LXR linux/drivers/staging/rtl8192u/ieee80211/ieee80211

   1/******************************************************************************
   2 *
   3 *  Copyright(c) 2003 - 2004 Intel Corporation. All rights reserved.
   4 *
   5 *  This program is free software; you can redistribute it and/or modify it
   6 *  under the terms of version 2 of the GNU General Public License as
   7 *  published by the Free Software Foundation.
   8 *
   9 *  This program is distributed in the hope that it will be useful, but WITHOUT
  10 *  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11 *  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  12 *  more details.
  13 *
  14 *  You should have received a copy of the GNU General Public License along with
  15 *  this program; if not, write to the Free Software Foundation, Inc., 59
  16 *  Temple Place - Suite 330, Boston, MA  02111-1307, USA.
  17 *
  18 *  The full GNU General Public License is included in this distribution in the
  19 *  file called LICENSE.
  20 *
  21 *  Contact Information:
  22 *  James P. Ketrenos <ipw2100-admin@linux.intel.com>
  23 *  Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
  24 *
  25 *
  26 *  Few modifications for Realtek's Wi-Fi drivers by
  27 *  Andrea Merello <andrea.merello@gmail.com>
  28 *
  29 *  A special thanks goes to Realtek for their support !
  30 *
  31 ******************************************************************************/
  32
  33#include <linux/compiler.h>
  34#include <linux/errno.h>
  35#include <linux/if_arp.h>
  36#include <linux/in6.h>
  37#include <linux/in.h>
  38#include <linux/ip.h>
  39#include <linux/kernel.h>
  40#include <linux/module.h>
  41#include <linux/netdevice.h>
  42#include <linux/pci.h>
  43#include <linux/proc_fs.h>
  44#include <linux/skbuff.h>
  45#include <linux/slab.h>
  46#include <linux/tcp.h>
  47#include <linux/types.h>
  48#include <linux/wireless.h>
  49#include <linux/etherdevice.h>
  50#include <linux/uaccess.h>
  51#include <linux/if_vlan.h>
  52
  53#include "ieee80211.h"
  54
  55
  56/*
  57 *
  58 *
  59 * 802.11 Data Frame
  60 *
  61 *
  62 * 802.11 frame_contorl for data frames - 2 bytes
  63 *      ,-----------------------------------------------------------------------------------------.
  64 * bits | 0  |  1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9  |  a  |  b  |  c  |  d  |  e   |
  65 *      |----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------|
  66 * val  | 0  |  0  |  0  |  1  |  x  |  0  |  0  |  0  |  1  |  0  |  x  |  x  |  x  |  x  |  x   |
  67 *      |----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------|
  68 * desc | ^-ver-^  |  ^type-^  |  ^-----subtype-----^  | to  |from |more |retry| pwr |more |wep   |
  69 *      |          |           | x=0 data,x=1 data+ack | DS  | DS  |frag |     | mgm |data |      |
  70 *      '-----------------------------------------------------------------------------------------'
  71 *                                                    /\
  72 *                                                    |
  73 * 802.11 Data Frame                                  |
  74 *           ,--------- 'ctrl' expands to >-----------'
  75 *           |
  76 *        ,--'---,-------------------------------------------------------------.
  77 *  Bytes |  2   |  2   |    6    |    6    |    6    |  2   | 0..2312 |   4  |
  78 *        |------|------|---------|---------|---------|------|---------|------|
  79 *  Desc. | ctrl | dura |  DA/RA  |   TA    |    SA   | Sequ |  Frame  |  fcs |
  80 *        |      | tion | (BSSID) |         |         | ence |  data   |      |
  81 *        `--------------------------------------------------|         |------'
  82 *  Total: 28 non-data bytes                                 `----.----'
  83 *                                                                |
  84 *         .- 'Frame data' expands to <---------------------------'
  85 *         |
  86 *         V
  87 *        ,---------------------------------------------------.
  88 *  Bytes |  1   |  1   |    1    |    3     |  2   |  0-2304 |
  89 *        |------|------|---------|----------|------|---------|
  90 *  Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP      |
  91 *        | DSAP | SSAP |         |          |      | Packet  |
  92 *        | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8|      |         |
  93 *        `-----------------------------------------|         |
  94 *  Total: 8 non-data bytes                         `----.----'
  95 *                                                       |
  96 *         .- 'IP Packet' expands, if WEP enabled, to <--'
  97 *         |
  98 *         V
  99 *        ,-----------------------.
 100 *  Bytes |  4  |   0-2296  |  4  |
 101 *        |-----|-----------|-----|
 102 *  Desc. | IV  | Encrypted | ICV |
 103 *        |     | IP Packet |     |
 104 *        `-----------------------'
 105 *  Total: 8 non-data bytes
 106 *
 107 *
 108 *  802.3 Ethernet Data Frame
 109 *
 110 *        ,-----------------------------------------.
