1
2
3
4
5
6
7
8
9#include <crypto/hash.h>
10#include <linux/circ_buf.h>
11#include <linux/if_arp.h>
12#include <net/iw_handler.h>
13#include <uapi/linux/llc.h>
14#include "eap_packet.h"
15#include "ks_wlan.h"
16#include "ks_hostif.h"
17
18#define MICHAEL_MIC_KEY_LEN 8
19#define MICHAEL_MIC_LEN 8
20
21static inline void inc_smeqhead(struct ks_wlan_private *priv)
22{
23 priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE;
24}
25
26static inline void inc_smeqtail(struct ks_wlan_private *priv)
27{
28 priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE;
29}
30
31static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv)
32{
33 return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail,
34 SME_EVENT_BUFF_SIZE);
35}
36
37static inline u8 get_byte(struct ks_wlan_private *priv)
38{
39 u8 data;
40
41 data = *priv->rxp++;
42
43 --(priv->rx_size);
44 return data;
45}
46
47static inline u16 get_word(struct ks_wlan_private *priv)
48{
49 u16 data;
50
51 data = (get_byte(priv) & 0xff);
52 data |= ((get_byte(priv) << 8) & 0xff00);
53 return data;
54}
55
56static inline u32 get_dword(struct ks_wlan_private *priv)
57{
58 u32 data;
59
60 data = (get_byte(priv) & 0xff);
61 data |= ((get_byte(priv) << 8) & 0x0000ff00);
62 data |= ((get_byte(priv) << 16) & 0x00ff0000);
63 data |= ((get_byte(priv) << 24) & 0xff000000);
64 return data;
65}
66
67static void ks_wlan_hw_wakeup_task(struct work_struct *work)
68{
69 struct ks_wlan_private *priv;
70 int ps_status;
71 long time_left;
72
73 priv = container_of(work, struct ks_wlan_private, wakeup_work);
74 ps_status = atomic_read(&priv->psstatus.status);
75
76 if (ps_status == PS_SNOOZE) {
77 ks_wlan_hw_wakeup_request(priv);
78 time_left = wait_for_completion_interruptible_timeout(
79 &priv->psstatus.wakeup_wait,
80 msecs_to_jiffies(20));
81 if (time_left <= 0) {
82 netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n");
83 schedule_work(&priv->wakeup_work);
84 return;
85 }
86 }
87
88
89 if (atomic_read(&priv->sme_task.count) > 0)
90 tasklet_enable(&priv->sme_task);
91}
92
93static void ks_wlan_do_power_save(struct ks_wlan_private *priv)
94{
95 if (is_connect_status(priv->connect_status))
96 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST);
97 else
98 priv->dev_state = DEVICE_STATE_READY;
99}
100
101static
102int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info)
103{
104 struct local_ap *ap;
105 union iwreq_data wrqu;
106 struct net_device *netdev = priv->net_dev;
107 u8 size;
108
109 ap = &priv->current_ap;
110
111 if (is_disconnect_status(priv->connect_status)) {
112 memset(ap, 0, sizeof(struct local_ap));
113 return -EPERM;
114 }
115
116 ether_addr_copy(ap->bssid, ap_info->bssid);
117 memcpy(ap->ssid.body, priv->reg.ssid.body,
118 priv->reg.ssid.size);
119 ap->ssid.size = priv->reg.ssid.size;
120 memcpy(ap->rate_set.body, ap_info->rate_set.body,
121 ap_info->rate_set.size);
122 ap->rate_set.size = ap_info->rate_set.size;
123 if (ap_info->ext_rate_set.size != 0) {
124 memcpy(&ap->rate_set.body[ap->rate_set.size],
125 ap_info->ext_rate_set.body,
126 ap_info->ext_rate_set.size);
127 ap->rate_set.size += ap_info->ext_rate_set.size;
128 }
129 ap->channel = ap_info->ds_parameter.channel;
130 ap->rssi = ap_info->rssi;
131 ap->sq = ap_info->sq;
132 ap->noise = ap_info->noise;
133 ap->capability = le16_to_cpu(ap_info->capability);
134 size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ?
