search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
GUI: Fix Tomato RAF theme for all builds. Compilation typo.
[tomato.git] / release / src-rt-6.x.4708 / linux / linux-2.6.36 / drivers / staging / otus / 80211core / ctxrx.c
bloba8982c4aca4279d8f1024fd175618ae3a6617870
1 /*
2 * Copyright (c) 2007-2008 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16 /* */
17 /* Module Name : htr.c */
18 /* */
19 /* Abstract */
20 /* This module contains Tx and Rx functions. */
21 /* */
22 /* NOTES */
23 /* None */
24 /* */
25 /************************************************************************/
26 #include "cprecomp.h"
27
28 u16_t zfWlanRxValidate(zdev_t* dev, zbuf_t* buf);
29 u16_t zfWlanRxFilter(zdev_t* dev, zbuf_t* buf);
30
31
32
33 const u8_t zgSnapBridgeTunnel[6] = { 0xAA, 0xAA, 0x03, 0x00, 0x00, 0xF8 };
34 const u8_t zgSnap8021h[6] = { 0xAA, 0xAA, 0x03, 0x00, 0x00, 0x00 };
35 /* Table for converting IP DSCP P2-P0 bits to 802.11e Access Category */
36 const u8_t zcUpToAc[8] = {0, 1, 1, 0, 2, 2, 3, 3}; //WMM default
37 //const u8_t zcUpToAc[8] = {0, 1, 1, 0, 0, 0, 0, 0}; //For 2 TxQ
38 //const u8_t zcUpToAc[8] = {0, 0, 0, 0, 0, 0, 0, 0}; //For single TxQ
39 const u8_t zcMaxspToPktNum[4] = {8, 2, 4, 6};
40
41 u8_t zfGetEncryModeFromRxStatus(struct zsAdditionInfo* addInfo)
42 {
43 u8_t securityByte;
44 u8_t encryMode;
45
46 securityByte = (addInfo->Tail.Data.SAIndex & 0xc0) >> 4; /* byte4 */
47 securityByte |= (addInfo->Tail.Data.DAIndex & 0xc0) >> 6; /* byte5 */
48
49 switch( securityByte )
50 {
51 case ZM_NO_WEP:
52 case ZM_WEP64:
53 case ZM_WEP128:
54 case ZM_WEP256:
55 #ifdef ZM_ENABLE_CENC
56 case ZM_CENC:
57 #endif //ZM_ENABLE_CENC
58 case ZM_TKIP:
59 case ZM_AES:
60
61 encryMode = securityByte;
62 break;
63
64 default:
65
66 if ( (securityByte & 0xf8) == 0x08 )
67 {
68 // decrypted by software
69 }
70
71 encryMode = ZM_NO_WEP;
72 break;
73 }
74
75 return encryMode;
76 }
77
78 void zfGetRxIvIcvLength(zdev_t* dev, zbuf_t* buf, u8_t vap, u16_t* pIvLen,
79 u16_t* pIcvLen, struct zsAdditionInfo* addInfo)
80 {
81 u16_t wdsPort;
82 u8_t encryMode;
83
84 zmw_get_wlan_dev(dev);
85
86 *pIvLen = 0;
87 *pIcvLen = 0;
88
89 encryMode = zfGetEncryModeFromRxStatus(addInfo);
90
91 if ( wd->wlanMode == ZM_MODE_AP )
92 {
93 if (vap < ZM_MAX_AP_SUPPORT)
94 {
95 if (( wd->ap.encryMode[vap] == ZM_WEP64 ) ||
96 ( wd->ap.encryMode[vap] == ZM_WEP128 ) ||
97 ( wd->ap.encryMode[vap] == ZM_WEP256 ))
98 {
99 *pIvLen = 4;
100 *pIcvLen = 4;
101 }
102 else
103 {
104 u16_t id;
105 u16_t addr[3];
106
107 addr[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET);
108 addr[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+2);
109 addr[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+4);
110
111 /* Find STA's information */
112 id = zfApFindSta(dev, addr);
113 if (id != 0xffff)
114 {
115 if (wd->ap.staTable[id].encryMode == ZM_TKIP)
116 {
117 *pIvLen = 8;
118 *pIcvLen = 4;
119 }
120 else if (wd->ap.staTable[id].encryMode == ZM_AES)
121 {
122 *pIvLen = 8;
123 *pIcvLen = 8; // AES MIC
124 //*pIcvLen = 0;
125 }
126 #ifdef ZM_ENABLE_CENC
127 else if (wd->ap.staTable[id].encryMode == ZM_CENC)
128 {
129 *pIvLen = 18;
130 *pIcvLen= 16;
131 }
132 #endif //ZM_ENABLE_CENC
133 }
134 }
135 /* WDS port checking */
136 wdsPort = vap - 0x20;
137 if (wdsPort >= ZM_MAX_WDS_SUPPORT)
138 {
139 wdsPort = 0;
140 }
141
142 switch (wd->ap.wds.encryMode[wdsPort])
143 {
144 case ZM_WEP64:
145 case ZM_WEP128:
146 case ZM_WEP256:
147 *pIvLen = 4;
148 *pIcvLen = 4;
149 break;
150 case ZM_TKIP:
151 *pIvLen = 8;
152 *pIcvLen = 4;
153 break;
154 case ZM_AES:
155 *pIvLen = 8;
156 *pIcvLen = 0;
157 break;
158 #ifdef ZM_ENABLE_CENC
159 case ZM_CENC:
160 *pIvLen = 18;
161 *pIcvLen = 16;
162 break;
163 #endif //ZM_ENABLE_CENC
164 }/* end of switch */
165 }
166 }
167 else if ( wd->wlanMode == ZM_MODE_PSEUDO)
168 {
169 /* test: 6518 for QA auto test */
170 switch (encryMode)
171 {
172 case ZM_WEP64:
173 case ZM_WEP128:
174 case ZM_WEP256:
175 *pIvLen = 4;
176 *pIcvLen = 4;
177 break;
178 case ZM_TKIP:
179 *pIvLen = 8;
180 *pIcvLen = 4;
181 break;
182 case ZM_AES:
183 *pIvLen = 8;
184 *pIcvLen = 0;
185 break;
186 #ifdef ZM_ENABLE_CENC
187 case ZM_CENC:
188 *pIvLen = 18;
189 *pIcvLen = 16;
190 #endif //ZM_ENABLE_CENC
191 }/* end of switch */
192 }
193 else
194 {
195 if ( (encryMode == ZM_WEP64)||
196 (encryMode == ZM_WEP128)||
197 (encryMode == ZM_WEP256) )
198 {
199 *pIvLen = 4;
200 *pIcvLen = 4;
201 }
202 else if ( encryMode == ZM_TKIP )
203 {
204 *pIvLen = 8;
205 *pIcvLen = 4;
206 }
207 else if ( encryMode == ZM_AES )
208 {
209 *pIvLen = 8;
210 *pIcvLen = 8; // AES MIC
211 }
212 #ifdef ZM_ENABLE_CENC
213 else if ( encryMode == ZM_CENC)
214 {
215 *pIvLen = 18;
216 *pIcvLen= 16;
217 }
218 #endif //ZM_ENABLE_CENC
219 }
220 }
221
222
223 /************************************************************************/
224 /* */
225 /* FUNCTION DESCRIPTION zfAgingDefragList */
226 /* Force flushing whole defrag list or aging the buffer */
227 /* in the defrag list. */
228 /* */
229 /* INPUTS */
230 /* dev : device pointer */
231 /* flushFlag : 1=>flushing, 0=>Aging */
232 /* */
233 /* OUTPUTS */
234 /* None */
235 /* */
236 /* AUTHOR */
237 /* Stephen Chen Atheros Communications, INC. 2007.1 */
238 /* */
239 /************************************************************************/
240 void zfAgingDefragList(zdev_t* dev, u16_t flushFlag)
241 {
242 u16_t i, j;
243 zmw_get_wlan_dev(dev);
244 zmw_declare_for_critical_section();
245
246 zmw_enter_critical_section(dev);
247
248 for(i=0; i<ZM_MAX_DEFRAG_ENTRIES; i++)
249 {
250 if (wd->defragTable.defragEntry[i].fragCount != 0 )
251 {
252 if (((wd->tick - wd->defragTable.defragEntry[i].tick) >
253 (ZM_DEFRAG_AGING_TIME_SEC * ZM_TICK_PER_SECOND))
254 || (flushFlag != 0))
255 {
256 zm_msg1_rx(ZM_LV_2, "Aging defrag list :", i);
257 /* Free the buffers in the defrag list */
258 for (j=0; j<wd->defragTable.defragEntry[i].fragCount; j++)
259 {
260 zfwBufFree(dev, wd->defragTable.defragEntry[i].fragment[j], 0);
261 }
262 }
263 }
264 wd->defragTable.defragEntry[i].fragCount = 0;
265 }
266
267 zmw_leave_critical_section(dev);
268
269 return;
270 }
271
272
273 /************************************************************************/
274 /* */
275 /* FUNCTION DESCRIPTION zfAddFirstFragToDefragList */
276 /* Add first fragment to defragment list, the first empty entry */
277 /* will be selected. If the list is full, sequentially select */
278 /* one entry for replacement. */
279 /* */
280 /* INPUTS */
281 /* dev : device pointer */
282 /* buf : first fragment buffer */
283 /* addr : address of first fragment buffer */
284 /* seqNum : sequence of first fragment buffer */
285 /* */
286 /* OUTPUTS */
287 /* None */
288 /* */
289 /* AUTHOR */
290 /* Stephen Chen Atheros Communications, INC. 2007.1 */
291 /* */
292 /************************************************************************/
293 void zfAddFirstFragToDefragList(zdev_t* dev, zbuf_t* buf, u8_t* addr, u16_t seqNum)
294 {
295 u16_t i, j;
296 zmw_get_wlan_dev(dev);
297 zmw_declare_for_critical_section();
298
299 zmw_enter_critical_section(dev);
300
301 /* Find an empty one in defrag list */
302 for(i=0; i<ZM_MAX_DEFRAG_ENTRIES; i++)
303 {
304 if ( wd->defragTable.defragEntry[i].fragCount == 0 )
305 {
306 break;
307 }
308 }
309
310 /* If full, sequentially replace existing one */
311 if (i == ZM_MAX_DEFRAG_ENTRIES)
312 {
313 i = wd->defragTable.replaceNum++ & (ZM_MAX_DEFRAG_ENTRIES-1);
314 /* Free the buffers in the defrag list to be replaced */
315 for (j=0; j<wd->defragTable.defragEntry[i].fragCount; j++)
316 {
317 zfwBufFree(dev, wd->defragTable.defragEntry[i].fragment[j], 0);
318 }
319 }
320
321 wd->defragTable.defragEntry[i].fragCount = 1;
322 wd->defragTable.defragEntry[i].fragment[0] = buf;
323 wd->defragTable.defragEntry[i].seqNum = seqNum;
324 wd->defragTable.defragEntry[i].tick = wd->tick;
325
326 for (j=0; j<6; j++)
327 {
328 wd->defragTable.defragEntry[i].addr[j] = addr[j];
329 }
330
331 zmw_leave_critical_section(dev);
332
333 return;
334 }
335
336
337 /************************************************************************/
338 /* */
339 /* FUNCTION DESCRIPTION zfAddFragToDefragList */
340 /* Add middle or last fragment to defragment list. */
341 /* */
342 /* INPUTS */
343 /* dev : device pointer */
344 /* buf : first fragment buffer */
345 /* addr : address of fragment buffer */
346 /* seqNum : sequence fragment buffer */
347 /* fragNum : fragment number of fragment buffer */
348 /* moreFrag : more frag bit of fragment buffer */
349 /* addInfo : addition info of fragment buffer */
350 /* */
351 /* OUTPUTS */
352 /* None */
353 /* */
354 /* AUTHOR */
355 /* Stephen Chen Atheros Communications, INC. 2007.1 */
356 /* */
357 /************************************************************************/
358 zbuf_t* zfAddFragToDefragList(zdev_t* dev, zbuf_t* buf, u8_t* addr,
359 u16_t seqNum, u8_t fragNum, u8_t moreFrag,
360 struct zsAdditionInfo* addInfo)
361 {
362 u16_t i, j, k;
363 zbuf_t* returnBuf = NULL;
364 u16_t defragDone = 0;
365 u16_t lenErr = 0;
366 u16_t startAddr, fragHead, frameLen, ivLen, icvLen;
367 zmw_get_wlan_dev(dev);
368 zmw_declare_for_critical_section();
369
370 zmw_enter_critical_section(dev);
371
372 /* Find frag in the defrag list */
373 for(i=0; i<ZM_MAX_DEFRAG_ENTRIES; i++)
374 {
375 if ( wd->defragTable.defragEntry[i].fragCount != 0 )
376 {
377 /* Compare address */
378 for (j=0; j<6; j++)
379 {
380 if (addr[j] != wd->defragTable.defragEntry[i].addr[j])
381 {
382 break;
383 }
384 }
385 if (j == 6)
386 {
387 /* Compare sequence and fragment number */
388 if (seqNum == wd->defragTable.defragEntry[i].seqNum)
389 {
390 if ((fragNum == wd->defragTable.defragEntry[i].fragCount)
391 && (fragNum < 8))
392 {
393 /* Add frag frame to defrag list */
394 wd->defragTable.defragEntry[i].fragment[fragNum] = buf;
395 wd->defragTable.defragEntry[i].fragCount++;
396 defragDone = 1;
397
398 if (moreFrag == 0)
399 {
400 /* merge all fragment if more data bit is cleared */
401 returnBuf = wd->defragTable.defragEntry[i].fragment[0];
402 startAddr = zfwBufGetSize(dev, returnBuf);
403 /* skip WLAN header 24(Data) or 26(QoS Data) */
404 fragHead = 24 + ((zmw_rx_buf_readh(dev, returnBuf, 0) & 0x80) >> 6);
405 zfGetRxIvIcvLength(dev, returnBuf, 0, &ivLen, &icvLen, addInfo);
406 fragHead += ivLen; /* skip IV */
407 for(k=1; k<wd->defragTable.defragEntry[i].fragCount; k++)
408 {
409 frameLen = zfwBufGetSize(dev,
410 wd->defragTable.defragEntry[i].fragment[k]);
411 if ((startAddr+frameLen-fragHead) < 1560)
412 {
413 zfRxBufferCopy(dev, returnBuf, wd->defragTable.defragEntry[i].fragment[k],
414 startAddr, fragHead, frameLen-fragHead);
415 startAddr += (frameLen-fragHead);
416 }
417 else
418 {
419 lenErr = 1;
420 }
421 zfwBufFree(dev, wd->defragTable.defragEntry[i].fragment[k], 0);
422 }
423
424 wd->defragTable.defragEntry[i].fragCount = 0;
425 zfwBufSetSize(dev, returnBuf, startAddr);
426 }
427 break;
428 }
429 }
430 }
431 }
432 }
433
434 zmw_leave_critical_section(dev);
435
436 if (lenErr == 1)
437 {
438 zfwBufFree(dev, returnBuf, 0);
439 return NULL;
440 }
441 if (defragDone == 0)
442 {
443 zfwBufFree(dev, buf, 0);
444 return NULL;
445 }
446
447 return returnBuf;
448 }
449
450
451 /* return value = NULL => save or free this frame */
452 zbuf_t* zfDefragment(zdev_t* dev, zbuf_t* buf, u8_t* pbIsDefrag,
453 struct zsAdditionInfo* addInfo)
454 {
455 u8_t fragNum;
456 u16_t seqNum;
457 u8_t moreFragBit;
458 u8_t addr[6];
459 u16_t i;
460 zmw_get_wlan_dev(dev);
461
462 ZM_BUFFER_TRACE(dev, buf)
463
464 *pbIsDefrag = FALSE;
465 seqNum = zmw_buf_readh(dev, buf, 22);
466 fragNum = (u8_t)(seqNum & 0xf);
467 moreFragBit = (zmw_buf_readb(dev, buf, 1) & ZM_BIT_2) >> 2;
468
469 if ((fragNum == 0) && (moreFragBit == 0))
470 {
471 /* Not part of a fragmentation */
472
473 return buf;
474 }
475 else
476 {
477 wd->commTally.swRxFragmentCount++;
478 seqNum = seqNum >> 4;
479 for (i=0; i<6; i++)
480 {
481 addr[i] = zmw_rx_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+i);
482 }
483
484 if (fragNum == 0)
485 {
486 /* more frag = 1 */
487 /* First part of a fragmentation */
488 zm_msg1_rx(ZM_LV_2, "First Frag, seq=", seqNum);
489 zfAddFirstFragToDefragList(dev, buf, addr, seqNum);
490 buf = NULL;
491 }
492 else
493 {
494 /* Middle or last part of a fragmentation */
495 zm_msg1_rx(ZM_LV_2, "Frag seq=", seqNum);
496 zm_msg1_rx(ZM_LV_2, "Frag moreFragBit=", moreFragBit);
497 buf = zfAddFragToDefragList(dev, buf, addr, seqNum, fragNum, moreFragBit, addInfo);
498 if (buf != NULL)
499 {
500 *pbIsDefrag = TRUE;
501 }
502 }
503 }
504
505 return buf;
506 }
507
508
509 #if ZM_PROTOCOL_RESPONSE_SIMULATION
510 u16_t zfSwap(u16_t num)
511 {
512 return ((num >> 8) + ((num & 0xff) << 8));
513 }
514
515
516 void zfProtRspSim(zdev_t* dev, zbuf_t* buf)
517 {
518 u16_t ethType;
519 u16_t arpOp;
520 u16_t prot;
521 u16_t temp;
522 u16_t i;
523 u16_t dip[2];
524 u16_t dstPort;
525 u16_t srcPort;
526
527 ethType = zmw_rx_buf_readh(dev, buf, 12);
528 zm_msg2_rx(ZM_LV_2, "ethType=", ethType);
529
530 /* ARP */
531 if (ethType == 0x0608)
532 {
533 arpOp = zmw_rx_buf_readh(dev, buf, 20);
534 dip[0] = zmw_rx_buf_readh(dev, buf, 38);
535 dip[1] = zmw_rx_buf_readh(dev, buf, 40);
536 zm_msg2_rx(ZM_LV_2, "arpOp=", arpOp);
537 zm_msg2_rx(ZM_LV_2, "ip0=", dip[0]);
538 zm_msg2_rx(ZM_LV_2, "ip1=", dip[1]);
539
540 //ARP request to 192.168.1.15
541 if ((arpOp == 0x0100) && (dip[0] == 0xa8c0) && (dip[1] == 0x0f01)) {
542 zm_msg0_rx(ZM_LV_2, "ARP");
543 /* ARP response */
544 zmw_rx_buf_writeh(dev, buf, 20, 0x0200);
545
546 /* dst hardware address */
547
548 /* src hardware address */
549 //zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
550 //zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
551 //zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
552
553 /* dst ip address */
554 for (i=0; i<5; i++)
555 {
556 temp = zmw_rx_buf_readh(dev, buf, 22+(i*2));
557 zmw_rx_buf_writeh(dev, buf, 32+(i*2), temp);
558 }
559
560 /* src hardware address */
561 zmw_rx_buf_writeh(dev, buf, 22, 0xa000);
562 zmw_rx_buf_writeh(dev, buf, 24, 0x0000);
563 zmw_rx_buf_writeh(dev, buf, 26, 0x0000);
564
565 /* src ip address */
566 zmw_rx_buf_writeh(dev, buf, 28, 0xa8c0);
567 zmw_rx_buf_writeh(dev, buf, 30, 0x0f01);
568 }
569 }
570 /* ICMP */
571 else if (ethType == 0x0008)
572 {
573 zm_msg0_rx(ZM_LV_2, "IP");
574 prot = zmw_rx_buf_readb(dev, buf, 23);
575 dip[0] = zmw_rx_buf_readh(dev, buf, 30);
576 dip[1] = zmw_rx_buf_readh(dev, buf, 32);
577 zm_msg2_rx(ZM_LV_2, "prot=", prot);