 111 *  Bytes |   6   |   6   |  2   |  Variable |   4  |
 112 *        |-------|-------|------|-----------|------|
 113 *  Desc. | Dest. | Source| Type | IP Packet |  fcs |
 114 *        |  MAC  |  MAC  |      |           |      |
 115 *        `-----------------------------------------'
 116 *  Total: 18 non-data bytes
 117 *
 118 *  In the event that fragmentation is required, the incoming payload is split into
 119 *  N parts of size ieee->fts.  The first fragment contains the SNAP header and the
 120 *  remaining packets are just data.
 121 *
 122 *  If encryption is enabled, each fragment payload size is reduced by enough space
 123 *  to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
 124 *  So if you have 1500 bytes of payload with ieee->fts set to 500 without
 125 *  encryption it will take 3 frames.  With WEP it will take 4 frames as the
 126 *  payload of each frame is reduced to 492 bytes.
 127 *
 128 * SKB visualization
 129 *
 130 *  ,- skb->data
 131 * |
 132 * |    ETHERNET HEADER        ,-<-- PAYLOAD
 133 * |                           |     14 bytes from skb->data
 134 * |  2 bytes for Type --> ,T. |     (sizeof ethhdr)
 135 * |                       | | |
 136 * |,-Dest.--. ,--Src.---. | | |
 137 * |  6 bytes| | 6 bytes | | | |
 138 * v         | |         | | | |
 139 * 0         | v       1 | v | v           2
 140 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
 141 *     ^     | ^         | ^ |
 142 *     |     | |         | | |
 143 *     |     | |         | `T' <---- 2 bytes for Type
 144 *     |     | |         |
 145 *     |     | '---SNAP--' <-------- 6 bytes for SNAP
 146 *     |     |
 147 *     `-IV--' <-------------------- 4 bytes for IV (WEP)
 148 *
 149 *      SNAP HEADER
 150 *
 151 */
 152
 153static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
 154static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
 155
 156static inline int ieee80211_put_snap(u8 *data, u16 h_proto)
 157{
 158        struct ieee80211_snap_hdr *snap;
 159        u8 *oui;
 160
 161        snap = (struct ieee80211_snap_hdr *)data;
 162        snap->dsap = 0xaa;
 163        snap->ssap = 0xaa;
 164        snap->ctrl = 0x03;
 165
 166        if (h_proto == 0x8137 || h_proto == 0x80f3)
 167                oui = P802_1H_OUI;
 168        else
 169                oui = RFC1042_OUI;
 170        snap->oui[0] = oui[0];
 171        snap->oui[1] = oui[1];
 172        snap->oui[2] = oui[2];
 173
 174        *(__be16 *)(data + SNAP_SIZE) = htons(h_proto);
 175
 176        return SNAP_SIZE + sizeof(u16);
 177}
 178
 179int ieee80211_encrypt_fragment(
 180        struct ieee80211_device *ieee,
 181        struct sk_buff *frag,
 182        int hdr_len)
 183{
 184        struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
 185        int res;
 186
 187        if (!(crypt && crypt->ops))
 188        {
 189                printk("=========>%s(), crypt is null\n", __func__);
 190                return -1;
 191        }
 192
 193        if (ieee->tkip_countermeasures &&
 194            crypt && crypt->ops && strcmp(crypt->ops->name, "TKIP") == 0) {
 195                if (net_ratelimit()) {
 196                        struct rtl_80211_hdr_3addrqos *header;
 197
 198                        header = (struct rtl_80211_hdr_3addrqos *)frag->data;
 199                        printk(KERN_DEBUG "%s: TKIP countermeasures: dropped "
 200                               "TX packet to %pM\n",
 201                               ieee->dev->name, header->addr1);
 202                }
 203                return -1;
 204        }
 205
 206        /* To encrypt, frame format is:
 207         * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes)
 208         */
 209
 210        // PR: FIXME: Copied from hostap. Check fragmentation/MSDU/MPDU encryption.
 211        /* Host-based IEEE 802.11 fragmentation for TX is not yet supported, so
 212         * call both MSDU and MPDU encryption functions from here.
