1
2
3
4
5
6
7
8
9#include <linux/circ_buf.h>
10#include <linux/if_arp.h>
11#include <net/iw_handler.h>
12#include <uapi/linux/llc.h>
13#include "eap_packet.h"
14#include "ks_wlan.h"
15#include "michael_mic.h"
16#include "ks_hostif.h"
17
18static inline void inc_smeqhead(struct ks_wlan_private *priv)
19{
20 priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE;
21}
22
23static inline void inc_smeqtail(struct ks_wlan_private *priv)
24{
25 priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE;
26}
27
28static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv)
29{
30 return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail,
31 SME_EVENT_BUFF_SIZE);
32}
33
34static inline u8 get_byte(struct ks_wlan_private *priv)
35{
36 u8 data;
37
38 data = *(priv->rxp)++;
39
40 --(priv->rx_size);
41 return data;
42}
43
44static inline u16 get_word(struct ks_wlan_private *priv)
45{
46 u16 data;
47
48 data = (get_byte(priv) & 0xff);
49 data |= ((get_byte(priv) << 8) & 0xff00);
50 return data;
51}
52
53static inline u32 get_dword(struct ks_wlan_private *priv)
54{
55 u32 data;
56
57 data = (get_byte(priv) & 0xff);
58 data |= ((get_byte(priv) << 8) & 0x0000ff00);
59 data |= ((get_byte(priv) << 16) & 0x00ff0000);
60 data |= ((get_byte(priv) << 24) & 0xff000000);
61 return data;
62}
63
64static void ks_wlan_hw_wakeup_task(struct work_struct *work)
65{
66 struct ks_wlan_private *priv;
67 int ps_status;
68 long time_left;
69
70 priv = container_of(work, struct ks_wlan_private, wakeup_work);
71 ps_status = atomic_read(&priv->psstatus.status);
72
73 if (ps_status == PS_SNOOZE) {
74 ks_wlan_hw_wakeup_request(priv);
75 time_left = wait_for_completion_interruptible_timeout(
76 &priv->psstatus.wakeup_wait,
77 msecs_to_jiffies(20));
78 if (time_left <= 0) {
79 netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n");
80 schedule_work(&priv->wakeup_work);
81 return;
82 }
83 }
84
85
86 if (atomic_read(&priv->sme_task.count) > 0)
87 tasklet_enable(&priv->sme_task);
88}
89
90static void ks_wlan_do_power_save(struct ks_wlan_private *priv)
91{
92 if (is_connect_status(priv->connect_status))
93 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST);
94 else
95 priv->dev_state = DEVICE_STATE_READY;
96}
97
98static
99int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info)
100{
101 struct local_ap *ap;
102 union iwreq_data wrqu;
103 struct net_device *netdev = priv->net_dev;
104 u8 size;
105
106 ap = &priv->current_ap;
107
108 if (is_disconnect_status(priv->connect_status)) {
109 memset(ap, 0, sizeof(struct local_ap));
110 return -EPERM;
111 }
112
113 ether_addr_copy(ap->bssid, ap_info->bssid);
114 memcpy(ap->ssid.body, priv->reg.ssid.body,
115 priv->reg.ssid.size);
116 ap->ssid.size = priv->reg.ssid.size;
117 memcpy(ap->rate_set.body, ap_info->rate_set.body,
118 ap_info->rate_set.size);
119 ap->rate_set.size = ap_info->rate_set.size;
120 if (ap_info->ext_rate_set.size != 0) {
121 memcpy(&ap->rate_set.body[ap->rate_set.size],
122 ap_info->ext_rate_set.body,
123 ap_info->ext_rate_set.size);
124 ap->rate_set.size += ap_info->ext_rate_set.size;
125 }
126 ap->channel = ap_info->ds_parameter.channel;
127 ap->rssi = ap_info->rssi;
128 ap->sq = ap_info->sq;
129 ap->noise = ap_info->noise;
130 ap->capability = le16_to_cpu(ap_info->capability);
131 size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ?
132 ap_info->rsn.size : RSN_IE_BODY_MAX;
133 if ((ap_info->rsn_mode & RSN_MODE_WPA2) &&
134 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) {
135 ap->rsn_ie.id = RSN_INFO_ELEM_ID;
136 ap->rsn_ie.size = size;
137 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size);
138 } else if ((ap_info->rsn_mode & RSN_MODE_WPA) &&
139 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) {
140 ap->wpa_ie.id = WPA_INFO_ELEM_ID;
141 ap->wpa_ie.size = size;
142 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size);
143 } else {
144 ap->rsn_ie.id = 0;
145 ap->rsn_ie.size = 0;
146 ap->wpa_ie.id = 0;
147 ap->wpa_ie.size = 0;
148 }
149
150 wrqu.data.length = 0;
151 wrqu.data.flags = 0;
152 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
153 if (is_connect_status(priv->connect_status)) {
154 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid);
155 netdev_dbg(priv->net_dev,
156 "IWEVENT: connect bssid=%pM\n",
157 wrqu.ap_addr.sa_data);
158 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
159 }
160 netdev_dbg(priv->net_dev, "Link AP\n"
161 "- bssid=%02X:%02X:%02X:%02X:%02X:%02X\n"
162 "- essid=%s\n"
163 "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n"
164 "- channel=%d\n"
165 "- rssi=%d\n"
166 "- sq=%d\n"
167 "- capability=%04X\n"
168 "- rsn.mode=%d\n"
169 "- rsn.size=%d\n"
170 "- ext_rate_set_size=%d\n"
171 "- rate_set_size=%d\n",
172 ap->bssid[0], ap->bssid[1], ap->bssid[2],
173 ap->bssid[3], ap->bssid[4], ap->bssid[5],
174 &(ap->ssid.body[0]),
175 ap->rate_set.body[0], ap->rate_set.body[1],
176 ap->rate_set.body[2], ap->rate_set.body[3],
177 ap->rate_set.body[4], ap->rate_set.body[5],
178 ap->rate_set.body[6], ap->rate_set.body[7],
179 ap->channel, ap->rssi, ap->sq, ap->capability,
180 ap_info->rsn_mode, ap_info->rsn.size,
181 ap_info->ext_rate_set.size, ap_info->rate_set.size);
182
183 return 0;
184}
185
186static u8 read_ie(unsigned char *bp, u8 max, u8 *body)
187{
188 u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max;
189
190 memcpy(body, bp + 2, size);
191 return size;
192}
193
194
195static
196int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info,
197 struct local_ap *ap)
198{
199 unsigned char *bp;
200 int bsize, offset;
201
202 memset(ap, 0, sizeof(struct local_ap));
203
204 ether_addr_copy(ap->bssid, ap_info->bssid);
205 ap->rssi = ap_info->rssi;
206 ap->sq = ap_info->sq;
207 ap->noise = ap_info->noise;
208 ap->capability = le16_to_cpu(ap_info->capability);
209 ap->channel = ap_info->ch_info;
210
211 bp = ap_info->body;
212 bsize = le16_to_cpu(ap_info->body_size);
213 offset = 0;
214
215 while (bsize > offset) {
216 switch (*bp) {
217 case WLAN_EID_SSID:
218 ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN,
219 ap->ssid.body);
220 break;
221 case WLAN_EID_SUPP_RATES:
222 case WLAN_EID_EXT_SUPP_RATES:
223 if ((*(bp + 1) + ap->rate_set.size) <=
224 RATE_SET_MAX_SIZE) {
225 memcpy(&ap->rate_set.body[ap->rate_set.size],
226 bp + 2, *(bp + 1));
227 ap->rate_set.size += *(bp + 1);
228 } else {
229 memcpy(&ap->rate_set.body[ap->rate_set.size],
230 bp + 2,
231 RATE_SET_MAX_SIZE - ap->rate_set.size);
232 ap->rate_set.size +=
233 (RATE_SET_MAX_SIZE - ap->rate_set.size);
234 }
235 break;
236 case WLAN_EID_RSN:
237 ap->rsn_ie.id = *bp;
238 ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
239 ap->rsn_ie.body);
240 break;
241 case WLAN_EID_VENDOR_SPECIFIC:
242
243 if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) {
244 ap->wpa_ie.id = *bp;
245 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
246 ap->wpa_ie.body);
247 }
248 break;
249 case WLAN_EID_DS_PARAMS:
250 case WLAN_EID_FH_PARAMS:
251 case WLAN_EID_CF_PARAMS:
252 case WLAN_EID_TIM:
253 case WLAN_EID_IBSS_PARAMS:
254 case WLAN_EID_COUNTRY:
255 case WLAN_EID_ERP_INFO:
256 break;
257 default:
258 netdev_err(priv->net_dev,
