2764 | 2757 | ||
2765 | static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr) | 2758 | struct ieee80211_rate * |
2766 | { | ||
2767 | return compare_ether_addr(raddr, addr) == 0 || | ||
2768 | is_broadcast_ether_addr(raddr); | ||
2769 | } | ||
2770 | |||
2771 | |||
2772 | static ieee80211_txrx_result | ||
2773 | ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) | ||
2774 | { | ||
2775 | struct net_device *dev = rx->dev; | ||
2776 | struct ieee80211_local *local = rx->local; | ||
2777 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; | ||
2778 | u16 fc, hdrlen, ethertype; | ||
2779 | u8 *payload; | ||
2780 | u8 dst[ETH_ALEN]; | ||
2781 | u8 src[ETH_ALEN]; | ||
2782 | struct sk_buff *skb = rx->skb, *skb2; | ||
2783 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); | ||
2784 | |||
2785 | fc = rx->fc; | ||
2786 | if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) | ||
2787 | return TXRX_CONTINUE; | ||
2788 | |||
2789 | if (unlikely(!WLAN_FC_DATA_PRESENT(fc))) | ||
2790 | return TXRX_DROP; | ||
2791 | |||
2792 | hdrlen = ieee80211_get_hdrlen(fc); | ||
2793 | |||
2794 | /* convert IEEE 802.11 header + possible LLC headers into Ethernet | ||
2795 | * header | ||
2796 | * IEEE 802.11 address fields: | ||
2797 | * ToDS FromDS Addr1 Addr2 Addr3 Addr4 | ||
2798 | * 0 0 DA SA BSSID n/a | ||
2799 | * 0 1 DA BSSID SA n/a | ||
2800 | * 1 0 BSSID SA DA n/a | ||
2801 | * 1 1 RA TA DA SA | ||
2802 | */ | ||
2803 | |||
2804 | switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) { | ||
2805 | case IEEE80211_FCTL_TODS: | ||
2806 | /* BSSID SA DA */ | ||
2807 | memcpy(dst, hdr->addr3, ETH_ALEN); | ||
2808 | memcpy(src, hdr->addr2, ETH_ALEN); | ||
2809 | |||
2810 | if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP && | ||
2811 | sdata->type != IEEE80211_IF_TYPE_VLAN)) { | ||
2812 | printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID=" | ||
2813 | MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n", | ||
2814 | dev->name, MAC_ARG(hdr->addr1), | ||
2815 | MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3)); | ||
2816 | return TXRX_DROP; | ||
2817 | } | ||
2818 | break; | ||
2819 | case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS): | ||
2820 | /* RA TA DA SA */ | ||
2821 | memcpy(dst, hdr->addr3, ETH_ALEN); | ||
2822 | memcpy(src, hdr->addr4, ETH_ALEN); | ||
2823 | |||
2824 | if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) { | ||
2825 | printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA=" | ||
2826 | MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA=" | ||
2827 | MAC_FMT ")\n", | ||
2828 | rx->dev->name, MAC_ARG(hdr->addr1), | ||
2829 | MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3), | ||
2830 | MAC_ARG(hdr->addr4)); | ||
2831 | return TXRX_DROP; | ||
2832 | } | ||
2833 | break; | ||
2834 | case IEEE80211_FCTL_FROMDS: | ||
2835 | /* DA BSSID SA */ | ||
2836 | memcpy(dst, hdr->addr1, ETH_ALEN); | ||
2837 | memcpy(src, hdr->addr3, ETH_ALEN); | ||
2838 | |||
2839 | if (sdata->type != IEEE80211_IF_TYPE_STA) { | ||
2840 | return TXRX_DROP; | ||
2841 | } | ||
2842 | break; | ||
2843 | case 0: | ||
2844 | /* DA SA BSSID */ | ||
2845 | memcpy(dst, hdr->addr1, ETH_ALEN); | ||
2846 | memcpy(src, hdr->addr2, ETH_ALEN); | ||
2847 | |||
2848 | if (sdata->type != IEEE80211_IF_TYPE_IBSS) { | ||
2849 | if (net_ratelimit()) { | ||
2850 | printk(KERN_DEBUG "%s: dropped IBSS frame (DA=" | ||
2851 | MAC_FMT " SA=" MAC_FMT " BSSID=" MAC_FMT | ||
2852 | ")\n", | ||
2853 | dev->name, MAC_ARG(hdr->addr1), | ||
2854 | MAC_ARG(hdr->addr2), | ||
2855 | MAC_ARG(hdr->addr3)); | ||
2856 | } | ||
2857 | return TXRX_DROP; | ||
2858 | } | ||
2859 | break; | ||
2860 | } | ||
2861 | |||
2862 | payload = skb->data + hdrlen; | ||
2863 | |||
2864 | if (unlikely(skb->len - hdrlen < 8)) { | ||
2865 | if (net_ratelimit()) { | ||
2866 | printk(KERN_DEBUG "%s: RX too short data frame " | ||
2867 | "payload\n", dev->name); | ||
2868 | } | ||
2869 | return TXRX_DROP; | ||
2870 | } | ||
2871 | |||
2872 | ethertype = (payload[6] << 8) | payload[7]; | ||
2873 | |||
2874 | if (likely((compare_ether_addr(payload, rfc1042_header) == 0 && | ||
2875 | ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) || | ||
2876 | compare_ether_addr(payload, bridge_tunnel_header) == 0)) { | ||
2877 | /* remove RFC1042 or Bridge-Tunnel encapsulation and | ||
2878 | * replace EtherType */ | ||
2879 | skb_pull(skb, hdrlen + 6); | ||
2880 | memcpy(skb_push(skb, ETH_ALEN), src, ETH_ALEN); | ||
2881 | memcpy(skb_push(skb, ETH_ALEN), dst, ETH_ALEN); | ||
2882 | } else { | ||
2883 | struct ethhdr *ehdr; | ||
2884 | __be16 len; | ||
2885 | skb_pull(skb, hdrlen); | ||
2886 | len = htons(skb->len); | ||
2887 | ehdr = (struct ethhdr *) skb_push(skb, sizeof(struct ethhdr)); | ||
2888 | memcpy(ehdr->h_dest, dst, ETH_ALEN); | ||
2889 | memcpy(ehdr->h_source, src, ETH_ALEN); | ||
2890 | ehdr->h_proto = len; | ||
2891 | } | ||
2892 | skb->dev = dev; | ||
2893 | |||
2894 | skb2 = NULL; | ||
2895 | |||
2896 | sdata->stats.rx_packets++; | ||
2897 | sdata->stats.rx_bytes += skb->len; | ||
2898 | |||
2899 | if (local->bridge_packets && (sdata->type == IEEE80211_IF_TYPE_AP | ||
2900 | || sdata->type == IEEE80211_IF_TYPE_VLAN) && rx->u.rx.ra_match) { | ||
2901 | if (is_multicast_ether_addr(skb->data)) { | ||
2902 | /* send multicast frames both to higher layers in | ||
2903 | * local net stack and back to the wireless media */ | ||
2904 | skb2 = skb_copy(skb, GFP_ATOMIC); | ||
2905 | if (!skb2) | ||
2906 | printk(KERN_DEBUG "%s: failed to clone " | ||
2907 | "multicast frame\n", dev->name); | ||
2908 | } else { | ||
2909 | struct sta_info *dsta; | ||
2910 | dsta = sta_info_get(local, skb->data); | ||
2911 | if (dsta && !dsta->dev) { | ||
2912 | printk(KERN_DEBUG "Station with null dev " | ||
2913 | "structure!\n"); | ||
2914 | } else if (dsta && dsta->dev == dev) { | ||
2915 | /* Destination station is associated to this | ||
2916 | * AP, so send the frame directly to it and | ||
2917 | * do not pass the frame to local net stack. | ||
2918 | */ | ||
2919 | skb2 = skb; | ||
2920 | skb = NULL; | ||
2921 | } | ||
2922 | if (dsta) | ||
2923 | sta_info_put(dsta); | ||
2924 | } | ||
2925 | } | ||
2926 | |||
2927 | if (skb) { | ||
2928 | /* deliver to local stack */ | ||
2929 | skb->protocol = eth_type_trans(skb, dev); | ||
2930 | memset(skb->cb, 0, sizeof(skb->cb)); | ||
2931 | netif_rx(skb); | ||
2932 | } | ||
2933 | |||
2934 | if (skb2) { | ||
2935 | /* send to wireless media */ | ||
2936 | skb2->protocol = __constant_htons(ETH_P_802_3); | ||
2937 | skb_set_network_header(skb2, 0); | ||
2938 | skb_set_mac_header(skb2, 0); | ||
2939 | dev_queue_xmit(skb2); | ||
2940 | } | ||
2941 | |||
2942 | return TXRX_QUEUED; | ||
2943 | } | ||
2944 | |||
2945 | |||
2946 | static struct ieee80211_rate * | ||
