1 /******************************************************************************
3 Copyright(c) 2003 - 2005 Intel Corporation. All rights reserved.
5 This program is free software; you can redistribute it and/or modify it
6 under the terms of version 2 of the GNU General Public License as
7 published by the Free Software Foundation.
9 This program is distributed in the hope that it will be useful, but WITHOUT
10 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 You should have received a copy of the GNU General Public License along with
15 this program; if not, write to the Free Software Foundation, Inc., 59
16 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18 The full GNU General Public License is included in this distribution in the
22 James P. Ketrenos <ipw2100-admin@linux.intel.com>
23 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
25 ******************************************************************************/
26 #include <linux/compiler.h>
27 #include <linux/errno.h>
28 #include <linux/if_arp.h>
29 #include <linux/in6.h>
32 #include <linux/kernel.h>
33 #include <linux/module.h>
34 #include <linux/netdevice.h>
35 #include <linux/proc_fs.h>
36 #include <linux/skbuff.h>
37 #include <linux/slab.h>
38 #include <linux/tcp.h>
39 #include <linux/types.h>
40 #include <linux/wireless.h>
41 #include <linux/etherdevice.h>
42 #include <asm/uaccess.h>
44 #include <net/ieee80211.h>
50 ,-------------------------------------------------------------------.
51 Bytes | 2 | 2 | 6 | 6 | 6 | 2 | 0..2312 | 4 |
52 |------|------|---------|---------|---------|------|---------|------|
53 Desc. | ctrl | dura | DA/RA | TA | SA | Sequ | Frame | fcs |
54 | | tion | (BSSID) | | | ence | data | |
55 `--------------------------------------------------| |------'
56 Total: 28 non-data bytes `----.----'
58 .- 'Frame data' expands, if WEP enabled, to <----------'
61 ,-----------------------.
62 Bytes | 4 | 0-2296 | 4 |
63 |-----|-----------|-----|
64 Desc. | IV | Encrypted | ICV |
69 .- 'Encrypted Packet' expands to
72 ,---------------------------------------------------.
73 Bytes | 1 | 1 | 1 | 3 | 2 | 0-2304 |
74 |------|------|---------|----------|------|---------|
75 Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP |
76 | DSAP | SSAP | | | | Packet |
77 | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8| | |
78 `----------------------------------------------------
79 Total: 8 non-data bytes
81 802.3 Ethernet Data Frame
83 ,-----------------------------------------.
84 Bytes | 6 | 6 | 2 | Variable | 4 |
85 |-------|-------|------|-----------|------|
86 Desc. | Dest. | Source| Type | IP Packet | fcs |
88 `-----------------------------------------'
89 Total: 18 non-data bytes
91 In the event that fragmentation is required, the incoming payload is split into
92 N parts of size ieee->fts. The first fragment contains the SNAP header and the
93 remaining packets are just data.
95 If encryption is enabled, each fragment payload size is reduced by enough space
96 to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
97 So if you have 1500 bytes of payload with ieee->fts set to 500 without
98 encryption it will take 3 frames. With WEP it will take 4 frames as the
99 payload of each frame is reduced to 492 bytes.
105 * | ETHERNET HEADER ,-<-- PAYLOAD
106 * | | 14 bytes from skb->data
107 * | 2 bytes for Type --> ,T. | (sizeof ethhdr)
109 * |,-Dest.--. ,--Src.---. | | |
110 * | 6 bytes| | 6 bytes | | | |
113 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
116 * | | | | `T' <---- 2 bytes for Type