259 "unknown Element ID=%d\n", *bp);
260 break;
261 }
262
263 offset += 2;
264 offset += *(bp + 1);
265 bp += (*(bp + 1) + 2);
266 }
267
268 return 0;
269}
270
271static
272int hostif_data_indication_wpa(struct ks_wlan_private *priv,
273 unsigned short auth_type)
274{
275 struct ether_hdr *eth_hdr;
276 unsigned short eth_proto;
277 unsigned char recv_mic[8];
278 char buf[128];
279 unsigned long now;
280 struct mic_failure *mic_failure;
281 struct michael_mic michael_mic;
282 union iwreq_data wrqu;
283 unsigned int key_index = auth_type - 1;
284 struct wpa_key *key = &priv->wpa.key[key_index];
285
286 eth_hdr = (struct ether_hdr *)(priv->rxp);
287 eth_proto = ntohs(eth_hdr->h_proto);
288
289 if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) {
290 netdev_err(priv->net_dev, "invalid data format\n");
291 priv->nstats.rx_errors++;
292 return -EINVAL;
293 }
294 if (((auth_type == TYPE_PMK1 &&
295 priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) ||
296 (auth_type == TYPE_GMK1 &&
297 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) ||
298 (auth_type == TYPE_GMK2 &&
299 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) &&
300 key->key_len) {
301 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n",
302 eth_proto, priv->rx_size);
303
304 memcpy(&recv_mic[0], (priv->rxp) + ((priv->rx_size) - 8), 8);
305 priv->rx_size = priv->rx_size - 8;
306 if (auth_type > 0 && auth_type < 4) {
307 michael_mic_function(&michael_mic, key->rx_mic_key,
308 priv->rxp, priv->rx_size,
309 0, michael_mic.result);
310 }
311 if (memcmp(michael_mic.result, recv_mic, 8) != 0) {
312 now = jiffies;
313 mic_failure = &priv->wpa.mic_failure;
314
315 if (mic_failure->last_failure_time &&
316 (now - mic_failure->last_failure_time) / HZ >= 60) {
317 mic_failure->failure = 0;
318 }
319 netdev_err(priv->net_dev, "MIC FAILURE\n");
320 if (mic_failure->failure == 0) {
321 mic_failure->failure = 1;
322 mic_failure->counter = 0;
323 } else if (mic_failure->failure == 1) {
324 mic_failure->failure = 2;
325 mic_failure->counter =
326 (u16)((now - mic_failure->last_failure_time) / HZ);
327
328 if (!mic_failure->counter)
329 mic_failure->counter = 1;
330 }
331 priv->wpa.mic_failure.last_failure_time = now;
332
333
334 sprintf(buf,
335 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)",
336 key_index,
337 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni",
338 eth_hdr->h_source);
339 memset(&wrqu, 0, sizeof(wrqu));
340 wrqu.data.length = strlen(buf);
341 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu,
342 buf);
343 return -EINVAL;
344 }
345 }
346 return 0;
347}
348
349static
350void hostif_data_indication(struct ks_wlan_private *priv)
351{
352 unsigned int rx_ind_size;
353 struct sk_buff *skb;
354 u16 auth_type;
355 unsigned char temp[256];
356 struct ether_hdr *eth_hdr;
357 struct ieee802_1x_hdr *aa1x_hdr;
358 size_t size;
359 int ret;
360
361
362 if (priv->rx_size <= ETH_HLEN) {
363 priv->nstats.rx_errors++;
364 return;
365 }
366
367 auth_type = get_word(priv);
368 get_word(priv);
369
370 eth_hdr = (struct ether_hdr *)(priv->rxp);
371
372
373 if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) {
374 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n");
375 netdev_err(priv->net_dev,
376 "eth_hdrernet->h_dest=%02X:%02X:%02X:%02X:%02X:%02X\n",
377 eth_hdr->h_source[0], eth_hdr->h_source[1],
378 eth_hdr->h_source[2], eth_hdr->h_source[3],
379 eth_hdr->h_source[4], eth_hdr->h_source[5]);
380 priv->nstats.rx_errors++;
381 return;
382 }
383
384
385 if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) {
386 ret = hostif_data_indication_wpa(priv, auth_type);
387 if (ret)
388 return;
389 }
390
391 if ((priv->connect_status & FORCE_DISCONNECT) ||
392 priv->wpa.mic_failure.failure == 2) {
393 return;
394 }
395
396
397 switch (*(priv->rxp + 12)) {
398 case LLC_SAP_SNAP:
399 rx_ind_size = priv->rx_size - 6;
400 skb = dev_alloc_skb(rx_ind_size);
401 if (!skb) {
402 priv->nstats.rx_dropped++;
403 return;
404 }
405 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n",
406 rx_ind_size);
407
408 size = ETH_ALEN * 2;
409 skb_put_data(skb, priv->rxp, size);
410
411
412
413 size = rx_ind_size - (ETH_ALEN * 2);
414 skb_put_data(skb, ð_hdr->h_proto, size);
415
416 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE);
417 break;
418 case LLC_SAP_NETBEUI:
419 rx_ind_size = (priv->rx_size + 2);
420 skb = dev_alloc_skb(rx_ind_size);
421 if (!skb) {
422 priv->nstats.rx_dropped++;
423 return;
424 }
425 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n",
426 rx_ind_size);
427
428
429 skb_put_data(skb, priv->rxp, 12);
430
431
432 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff);
433 temp[1] = ((rx_ind_size - 12) & 0xff);
434 skb_put_data(skb, temp, 2);
435
436
437 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14);
438
439 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14);
440 break;
441 default:
442 netdev_err(priv->net_dev, "invalid data format\n");
443 priv->nstats.rx_errors++;
444 return;
445 }
446
447 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY &&
448 priv->wpa.rsn_enabled)
449 atomic_set(&priv->psstatus.snooze_guard, 1);
450
451
452 skb->dev = priv->net_dev;
453 skb->protocol = eth_type_trans(skb, skb->dev);
454 priv->nstats.rx_packets++;
455 priv->nstats.rx_bytes += rx_ind_size;
456 netif_rx(skb);
457}
458
459static
460void hostif_mib_get_confirm(struct ks_wlan_private *priv)
461{
462 struct net_device *dev = priv->net_dev;
463 u32 mib_status;
464 u32 mib_attribute;
465 u16 mib_val_size;
466 u16 mib_val_type;
467
468 mib_status = get_dword(priv);
469 mib_attribute = get_dword(priv);
470 mib_val_size = get_word(priv);
471 mib_val_type = get_word(priv);
472
473 if (mib_status) {
474 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n",
475 mib_attribute, mib_status);
476 return;
477 }
478
479 switch (mib_attribute) {
480 case DOT11_MAC_ADDRESS:
481 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS);
482 ether_addr_copy(priv->eth_addr, priv->rxp);
483 priv->mac_address_valid = true;
484 ether_addr_copy(dev->dev_addr, priv->eth_addr);
485 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr);
486 break;
487 case DOT11_PRODUCT_VERSION:
488 priv->version_size = priv->rx_size;
489 memcpy(priv->firmware_version, priv->rxp, priv->rx_size);
490 priv->firmware_version[priv->rx_size] = '\0';
491 netdev_info(dev, "firmware ver. = %s\n",
492 priv->firmware_version);
493 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION);
494
495 complete(&priv->confirm_wait);
496 break;
497 case LOCAL_GAIN:
498 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain));
499 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n",
500 priv->gain.tx_mode, priv->gain.rx_mode,
501 priv->gain.tx_gain, priv->gain.rx_gain);
502 break;
503 case LOCAL_EEPROM_SUM:
504 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum));
505 if (priv->eeprom_sum.type != 0 &&
506 priv->eeprom_sum.type != 1) {
507 netdev_err(dev, "LOCAL_EEPROM_SUM error!\n");
508 return;
509 }
510 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ?
511 EEPROM_CHECKSUM_NONE :
512 (priv->eeprom_sum.result == 0) ?