2947 | ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate) | 2759 | ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate) |
2948 | { | 2760 | { |
2949 | struct ieee80211_hw_mode *mode; | 2761 | struct ieee80211_hw_mode *mode; |
@@ -3071,69 +2883,6 @@ ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb, | |||
3071 | netif_rx(skb); | 2883 | netif_rx(skb); |
3072 | } | 2884 | } |
3073 | 2885 | ||
3074 | static void | ||
3075 | ieee80211_rx_monitor(struct net_device *dev, struct sk_buff *skb, | ||
3076 | struct ieee80211_rx_status *status) | ||
3077 | { | ||
3078 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); | ||
3079 | struct ieee80211_sub_if_data *sdata; | ||
3080 | struct ieee80211_rate *rate; | ||
3081 | struct ieee80211_rtap_hdr { | ||
3082 | struct ieee80211_radiotap_header hdr; | ||
3083 | u8 flags; | ||
3084 | u8 rate; | ||
3085 | __le16 chan_freq; | ||
3086 | __le16 chan_flags; | ||
3087 | u8 antsignal; | ||
3088 | } __attribute__ ((packed)) *rthdr; | ||
3089 | |||
3090 | skb->dev = dev; | ||
3091 | |||
3092 | sdata = IEEE80211_DEV_TO_SUB_IF(dev); | ||
3093 | |||
3094 | if (status->flag & RX_FLAG_RADIOTAP) | ||
3095 | goto out; | ||
3096 | |||
3097 | if (skb_headroom(skb) < sizeof(*rthdr)) { | ||
3098 | I802_DEBUG_INC(local->rx_expand_skb_head); | ||
3099 | if (pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) { | ||
3100 | dev_kfree_skb(skb); | ||
3101 | return; | ||
3102 | } | ||
3103 | } | ||
3104 | |||
3105 | rthdr = (struct ieee80211_rtap_hdr *) skb_push(skb, sizeof(*rthdr)); | ||
3106 | memset(rthdr, 0, sizeof(*rthdr)); | ||
3107 | rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr)); | ||
3108 | rthdr->hdr.it_present = | ||
3109 | cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) | | ||
3110 | (1 << IEEE80211_RADIOTAP_RATE) | | ||
3111 | (1 << IEEE80211_RADIOTAP_CHANNEL) | | ||
3112 | (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL)); | ||
3113 | rthdr->flags = local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS ? | ||
3114 | IEEE80211_RADIOTAP_F_FCS : 0; | ||
3115 | rate = ieee80211_get_rate(local, status->phymode, status->rate); | ||
3116 | if (rate) | ||
3117 | rthdr->rate = rate->rate / 5; | ||
3118 | rthdr->chan_freq = cpu_to_le16(status->freq); | ||
3119 | rthdr->chan_flags = | ||
3120 | status->phymode == MODE_IEEE80211A ? | ||
3121 | cpu_to_le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ) : | ||
3122 | cpu_to_le16(IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ); | ||
3123 | rthdr->antsignal = status->ssi; | ||
3124 | |||
3125 | out: | ||
3126 | sdata->stats.rx_packets++; | ||
3127 | sdata->stats.rx_bytes += skb->len; | ||
3128 | |||
3129 | skb_set_mac_header(skb, 0); | ||
3130 | skb->ip_summed = CHECKSUM_UNNECESSARY; | ||
3131 | skb->pkt_type = PACKET_OTHERHOST; | ||
3132 | skb->protocol = htons(ETH_P_802_2); | ||
3133 | memset(skb->cb, 0, sizeof(skb->cb)); | ||
3134 | netif_rx(skb); | ||
3135 | } | ||
3136 | |||
3137 | int ieee80211_radar_status(struct ieee80211_hw *hw, int channel, | 2886 | int ieee80211_radar_status(struct ieee80211_hw *hw, int channel, |
3138 | int radar, int radar_type) | 2887 | int radar, int radar_type) |
3139 | { | 2888 | { |
@@ -3163,1000 +2912,6 @@ int ieee80211_radar_status(struct ieee80211_hw *hw, int channel, | |||
3163 | EXPORT_SYMBOL(ieee80211_radar_status); | 2912 | EXPORT_SYMBOL(ieee80211_radar_status); |
3164 | 2913 | ||
3165 | 2914 | ||
3166 | static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta) | ||
3167 | { | ||
3168 | struct ieee80211_sub_if_data *sdata; | ||
3169 | sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); | ||
3170 | |||
3171 | if (sdata->bss) | ||
3172 | atomic_inc(&sdata->bss->num_sta_ps); | ||
3173 | sta->flags |= WLAN_STA_PS; | ||
3174 | sta->pspoll = 0; | ||
3175 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG | ||
3176 | printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d enters power " | ||
3177 | "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid); | ||
3178 | #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ | ||
3179 | } | ||
3180 | |||
3181 | |||
3182 | static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta) | ||
3183 | { | ||
3184 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); | ||
3185 | struct sk_buff *skb; | ||
3186 | int sent = 0; | ||
3187 | struct ieee80211_sub_if_data *sdata; | ||
3188 | struct ieee80211_tx_packet_data *pkt_data; | ||
3189 | |||
3190 | sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); | ||
3191 | if (sdata->bss) | ||
3192 | atomic_dec(&sdata->bss->num_sta_ps); | ||
3193 | sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM); | ||
3194 | sta->pspoll = 0; | ||
3195 | if (!skb_queue_empty(&sta->ps_tx_buf)) { | ||
3196 | if (local->ops->set_tim) | ||
3197 | local->ops->set_tim(local_to_hw(local), sta->aid, 0); | ||
3198 | if (sdata->bss) | ||
3199 | bss_tim_clear(local, sdata->bss, sta->aid); | ||
3200 | } | ||
3201 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG | ||
3202 | printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d exits power " | ||
3203 | "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid); | ||
3204 | #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ | ||
3205 | /* Send all buffered frames to the station */ | ||
3206 | while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { | ||
3207 | pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; | ||
3208 | sent++; | ||
3209 | pkt_data->requeue = 1; | ||
3210 | dev_queue_xmit(skb); | ||
3211 | } | ||
3212 | while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { | ||
3213 | pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; | ||
3214 | local->total_ps_buffered--; | ||
3215 | sent++; | ||
3216 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG | ||
3217 | printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d send PS frame " | ||
3218 | "since STA not sleeping anymore\n", dev->name, | ||
3219 | MAC_ARG(sta->addr), sta->aid); | ||
3220 | #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ | ||
3221 | pkt_data->requeue = 1; | ||
3222 | dev_queue_xmit(skb); | ||
3223 | } | ||
3224 | |||
3225 | return sent; | ||
3226 | } | ||
3227 | |||
3228 | |||
3229 | static ieee80211_txrx_result | ||
3230 | ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx) | ||
3231 | { | ||
3232 | struct sk_buff *skb; | ||
3233 | int no_pending_pkts; | ||
3234 | |||
3235 | if (likely(!rx->sta || | ||
3236 | (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL || | ||
3237 | (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL || | ||
3238 | !rx->u.rx.ra_match)) | ||
3239 | return TXRX_CONTINUE; | ||
3240 | |||
3241 | skb = skb_dequeue(&rx->sta->tx_filtered); | ||
3242 | if (!skb) { | ||
3243 | skb = skb_dequeue(&rx->sta->ps_tx_buf); | ||
3244 | if (skb) | ||
3245 | rx->local->total_ps_buffered--; | ||
3246 | } | ||