135 ap_info->rsn.size : RSN_IE_BODY_MAX;
136 if ((ap_info->rsn_mode & RSN_MODE_WPA2) &&
137 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) {
138 ap->rsn_ie.id = RSN_INFO_ELEM_ID;
139 ap->rsn_ie.size = size;
140 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size);
141 } else if ((ap_info->rsn_mode & RSN_MODE_WPA) &&
142 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) {
143 ap->wpa_ie.id = WPA_INFO_ELEM_ID;
144 ap->wpa_ie.size = size;
145 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size);
146 } else {
147 ap->rsn_ie.id = 0;
148 ap->rsn_ie.size = 0;
149 ap->wpa_ie.id = 0;
150 ap->wpa_ie.size = 0;
151 }
152
153 wrqu.data.length = 0;
154 wrqu.data.flags = 0;
155 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
156 if (is_connect_status(priv->connect_status)) {
157 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid);
158 netdev_dbg(priv->net_dev,
159 "IWEVENT: connect bssid=%pM\n",
160 wrqu.ap_addr.sa_data);
161 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
162 }
163 netdev_dbg(priv->net_dev, "Link AP\n"
164 "- bssid=%pM\n"
165 "- essid=%s\n"
166 "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n"
167 "- channel=%d\n"
168 "- rssi=%d\n"
169 "- sq=%d\n"
170 "- capability=%04X\n"
171 "- rsn.mode=%d\n"
172 "- rsn.size=%d\n"
173 "- ext_rate_set_size=%d\n"
174 "- rate_set_size=%d\n",
175 ap->bssid,
176 &ap->ssid.body[0],
177 ap->rate_set.body[0], ap->rate_set.body[1],
178 ap->rate_set.body[2], ap->rate_set.body[3],
179 ap->rate_set.body[4], ap->rate_set.body[5],
180 ap->rate_set.body[6], ap->rate_set.body[7],
181 ap->channel, ap->rssi, ap->sq, ap->capability,
182 ap_info->rsn_mode, ap_info->rsn.size,
183 ap_info->ext_rate_set.size, ap_info->rate_set.size);
184
185 return 0;
186}
187
188static u8 read_ie(unsigned char *bp, u8 max, u8 *body)
189{
190 u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max;
191
192 memcpy(body, bp + 2, size);
193 return size;
194}
195
196static int
197michael_mic(u8 *key, u8 *data, unsigned int len, u8 priority, u8 *result)
198{
199 u8 pad_data[4] = { priority, 0, 0, 0 };
200 struct crypto_shash *tfm = NULL;
201 struct shash_desc *desc = NULL;
202 int ret;
203
204 tfm = crypto_alloc_shash("michael_mic", 0, 0);
205 if (IS_ERR(tfm)) {
206 ret = PTR_ERR(tfm);
207 goto err;
208 }
209
210 ret = crypto_shash_setkey(tfm, key, MICHAEL_MIC_KEY_LEN);
211 if (ret < 0)
212 goto err_free_tfm;
213
214 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL);
215 if (!desc) {
216 ret = -ENOMEM;
217 goto err_free_tfm;
218 }
219
220 desc->tfm = tfm;
221
222 ret = crypto_shash_init(desc);
223 if (ret < 0)
224 goto err_free_desc;
225
226
227
228
229
230
231
232
233
234
235
236
237 ret = crypto_shash_update(desc, data, 12);
238 if (ret < 0)
239 goto err_free_desc;
240
241 ret = crypto_shash_update(desc, pad_data, 4);
242 if (ret < 0)
243 goto err_free_desc;
244
245 ret = crypto_shash_finup(desc, data + 12, len - 12, result);
246
247err_free_desc:
248 kfree_sensitive(desc);
249
250err_free_tfm:
251 crypto_free_shash(tfm);
252
253err:
254 return ret;
255}
256
257static
258int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info,
259 struct local_ap *ap)
260{
261 unsigned char *bp;
262 int bsize, offset;
263
264 memset(ap, 0, sizeof(struct local_ap));
265
266 ether_addr_copy(ap->bssid, ap_info->bssid);
267 ap->rssi = ap_info->rssi;
268 ap->sq = ap_info->sq;
269 ap->noise = ap_info->noise;
270 ap->capability = le16_to_cpu(ap_info->capability);
271 ap->channel = ap_info->ch_info;
272
273 bp = ap_info->body;
274 bsize = le16_to_cpu(ap_info->body_size);
275 offset = 0;
276
277 while (bsize > offset) {
278 switch (*bp) {
279 case WLAN_EID_SSID:
280 ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN,
281 ap->ssid.body);
282 break;
283 case WLAN_EID_SUPP_RATES:
284 case WLAN_EID_EXT_SUPP_RATES:
285 if ((*(bp + 1) + ap->rate_set.size) <=
286 RATE_SET_MAX_SIZE) {