578 zm_msg2_rx(ZM_LV_2, "ip0=", dip[0]);
579 zm_msg2_rx(ZM_LV_2, "ip1=", dip[1]);
580
581 /* PING request to 192.168.1.15 */
582 if ((prot == 0x1) && (dip[0] == 0xa8c0) && (dip[1] == 0x0f01))
583 {
584 zm_msg0_rx(ZM_LV_2, "ICMP");
585 /* change dst */
586 for (i=0; i<3; i++)
587 {
588 temp = zmw_rx_buf_readh(dev, buf, 6+(i*2));
589 zmw_rx_buf_writeh(dev, buf, i*2, temp);
590 }
591 /* change src */
592 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
593 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
594 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
595
596 /* exchange src ip and dst ip */
597 for (i=0; i<2; i++)
598 {
599 temp = zmw_rx_buf_readh(dev, buf, 26+(i*2));
600 zmw_rx_buf_writeh(dev, buf, 30+(i*2), temp);
601 }
602 zmw_rx_buf_writeh(dev, buf, 26, 0xa8c0);
603 zmw_rx_buf_writeh(dev, buf, 28, 0x0f01);
604
605 /* change icmp type to echo reply */
606 zmw_rx_buf_writeb(dev, buf, 34, 0x0);
607
608 /* update icmp checksum */
609 temp = zmw_rx_buf_readh(dev, buf, 36);
610 temp += 8;
611 zmw_rx_buf_writeh(dev, buf, 36, temp);
612 }
613 else if (prot == 0x6)
614 {
615 zm_msg0_rx(ZM_LV_2, "TCP");
616 srcPort = zmw_rx_buf_readh(dev, buf, 34);
617 dstPort = zmw_rx_buf_readh(dev, buf, 36);
618 zm_msg2_rx(ZM_LV_2, "Src Port=", srcPort);
619 zm_msg2_rx(ZM_LV_2, "Dst Port=", dstPort);
620 if ((dstPort == 0x1500) || (srcPort == 0x1500))
621 {
622 zm_msg0_rx(ZM_LV_2, "FTP");
623
624 /* change dst */
625 for (i=0; i<3; i++)
626 {
627 temp = zmw_rx_buf_readh(dev, buf, 6+(i*2));
628 zmw_rx_buf_writeh(dev, buf, i*2, temp);
629 }
630 /* change src */
631 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
632 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
633 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
634
635 /* exchange src ip and dst ip */
636 for (i=0; i<2; i++)
637 {
638 temp = zmw_rx_buf_readh(dev, buf, 26+(i*2));
639 zmw_rx_buf_writeh(dev, buf, 30+(i*2), temp);
640 }
641 zmw_rx_buf_writeh(dev, buf, 26, 0xa8c0);
642 zmw_rx_buf_writeh(dev, buf, 28, 0x0f01);
643 }
644
645 }
646 else if (prot == 0x11)
647 {
648 /* change dst */
649 for (i=0; i<3; i++)
650 {
651 temp = zmw_rx_buf_readh(dev, buf, 6+(i*2));
652 zmw_rx_buf_writeh(dev, buf, i*2, temp);
653 }
654 /* change src */
655 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
656 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
657 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
658
659 zm_msg0_rx(ZM_LV_2, "UDP");
660 srcPort = zmw_rx_buf_readh(dev, buf, 34);
661 dstPort = zmw_rx_buf_readh(dev, buf, 36);
662 zm_msg2_rx(ZM_LV_2, "Src Port=", srcPort);
663 zm_msg2_rx(ZM_LV_2, "Dst Port=", dstPort);
664
665 /* exchange src ip and dst ip */
666 for (i=0; i<2; i++)
667 {
668 temp = zmw_rx_buf_readh(dev, buf, 26+(i*2));
669 zmw_rx_buf_writeh(dev, buf, 30+(i*2), temp);
670 }
671 zmw_rx_buf_writeh(dev, buf, 26, 0xa8c0);
672 zmw_rx_buf_writeh(dev, buf, 28, 0x0f01);
673
674 /* exchange port */
675 zmw_rx_buf_writeh(dev, buf, 34, srcPort+1);
676 zmw_rx_buf_writeh(dev, buf, 36, dstPort);
677
678 /* checksum = 0 */
679 zmw_rx_buf_writeh(dev, buf, 40, 0);
680 }
681
682 }
683 else if (ethType == 0x0060) /* =>0x0060 is port */
684 {
685 /* change src for Evl tool loop back receive */
686 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
687 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
688 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
689 }
690
691 }
692 #endif
693
694 /************************************************************************/
695 /* */
696 /* FUNCTION DESCRIPTION zfiTxSendEth */
697 /* Called to native 802.11 management frames */
698 /* */
699 /* INPUTS */
700 /* dev : device pointer */
701 /* buf : buffer pointer */
702 /* port : WLAN port, 0=>standard, 0x1-0x7=>VAP, 0x20-0x25=>WDS */
703 /* */
704 /* OUTPUTS */
705 /* error code */
706 /* */
707 /* AUTHOR */
708 /* Ray ZyDAS Technology Corporation 2005.5 */
709 /* */
710 /************************************************************************/
711 u16_t zfiTxSend80211Mgmt(zdev_t* dev, zbuf_t* buf, u16_t port)
712 {
713 u16_t err;
714 //u16_t addrTblSize = 0;
715 //struct zsAddrTbl addrTbl;
716 u16_t hlen;
717 u16_t header[(24+25+1)/2];
718 int i;
719
720 for(i=0;i<12;i++)
721 {
722 header[i] = zmw_buf_readh(dev, buf, i);
723 }
724 hlen = 24;
725
726 zfwBufRemoveHead(dev, buf, 24);
727
728 err = zfHpSend(dev, header, hlen, NULL, 0, NULL, 0, buf, 0,
729 ZM_EXTERNAL_ALLOC_BUF, 0, 0);
730 if (err != ZM_SUCCESS)
731 {
732 goto zlError;
733 }
734
735 return 0;
736
737 zlError:
738
739 zfwBufFree(dev, buf, 0);
740 return 0;
741 }
742
743 u8_t zfiIsTxQueueFull(zdev_t* dev)
744 {
745 zmw_get_wlan_dev(dev);
746 zmw_declare_for_critical_section();
747
748 zmw_enter_critical_section(dev);
749 if ((((wd->vtxqHead[0] + 1) & ZM_VTXQ_SIZE_MASK) != wd->vtxqTail[0]) )
750 {
751 zmw_leave_critical_section(dev);
752 return 0;
753 }
754 else
755 {
756 zmw_leave_critical_section(dev);
757 return 1;
758 }
759 }
760
761 /************************************************************************/
762 /* */
763 /* FUNCTION DESCRIPTION zfiTxSendEth */
764 /* Called to transmit Ethernet frame from upper layer. */
765 /* */
766 /* INPUTS */
767 /* dev : device pointer */
768 /* buf : buffer pointer */
769 /* port : WLAN port, 0=>standard, 0x1-0x7=>VAP, 0x20-0x25=>WDS */
770 /* */
771 /* OUTPUTS */
772 /* error code */
773 /* */
774 /* AUTHOR */
775 /* Stephen ZyDAS Technology Corporation 2005.5 */
776 /* */
777 /************************************************************************/
778 u16_t zfiTxSendEth(zdev_t* dev, zbuf_t* buf, u16_t port)
779 {
780 u16_t err, ret;
781
782 zmw_get_wlan_dev(dev);
783
784 ZM_PERFORMANCE_TX_MSDU(dev, wd->tick);
785 zm_msg1_tx(ZM_LV_2, "zfiTxSendEth(), port=", port);
786 /* Return error if port is disabled */
787 err = zfTxPortControl(dev, buf, port);
788 if (err == ZM_PORT_DISABLED)
789 {
790 err = ZM_ERR_TX_PORT_DISABLED;
791 goto zlError;
792 }
793
794 if ((wd->wlanMode == ZM_MODE_AP) && (port < 0x20))
795 {
796 /* AP : Buffer frame for power saving STA */
797 ret = zfApBufferPsFrame(dev, buf, port);
798 if (ret == 1)
799 {
800 return ZM_SUCCESS;
801 }
802 }
803 else
804 if (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)
805 {
806 if ( zfPowerSavingMgrIsSleeping(dev) )
807 {
808 /*check ZM_ENABLE_POWER_SAVE flag*/
809 zfPowerSavingMgrWakeup(dev);
810 }
811 }
812 #ifdef ZM_ENABLE_IBSS_PS
813 /* IBSS power-saving mode */
814 else if ( wd->wlanMode == ZM_MODE_IBSS )
815 {
816 if ( zfStaIbssPSQueueData(dev, buf) )
817 {
818 return ZM_SUCCESS;
819 }
820 }
821 #endif
822
823 //if ( wd->bQoSEnable )
824 if (1)
825 {
826 /* Put to VTXQ[ac] */
827 ret = zfPutVtxq(dev, buf);
828
829 /* Push VTXQ[ac] */
830 zfPushVtxq(dev);
831 }
832 else
833 {
834 ret = zfTxSendEth(dev, buf, port, ZM_EXTERNAL_ALLOC_BUF, 0);
835 }
836
837 return ret;
838
839 zlError:
840 zm_msg2_tx(ZM_LV_1, "Tx Comp err=", err);
841
842 zfwBufFree(dev, buf, err);
843 return err;
844 }
845
846
847 /************************************************************************/
848 /* */
849 /* FUNCTION DESCRIPTION zfTxSendEth */
850 /* Called to transmit Ethernet frame from upper layer. */
851 /* */
852 /* INPUTS */
853 /* dev : device pointer */
854 /* buf : buffer pointer */
855 /* port : WLAN port, 0=>standard, 0x10-0x17=>VAP, 0x20-0x25=>WDS */
856 /* */
857 /* OUTPUTS */
858 /* error code */
859 /* */
860 /* AUTHOR */
861 /* Stephen ZyDAS Technology Corporation 2005.5 */
862 /* */
863 /************************************************************************/
864 u16_t zfTxSendEth(zdev_t* dev, zbuf_t* buf, u16_t port, u16_t bufType, u16_t flag)
865 {
866 //u16_t addrTblSize;
867 //struct zsAddrTbl addrTbl;
868 u16_t removeLen;
869 u16_t header[(8+30+2+18)/2]; /* ctr+(4+a1+a2+a3+2+a4)+qos+iv */
870 u16_t headerLen;
871 u16_t mic[8/2];
872 u16_t micLen;
873 u16_t snap[8/2];
874 u16_t snapLen;
875 u16_t fragLen;
876 u16_t frameLen;
877 u16_t fragNum;
878 struct zsFrag frag;
879 u16_t i, j, id;
880 u16_t offset;
881 u16_t da[3];
882 u16_t sa[3];
883 u8_t up;
884 u8_t qosType, keyIdx = 0;
885 u16_t fragOff;
886 u16_t newFlag;
887 u8_t tkipFrameOffset = 0;
888
889 zmw_get_wlan_dev(dev);
890
891 zmw_declare_for_critical_section();
892
893 newFlag = flag & 0xff00;
894 flag = flag & 0xff;
895
896 zm_msg1_tx(ZM_LV_2, "zfTxSendEth(), port=", port);
897
898 /* Get IP TOS for QoS AC and IP frag offset */
899 zfTxGetIpTosAndFrag(dev, buf, &up, &fragOff);
900
901 //EOSP bit
902 if (newFlag & 0x100)
903 {
904 up |= 0x10;
905 }
906
907 #ifdef ZM_ENABLE_NATIVE_WIFI
908 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
909 {
910 /* DA */
911 da[0] = zmw_tx_buf_readh(dev, buf, 16);
912 da[1] = zmw_tx_buf_readh(dev, buf, 18);
913 da[2] = zmw_tx_buf_readh(dev, buf, 20);
914 /* SA */
915 sa[0] = zmw_tx_buf_readh(dev, buf, 10);
916 sa[1] = zmw_tx_buf_readh(dev, buf, 12);
917 sa[2] = zmw_tx_buf_readh(dev, buf, 14);
918 }
919 else if ( wd->wlanMode == ZM_MODE_IBSS )
920 {
921 /* DA */
922 da[0] = zmw_tx_buf_readh(dev, buf, 4);
923 da[1] = zmw_tx_buf_readh(dev, buf, 6);
924 da[2] = zmw_tx_buf_readh(dev, buf, 8);
925 /* SA */
926 sa[0] = zmw_tx_buf_readh(dev, buf, 10);
927 sa[1] = zmw_tx_buf_readh(dev, buf, 12);
928 sa[2] = zmw_tx_buf_readh(dev, buf, 14);
929 }
930 else if ( wd->wlanMode == ZM_MODE_AP )
931 {
932 /* DA */
933 da[0] = zmw_tx_buf_readh(dev, buf, 4);
934 da[1] = zmw_tx_buf_readh(dev, buf, 6);
935 da[2] = zmw_tx_buf_readh(dev, buf, 8);
936 /* SA */
937 sa[0] = zmw_tx_buf_readh(dev, buf, 16);
938 sa[1] = zmw_tx_buf_readh(dev, buf, 18);
939 sa[2] = zmw_tx_buf_readh(dev, buf, 20);
940 }
941 else
942 {
943 //
944 }
945 #else
946 /* DA */
947 da[0] = zmw_tx_buf_readh(dev, buf, 0);
948 da[1] = zmw_tx_buf_readh(dev, buf, 2);
949 da[2] = zmw_tx_buf_readh(dev, buf, 4);
950 /* SA */
951 sa[0] = zmw_tx_buf_readh(dev, buf, 6);
952 sa[1] = zmw_tx_buf_readh(dev, buf, 8);
953 sa[2] = zmw_tx_buf_readh(dev, buf, 10);
954 #endif
955 //Decide Key Index in ATOM, No meaning in OTUS--CWYang(m)
956 if (wd->wlanMode == ZM_MODE_AP)
957 {
958 keyIdx = wd->ap.bcHalKeyIdx[port];
959 id = zfApFindSta(dev, da);
960 if (id != 0xffff)
961 {
962 switch (wd->ap.staTable[id].encryMode)
963 {
964 case ZM_AES:
965 case ZM_TKIP:
966 #ifdef ZM_ENABLE_CENC
967 case ZM_CENC:
968 #endif //ZM_ENABLE_CENC
969 keyIdx = wd->ap.staTable[id].keyIdx;
970 break;
971 }
972 }
973 }
974 else
975 {
976 switch (wd->sta.encryMode)
977 {
978 case ZM_WEP64:
979 case ZM_WEP128:
980 case ZM_WEP256:
981 keyIdx = wd->sta.keyId;
982 break;
983 case ZM_AES:
984 case ZM_TKIP:
985 if ((da[0] & 0x1))
986 keyIdx = 5;
987 else
988 keyIdx = 4;
989 break;
990 #ifdef ZM_ENABLE_CENC
991 case ZM_CENC:
992 keyIdx = wd->sta.cencKeyId;
993 break;
994 #endif //ZM_ENABLE_CENC
995 }
996 }
997
998 /* Create SNAP */
999 removeLen = zfTxGenWlanSnap(dev, buf, snap, &snapLen);
1000 //zm_msg1_tx(ZM_LV_0, "fragOff=", fragOff);
1001
1002
1003 /* ********************************************************************************************** */
1004 /* Add 20071025 Mxzeng */
1005 /* ********************************************************************************************** */
1006 /* ---------------------------------------------------------------------------------------------- */
1007 /* Ethernet : frameLen = zfwBufGetSize(dev, buf); */
1008 /* ---+--6--+--6--+--2--+-----20-----+-------------------------+------ Variable -------+--------- */
1009 /* | DA | SA | Type| IP Header | TCP(20) UDP(12) ICMP(8) | Application Payload L | */
1010 /* ---+-----+-----+-----+------------+-------------------------+-----------------------+--------- */
1011 /* MSDU = 6 + 6 + 2 + ( Network Layer header ) + ( Transport Layer header ) + L */
1012 /* */
1013 /* MSDU - DA - SA : frameLen -= removeLen; */
1014 /* ---+--2--+-----20-----+-------------------------+------ Variable -------+--------------------- */
1015 /* | Type| IP Header | TCP(20) UDP(12) ICMP(8) | Application Payload L | */
1016 /* ---+-----+------------+-------------------------+-----------------------+--------------------- */
1017 /* */
1018 /* MPDU : frameLen + mpduLengthOffset ; */
1019 /* -+---2---+----2---+-6-+-6-+--6--+---2----+--1--+--1-+---1---+-------3------+-frameLen-+---4--+- */
1020 /* | frame |duration| DA|SA |BSSID|sequence|SNAP |SNAP|Control| RFC 1042 | | FCS | */
1021 /* |Control| | | | | number |DSAP |SSAP| | encapsulation| | | */
1022 /* -+-------+--------+---+---+-----+--------+-----+----+-------+--------------+----------+------+- */
1023 /* ----------------------------------------------------------------------------------------------- */
1024
1025 if ( wd->sta.encryMode == ZM_TKIP )
1026 tkipFrameOffset = 8;
1027
1028 fragLen = wd->fragThreshold + tkipFrameOffset; // Fragmentation threshold for MPDU Lengths
1029 frameLen = zfwBufGetSize(dev, buf); // MSDU Lengths
1030 frameLen -= removeLen; // MSDU Lengths - DA - SA
1031
1032 /* #1st create MIC Length manually */
1033 micLen = 0;
1034
1035 /* Access Category */
1036 if (wd->wlanMode == ZM_MODE_AP)
1037 {
1038 zfApGetStaQosType(dev, da, &qosType);
1039 if (qosType == 0)
1040 {
1041 up = 0;
1042 }
1043 }
1044 else if (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)
1045 {
1046 if (wd->sta.wmeConnected == 0)
1047 {
1048 up = 0;
1049 }
1050 }
1051 else
1052 {
1053 /* TODO : STA QoS control field */
1054 up = 0;
1055 }
1056
1057 /* #2nd Assign sequence number */
1058 zmw_enter_critical_section(dev);
1059 frag.seq[0] = ((wd->seq[zcUpToAc[up&0x7]]++) << 4);
1060 zmw_leave_critical_section(dev);
1061
1062 /* #3rd Pass the total payload to generate MPDU length ! */
1063 frag.buf[0] = buf;
1064 frag.bufType[0] = bufType;
1065 frag.flag[0] = (u8_t)flag;
1066 fragNum = 1;
1067
1068 headerLen = zfTxGenWlanHeader(dev, frag.buf[0], header, frag.seq[0],
1069 frag.flag[0], snapLen+micLen, removeLen, port, da, sa,
1070 up, &micLen, snap, snapLen, NULL);
1071
1072 //zm_debug_msg1("#1 headerLen = ", headerLen);
1073
1074 /* #4th Check the HeaderLen and determine whether the MPDU Lengths bigger than Fragmentation threshold */
1075 /* If MPDU Lengths large than fragmentation threshold --> headerLen = 0 */
1076 if( headerLen != 0 )
1077 {
1078 zf80211FrameSend(dev, frag.buf[0], header, snapLen, da, sa, up,
1079 headerLen, snap, mic, micLen, removeLen, frag.bufType[0],
1080 zcUpToAc[up&0x7], keyIdx);
1081 }
1082 else //if( headerLen == 0 ) // Need to be fragmented
1083 {
1084 u16_t mpduLengthOffset;
1085 u16_t pseudSnapLen = 0;
1086
1087 mpduLengthOffset = header[0] - frameLen; // For fragmentation threshold !