 213         */
 214        atomic_inc(&crypt->refcnt);
 215        res = 0;
 216        if (crypt->ops->encrypt_msdu)
 217                res = crypt->ops->encrypt_msdu(frag, hdr_len, crypt->priv);
 218        if (res == 0 && crypt->ops->encrypt_mpdu)
 219                res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv);
 220
 221        atomic_dec(&crypt->refcnt);
 222        if (res < 0) {
 223                printk(KERN_INFO "%s: Encryption failed: len=%d.\n",
 224                       ieee->dev->name, frag->len);
 225                ieee->ieee_stats.tx_discards++;
 226                return -1;
 227        }
 228
 229        return 0;
 230}
 231
 232
 233void ieee80211_txb_free(struct ieee80211_txb *txb) {
 234        //int i;
 235        if (unlikely(!txb))
 236                return;
 237        kfree(txb);
 238}
 239EXPORT_SYMBOL(ieee80211_txb_free);
 240
 241static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
 242                                                 gfp_t gfp_mask)
 243{
 244        struct ieee80211_txb *txb;
 245        int i;
 246        txb = kmalloc(
 247                sizeof(struct ieee80211_txb) + (sizeof(u8 *) * nr_frags),
 248                gfp_mask);
 249        if (!txb)
 250                return NULL;
 251
 252        memset(txb, 0, sizeof(struct ieee80211_txb));
 253        txb->nr_frags = nr_frags;
 254        txb->frag_size = __cpu_to_le16(txb_size);
 255
 256        for (i = 0; i < nr_frags; i++) {
 257                txb->fragments[i] = dev_alloc_skb(txb_size);
 258                if (unlikely(!txb->fragments[i])) {
 259                        i--;
 260                        break;
 261                }
 262                memset(txb->fragments[i]->cb, 0, sizeof(txb->fragments[i]->cb));
 263        }
 264        if (unlikely(i != nr_frags)) {
 265                while (i >= 0)
 266                        dev_kfree_skb_any(txb->fragments[i--]);
 267                kfree(txb);
 268                return NULL;
 269        }
 270        return txb;
 271}
 272
 273// Classify the to-be send data packet
 274// Need to acquire the sent queue index.
 275static int
 276ieee80211_classify(struct sk_buff *skb, struct ieee80211_network *network)
 277{
 278        struct ethhdr *eth;
 279        struct iphdr *ip;
 280        eth = (struct ethhdr *)skb->data;
 281        if (eth->h_proto != htons(ETH_P_IP))
 282                return 0;
 283
 284        ip = ip_hdr(skb);
 285        switch (ip->tos & 0xfc) {
 286        case 0x20:
 287                return 2;
 288        case 0x40:
 289                return 1;
 290        case 0x60:
 291                return 3;
 292        case 0x80:
 293                return 4;
 294        case 0xa0:
 295                return 5;
 296        case 0xc0:
 297                return 6;
 298        case 0xe0:
 299                return 7;
 300        default:
 301                return 0;
 302        }
 303}
 304
 305#define SN_LESS(a, b)           (((a-b)&0x800)!=0)
 306static void ieee80211_tx_query_agg_cap(struct ieee80211_device *ieee,
 307                                       struct sk_buff *skb, struct cb_desc *tcb_desc)
 308{
 309        PRT_HIGH_THROUGHPUT     pHTInfo = ieee->pHTInfo;
 310        PTX_TS_RECORD                   pTxTs = NULL;
 311        struct rtl_80211_hdr_1addr *hdr = (struct rtl_80211_hdr_1addr *)skb->data;
 312
 313        if (!pHTInfo->bCurrentHTSupport||!pHTInfo->bEnableHT)
 314                return;
 315        if (!IsQoSDataFrame(skb->data))
 316                return;
 317
 318        if (is_multicast_ether_addr(hdr->addr1))
 319                return;
 320        //check packet and mode later
 321#ifdef TO_DO_LIST
 322        if(pTcb->PacketLength >= 4096)
 323                return;
 324        // For RTL819X, if pairwisekey = wep/tkip, we don't aggrregation.
 325        if(!Adapter->HalFunc.GetNmodeSupportBySecCfgHandler(Adapter))
 326                return;
 327#endif
 328        if(!ieee->GetNmodeSupportBySecCfg(ieee->dev))
 329        {
 330                return;
 331        }
 332        if(pHTInfo->bCurrentAMPDUEnable)
 333        {
 334                if (!GetTs(ieee, (PTS_COMMON_INFO *)(&pTxTs), hdr->addr1, skb->priority, TX_DIR, true))
 335                {
 336                        printk("===>can't get TS\n");
 337                        return;
 338                }
 339                if (!pTxTs->TxAdmittedBARecord.bValid)
 340                {
 341                        TsStartAddBaProcess(ieee, pTxTs);
 342                        goto FORCED_AGG_SETTING;
 343                }
 344                else if (!pTxTs->bUsingBa)
 345                {
 346                        if (SN_LESS(pTxTs->TxAdmittedBARecord.BaStartSeqCtrl.field.SeqNum, (pTxTs->TxCurSeq+1)%4096))
 347                                pTxTs->bUsingBa = true;
 348                        else
 349                                goto FORCED_AGG_SETTING;
 350                }
 351
 352                if (ieee->iw_mode == IW_MODE_INFRA)
 353                {
 354                        tcb_desc->bAMPDUEnable = true;
 355                        tcb_desc->ampdu_factor = pHTInfo->CurrentAMPDUFactor;
 356                        tcb_desc->ampdu_density = pHTInfo->CurrentMPDUDensity;