513 EEPROM_NG : EEPROM_OK;
514 break;
515 default:
516 netdev_err(priv->net_dev, "mib_attribute=%08x\n",
517 (unsigned int)mib_attribute);
518 break;
519 }
520}
521
522static
523void hostif_mib_set_confirm(struct ks_wlan_private *priv)
524{
525 u32 mib_status;
526 u32 mib_attribute;
527
528 mib_status = get_dword(priv);
529 mib_attribute = get_dword(priv);
530
531 if (mib_status) {
532
533 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n",
534 mib_attribute, mib_status);
535 }
536
537 switch (mib_attribute) {
538 case DOT11_RTS_THRESHOLD:
539 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM);
540 break;
541 case DOT11_FRAGMENTATION_THRESHOLD:
542 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM);
543 break;
544 case DOT11_WEP_DEFAULT_KEY_ID:
545 if (!priv->wpa.wpa_enabled)
546 hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM);
547 break;
548 case DOT11_WEP_DEFAULT_KEY_VALUE1:
549 if (priv->wpa.rsn_enabled)
550 hostif_sme_enqueue(priv, SME_SET_PMK_TSC);
551 else
552 hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM);
553 break;
554 case DOT11_WEP_DEFAULT_KEY_VALUE2:
555 if (priv->wpa.rsn_enabled)
556 hostif_sme_enqueue(priv, SME_SET_GMK1_TSC);
557 else
558 hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM);
559 break;
560 case DOT11_WEP_DEFAULT_KEY_VALUE3:
561 if (priv->wpa.rsn_enabled)
562 hostif_sme_enqueue(priv, SME_SET_GMK2_TSC);
563 else
564 hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM);
565 break;
566 case DOT11_WEP_DEFAULT_KEY_VALUE4:
567 if (!priv->wpa.rsn_enabled)
568 hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM);
569 break;
570 case DOT11_PRIVACY_INVOKED:
571 if (!priv->wpa.rsn_enabled)
572 hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM);
573 break;
574 case DOT11_RSN_ENABLED:
575 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM);
576 break;
577 case LOCAL_RSN_MODE:
578 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM);
579 break;
580 case LOCAL_MULTICAST_ADDRESS:
581 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST);
582 break;
583 case LOCAL_MULTICAST_FILTER:
584 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM);
585 break;
586 case LOCAL_CURRENTADDRESS:
587 priv->mac_address_valid = true;
588 break;
589 case DOT11_RSN_CONFIG_MULTICAST_CIPHER:
590 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM);
591 break;
592 case DOT11_RSN_CONFIG_UNICAST_CIPHER:
593 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM);
594 break;
595 case DOT11_RSN_CONFIG_AUTH_SUITE:
596 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM);
597 break;
598 case DOT11_GMK1_TSC:
599 if (atomic_read(&priv->psstatus.snooze_guard))
600 atomic_set(&priv->psstatus.snooze_guard, 0);
601 break;
602 case DOT11_GMK2_TSC:
603 if (atomic_read(&priv->psstatus.snooze_guard))
604 atomic_set(&priv->psstatus.snooze_guard, 0);
605 break;
606 case DOT11_PMK_TSC:
607 case LOCAL_PMK:
608 case LOCAL_GAIN:
609 case LOCAL_WPS_ENABLE:
610 case LOCAL_WPS_PROBE_REQ:
611 case LOCAL_REGION:
612 default:
613 break;
614 }
615}
616
617static
618void hostif_power_mgmt_confirm(struct ks_wlan_private *priv)
619{
620 if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE &&
621 priv->reg.operation_mode == MODE_INFRASTRUCTURE) {
622 atomic_set(&priv->psstatus.confirm_wait, 0);
623 priv->dev_state = DEVICE_STATE_SLEEP;
624 ks_wlan_hw_power_save(priv);
625 } else {
626 priv->dev_state = DEVICE_STATE_READY;
627 }
628}
629
630static
631void hostif_sleep_confirm(struct ks_wlan_private *priv)
632{
633 atomic_set(&priv->sleepstatus.doze_request, 1);
634 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
635}
636
637static
638void hostif_start_confirm(struct ks_wlan_private *priv)
639{
640 union iwreq_data wrqu;
641
642 wrqu.data.length = 0;
643 wrqu.data.flags = 0;
644 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
645 if (is_connect_status(priv->connect_status)) {
646 eth_zero_addr(wrqu.ap_addr.sa_data);
647 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
648 }
649 netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count);
650 hostif_sme_enqueue(priv, SME_START_CONFIRM);
651}
652
653static
654void hostif_connect_indication(struct ks_wlan_private *priv)
655{
656 u16 connect_code;
657 unsigned int tmp = 0;
658 unsigned int old_status = priv->connect_status;
659 struct net_device *netdev = priv->net_dev;
660 union iwreq_data wrqu0;
661
662 connect_code = get_word(priv);
663
664 switch (connect_code) {
665 case RESULT_CONNECT:
666 if (!(priv->connect_status & FORCE_DISCONNECT))
667 netif_carrier_on(netdev);
668 tmp = FORCE_DISCONNECT & priv->connect_status;
669 priv->connect_status = tmp + CONNECT_STATUS;
670 break;
671 case RESULT_DISCONNECT:
672 netif_carrier_off(netdev);
673 tmp = FORCE_DISCONNECT & priv->connect_status;
674 priv->connect_status = tmp + DISCONNECT_STATUS;
675 break;
676 default:
677 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n",
678 connect_code, priv->scan_ind_count);
679 netif_carrier_off(netdev);
680 tmp = FORCE_DISCONNECT & priv->connect_status;
681 priv->connect_status = tmp + DISCONNECT_STATUS;
682 break;
683 }
684
685 get_current_ap(priv, (struct link_ap_info *)priv->rxp);
686 if (is_connect_status(priv->connect_status) &&
687 is_disconnect_status(old_status)) {
688
689 atomic_set(&priv->psstatus.snooze_guard, 0);
690 atomic_set(&priv->psstatus.confirm_wait, 0);
691 }
692 ks_wlan_do_power_save(priv);
693
694 wrqu0.data.length = 0;
695 wrqu0.data.flags = 0;
696 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
697 if (is_disconnect_status(priv->connect_status) &&
698 is_connect_status(old_status)) {
699 eth_zero_addr(wrqu0.ap_addr.sa_data);
700 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n",
701 priv->scan_ind_count);
702 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
703 }
704 priv->scan_ind_count = 0;
705}
706
707static
708void hostif_scan_indication(struct ks_wlan_private *priv)
709{
710 int i;
711 struct ap_info *ap_info;
712
713 netdev_dbg(priv->net_dev,
714 "scan_ind_count = %d\n", priv->scan_ind_count);
715 ap_info = (struct ap_info *)(priv->rxp);
716
717 if (priv->scan_ind_count) {
718
719 for (i = 0; i < priv->aplist.size; i++) {
720 u8 *bssid = priv->aplist.ap[i].bssid;
721
722 if (ether_addr_equal(ap_info->bssid, bssid))
723 continue;
724
725 if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP)
726 get_ap_information(priv, ap_info,
727 &priv->aplist.ap[i]);
728 return;
729 }
730 }
731 priv->scan_ind_count++;
732 if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) {
733 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n",
734 priv->scan_ind_count, priv->aplist.size);
735 get_ap_information(priv, (struct ap_info *)(priv->rxp),
736 &(priv->aplist.ap[priv->scan_ind_count - 1]));
737 priv->aplist.size = priv->scan_ind_count;
738 } else {
739 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n",
740 priv->scan_ind_count);
741 }
742}
743
744static
745void hostif_stop_confirm(struct ks_wlan_private *priv)
746{
747 unsigned int tmp = 0;
748 unsigned int old_status = priv->connect_status;
749 struct net_device *netdev = priv->net_dev;
750 union iwreq_data wrqu0;
751
752 if (priv->dev_state == DEVICE_STATE_SLEEP)
753 priv->dev_state = DEVICE_STATE_READY;
754
755
756 if (is_connect_status(priv->connect_status)) {
757 netif_carrier_off(netdev);
758 tmp = FORCE_DISCONNECT & priv->connect_status;
759 priv->connect_status = tmp | DISCONNECT_STATUS;
760 netdev_info(netdev, "IWEVENT: disconnect\n");
761
762 wrqu0.data.length = 0;
763 wrqu0.data.flags = 0;
764 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
765 if (is_disconnect_status(priv->connect_status) &&
766 is_connect_status(old_status)) {
767 eth_zero_addr(wrqu0.ap_addr.sa_data);
768 netdev_info(netdev, "IWEVENT: disconnect\n");
769 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
770 }
771 priv->scan_ind_count = 0;
772 }
773
774 hostif_sme_enqueue(priv, SME_STOP_CONFIRM);
775}
776
777static
778void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv)
779{
780 priv->infra_status = 0;
781 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
782}
783
784static
785void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv)
786{
787 u16 result_code;
788
789 result_code = get_word(priv);
790 priv->infra_status = 1;
791 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
792}
793
794static
795void hostif_adhoc_set_confirm(struct ks_wlan_private *priv)
796{
797 priv->infra_status = 1;
798 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
799}
800
801static
802void hostif_associate_indication(struct ks_wlan_private *priv)
803{
804 struct association_request *assoc_req;