1088
1089 micLen = zfTxGenWlanTail(dev, buf, snap, snapLen, mic); // Get snap and mic information
1090
1091 fragLen = fragLen - mpduLengthOffset;
1092
1093 //zm_debug_msg1("#2 frameLen = ", frameLen);
1094 //zm_debug_msg1("#3 fragThreshold = ", fragLen);
1095
1096 /* fragmentation */
1097 if (frameLen >= fragLen)
1098 {
1099 //copy fragLen to frag
1100 i = 0;
1101 while( frameLen > 0 )
1102 {
1103 frag.buf[i] = zfwBufAllocate(dev, fragLen+32);
1104 if (frag.buf[i] != NULL)
1105 {
1106 frag.bufType[i] = ZM_INTERNAL_ALLOC_BUF;
1107 frag.seq[i] = frag.seq[0] + i;
1108 offset = removeLen + i*fragLen;
1109
1110 /* Consider the offset if we consider snap length to the other fragmented frame */
1111 if ( i >= 1 )
1112 offset = offset + pseudSnapLen*(i-1);
1113
1114 if (frameLen > fragLen + pseudSnapLen)
1115 {
1116 frag.flag[i] = flag | 0x4; /* More data */
1117 /* First fragment */
1118 if (i == 0)
1119 {
1120 /* Add SNAP */
1121 for (j=0; j<snapLen; j+=2)
1122 {
1123 zmw_tx_buf_writeh(dev, frag.buf[i], j, snap[(j>>1)]);
1124 }
1125 zfTxBufferCopy(dev, frag.buf[i], buf, snapLen, offset, fragLen);
1126 zfwBufSetSize(dev, frag.buf[i], snapLen+fragLen);
1127
1128 /* Add pseud snap length to the other fragmented frame */
1129 pseudSnapLen = snapLen;
1130
1131 frameLen -= fragLen;
1132 }
1133 /* Intermediate Fragment */
1134 else
1135 {
1136 //zfTxBufferCopy(dev, frag.buf[i], buf, 0, offset, fragLen);
1137 //zfwBufSetSize(dev, frag.buf[i], fragLen);
1138
1139 zfTxBufferCopy(dev, frag.buf[i], buf, 0, offset, fragLen+pseudSnapLen );
1140 zfwBufSetSize(dev, frag.buf[i], fragLen+pseudSnapLen);
1141
1142 frameLen -= (fragLen+pseudSnapLen);
1143 }
1144 //frameLen -= fragLen;
1145 }
1146 else
1147 {
1148 /* Last fragment */
1149 zfTxBufferCopy(dev, frag.buf[i], buf, 0, offset, frameLen);
1150 /* Add MIC if need */
1151 if ( micLen )
1152 {
1153 zfCopyToRxBuffer(dev, frag.buf[i], (u8_t*) mic, frameLen, micLen);
1154 }
1155 zfwBufSetSize(dev, frag.buf[i], frameLen+micLen);
1156 frameLen = 0;
1157 frag.flag[i] = (u8_t)flag; /* No more data */
1158 }
1159 i++;
1160 }
1161 else
1162 {
1163 break;
1164 }
1165
1166 // Please pay attention to the index of the buf !!!
1167 // If write to null buf , the OS will crash !!!
1168 zfwCopyBufContext(dev, buf, frag.buf[i-1]);
1169 }
1170 fragNum = i;
1171 snapLen = micLen = removeLen = 0;
1172
1173 zfwBufFree(dev, buf, 0);
1174 }
1175
1176 for (i=0; i<fragNum; i++)
1177 {
1178 /* Create WLAN header(Control Setting + 802.11 header + IV) */
1179 headerLen = zfTxGenWlanHeader(dev, frag.buf[i], header, frag.seq[i],
1180 frag.flag[i], snapLen+micLen, removeLen, port, da, sa, up, &micLen,
1181 snap, snapLen, NULL);
1182
1183 zf80211FrameSend(dev, frag.buf[i], header, snapLen, da, sa, up,
1184 headerLen, snap, mic, micLen, removeLen, frag.bufType[i],
1185 zcUpToAc[up&0x7], keyIdx);
1186
1187 } /* for (i=0; i<fragNum; i++) */
1188 }
1189
1190 return ZM_SUCCESS;
1191 }
1192
1193
1194 /************************************************************************/
1195 /* */
1196 /* FUNCTION DESCRIPTION zfTxPortControl */
1197 /* Check port status. */
1198 /* */
1199 /* INPUTS */
1200 /* buf : buffer pointer */
1201 /* port : port number, 0=>standard, 10-17=>Virtual AP, 20-25=>WDS */
1202 /* */
1203 /* OUTPUTS */
1204 /* ZM_PORT_ENABLED or ZM_PORT_DISABLE */
1205 /* */
1206 /* AUTHOR */
1207 /* Signature ZyDAS Technology Corporation 2005.4 */
1208 /* */
1209 /************************************************************************/
1210 u16_t zfTxPortControl(zdev_t* dev, zbuf_t* buf, u16_t port)
1211 {
1212 zmw_get_wlan_dev(dev);
1213
1214 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
1215 {
1216 if ( wd->sta.adapterState == ZM_STA_STATE_DISCONNECT )
1217 {
1218 zm_msg0_tx(ZM_LV_3, "Packets dropped due to disconnect state");
1219 return ZM_PORT_DISABLED;
1220 }
1221 }
1222
1223 return ZM_PORT_ENABLED;
1224 }
1225
1226
1227
1228 /************************************************************************/
1229 /* */
1230 /* FUNCTION DESCRIPTION zfIdlRecv */
1231 /* Do frame validation and filtering then pass to zfwRecv80211(). */
1232 /* */
1233 /* INPUTS */
1234 /* dev : device pointer */
1235 /* buf : received 802.11 frame buffer. */
1236 /* */
1237 /* OUTPUTS */
1238 /* None */
1239 /* */
1240 /* AUTHOR */
1241 /* Stephen ZyDAS Technology Corporation 2005.10 */
1242 /* */
1243 /************************************************************************/
1244 void zfCoreRecv(zdev_t* dev, zbuf_t* buf, struct zsAdditionInfo* addInfo)
1245 {
1246 u16_t ret = 0;
1247 u16_t bssid[3];
1248 struct agg_tid_rx *tid_rx;
1249 zmw_get_wlan_dev(dev);
1250
1251 ZM_BUFFER_TRACE(dev, buf)
1252
1253 /* tally */
1254 wd->commTally.DriverRxFrmCnt++;
1255
1256 bssid[0] = zmw_buf_readh(dev, buf, 16);
1257 bssid[1] = zmw_buf_readh(dev, buf, 18);
1258 bssid[2] = zmw_buf_readh(dev, buf, 20);
1259
1260 /* Validate Rx frame */
1261 ret = zfWlanRxValidate(dev, buf);
1262 if (ret != ZM_SUCCESS)
1263 {
1264 zm_msg1_rx(ZM_LV_1, "Rx invalid:", ret);
1265 goto zlError;
1266 }
1267
1268 #ifdef ZM_ENABLE_AGGREGATION
1269 //#ifndef ZM_ENABLE_FW_BA_RETRANSMISSION
1270 /*
1271 * add by honda
1272 */
1273 tid_rx = zfAggRxEnabled(dev, buf);
1274 if (tid_rx && wd->reorder)
1275 {
1276 zfAggRx(dev, buf, addInfo, tid_rx);
1277
1278 return;
1279 }
1280 /*
1281 * end of add by honda
1282 */
1283 //#endif
1284 #endif
1285
1286 /* Filter Rx frame */
1287 ret = zfWlanRxFilter(dev, buf);
1288 if (ret != ZM_SUCCESS)
1289 {
1290 zm_msg1_rx(ZM_LV_1, "Rx duplicated:", ret);
1291 goto zlError;
1292 }
1293
1294 /* Discard error frame except mic failure */
1295 if ((addInfo->Tail.Data.ErrorIndication & 0x3f) != 0)
1296 {
1297 if ( wd->XLinkMode && ((addInfo->Tail.Data.ErrorIndication & 0x3f)==0x10) &&
1298 zfCompareWithBssid(dev, bssid) )
1299 {
1300 // Bypass frames !!!
1301 }
1302 else
1303 {
1304 goto zlError;
1305 }
1306 }
1307
1308
1309 /* OTUS command-8212 dump rx packet */
1310 if (wd->rxPacketDump)
1311 {
1312 zfwDumpBuf(dev, buf);
1313 }
1314
1315 /* Call zfwRecv80211() wrapper function to deliver Rx packet */
1316 /* to driver framework. */
1317
1318 if (wd->zfcbRecv80211 != NULL)
1319 {
1320 wd->zfcbRecv80211(dev, buf, addInfo); //CWYang(m)
1321 }
1322 else
1323 {
1324 zfiRecv80211(dev, buf, addInfo);
1325 }
1326 return;
1327
1328 zlError:
1329 zm_msg1_rx(ZM_LV_1, "Free packet, error code:", ret);
1330
1331 wd->commTally.DriverDiscardedFrm++;
1332
1333 /* Free Rx buffer */
1334 zfwBufFree(dev, buf, 0);
1335
1336 return;
1337 }
1338
1339
1340 void zfShowRxEAPOL(zdev_t* dev, zbuf_t* buf, u16_t offset)
1341 {
1342 u8_t packetType, keyType, code, identifier, type, flags;
1343 u16_t packetLen, keyInfo, keyLen, keyDataLen, length, Op_Code;
1344 u32_t replayCounterH, replayCounterL, vendorId, VendorType;
1345
1346 /* EAPOL packet type */
1347 packetType = zmw_rx_buf_readb(dev, buf, offset+1); // 0: EAP-Packet
1348 // 1: EAPOL-Start
1349 // 2: EAPOL-Logoff
1350 // 3: EAPOL-Key
1351 // 4: EAPOL-Encapsulated-ASF-Alert
1352
1353 /* EAPOL frame format */
1354 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1355 /* ----------------------------------------------- */
1356 /* PAE Ethernet Type (0x888e) */
1357 /* ----------------------------------------------- 2 */
1358 /* Protocol Version | Type */
1359 /* ----------------------------------------------- 4 */
1360 /* Length */
1361 /* ----------------------------------------------- 6 */
1362 /* Packet Body */
1363 /* ----------------------------------------------- N */
1364
1365 /* EAPOL body length */
1366 packetLen = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+2)) << 8) +
1367 zmw_rx_buf_readb(dev, buf, offset+3);
1368
1369 if( packetType == 0 )
1370 { // EAP-Packet
1371
1372 /* EAP-Packet Code */
1373 code = zmw_rx_buf_readb(dev, buf, offset+4); // 1 : Request
1374 // 2 : Response
1375 // 3 : Success
1376 // 4 : Failure
1377 // An EAP packet of the type of Success and Failure has no Data field, and has a length of 4.
1378
1379 /* EAP Packet format */
1380 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1381 /* ----------------------------------------------- */
1382 /* Code | Identifier */
1383 /* ----------------------------------------------- 2 */
1384 /* Length */
1385 /* ----------------------------------------------- 4 */
1386 /* Data */
1387 /* ----------------------------------------------- N */
1388
1389 zm_debug_msg0("EAP-Packet");
1390 zm_debug_msg1("Packet Length = ", packetLen);
1391 zm_debug_msg1("EAP-Packet Code = ", code);
1392
1393 if( code == 1 )
1394 {
1395 zm_debug_msg0("EAP-Packet Request");
1396
1397 /* EAP-Packet Identifier */
1398 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1399 /* EAP-Packet Length */
1400 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1401 zmw_rx_buf_readb(dev, buf, offset+7);
1402 /* EAP-Packet Type */
1403 type = zmw_rx_buf_readb(dev, buf, offset+8); // 1 : Identity
1404 // 2 : Notification
1405 // 3 : Nak (Response Only)
1406 // 4 : MD5-Challenge
1407 // 5 : One Time Password (OTP)
1408 // 6 : Generic Token Card (GTC)
1409 // 254 : (Expanded Types)Wi-Fi Protected Setup
1410 // 255 : Experimental Use
1411
1412 /* The data field in an EAP packet of the type of Request or Response is in the format shown bellowing */
1413 /* 0 1 2 3 4 5 6 7 N */
1414 /* ----------------------------------------------- */
1415 /* Type | Type Data */
1416 /* ----------------------------------------------- */
1417
1418 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1419 zm_debug_msg1("EAP-Packet Length = ", length);
1420 zm_debug_msg1("EAP-Packet Type = ", type);
1421
1422 if( type == 1 )
1423 {
1424 zm_debug_msg0("EAP-Packet Request Identity");
1425 }
1426 else if( type == 2 )
1427 {
1428 zm_debug_msg0("EAP-Packet Request Notification");
1429 }
1430 else if( type == 4 )
1431 {
1432 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1433 }
1434 else if( type == 5 )
1435 {
1436 zm_debug_msg0("EAP-Packet Request One Time Password");
1437 }
1438 else if( type == 6 )
1439 {
1440 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1441 }
1442 else if( type == 254 )
1443 {
1444 zm_debug_msg0("EAP-Packet Request Wi-Fi Protected Setup");
1445
1446 /* 0 1 2 3 */
1447 /* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 */
1448 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1449 /*| Type | Vendor-Id |*/
1450 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1451 /*| Vendor-Type |*/
1452 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1453 /*| Vendor data... */
1454 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */
1455
1456 /* EAP-Packet Vendor ID */
1457 vendorId = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+9)) << 16) +
1458 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+10)) << 8) +
1459 zmw_rx_buf_readb(dev, buf, offset+11);
1460 /* EAP-Packet Vendor Type */
1461 VendorType = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+12)) << 24) +
1462 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+13)) << 16) +
1463 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+14)) << 8) +
1464 zmw_rx_buf_readb(dev, buf, offset+15);
1465 /* EAP-Packet Op Code */
1466 Op_Code = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+16)) << 8) +
1467 zmw_rx_buf_readb(dev, buf, offset+17);
1468 /* EAP-Packet Flags */
1469 flags = zmw_rx_buf_readb(dev, buf, offset+18);
1470
1471 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1472 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1473 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1474 zm_debug_msg1("EAP-Packet Flags = ", flags);
1475 }
1476 }
1477 else if( code == 2 )
1478 {
1479 zm_debug_msg0("EAP-Packet Response");
1480
1481 /* EAP-Packet Identifier */
1482 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1483 /* EAP-Packet Length */
1484 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1485 zmw_rx_buf_readb(dev, buf, offset+7);
1486 /* EAP-Packet Type */
1487 type = zmw_rx_buf_readb(dev, buf, offset+8);
1488
1489 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1490 zm_debug_msg1("EAP-Packet Length = ", length);
1491 zm_debug_msg1("EAP-Packet Type = ", type);
1492
1493 if( type == 1 )
1494 {
1495 zm_debug_msg0("EAP-Packet Response Identity");
1496 }
1497 else if( type == 2 )
1498 {
1499 zm_debug_msg0("EAP-Packet Request Notification");
1500 }
1501 else if( type == 3 )
1502 {
1503 zm_debug_msg0("EAP-Packet Request Nak");
1504 }
1505 else if( type == 4 )
1506 {
1507 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1508 }
1509 else if( type == 5 )
1510 {
1511 zm_debug_msg0("EAP-Packet Request One Time Password");
1512 }
1513 else if( type == 6 )
1514 {
1515 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1516 }
1517 else if( type == 254 )
1518 {
1519 zm_debug_msg0("EAP-Packet Response Wi-Fi Protected Setup");
1520
1521 /* EAP-Packet Vendor ID */
1522 vendorId = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+9)) << 16) +
1523 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+10)) << 8) +
1524 zmw_rx_buf_readb(dev, buf, offset+11);
1525 /* EAP-Packet Vendor Type */
1526 VendorType = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+12)) << 24) +
1527 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+13)) << 16) +
1528 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+14)) << 8) +
1529 zmw_rx_buf_readb(dev, buf, offset+15);
1530 /* EAP-Packet Op Code */
1531 Op_Code = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+16)) << 8) +
1532 zmw_rx_buf_readb(dev, buf, offset+17);
1533 /* EAP-Packet Flags */
1534 flags = zmw_rx_buf_readb(dev, buf, offset+18);
1535
1536 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1537 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1538 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1539 zm_debug_msg1("EAP-Packet Flags = ", flags);
1540 }
1541 }
1542 else if( code == 3 )
1543 {
1544 zm_debug_msg0("EAP-Packet Success");
1545
1546 /* EAP-Packet Identifier */
1547 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1548 /* EAP-Packet Length */
1549 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1550 zmw_rx_buf_readb(dev, buf, offset+7);
1551
1552 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1553 zm_debug_msg1("EAP-Packet Length = ", length);
1554 }
1555 else if( code == 4 )
1556 {
1557 zm_debug_msg0("EAP-Packet Failure");
1558
1559 /* EAP-Packet Identifier */
1560 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1561 /* EAP-Packet Length */
1562 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1563 zmw_rx_buf_readb(dev, buf, offset+7);
1564
1565 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1566 zm_debug_msg1("EAP-Packet Length = ", length);
1567 }
1568 }
1569 else if( packetType == 1 )
1570 { // EAPOL-Start
1571 zm_debug_msg0("EAPOL-Start");
1572 }
1573 else if( packetType == 2 )
1574 { // EAPOL-Logoff
1575 zm_debug_msg0("EAPOL-Logoff");
1576 }
1577 else if( packetType == 3 )
1578 { // EAPOL-Key
1579 /* EAPOL-Key type */
1580 keyType = zmw_rx_buf_readb(dev, buf, offset+4);
1581 /* EAPOL-Key information */
1582 keyInfo = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+5)) << 8) +
1583 zmw_rx_buf_readb(dev, buf, offset+6);
1584 /* EAPOL-Key length */
1585 keyLen = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+7)) << 8) +
1586 zmw_rx_buf_readb(dev, buf, offset+8);
1587 /* EAPOL-Key replay counter (high double word) */
1588 replayCounterH = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+9)) << 24) +
1589 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+10)) << 16) +
1590 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+11)) << 8) +
1591 zmw_rx_buf_readb(dev, buf, offset+12);
1592 /* EAPOL-Key replay counter (low double word) */
1593 replayCounterL = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+13)) << 24) +
1594 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+14)) << 16) +
1595 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+15)) << 8) +
1596 zmw_rx_buf_readb(dev, buf, offset+16);
1597 /* EAPOL-Key data length */
1598 keyDataLen = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+97)) << 8) +
1599 zmw_rx_buf_readb(dev, buf, offset+98);
1600
1601 zm_debug_msg0("EAPOL-Key");
1602 zm_debug_msg1("packet length = ", packetLen);
1603
1604 if ( keyType == 254 )
1605 {
1606 zm_debug_msg0("key type = 254 (SSN key descriptor)");
1607 }
1608 else
1609 {
1610 zm_debug_msg2("key type = 0x", keyType);
1611 }
1612
1613 zm_debug_msg2("replay counter(L) = ", replayCounterL);
1614
1615 zm_debug_msg2("key information = ", keyInfo);
1616
1617 if ( keyInfo & ZM_BIT_3 )
1618 {
1619 zm_debug_msg0(" - pairwise key");
1620 }
1621 else
1622 {
1623 zm_debug_msg0(" - group key");
1624 }
1625
1626 if ( keyInfo & ZM_BIT_6 )
1627 {
1628 zm_debug_msg0(" - Tx key installed");
1629 }
1630 else
1631 {
1632 zm_debug_msg0(" - Tx key not set");
1633 }
1634
1635 if ( keyInfo & ZM_BIT_7 )
1636 {
1637 zm_debug_msg0(" - Ack needed");
1638 }
1639 else
1640 {
1641 zm_debug_msg0(" - Ack not needed");
1642 }
1643
1644 if ( keyInfo & ZM_BIT_8 )
1645 {
1646 zm_debug_msg0(" - MIC set");
1647 }
1648 else
1649 {
1650 zm_debug_msg0(" - MIC not set");
1651 }
1652
1653 if ( keyInfo & ZM_BIT_9 )
1654 {
1655 zm_debug_msg0(" - packet encrypted");
1656 }
1657 else
1658 {
1659 zm_debug_msg0(" - packet not encrypted");
1660 }
1661
1662 zm_debug_msg1("keyLen = ", keyLen);
1663 zm_debug_msg1("keyDataLen = ", keyDataLen);
1664 }
1665 else if( packetType == 4 )
1666 {
1667 zm_debug_msg0("EAPOL-Encapsulated-ASF-Alert");
1668 }
1669 }
1670
1671 void zfShowTxEAPOL(zdev_t* dev, zbuf_t* buf, u16_t offset)
1672 {
1673 u8_t packetType, keyType, code, identifier, type, flags;
1674 u16_t packetLen, keyInfo, keyLen, keyDataLen, length, Op_Code;
1675 u32_t replayCounterH, replayCounterL, vendorId, VendorType;
1676
1677 zm_debug_msg1("EAPOL Packet size = ", zfwBufGetSize(dev, buf));
1678
1679 /* EAPOL packet type */
1680 // 0: EAP-Packet
1681 // 1: EAPOL-Start
1682 // 2: EAPOL-Logoff
1683 // 3: EAPOL-Key
1684 // 4: EAPOL-Encapsulated-ASF-Alert
1685
1686 /* EAPOL frame format */
1687 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1688 /* ----------------------------------------------- */
1689 /* PAE Ethernet Type (0x888e) */
1690 /* ----------------------------------------------- 2 */
1691 /* Protocol Version | Type */
1692 /* ----------------------------------------------- 4 */
1693 /* Length */
1694 /* ----------------------------------------------- 6 */
1695 /* Packet Body */
1696 /* ----------------------------------------------- N */
1697
1698 packetType = zmw_tx_buf_readb(dev, buf, offset+1);
1699 /* EAPOL body length */
1700 packetLen = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+2)) << 8) +
1701 zmw_tx_buf_readb(dev, buf, offset+3);
1702
1703 if( packetType == 0 )
1704 { // EAP-Packet
1705 /* EAP-Packet Code */
1706 code = zmw_tx_buf_readb(dev, buf, offset+4); // 1 : Request
1707 // 2 : Response
1708 // 3 : Success
1709 // 4 : Failure
1710
1711 // An EAP packet of the type of Success and Failure has no Data field, and has a length of 4.