3247 | no_pending_pkts = skb_queue_empty(&rx->sta->tx_filtered) && | ||
3248 | skb_queue_empty(&rx->sta->ps_tx_buf); | ||
3249 | |||
3250 | if (skb) { | ||
3251 | struct ieee80211_hdr *hdr = | ||
3252 | (struct ieee80211_hdr *) skb->data; | ||
3253 | |||
3254 | /* tell TX path to send one frame even though the STA may | ||
3255 | * still remain is PS mode after this frame exchange */ | ||
3256 | rx->sta->pspoll = 1; | ||
3257 | |||
3258 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG | ||
3259 | printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS Poll (entries " | ||
3260 | "after %d)\n", | ||
3261 | MAC_ARG(rx->sta->addr), rx->sta->aid, | ||
3262 | skb_queue_len(&rx->sta->ps_tx_buf)); | ||
3263 | #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ | ||
3264 | |||
3265 | /* Use MoreData flag to indicate whether there are more | ||
3266 | * buffered frames for this STA */ | ||
3267 | if (no_pending_pkts) { | ||
3268 | hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA); | ||
3269 | rx->sta->flags &= ~WLAN_STA_TIM; | ||
3270 | } else | ||
3271 | hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA); | ||
3272 | |||
3273 | dev_queue_xmit(skb); | ||
3274 | |||
3275 | if (no_pending_pkts) { | ||
3276 | if (rx->local->ops->set_tim) | ||
3277 | rx->local->ops->set_tim(local_to_hw(rx->local), | ||
3278 | rx->sta->aid, 0); | ||
3279 | if (rx->sdata->bss) | ||
3280 | bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid); | ||
3281 | } | ||
3282 | #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG | ||
3283 | } else if (!rx->u.rx.sent_ps_buffered) { | ||
3284 | printk(KERN_DEBUG "%s: STA " MAC_FMT " sent PS Poll even " | ||
3285 | "though there is no buffered frames for it\n", | ||
3286 | rx->dev->name, MAC_ARG(rx->sta->addr)); | ||
3287 | #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ | ||
3288 | |||
3289 | } | ||
3290 | |||
3291 | /* Free PS Poll skb here instead of returning TXRX_DROP that would | ||
3292 | * count as an dropped frame. */ | ||
3293 | dev_kfree_skb(rx->skb); | ||
3294 | |||
3295 | return TXRX_QUEUED; | ||
3296 | } | ||
3297 | |||
3298 | |||
3299 | static inline struct ieee80211_fragment_entry * | ||
3300 | ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata, | ||
3301 | unsigned int frag, unsigned int seq, int rx_queue, | ||
3302 | struct sk_buff **skb) | ||
3303 | { | ||
3304 | struct ieee80211_fragment_entry *entry; | ||
3305 | int idx; | ||
3306 | |||
3307 | idx = sdata->fragment_next; | ||
3308 | entry = &sdata->fragments[sdata->fragment_next++]; | ||
3309 | if (sdata->fragment_next >= IEEE80211_FRAGMENT_MAX) | ||
3310 | sdata->fragment_next = 0; | ||
3311 | |||
3312 | if (!skb_queue_empty(&entry->skb_list)) { | ||
3313 | #ifdef CONFIG_MAC80211_DEBUG | ||
3314 | struct ieee80211_hdr *hdr = | ||
3315 | (struct ieee80211_hdr *) entry->skb_list.next->data; | ||
3316 | printk(KERN_DEBUG "%s: RX reassembly removed oldest " | ||
3317 | "fragment entry (idx=%d age=%lu seq=%d last_frag=%d " | ||
3318 | "addr1=" MAC_FMT " addr2=" MAC_FMT "\n", | ||
3319 | sdata->dev->name, idx, | ||
3320 | jiffies - entry->first_frag_time, entry->seq, | ||
3321 | entry->last_frag, MAC_ARG(hdr->addr1), | ||
3322 | MAC_ARG(hdr->addr2)); | ||
3323 | #endif /* CONFIG_MAC80211_DEBUG */ | ||
3324 | __skb_queue_purge(&entry->skb_list); | ||
3325 | } | ||
3326 | |||
3327 | __skb_queue_tail(&entry->skb_list, *skb); /* no need for locking */ | ||
3328 | *skb = NULL; | ||
3329 | entry->first_frag_time = jiffies; | ||
3330 | entry->seq = seq; | ||
3331 | entry->rx_queue = rx_queue; | ||
3332 | entry->last_frag = frag; | ||
3333 | entry->ccmp = 0; | ||
3334 | entry->extra_len = 0; | ||
3335 | |||
3336 | return entry; | ||
3337 | } | ||
3338 | |||
3339 | |||
3340 | static inline struct ieee80211_fragment_entry * | ||
3341 | ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata, | ||
3342 | u16 fc, unsigned int frag, unsigned int seq, | ||
3343 | int rx_queue, struct ieee80211_hdr *hdr) | ||
3344 | { | ||
3345 | struct ieee80211_fragment_entry *entry; | ||
3346 | int i, idx; | ||
3347 | |||
3348 | idx = sdata->fragment_next; | ||
3349 | for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) { | ||
3350 | struct ieee80211_hdr *f_hdr; | ||
3351 | u16 f_fc; | ||
3352 | |||
3353 | idx--; | ||
3354 | if (idx < 0) | ||
3355 | idx = IEEE80211_FRAGMENT_MAX - 1; | ||
3356 | |||
3357 | entry = &sdata->fragments[idx]; | ||
3358 | if (skb_queue_empty(&entry->skb_list) || entry->seq != seq || | ||
3359 | entry->rx_queue != rx_queue || | ||
3360 | entry->last_frag + 1 != frag) | ||
3361 | continue; | ||
3362 | |||
3363 | f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data; | ||
3364 | f_fc = le16_to_cpu(f_hdr->frame_control); | ||
3365 | |||
3366 | if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) || | ||
3367 | compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 || | ||
3368 | compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0) | ||
3369 | continue; | ||
3370 | |||
3371 | if (entry->first_frag_time + 2 * HZ < jiffies) { | ||
3372 | __skb_queue_purge(&entry->skb_list); | ||
3373 | continue; | ||
3374 | } | ||
3375 | return entry; | ||
3376 | } | ||
3377 | |||
3378 | return NULL; | ||
3379 | } | ||
3380 | |||
3381 | |||
3382 | static ieee80211_txrx_result | ||
3383 | ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx) | ||
3384 | { | ||
3385 | struct ieee80211_hdr *hdr; | ||
3386 | u16 sc; | ||
3387 | unsigned int frag, seq; | ||
3388 | struct ieee80211_fragment_entry *entry; | ||
3389 | struct sk_buff *skb; | ||
3390 | |||
3391 | hdr = (struct ieee80211_hdr *) rx->skb->data; | ||
3392 | sc = le16_to_cpu(hdr->seq_ctrl); | ||
3393 | frag = sc & IEEE80211_SCTL_FRAG; | ||
3394 | |||
3395 | if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) || | ||
3396 | (rx->skb)->len < 24 || | ||
3397 | is_multicast_ether_addr(hdr->addr1))) { | ||
3398 | /* not fragmented */ | ||
3399 | goto out; | ||
3400 | } | ||
3401 | I802_DEBUG_INC(rx->local->rx_handlers_fragments); | ||
3402 | |||
3403 | seq = (sc & IEEE80211_SCTL_SEQ) >> 4; | ||
3404 | |||
3405 | if (frag == 0) { | ||
3406 | /* This is the first fragment of a new frame. */ | ||
3407 | entry = ieee80211_reassemble_add(rx->sdata, frag, seq, | ||
3408 | rx->u.rx.queue, &(rx->skb)); | ||
3409 | if (rx->key && rx->key->alg == ALG_CCMP && | ||
3410 | (rx->fc & IEEE80211_FCTL_PROTECTED)) { | ||
3411 | /* Store CCMP PN so that we can verify that the next | ||
3412 | * fragment has a sequential PN value. */ | ||
3413 | entry->ccmp = 1; | ||
3414 | memcpy(entry->last_pn, | ||
3415 | rx->key->u.ccmp.rx_pn[rx->u.rx.queue], | ||
3416 | CCMP_PN_LEN); | ||
3417 | } | ||
3418 | return TXRX_QUEUED; | ||
3419 | } | ||
3420 | |||
3421 | /* This is a fragment for a frame that should already be pending in | ||
3422 | * fragment cache. Add this fragment to the end of the pending entry. | ||
3423 | */ | ||