805 struct association_response *assoc_resp;
806 unsigned char *pb;
807 union iwreq_data wrqu;
808 char buf[IW_CUSTOM_MAX];
809 char *pbuf = &buf[0];
810 int i;
811
812 static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs=";
813 static const char associnfo_leader1[] = " RespIEs=";
814
815 assoc_req = (struct association_request *)(priv->rxp);
816 assoc_resp = (struct association_response *)(assoc_req + 1);
817 pb = (unsigned char *)(assoc_resp + 1);
818
819 memset(&wrqu, 0, sizeof(wrqu));
820 memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1);
821 wrqu.data.length += sizeof(associnfo_leader0) - 1;
822 pbuf += sizeof(associnfo_leader0) - 1;
823
824 for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++)
825 pbuf += sprintf(pbuf, "%02x", *(pb + i));
826 wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2;
827
828 memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1);
829 wrqu.data.length += sizeof(associnfo_leader1) - 1;
830 pbuf += sizeof(associnfo_leader1) - 1;
831
832 pb += le16_to_cpu(assoc_req->req_ies_size);
833 for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++)
834 pbuf += sprintf(pbuf, "%02x", *(pb + i));
835 wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2;
836
837 pbuf += sprintf(pbuf, ")");
838 wrqu.data.length += 1;
839
840 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf);
841}
842
843static
844void hostif_bss_scan_confirm(struct ks_wlan_private *priv)
845{
846 u32 result_code;
847 struct net_device *dev = priv->net_dev;
848 union iwreq_data wrqu;
849
850 result_code = get_dword(priv);
851 netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n",
852 result_code, priv->scan_ind_count);
853
854 priv->sme_i.sme_flag &= ~SME_AP_SCAN;
855 hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM);
856
857 wrqu.data.length = 0;
858 wrqu.data.flags = 0;
859 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
860 priv->scan_ind_count = 0;
861}
862
863static
864void hostif_phy_information_confirm(struct ks_wlan_private *priv)
865{
866 struct iw_statistics *wstats = &priv->wstats;
867 u8 rssi, signal, noise;
868 u8 link_speed;
869 u32 transmitted_frame_count, received_fragment_count;
870 u32 failed_count, fcs_error_count;
871
872 rssi = get_byte(priv);
873 signal = get_byte(priv);
874 noise = get_byte(priv);
875 link_speed = get_byte(priv);
876 transmitted_frame_count = get_dword(priv);
877 received_fragment_count = get_dword(priv);
878 failed_count = get_dword(priv);
879 fcs_error_count = get_dword(priv);
880
881 netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n",
882 rssi, signal);
883 priv->current_rate = (link_speed & RATE_MASK);
884 wstats->qual.qual = signal;
885 wstats->qual.level = 256 - rssi;
886 wstats->qual.noise = 0;
887 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
888
889 netdev_dbg(priv->net_dev, "\n rssi=%u\n"
890 " signal=%u\n"
891 " link_speed=%ux500Kbps\n"
892 " transmitted_frame_count=%u\n"
893 " received_fragment_count=%u\n"
894 " failed_count=%u\n"
895 " fcs_error_count=%u\n",
896 rssi, signal, link_speed, transmitted_frame_count,
897 received_fragment_count, failed_count, fcs_error_count);
898
899 complete(&priv->confirm_wait);
900}
901
902static
903void hostif_mic_failure_confirm(struct ks_wlan_private *priv)
904{
905 netdev_dbg(priv->net_dev, "mic_failure=%u\n",
906 priv->wpa.mic_failure.failure);
907 hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM);
908}
909
910static
911void hostif_event_check(struct ks_wlan_private *priv)
912{
913 u16 event;
914
915 event = get_word(priv);
916 switch (event) {
917 case HIF_DATA_IND:
918 hostif_data_indication(priv);
919 break;
920 case HIF_MIB_GET_CONF:
921 hostif_mib_get_confirm(priv);
922 break;
923 case HIF_MIB_SET_CONF:
924 hostif_mib_set_confirm(priv);
925 break;
926 case HIF_POWER_MGMT_CONF:
927 hostif_power_mgmt_confirm(priv);
928 break;
929 case HIF_SLEEP_CONF:
930 hostif_sleep_confirm(priv);
931 break;
932 case HIF_START_CONF:
933 hostif_start_confirm(priv);
934 break;
935 case HIF_CONNECT_IND:
936 hostif_connect_indication(priv);
937 break;
938 case HIF_STOP_CONF:
939 hostif_stop_confirm(priv);
940 break;
941 case HIF_PS_ADH_SET_CONF:
942 hostif_ps_adhoc_set_confirm(priv);
943 break;
944 case HIF_INFRA_SET_CONF:
945 case HIF_INFRA_SET2_CONF:
946 hostif_infrastructure_set_confirm(priv);
947 break;
948 case HIF_ADH_SET_CONF:
949 case HIF_ADH_SET2_CONF:
950 hostif_adhoc_set_confirm(priv);
951 break;
952 case HIF_ASSOC_INFO_IND:
953 hostif_associate_indication(priv);
954 break;
955 case HIF_MIC_FAILURE_CONF:
956 hostif_mic_failure_confirm(priv);
957 break;
958 case HIF_SCAN_CONF:
959 hostif_bss_scan_confirm(priv);
960 break;
961 case HIF_PHY_INFO_CONF:
962 case HIF_PHY_INFO_IND:
963 hostif_phy_information_confirm(priv);
964 break;
965 case HIF_SCAN_IND:
966 hostif_scan_indication(priv);
967 break;
968 case HIF_AP_SET_CONF:
969 default:
970 netdev_err(priv->net_dev, "undefined event[%04X]\n", event);
971
972 complete(&priv->confirm_wait);
973 break;
974 }
975
976
977 priv->hostt.buff[priv->hostt.qtail] = event;
978 priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE;
979}
980
981
982static void *hostif_generic_request(size_t size, int event)
983{
984 struct hostif_hdr *p;
985
986 p = kzalloc(hif_align_size(size), GFP_ATOMIC);
987 if (!p)
988 return NULL;
989
990 p->size = cpu_to_le16(size - sizeof(p->size));
991 p->event = cpu_to_le16(event);
992
993 return p;
994}
995
996int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb)
997{
998 unsigned int skb_len = 0;
999 unsigned char *buffer = NULL;
1000 unsigned int length = 0;
1001 struct hostif_data_request *pp;
1002 unsigned char *p;
1003 int result = 0;
1004 unsigned short eth_proto;
1005 struct ether_hdr *eth_hdr;
1006 struct michael_mic michael_mic;
1007 unsigned short keyinfo = 0;
1008 struct ieee802_1x_hdr *aa1x_hdr;
1009 struct wpa_eapol_key *eap_key;
1010 struct ethhdr *eth;
1011 size_t size;
1012 int ret;
1013
1014 skb_len = skb->len;
1015 if (skb_len > ETH_FRAME_LEN) {
1016 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len);
1017 ret = -EOVERFLOW;
1018 goto err_kfree_skb;
1019 }
1020
1021 if (is_disconnect_status(priv->connect_status) ||
1022 (priv->connect_status & FORCE_DISCONNECT) ||
1023 priv->wpa.mic_failure.stop) {
1024 if (netif_queue_stopped(priv->net_dev))
1025 netif_wake_queue(priv->net_dev);
1026 if (skb)
1027 dev_kfree_skb(skb);
1028
1029 return 0;
1030 }
1031
1032
1033 if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) {
1034 if (!netif_queue_stopped(priv->net_dev))
1035 netif_stop_queue(priv->net_dev);
1036 }
1037
1038 size = sizeof(*pp) + 6 + skb_len + 8;
1039 pp = kmalloc(hif_align_size(size), GFP_ATOMIC);
1040 if (!pp) {
1041 ret = -ENOMEM;
1042 goto err_kfree_skb;
1043 }
1044
1045 p = (unsigned char *)pp->data;
1046
1047 buffer = skb->data;
1048 length = skb->len;
1049
1050
1051 eth = (struct ethhdr *)skb->data;
1052 if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) {
1053 netdev_err(priv->net_dev,
1054 "Invalid mac address: ethernet->h_source=%pM\n",
1055 eth->h_source);
1056 ret = -ENXIO;
1057 goto err_kfree;
1058 }
1059
1060
1061 size = ETH_ALEN * 2;
1062 memcpy(p, buffer, size);
1063 p += size;
1064 buffer += size;
1065 length -= size;
1066
1067
1068 if (*(buffer + 1) + (*buffer << 8) > 1500) {
1069
1070
1071 *p++ = 0xAA;
1072 *p++ = 0xAA;
1073 *p++ = 0x03;
1074 *p++ = 0x00;
1075 *p++ = 0x00;
1076 *p++ = 0x00;
1077 skb_len += 6;
1078 } else {
1079
1080 buffer += 2;
1081 length -= 2;
1082 skb_len -= 2;
1083 }
1084
1085
1086 memcpy(p, buffer, length);
1087
1088 p += length;
1089
1090
1091 eth_hdr = (struct ether_hdr *)&pp->data[0];
1092 eth_proto = ntohs(eth_hdr->h_proto);
1093
1094
1095 if (eth_proto == ETH_P_PAE &&
1096 priv->wpa.mic_failure.failure > 0) {
1097 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1);
1098 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) {
1099 eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1);
1100 keyinfo = ntohs(eap_key->key_info);
1101 }
1102 }
1103
1104 if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) {
1105
1106 if (eth_proto == ETH_P_PAE &&
1107 priv->wpa.key[1].key_len == 0 &&
1108 priv->wpa.key[2].key_len == 0 &&
1109 priv->wpa.key[3].key_len == 0) {
1110 pp->auth_type = cpu_to_le16(TYPE_AUTH);
1111 } else {
1112 if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) {
1113 michael_mic_function(&michael_mic,
1114 priv->wpa.key[0].tx_mic_key,
1115 &pp->data[0], skb_len,
1116 0, michael_mic.result);
1117 memcpy(p, michael_mic.result, 8);
1118 length += 8;
1119 skb_len += 8;
1120 p += 8;
1121 pp->auth_type =
1122 cpu_to_le16(TYPE_DATA);
1123
1124 } else if (priv->wpa.pairwise_suite ==