1712
1713 /* EAP Packet format */
1714 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1715 /* ----------------------------------------------- */
1716 /* Code | Identifier */
1717 /* ----------------------------------------------- 2 */
1718 /* Length */
1719 /* ----------------------------------------------- 4 */
1720 /* Data */
1721 /* ----------------------------------------------- N */
1722
1723 zm_debug_msg0("EAP-Packet");
1724 zm_debug_msg1("Packet Length = ", packetLen);
1725 zm_debug_msg1("EAP-Packet Code = ", code);
1726
1727 if( code == 1 )
1728 {
1729 zm_debug_msg0("EAP-Packet Request");
1730
1731 /* EAP-Packet Identifier */
1732 identifier = zmw_tx_buf_readb(dev, buf, offset+5);
1733 /* EAP-Packet Length */
1734 length = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+6)) << 8) +
1735 zmw_tx_buf_readb(dev, buf, offset+7);
1736 /* EAP-Packet Type */
1737 type = zmw_tx_buf_readb(dev, buf, offset+8); // 1 : Identity
1738 // 2 : Notification
1739 // 3 : Nak (Response Only)
1740 // 4 : MD5-Challenge
1741 // 5 : One Time Password (OTP)
1742 // 6 : Generic Token Card (GTC)
1743 // 254 : (Expanded Types)Wi-Fi Protected Setup
1744 // 255 : Experimental Use
1745
1746 /* The data field in an EAP packet of the type of Request or Response is in the format shown bellowing */
1747 /* 0 1 2 3 4 5 6 7 N */
1748 /* ----------------------------------------------- */
1749 /* Type | Type Data */
1750 /* ----------------------------------------------- */
1751
1752 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1753 zm_debug_msg1("EAP-Packet Length = ", length);
1754 zm_debug_msg1("EAP-Packet Type = ", type);
1755
1756 if( type == 1 )
1757 {
1758 zm_debug_msg0("EAP-Packet Request Identity");
1759 }
1760 else if( type == 2 )
1761 {
1762 zm_debug_msg0("EAP-Packet Request Notification");
1763 }
1764 else if( type == 4 )
1765 {
1766 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1767 }
1768 else if( type == 5 )
1769 {
1770 zm_debug_msg0("EAP-Packet Request One Time Password");
1771 }
1772 else if( type == 6 )
1773 {
1774 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1775 }
1776 else if( type == 254 )
1777 {
1778 zm_debug_msg0("EAP-Packet Request Wi-Fi Protected Setup");
1779
1780 /* 0 1 2 3 */
1781 /* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 */
1782 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1783 /*| Type | Vendor-Id |*/
1784 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1785 /*| Vendor-Type |*/
1786 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1787 /*| Vendor data... */
1788 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */
1789
1790 /* EAP-Packet Vendor ID */
1791 vendorId = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+9)) << 16) +
1792 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+10)) << 8) +
1793 zmw_tx_buf_readb(dev, buf, offset+11);
1794 /* EAP-Packet Vendor Type */
1795 VendorType = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+12)) << 24) +
1796 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+13)) << 16) +
1797 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+14)) << 8) +
1798 zmw_tx_buf_readb(dev, buf, offset+15);
1799 /* EAP-Packet Op Code */
1800 Op_Code = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+16)) << 8) +
1801 zmw_tx_buf_readb(dev, buf, offset+17);
1802 /* EAP-Packet Flags */
1803 flags = zmw_tx_buf_readb(dev, buf, offset+18);
1804
1805 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1806 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1807 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1808 zm_debug_msg1("EAP-Packet Flags = ", flags);
1809 }
1810 }
1811 else if( code == 2 )
1812 {
1813 zm_debug_msg0("EAP-Packet Response");
1814
1815 /* EAP-Packet Identifier */
1816 identifier = zmw_tx_buf_readb(dev, buf, offset+5);
1817 /* EAP-Packet Length */
1818 length = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+6)) << 8) +
1819 zmw_tx_buf_readb(dev, buf, offset+7);
1820 /* EAP-Packet Type */
1821 type = zmw_tx_buf_readb(dev, buf, offset+8);
1822
1823 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1824 zm_debug_msg1("EAP-Packet Length = ", length);
1825 zm_debug_msg1("EAP-Packet Type = ", type);
1826
1827 if( type == 1 )
1828 {
1829 zm_debug_msg0("EAP-Packet Response Identity");
1830 }
1831 else if( type == 2 )
1832 {
1833 zm_debug_msg0("EAP-Packet Request Notification");
1834 }
1835 else if( type == 3 )
1836 {
1837 zm_debug_msg0("EAP-Packet Request Nak");
1838 }
1839 else if( type == 4 )
1840 {
1841 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1842 }
1843 else if( type == 5 )
1844 {
1845 zm_debug_msg0("EAP-Packet Request One Time Password");
1846 }
1847 else if( type == 6 )
1848 {
1849 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1850 }
1851 else if( type == 254 )
1852 {
1853 zm_debug_msg0("EAP-Packet Response Wi-Fi Protected Setup");
1854
1855 /* EAP-Packet Vendor ID */
1856 vendorId = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+9)) << 16) +
1857 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+10)) << 8) +
1858 zmw_tx_buf_readb(dev, buf, offset+11);
1859 /* EAP-Packet Vendor Type */
1860 VendorType = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+12)) << 24) +
1861 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+13)) << 16) +
1862 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+14)) << 8) +
1863 zmw_tx_buf_readb(dev, buf, offset+15);
1864 /* EAP-Packet Op Code */
1865 Op_Code = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+16)) << 8) +
1866 zmw_tx_buf_readb(dev, buf, offset+17);
1867 /* EAP-Packet Flags */
1868 flags = zmw_tx_buf_readb(dev, buf, offset+18);
1869
1870 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1871 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1872 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1873 zm_debug_msg1("EAP-Packet Flags = ", flags);
1874 }
1875 }
1876 else if( code == 3 )
1877 {
1878 zm_debug_msg0("EAP-Packet Success");
1879
1880 /* EAP-Packet Identifier */
1881 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1882 /* EAP-Packet Length */
1883 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1884 zmw_rx_buf_readb(dev, buf, offset+7);
1885
1886 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1887 zm_debug_msg1("EAP-Packet Length = ", length);
1888 }
1889 else if( code == 4 )
1890 {
1891 zm_debug_msg0("EAP-Packet Failure");
1892
1893 /* EAP-Packet Identifier */
1894 identifier = zmw_tx_buf_readb(dev, buf, offset+5);
1895 /* EAP-Packet Length */
1896 length = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+6)) << 8) +
1897 zmw_tx_buf_readb(dev, buf, offset+7);
1898
1899 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1900 zm_debug_msg1("EAP-Packet Length = ", length);
1901 }
1902 }
1903 else if( packetType == 1 )
1904 { // EAPOL-Start
1905 zm_debug_msg0("EAPOL-Start");
1906 }
1907 else if( packetType == 2 )
1908 { // EAPOL-Logoff
1909 zm_debug_msg0("EAPOL-Logoff");
1910 }
1911 else if( packetType == 3 )
1912 { // EAPOL-Key
1913 /* EAPOL-Key type */
1914 keyType = zmw_tx_buf_readb(dev, buf, offset+4);
1915 /* EAPOL-Key information */
1916 keyInfo = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+5)) << 8) +
1917 zmw_tx_buf_readb(dev, buf, offset+6);
1918 /* EAPOL-Key length */
1919 keyLen = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+7)) << 8) +
1920 zmw_tx_buf_readb(dev, buf, offset+8);
1921 /* EAPOL-Key replay counter (high double word) */
1922 replayCounterH = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+9)) << 24) +
1923 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+10)) << 16) +
1924 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+11)) << 8) +
1925 zmw_tx_buf_readb(dev, buf, offset+12);
1926 /* EAPOL-Key replay counter (low double word) */
1927 replayCounterL = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+13)) << 24) +
1928 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+14)) << 16) +
1929 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+15)) << 8) +
1930 zmw_tx_buf_readb(dev, buf, offset+16);
1931 /* EAPOL-Key data length */
1932 keyDataLen = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+97)) << 8) +
1933 zmw_tx_buf_readb(dev, buf, offset+98);
1934
1935 zm_debug_msg0("EAPOL-Key");
1936 zm_debug_msg1("packet length = ", packetLen);
1937
1938 if ( keyType == 254 )
1939 {
1940 zm_debug_msg0("key type = 254 (SSN key descriptor)");
1941 }
1942 else
1943 {
1944 zm_debug_msg2("key type = 0x", keyType);
1945 }
1946
1947 zm_debug_msg2("replay counter(L) = ", replayCounterL);
1948
1949 zm_debug_msg2("key information = ", keyInfo);
1950
1951 if ( keyInfo & ZM_BIT_3 )
1952 {
1953 zm_debug_msg0(" - pairwise key");
1954 }
1955 else
1956 {
1957 zm_debug_msg0(" - group key");
1958 }
1959
1960 if ( keyInfo & ZM_BIT_6 )
1961 {
1962 zm_debug_msg0(" - Tx key installed");
1963 }
1964 else
1965 {
1966 zm_debug_msg0(" - Tx key not set");
1967 }
1968
1969 if ( keyInfo & ZM_BIT_7 )
1970 {
1971 zm_debug_msg0(" - Ack needed");
1972 }
1973 else
1974 {
1975 zm_debug_msg0(" - Ack not needed");
1976 }
1977
1978 if ( keyInfo & ZM_BIT_8 )
1979 {
1980 zm_debug_msg0(" - MIC set");
1981 }
1982 else
1983 {
1984 zm_debug_msg0(" - MIC not set");
1985 }
1986
1987 if ( keyInfo & ZM_BIT_9 )
1988 {
1989 zm_debug_msg0(" - packet encrypted");
1990 }
1991 else
1992 {
1993 zm_debug_msg0(" - packet not encrypted");
1994 }
1995
1996 zm_debug_msg1("keyLen = ", keyLen);
1997 zm_debug_msg1("keyDataLen = ", keyDataLen);
1998 }
1999 else if( packetType == 4 )
2000 {
2001 zm_debug_msg0("EAPOL-Encapsulated-ASF-Alert");
2002 }
2003 }
2004
2005
2006 /************************************************************************/
2007 /* */
2008 /* FUNCTION DESCRIPTION zfiRecv80211 */
2009 /* Called to receive 802.11 frame. */
2010 /* */
2011 /* INPUTS */
2012 /* dev : device pointer */
2013 /* buf : received 802.11 frame buffer. */
2014 /* */
2015 /* OUTPUTS */
2016 /* None */
2017 /* */
2018 /* AUTHOR */
2019 /* Stephen ZyDAS Technology Corporation 2005.5 */
2020 /* */
2021 /************************************************************************/
2022 void zfiRecv80211(zdev_t* dev, zbuf_t* buf, struct zsAdditionInfo* addInfo)
2023 {
2024 u8_t snapCase=0, encryMode;
2025 u16_t frameType, typeLengthField;
2026 u16_t frameCtrl;
2027 u16_t frameSubtype;
2028 u16_t ret;
2029 u16_t len;
2030 u8_t bIsDefrag = 0;
2031 u16_t offset, tailLen;
2032 u8_t vap = 0;
2033 u16_t da[3], sa[3];
2034 u16_t ii;
2035 u8_t uapsdTrig = 0;
2036 zbuf_t* psBuf;
2037 #ifdef ZM_ENABLE_NATIVE_WIFI
2038 u8_t i;
2039 #endif
2040
2041 zmw_get_wlan_dev(dev);
2042
2043 ZM_BUFFER_TRACE(dev, buf)
2044
2045 //zm_msg2_rx(ZM_LV_2, "zfiRecv80211(), buf=", buf);
2046
2047 //zm_msg2_rx(ZM_LV_0, "h[0]=", zmw_rx_buf_readh(dev, buf, 0));
2048 //zm_msg2_rx(ZM_LV_0, "h[2]=", zmw_rx_buf_readh(dev, buf, 2));
2049 //zm_msg2_rx(ZM_LV_0, "h[4]=", zmw_rx_buf_readh(dev, buf, 4));
2050
2051 frameCtrl = zmw_rx_buf_readb(dev, buf, 0);
2052 frameType = frameCtrl & 0xf;
2053 frameSubtype = frameCtrl & 0xf0;
2054
2055
2056 /* If data frame */
2057 if (frameType == ZM_WLAN_DATA_FRAME)
2058 {
2059 wd->sta.TotalNumberOfReceivePackets++;
2060 wd->sta.TotalNumberOfReceiveBytes += zfwBufGetSize(dev, buf);
2061 //zm_debug_msg1("Receive packets = ", wd->sta.TotalNumberOfReceivePackets);
2062
2063 //zm_msg0_rx(ZM_LV_0, "Rx data");
2064 if (wd->wlanMode == ZM_MODE_AP)
2065 {
2066 ret = zfApUpdatePsBit(dev, buf, &vap, &uapsdTrig);
2067 if (ret != ZM_SUCCESS)
2068 {
2069 zfwBufFree(dev, buf, 0);
2070 return;
2071 }
2072
2073 if (((uapsdTrig&0xf) != 0) && ((frameSubtype & 0x80) != 0))
2074 {
2075 u8_t ac = zcUpToAc[zmw_buf_readb(dev, buf, 24)&0x7];
2076 u8_t pktNum;
2077 u8_t mb;
2078 u16_t flag;
2079 u8_t src[6];
2080
2081 //printk("QoS ctrl=%d\n", zmw_buf_readb(dev, buf, 24));
2082 //printk("UAPSD trigger, ac=%d\n", ac);
2083
2084 if (((0x8>>ac) & uapsdTrig) != 0)
2085 {
2086 pktNum = zcMaxspToPktNum[(uapsdTrig>>4) & 0x3];
2087
2088 for (ii=0; ii<6; ii++)
2089 {
2090 src[ii] = zmw_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+ii);
2091 }
2092
2093 for (ii=0; ii<pktNum; ii++)
2094 {
2095 //if ((psBuf = zfQueueGet(dev, wd->ap.uapsdQ)) != NULL)
2096 psBuf = zfQueueGetWithMac(dev, wd->ap.uapsdQ, src, &mb);
2097 if (psBuf != NULL)
2098 {
2099 if ((ii+1) == pktNum)
2100 {
2101 //EOSP anyway
2102 flag = 0x100 | (mb<<5);
2103 }
2104 else
2105 {
2106 if (mb != 0)
2107 {
2108 //more data, not EOSP
2109 flag = 0x20;
2110 }
2111 else
2112 {
2113 //no more data, EOSP
2114 flag = 0x100;
2115 }
2116 }
2117 zfTxSendEth(dev, psBuf, 0, ZM_EXTERNAL_ALLOC_BUF, flag);
2118 }
2119
2120 if ((psBuf == NULL) || (mb == 0))
2121 {
2122 if ((ii == 0) && (psBuf == NULL))
2123 {
2124 zfSendMmFrame(dev, ZM_WLAN_FRAME_TYPE_QOS_NULL, (u16_t*)src, 0, 0, 0);
2125 }
2126 break;
2127 }
2128 }
2129 }
2130 }
2131
2132 }
2133 else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
2134 {
2135 u16_t frameCtrlMSB;
2136 u8_t bssid[6];
2137
2138 /* Check Is RIFS frame and decide to enable RIFS or not */
2139 if( wd->sta.EnableHT )
2140 zfCheckIsRIFSFrame(dev, buf, frameSubtype);
2141
2142 if ( zfPowerSavingMgrIsSleeping(dev) || wd->sta.psMgr.tempWakeUp == 1)
2143 {
2144 frameCtrlMSB = zmw_rx_buf_readb(dev, buf, 1);
2145
2146 /* check more data */
2147 if ( frameCtrlMSB & ZM_BIT_5 )