118 * | | '---SNAP--' <-------- 6 bytes for SNAP
120 * `-IV--' <-------------------- 4 bytes for IV (WEP)
126 static u8 P802_1H_OUI
[P80211_OUI_LEN
] = { 0x00, 0x00, 0xf8 };
127 static u8 RFC1042_OUI
[P80211_OUI_LEN
] = { 0x00, 0x00, 0x00 };
129 static int ieee80211_copy_snap(u8
* data
, __be16 h_proto
)
131 struct ieee80211_snap_hdr
*snap
;
134 snap
= (struct ieee80211_snap_hdr
*)data
;
139 if (h_proto
== htons(ETH_P_AARP
) || h_proto
== htons(ETH_P_IPX
))
143 snap
->oui
[0] = oui
[0];
144 snap
->oui
[1] = oui
[1];
145 snap
->oui
[2] = oui
[2];
147 memcpy(data
+ SNAP_SIZE
, &h_proto
, sizeof(u16
));
149 return SNAP_SIZE
+ sizeof(u16
);
152 static int ieee80211_encrypt_fragment(struct ieee80211_device
*ieee
,
153 struct sk_buff
*frag
, int hdr_len
)
155 struct ieee80211_crypt_data
*crypt
= ieee
->crypt
[ieee
->tx_keyidx
];
161 /* To encrypt, frame format is:
162 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */
163 atomic_inc(&crypt
->refcnt
);
165 if (crypt
->ops
&& crypt
->ops
->encrypt_mpdu
)
166 res
= crypt
->ops
->encrypt_mpdu(frag
, hdr_len
, crypt
->priv
);
168 atomic_dec(&crypt
->refcnt
);
170 printk(KERN_INFO
"%s: Encryption failed: len=%d.\n",
171 ieee
->dev
->name
, frag
->len
);
172 ieee
->ieee_stats
.tx_discards
++;
179 void ieee80211_txb_free(struct ieee80211_txb
*txb
)
184 for (i
= 0; i
< txb
->nr_frags
; i
++)
185 if (txb
->fragments
[i
])
186 dev_kfree_skb_any(txb
->fragments
[i
]);
190 static struct ieee80211_txb
*ieee80211_alloc_txb(int nr_frags
, int txb_size
,
191 int headroom
, gfp_t gfp_mask
)
193 struct ieee80211_txb
*txb
;
195 txb
= kmalloc(sizeof(struct ieee80211_txb
) + (sizeof(u8
*) * nr_frags
),
200 memset(txb
, 0, sizeof(struct ieee80211_txb
));
201 txb
->nr_frags
= nr_frags
;
202 txb
->frag_size
= txb_size
;
204 for (i
= 0; i
< nr_frags
; i
++) {
205 txb
->fragments
[i
] = __dev_alloc_skb(txb_size
+ headroom
,
207 if (unlikely(!txb
->fragments
[i
])) {
211 skb_reserve(txb
->fragments
[i
], headroom
);
213 if (unlikely(i
!= nr_frags
)) {
215 dev_kfree_skb_any(txb
->fragments
[i
--]);
222 static int ieee80211_classify(struct sk_buff
*skb
)
227 eth
= (struct ethhdr
*)skb
->data
;
228 if (eth
->h_proto
!= htons(ETH_P_IP
))
232 switch (ip
->tos
& 0xfc) {
252 /* Incoming skb is converted to a txb which consists of
253 * a block of 802.11 fragment packets (stored as skbs) */
254 int ieee80211_xmit(struct sk_buff
*skb
, struct net_device
*dev
)
256 struct ieee80211_device
*ieee
= netdev_priv(dev
);
257 struct ieee80211_txb
*txb
= NULL
;
258 struct ieee80211_hdr_3addrqos
*frag_hdr
;
259 int i
, bytes_per_frag
, nr_frags
, bytes_last_frag
, frag_size
,
262 struct net_device_stats
*stats
= &ieee
->stats
;
263 int encrypt
, host_encrypt
, host_encrypt_msdu
, host_build_iv
;
265 int bytes
, fc
, hdr_len
;
266 struct sk_buff
*skb_frag
;
267 struct ieee80211_hdr_3addrqos header
= {/* Ensure zero initialized */
272 u8 dest
[ETH_ALEN
], src
[ETH_ALEN
];
273 struct ieee80211_crypt_data
*crypt
;
274 int priority
= skb
->priority
;
277 if (ieee
->is_queue_full
&& (*ieee
->is_queue_full
) (dev
, priority
))
278 return NETDEV_TX_BUSY
;
280 spin_lock_irqsave(&ieee
->lock
, flags
);
282 /* If there is no driver handler to take the TXB, dont' bother
284 if (!ieee
->hard_start_xmit
) {
285 printk(KERN_WARNING
"%s: No xmit handler.\n", ieee
->dev
->name
);
289 if (unlikely(skb
->len
< SNAP_SIZE
+ sizeof(u16
))) {
290 printk(KERN_WARNING
"%s: skb too small (%d).\n",
291 ieee
->dev
->name
, skb
->len
);
295 ether_type
= ((struct ethhdr
*)skb
->data
)->h_proto