1125 IW_AUTH_CIPHER_CCMP) {
1126 pp->auth_type =
1127 cpu_to_le16(TYPE_DATA);
1128 }
1129 }
1130 } else {
1131 if (eth_proto == ETH_P_PAE)
1132 pp->auth_type = cpu_to_le16(TYPE_AUTH);
1133 else
1134 pp->auth_type = cpu_to_le16(TYPE_DATA);
1135 }
1136
1137
1138 pp->header.size =
1139 cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len));
1140 pp->header.event = cpu_to_le16(HIF_DATA_REQ);
1141
1142
1143 result = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len),
1144 send_packet_complete, skb);
1145
1146
1147 if (eth_proto == ETH_P_PAE &&
1148 priv->wpa.mic_failure.failure > 0) {
1149 if (keyinfo & WPA_KEY_INFO_ERROR &&
1150 keyinfo & WPA_KEY_INFO_REQUEST) {
1151 netdev_err(priv->net_dev,
1152 "MIC ERROR Report SET : %04X\n", keyinfo);
1153 hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST);
1154 }
1155 if (priv->wpa.mic_failure.failure == 2)
1156 priv->wpa.mic_failure.stop = 1;
1157 }
1158
1159 return result;
1160
1161err_kfree:
1162 kfree(pp);
1163err_kfree_skb:
1164 dev_kfree_skb(skb);
1165
1166 return ret;
1167}
1168
1169static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv)
1170{
1171 if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET)
1172 atomic_inc(&priv->psstatus.confirm_wait);
1173}
1174
1175static inline void send_request_to_device(struct ks_wlan_private *priv,
1176 void *data, size_t size)
1177{
1178 ps_confirm_wait_inc(priv);
1179 ks_wlan_hw_tx(priv, data, size, NULL, NULL);
1180}
1181
1182static void hostif_mib_get_request(struct ks_wlan_private *priv,
1183 u32 mib_attribute)
1184{
1185 struct hostif_mib_get_request *pp;
1186
1187 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ);
1188 if (!pp)
1189 return;
1190
1191 pp->mib_attribute = cpu_to_le32(mib_attribute);
1192
1193 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1194}
1195
1196static void hostif_mib_set_request(struct ks_wlan_private *priv,
1197 enum mib_attribute attr,
1198 enum mib_data_type type,
1199 void *data, size_t size)
1200{
1201 struct hostif_mib_set_request_t *pp;
1202
1203 if (priv->dev_state < DEVICE_STATE_BOOT)
1204 return;
1205
1206 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ);
1207 if (!pp)
1208 return;
1209
1210 pp->mib_attribute = cpu_to_le32(attr);
1211 pp->mib_value.size = cpu_to_le16(size);
1212 pp->mib_value.type = cpu_to_le16(type);
1213 memcpy(&pp->mib_value.body, data, size);
1214
1215 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size));
1216}
1217
1218static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv,
1219 enum mib_attribute attr, int val)
1220{
1221 __le32 v = cpu_to_le32(val);
1222 size_t size = sizeof(v);
1223
1224 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size);
1225}
1226
1227static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv,
1228 enum mib_attribute attr,
1229 bool val)
1230{
1231 __le32 v = cpu_to_le32(val);
1232 size_t size = sizeof(v);
1233
1234 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size);
1235}
1236
1237static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv,
1238 enum mib_attribute attr,
1239 void *data, size_t size)
1240{
1241 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size);
1242}
1243
1244static
1245void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode)
1246{
1247 struct hostif_start_request *pp;
1248
1249 pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ);
1250 if (!pp)
1251 return;
1252
1253 pp->mode = cpu_to_le16(mode);
1254
1255 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1256
1257 priv->aplist.size = 0;
1258 priv->scan_ind_count = 0;
1259}
1260
1261static __le16 ks_wlan_cap(struct ks_wlan_private *priv)
1262{
1263 u16 capability = 0x0000;
1264
1265 if (priv->reg.preamble == SHORT_PREAMBLE)
1266 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE;
1267
1268 capability &= ~(WLAN_CAPABILITY_PBCC);
1269
1270 if (priv->reg.phy_type != D_11B_ONLY_MODE) {
1271 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
1272 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM);
1273 }
1274
1275 return cpu_to_le16(capability);
1276}
1277
1278static void init_request(struct ks_wlan_private *priv,
1279 struct hostif_request *req)
1280{
1281 req->phy_type = cpu_to_le16(priv->reg.phy_type);
1282 req->cts_mode = cpu_to_le16(priv->reg.cts_mode);
1283 req->scan_type = cpu_to_le16(priv->reg.scan_type);
1284 req->rate_set.size = priv->reg.rate_set.size;
1285 req->capability = ks_wlan_cap(priv);
1286 memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0],
1287 priv->reg.rate_set.size);
1288}
1289
1290static
1291void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv)
1292{
1293 struct hostif_ps_adhoc_set_request *pp;
1294
1295 pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ);
1296 if (!pp)
1297 return;
1298
1299 init_request(priv, &pp->request);
1300 pp->channel = cpu_to_le16(priv->reg.channel);
1301
1302 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1303}
1304
1305static
1306void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event)
1307{
1308 struct hostif_infrastructure_set_request *pp;
1309
1310 pp = hostif_generic_request(sizeof(*pp), event);
1311 if (!pp)
1312 return;
1313
1314 init_request(priv, &pp->request);
1315 pp->ssid.size = priv->reg.ssid.size;
1316 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1317 pp->beacon_lost_count =
1318 cpu_to_le16(priv->reg.beacon_lost_count);
1319 pp->auth_type = cpu_to_le16(priv->reg.authenticate_type);
1320
1321 pp->channel_list.body[0] = 1;
1322 pp->channel_list.body[1] = 8;
1323 pp->channel_list.body[2] = 2;
1324 pp->channel_list.body[3] = 9;
1325 pp->channel_list.body[4] = 3;
1326 pp->channel_list.body[5] = 10;
1327 pp->channel_list.body[6] = 4;
1328 pp->channel_list.body[7] = 11;
1329 pp->channel_list.body[8] = 5;
1330 pp->channel_list.body[9] = 12;
1331 pp->channel_list.body[10] = 6;
1332 pp->channel_list.body[11] = 13;
1333 pp->channel_list.body[12] = 7;
1334 if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1335 pp->channel_list.size = 13;
1336 } else {
1337 pp->channel_list.body[13] = 14;
1338 pp->channel_list.size = 14;
1339 }
1340
1341 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1342}
1343
1344static
1345void hostif_adhoc_set_request(struct ks_wlan_private *priv)
1346{
1347 struct hostif_adhoc_set_request *pp;
1348
1349 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1350 if (!pp)
1351 return;
1352
1353 init_request(priv, &pp->request);
1354 pp->channel = cpu_to_le16(priv->reg.channel);
1355 pp->ssid.size = priv->reg.ssid.size;
1356 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1357
1358 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1359}
1360
1361static
1362void hostif_adhoc_set2_request(struct ks_wlan_private *priv)
1363{
1364 struct hostif_adhoc_set2_request *pp;
1365
1366 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1367 if (!pp)
1368 return;
1369
1370 init_request(priv, &pp->request);
1371 pp->ssid.size = priv->reg.ssid.size;
1372 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1373
1374 pp->channel_list.body[0] = priv->reg.channel;
1375 pp->channel_list.size = 1;
1376 memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN);
1377
1378 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1379}
1380
1381static
1382void hostif_stop_request(struct ks_wlan_private *priv)
1383{
1384 struct hostif_stop_request *pp;
1385
1386 pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ);
1387 if (!pp)
1388 return;
1389
1390 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1391}
1392
1393static
1394void hostif_phy_information_request(struct ks_wlan_private *priv)
1395{
1396 struct hostif_phy_information_request *pp;
1397
1398 pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ);
1399 if (!pp)
1400 return;
1401
1402 if (priv->reg.phy_info_timer) {
1403 pp->type = cpu_to_le16(TIME_TYPE);
1404 pp->time = cpu_to_le16(priv->reg.phy_info_timer);
1405 } else {
1406 pp->type = cpu_to_le16(NORMAL_TYPE);
1407 pp->time = cpu_to_le16(0);
1408 }
1409
1410 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1411}
1412
1413static
1414void hostif_power_mgmt_request(struct ks_wlan_private *priv,
1415 u32 mode, u32 wake_up, u32 receive_dtims)
1416{
1417 struct hostif_power_mgmt_request *pp;
1418
1419 pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ);
1420 if (!pp)
1421 return;
1422
1423 pp->mode = cpu_to_le32(mode);
1424 pp->wake_up = cpu_to_le32(wake_up);
1425 pp->receive_dtims = cpu_to_le32(receive_dtims);
1426
1427 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1428}
1429
1430static
1431void hostif_sleep_request(struct ks_wlan_private *priv,
1432 enum sleep_mode_type mode)
1433{
1434 struct hostif_sleep_request *pp;
1435