287 memcpy(&ap->rate_set.body[ap->rate_set.size],
288 bp + 2, *(bp + 1));
289 ap->rate_set.size += *(bp + 1);
290 } else {
291 memcpy(&ap->rate_set.body[ap->rate_set.size],
292 bp + 2,
293 RATE_SET_MAX_SIZE - ap->rate_set.size);
294 ap->rate_set.size +=
295 (RATE_SET_MAX_SIZE - ap->rate_set.size);
296 }
297 break;
298 case WLAN_EID_RSN:
299 ap->rsn_ie.id = *bp;
300 ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
301 ap->rsn_ie.body);
302 break;
303 case WLAN_EID_VENDOR_SPECIFIC:
304
305 if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) {
306 ap->wpa_ie.id = *bp;
307 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
308 ap->wpa_ie.body);
309 }
310 break;
311 case WLAN_EID_DS_PARAMS:
312 case WLAN_EID_FH_PARAMS:
313 case WLAN_EID_CF_PARAMS:
314 case WLAN_EID_TIM:
315 case WLAN_EID_IBSS_PARAMS:
316 case WLAN_EID_COUNTRY:
317 case WLAN_EID_ERP_INFO:
318 break;
319 default:
320 netdev_err(priv->net_dev,
321 "unknown Element ID=%d\n", *bp);
322 break;
323 }
324
325 offset += 2;
326 offset += *(bp + 1);
327 bp += (*(bp + 1) + 2);
328 }
329
330 return 0;
331}
332
333static
334int hostif_data_indication_wpa(struct ks_wlan_private *priv,
335 unsigned short auth_type)
336{
337 struct ether_hdr *eth_hdr;
338 unsigned short eth_proto;
339 unsigned char recv_mic[MICHAEL_MIC_LEN];
340 char buf[128];
341 unsigned long now;
342 struct mic_failure *mic_failure;
343 u8 mic[MICHAEL_MIC_LEN];
344 union iwreq_data wrqu;
345 unsigned int key_index = auth_type - 1;
346 struct wpa_key *key = &priv->wpa.key[key_index];
347
348 eth_hdr = (struct ether_hdr *)(priv->rxp);
349 eth_proto = ntohs(eth_hdr->h_proto);
350
351 if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) {
352 netdev_err(priv->net_dev, "invalid data format\n");
353 priv->nstats.rx_errors++;
354 return -EINVAL;
355 }
356 if (((auth_type == TYPE_PMK1 &&
357 priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) ||
358 (auth_type == TYPE_GMK1 &&
359 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) ||
360 (auth_type == TYPE_GMK2 &&
361 priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) &&
362 key->key_len) {
363 int ret;
364
365 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n",
366 eth_proto, priv->rx_size);
367
368 memcpy(&recv_mic[0],
369 (priv->rxp) + ((priv->rx_size) - sizeof(recv_mic)),
370 sizeof(recv_mic));
371 priv->rx_size = priv->rx_size - sizeof(recv_mic);
372
373 ret = michael_mic(key->rx_mic_key, priv->rxp, priv->rx_size,
374 0, mic);
375 if (ret < 0)
376 return ret;
377 if (memcmp(mic, recv_mic, sizeof(mic)) != 0) {
378 now = jiffies;
379 mic_failure = &priv->wpa.mic_failure;
380
381 if (mic_failure->last_failure_time &&
382 (now - mic_failure->last_failure_time) / HZ >= 60) {
383 mic_failure->failure = 0;
384 }
385 netdev_err(priv->net_dev, "MIC FAILURE\n");
386 if (mic_failure->failure == 0) {
387 mic_failure->failure = 1;
388 mic_failure->counter = 0;
389 } else if (mic_failure->failure == 1) {
390 mic_failure->failure = 2;
391 mic_failure->counter =
392 (u16)((now - mic_failure->last_failure_time) / HZ);
393
394 if (!mic_failure->counter)
395 mic_failure->counter = 1;
396 }
397 priv->wpa.mic_failure.last_failure_time = now;
398
399
400 sprintf(buf,
401 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)",
402 key_index,
403 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni",
404 eth_hdr->h_source);
405 memset(&wrqu, 0, sizeof(wrqu));
406 wrqu.data.length = strlen(buf);
407 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu,
408 buf);
409 return -EINVAL;
410 }
411 }
412 return 0;
413}
414
415static
416void hostif_data_indication(struct ks_wlan_private *priv)
417{
418 unsigned int rx_ind_size;
419 struct sk_buff *skb;
420 u16 auth_type;
421 unsigned char temp[256];
422 struct ether_hdr *eth_hdr;
423 struct ieee802_1x_hdr *aa1x_hdr;
424 size_t size;
425 int ret;
426
427
428 if (priv->rx_size <= ETH_HLEN) {
429 priv->nstats.rx_errors++;