2148 {
2149 //if rx frame's AC is not delivery-enabled
2150 if ((wd->sta.qosInfo&0xf) != 0xf)
2151 {
2152 u8_t rxAc = 0;
2153 if ((frameSubtype & 0x80) != 0)
2154 {
2155 rxAc = zcUpToAc[zmw_buf_readb(dev, buf, 24)&0x7];
2156 }
2157
2158 if (((0x8>>rxAc) & wd->sta.qosInfo) == 0)
2159 {
2160 zfSendPSPoll(dev);
2161 wd->sta.psMgr.tempWakeUp = 0;
2162 }
2163 }
2164 }
2165 }
2166 /*increase beacon count when receive vaild data frame from AP*/
2167 ZM_MAC_WORD_TO_BYTE(wd->sta.bssid, bssid);
2168
2169 if (zfStaIsConnected(dev)&&
2170 zfRxBufferEqualToStr(dev, buf, bssid, ZM_WLAN_HEADER_A2_OFFSET, 6))
2171 {
2172 wd->sta.rxBeaconCount++;
2173 }
2174 }
2175
2176 zm_msg1_rx(ZM_LV_2, "Rx VAP=", vap);
2177
2178 /* handle IV, EXT-IV, ICV, and EXT-ICV */
2179 zfGetRxIvIcvLength(dev, buf, vap, &offset, &tailLen, addInfo);
2180
2181 zfStaIbssPSCheckState(dev, buf);
2182 //QoS data frame
2183 if ((frameSubtype & 0x80) == 0x80)
2184 {
2185 offset += 2;
2186 }
2187
2188 len = zfwBufGetSize(dev, buf);
2189 /* remove ICV */
2190 if (tailLen > 0)
2191 {
2192 if (len > tailLen)
2193 {
2194 len -= tailLen;
2195 zfwBufSetSize(dev, buf, len);
2196 }
2197 }
2198
2199 /* Filter NULL data */
2200 if (((frameSubtype&0x40) != 0) || ((len = zfwBufGetSize(dev, buf))<=24))
2201 {
2202 zm_msg1_rx(ZM_LV_1, "Free Rx NULL data, len=", len);
2203 zfwBufFree(dev, buf, 0);
2204 return;
2205 }
2206
2207 /* check and handle defragmentation */
2208 if ( wd->sta.bSafeMode && (wd->sta.wepStatus == ZM_ENCRYPTION_AES) && wd->sta.SWEncryptEnable )
2209 {
2210 zm_msg0_rx(ZM_LV_1, "Bypass defragmentation packets in safe mode");
2211 }
2212 else
2213 {
2214 buf = zfDefragment(dev, buf, &bIsDefrag, addInfo);
2215 if (buf == NULL)
2216 {
2217 /* In this case, the buffer has been freed in zfDefragment */
2218 return;
2219 }
2220 }
2221
2222 ret = ZM_MIC_SUCCESS;
2223
2224 /* If SW WEP/TKIP are not turned on */
2225 if ((wd->sta.SWEncryptEnable & ZM_SW_TKIP_DECRY_EN) == 0 &&
2226 (wd->sta.SWEncryptEnable & ZM_SW_WEP_DECRY_EN) == 0)
2227 {
2228 encryMode = zfGetEncryModeFromRxStatus(addInfo);
2229
2230 /* check if TKIP */
2231 if ( encryMode == ZM_TKIP )
2232 {
2233 if ( bIsDefrag )
2234 {
2235 ret = zfMicRxVerify(dev, buf);
2236 }
2237 else
2238 {
2239 /* check MIC failure bit */
2240 if ( ZM_RX_STATUS_IS_MIC_FAIL(addInfo) )
2241 {
2242 ret = ZM_MIC_FAILURE;
2243 }
2244 }
2245
2246 if ( ret == ZM_MIC_FAILURE )
2247 {
2248 u8_t Unicast_Pkt = 0x0;
2249
2250 if ((zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) & 0x1) == 0)
2251 {
2252 wd->commTally.swRxUnicastMicFailCount++;
2253 Unicast_Pkt = 0x1;
2254 }/*
2255 else if (zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) == 0xffff)
2256 {
2257 wd->commTally.swRxMulticastMicFailCount++;
2258 }*/
2259 else
2260 {
2261 wd->commTally.swRxMulticastMicFailCount++;
2262 }
2263 if ( wd->wlanMode == ZM_MODE_AP )
2264 {
2265 u16_t idx;
2266 u8_t addr[6];
2267
2268 for (idx=0; idx<6; idx++)
2269 {
2270 addr[idx] = zmw_rx_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+idx);
2271 }
2272
2273 if (wd->zfcbApMicFailureNotify != NULL)
2274 {
2275 wd->zfcbApMicFailureNotify(dev, addr, buf);
2276 }
2277 }
2278 else
2279 {
2280 if(Unicast_Pkt)
2281 {
2282 zm_debug_msg0("Countermeasure : Unicast_Pkt ");
2283 }
2284 else
2285 {
2286 zm_debug_msg0("Countermeasure : Non-Unicast_Pkt ");
2287 }
2288
2289 if((wd->TKIP_Group_KeyChanging == 0x0) || (Unicast_Pkt == 0x1))
2290 {
2291 zm_debug_msg0("Countermeasure : Do MIC Check ");
2292 zfStaMicFailureHandling(dev, buf);
2293 }
2294 else
2295 {
2296 zm_debug_msg0("Countermeasure : SKIP MIC Check due to Group Keychanging ");
2297 }
2298 }
2299 /* Discard MIC failed frame */
2300 zfwBufFree(dev, buf, 0);
2301 return;
2302 }
2303 }
2304 }
2305 else
2306 {
2307 u8_t IsEncryFrame;
2308
2309 /* TODO: Check whether WEP bit is turned on in MAC header */
2310 encryMode = ZM_NO_WEP;
2311
2312 IsEncryFrame = (zmw_rx_buf_readb(dev, buf, 1) & 0x40);
2313
2314 if (IsEncryFrame)
2315 {
2316 /* Software decryption for TKIP */
2317 if (wd->sta.SWEncryptEnable & ZM_SW_TKIP_DECRY_EN)
2318 {
2319 u16_t iv16;
2320 u16_t iv32;
2321 u8_t RC4Key[16];
2322 u16_t IvOffset;
2323 struct zsTkipSeed *rxSeed;
2324
2325 IvOffset = offset + ZM_SIZE_OF_WLAN_DATA_HEADER;
2326
2327 rxSeed = zfStaGetRxSeed(dev, buf);
2328
2329 if (rxSeed == NULL)
2330 {
2331 zm_debug_msg0("rxSeed is NULL");
2332
2333 /* Discard this frame */
2334 zfwBufFree(dev, buf, 0);
2335 return;
2336 }
2337
2338 iv16 = (zmw_rx_buf_readb(dev, buf, IvOffset) << 8) + zmw_rx_buf_readb(dev, buf, IvOffset+2);
2339 iv32 = zmw_rx_buf_readb(dev, buf, IvOffset+4) +
2340 (zmw_rx_buf_readb(dev, buf, IvOffset+5) << 8) +
2341 (zmw_rx_buf_readb(dev, buf, IvOffset+6) << 16) +
2342 (zmw_rx_buf_readb(dev, buf, IvOffset+7) << 24);
2343
2344 /* TKIP Key Mixing */
2345 zfTkipPhase1KeyMix(iv32, rxSeed);
2346 zfTkipPhase2KeyMix(iv16, rxSeed);
2347 zfTkipGetseeds(iv16, RC4Key, rxSeed);
2348
2349 /* Decrypt Data */
2350 ret = zfTKIPDecrypt(dev, buf, IvOffset+ZM_SIZE_OF_IV+ZM_SIZE_OF_EXT_IV, 16, RC4Key);
2351
2352 if (ret == ZM_ICV_FAILURE)
2353 {
2354 zm_debug_msg0("TKIP ICV fail");
2355
2356 /* Discard ICV failed frame */
2357 zfwBufFree(dev, buf, 0);
2358 return;
2359 }
2360
2361 /* Remove ICV from buffer */
2362 zfwBufSetSize(dev, buf, len-4);
2363
2364 /* Check MIC */
2365 ret = zfMicRxVerify(dev, buf);
2366
2367 if (ret == ZM_MIC_FAILURE)
2368 {
2369 if ((zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) & 0x1) == 0)
2370 {
2371 wd->commTally.swRxUnicastMicFailCount++;
2372 }
2373 else if (zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) == 0xffff)
2374 {
2375 wd->commTally.swRxMulticastMicFailCount++;
2376 }
2377 else
2378 {
2379 wd->commTally.swRxMulticastMicFailCount++;
2380 }
2381 if ( wd->wlanMode == ZM_MODE_AP )
2382 {
2383 u16_t idx;
2384 u8_t addr[6];
2385
2386 for (idx=0; idx<6; idx++)
2387 {
2388 addr[idx] = zmw_rx_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+idx);
2389 }
2390
2391 if (wd->zfcbApMicFailureNotify != NULL)
2392 {
2393 wd->zfcbApMicFailureNotify(dev, addr, buf);
2394 }
2395 }
2396 else
2397 {
2398 zfStaMicFailureHandling(dev, buf);
2399 }
2400
2401 zm_debug_msg0("MIC fail");
2402 /* Discard MIC failed frame */
2403 zfwBufFree(dev, buf, 0);
2404 return;
2405 }
2406
2407 encryMode = ZM_TKIP;
2408 offset += ZM_SIZE_OF_IV + ZM_SIZE_OF_EXT_IV;
2409 }
2410 else if(wd->sta.SWEncryptEnable & ZM_SW_WEP_DECRY_EN)
2411 {
2412 u16_t IvOffset;
2413 u8_t keyLen = 5;
2414 u8_t iv[3];
2415 u8_t keyIdx;
2416
2417 IvOffset = offset + ZM_SIZE_OF_WLAN_DATA_HEADER;
2418
2419 /* Retrieve IV */
2420 iv[0] = zmw_rx_buf_readb(dev, buf, IvOffset);
2421 iv[1] = zmw_rx_buf_readb(dev, buf, IvOffset+1);
2422 iv[2] = zmw_rx_buf_readb(dev, buf, IvOffset+2);
2423
2424 keyIdx = ((zmw_rx_buf_readb(dev, buf, IvOffset+3) >> 6) & 0x03);
2425
2426 IvOffset += ZM_SIZE_OF_IV;
2427
2428 if (wd->sta.SWEncryMode[keyIdx] == ZM_WEP64)
2429 {
2430 keyLen = 5;
2431 }
2432 else if (wd->sta.SWEncryMode[keyIdx] == ZM_WEP128)
2433 {
2434 keyLen = 13;
2435 }
2436 else if (wd->sta.SWEncryMode[keyIdx] == ZM_WEP256)
2437 {
2438 keyLen = 29;
2439 }
2440
2441 zfWEPDecrypt(dev, buf, IvOffset, keyLen, wd->sta.wepKey[keyIdx], iv);
2442
2443 if (ret == ZM_ICV_FAILURE)
2444 {
2445 zm_debug_msg0("WEP ICV fail");
2446
2447 /* Discard ICV failed frame */
2448 zfwBufFree(dev, buf, 0);
2449 return;
2450 }
2451
2452 encryMode = wd->sta.SWEncryMode[keyIdx];
2453
2454 /* Remove ICV from buffer */
2455 zfwBufSetSize(dev, buf, len-4);
2456
2457 offset += ZM_SIZE_OF_IV;
2458 }
2459 }
2460 }
2461
2462 #ifdef ZM_ENABLE_CENC
2463 //else if ( encryMode == ZM_CENC ) /* check if CENC */
2464 if ( encryMode == ZM_CENC )
2465 {
2466 u32_t rxIV[4];
2467
2468 rxIV[0] = (zmw_rx_buf_readh(dev, buf, 28) << 16)
2469 + zmw_rx_buf_readh(dev, buf, 26);
2470 rxIV[1] = (zmw_rx_buf_readh(dev, buf, 32) << 16)
2471 + zmw_rx_buf_readh(dev, buf, 30);
2472 rxIV[2] = (zmw_rx_buf_readh(dev, buf, 36) << 16)
2473 + zmw_rx_buf_readh(dev, buf, 34);
2474 rxIV[3] = (zmw_rx_buf_readh(dev, buf, 40) << 16)
2475 + zmw_rx_buf_readh(dev, buf, 38);
2476
2477 //zm_debug_msg2("rxIV[0] = 0x", rxIV[0]);
2478 //zm_debug_msg2("rxIV[1] = 0x", rxIV[1]);
2479 //zm_debug_msg2("rxIV[2] = 0x", rxIV[2]);
2480 //zm_debug_msg2("rxIV[3] = 0x", rxIV[3]);
2481
2482 /* destination address*/
2483 da[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET);
2484 da[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+2);
2485 da[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+4);
2486
2487 if ( wd->wlanMode == ZM_MODE_AP )
2488 {
2489 }
2490 else
2491 {
2492 if ((da[0] & 0x1))
2493 { //multicast frame
2494 /* Accumlate the PN sequence */
2495 wd->sta.rxivGK[0] ++;
2496
2497 if (wd->sta.rxivGK[0] == 0)
2498 {
2499 wd->sta.rxivGK[1]++;
2500 }
2501
2502 if (wd->sta.rxivGK[1] == 0)
2503 {
2504 wd->sta.rxivGK[2]++;
2505 }
2506
2507 if (wd->sta.rxivGK[2] == 0)
2508 {
2509 wd->sta.rxivGK[3]++;
2510 }
2511
2512 if (wd->sta.rxivGK[3] == 0)
2513 {
2514 wd->sta.rxivGK[0] = 0;
2515 wd->sta.rxivGK[1] = 0;
2516 wd->sta.rxivGK[2] = 0;
2517 }
2518
2519 //zm_debug_msg2("wd->sta.rxivGK[0] = 0x", wd->sta.rxivGK[0]);
2520 //zm_debug_msg2("wd->sta.rxivGK[1] = 0x", wd->sta.rxivGK[1]);
2521 //zm_debug_msg2("wd->sta.rxivGK[2] = 0x", wd->sta.rxivGK[2]);
2522 //zm_debug_msg2("wd->sta.rxivGK[3] = 0x", wd->sta.rxivGK[3]);
2523
2524 if ( !((wd->sta.rxivGK[0] == rxIV[0])
2525 && (wd->sta.rxivGK[1] == rxIV[1])
2526 && (wd->sta.rxivGK[2] == rxIV[2])
2527 && (wd->sta.rxivGK[3] == rxIV[3])))
2528 {
2529 u8_t PacketDiscard = 0;
2530 /* Discard PN Code Error frame */
2531 if (rxIV[0] < wd->sta.rxivGK[0])
2532 {
2533 PacketDiscard = 1;
2534 }
2535 if (wd->sta.rxivGK[0] > 0xfffffff0)
2536 { //boundary case
2537 if ((rxIV[0] < 0xfffffff0)
2538 && (((0xffffffff - wd->sta.rxivGK[0]) + rxIV[0]) > 16))
2539 {
2540 PacketDiscard = 1;
2541 }
2542 }
2543 else
2544 { //normal case
2545 if ((rxIV[0] - wd->sta.rxivGK[0]) > 16)
2546 {
2547 PacketDiscard = 1;
2548 }
2549 }
2550 // sync sta pn code with ap because of losting some packets
2551 wd->sta.rxivGK[0] = rxIV[0];
2552 wd->sta.rxivGK[1] = rxIV[1];
2553 wd->sta.rxivGK[2] = rxIV[2];
2554 wd->sta.rxivGK[3] = rxIV[3];
2555 if (PacketDiscard)
2556 {
2557 zm_debug_msg0("Discard PN Code lost too much multicast frame");
2558 zfwBufFree(dev, buf, 0);
2559 return;
2560 }
2561 }
2562 }
2563 else
2564 { //unicast frame
2565 /* Accumlate the PN sequence */
2566 wd->sta.rxiv[0] += 2;
2567
2568 if (wd->sta.rxiv[0] == 0 || wd->sta.rxiv[0] == 1)
2569 {
2570 wd->sta.rxiv[1]++;
2571 }
2572
2573 if (wd->sta.rxiv[1] == 0)
2574 {
2575 wd->sta.rxiv[2]++;
2576 }
2577
2578 if (wd->sta.rxiv[2] == 0)
2579 {
2580 wd->sta.rxiv[3]++;
2581 }
2582
2583 if (wd->sta.rxiv[3] == 0)
2584 {
2585 wd->sta.rxiv[0] = 0;
2586 wd->sta.rxiv[1] = 0;
2587 wd->sta.rxiv[2] = 0;
2588 }
2589
2590 //zm_debug_msg2("wd->sta.rxiv[0] = 0x", wd->sta.rxiv[0]);
2591 //zm_debug_msg2("wd->sta.rxiv[1] = 0x", wd->sta.rxiv[1]);
2592 //zm_debug_msg2("wd->sta.rxiv[2] = 0x", wd->sta.rxiv[2]);
2593 //zm_debug_msg2("wd->sta.rxiv[3] = 0x", wd->sta.rxiv[3]);
2594
2595 if ( !((wd->sta.rxiv[0] == rxIV[0])
2596 && (wd->sta.rxiv[1] == rxIV[1])
2597 && (wd->sta.rxiv[2] == rxIV[2])
2598 && (wd->sta.rxiv[3] == rxIV[3])))
2599 {
2600 zm_debug_msg0("PN Code mismatch, lost unicast frame, sync pn code to recv packet");
2601 // sync sta pn code with ap because of losting some packets
2602 wd->sta.rxiv[0] = rxIV[0];
2603 wd->sta.rxiv[1] = rxIV[1];
2604 wd->sta.rxiv[2] = rxIV[2];
2605 wd->sta.rxiv[3] = rxIV[3];
2606 /* Discard PN Code Error frame */
2607 //zm_debug_msg0("Discard PN Code mismatch unicast frame");
2608 //zfwBufFree(dev, buf, 0);
2609 //return;
2610 }
2611 }
2612 }
2613 }
2614 #endif //ZM_ENABLE_CENC
2615
2616 /* for tally */
2617 if ((zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) & 0x1) == 0)
2618 {
2619 /* for ACU to display RxRate */
2620 zfWlanUpdateRxRate(dev, addInfo);
2621
2622 wd->commTally.rxUnicastFrm++;
2623 wd->commTally.rxUnicastOctets += (len-24);
2624 }
2625 else if (zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) == 0xffff)
2626 {
2627 wd->commTally.rxBroadcastFrm++;
2628 wd->commTally.rxBroadcastOctets += (len-24);
2629 }
2630 else
2631 {
2632 wd->commTally.rxMulticastFrm++;
2633 wd->commTally.rxMulticastOctets += (len-24);
2634 }
2635 wd->ledStruct.rxTraffic++;
2636
2637 if ((frameSubtype & 0x80) == 0x80)
2638 {
2639 /* if QoS control bit-7 is 1 => A-MSDU frame */
2640 if ((zmw_rx_buf_readh(dev, buf, 24) & 0x80) != 0)
2641 {
2642 zfDeAmsdu(dev, buf, vap, encryMode);
2643 return;
2644 }
2645 }
2646
2647 // Remove MIC of TKIP
2648 if ( encryMode == ZM_TKIP )
2649 {
2650 zfwBufSetSize(dev, buf, zfwBufGetSize(dev, buf) - 8);
2651 }
2652
2653 /* Convert 802.11 and SNAP header to ethernet header */
2654 if ( (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)||
2655 (wd->wlanMode == ZM_MODE_IBSS) )
2656 {
2657 /* destination address*/
2658 da[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET);
2659 da[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+2);
2660 da[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+4);
2661
2662 /* check broadcast frame */
2663 if ( (da[0] == 0xffff) && (da[1] == 0xffff) && (da[2] == 0xffff) )
2664 {
2665 // Ap send broadcast frame to the DUT !