1436 if (mode == SLP_SLEEP) {
1437 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ);
1438 if (!pp)
1439 return;
1440
1441 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1442 } else if (mode == SLP_ACTIVE) {
1443 atomic_set(&priv->sleepstatus.wakeup_request, 1);
1444 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
1445 } else {
1446 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode);
1447 return;
1448 }
1449}
1450
1451static
1452void hostif_bss_scan_request(struct ks_wlan_private *priv,
1453 unsigned long scan_type, u8 *scan_ssid,
1454 u8 scan_ssid_len)
1455{
1456 struct hostif_bss_scan_request *pp;
1457
1458 pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ);
1459 if (!pp)
1460 return;
1461
1462 pp->scan_type = scan_type;
1463
1464 pp->ch_time_min = cpu_to_le32(110);
1465 pp->ch_time_max = cpu_to_le32(130);
1466 pp->channel_list.body[0] = 1;
1467 pp->channel_list.body[1] = 8;
1468 pp->channel_list.body[2] = 2;
1469 pp->channel_list.body[3] = 9;
1470 pp->channel_list.body[4] = 3;
1471 pp->channel_list.body[5] = 10;
1472 pp->channel_list.body[6] = 4;
1473 pp->channel_list.body[7] = 11;
1474 pp->channel_list.body[8] = 5;
1475 pp->channel_list.body[9] = 12;
1476 pp->channel_list.body[10] = 6;
1477 pp->channel_list.body[11] = 13;
1478 pp->channel_list.body[12] = 7;
1479 if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1480 pp->channel_list.size = 13;
1481 } else {
1482 pp->channel_list.body[13] = 14;
1483 pp->channel_list.size = 14;
1484 }
1485 pp->ssid.size = 0;
1486
1487
1488 if (scan_ssid_len > 0 && scan_ssid_len <= 32) {
1489 pp->ssid.size = scan_ssid_len;
1490 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len);
1491 }
1492
1493 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1494
1495 priv->aplist.size = 0;
1496 priv->scan_ind_count = 0;
1497}
1498
1499static
1500void hostif_mic_failure_request(struct ks_wlan_private *priv,
1501 u16 failure_count, u16 timer)
1502{
1503 struct hostif_mic_failure_request *pp;
1504
1505 pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ);
1506 if (!pp)
1507 return;
1508
1509 pp->failure_count = cpu_to_le16(failure_count);
1510 pp->timer = cpu_to_le16(timer);
1511
1512 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1513}
1514
1515
1516static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p,
1517 unsigned int size)
1518{
1519 if (!priv->is_device_open)
1520 return;
1521
1522 spin_lock(&priv->dev_read_lock);
1523 priv->dev_data[atomic_read(&priv->rec_count)] = p;
1524 priv->dev_size[atomic_read(&priv->rec_count)] = size;
1525
1526 if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) {
1527
1528 atomic_inc(&priv->event_count);
1529 }
1530 atomic_inc(&priv->rec_count);
1531 if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT)
1532 atomic_set(&priv->rec_count, 0);
1533
1534 wake_up_interruptible_all(&priv->devread_wait);
1535
1536 spin_unlock(&priv->dev_read_lock);
1537}
1538
1539void hostif_receive(struct ks_wlan_private *priv, unsigned char *p,
1540 unsigned int size)
1541{
1542 devio_rec_ind(priv, p, size);
1543
1544 priv->rxp = p;
1545 priv->rx_size = size;
1546
1547 if (get_word(priv) == priv->rx_size)
1548 hostif_event_check(priv);
1549}
1550
1551static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type)
1552{
1553 switch (type) {
1554 case SME_WEP_INDEX_REQUEST:
1555 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1556 priv->reg.wep_index);
1557 break;
1558 case SME_WEP_KEY1_REQUEST:
1559 if (priv->wpa.wpa_enabled)
1560 return;
1561 hostif_mib_set_request_ostring(priv,
1562 DOT11_WEP_DEFAULT_KEY_VALUE1,
1563 &priv->reg.wep_key[0].val[0],
1564 priv->reg.wep_key[0].size);
1565 break;
1566 case SME_WEP_KEY2_REQUEST:
1567 if (priv->wpa.wpa_enabled)
1568 return;
1569 hostif_mib_set_request_ostring(priv,
1570 DOT11_WEP_DEFAULT_KEY_VALUE2,
1571 &priv->reg.wep_key[1].val[0],
1572 priv->reg.wep_key[1].size);
1573 break;
1574 case SME_WEP_KEY3_REQUEST:
1575 if (priv->wpa.wpa_enabled)
1576 return;
1577 hostif_mib_set_request_ostring(priv,
1578 DOT11_WEP_DEFAULT_KEY_VALUE3,
1579 &priv->reg.wep_key[2].val[0],
1580 priv->reg.wep_key[2].size);
1581 break;
1582 case SME_WEP_KEY4_REQUEST:
1583 if (priv->wpa.wpa_enabled)
1584 return;
1585 hostif_mib_set_request_ostring(priv,
1586 DOT11_WEP_DEFAULT_KEY_VALUE4,
1587 &priv->reg.wep_key[3].val[0],
1588 priv->reg.wep_key[3].size);
1589 break;
1590 case SME_WEP_FLAG_REQUEST:
1591 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1592 priv->reg.privacy_invoked);
1593 break;
1594 }
1595}
1596
1597struct wpa_suite {
1598 __le16 size;
1599 unsigned char suite[4][CIPHER_ID_LEN];
1600} __packed;
1601
1602struct rsn_mode {
1603 __le32 rsn_mode;
1604 __le16 rsn_capability;
1605} __packed;
1606
1607static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type)
1608{
1609 struct wpa_suite wpa_suite;
1610 struct rsn_mode rsn_mode;
1611 size_t size;
1612 u32 mode;
1613 const u8 *buf = NULL;
1614
1615 memset(&wpa_suite, 0, sizeof(wpa_suite));
1616
1617 switch (type) {
1618 case SME_RSN_UCAST_REQUEST:
1619 wpa_suite.size = cpu_to_le16(1);
1620 switch (priv->wpa.pairwise_suite) {
1621 case IW_AUTH_CIPHER_NONE:
1622 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1623 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1624 break;
1625 case IW_AUTH_CIPHER_WEP40:
1626 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1627 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1628 break;
1629 case IW_AUTH_CIPHER_TKIP:
1630 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1631 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1632 break;
1633 case IW_AUTH_CIPHER_CCMP:
1634 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1635 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1636 break;
1637 case IW_AUTH_CIPHER_WEP104:
1638 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1639 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1640 break;
1641 }
1642
1643 if (buf)
1644 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1645 size = sizeof(wpa_suite.size) +
1646 (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size));
1647 hostif_mib_set_request_ostring(priv,
1648 DOT11_RSN_CONFIG_UNICAST_CIPHER,
1649 &wpa_suite, size);
1650 break;
1651 case SME_RSN_MCAST_REQUEST:
1652 switch (priv->wpa.group_suite) {
1653 case IW_AUTH_CIPHER_NONE:
1654 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1655 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1656 break;
1657 case IW_AUTH_CIPHER_WEP40:
1658 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1659 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1660 break;
1661 case IW_AUTH_CIPHER_TKIP:
1662 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1663 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1664 break;
1665 case IW_AUTH_CIPHER_CCMP:
1666 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1667 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1668 break;
1669 case IW_AUTH_CIPHER_WEP104:
1670 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1671 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1672 break;
1673 }
1674 if (buf)
1675 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1676 hostif_mib_set_request_ostring(priv,
1677 DOT11_RSN_CONFIG_MULTICAST_CIPHER,
1678 &wpa_suite.suite[0][0],
1679 CIPHER_ID_LEN);
1680 break;
1681 case SME_RSN_AUTH_REQUEST:
1682 wpa_suite.size = cpu_to_le16(1);
1683 switch (priv->wpa.key_mgmt_suite) {
1684 case IW_AUTH_KEY_MGMT_802_1X:
1685 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1686 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X;
1687 break;
1688 case IW_AUTH_KEY_MGMT_PSK:
1689 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1690 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK;
1691 break;
1692 case 0:
1693 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1694 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE;
1695 break;
1696 case 4:
1697 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1698 KEY_MGMT_ID_WPA2_WPANONE :
1699 KEY_MGMT_ID_WPA_WPANONE;
1700 break;
1701 }
1702
1703 if (buf)
1704 memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN);
1705 size = sizeof(wpa_suite.size) +
1706 (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size));
1707 hostif_mib_set_request_ostring(priv,
1708 DOT11_RSN_CONFIG_AUTH_SUITE,
1709 &wpa_suite, size);
1710 break;
1711 case SME_RSN_ENABLED_REQUEST:
1712 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED,
1713 priv->wpa.rsn_enabled);
1714 break;
1715 case SME_RSN_MODE_REQUEST:
1716 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1717 RSN_MODE_WPA2 :
1718 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ?