 357                }
 358        }
 359FORCED_AGG_SETTING:
 360        switch (pHTInfo->ForcedAMPDUMode )
 361        {
 362                case HT_AGG_AUTO:
 363                        break;
 364
 365                case HT_AGG_FORCE_ENABLE:
 366                        tcb_desc->bAMPDUEnable = true;
 367                        tcb_desc->ampdu_density = pHTInfo->ForcedMPDUDensity;
 368                        tcb_desc->ampdu_factor = pHTInfo->ForcedAMPDUFactor;
 369                        break;
 370
 371                case HT_AGG_FORCE_DISABLE:
 372                        tcb_desc->bAMPDUEnable = false;
 373                        tcb_desc->ampdu_density = 0;
 374                        tcb_desc->ampdu_factor = 0;
 375                        break;
 376
 377        }
 378                return;
 379}
 380
 381static void ieee80211_qurey_ShortPreambleMode(struct ieee80211_device *ieee,
 382                                              struct cb_desc *tcb_desc)
 383{
 384        tcb_desc->bUseShortPreamble = false;
 385        if (tcb_desc->data_rate == 2)
 386        {//// 1M can only use Long Preamble. 11B spec
 387                return;
 388        }
 389        else if (ieee->current_network.capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
 390        {
 391                tcb_desc->bUseShortPreamble = true;
 392        }
 393        return;
 394}
 395static void
 396ieee80211_query_HTCapShortGI(struct ieee80211_device *ieee, struct cb_desc *tcb_desc)
 397{
 398        PRT_HIGH_THROUGHPUT             pHTInfo = ieee->pHTInfo;
 399
 400        tcb_desc->bUseShortGI           = false;
 401
 402        if(!pHTInfo->bCurrentHTSupport||!pHTInfo->bEnableHT)
 403                return;
 404
 405        if(pHTInfo->bForcedShortGI)
 406        {
 407                tcb_desc->bUseShortGI = true;
 408                return;
 409        }
 410
 411        if((pHTInfo->bCurBW40MHz==true) && pHTInfo->bCurShortGI40MHz)
 412                tcb_desc->bUseShortGI = true;
 413        else if((pHTInfo->bCurBW40MHz==false) && pHTInfo->bCurShortGI20MHz)
 414                tcb_desc->bUseShortGI = true;
 415}
 416
 417static void ieee80211_query_BandwidthMode(struct ieee80211_device *ieee,
 418                                          struct cb_desc *tcb_desc)
 419{
 420        PRT_HIGH_THROUGHPUT     pHTInfo = ieee->pHTInfo;
 421
 422        tcb_desc->bPacketBW = false;
 423
 424        if(!pHTInfo->bCurrentHTSupport||!pHTInfo->bEnableHT)
 425                return;
 426
 427        if(tcb_desc->bMulticast || tcb_desc->bBroadcast)
 428                return;
 429
 430        if((tcb_desc->data_rate & 0x80)==0) // If using legacy rate, it shall use 20MHz channel.
 431                return;
 432        //BandWidthAutoSwitch is for auto switch to 20 or 40 in long distance
 433        if(pHTInfo->bCurBW40MHz && pHTInfo->bCurTxBW40MHz && !ieee->bandwidth_auto_switch.bforced_tx20Mhz)
 434                tcb_desc->bPacketBW = true;
 435        return;
 436}
 437
 438static void ieee80211_query_protectionmode(struct ieee80211_device *ieee,
 439                                           struct cb_desc *tcb_desc,
 440                                           struct sk_buff *skb)
 441{
 442        // Common Settings
 443        tcb_desc->bRTSSTBC                      = false;
 444        tcb_desc->bRTSUseShortGI                = false; // Since protection frames are always sent by legacy rate, ShortGI will never be used.
 445        tcb_desc->bCTSEnable                    = false; // Most of protection using RTS/CTS
 446        tcb_desc->RTSSC                         = 0;            // 20MHz: Don't care;  40MHz: Duplicate.
 447        tcb_desc->bRTSBW                        = false; // RTS frame bandwidth is always 20MHz
 448
 449        if(tcb_desc->bBroadcast || tcb_desc->bMulticast)//only unicast frame will use rts/cts
 450                return;
 451
 452        if (is_broadcast_ether_addr(skb->data+16))  //check addr3 as infrastructure add3 is DA.
 453                return;
 454
 455        if (ieee->mode < IEEE_N_24G) //b, g mode
 456        {
 457                        // (1) RTS_Threshold is compared to the MPDU, not MSDU.
 458                        // (2) If there are more than one frag in  this MSDU, only the first frag uses protection frame.
 459                        //              Other fragments are protected by previous fragment.
 460                        //              So we only need to check the length of first fragment.
 461                if (skb->len > ieee->rts)
 462                {
 463                        tcb_desc->bRTSEnable = true;
 464                        tcb_desc->rts_rate = MGN_24M;
 465                }
 466                else if (ieee->current_network.buseprotection)
 467                {
 468                        // Use CTS-to-SELF in protection mode.
 469                        tcb_desc->bRTSEnable = true;
 470                        tcb_desc->bCTSEnable = true;
 471                        tcb_desc->rts_rate = MGN_24M;
 472                }
 473                //otherwise return;
 474                return;
 475        }
 476        else
 477        {// 11n High throughput case.