3424 | entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq, | ||
3425 | rx->u.rx.queue, hdr); | ||
3426 | if (!entry) { | ||
3427 | I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); | ||
3428 | return TXRX_DROP; | ||
3429 | } | ||
3430 | |||
3431 | /* Verify that MPDUs within one MSDU have sequential PN values. | ||
3432 | * (IEEE 802.11i, 8.3.3.4.5) */ | ||
3433 | if (entry->ccmp) { | ||
3434 | int i; | ||
3435 | u8 pn[CCMP_PN_LEN], *rpn; | ||
3436 | if (!rx->key || rx->key->alg != ALG_CCMP) | ||
3437 | return TXRX_DROP; | ||
3438 | memcpy(pn, entry->last_pn, CCMP_PN_LEN); | ||
3439 | for (i = CCMP_PN_LEN - 1; i >= 0; i--) { | ||
3440 | pn[i]++; | ||
3441 | if (pn[i]) | ||
3442 | break; | ||
3443 | } | ||
3444 | rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue]; | ||
3445 | if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) { | ||
3446 | printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential" | ||
3447 | " A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x " | ||
3448 | "(expected %02x%02x%02x%02x%02x%02x)\n", | ||
3449 | rx->dev->name, MAC_ARG(hdr->addr2), | ||
3450 | rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5], | ||
3451 | pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]); | ||
3452 | return TXRX_DROP; | ||
3453 | } | ||
3454 | memcpy(entry->last_pn, pn, CCMP_PN_LEN); | ||
3455 | } | ||
3456 | |||
3457 | skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc)); | ||
3458 | __skb_queue_tail(&entry->skb_list, rx->skb); | ||
3459 | entry->last_frag = frag; | ||
3460 | entry->extra_len += rx->skb->len; | ||
3461 | if (rx->fc & IEEE80211_FCTL_MOREFRAGS) { | ||
3462 | rx->skb = NULL; | ||
3463 | return TXRX_QUEUED; | ||
3464 | } | ||
3465 | |||
3466 | rx->skb = __skb_dequeue(&entry->skb_list); | ||
3467 | if (skb_tailroom(rx->skb) < entry->extra_len) { | ||
3468 | I802_DEBUG_INC(rx->local->rx_expand_skb_head2); | ||
3469 | if (unlikely(pskb_expand_head(rx->skb, 0, entry->extra_len, | ||
3470 | GFP_ATOMIC))) { | ||
3471 | I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); | ||
3472 | __skb_queue_purge(&entry->skb_list); | ||
3473 | return TXRX_DROP; | ||
3474 | } | ||
3475 | } | ||
3476 | while ((skb = __skb_dequeue(&entry->skb_list))) { | ||
3477 | memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len); | ||
3478 | dev_kfree_skb(skb); | ||
3479 | } | ||
3480 | |||
3481 | /* Complete frame has been reassembled - process it now */ | ||
3482 | rx->fragmented = 1; | ||
3483 | |||
3484 | out: | ||
3485 | if (rx->sta) | ||
3486 | rx->sta->rx_packets++; | ||
3487 | if (is_multicast_ether_addr(hdr->addr1)) | ||
3488 | rx->local->dot11MulticastReceivedFrameCount++; | ||
3489 | else | ||
3490 | ieee80211_led_rx(rx->local); | ||
3491 | return TXRX_CONTINUE; | ||
3492 | } | ||
3493 | |||
3494 | |||
3495 | static ieee80211_txrx_result | ||
3496 | ieee80211_rx_h_monitor(struct ieee80211_txrx_data *rx) | ||
3497 | { | ||
3498 | if (rx->sdata->type == IEEE80211_IF_TYPE_MNTR) { | ||
3499 | ieee80211_rx_monitor(rx->dev, rx->skb, rx->u.rx.status); | ||
3500 | return TXRX_QUEUED; | ||
3501 | } | ||
3502 | |||
3503 | if (rx->u.rx.status->flag & RX_FLAG_RADIOTAP) | ||
3504 | skb_pull(rx->skb, ieee80211_get_radiotap_len(rx->skb)); | ||
3505 | |||
3506 | return TXRX_CONTINUE; | ||
3507 | } | ||
3508 | |||
3509 | |||
3510 | static ieee80211_txrx_result | ||
3511 | ieee80211_rx_h_check(struct ieee80211_txrx_data *rx) | ||
3512 | { | ||
3513 | struct ieee80211_hdr *hdr; | ||
3514 | int always_sta_key; | ||
3515 | hdr = (struct ieee80211_hdr *) rx->skb->data; | ||
3516 | |||
3517 | /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */ | ||
3518 | if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) { | ||
3519 | if (unlikely(rx->fc & IEEE80211_FCTL_RETRY && | ||
3520 | rx->sta->last_seq_ctrl[rx->u.rx.queue] == | ||
3521 | hdr->seq_ctrl)) { | ||
3522 | if (rx->u.rx.ra_match) { | ||
3523 | rx->local->dot11FrameDuplicateCount++; | ||
3524 | rx->sta->num_duplicates++; | ||
3525 | } | ||
3526 | return TXRX_DROP; | ||
3527 | } else | ||
3528 | rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl; | ||
3529 | } | ||
3530 | |||
3531 | if ((rx->local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) && | ||
3532 | rx->skb->len > FCS_LEN) | ||
3533 | skb_trim(rx->skb, rx->skb->len - FCS_LEN); | ||
3534 | |||
3535 | if (unlikely(rx->skb->len < 16)) { | ||
3536 | I802_DEBUG_INC(rx->local->rx_handlers_drop_short); | ||
3537 | return TXRX_DROP; | ||
3538 | } | ||
3539 | |||
3540 | if (!rx->u.rx.ra_match) | ||
3541 | rx->skb->pkt_type = PACKET_OTHERHOST; | ||
3542 | else if (compare_ether_addr(rx->dev->dev_addr, hdr->addr1) == 0) | ||
3543 | rx->skb->pkt_type = PACKET_HOST; | ||
3544 | else if (is_multicast_ether_addr(hdr->addr1)) { | ||
3545 | if (is_broadcast_ether_addr(hdr->addr1)) | ||
3546 | rx->skb->pkt_type = PACKET_BROADCAST; | ||
3547 | else | ||
3548 | rx->skb->pkt_type = PACKET_MULTICAST; | ||
3549 | } else | ||
3550 | rx->skb->pkt_type = PACKET_OTHERHOST; | ||
3551 | |||
3552 | /* Drop disallowed frame classes based on STA auth/assoc state; | ||
3553 | * IEEE 802.11, Chap 5.5. | ||
3554 | * | ||
3555 | * 80211.o does filtering only based on association state, i.e., it | ||
3556 | * drops Class 3 frames from not associated stations. hostapd sends | ||
3557 | * deauth/disassoc frames when needed. In addition, hostapd is | ||
3558 | * responsible for filtering on both auth and assoc states. | ||
3559 | */ | ||
3560 | if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA || | ||
3561 | ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL && | ||
3562 | (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) && | ||
3563 | rx->sdata->type != IEEE80211_IF_TYPE_IBSS && | ||
3564 | (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) { | ||
3565 | if ((!(rx->fc & IEEE80211_FCTL_FROMDS) && | ||
3566 | !(rx->fc & IEEE80211_FCTL_TODS) && | ||
3567 | (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) | ||
3568 | || !rx->u.rx.ra_match) { | ||
3569 | /* Drop IBSS frames and frames for other hosts | ||
3570 | * silently. */ | ||
3571 | return TXRX_DROP; | ||
3572 | } | ||
3573 | |||
3574 | if (!rx->local->apdev) | ||
3575 | return TXRX_DROP; | ||
3576 | |||
3577 | ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status, | ||
3578 | ieee80211_msg_sta_not_assoc); | ||
3579 | return TXRX_QUEUED; | ||
3580 | } | ||
3581 | |||
3582 | if (rx->sdata->type == IEEE80211_IF_TYPE_STA) | ||
3583 | always_sta_key = 0; | ||
3584 | else | ||
3585 | always_sta_key = 1; | ||
3586 | |||
3587 | if (rx->sta && rx->sta->key && always_sta_key) { | ||
3588 | rx->key = rx->sta->key; | ||
3589 | } else { | ||
3590 | if (rx->sta && rx->sta->key) | ||
3591 | rx->key = rx->sta->key; | ||
3592 | else | ||
3593 | rx->key = rx->sdata->default_key; | ||
3594 | |||