;
297 if(ieee
->iw_mode
== IW_MODE_MONITOR
)
299 txb
= ieee80211_alloc_txb(1, skb
->len
,
300 ieee
->tx_headroom
, GFP_ATOMIC
);
301 if (unlikely(!txb
)) {
302 printk(KERN_WARNING
"%s: Could not allocate TXB\n",
308 txb
->payload_size
= skb
->len
;
309 skb_copy_from_linear_data(skb
, skb_put(txb
->fragments
[0],skb
->len
), skb
->len
);
314 crypt
= ieee
->crypt
[ieee
->tx_keyidx
];
316 encrypt
= !(ether_type
== htons(ETH_P_PAE
) && ieee
->ieee802_1x
) &&
319 host_encrypt
= ieee
->host_encrypt
&& encrypt
&& crypt
;
320 host_encrypt_msdu
= ieee
->host_encrypt_msdu
&& encrypt
&& crypt
;
321 host_build_iv
= ieee
->host_build_iv
&& encrypt
&& crypt
;
323 if (!encrypt
&& ieee
->ieee802_1x
&&
324 ieee
->drop_unencrypted
&& ether_type
!= htons(ETH_P_PAE
)) {
329 /* Save source and destination addresses */
330 skb_copy_from_linear_data(skb
, dest
, ETH_ALEN
);
331 skb_copy_from_linear_data_offset(skb
, ETH_ALEN
, src
, ETH_ALEN
);
333 if (host_encrypt
|| host_build_iv
)
334 fc
= IEEE80211_FTYPE_DATA
| IEEE80211_STYPE_DATA
|
335 IEEE80211_FCTL_PROTECTED
;
337 fc
= IEEE80211_FTYPE_DATA
| IEEE80211_STYPE_DATA
;
339 if (ieee
->iw_mode
== IW_MODE_INFRA
) {
340 fc
|= IEEE80211_FCTL_TODS
;
341 /* To DS: Addr1 = BSSID, Addr2 = SA, Addr3 = DA */
342 memcpy(header
.addr1
, ieee
->bssid
, ETH_ALEN
);
343 memcpy(header
.addr2
, src
, ETH_ALEN
);
344 memcpy(header
.addr3
, dest
, ETH_ALEN
);
345 } else if (ieee
->iw_mode
== IW_MODE_ADHOC
) {
346 /* not From/To DS: Addr1 = DA, Addr2 = SA, Addr3 = BSSID */
347 memcpy(header
.addr1
, dest
, ETH_ALEN
);
348 memcpy(header
.addr2
, src
, ETH_ALEN
);
349 memcpy(header
.addr3
, ieee
->bssid
, ETH_ALEN
);
351 hdr_len
= IEEE80211_3ADDR_LEN
;
353 if (ieee
->is_qos_active
&& ieee
->is_qos_active(dev
, skb
)) {
354 fc
|= IEEE80211_STYPE_QOS_DATA
;
357 skb
->priority
= ieee80211_classify(skb
);
358 header
.qos_ctl
|= cpu_to_le16(skb
->priority
& IEEE80211_QCTL_TID
);
360 header
.frame_ctl
= cpu_to_le16(fc
);
362 /* Advance the SKB to the start of the payload */
363 skb_pull(skb
, sizeof(struct ethhdr
));
365 /* Determine total amount of storage required for TXB packets */
366 bytes
= skb
->len
+ SNAP_SIZE
+ sizeof(u16
);
368 /* Encrypt msdu first on the whole data packet. */
369 if ((host_encrypt
|| host_encrypt_msdu
) &&
370 crypt
&& crypt
->ops
&& crypt
->ops
->encrypt_msdu
) {
372 int len
= bytes
+ hdr_len
+ crypt
->ops
->extra_msdu_prefix_len
+
373 crypt
->ops
->extra_msdu_postfix_len
;
374 struct sk_buff
*skb_new
= dev_alloc_skb(len
);
376 if (unlikely(!skb_new
))
379 skb_reserve(skb_new
, crypt
->ops
->extra_msdu_prefix_len
);
380 memcpy(skb_put(skb_new
, hdr_len
), &header
, hdr_len
);
382 ieee80211_copy_snap(skb_put(skb_new
, SNAP_SIZE
+ sizeof(u16
)),
384 skb_copy_from_linear_data(skb
, skb_put(skb_new
, skb
->len
), skb
->len
);
385 res
= crypt
->ops
->encrypt_msdu(skb_new
, hdr_len
, crypt
->priv
);
387 IEEE80211_ERROR("msdu encryption failed\n");
388 dev_kfree_skb_any(skb_new
);
391 dev_kfree_skb_any(skb
);
393 bytes
+= crypt
->ops
->extra_msdu_prefix_len
+
394 crypt
->ops
->extra_msdu_postfix_len
;
395 skb_pull(skb
, hdr_len
);
398 if (host_encrypt
|| ieee
->host_open_frag
) {
399 /* Determine fragmentation size based on destination (multicast
400 * and broadcast are not fragmented) */
401 if (is_multicast_ether_addr(dest
) ||
402 is_broadcast_ether_addr(dest
))
403 frag_size
= MAX_FRAG_THRESHOLD
;
405 frag_size
= ieee
->fts
;
407 /* Determine amount of payload per fragment. Regardless of if
408 * this stack is providing the full 802.11 header, one will