2666 }
2667 /* check multicast frame */
2668 /* TODO : Remove these code, hardware should be able to block */
2669 /* multicast frame on the multicast address list */
2670 /* or bypass all multicast packet by flag bAllMulticast */
2671 else if ((da[0] & 0x01) && (wd->sta.bAllMulticast == 0))
2672 {
2673 for(ii=0; ii<wd->sta.multicastList.size; ii++)
2674 {
2675 if ( zfMemoryIsEqual(wd->sta.multicastList.macAddr[ii].addr,
2676 (u8_t*) da, 6))
2677 {
2678 break;
2679 }
2680 }
2681
2682 if ( ii == wd->sta.multicastList.size )
2683 { /* not found */
2684 zm_debug_msg0("discard unknown multicast frame");
2685
2686 zfwBufFree(dev, buf, 0);
2687 return;
2688 }
2689 }
2690
2691 #ifdef ZM_ENABLE_NATIVE_WIFI //Native Wifi : 1, Ethernet format : 0
2692 //To remove IV
2693 if (offset > 0)
2694 {
2695 for (i=12; i>0; i--)
2696 {
2697 zmw_rx_buf_writeh(dev, buf, ((i-1)*2)+offset,
2698 zmw_rx_buf_readh(dev, buf, (i-1)*2));
2699 }
2700 zfwBufRemoveHead(dev, buf, offset);
2701 }
2702 #else
2703
2704 if (zfRxBufferEqualToStr(dev, buf, zgSnapBridgeTunnel,
2705 24+offset, 6))
2706 {
2707 snapCase = 1;
2708 }
2709 else if ( zfRxBufferEqualToStr(dev, buf, zgSnap8021h,
2710 24+offset, 6) )
2711 {
2712 typeLengthField =
2713 (((u16_t) zmw_rx_buf_readb(dev, buf, 30+offset)) << 8) +
2714 zmw_rx_buf_readb(dev, buf, 31+offset);
2715
2716 //zm_debug_msg2("tpyeLengthField = ", typeLengthField);
2717
2718 //8137 : IPX, 80F3 : Appletalk
2719 if ( (typeLengthField != 0x8137)&&
2720 (typeLengthField != 0x80F3) )
2721 {
2722 snapCase = 2;
2723 }
2724
2725 if ( typeLengthField == 0x888E )
2726 {
2727 zfShowRxEAPOL(dev, buf, 32);
2728 }
2729 }
2730 else
2731 {
2732 //zfwDumpBuf(dev, buf);
2733 }
2734
2735 /* source address */
2736 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
2737 {
2738 /* SA = Address 3 */
2739 sa[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A3_OFFSET);
2740 sa[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A3_OFFSET+2);
2741 sa[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A3_OFFSET+4);
2742 }
2743 else
2744 {
2745 /* SA = Address 2 */
2746 sa[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET);
2747 sa[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+2);
2748 sa[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+4);
2749 }
2750
2751 if ( snapCase )
2752 {
2753 /* SA */
2754 zmw_rx_buf_writeh(dev, buf, 24+offset, sa[0]);
2755 zmw_rx_buf_writeh(dev, buf, 26+offset, sa[1]);
2756 zmw_rx_buf_writeh(dev, buf, 28+offset, sa[2]);
2757
2758 /* DA = Address 1 */
2759 zmw_rx_buf_writeh(dev, buf, 18+offset, da[0]);
2760 zmw_rx_buf_writeh(dev, buf, 20+offset, da[1]);
2761 zmw_rx_buf_writeh(dev, buf, 22+offset, da[2]);
2762 zfwBufRemoveHead(dev, buf, 18+offset);
2763 }
2764 else
2765 {
2766 /* SA */
2767 zmw_rx_buf_writeh(dev, buf, 16+offset, sa[0]);
2768 zmw_rx_buf_writeh(dev, buf, 18+offset, sa[1]);
2769 zmw_rx_buf_writeh(dev, buf, 20+offset, sa[2]);
2770
2771 /* DA = Address 1 */
2772 zmw_rx_buf_writeh(dev, buf, 10+offset, da[0]);
2773 zmw_rx_buf_writeh(dev, buf, 12+offset, da[1]);
2774 zmw_rx_buf_writeh(dev, buf, 14+offset, da[2]);
2775 zfwBufRemoveHead(dev, buf, 10+offset);
2776 /* Ethernet payload length */
2777 typeLengthField = zfwBufGetSize(dev, buf) - 14;
2778 zmw_rx_buf_writeh(dev, buf, 12, (typeLengthField<<8)+(typeLengthField>>8));
2779 }
2780 #endif // ZM_ENABLE_NATIVE_WIFI
2781 }
2782 else if (wd->wlanMode == ZM_MODE_AP)
2783 {
2784 //if ((zmw_rx_buf_readb(dev, buf, 1) & 0x3) != 3)
2785 if (vap < ZM_MAX_AP_SUPPORT)
2786 /* AP mode */
2787 {
2788 #ifdef ZM_ENABLE_NATIVE_WIFI //Native Wifi : 1, Ethernet format : 0
2789 //To remove IV
2790 if (offset > 0)
2791 {
2792 for (i=12; i>0; i--)
2793 {
2794 zmw_rx_buf_writeh(dev, buf, ((i-1)*2)+offset,
2795 zmw_rx_buf_readh(dev, buf, (i-1)*2));
2796 }
2797 zfwBufRemoveHead(dev, buf, offset);
2798 }
2799 #else
2800 /* SA = Address 2 */
2801 zmw_rx_buf_writeh(dev, buf, 24+offset, zmw_rx_buf_readh(dev, buf,
2802 ZM_WLAN_HEADER_A2_OFFSET));
2803 zmw_rx_buf_writeh(dev, buf, 26+offset, zmw_rx_buf_readh(dev, buf,
2804 ZM_WLAN_HEADER_A2_OFFSET+2));
2805 zmw_rx_buf_writeh(dev, buf, 28+offset, zmw_rx_buf_readh(dev, buf,
2806 ZM_WLAN_HEADER_A2_OFFSET+4));
2807 /* DA = Address 3 */
2808 /* Seq : Read 20 write 22, read 18 write 20, read 16 write 18 */
2809 /* sequence must not be inverted */
2810 zmw_rx_buf_writeh(dev, buf, 22+offset, zmw_rx_buf_readh(dev, buf,
2811 ZM_WLAN_HEADER_A3_OFFSET+4));
2812 zmw_rx_buf_writeh(dev, buf, 20+offset, zmw_rx_buf_readh(dev, buf,
2813 ZM_WLAN_HEADER_A3_OFFSET+2));
2814 zmw_rx_buf_writeh(dev, buf, 18+offset, zmw_rx_buf_readh(dev, buf,
2815 ZM_WLAN_HEADER_A3_OFFSET));
2816 zfwBufRemoveHead(dev, buf, 18+offset);
2817 #endif // ZM_ENABLE_NATIVE_WIFI
2818 ret = zfIntrabssForward(dev, buf, vap);
2819 if (ret == 1)
2820 {
2821 /* Free Rx buffer if intra-BSS unicast frame */
2822 zm_msg0_rx(ZM_LV_2, "Free intra-BSS unicast frame");
2823 zfwBufFree(dev, buf, 0);
2824 return;
2825 }
2826 }
2827 else
2828 /* WDS mode */
2829 {
2830 zm_msg0_rx(ZM_LV_2, "Rx WDS data");
2831
2832 /* SA = Address 4 */
2833 zmw_rx_buf_writeh(dev, buf, 30+offset, zmw_rx_buf_readh(dev, buf,
2834 ZM_WLAN_HEADER_A4_OFFSET));
2835 zmw_rx_buf_writeh(dev, buf, 32+offset, zmw_rx_buf_readh(dev, buf,
2836 ZM_WLAN_HEADER_A4_OFFSET+2));
2837 zmw_rx_buf_writeh(dev, buf, 34+offset, zmw_rx_buf_readh(dev, buf,
2838 ZM_WLAN_HEADER_A4_OFFSET+4));
2839 /* DA = Address 3 */
2840 /* Seq : Read 20 write 22, read 18 write 20, read 16 write 18 */
2841 /* sequence must not be inverted */
2842 zmw_rx_buf_writeh(dev, buf, 28+offset, zmw_rx_buf_readh(dev, buf,
2843 ZM_WLAN_HEADER_A3_OFFSET+4));
2844 zmw_rx_buf_writeh(dev, buf, 26+offset, zmw_rx_buf_readh(dev, buf,
2845 ZM_WLAN_HEADER_A3_OFFSET+2));
2846 zmw_rx_buf_writeh(dev, buf, 24+offset, zmw_rx_buf_readh(dev, buf,
2847 ZM_WLAN_HEADER_A3_OFFSET));
2848 zfwBufRemoveHead(dev, buf, 24+offset);
2849 }
2850 }
2851 else if (wd->wlanMode == ZM_MODE_PSEUDO)
2852 {
2853 /* WDS test: remove add4 */
2854 if (wd->enableWDS)
2855 {
2856 offset += 6;
2857 }
2858
2859 /* SA = Address 2 */
2860 zmw_rx_buf_writeh(dev, buf, 24+offset, zmw_rx_buf_readh(dev, buf,
2861 ZM_WLAN_HEADER_A2_OFFSET));
2862 zmw_rx_buf_writeh(dev, buf, 26+offset, zmw_rx_buf_readh(dev, buf,
2863 ZM_WLAN_HEADER_A2_OFFSET+2));
2864 zmw_rx_buf_writeh(dev, buf, 28+offset, zmw_rx_buf_readh(dev, buf,
2865 ZM_WLAN_HEADER_A2_OFFSET+4));
2866 /* DA = Address 1 */
2867 zmw_rx_buf_writeh(dev, buf, 18+offset, zmw_rx_buf_readh(dev, buf,
2868 ZM_WLAN_HEADER_A1_OFFSET));
2869 zmw_rx_buf_writeh(dev, buf, 20+offset, zmw_rx_buf_readh(dev, buf,
2870 ZM_WLAN_HEADER_A1_OFFSET+2));
2871 zmw_rx_buf_writeh(dev, buf, 22+offset, zmw_rx_buf_readh(dev, buf,
2872 ZM_WLAN_HEADER_A1_OFFSET+4));
2873 zfwBufRemoveHead(dev, buf, 18+offset);
2874 }
2875 else
2876 {
2877 zm_assert(0);
2878 }
2879
2880 /* Call zfwRecvEth() to notify upper layer */
2881 //zm_msg2_rx(ZM_LV_2, "Call zfwRecvEth(), buf=", buf);
2882 //zfwDumpBuf(dev, buf);
2883
2884 #if ZM_PROTOCOL_RESPONSE_SIMULATION == 1
2885 zfProtRspSim(dev, buf);
2886 #endif
2887 //zfwDumpBuf(dev, buf);
2888
2889 /* tally */
2890 wd->commTally.NotifyNDISRxFrmCnt++;
2891
2892 if (wd->zfcbRecvEth != NULL)
2893 {
2894 wd->zfcbRecvEth(dev, buf, vap);
2895 ZM_PERFORMANCE_RX_MSDU(dev, wd->tick)
2896 }
2897 }
2898 /* if management frame */
2899 else if (frameType == ZM_WLAN_MANAGEMENT_FRAME)
2900 {
2901 zm_msg2_rx(ZM_LV_2, "Rx management,FC=", frameCtrl);
2902 /* Call zfProcessManagement() to handle management frame */
2903 zfProcessManagement(dev, buf, addInfo); //CWYang(m)
2904 zfwBufFree(dev, buf, 0);
2905 }
2906 /* PsPoll */
2907 else if ((wd->wlanMode == ZM_MODE_AP) && (frameCtrl == 0xa4))
2908 {
2909 zm_msg0_rx(ZM_LV_0, "Rx PsPoll");
2910 zfApProcessPsPoll(dev, buf);
2911 zfwBufFree(dev, buf, 0);
2912 }
2913 else
2914 {
2915 zm_msg0_rx(ZM_LV_1, "Rx discard!!");
2916 wd->commTally.DriverDiscardedFrm++;
2917
2918 zfwBufFree(dev, buf, 0);
2919 }
2920 return;
2921 }
2922
2923
2924 /************************************************************************/
2925 /* */
2926 /* FUNCTION DESCRIPTION zfWlanRxValidate */
2927 /* Validate Rx frame. */
2928 /* */
2929 /* INPUTS */
2930 /* dev : device pointer */
2931 /* buf : received 802.11 frame buffer. */
2932 /* */
2933 /* OUTPUTS */
2934 /* Error code */
2935 /* */
2936 /* AUTHOR */
2937 /* Stephen ZyDAS Technology Corporation 2005.10 */
2938 /* */
2939 /************************************************************************/
2940 u16_t zfWlanRxValidate(zdev_t* dev, zbuf_t* buf)
2941 {
2942 u16_t frameType;
2943 u16_t frameCtrl;
2944 u16_t frameLen;
2945 u16_t ret;
2946 u8_t frameSubType;
2947
2948 zmw_get_wlan_dev(dev);
2949
2950 frameCtrl = zmw_rx_buf_readh(dev, buf, 0);
2951 frameType = frameCtrl & 0xC;
2952 frameSubType = (frameCtrl & 0xF0) >> 4;
2953
2954 frameLen = zfwBufGetSize(dev, buf);
2955
2956 /* Accept Data/Management frame with protocol version = 0 */
2957 if ((frameType == 0x8) || (frameType == 0x0))
2958 {
2959
2960 /* TODO : check rx status => erro bit */
2961
2962 /* Check Minimum Length with Wep */
2963 if ((frameCtrl & 0x4000) != 0)
2964 {
2965 /* Minimum Length = */
2966 /* PLCP(5)+Header(24)+IV(4)+ICV(4)+CRC(4)+RxStatus(8) */
2967 if (frameLen < 32)
2968 {
2969 return ZM_ERR_MIN_RX_ENCRYPT_FRAME_LENGTH;
2970 }
2971 }
2972 else if ( frameSubType == 0x5 || frameSubType == 0x8 )
2973 {
2974 /* Minimum Length = PLCP(5)+MACHeader(24)+Timestamp(8)+BeaconInterval(2)+Cap(2)+CRC(4)+RxStatus(8) */
2975 if (frameLen < 36)
2976 {
2977 return ZM_ERR_MIN_RX_FRAME_LENGTH;
2978 }
2979 }
2980 else
2981 {
2982 /* Minimum Length = PLCP(5)+MACHeader(24)+CRC(4)+RxStatus(8) */
2983 if (frameLen < 24)
2984 {
2985 return ZM_ERR_MIN_RX_FRAME_LENGTH;
2986 }
2987 }
2988
2989 /* Check if frame Length > ZM_WLAN_MAX_RX_SIZE. */
2990 if (frameLen > ZM_WLAN_MAX_RX_SIZE)
2991 {
2992 return ZM_ERR_MAX_RX_FRAME_LENGTH;
2993 }
2994 }
2995 else if ((frameCtrl&0xff) == 0xa4)
2996 {
2997 /* PsPoll */
2998 //zm_msg0_rx(ZM_LV_0, "rx pspoll");
2999 }
3000 else if ((frameCtrl&0xff) == ZM_WLAN_FRAME_TYPE_BAR)
3001 {
3002 if (wd->sta.enableDrvBA == 1)
3003 {
3004 zfAggRecvBAR(dev, buf);
3005 }
3006
3007 return ZM_ERR_RX_BAR_FRAME;
3008 }
3009 else
3010 {
3011 return ZM_ERR_RX_FRAME_TYPE;
3012 }
3013
3014 if ( wd->wlanMode == ZM_MODE_AP )
3015 {
3016 }
3017 else if ( wd->wlanMode != ZM_MODE_PSEUDO )
3018 {
3019 ret = zfStaRxValidateFrame(dev, buf);
3020 if (ret != ZM_SUCCESS)
3021 {
3022 //zm_debug_msg1("discard frame, code = ", ret);
3023 return ret;
3024 }
3025 }
3026
3027 return ZM_SUCCESS;
3028 }
3029
3030
3031 /************************************************************************/
3032 /* */
3033 /* FUNCTION DESCRIPTION zfWlanRxFilter */
3034 /* Filter duplicated frame. */
3035 /* */
3036 /* INPUTS */
3037 /* dev : device pointer */
3038 /* buf : received 802.11 frame buffer. */
3039 /* */
3040 /* OUTPUTS */
3041 /* Error code */
3042 /* */
3043 /* AUTHOR */
3044 /* Stephen ZyDAS Technology Corporation 2005.10 */
3045 /* */
3046 /************************************************************************/
3047 u16_t zfWlanRxFilter(zdev_t* dev, zbuf_t* buf)
3048 {
3049 u16_t src[3];
3050 u16_t dst0;
3051 u16_t frameType;
3052 u16_t seq;
3053 u16_t offset;
3054 u16_t index;
3055 u16_t col;
3056 u16_t i;
3057 u8_t up = 0; /* User priority */
3058
3059 zmw_get_wlan_dev(dev);
3060
3061 zmw_declare_for_critical_section();
3062
3063 ZM_BUFFER_TRACE(dev, buf)
3064
3065 /* RX PREFIX */
3066 offset = 0;
3067
3068 frameType = zmw_rx_buf_readh(dev, buf, offset);
3069
3070 // Don't divide 2^4 because we don't want the fragmentation pkt to be treated as
3071 // duplicated frames
3072 seq = zmw_rx_buf_readh(dev, buf, offset+22);
3073 dst0 = zmw_rx_buf_readh(dev, buf, offset+4);
3074 src[0] = zmw_rx_buf_readh(dev, buf, offset+10);
3075 src[1] = zmw_rx_buf_readh(dev, buf, offset+12);
3076 src[2] = zmw_rx_buf_readh(dev, buf, offset+14);
3077
3078 /* QoS data frame */
3079 if ((frameType & 0x88) == 0x88)
3080 {
3081 up = zmw_rx_buf_readb(dev, buf, offset+24);
3082 up &= 0x7;
3083 }
3084
3085 index = (src[2]+up) & (ZM_FILTER_TABLE_ROW-1);
3086
3087 /* TBD : filter frame with source address == own MAC address */
3088 if ((wd->macAddr[0] == src[0]) && (wd->macAddr[1] == src[1])
3089 && (wd->macAddr[2] == src[2]))
3090 {
3091 //zm_msg0_rx(ZM_LV_0, "Rx filter=>src is own MAC");
3092 wd->trafTally.rxSrcIsOwnMac++;
3093 }
3094
3095 zm_msg2_rx(ZM_LV_2, "Rx seq=", seq);
3096
3097 /* Filter unicast frame only */
3098 if ((dst0 & 0x1) == 0)
3099 {