3595 | if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) && | ||
3596 | rx->fc & IEEE80211_FCTL_PROTECTED) { | ||
3597 | int keyidx = ieee80211_wep_get_keyidx(rx->skb); | ||
3598 | |||
3599 | if (keyidx >= 0 && keyidx < NUM_DEFAULT_KEYS && | ||
3600 | (!rx->sta || !rx->sta->key || keyidx > 0)) | ||
3601 | rx->key = rx->sdata->keys[keyidx]; | ||
3602 | |||
3603 | if (!rx->key) { | ||
3604 | if (!rx->u.rx.ra_match) | ||
3605 | return TXRX_DROP; | ||
3606 | printk(KERN_DEBUG "%s: RX WEP frame with " | ||
3607 | "unknown keyidx %d (A1=" MAC_FMT " A2=" | ||
3608 | MAC_FMT " A3=" MAC_FMT ")\n", | ||
3609 | rx->dev->name, keyidx, | ||
3610 | MAC_ARG(hdr->addr1), | ||
3611 | MAC_ARG(hdr->addr2), | ||
3612 | MAC_ARG(hdr->addr3)); | ||
3613 | if (!rx->local->apdev) | ||
3614 | return TXRX_DROP; | ||
3615 | ieee80211_rx_mgmt( | ||
3616 | rx->local, rx->skb, rx->u.rx.status, | ||
3617 | ieee80211_msg_wep_frame_unknown_key); | ||
3618 | return TXRX_QUEUED; | ||
3619 | } | ||
3620 | } | ||
3621 | } | ||
3622 | |||
3623 | if (rx->fc & IEEE80211_FCTL_PROTECTED && rx->key && rx->u.rx.ra_match) { | ||
3624 | rx->key->tx_rx_count++; | ||
3625 | if (unlikely(rx->local->key_tx_rx_threshold && | ||
3626 | rx->key->tx_rx_count > | ||
3627 | rx->local->key_tx_rx_threshold)) { | ||
3628 | ieee80211_key_threshold_notify(rx->dev, rx->key, | ||
3629 | rx->sta); | ||
3630 | } | ||
3631 | } | ||
3632 | |||
3633 | return TXRX_CONTINUE; | ||
3634 | } | ||
3635 | |||
3636 | |||
3637 | static ieee80211_txrx_result | ||
3638 | ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx) | ||
3639 | { | ||
3640 | struct sta_info *sta = rx->sta; | ||
3641 | struct net_device *dev = rx->dev; | ||
3642 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; | ||
3643 | |||
3644 | if (!sta) | ||
3645 | return TXRX_CONTINUE; | ||
3646 | |||
3647 | /* Update last_rx only for IBSS packets which are for the current | ||
3648 | * BSSID to avoid keeping the current IBSS network alive in cases where | ||
3649 | * other STAs are using different BSSID. */ | ||
3650 | if (rx->sdata->type == IEEE80211_IF_TYPE_IBSS) { | ||
3651 | u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len); | ||
3652 | if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0) | ||
3653 | sta->last_rx = jiffies; | ||
3654 | } else | ||
3655 | if (!is_multicast_ether_addr(hdr->addr1) || | ||
3656 | rx->sdata->type == IEEE80211_IF_TYPE_STA) { | ||
3657 | /* Update last_rx only for unicast frames in order to prevent | ||
3658 | * the Probe Request frames (the only broadcast frames from a | ||
3659 | * STA in infrastructure mode) from keeping a connection alive. | ||
3660 | */ | ||
3661 | sta->last_rx = jiffies; | ||
3662 | } | ||
3663 | |||
3664 | if (!rx->u.rx.ra_match) | ||
3665 | return TXRX_CONTINUE; | ||
3666 | |||
3667 | sta->rx_fragments++; | ||
3668 | sta->rx_bytes += rx->skb->len; | ||
3669 | sta->last_rssi = (sta->last_rssi * 15 + | ||
3670 | rx->u.rx.status->ssi) / 16; | ||
3671 | sta->last_signal = (sta->last_signal * 15 + | ||
3672 | rx->u.rx.status->signal) / 16; | ||
3673 | sta->last_noise = (sta->last_noise * 15 + | ||
3674 | rx->u.rx.status->noise) / 16; | ||
3675 | |||
3676 | if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) { | ||
3677 | /* Change STA power saving mode only in the end of a frame | ||
3678 | * exchange sequence */ | ||
3679 | if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM)) | ||
3680 | rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta); | ||
3681 | else if (!(sta->flags & WLAN_STA_PS) && | ||
3682 | (rx->fc & IEEE80211_FCTL_PM)) | ||
3683 | ap_sta_ps_start(dev, sta); | ||
3684 | } | ||
3685 | |||
3686 | /* Drop data::nullfunc frames silently, since they are used only to | ||
3687 | * control station power saving mode. */ | ||
3688 | if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA && | ||
3689 | (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_NULLFUNC) { | ||
3690 | I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc); | ||
3691 | /* Update counter and free packet here to avoid counting this | ||
3692 | * as a dropped packed. */ | ||
3693 | sta->rx_packets++; | ||
3694 | dev_kfree_skb(rx->skb); | ||
3695 | return TXRX_QUEUED; | ||
3696 | } | ||
3697 | |||
3698 | return TXRX_CONTINUE; | ||
3699 | } /* ieee80211_rx_h_sta_process */ | ||
3700 | |||
3701 | |||
3702 | static ieee80211_txrx_result | ||
3703 | ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx) | ||
3704 | { | ||
3705 | if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) || | ||
3706 | (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || | ||
3707 | !rx->key || rx->key->alg != ALG_WEP || !rx->u.rx.ra_match) | ||
3708 | return TXRX_CONTINUE; | ||
3709 | |||
3710 | /* Check for weak IVs, if hwaccel did not remove IV from the frame */ | ||
3711 | if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) || | ||
3712 | rx->key->force_sw_encrypt) { | ||
3713 | u8 *iv = ieee80211_wep_is_weak_iv(rx->skb, rx->key); | ||
3714 | if (iv) { | ||
3715 | rx->sta->wep_weak_iv_count++; | ||
3716 | } | ||
3717 | } | ||
3718 | |||
3719 | return TXRX_CONTINUE; | ||
3720 | } | ||
3721 | |||
3722 | |||
3723 | static ieee80211_txrx_result | ||
3724 | ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx) | ||
3725 | { | ||
3726 | /* If the device handles decryption totally, skip this test */ | ||
3727 | if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) | ||
3728 | return TXRX_CONTINUE; | ||
3729 | |||
3730 | if ((rx->key && rx->key->alg != ALG_WEP) || | ||
3731 | !(rx->fc & IEEE80211_FCTL_PROTECTED) || | ||
3732 | ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA && | ||
3733 | ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || | ||
3734 | (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH))) | ||
3735 | return TXRX_CONTINUE; | ||
3736 | |||
3737 | if (!rx->key) { | ||
3738 | printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n", | ||
3739 | rx->dev->name); | ||
3740 | return TXRX_DROP; | ||
3741 | } | ||
3742 | |||
3743 | if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) || | ||
3744 | rx->key->force_sw_encrypt) { | ||
3745 | if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) { | ||
3746 | printk(KERN_DEBUG "%s: RX WEP frame, decrypt " | ||
3747 | "failed\n", rx->dev->name); | ||
3748 | return TXRX_DROP; | ||
3749 | } | ||
3750 | } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) { | ||
3751 | ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key); | ||
3752 | /* remove ICV */ | ||
3753 | skb_trim(rx->skb, rx->skb->len - 4); | ||
3754 | } | ||
3755 | |||
3756 | return TXRX_CONTINUE; | ||
3757 | } | ||
3758 | |||
3759 | |||
3760 | static ieee80211_txrx_result | ||
3761 | ieee80211_rx_h_802_1x_pae(struct ieee80211_txrx_data *rx) | ||
3762 | { | ||
3763 | if (rx->sdata->eapol && ieee80211_is_eapol(rx->skb) && | ||
3764 | rx->sdata->type != IEEE80211_IF_TYPE_STA && rx->u.rx.ra_match) { | ||