 478                PRT_HIGH_THROUGHPUT pHTInfo = ieee->pHTInfo;
 479                while (true)
 480                {
 481                        //check ERP protection
 482                        if (ieee->current_network.buseprotection)
 483                        {// CTS-to-SELF
 484                                tcb_desc->bRTSEnable = true;
 485                                tcb_desc->bCTSEnable = true;
 486                                tcb_desc->rts_rate = MGN_24M;
 487                                break;
 488                        }
 489                        //check HT op mode
 490                        if(pHTInfo->bCurrentHTSupport  && pHTInfo->bEnableHT)
 491                        {
 492                                u8 HTOpMode = pHTInfo->CurrentOpMode;
 493                                if((pHTInfo->bCurBW40MHz && (HTOpMode == 2 || HTOpMode == 3)) ||
 494                                                        (!pHTInfo->bCurBW40MHz && HTOpMode == 3) )
 495                                {
 496                                        tcb_desc->rts_rate = MGN_24M; // Rate is 24Mbps.
 497                                        tcb_desc->bRTSEnable = true;
 498                                        break;
 499                                }
 500                        }
 501                        //check rts
 502                        if (skb->len > ieee->rts)
 503                        {
 504                                tcb_desc->rts_rate = MGN_24M; // Rate is 24Mbps.
 505                                tcb_desc->bRTSEnable = true;
 506                                break;
 507                        }
 508                        //to do list: check MIMO power save condition.
 509                        //check AMPDU aggregation for TXOP
 510                        if(tcb_desc->bAMPDUEnable)
 511                        {
 512                                tcb_desc->rts_rate = MGN_24M; // Rate is 24Mbps.
 513                                // According to 8190 design, firmware sends CF-End only if RTS/CTS is enabled. However, it degrads
 514                                // throughput around 10M, so we disable of this mechanism. 2007.08.03 by Emily
 515                                tcb_desc->bRTSEnable = false;
 516                                break;
 517                        }
 518                        //check IOT action
 519                        if(pHTInfo->IOTAction & HT_IOT_ACT_FORCED_CTS2SELF)
 520                        {
 521                                tcb_desc->bCTSEnable    = true;
 522                                tcb_desc->rts_rate  =   MGN_24M;
 523                                tcb_desc->bRTSEnable = true;
 524                                break;
 525                        }
 526                        // Totally no protection case!!
 527                        goto NO_PROTECTION;
 528                }
 529                }
 530        // For test , CTS replace with RTS
 531        if (0) {
 532                tcb_desc->bCTSEnable    = true;
 533                tcb_desc->rts_rate = MGN_24M;
 534                tcb_desc->bRTSEnable    = true;
 535        }
 536        if (ieee->current_network.capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
 537                tcb_desc->bUseShortPreamble = true;
 538        if (ieee->mode == IW_MODE_MASTER)
 539                        goto NO_PROTECTION;
 540        return;
 541NO_PROTECTION:
 542        tcb_desc->bRTSEnable    = false;
 543        tcb_desc->bCTSEnable    = false;
 544        tcb_desc->rts_rate              = 0;
 545        tcb_desc->RTSSC         = 0;
 546        tcb_desc->bRTSBW                = false;
 547}
 548
 549
 550static void ieee80211_txrate_selectmode(struct ieee80211_device *ieee,
 551                                        struct cb_desc *tcb_desc)
 552{
 553#ifdef TO_DO_LIST
 554        if(!IsDataFrame(pFrame))
 555        {
 556                pTcb->bTxDisableRateFallBack = true;
 557                pTcb->bTxUseDriverAssingedRate = true;
 558                pTcb->RATRIndex = 7;
 559                return;
 560        }
 561
 562        if(pMgntInfo->ForcedDataRate!= 0)
 563        {
 564                pTcb->bTxDisableRateFallBack = true;
 565                pTcb->bTxUseDriverAssingedRate = true;
 566                return;
 567        }
 568#endif
 569        if(ieee->bTxDisableRateFallBack)
 570                tcb_desc->bTxDisableRateFallBack = true;
 571
 572        if(ieee->bTxUseDriverAssingedRate)
 573                tcb_desc->bTxUseDriverAssingedRate = true;
 574        if(!tcb_desc->bTxDisableRateFallBack || !tcb_desc->bTxUseDriverAssingedRate)
 575        {
 576                if (ieee->iw_mode == IW_MODE_INFRA || ieee->iw_mode == IW_MODE_ADHOC)
 577                        tcb_desc->RATRIndex = 0;
 578        }
 579}
 580
 581static void ieee80211_query_seqnum(struct ieee80211_device *ieee,
 582                                   struct sk_buff *skb, u8 *dst)
 583{
 584        if (is_multicast_ether_addr(dst))
 585                return;
 586        if (IsQoSDataFrame(skb->data)) //we deal qos data only
 587        {
 588                PTX_TS_RECORD pTS = NULL;
 589                if (!GetTs(ieee, (PTS_COMMON_INFO *)(&pTS), dst, skb->priority, TX_DIR, true))
 590                {
 591                        return;
 592                }
 593                pTS->TxCurSeq = (pTS->TxCurSeq+1)%4096;
 594        }
 595}
 596
 597int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
 598{
 599        struct ieee80211_device *ieee = netdev_priv(dev);
 600        struct ieee80211_txb *txb = NULL;
 601        struct rtl_80211_hdr_3addrqos *frag_hdr;
 602        int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size;
 603        unsigned long flags;
 604        struct net_device_stats *stats = &ieee->stats;
 605        int ether_type = 0, encrypt;
 606        int bytes, fc, qos_ctl = 0, hdr_len;
 607        struct sk_buff *skb_frag;
 608        struct rtl_80211_hdr_3addrqos header = { /* Ensure zero initialized */
 609                .duration_id = 0,
 610                .seq_ctl = 0,
 611                .qos_ctl = 0
 612        };
 613        u8 dest[ETH_ALEN], src[ETH_ALEN];
 614        int qos_actived = ieee->current_network.qos_data.active;
 615
 616        struct ieee80211_crypt_data *crypt;
 617
 618        struct cb_desc *tcb_desc;
 619
 620        spin_lock_irqsave(&ieee->lock, flags);
 621
 622        /* If there is no driver handler to take the TXB, dont' bother
 623         * creating it...