1719 RSN_MODE_WPA : RSN_MODE_NONE;
1720 rsn_mode.rsn_mode = cpu_to_le32(mode);
1721 rsn_mode.rsn_capability = cpu_to_le16(0);
1722 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE,
1723 &rsn_mode, sizeof(rsn_mode));
1724 break;
1725 }
1726}
1727
1728static
1729void hostif_sme_mode_setup(struct ks_wlan_private *priv)
1730{
1731 unsigned char rate_size;
1732 unsigned char rate_octet[RATE_SET_MAX_SIZE];
1733 int i = 0;
1734
1735
1736 if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) {
1737 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1738 priv->reg.rate_set.body[3] = TX_RATE_11M;
1739 priv->reg.rate_set.body[2] = TX_RATE_5M;
1740 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1741 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1742 priv->reg.rate_set.size = 4;
1743 } else {
1744 priv->reg.rate_set.body[11] = TX_RATE_54M;
1745 priv->reg.rate_set.body[10] = TX_RATE_48M;
1746 priv->reg.rate_set.body[9] = TX_RATE_36M;
1747 priv->reg.rate_set.body[8] = TX_RATE_18M;
1748 priv->reg.rate_set.body[7] = TX_RATE_9M;
1749 priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE;
1750 priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE;
1751 priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE;
1752 priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE;
1753 priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE;
1754 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1755 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1756 priv->reg.rate_set.size = 12;
1757 }
1758 }
1759
1760
1761 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1762 for (i = 0; i < priv->reg.rate_set.size; i++) {
1763 if (!is_11b_rate(priv->reg.rate_set.body[i]))
1764 break;
1765
1766 if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) {
1767 rate_octet[i] = priv->reg.rate_set.body[i] &
1768 RATE_MASK;
1769 } else {
1770 rate_octet[i] = priv->reg.rate_set.body[i];
1771 }
1772 }
1773
1774 } else {
1775 for (i = 0; i < priv->reg.rate_set.size; i++) {
1776 if (!is_11bg_rate(priv->reg.rate_set.body[i]))
1777 break;
1778
1779 if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) {
1780 rate_octet[i] = priv->reg.rate_set.body[i] &
1781 RATE_MASK;
1782 } else {
1783 rate_octet[i] = priv->reg.rate_set.body[i];
1784 }
1785 }
1786 }
1787 rate_size = i;
1788 if (rate_size == 0) {
1789 if (priv->reg.phy_type == D_11G_ONLY_MODE)
1790 rate_octet[0] = TX_RATE_6M | BASIC_RATE;
1791 else
1792 rate_octet[0] = TX_RATE_2M | BASIC_RATE;
1793 rate_size = 1;
1794 }
1795
1796
1797 priv->reg.rate_set.size = rate_size;
1798 memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size);
1799
1800 switch (priv->reg.operation_mode) {
1801 case MODE_PSEUDO_ADHOC:
1802 hostif_ps_adhoc_set_request(priv);
1803 break;
1804 case MODE_INFRASTRUCTURE:
1805 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1806 hostif_infrastructure_set_request(priv,
1807 HIF_INFRA_SET_REQ);
1808 } else {
1809 hostif_infrastructure_set_request(priv,
1810 HIF_INFRA_SET2_REQ);
1811 netdev_dbg(priv->net_dev,
1812 "Infra bssid = %pM\n", priv->reg.bssid);
1813 }
1814 break;
1815 case MODE_ADHOC:
1816 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1817 hostif_adhoc_set_request(priv);
1818 } else {
1819 hostif_adhoc_set2_request(priv);
1820 netdev_dbg(priv->net_dev,
1821 "Adhoc bssid = %pM\n", priv->reg.bssid);
1822 }
1823 break;
1824 default:
1825 break;
1826 }
1827}
1828
1829static
1830void hostif_sme_multicast_set(struct ks_wlan_private *priv)
1831{
1832 struct net_device *dev = priv->net_dev;
1833 int mc_count;
1834 struct netdev_hw_addr *ha;
1835 char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN];
1836 int i = 0;
1837
1838 spin_lock(&priv->multicast_spin);
1839
1840 memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN);
1841
1842 if (dev->flags & IFF_PROMISC) {
1843 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1844 MCAST_FILTER_PROMISC);
1845 goto spin_unlock;
1846 }
1847
1848 if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) ||
1849 (dev->flags & IFF_ALLMULTI)) {
1850 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1851 MCAST_FILTER_MCASTALL);
1852 goto spin_unlock;
1853 }
1854
1855 if (priv->sme_i.sme_flag & SME_MULTICAST) {
1856 mc_count = netdev_mc_count(dev);
1857 netdev_for_each_mc_addr(ha, dev) {
1858 ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr);
1859 i++;
1860 }
1861 priv->sme_i.sme_flag &= ~SME_MULTICAST;
1862 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS,
1863 &set_address[0],
1864 ETH_ALEN * mc_count);
1865 } else {
1866 priv->sme_i.sme_flag |= SME_MULTICAST;
1867 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1868 MCAST_FILTER_MCAST);
1869 }
1870
1871spin_unlock:
1872 spin_unlock(&priv->multicast_spin);
1873}
1874
1875static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv)
1876{
1877 u32 mode, wake_up, receive_dtims;
1878
1879 if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 &&
1880 priv->reg.power_mgmt != POWER_MGMT_SAVE2) {
1881 mode = POWER_ACTIVE;
1882 wake_up = 0;
1883 receive_dtims = 0;
1884 } else {
1885 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ?
1886 POWER_SAVE : POWER_ACTIVE;
1887 wake_up = 0;
1888 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE &&
1889 priv->reg.power_mgmt == POWER_MGMT_SAVE2);
1890 }
1891
1892 hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims);
1893}
1894
1895static void hostif_sme_sleep_set(struct ks_wlan_private *priv)
1896{
1897 if (priv->sleep_mode != SLP_SLEEP &&
1898 priv->sleep_mode != SLP_ACTIVE)
1899 return;
1900
1901 hostif_sleep_request(priv, priv->sleep_mode);
1902}
1903
1904static
1905void hostif_sme_set_key(struct ks_wlan_private *priv, int type)
1906{
1907 switch (type) {
1908 case SME_SET_FLAG:
1909 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1910 priv->reg.privacy_invoked);
1911 break;
1912 case SME_SET_TXKEY:
1913 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1914 priv->wpa.txkey);
1915 break;
1916 case SME_SET_KEY1:
1917 hostif_mib_set_request_ostring(priv,
1918 DOT11_WEP_DEFAULT_KEY_VALUE1,
1919 &priv->wpa.key[0].key_val[0],
1920 priv->wpa.key[0].key_len);
1921 break;
1922 case SME_SET_KEY2:
1923 hostif_mib_set_request_ostring(priv,
1924 DOT11_WEP_DEFAULT_KEY_VALUE2,
1925 &priv->wpa.key[1].key_val[0],
1926 priv->wpa.key[1].key_len);
1927 break;
1928 case SME_SET_KEY3:
1929 hostif_mib_set_request_ostring(priv,
1930 DOT11_WEP_DEFAULT_KEY_VALUE3,
1931 &priv->wpa.key[2].key_val[0],
1932 priv->wpa.key[2].key_len);
1933 break;
1934 case SME_SET_KEY4:
1935 hostif_mib_set_request_ostring(priv,
1936 DOT11_WEP_DEFAULT_KEY_VALUE4,
1937 &priv->wpa.key[3].key_val[0],
1938 priv->wpa.key[3].key_len);
1939 break;
1940 case SME_SET_PMK_TSC:
1941 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC,
1942 &priv->wpa.key[0].rx_seq[0],
1943 WPA_RX_SEQ_LEN);
1944 break;
1945 case SME_SET_GMK1_TSC:
1946 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC,
1947 &priv->wpa.key[1].rx_seq[0],
1948 WPA_RX_SEQ_LEN);
1949 break;
1950 case SME_SET_GMK2_TSC:
1951 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC,
1952 &priv->wpa.key[2].rx_seq[0],
1953 WPA_RX_SEQ_LEN);
1954 break;
1955 }
1956}
1957
1958static
1959void hostif_sme_set_pmksa(struct ks_wlan_private *priv)
1960{
1961 struct pmk_cache {
1962 __le16 size;
1963 struct {
1964 u8 bssid[ETH_ALEN];
1965 u8 pmkid[IW_PMKID_LEN];
1966 } __packed list[PMK_LIST_MAX];
1967 } __packed pmkcache;
1968 struct pmk *pmk;
1969 size_t size;
1970 int i = 0;
1971
1972 list_for_each_entry(pmk, &priv->pmklist.head, list) {
1973 if (i >= PMK_LIST_MAX)
1974 break;
1975 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid);
1976 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN);
1977 i++;
1978 }
1979 pmkcache.size = cpu_to_le16(priv->pmklist.size);
1980 size = sizeof(priv->pmklist.size) +
1981 ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size);
1982 hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size);
1983}
1984
1985
1986static void hostif_sme_execute(struct ks_wlan_private *priv, int event)
1987{
1988 u16 failure;
1989
1990 switch (event) {
1991 case SME_START:
1992 if (priv->dev_state == DEVICE_STATE_BOOT)
1993 hostif_mib_get_request(priv, DOT11_MAC_ADDRESS);
1994 break;
1995 case SME_MULTICAST_REQUEST:
1996 hostif_sme_multicast_set(priv);
1997 break;
1998 case SME_MACADDRESS_SET_REQUEST:
1999 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS,
2000 &priv->eth_addr[0], ETH_ALEN);
2001 break;
2002 case SME_BSS_SCAN_REQUEST:
2003 hostif_bss_scan_request(priv, priv->reg.scan_type,
2004 priv->scan_ssid, priv->scan_ssid_len);
2005 break;
2006 case SME_POW_MNGMT_REQUEST:
2007 hostif_sme_power_mgmt_set(priv);
2008 break;
2009 case SME_PHY_INFO_REQUEST:
2010 hostif_phy_information_request(priv);
2011 break;
2012 case SME_MIC_FAILURE_REQUEST:
2013 failure = priv->wpa.mic_failure.failure;
2014 if (failure != 1 && failure != 2) {
2015 netdev_err(priv->net_dev,
2016 "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n",
2017 failure);
2018 return;
2019 }
2020 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ?