3765 | /* Pass both encrypted and unencrypted EAPOL frames to user | ||
3766 | * space for processing. */ | ||
3767 | if (!rx->local->apdev) | ||
3768 | return TXRX_DROP; | ||
3769 | ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status, | ||
3770 | ieee80211_msg_normal); | ||
3771 | return TXRX_QUEUED; | ||
3772 | } | ||
3773 | |||
3774 | if (unlikely(rx->sdata->ieee802_1x && | ||
3775 | (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA && | ||
3776 | (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC && | ||
3777 | (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)) && | ||
3778 | !ieee80211_is_eapol(rx->skb))) { | ||
3779 | #ifdef CONFIG_MAC80211_DEBUG | ||
3780 | struct ieee80211_hdr *hdr = | ||
3781 | (struct ieee80211_hdr *) rx->skb->data; | ||
3782 | printk(KERN_DEBUG "%s: dropped frame from " MAC_FMT | ||
3783 | " (unauthorized port)\n", rx->dev->name, | ||
3784 | MAC_ARG(hdr->addr2)); | ||
3785 | #endif /* CONFIG_MAC80211_DEBUG */ | ||
3786 | return TXRX_DROP; | ||
3787 | } | ||
3788 | |||
3789 | return TXRX_CONTINUE; | ||
3790 | } | ||
3791 | |||
3792 | |||
3793 | static ieee80211_txrx_result | ||
3794 | ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx) | ||
3795 | { | ||
3796 | /* If the device handles decryption totally, skip this test */ | ||
3797 | if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) | ||
3798 | return TXRX_CONTINUE; | ||
3799 | |||
3800 | /* Drop unencrypted frames if key is set. */ | ||
3801 | if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) && | ||
3802 | (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA && | ||
3803 | (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC && | ||
3804 | (rx->key || rx->sdata->drop_unencrypted) && | ||
3805 | (rx->sdata->eapol == 0 || | ||
3806 | !ieee80211_is_eapol(rx->skb)))) { | ||
3807 | printk(KERN_DEBUG "%s: RX non-WEP frame, but expected " | ||
3808 | "encryption\n", rx->dev->name); | ||
3809 | return TXRX_DROP; | ||
3810 | } | ||
3811 | return TXRX_CONTINUE; | ||
3812 | } | ||
3813 | |||
3814 | |||
3815 | static ieee80211_txrx_result | ||
3816 | ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx) | ||
3817 | { | ||
3818 | struct ieee80211_sub_if_data *sdata; | ||
3819 | |||
3820 | if (!rx->u.rx.ra_match) | ||
3821 | return TXRX_DROP; | ||
3822 | |||
3823 | sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); | ||
3824 | if ((sdata->type == IEEE80211_IF_TYPE_STA || | ||
3825 | sdata->type == IEEE80211_IF_TYPE_IBSS) && | ||
3826 | !rx->local->user_space_mlme) { | ||
3827 | ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status); | ||
3828 | } else { | ||
3829 | /* Management frames are sent to hostapd for processing */ | ||
3830 | if (!rx->local->apdev) | ||
3831 | return TXRX_DROP; | ||
3832 | ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status, | ||
3833 | ieee80211_msg_normal); | ||
3834 | } | ||
3835 | return TXRX_QUEUED; | ||
3836 | } | ||
3837 | |||
3838 | |||
3839 | static ieee80211_txrx_result | ||
3840 | ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx) | ||
3841 | { | ||
3842 | struct ieee80211_local *local = rx->local; | ||
3843 | struct sk_buff *skb = rx->skb; | ||
3844 | |||
3845 | if (unlikely(local->sta_scanning != 0)) { | ||
3846 | ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status); | ||
3847 | return TXRX_QUEUED; | ||
3848 | } | ||
3849 | |||
3850 | if (unlikely(rx->u.rx.in_scan)) { | ||
3851 | /* scanning finished during invoking of handlers */ | ||
3852 | I802_DEBUG_INC(local->rx_handlers_drop_passive_scan); | ||
3853 | return TXRX_DROP; | ||
3854 | } | ||
3855 | |||
3856 | return TXRX_CONTINUE; | ||
3857 | } | ||
3858 | |||
3859 | |||
3860 | static void ieee80211_rx_michael_mic_report(struct net_device *dev, | ||
3861 | struct ieee80211_hdr *hdr, | ||
3862 | struct sta_info *sta, | ||
3863 | struct ieee80211_txrx_data *rx) | ||
3864 | { | ||
3865 | int keyidx, hdrlen; | ||
3866 | |||
3867 | hdrlen = ieee80211_get_hdrlen_from_skb(rx->skb); | ||
3868 | if (rx->skb->len >= hdrlen + 4) | ||
3869 | keyidx = rx->skb->data[hdrlen + 3] >> 6; | ||
3870 | else | ||
3871 | keyidx = -1; | ||
3872 | |||
3873 | /* TODO: verify that this is not triggered by fragmented | ||
3874 | * frames (hw does not verify MIC for them). */ | ||
3875 | printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC " | ||
3876 | "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n", | ||
3877 | dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx); | ||
3878 | |||
3879 | if (!sta) { | ||
3880 | /* Some hardware versions seem to generate incorrect | ||
3881 | * Michael MIC reports; ignore them to avoid triggering | ||
3882 | * countermeasures. */ | ||
3883 | printk(KERN_DEBUG "%s: ignored spurious Michael MIC " | ||
3884 | "error for unknown address " MAC_FMT "\n", | ||
3885 | dev->name, MAC_ARG(hdr->addr2)); | ||
3886 | goto ignore; | ||
3887 | } | ||
3888 | |||
3889 | if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) { | ||
3890 | printk(KERN_DEBUG "%s: ignored spurious Michael MIC " | ||
3891 | "error for a frame with no ISWEP flag (src " | ||
3892 | MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2)); | ||
3893 | goto ignore; | ||
3894 | } | ||
3895 | |||
3896 | if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) && | ||
3897 | rx->sdata->type == IEEE80211_IF_TYPE_AP) { | ||
3898 | keyidx = ieee80211_wep_get_keyidx(rx->skb); | ||
3899 | /* AP with Pairwise keys support should never receive Michael | ||
3900 | * MIC errors for non-zero keyidx because these are reserved | ||
3901 | * for group keys and only the AP is sending real multicast | ||
3902 | * frames in BSS. */ | ||
3903 | if (keyidx) { | ||
3904 | printk(KERN_DEBUG "%s: ignored Michael MIC error for " | ||
3905 | "a frame with non-zero keyidx (%d) (src " MAC_FMT | ||
3906 | ")\n", dev->name, keyidx, MAC_ARG(hdr->addr2)); | ||
3907 | goto ignore; | ||
3908 | } | ||
3909 | } | ||
3910 | |||
3911 | if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA && | ||
3912 | ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || | ||
3913 | (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) { | ||
3914 | printk(KERN_DEBUG "%s: ignored spurious Michael MIC " | ||
3915 | "error for a frame that cannot be encrypted " | ||
3916 | "(fc=0x%04x) (src " MAC_FMT ")\n", | ||
3917 | dev->name, rx->fc, MAC_ARG(hdr->addr2)); | ||
3918 | goto ignore; | ||
3919 | } | ||
3920 | |||
3921 | do { | ||
3922 | union iwreq_data wrqu; | ||
3923 | char *buf = kmalloc(128, GFP_ATOMIC); | ||
3924 | if (!buf) | ||
3925 | break; | ||
3926 | |||
3927 | /* TODO: needed parameters: count, key type, TSC */ | ||
3928 | sprintf(buf, "MLME-MICHAELMICFAILURE.indication(" | ||
3929 | "keyid=%d %scast addr=" MAC_FMT ")", | ||
3930 | keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni", | ||