 624         */
 625        if ((!ieee->hard_start_xmit && !(ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE))||
 626           ((!ieee->softmac_data_hard_start_xmit && (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE)))) {
 627                printk(KERN_WARNING "%s: No xmit handler.\n",
 628                       ieee->dev->name);
 629                goto success;
 630        }
 631
 632
 633        if(likely(ieee->raw_tx == 0)){
 634                if (unlikely(skb->len < SNAP_SIZE + sizeof(u16))) {
 635                        printk(KERN_WARNING "%s: skb too small (%d).\n",
 636                        ieee->dev->name, skb->len);
 637                        goto success;
 638                }
 639
 640                memset(skb->cb, 0, sizeof(skb->cb));
 641                ether_type = ntohs(((struct ethhdr *)skb->data)->h_proto);
 642
 643                crypt = ieee->crypt[ieee->tx_keyidx];
 644
 645                encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
 646                        ieee->host_encrypt && crypt && crypt->ops;
 647
 648                if (!encrypt && ieee->ieee802_1x &&
 649                ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
 650                        stats->tx_dropped++;
 651                        goto success;
 652                }
 653        #ifdef CONFIG_IEEE80211_DEBUG
 654                if (crypt && !encrypt && ether_type == ETH_P_PAE) {
 655                        struct eapol *eap = (struct eapol *)(skb->data +
 656                                sizeof(struct ethhdr) - SNAP_SIZE - sizeof(u16));
 657                        IEEE80211_DEBUG_EAP("TX: IEEE 802.11 EAPOL frame: %s\n",
 658                                eap_get_type(eap->type));
 659                }
 660        #endif
 661
 662                /* Save source and destination addresses */
 663                memcpy(&dest, skb->data, ETH_ALEN);
 664                memcpy(&src, skb->data+ETH_ALEN, ETH_ALEN);
 665
 666                /* Advance the SKB to the start of the payload */
 667                skb_pull(skb, sizeof(struct ethhdr));
 668
 669                /* Determine total amount of storage required for TXB packets */
 670                bytes = skb->len + SNAP_SIZE + sizeof(u16);
 671
 672                if (encrypt)
 673                        fc = IEEE80211_FTYPE_DATA | IEEE80211_FCTL_WEP;
 674                else
 675
 676                        fc = IEEE80211_FTYPE_DATA;
 677
 678                //if(ieee->current_network.QoS_Enable)
 679                if(qos_actived)
 680                        fc |= IEEE80211_STYPE_QOS_DATA;
 681                else
 682                        fc |= IEEE80211_STYPE_DATA;
 683
 684                if (ieee->iw_mode == IW_MODE_INFRA) {
 685                        fc |= IEEE80211_FCTL_TODS;
 686                        /* To DS: Addr1 = BSSID, Addr2 = SA,
 687                         * Addr3 = DA
 688                         */
 689                        memcpy(&header.addr1, ieee->current_network.bssid, ETH_ALEN);
 690                        memcpy(&header.addr2, &src, ETH_ALEN);
 691                        memcpy(&header.addr3, &dest, ETH_ALEN);
 692                } else if (ieee->iw_mode == IW_MODE_ADHOC) {
 693                        /* not From/To DS: Addr1 = DA, Addr2 = SA,
 694                         * Addr3 = BSSID
 695                         */
 696                        memcpy(&header.addr1, dest, ETH_ALEN);
 697                        memcpy(&header.addr2, src, ETH_ALEN);
 698                        memcpy(&header.addr3, ieee->current_network.bssid, ETH_ALEN);
 699                }
 700
 701                header.frame_ctl = cpu_to_le16(fc);
 702
 703                /* Determine fragmentation size based on destination (multicast
 704                 * and broadcast are not fragmented)
 705                 */
 706                if (is_multicast_ether_addr(header.addr1)) {
 707                        frag_size = MAX_FRAG_THRESHOLD;
 708                        qos_ctl |= QOS_CTL_NOTCONTAIN_ACK;
 709                }
 710                else {
 711                        frag_size = ieee->fts;//default:392
 712                        qos_ctl = 0;
 713                }
 714
 715                //if (ieee->current_network.QoS_Enable)
 716                if(qos_actived)
 717                {
 718                        hdr_len = IEEE80211_3ADDR_LEN + 2;
 719
 720                        skb->priority = ieee80211_classify(skb, &ieee->current_network);
 721                        qos_ctl |= skb->priority; //set in the ieee80211_classify
 722                        header.qos_ctl = cpu_to_le16(qos_ctl & IEEE80211_QOS_TID);
 723                } else {
 724                        hdr_len = IEEE80211_3ADDR_LEN;
 725                }
 726                /* Determine amount of payload per fragment.  Regardless of if
 727                 * this stack is providing the full 802.11 header, one will
 728                 * eventually be affixed to this fragment -- so we must account for
 729                 * it when determining the amount of payload space.