409 * eventually be affixed to this fragment -- so we must account
410 * for it when determining the amount of payload space. */
411 bytes_per_frag
= frag_size
- hdr_len
;
413 (CFG_IEEE80211_COMPUTE_FCS
| CFG_IEEE80211_RESERVE_FCS
))
414 bytes_per_frag
-= IEEE80211_FCS_LEN
;
416 /* Each fragment may need to have room for encryptiong
419 bytes_per_frag
-= crypt
->ops
->extra_mpdu_prefix_len
+
420 crypt
->ops
->extra_mpdu_postfix_len
;
422 /* Number of fragments is the total
423 * bytes_per_frag / payload_per_fragment */
424 nr_frags
= bytes
/ bytes_per_frag
;
425 bytes_last_frag
= bytes
% bytes_per_frag
;
429 bytes_last_frag
= bytes_per_frag
;
432 bytes_per_frag
= bytes_last_frag
= bytes
;
433 frag_size
= bytes
+ hdr_len
;
436 rts_required
= (frag_size
> ieee
->rts
437 && ieee
->config
& CFG_IEEE80211_RTS
);
441 /* When we allocate the TXB we allocate enough space for the reserve
442 * and full fragment bytes (bytes_per_frag doesn't include prefix,
443 * postfix, header, FCS, etc.) */
444 txb
= ieee80211_alloc_txb(nr_frags
, frag_size
,
445 ieee
->tx_headroom
, GFP_ATOMIC
);
446 if (unlikely(!txb
)) {
447 printk(KERN_WARNING
"%s: Could not allocate TXB\n",
451 txb
->encrypted
= encrypt
;
453 txb
->payload_size
= frag_size
* (nr_frags
- 1) +
456 txb
->payload_size
= bytes
;
459 skb_frag
= txb
->fragments
[0];
461 (struct ieee80211_hdr_3addrqos
*)skb_put(skb_frag
, hdr_len
);
464 * Set header frame_ctl to the RTS.
467 cpu_to_le16(IEEE80211_FTYPE_CTL
| IEEE80211_STYPE_RTS
);
468 memcpy(frag_hdr
, &header
, hdr_len
);
471 * Restore header frame_ctl to the original data setting.
473 header
.frame_ctl
= cpu_to_le16(fc
);
476 (CFG_IEEE80211_COMPUTE_FCS
| CFG_IEEE80211_RESERVE_FCS
))
477 skb_put(skb_frag
, 4);
479 txb
->rts_included
= 1;
484 for (; i
< nr_frags
; i
++) {
485 skb_frag
= txb
->fragments
[i
];
487 if (host_encrypt
|| host_build_iv
)
488 skb_reserve(skb_frag
,
489 crypt
->ops
->extra_mpdu_prefix_len
);
492 (struct ieee80211_hdr_3addrqos
*)skb_put(skb_frag
, hdr_len
);
493 memcpy(frag_hdr
, &header
, hdr_len
);
495 /* If this is not the last fragment, then add the MOREFRAGS
496 * bit to the frame control */
497 if (i
!= nr_frags
- 1) {
498 frag_hdr
->frame_ctl
=
499 cpu_to_le16(fc
| IEEE80211_FCTL_MOREFRAGS
);
500 bytes
= bytes_per_frag
;
502 /* The last fragment takes the remaining length */
503 bytes
= bytes_last_frag
;
506 if (i
== 0 && !snapped
) {
507 ieee80211_copy_snap(skb_put
508 (skb_frag
, SNAP_SIZE
+ sizeof(u16
)),
510 bytes
-= SNAP_SIZE
+ sizeof(u16
);
513 skb_copy_from_linear_data(skb
, skb_put(skb_frag
, bytes
), bytes
);
515 /* Advance the SKB... */
516 skb_pull(skb
, bytes
);
518 /* Encryption routine will move the header forward in order
519 * to insert the IV between the header and the payload */
521 ieee80211_encrypt_fragment(ieee
, skb_frag
, hdr_len
);
522 else if (host_build_iv
) {
523 atomic_inc(&crypt
->refcnt
);
524 if (crypt
->ops
->build_iv
)
525 crypt
->ops
->build_iv(skb_frag
, hdr_len
,
526 ieee
->sec
.keys
[ieee
->sec
.active_key
],
527 ieee
->sec
.key_sizes
[ieee
->sec
.active_key
],
529 atomic_dec(&crypt
->refcnt
);
533 (CFG_IEEE80211_COMPUTE_FCS
| CFG_IEEE80211_RESERVE_FCS
))
534 skb_put(skb_frag
, 4);
538 spin_unlock_irqrestore(&ieee
->lock
, flags
);
540 dev_kfree_skb_any(skb
);
543 int ret
= (*ieee
->hard_start_xmit
) (txb
, dev
, priority
);
546 stats
->tx_bytes
+= txb
->payload_size
;
550 ieee80211_txb_free(txb
);
556 spin_unlock_irqrestore(&ieee
->lock
, flags
);
557 netif_stop_queue(dev
);
562 EXPORT_SYMBOL(ieee80211_txb_free
);