3100 zmw_enter_critical_section(dev);
3101
3102 for(i=0; i<ZM_FILTER_TABLE_COL; i++)
3103 {
3104 if ((wd->rxFilterTbl[i][index].addr[0] == src[0])
3105 && (wd->rxFilterTbl[i][index].addr[1] == src[1])
3106 && (wd->rxFilterTbl[i][index].addr[2] == src[2])
3107 && (wd->rxFilterTbl[i][index].up == up))
3108 {
3109 if (((frameType&0x800)==0x800)
3110 &&(wd->rxFilterTbl[i][index].seq==seq))
3111 {
3112 zmw_leave_critical_section(dev);
3113 /* hit : duplicated frame */
3114 zm_msg0_rx(ZM_LV_1, "Rx filter hit=>duplicated");
3115 wd->trafTally.rxDuplicate++;
3116 return ZM_ERR_RX_DUPLICATE;
3117 }
3118 else
3119 {
3120 /* hit : not duplicated frame, update sequence number */
3121 wd->rxFilterTbl[i][index].seq = seq;
3122 zmw_leave_critical_section(dev);
3123 zm_msg0_rx(ZM_LV_2, "Rx filter hit");
3124 return ZM_SUCCESS;
3125 }
3126 }
3127 } /* for(i=0; i<ZM_FILTER_TABLE_COL; i++) */
3128
3129 /* miss : add to table */
3130 zm_msg0_rx(ZM_LV_1, "Rx filter miss");
3131 /* TODO : Random select a column */
3132 col = (u16_t)(wd->tick & (ZM_FILTER_TABLE_COL-1));
3133 wd->rxFilterTbl[col][index].addr[0] = src[0];
3134 wd->rxFilterTbl[col][index].addr[1] = src[1];
3135 wd->rxFilterTbl[col][index].addr[2] = src[2];
3136 wd->rxFilterTbl[col][index].seq = seq;
3137 wd->rxFilterTbl[col][index].up = up;
3138
3139 zmw_leave_critical_section(dev);
3140 } /* if ((dst0 & 0x1) == 0) */
3141
3142 return ZM_SUCCESS;
3143 }
3144
3145
3146
3147 u16_t zfTxGenWlanTail(zdev_t* dev, zbuf_t* buf, u16_t* snap, u16_t snaplen,
3148 u16_t* mic)
3149 {
3150 struct zsMicVar* pMicKey;
3151 u16_t i, length, payloadOffset;
3152 u8_t bValue, qosType = 0;
3153 u8_t snapByte[12];
3154
3155 zmw_get_wlan_dev(dev);
3156
3157 if ( wd->wlanMode == ZM_MODE_AP )
3158 {
3159 pMicKey = zfApGetTxMicKey(dev, buf, &qosType);
3160
3161 if ( pMicKey == NULL )
3162 {
3163 return 0;
3164 }
3165 }
3166 else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
3167 {
3168 pMicKey = zfStaGetTxMicKey(dev, buf);
3169
3170 if ( pMicKey == NULL )
3171 {
3172 return 0;
3173 }
3174 }
3175 else
3176 {
3177 return 0;
3178 }
3179
3180 length = zfwBufGetSize(dev, buf);
3181
3182 zfMicClear(pMicKey);
3183
3184 /* append DA and SA */
3185 #ifdef ZM_ENABLE_NATIVE_WIFI
3186 for(i=16; i<22; i++)
3187 { // VISTA DA
3188 bValue = zmw_tx_buf_readb(dev, buf, i);
3189 zfMicAppendByte(bValue, pMicKey);
3190 }
3191 for(i=10; i<16; i++)
3192 { // VISTA SA
3193 bValue = zmw_tx_buf_readb(dev, buf, i);
3194 zfMicAppendByte(bValue, pMicKey);
3195 }
3196 #else
3197 for(i=0; i<12; i++)
3198 {
3199 bValue = zmw_tx_buf_readb(dev, buf, i);
3200 zfMicAppendByte(bValue, pMicKey);
3201 }
3202 #endif
3203
3204 /* append for alignment */
3205 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
3206 {
3207 if (wd->sta.wmeConnected != 0)
3208 zfMicAppendByte(zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET + 1) >> 5, pMicKey);
3209 else
3210 zfMicAppendByte(0, pMicKey);
3211 }
3212 else if ( wd->wlanMode == ZM_MODE_AP )
3213 {
3214 if (qosType == 1)
3215 zfMicAppendByte(zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET + 1) >> 5, pMicKey);
3216 else
3217 zfMicAppendByte(0, pMicKey);
3218 }
3219 else
3220 {
3221 /* TODO : Qos Software MIC in IBSS Mode */
3222 zfMicAppendByte(0, pMicKey);
3223 }
3224 zfMicAppendByte(0, pMicKey);
3225 zfMicAppendByte(0, pMicKey);
3226 zfMicAppendByte(0, pMicKey);
3227
3228 if ( snaplen == 0 )
3229 {
3230 payloadOffset = ZM_80211_FRAME_IP_OFFSET;
3231 }
3232 else
3233 {
3234 payloadOffset = ZM_80211_FRAME_TYPE_OFFSET;
3235
3236 for(i=0; i<(snaplen>>1); i++)
3237 {
3238 snapByte[i*2] = (u8_t) (snap[i] & 0xff);
3239 snapByte[i*2+1] = (u8_t) ((snap[i] >> 8) & 0xff);
3240 }
3241
3242 for(i=0; i<snaplen; i++)
3243 {
3244 zfMicAppendByte(snapByte[i], pMicKey);
3245 }
3246 }
3247
3248 for(i=payloadOffset; i<length; i++)
3249 {
3250 bValue = zmw_tx_buf_readb(dev, buf, i);
3251 zfMicAppendByte(bValue, pMicKey);
3252 }
3253
3254 zfMicGetMic( (u8_t*) mic, pMicKey);
3255
3256 return ZM_SIZE_OF_MIC;
3257 }
3258
3259
3260 /************************************************************************/
3261 /* */
3262 /* FUNCTION DESCRIPTION zfTxGetIpTosAndFrag */
3263 /* Get IP TOS and frag offset from Tx buffer */
3264 /* */
3265 /* INPUTS */
3266 /* dev : device pointer */
3267 /* buf : Tx buffer pointer */
3268 /* up : pointer for returning user priority */
3269 /* fragOff : pointer for returning ip frag offset */
3270 /* */
3271 /* OUTPUTS */
3272 /* None */
3273 /* */
3274 /* AUTHOR */
3275 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3276 /* */
3277 /************************************************************************/
3278 void zfTxGetIpTosAndFrag(zdev_t* dev, zbuf_t* buf, u8_t* up, u16_t* fragOff)
3279 {
3280 u8_t ipv;
3281 u16_t len;
3282 u16_t etherType;
3283 u8_t tos;
3284
3285 *up = 0;
3286 *fragOff = 0;
3287
3288 len = zfwBufGetSize(dev, buf);
3289
3290 if (len >= 34) //Minimum IPv4 packet size, 14(Ether header)+20(IPv4 header)
3291 {
3292 etherType = (((u16_t)zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_TYPE_OFFSET))<<8)
3293 + zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_TYPE_OFFSET + 1);
3294
3295 /* protocol type = IP */
3296 if (etherType == 0x0800)
3297 {
3298 ipv = zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET) >> 4;
3299 if (ipv == 0x4) //IPv4
3300 {
3301 tos = zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET + 1);
3302 *up = (tos >> 5);
3303 *fragOff = zmw_tx_buf_readh(dev, buf, ZM_80211_FRAME_IP_OFFSET + 6);
3304 }
3305 /* TODO : handle VLAN tag and IPv6 packet */
3306 }
3307 }
3308 return;
3309 }
3310
3311 #ifdef ZM_ENABLE_NATIVE_WIFI
3312 u16_t zfTxGenWlanSnap(zdev_t* dev, zbuf_t* buf, u16_t* snap, u16_t* snaplen)
3313 {
3314 snap[0] = zmw_buf_readh(dev, buf, ZM_80211_FRAME_HEADER_LEN + 0);
3315 snap[1] = zmw_buf_readh(dev, buf, ZM_80211_FRAME_HEADER_LEN + 2);
3316 snap[2] = zmw_buf_readh(dev, buf, ZM_80211_FRAME_HEADER_LEN + 4);
3317 *snaplen = 6;
3318
3319 return ZM_80211_FRAME_HEADER_LEN + *snaplen;
3320 }
3321 #else
3322 u16_t zfTxGenWlanSnap(zdev_t* dev, zbuf_t* buf, u16_t* snap, u16_t* snaplen)
3323 {
3324 u16_t removed;
3325 u16_t etherType;
3326 u16_t len;
3327
3328 len = zfwBufGetSize(dev, buf);
3329 if (len < 14) //Minimum Ethernet packet size, 14(Ether header)
3330 {
3331 /* TODO : Assert? */
3332 *snaplen = 0;
3333 return 0;
3334 }
3335
3336 /* Generate RFC1042 header */
3337 etherType = (((u16_t)zmw_tx_buf_readb(dev, buf, 12))<<8)
3338 + zmw_tx_buf_readb(dev, buf, 13);
3339
3340 //zm_debug_msg2("ethernet type or length = ", etherType);
3341
3342 if (etherType > 1500)
3343 {
3344 /* ETHERNET format */
3345 removed = 12;
3346 snap[0] = 0xaaaa;
3347 snap[1] = 0x0003;
3348 if ((etherType ==0x8137) || (etherType == 0x80f3))
3349 {
3350 /* Bridge Tunnel */
3351 snap[2] = 0xF800;
3352 }
3353 else
3354 {
3355 /* RFC 1042 */
3356 snap[2] = 0x0000;
3357 }
3358 *snaplen = 6;
3359
3360 if ( etherType == 0x888E )
3361 {
3362 zfShowTxEAPOL(dev, buf, 14);
3363 }
3364 }
3365 else
3366 {
3367 /* 802.3 format */
3368 removed = 14;
3369 *snaplen = 0;
3370 }
3371
3372 return removed;
3373 }
3374 #endif
3375
3376 u8_t zfIsVtxqEmpty(zdev_t* dev)
3377 {
3378 u8_t isEmpty = TRUE;
3379 u8_t i;
3380
3381 zmw_get_wlan_dev(dev);
3382
3383 zmw_declare_for_critical_section();
3384
3385 zmw_enter_critical_section(dev);
3386
3387 if (wd->vmmqHead != wd->vmmqTail)
3388 {
3389 isEmpty = FALSE;
3390 goto check_done;
3391 }
3392
3393 for(i=0; i < 4; i++)
3394 {
3395 if (wd->vtxqHead[i] != wd->vtxqTail[i])
3396 {
3397 isEmpty = FALSE;
3398 goto check_done;
3399 }
3400 }
3401
3402 check_done:
3403 zmw_leave_critical_section(dev);
3404 return isEmpty;
3405 }
3406
3407 /************************************************************************/
3408 /* */
3409 /* FUNCTION DESCRIPTION zfPutVtxq */
3410 /* Put Tx buffer to virtual TxQ */
3411 /* */
3412 /* INPUTS */
3413 /* dev : device pointer */
3414 /* buf : Tx buffer pointer */
3415 /* */
3416 /* OUTPUTS */
3417 /* ZM_SUCCESS or error code */
3418 /* */
3419 /* AUTHOR */
3420 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3421 /* */
3422 /************************************************************************/
3423 u16_t zfPutVtxq(zdev_t* dev, zbuf_t* buf)
3424 {
3425 u8_t ac;
3426 u8_t up;
3427 u16_t fragOff;
3428 #ifdef ZM_AGG_TALLY
3429 struct aggTally *agg_tal;
3430 #endif
3431 #ifdef ZM_ENABLE_AGGREGATION
3432 #ifndef ZM_BYPASS_AGGR_SCHEDULING
3433 u16_t ret;
3434 u16_t tid;
3435 #endif
3436 #endif
3437
3438 zmw_get_wlan_dev(dev);
3439
3440 zmw_declare_for_critical_section();
3441
3442 zfTxGetIpTosAndFrag(dev, buf, &up, &fragOff);
3443
3444 if ( wd->zfcbClassifyTxPacket != NULL )
3445 {
3446 ac = wd->zfcbClassifyTxPacket(dev, buf);
3447 }
3448 else
3449 {
3450 ac = zcUpToAc[up&0x7] & 0x3;
3451 }
3452
3453 /*
3454 * add by honda
3455 * main A-MPDU aggregation function
3456 */
3457 #ifdef ZM_AGG_TALLY
3458 agg_tal = &wd->agg_tal;
3459 agg_tal->got_packets_sum++;
3460
3461 #endif
3462
3463 #ifdef ZM_ENABLE_AGGREGATION
3464 #ifndef ZM_BYPASS_AGGR_SCHEDULING
3465 tid = up&0x7;
3466 if(wd->enableAggregation==0)
3467 {
3468 if( (wd->wlanMode == ZM_MODE_AP) ||
3469 (wd->wlanMode == ZM_MODE_INFRASTRUCTURE && wd->sta.EnableHT) ||
3470 (wd->wlanMode == ZM_MODE_PSEUDO) ) {
3471 // (infrastructure_mode && connect_to_11n_ap) || (ap_mode && is_11n_ap)
3472 //ret = zfAggPutVtxq(dev, buf);
3473
3474
3475 ret = zfAggTx(dev, buf, tid);
3476 if (ZM_SUCCESS == ret)
3477 {
3478 //zfwBufFree(dev, buf, ZM_SUCCESS);
3479
3480 return ZM_SUCCESS;
3481 }
3482 if (ZM_ERR_EXCEED_PRIORITY_THRESHOLD == ret)
3483 {
3484 wd->commTally.txQosDropCount[ac]++;
3485 zfwBufFree(dev, buf, ZM_SUCCESS);
3486
3487 zm_msg1_tx(ZM_LV_1, "Packet discarded, VTXQ full, ac=", ac);
3488
3489 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD;
3490 }
3491 if (ZM_ERR_TX_BUFFER_UNAVAILABLE == ret)
3492 {
3493 /*
3494 * do nothing
3495 * continue following procession, put into VTXQ
3496 * return ZM_SUCCESS;
3497 */
3498 }
3499 }
3500 }
3501 #endif
3502 #endif
3503 /*
3504 * end of add by honda
3505 */
3506
3507 /* First Ip frag */
3508 if ((fragOff & 0xff3f) == 0x0020)
3509 {
3510 /* Don't let ip frag in if VTXQ unable to hold */
3511 /* whole ip frag burst(assume 20 frag) */
3512 zmw_enter_critical_section(dev);
3513 if (((wd->vtxqHead[ac] - wd->vtxqTail[ac])& ZM_VTXQ_SIZE_MASK)
3514 > (ZM_VTXQ_SIZE-20))
3515 {
3516 wd->qosDropIpFrag[ac] = 1;
3517 }
3518 else
3519 {
3520 wd->qosDropIpFrag[ac] = 0;
3521 }
3522 zmw_leave_critical_section(dev);
3523
3524 if (wd->qosDropIpFrag[ac] == 1)
3525 {
3526 //zm_debug_msg2("vtQ full, drop buf = ", buf);
3527 wd->commTally.txQosDropCount[ac]++;
3528 zfwBufFree(dev, buf, ZM_SUCCESS);
3529 zm_msg1_tx(ZM_LV_1, "Packet discarded, first ip frag, ac=", ac);
3530 //VTXQ[] can not hold whold ip frag burst(assume 20 frags)
3531 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD;
3532 }
3533 }
3534 else if ((fragOff & 0xff3f) == 0)
3535 {
3536 wd->qosDropIpFrag[ac] = 0;
3537 }
3538
3539 if (((fragOff &= 0xff1f) != 0) && (wd->qosDropIpFrag[ac] == 1))
3540 {
3541 wd->commTally.txQosDropCount[ac]++;
3542 zfwBufFree(dev, buf, ZM_SUCCESS);
3543 zm_msg1_tx(ZM_LV_1, "Packet discarded, ip frag, ac=", ac);
3544 //Discard following ip frags
3545 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD;
3546 }
3547
3548 zmw_enter_critical_section(dev);
3549 if (((wd->vtxqHead[ac] + 1) & ZM_VTXQ_SIZE_MASK) != wd->vtxqTail[ac])
3550 {
3551 wd->vtxq[ac][wd->vtxqHead[ac]] = buf;
3552 wd->vtxqHead[ac] = ((wd->vtxqHead[ac] + 1) & ZM_VTXQ_SIZE_MASK);
3553 zmw_leave_critical_section(dev);
3554 return ZM_SUCCESS;
3555 }
3556 else
3557 {
3558 zmw_leave_critical_section(dev);
3559
3560 wd->commTally.txQosDropCount[ac]++;
3561 zfwBufFree(dev, buf, ZM_SUCCESS);
3562 zm_msg1_tx(ZM_LV_1, "Packet discarded, VTXQ full, ac=", ac);
3563 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD; //VTXQ[] Full
3564 }
3565 }
3566
3567
3568 /************************************************************************/
3569 /* */
3570 /* FUNCTION DESCRIPTION zfGetVtxq */
3571 /* Get Tx buffer from virtual TxQ */
3572 /* */
3573 /* INPUTS */
3574 /* dev : device pointer */
3575 /* */
3576 /* OUTPUTS */
3577 /* Tx buffer pointer */
3578 /* */
3579 /* AUTHOR */
3580 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3581 /* */
3582 /************************************************************************/
3583 zbuf_t* zfGetVtxq(zdev_t* dev, u8_t ac)
3584 {
3585 zbuf_t* buf;
3586
3587 zmw_get_wlan_dev(dev);
3588