 730                 */
 731                bytes_per_frag = frag_size - hdr_len;
 732                if (ieee->config &
 733                (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
 734                        bytes_per_frag -= IEEE80211_FCS_LEN;
 735
 736                /* Each fragment may need to have room for encryption pre/postfix */
 737                if (encrypt)
 738                        bytes_per_frag -= crypt->ops->extra_prefix_len +
 739                                crypt->ops->extra_postfix_len;
 740
 741                /* Number of fragments is the total bytes_per_frag /
 742                 * payload_per_fragment
 743                 */
 744                nr_frags = bytes / bytes_per_frag;
 745                bytes_last_frag = bytes % bytes_per_frag;
 746                if (bytes_last_frag)
 747                        nr_frags++;
 748                else
 749                        bytes_last_frag = bytes_per_frag;
 750
 751                /* When we allocate the TXB we allocate enough space for the reserve
 752                 * and full fragment bytes (bytes_per_frag doesn't include prefix,
 753                 * postfix, header, FCS, etc.)
 754                 */
 755                txb = ieee80211_alloc_txb(nr_frags, frag_size + ieee->tx_headroom, GFP_ATOMIC);
 756                if (unlikely(!txb)) {
 757                        printk(KERN_WARNING "%s: Could not allocate TXB\n",
 758                        ieee->dev->name);
 759                        goto failed;
 760                }
 761                txb->encrypted = encrypt;
 762                txb->payload_size = __cpu_to_le16(bytes);
 763
 764                //if (ieee->current_network.QoS_Enable)
 765                if(qos_actived)
 766                {
 767                        txb->queue_index = UP2AC(skb->priority);
 768                } else {
 769                        txb->queue_index = WME_AC_BK;
 770                }
 771
 772
 773
 774                for (i = 0; i < nr_frags; i++) {
 775                        skb_frag = txb->fragments[i];
 776                        tcb_desc = (struct cb_desc *)(skb_frag->cb + MAX_DEV_ADDR_SIZE);
 777                        if(qos_actived){
 778                                skb_frag->priority = skb->priority;//UP2AC(skb->priority);
 779                                tcb_desc->queue_index =  UP2AC(skb->priority);
 780                        } else {
 781                                skb_frag->priority = WME_AC_BK;
 782                                tcb_desc->queue_index = WME_AC_BK;
 783                        }
 784                        skb_reserve(skb_frag, ieee->tx_headroom);
 785
 786                        if (encrypt){
 787                                if (ieee->hwsec_active)
 788                                        tcb_desc->bHwSec = 1;
 789                                else
 790                                        tcb_desc->bHwSec = 0;
 791                                skb_reserve(skb_frag, crypt->ops->extra_prefix_len);
 792                        }
 793                        else
 794                        {
 795                                tcb_desc->bHwSec = 0;
 796                        }
 797                        frag_hdr = (struct rtl_80211_hdr_3addrqos *)skb_put(skb_frag, hdr_len);
 798                        memcpy(frag_hdr, &header, hdr_len);
 799
 800                        /* If this is not the last fragment, then add the MOREFRAGS
 801                         * bit to the frame control
 802                         */
 803                        if (i != nr_frags - 1) {
 804                                frag_hdr->frame_ctl = cpu_to_le16(
 805                                        fc | IEEE80211_FCTL_MOREFRAGS);
 806                                bytes = bytes_per_frag;
 807
 808                        } else {
 809                                /* The last fragment takes the remaining length */
 810                                bytes = bytes_last_frag;
 811                        }
 812                        //if(ieee->current_network.QoS_Enable)
 813                        if(qos_actived)
 814                        {
 815                                // add 1 only indicate to corresponding seq number control 2006/7/12
 816                                frag_hdr->seq_ctl = cpu_to_le16(ieee->seq_ctrl[UP2AC(skb->priority)+1]<<4 | i);
 817                        } else {
 818                                frag_hdr->seq_ctl = cpu_to_le16(ieee->seq_ctrl[0]<<4 | i);
 819                        }
 820
 821                        /* Put a SNAP header on the first fragment */
 822                        if (i == 0) {