3931 | MAC_ARG(hdr->addr2)); | ||
3932 | memset(&wrqu, 0, sizeof(wrqu)); | ||
3933 | wrqu.data.length = strlen(buf); | ||
3934 | wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf); | ||
3935 | kfree(buf); | ||
3936 | } while (0); | ||
3937 | |||
3938 | /* TODO: consider verifying the MIC error report with software | ||
3939 | * implementation if we get too many spurious reports from the | ||
3940 | * hardware. */ | ||
3941 | if (!rx->local->apdev) | ||
3942 | goto ignore; | ||
3943 | ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status, | ||
3944 | ieee80211_msg_michael_mic_failure); | ||
3945 | return; | ||
3946 | |||
3947 | ignore: | ||
3948 | dev_kfree_skb(rx->skb); | ||
3949 | rx->skb = NULL; | ||
3950 | } | ||
3951 | |||
3952 | static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers( | ||
3953 | struct ieee80211_local *local, | ||
3954 | ieee80211_rx_handler *handlers, | ||
3955 | struct ieee80211_txrx_data *rx, | ||
3956 | struct sta_info *sta) | ||
3957 | { | ||
3958 | ieee80211_rx_handler *handler; | ||
3959 | ieee80211_txrx_result res = TXRX_DROP; | ||
3960 | |||
3961 | for (handler = handlers; *handler != NULL; handler++) { | ||
3962 | res = (*handler)(rx); | ||
3963 | if (res != TXRX_CONTINUE) { | ||
3964 | if (res == TXRX_DROP) { | ||
3965 | I802_DEBUG_INC(local->rx_handlers_drop); | ||
3966 | if (sta) | ||
3967 | sta->rx_dropped++; | ||
3968 | } | ||
3969 | if (res == TXRX_QUEUED) | ||
3970 | I802_DEBUG_INC(local->rx_handlers_queued); | ||
3971 | break; | ||
3972 | } | ||
3973 | } | ||
3974 | |||
3975 | if (res == TXRX_DROP) { | ||
3976 | dev_kfree_skb(rx->skb); | ||
3977 | } | ||
3978 | return res; | ||
3979 | } | ||
3980 | |||
3981 | static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local, | ||
3982 | ieee80211_rx_handler *handlers, | ||
3983 | struct ieee80211_txrx_data *rx, | ||
3984 | struct sta_info *sta) | ||
3985 | { | ||
3986 | if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) == | ||
3987 | TXRX_CONTINUE) | ||
3988 | dev_kfree_skb(rx->skb); | ||
3989 | } | ||
3990 | |||
3991 | /* | ||
3992 | * This is the receive path handler. It is called by a low level driver when an | ||
3993 | * 802.11 MPDU is received from the hardware. | ||
3994 | */ | ||
3995 | void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb, | ||
3996 | struct ieee80211_rx_status *status) | ||
3997 | { | ||
3998 | struct ieee80211_local *local = hw_to_local(hw); | ||
3999 | struct ieee80211_sub_if_data *sdata; | ||
4000 | struct sta_info *sta; | ||
4001 | struct ieee80211_hdr *hdr; | ||
4002 | struct ieee80211_txrx_data rx; | ||
4003 | u16 type; | ||
4004 | int multicast; | ||
4005 | int radiotap_len = 0; | ||
4006 | |||
4007 | if (status->flag & RX_FLAG_RADIOTAP) { | ||
4008 | radiotap_len = ieee80211_get_radiotap_len(skb); | ||
4009 | skb_pull(skb, radiotap_len); | ||
4010 | } | ||
4011 | |||
4012 | hdr = (struct ieee80211_hdr *) skb->data; | ||
4013 | memset(&rx, 0, sizeof(rx)); | ||
4014 | rx.skb = skb; | ||
4015 | rx.local = local; | ||
4016 | |||
4017 | rx.u.rx.status = status; | ||
4018 | rx.fc = skb->len >= 2 ? le16_to_cpu(hdr->frame_control) : 0; | ||
4019 | type = rx.fc & IEEE80211_FCTL_FTYPE; | ||
4020 | if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT) | ||
4021 | local->dot11ReceivedFragmentCount++; | ||
4022 | multicast = is_multicast_ether_addr(hdr->addr1); | ||
4023 | |||
4024 | if (skb->len >= 16) | ||
4025 | sta = rx.sta = sta_info_get(local, hdr->addr2); | ||
4026 | else | ||
4027 | sta = rx.sta = NULL; | ||
4028 | |||
4029 | if (sta) { | ||
4030 | rx.dev = sta->dev; | ||
4031 | rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev); | ||
4032 | } | ||
4033 | |||
4034 | if ((status->flag & RX_FLAG_MMIC_ERROR)) { | ||
4035 | ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx); | ||
4036 | goto end; | ||
4037 | } | ||
4038 | |||
4039 | if (unlikely(local->sta_scanning)) | ||
4040 | rx.u.rx.in_scan = 1; | ||
4041 | |||
4042 | if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx, | ||
4043 | sta) != TXRX_CONTINUE) | ||
4044 | goto end; | ||
4045 | skb = rx.skb; | ||
4046 | |||
4047 | skb_push(skb, radiotap_len); | ||
4048 | if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) && | ||
4049 | !local->iff_promiscs && !multicast) { | ||
4050 | rx.u.rx.ra_match = 1; | ||
4051 | ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx, | ||
4052 | sta); | ||
4053 | } else { | ||
4054 | struct ieee80211_sub_if_data *prev = NULL; | ||
4055 | struct sk_buff *skb_new; | ||
4056 | u8 *bssid = ieee80211_get_bssid(hdr, skb->len - radiotap_len); | ||
4057 | |||
4058 | read_lock(&local->sub_if_lock); | ||
4059 | list_for_each_entry(sdata, &local->sub_if_list, list) { | ||
4060 | rx.u.rx.ra_match = 1; | ||
4061 | switch (sdata->type) { | ||
4062 | case IEEE80211_IF_TYPE_STA: | ||
4063 | if (!bssid) | ||
4064 | continue; | ||
4065 | if (!ieee80211_bssid_match(bssid, | ||
4066 | sdata->u.sta.bssid)) { | ||
4067 | if (!rx.u.rx.in_scan) | ||
4068 | continue; | ||
4069 | rx.u.rx.ra_match = 0; | ||
4070 | } else if (!multicast && | ||
4071 | compare_ether_addr(sdata->dev->dev_addr, | ||
4072 | hdr->addr1) != 0) { | ||
4073 | if (!sdata->promisc) | ||
4074 | continue; | ||
4075 | rx.u.rx.ra_match = 0; | ||
4076 | } | ||
4077 | break; | ||
4078 | case IEEE80211_IF_TYPE_IBSS: | ||
4079 | if (!bssid) | ||
4080 | continue; | ||
4081 | if (!ieee80211_bssid_match(bssid, | ||
4082 | sdata->u.sta.bssid)) { | ||
4083 | if (!rx.u.rx.in_scan) | ||
4084 | continue; | ||
4085 | rx.u.rx.ra_match = 0; | ||
4086 | } else if (!multicast && | ||
4087 | compare_ether_addr(sdata->dev->dev_addr, | ||
4088 | hdr->addr1) != 0) { | ||
4089 | if (!sdata->promisc) | ||
4090 | continue; | ||
4091 | rx.u.rx.ra_match = 0; | ||
4092 | } else if (!sta) | ||
4093 | sta = rx.sta = | ||
4094 | ieee80211_ibss_add_sta(sdata->dev, | ||
4095 | skb, bssid, | ||
4096 | hdr->addr2); | ||
4097 | break; | ||
4098 | case IEEE80211_IF_TYPE_AP: | ||
4099 | if (!bssid) { | ||
4100 | if (compare_ether_addr(sdata->dev->dev_addr, | ||
4101 | hdr->addr1) != 0) | ||
4102 | continue; | ||
4103 | } else if (!ieee80211_bssid_match(bssid, | ||
4104 | sdata->dev->dev_addr)) { | ||
4105 | if (!rx.u.rx.in_scan) | ||
4106 | continue; | ||
4107 | rx.u.rx.ra_match = 0; | ||
4108 | } | ||
4109 | if (sdata->dev == local->mdev && | ||
4110 | !rx.u.rx.in_scan) | ||
4111 | /* do not receive anything via | ||
4112 | * master device when not scanning */ | ||
4113 | continue; | ||
4114 | break; | ||
4115 | case IEEE80211_IF_TYPE_WDS: | ||
4116 | if (bssid || | ||
4117 | (rx.fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) | ||
4118 | continue; | ||
4119 | if (compare_ether_addr(sdata->u.wds.remote_addr, | ||
4120 | hdr->addr2) != 0) | ||
4121 | continue; | ||
4122 | break; | ||
4123 | } | ||
4124 | |||
4125 | if (prev) { | ||
4126 | skb_new = skb_copy(skb, GFP_ATOMIC); | ||