3589 zmw_declare_for_critical_section();
3590
3591 ac &= 0x3;
3592 zmw_enter_critical_section(dev);
3593 if (wd->vtxqHead[ac] != wd->vtxqTail[ac])
3594 {
3595 buf = wd->vtxq[ac][wd->vtxqTail[ac]];
3596 wd->vtxqTail[ac] = ((wd->vtxqTail[ac] + 1) & ZM_VTXQ_SIZE_MASK);
3597 zmw_leave_critical_section(dev);
3598 return buf;
3599 }
3600 else
3601 {
3602 zmw_leave_critical_section(dev);
3603 return 0; //VTXQ[] empty
3604 }
3605 }
3606
3607 /************************************************************************/
3608 /* */
3609 /* FUNCTION DESCRIPTION zfPutVmmq */
3610 /* Put Tx buffer to virtual MmQ */
3611 /* */
3612 /* INPUTS */
3613 /* dev : device pointer */
3614 /* buf : Tx buffer pointer */
3615 /* */
3616 /* OUTPUTS */
3617 /* ZM_SUCCESS or error code */
3618 /* */
3619 /* AUTHOR */
3620 /* Stephen Chen ZyDAS Technology Corporation 2006.12 */
3621 /* */
3622 /************************************************************************/
3623 u16_t zfPutVmmq(zdev_t* dev, zbuf_t* buf)
3624 {
3625 zmw_get_wlan_dev(dev);
3626 zmw_declare_for_critical_section();
3627
3628 zmw_enter_critical_section(dev);
3629 if (((wd->vmmqHead + 1) & ZM_VMMQ_SIZE_MASK) != wd->vmmqTail)
3630 {
3631 wd->vmmq[wd->vmmqHead] = buf;
3632 wd->vmmqHead = ((wd->vmmqHead + 1) & ZM_VMMQ_SIZE_MASK);
3633 zmw_leave_critical_section(dev);
3634 return ZM_SUCCESS;
3635 }
3636 else
3637 {
3638 zmw_leave_critical_section(dev);
3639
3640 zfwBufFree(dev, buf, ZM_SUCCESS);
3641 zm_msg0_mm(ZM_LV_0, "Packet discarded, VMmQ full");
3642 return ZM_ERR_VMMQ_FULL; //VTXQ[] Full
3643 }
3644 }
3645
3646
3647 /************************************************************************/
3648 /* */
3649 /* FUNCTION DESCRIPTION zfGetVmmq */
3650 /* Get Tx buffer from virtual MmQ */
3651 /* */
3652 /* INPUTS */
3653 /* dev : device pointer */
3654 /* */
3655 /* OUTPUTS */
3656 /* Tx buffer pointer */
3657 /* */
3658 /* AUTHOR */
3659 /* Stephen Chen ZyDAS Technology Corporation 2006.12 */
3660 /* */
3661 /************************************************************************/
3662 zbuf_t* zfGetVmmq(zdev_t* dev)
3663 {
3664 zbuf_t* buf;
3665 zmw_get_wlan_dev(dev);
3666 zmw_declare_for_critical_section();
3667
3668 zmw_enter_critical_section(dev);
3669 if (wd->vmmqHead != wd->vmmqTail)
3670 {
3671 buf = wd->vmmq[wd->vmmqTail];
3672 wd->vmmqTail = ((wd->vmmqTail + 1) & ZM_VMMQ_SIZE_MASK);
3673 zmw_leave_critical_section(dev);
3674 return buf;
3675 }
3676 else
3677 {
3678 zmw_leave_critical_section(dev);
3679 return 0; //VTXQ[] empty
3680 }
3681 }
3682
3683 /************************************************************************/
3684 /* */
3685 /* FUNCTION DESCRIPTION zfPushVtxq */
3686 /* Service Virtual TxQ (weighted round robin) */
3687 /* Get Tx buffer form virtual TxQ and put to hardware TxD queue */
3688 /* */
3689 /* INPUTS */
3690 /* dev : device pointer */
3691 /* */
3692 /* OUTPUTS */
3693 /* None */
3694 /* */
3695 /* AUTHOR */
3696 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3697 /* */
3698 /************************************************************************/
3699 void zfPushVtxq(zdev_t* dev)
3700 {
3701 zbuf_t* buf;
3702 u16_t i;
3703 u16_t txed;
3704 u32_t freeTxd;
3705 u16_t err;
3706 u16_t skipFlag = 0;
3707 zmw_get_wlan_dev(dev);
3708 zmw_declare_for_critical_section();
3709
3710
3711
3712 //zm_debug_msg1("zfHpGetFreeTxdCount = ", zfHpGetFreeTxdCount(dev));
3713
3714 if (wd->halState == ZM_HAL_STATE_INIT)
3715 {
3716 if (!wd->modeMDKEnable)
3717 {
3718 zm_debug_msg0("HAL is not ready for Tx");
3719 }
3720 return;
3721 }
3722 else if (wd->sta.DFSDisableTx)
3723 {
3724 zm_debug_msg0("return because 802.11h DFS Disable Tx");
3725 return;
3726 }
3727 else if (wd->sta.flagFreqChanging != 0)
3728 {
3729 //Hold until RF frequency changed
3730 return;
3731 }
3732 else if (( wd->sta.flagKeyChanging ) && ( wd->wlanMode != ZM_MODE_AP ))
3733 {
3734 return;
3735 }
3736 #ifdef ZM_ENABLE_POWER_SAVE
3737 else if ( zfPowerSavingMgrIsSleeping(dev) )
3738 {
3739 //zm_debug_msg0("Packets queued since the MAC is in power-saving mode\n");
3740 return;
3741 }
3742 #endif
3743
3744 zmw_enter_critical_section(dev);
3745 if (wd->vtxqPushing != 0)
3746 {
3747 skipFlag = 1;
3748 }
3749 else
3750 {
3751 wd->vtxqPushing = 1;
3752 }
3753 zmw_leave_critical_section(dev);
3754
3755 if (skipFlag == 1)
3756 {
3757 return;
3758 }
3759
3760 while (1)
3761 {
3762 txed = 0;
3763
3764 /* 2006.12.20, Serve Management queue */
3765 while( zfHpGetFreeTxdCount(dev) > 0 )
3766 {
3767 buf = zfGetVmmq(dev);
3768 if (buf != 0)
3769 {
3770 txed = 1;
3771 //zm_debug_msg2("send buf = ", buf);
3772 err = zfHpSend(dev, NULL, 0, NULL, 0, NULL, 0, buf, 0,
3773 ZM_INTERNAL_ALLOC_BUF, 0, 0xff);
3774 if (err != ZM_SUCCESS)
3775 {
3776 zfwBufFree(dev, buf, 0);
3777 }
3778 }
3779 else
3780 {
3781 break;
3782 }
3783 }
3784 if ((wd->sta.bScheduleScan) || ((wd->sta.bChannelScan == TRUE) && (zfStaIsConnected(dev))))
3785 {
3786 //Hold until Scan Stop
3787 wd->vtxqPushing = 0;
3788 return;
3789 }
3790
3791 #ifdef ZM_ENABLE_AGGREGATION
3792 #ifndef ZM_BYPASS_AGGR_SCHEDULING
3793 if( (wd->wlanMode == ZM_MODE_AP) ||
3794 (wd->wlanMode == ZM_MODE_INFRASTRUCTURE && wd->sta.EnableHT) ||
3795 (wd->wlanMode == ZM_MODE_PSEUDO) ) {
3796
3797 zfAggTxScheduler(dev, 0);
3798
3799 if (txed == 0) {
3800 wd->vtxqPushing = 0;
3801 return;
3802 }
3803 else {
3804 continue;
3805 }
3806 }
3807 #endif
3808 #endif
3809
3810 /* Service VTxQ[3] */
3811 for (i=0; i<4; i++)
3812 {
3813 freeTxd = zfHpGetFreeTxdCount(dev);
3814 if (freeTxd >= 3)
3815 {
3816 buf = zfGetVtxq(dev, 3);
3817 if (buf != 0)
3818 {
3819 txed = 1;
3820 //zm_debug_msg2("send buf = ", buf);
3821 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3822 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3823 }
3824 }
3825 else
3826 {
3827 break;
3828 }
3829 }
3830
3831 /* Service VTxQ[2] */
3832 for (i=0; i<3; i++)
3833 {
3834 freeTxd = zfHpGetFreeTxdCount(dev);
3835 if (freeTxd >= (zfHpGetMaxTxdCount(dev)*1/4))
3836 {
3837 buf = zfGetVtxq(dev, 2);
3838 if (buf != 0)
3839 {
3840 txed = 1;
3841 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3842 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3843 }
3844 if (wd->sta.ac0PriorityHigherThanAc2 == 1)
3845 {
3846 buf = zfGetVtxq(dev, 0);
3847 if (buf != 0)
3848 {
3849 txed = 1;
3850 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3851 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3852 }
3853 }
3854 }
3855 else
3856 {
3857 break;
3858 }
3859 }
3860
3861 /* Service VTxQ[0] */
3862 for (i=0; i<2; i++)
3863 {
3864 freeTxd = zfHpGetFreeTxdCount(dev);
3865 if (freeTxd >= (zfHpGetMaxTxdCount(dev)*2/4))
3866 {
3867 buf = zfGetVtxq(dev, 0);
3868 if (buf != 0)
3869 {
3870 txed = 1;
3871 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3872 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3873 }
3874 }
3875 else
3876 {
3877 break;
3878 }
3879
3880 }
3881
3882 /* Service VTxQ[1] */
3883 freeTxd = zfHpGetFreeTxdCount(dev);
3884 if (freeTxd >= (zfHpGetMaxTxdCount(dev)*3/4))
3885 {
3886 buf = zfGetVtxq(dev, 1);
3887 if (buf != 0)
3888 {
3889 txed = 1;
3890 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3891 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3892 }
3893 }
3894
3895 /* All VTxQs are either empty or exceed their threshold */
3896 if (txed == 0)
3897 {
3898 wd->vtxqPushing = 0;
3899 return;
3900 }
3901 } //while (1)
3902 }
3903
3904
3905 /************************************************************************/
3906 /* */
3907 /* FUNCTION DESCRIPTION zfFlushVtxq */
3908 /* Flush Virtual TxQ and MmQ */
3909 /* */
3910 /* INPUTS */
3911 /* dev : device pointer */
3912 /* */
3913 /* OUTPUTS */
3914 /* None */
3915 /* */
3916 /* AUTHOR */
3917 /* Stephen Chen Atheros Communications, INC. 2007.1 */
3918 /* */
3919 /************************************************************************/
3920 void zfFlushVtxq(zdev_t* dev)
3921 {
3922 zbuf_t* buf;
3923 u8_t i;
3924 zmw_get_wlan_dev(dev);
3925
3926 /* Flush MmQ */
3927 while ((buf = zfGetVmmq(dev)) != 0)
3928 {
3929 zfwBufFree(dev, buf, 0);
3930 zm_debug_msg0("zfFlushVtxq: [Vmmq]");
3931 wd->queueFlushed |= 0x10;
3932 }
3933
3934 /* Flush VTxQ */
3935 for (i=0; i<4; i++)
3936 {
3937 while ((buf = zfGetVtxq(dev, i)) != 0)
3938 {
3939 zfwBufFree(dev, buf, 0);
3940 zm_debug_msg1("zfFlushVtxq: [zfGetVtxq]- ", i);
3941 wd->queueFlushed |= (1<<i);
3942 }
3943 }
3944 }
3945
3946 void zf80211FrameSend(zdev_t* dev, zbuf_t* buf, u16_t* header, u16_t snapLen,
3947 u16_t* da, u16_t* sa, u8_t up, u16_t headerLen, u16_t* snap,
3948 u16_t* tail, u16_t tailLen, u16_t offset, u16_t bufType,
3949 u8_t ac, u8_t keyIdx)
3950 {
3951 u16_t err;
3952 u16_t fragLen;
3953
3954 zmw_get_wlan_dev(dev);
3955
3956 fragLen = zfwBufGetSize(dev, buf);
3957 if ((da[0]&0x1) == 0)
3958 {
3959 wd->commTally.txUnicastFrm++;
3960 wd->commTally.txUnicastOctets += (fragLen+snapLen);
3961 }
3962 else if (da[0] == 0xffff)
3963 {
3964 wd->commTally.txBroadcastFrm++;
3965 wd->commTally.txBroadcastOctets += (fragLen+snapLen);
3966 }
3967 else
3968 {
3969 wd->commTally.txMulticastFrm++;
3970 wd->commTally.txMulticastOctets += (fragLen+snapLen);
3971 }
3972 wd->ledStruct.txTraffic++;
3973
3974 err = zfHpSend(dev, header, headerLen, snap, snapLen,
3975 tail, tailLen, buf, offset,
3976 bufType, ac, keyIdx);
3977 if (err != ZM_SUCCESS)
3978 {
3979 if (bufType == ZM_EXTERNAL_ALLOC_BUF)
3980 {
3981 zfwBufFree(dev, buf, err);
3982 }
3983 else if (bufType == ZM_INTERNAL_ALLOC_BUF)
3984 {
3985 zfwBufFree(dev, buf, 0);
3986 }
3987 else
3988 {
3989 zm_assert(0);
3990 }
3991 }
3992 }
3993
3994 void zfCheckIsRIFSFrame(zdev_t* dev, zbuf_t* buf, u16_t frameSubtype)
3995 {
3996 zmw_get_wlan_dev(dev);
3997
3998 /* #2 Record the sequence number to determine whether the unicast frame is separated by RIFS or not */
3999 if (frameSubtype & 0x80)
4000 { //QoS data frame
4001 u16_t sequenceNum;
4002 u16_t qosControlField;
4003
4004 sequenceNum = ( zmw_buf_readh(dev, buf, 22) >> 4 ); // Discard fragment number !
4005 qosControlField = zmw_buf_readh(dev, buf, 24); // Don't consider WDS (Wireless Distribution System)
4006 //DbgPrint("The QoS Control Field : %d", qosControlField);
4007 //DbgPrint("The RIFS Count : %d", wd->sta.rifsCount);
4008
4009 if( qosControlField & ZM_BIT_5 )
4010 {// ACK policy is "No ACK"
4011 /* RIFS-Like frame */
4012 wd->sta.rifsLikeFrameSequence[wd->sta.rifsLikeFrameCnt] = sequenceNum;
4013
4014 if( wd->sta.rifsState == ZM_RIFS_STATE_DETECTING )
4015 {
4016 if( wd->sta.rifsLikeFrameSequence[2] != 0 )
4017 {// RIFS-like Pattern collected
4018 if( ( wd->sta.rifsLikeFrameSequence[2] - wd->sta.rifsLikeFrameSequence[1] == 2 ) &&
4019 ( wd->sta.rifsLikeFrameSequence[1] - wd->sta.rifsLikeFrameSequence[0] == 2 ) )
4020 {
4021 /* RIFS pattern matched */
4022
4023 /* #3 Enable RIFS function if the RIFS pattern matched */
4024 zfHpEnableRifs(dev, ((wd->sta.currentFrequency<3000)?1:0), wd->sta.EnableHT, wd->sta.HT2040);
4025
4026 // Set RIFS timer
4027 wd->sta.rifsTimer = wd->tick;
4028
4029 wd->sta.rifsCount++;
4030
4031 // Set state to be Detected
4032 wd->sta.rifsState = ZM_RIFS_STATE_DETECTED;
4033 }
4034 }
4035 }
4036 else
4037 {// state = Detected
4038 // Reset RIFS timer
4039 if( (wd->tick - wd->sta.rifsTimer) < ZM_RIFS_TIMER_TIMEOUT )
4040 wd->sta.rifsTimer = wd->tick;
4041 }
4042
4043 //DbgPrint("SN1 = %d, SN2 = %d, SN3 = %d\n", wd->sta.rifsLikeFrameSequence[0],
4044 // wd->sta.rifsLikeFrameSequence[1],
4045 // wd->sta.rifsLikeFrameSequence[2]);
4046
4047 // Update RIFS-like sequence number
4048 if( wd->sta.rifsLikeFrameSequence[2] != 0 )
4049 {
4050 wd->sta.rifsLikeFrameSequence[0] = wd->sta.rifsLikeFrameSequence[1];
4051 wd->sta.rifsLikeFrameSequence[1] = wd->sta.rifsLikeFrameSequence[2];
4052 wd->sta.rifsLikeFrameSequence[2] = 0;
4053 }
4054
4055 // Only record three adjacent frame
4056 if( wd->sta.rifsLikeFrameCnt < 2 )
4057 wd->sta.rifsLikeFrameCnt++;
4058 }
4059 }
4060
4061 /* #4 Disable RIFS function if the timer TIMEOUT */
4062 if( wd->sta.rifsState == ZM_RIFS_STATE_DETECTED )
4063 {
4064 if( ( wd->tick - wd->sta.rifsTimer ) > ZM_RIFS_TIMER_TIMEOUT )
4065 {// TIMEOUT
4066 // Disable RIFS
4067 zfHpDisableRifs(dev);
4068
4069 // Reset RIFS-like sequence number FIFO
4070 wd->sta.rifsLikeFrameSequence[0] = 0;
4071 wd->sta.rifsLikeFrameSequence[1] = 0;
4072 wd->sta.rifsLikeFrameSequence[2] = 0;
4073 wd->sta.rifsLikeFrameCnt = 0;
4074
4075 // Set state to be Detecting
4076 wd->sta.rifsState = ZM_RIFS_STATE_DETECTING;
4077 }
4078 }
4079 }
Tomato firmware and modifications.