 823                                ieee80211_put_snap(
 824                                        skb_put(skb_frag, SNAP_SIZE + sizeof(u16)),
 825                                        ether_type);
 826                                bytes -= SNAP_SIZE + sizeof(u16);
 827                        }
 828
 829                        memcpy(skb_put(skb_frag, bytes), skb->data, bytes);
 830
 831                        /* Advance the SKB... */
 832                        skb_pull(skb, bytes);
 833
 834                        /* Encryption routine will move the header forward in order
 835                         * to insert the IV between the header and the payload
 836                         */
 837                        if (encrypt)
 838                                ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
 839                        if (ieee->config &
 840                        (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
 841                                skb_put(skb_frag, 4);
 842                }
 843
 844                if(qos_actived)
 845                {
 846                  if (ieee->seq_ctrl[UP2AC(skb->priority) + 1] == 0xFFF)
 847                        ieee->seq_ctrl[UP2AC(skb->priority) + 1] = 0;
 848                  else
 849                        ieee->seq_ctrl[UP2AC(skb->priority) + 1]++;
 850                } else {
 851                  if (ieee->seq_ctrl[0] == 0xFFF)
 852                        ieee->seq_ctrl[0] = 0;
 853                  else
 854                        ieee->seq_ctrl[0]++;
 855                }
 856        }else{
 857                if (unlikely(skb->len < sizeof(struct rtl_80211_hdr_3addr))) {
 858                        printk(KERN_WARNING "%s: skb too small (%d).\n",
 859                        ieee->dev->name, skb->len);
 860                        goto success;
 861                }
 862
 863                txb = ieee80211_alloc_txb(1, skb->len, GFP_ATOMIC);
 864                if(!txb){
 865                        printk(KERN_WARNING "%s: Could not allocate TXB\n",
 866                        ieee->dev->name);
 867                        goto failed;
 868                }
 869
 870                txb->encrypted = 0;
 871                txb->payload_size = __cpu_to_le16(skb->len);
 872                memcpy(skb_put(txb->fragments[0],skb->len), skb->data, skb->len);
 873        }
 874
 875 success:
 876//WB add to fill data tcb_desc here. only first fragment is considered, need to change, and you may remove to other place.
 877        if (txb)
 878        {
 879                struct cb_desc *tcb_desc = (struct cb_desc *)(txb->fragments[0]->cb + MAX_DEV_ADDR_SIZE);
 880                tcb_desc->bTxEnableFwCalcDur = 1;
 881                if (is_multicast_ether_addr(header.addr1))
 882                        tcb_desc->bMulticast = 1;
 883                if (is_broadcast_ether_addr(header.addr1))
 884                        tcb_desc->bBroadcast = 1;
 885                ieee80211_txrate_selectmode(ieee, tcb_desc);
 886                if (tcb_desc->bMulticast ||  tcb_desc->bBroadcast)
 887                        tcb_desc->data_rate = ieee->basic_rate;
 888                else
 889                        tcb_desc->data_rate = CURRENT_RATE(ieee->mode, ieee->rate, ieee->HTCurrentOperaRate);
 890                ieee80211_qurey_ShortPreambleMode(ieee, tcb_desc);
 891                ieee80211_tx_query_agg_cap(ieee, txb->fragments[0], tcb_desc);
 892                ieee80211_query_HTCapShortGI(ieee, tcb_desc);
 893                ieee80211_query_BandwidthMode(ieee, tcb_desc);
 894                ieee80211_query_protectionmode(ieee, tcb_desc, txb->fragments[0]);
 895                ieee80211_query_seqnum(ieee, txb->fragments[0], header.addr1);
 896        }
 897        spin_unlock_irqrestore(&ieee->lock, flags);
 898        dev_kfree_skb_any(skb);
 899        if (txb) {
 900                if (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE){
 901                        ieee80211_softmac_xmit(txb, ieee);
 902                }else{
 903                        if ((*ieee->hard_start_xmit)(txb, dev) == 0) {
 904                                stats->tx_packets++;
 905                                stats->tx_bytes += __le16_to_cpu(txb->payload_size);
 906                                return 0;
 907                        }
 908                        ieee80211_txb_free(txb);
 909                }
 910        }
 911
 912        return 0;
 913
 914 failed:
 915        spin_unlock_irqrestore(&ieee->lock, flags);
 916        netif_stop_queue(dev);
 917        stats->tx_errors++;
 918        return 1;
 919
 920}
 921