2021 0 : priv->wpa.mic_failure.counter);
2022 break;
2023 case SME_MIC_FAILURE_CONFIRM:
2024 if (priv->wpa.mic_failure.failure == 2) {
2025 if (priv->wpa.mic_failure.stop)
2026 priv->wpa.mic_failure.stop = 0;
2027 priv->wpa.mic_failure.failure = 0;
2028 hostif_start_request(priv, priv->reg.operation_mode);
2029 }
2030 break;
2031 case SME_GET_MAC_ADDRESS:
2032 if (priv->dev_state == DEVICE_STATE_BOOT)
2033 hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION);
2034 break;
2035 case SME_GET_PRODUCT_VERSION:
2036 if (priv->dev_state == DEVICE_STATE_BOOT)
2037 priv->dev_state = DEVICE_STATE_PREINIT;
2038 break;
2039 case SME_STOP_REQUEST:
2040 hostif_stop_request(priv);
2041 break;
2042 case SME_RTS_THRESHOLD_REQUEST:
2043 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD,
2044 priv->reg.rts);
2045 break;
2046 case SME_FRAGMENTATION_THRESHOLD_REQUEST:
2047 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD,
2048 priv->reg.fragment);
2049 break;
2050 case SME_WEP_INDEX_REQUEST:
2051 case SME_WEP_KEY1_REQUEST:
2052 case SME_WEP_KEY2_REQUEST:
2053 case SME_WEP_KEY3_REQUEST:
2054 case SME_WEP_KEY4_REQUEST:
2055 case SME_WEP_FLAG_REQUEST:
2056 hostif_sme_set_wep(priv, event);
2057 break;
2058 case SME_RSN_UCAST_REQUEST:
2059 case SME_RSN_MCAST_REQUEST:
2060 case SME_RSN_AUTH_REQUEST:
2061 case SME_RSN_ENABLED_REQUEST:
2062 case SME_RSN_MODE_REQUEST:
2063 hostif_sme_set_rsn(priv, event);
2064 break;
2065 case SME_SET_FLAG:
2066 case SME_SET_TXKEY:
2067 case SME_SET_KEY1:
2068 case SME_SET_KEY2:
2069 case SME_SET_KEY3:
2070 case SME_SET_KEY4:
2071 case SME_SET_PMK_TSC:
2072 case SME_SET_GMK1_TSC:
2073 case SME_SET_GMK2_TSC:
2074 hostif_sme_set_key(priv, event);
2075 break;
2076 case SME_SET_PMKSA:
2077 hostif_sme_set_pmksa(priv);
2078 break;
2079 case SME_WPS_ENABLE_REQUEST:
2080 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE,
2081 priv->wps.wps_enabled);
2082 break;
2083 case SME_WPS_PROBE_REQUEST:
2084 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ,
2085 priv->wps.ie, priv->wps.ielen);
2086 break;
2087 case SME_MODE_SET_REQUEST:
2088 hostif_sme_mode_setup(priv);
2089 break;
2090 case SME_SET_GAIN:
2091 hostif_mib_set_request_ostring(priv, LOCAL_GAIN,
2092 &priv->gain, sizeof(priv->gain));
2093 break;
2094 case SME_GET_GAIN:
2095 hostif_mib_get_request(priv, LOCAL_GAIN);
2096 break;
2097 case SME_GET_EEPROM_CKSUM:
2098 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT;
2099 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM);
2100 break;
2101 case SME_START_REQUEST:
2102 hostif_start_request(priv, priv->reg.operation_mode);
2103 break;
2104 case SME_START_CONFIRM:
2105
2106 atomic_set(&priv->psstatus.snooze_guard, 0);
2107 atomic_set(&priv->psstatus.confirm_wait, 0);
2108 if (priv->dev_state == DEVICE_STATE_PREINIT)
2109 priv->dev_state = DEVICE_STATE_INIT;
2110
2111 complete(&priv->confirm_wait);
2112 break;
2113 case SME_SLEEP_REQUEST:
2114 hostif_sme_sleep_set(priv);
2115 break;
2116 case SME_SET_REGION:
2117 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region);
2118 break;
2119 case SME_MULTICAST_CONFIRM:
2120 case SME_BSS_SCAN_CONFIRM:
2121 case SME_POW_MNGMT_CONFIRM:
2122 case SME_PHY_INFO_CONFIRM:
2123 case SME_STOP_CONFIRM:
2124 case SME_RTS_THRESHOLD_CONFIRM:
2125 case SME_FRAGMENTATION_THRESHOLD_CONFIRM:
2126 case SME_WEP_INDEX_CONFIRM:
2127 case SME_WEP_KEY1_CONFIRM:
2128 case SME_WEP_KEY2_CONFIRM:
2129 case SME_WEP_KEY3_CONFIRM:
2130 case SME_WEP_KEY4_CONFIRM:
2131 case SME_WEP_FLAG_CONFIRM:
2132 case SME_RSN_UCAST_CONFIRM:
2133 case SME_RSN_MCAST_CONFIRM:
2134 case SME_RSN_AUTH_CONFIRM:
2135 case SME_RSN_ENABLED_CONFIRM:
2136 case SME_RSN_MODE_CONFIRM:
2137 case SME_MODE_SET_CONFIRM:
2138 case SME_TERMINATE:
2139 default:
2140 break;
2141 }
2142}
2143
2144static
2145void hostif_sme_task(unsigned long dev)
2146{
2147 struct ks_wlan_private *priv = (struct ks_wlan_private *)dev;
2148
2149 if (priv->dev_state < DEVICE_STATE_BOOT)
2150 return;
2151
2152 if (cnt_smeqbody(priv) <= 0)
2153 return;
2154
2155 hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]);
2156 inc_smeqhead(priv);
2157 if (cnt_smeqbody(priv) > 0)
2158 tasklet_schedule(&priv->sme_task);
2159}
2160
2161
2162void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event)
2163{
2164
2165 if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) {
2166 priv->sme_i.event_buff[priv->sme_i.qtail] = event;
2167 inc_smeqtail(priv);
2168 } else {
2169
2170 netdev_err(priv->net_dev, "sme queue buffer overflow\n");
2171 }
2172
2173 tasklet_schedule(&priv->sme_task);
2174}
2175
2176static inline void hostif_aplist_init(struct ks_wlan_private *priv)
2177{
2178 size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap);
2179
2180 priv->aplist.size = 0;
2181 memset(&priv->aplist.ap[0], 0, size);
2182}
2183
2184static inline void hostif_status_init(struct ks_wlan_private *priv)
2185{
2186 priv->infra_status = 0;
2187 priv->current_rate = 4;
2188 priv->connect_status = DISCONNECT_STATUS;
2189}
2190
2191static inline void hostif_sme_init(struct ks_wlan_private *priv)
2192{
2193 priv->sme_i.sme_status = SME_IDLE;
2194 priv->sme_i.qhead = 0;
2195 priv->sme_i.qtail = 0;
2196 spin_lock_init(&priv->sme_i.sme_spin);
2197 priv->sme_i.sme_flag = 0;
2198 tasklet_init(&priv->sme_task, hostif_sme_task, (unsigned long)priv);
2199}
2200
2201static inline void hostif_wpa_init(struct ks_wlan_private *priv)
2202{
2203 memset(&priv->wpa, 0, sizeof(priv->wpa));
2204 priv->wpa.rsn_enabled = false;
2205 priv->wpa.mic_failure.failure = 0;
2206 priv->wpa.mic_failure.last_failure_time = 0;
2207 priv->wpa.mic_failure.stop = 0;
2208}
2209
2210static inline void hostif_power_save_init(struct ks_wlan_private *priv)
2211{
2212 atomic_set(&priv->psstatus.status, PS_NONE);
2213 atomic_set(&priv->psstatus.confirm_wait, 0);
2214 atomic_set(&priv->psstatus.snooze_guard, 0);
2215 init_completion(&priv->psstatus.wakeup_wait);
2216 INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task);
2217}
2218
2219static inline void hostif_pmklist_init(struct ks_wlan_private *priv)
2220{
2221 int i;
2222
2223 memset(&priv->pmklist, 0, sizeof(priv->pmklist));
2224 INIT_LIST_HEAD(&priv->pmklist.head);
2225 for (i = 0; i < PMK_LIST_MAX; i++)
2226 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list);
2227}
2228
2229static inline void hostif_counters_init(struct ks_wlan_private *priv)
2230{
2231 priv->dev_count = 0;
2232 atomic_set(&priv->event_count, 0);
2233 atomic_set(&priv->rec_count, 0);
2234}
2235
2236int hostif_init(struct ks_wlan_private *priv)
2237{
2238 hostif_aplist_init(priv);
2239 hostif_status_init(priv);
2240
2241 spin_lock_init(&priv->multicast_spin);
2242 spin_lock_init(&priv->dev_read_lock);
2243 init_waitqueue_head(&priv->devread_wait);
2244
2245 hostif_counters_init(priv);
2246 hostif_power_save_init(priv);
2247 hostif_wpa_init(priv);
2248 hostif_pmklist_init(priv);
2249 hostif_sme_init(priv);
2250
2251 return 0;
2252}
2253
2254void hostif_exit(struct ks_wlan_private *priv)
2255{
2256 tasklet_kill(&priv->sme_task);
2257}
2258