4127 | if (!skb_new) { | ||
4128 | if (net_ratelimit()) | ||
4129 | printk(KERN_DEBUG "%s: failed to copy " | ||
4130 | "multicast frame for %s", | ||
4131 | local->mdev->name, prev->dev->name); | ||
4132 | continue; | ||
4133 | } | ||
4134 | rx.skb = skb_new; | ||
4135 | rx.dev = prev->dev; | ||
4136 | rx.sdata = prev; | ||
4137 | ieee80211_invoke_rx_handlers(local, | ||
4138 | local->rx_handlers, | ||
4139 | &rx, sta); | ||
4140 | } | ||
4141 | prev = sdata; | ||
4142 | } | ||
4143 | if (prev) { | ||
4144 | rx.skb = skb; | ||
4145 | rx.dev = prev->dev; | ||
4146 | rx.sdata = prev; | ||
4147 | ieee80211_invoke_rx_handlers(local, local->rx_handlers, | ||
4148 | &rx, sta); | ||
4149 | } else | ||
4150 | dev_kfree_skb(skb); | ||
4151 | read_unlock(&local->sub_if_lock); | ||
4152 | } | ||
4153 | |||
4154 | end: | ||
4155 | if (sta) | ||
4156 | sta_info_put(sta); | ||
4157 | } | ||
4158 | EXPORT_SYMBOL(__ieee80211_rx); | ||
4159 | |||
4160 | static ieee80211_txrx_result | 2915 | static ieee80211_txrx_result |
4161 | ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx) | 2916 | ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx) |
4162 | { | 2917 | { |
@@ -4215,65 +2970,6 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx) | |||
4215 | } | 2970 | } |
4216 | 2971 | ||
4217 | 2972 | ||
4218 | static ieee80211_txrx_result | ||
4219 | ieee80211_rx_h_load_stats(struct ieee80211_txrx_data *rx) | ||
4220 | { | ||
4221 | struct ieee80211_local *local = rx->local; | ||
4222 | struct sk_buff *skb = rx->skb; | ||
4223 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; | ||
4224 | u32 load = 0, hdrtime; | ||
4225 | struct ieee80211_rate *rate; | ||
4226 | struct ieee80211_hw_mode *mode = local->hw.conf.mode; | ||
4227 | int i; | ||
4228 | |||
4229 | /* Estimate total channel use caused by this frame */ | ||
4230 | |||
4231 | if (unlikely(mode->num_rates < 0)) | ||
4232 | return TXRX_CONTINUE; | ||
4233 | |||
4234 | rate = &mode->rates[0]; | ||
4235 | for (i = 0; i < mode->num_rates; i++) { | ||
4236 | if (mode->rates[i].val == rx->u.rx.status->rate) { | ||
4237 | rate = &mode->rates[i]; | ||
4238 | break; | ||
4239 | } | ||
4240 | } | ||
4241 | |||
4242 | /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values, | ||
4243 | * 1 usec = 1/8 * (1080 / 10) = 13.5 */ | ||
4244 | |||
4245 | if (mode->mode == MODE_IEEE80211A || | ||
4246 | mode->mode == MODE_ATHEROS_TURBO || | ||
4247 | mode->mode == MODE_ATHEROS_TURBOG || | ||
4248 | (mode->mode == MODE_IEEE80211G && | ||
4249 | rate->flags & IEEE80211_RATE_ERP)) | ||
4250 | hdrtime = CHAN_UTIL_HDR_SHORT; | ||
4251 | else | ||
4252 | hdrtime = CHAN_UTIL_HDR_LONG; | ||
4253 | |||
4254 | load = hdrtime; | ||
4255 | if (!is_multicast_ether_addr(hdr->addr1)) | ||
4256 | load += hdrtime; | ||
4257 | |||
4258 | load += skb->len * rate->rate_inv; | ||
4259 | |||
4260 | /* Divide channel_use by 8 to avoid wrapping around the counter */ | ||
4261 | load >>= CHAN_UTIL_SHIFT; | ||
4262 | local->channel_use_raw += load; | ||
4263 | if (rx->sta) | ||
4264 | rx->sta->channel_use_raw += load; | ||
4265 | rx->u.rx.load = load; | ||
4266 | |||
4267 | return TXRX_CONTINUE; | ||
4268 | } | ||
4269 | |||
4270 | static ieee80211_txrx_result | ||
4271 | ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx) | ||
4272 | { | ||
4273 | rx->sdata->channel_use_raw += rx->u.rx.load; | ||
4274 | return TXRX_CONTINUE; | ||
4275 | } | ||
4276 | |||
4277 | static void ieee80211_stat_refresh(unsigned long data) | 2973 | static void ieee80211_stat_refresh(unsigned long data) |
4278 | { | 2974 | { |
4279 | struct ieee80211_local *local = (struct ieee80211_local *) data; | 2975 | struct ieee80211_local *local = (struct ieee80211_local *) data; |
@@ -4311,24 +3007,6 @@ static void ieee80211_stat_refresh(unsigned long data) | |||
4311 | } | 3007 | } |
4312 | 3008 | ||
4313 | 3009 | ||
4314 | /* This is a version of the rx handler that can be called from hard irq | ||
4315 | * context. Post the skb on the queue and schedule the tasklet */ | ||
4316 | void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb, | ||
4317 | struct ieee80211_rx_status *status) | ||
4318 | { | ||
4319 | struct ieee80211_local *local = hw_to_local(hw); | ||
4320 | |||
4321 | BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb)); | ||
4322 | |||
4323 | skb->dev = local->mdev; | ||
4324 | /* copy status into skb->cb for use by tasklet */ | ||
4325 | memcpy(skb->cb, status, sizeof(*status)); | ||
4326 | skb->pkt_type = IEEE80211_RX_MSG; | ||
4327 | skb_queue_tail(&local->skb_queue, skb); | ||
4328 | tasklet_schedule(&local->tasklet); | ||
4329 | } | ||
4330 | EXPORT_SYMBOL(ieee80211_rx_irqsafe); | ||
4331 | |||
4332 | void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, | 3010 | void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, |
4333 | struct sk_buff *skb, | 3011 | struct sk_buff *skb, |
4334 | struct ieee80211_tx_status *status) | 3012 | struct ieee80211_tx_status *status) |
@@ -4690,41 +3368,6 @@ EXPORT_SYMBOL(ieee80211_tx_status); | |||
4690 | /* TODO: implement register/unregister functions for adding TX/RX handlers | 3368 | /* TODO: implement register/unregister functions for adding TX/RX handlers |
4691 | * into ordered list */ | 3369 | * into ordered list */ |
4692 | 3370 | ||
4693 | /* rx_pre handlers don't have dev and sdata fields available in | ||
4694 | * ieee80211_txrx_data */ | ||
4695 | static ieee80211_rx_handler ieee80211_rx_pre_handlers[] = | ||
4696 | { | ||
4697 | ieee80211_rx_h_parse_qos, | ||
4698 | ieee80211_rx_h_load_stats, | ||
4699 | NULL | ||
4700 | }; | ||
4701 | |||
4702 | static ieee80211_rx_handler ieee80211_rx_handlers[] = | ||
4703 | { | ||
4704 | ieee80211_rx_h_if_stats, | ||
4705 | ieee80211_rx_h_monitor, | ||
4706 | ieee80211_rx_h_passive_scan, | ||
4707 | ieee80211_rx_h_check, | ||
4708 | ieee80211_rx_h_sta_process, | ||
4709 | ieee80211_rx_h_ccmp_decrypt, | ||
4710 | ieee80211_rx_h_tkip_decrypt, | ||
4711 | ieee80211_rx_h_wep_weak_iv_detection, | ||
4712 | ieee80211_rx_h_wep_decrypt, | ||
4713 | ieee80211_rx_h_defragment, | ||
4714 | ieee80211_rx_h_ps_poll, | ||
4715 | ieee80211_rx_h_michael_mic_verify, | ||
4716 | /* this must be after decryption - so header is counted in MPDU mic | ||
4717 | * must be before pae and data, so QOS_DATA format frames | ||
4718 | * are not passed to user space by these functions | ||
4719 | */ | ||
4720 | ieee80211_rx_h_remove_qos_control, | ||
4721 | ieee80211_rx_h_802_1x_pae, | ||
4722 | ieee80211_rx_h_drop_unencrypted, | ||
4723 | ieee80211_rx_h_data, | ||
4724 | ieee80211_rx_h_mgmt, | ||
4725 | NULL | ||
4726 | }; | ||
4727 | |||
4728 | static ieee80211_tx_handler ieee80211_tx_handlers[] = | 3371 | static ieee80211_tx_handler ieee80211_tx_handlers[] = |
4729 | { | 3372 | { |
4730 | ieee80211_tx_h_check_assoc, | 3373 | ieee80211_tx_h_check_assoc, |