430 return;
431 }
432
433 auth_type = get_word(priv);
434 get_word(priv);
435
436 eth_hdr = (struct ether_hdr *)(priv->rxp);
437
438
439 if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) {
440 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n");
441 netdev_err(priv->net_dev, "eth_hdrernet->h_dest=%pM\n", eth_hdr->h_source);
442 priv->nstats.rx_errors++;
443 return;
444 }
445
446
447 if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) {
448 ret = hostif_data_indication_wpa(priv, auth_type);
449 if (ret)
450 return;
451 }
452
453 if ((priv->connect_status & FORCE_DISCONNECT) ||
454 priv->wpa.mic_failure.failure == 2) {
455 return;
456 }
457
458
459 switch (*(priv->rxp + 12)) {
460 case LLC_SAP_SNAP:
461 rx_ind_size = priv->rx_size - 6;
462 skb = dev_alloc_skb(rx_ind_size);
463 if (!skb) {
464 priv->nstats.rx_dropped++;
465 return;
466 }
467 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n",
468 rx_ind_size);
469
470 size = ETH_ALEN * 2;
471 skb_put_data(skb, priv->rxp, size);
472
473
474
475 size = rx_ind_size - (ETH_ALEN * 2);
476 skb_put_data(skb, ð_hdr->h_proto, size);
477
478 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE);
479 break;
480 case LLC_SAP_NETBEUI:
481 rx_ind_size = (priv->rx_size + 2);
482 skb = dev_alloc_skb(rx_ind_size);
483 if (!skb) {
484 priv->nstats.rx_dropped++;
485 return;
486 }
487 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n",
488 rx_ind_size);
489
490
491 skb_put_data(skb, priv->rxp, 12);
492
493
494 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff);
495 temp[1] = ((rx_ind_size - 12) & 0xff);
496 skb_put_data(skb, temp, 2);
497
498
499 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14);
500
501 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14);
502 break;
503 default:
504 netdev_err(priv->net_dev, "invalid data format\n");
505 priv->nstats.rx_errors++;
506 return;
507 }
508
509 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY &&
510 priv->wpa.rsn_enabled)
511 atomic_set(&priv->psstatus.snooze_guard, 1);
512
513
514 skb->dev = priv->net_dev;
515 skb->protocol = eth_type_trans(skb, skb->dev);
516 priv->nstats.rx_packets++;
517 priv->nstats.rx_bytes += rx_ind_size;
518 netif_rx(skb);
519}
520
521static
522void hostif_mib_get_confirm(struct ks_wlan_private *priv)
523{
524 struct net_device *dev = priv->net_dev;
525 u32 mib_status;
526 u32 mib_attribute;
527
528 mib_status = get_dword(priv);
529 mib_attribute = get_dword(priv);
530 get_word(priv);
531 get_word(priv);
532
533 if (mib_status) {
534 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n",
535 mib_attribute, mib_status);
536 return;
537 }
538
539 switch (mib_attribute) {
540 case DOT11_MAC_ADDRESS:
541 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS);
542 ether_addr_copy(priv->eth_addr, priv->rxp);
543 priv->mac_address_valid = true;
544 ether_addr_copy(dev->dev_addr, priv->eth_addr);
545 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr);
546 break;
547 case DOT11_PRODUCT_VERSION:
548 priv->version_size = priv->rx_size;
549 memcpy(priv->firmware_version, priv->rxp, priv->rx_size);
550 priv->firmware_version[priv->rx_size] = '\0';
551 netdev_info(dev, "firmware ver. = %s\n",
552 priv->firmware_version);
553 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION);
554
555 complete(&priv->confirm_wait);
556 break;
557 case LOCAL_GAIN:
558 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain));
559 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n",
560 priv->gain.tx_mode, priv->gain.rx_mode,
561 priv->gain.tx_gain, priv->gain.rx_gain);
562 break;
563 case LOCAL_EEPROM_SUM:
564 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum));
565 if (priv->eeprom_sum.type != 0 &&
566 priv->eeprom_sum.type != 1) {
567 netdev_err(dev, "LOCAL_EEPROM_SUM error!\n");
568 return;
569 }
570 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ?
571 EEPROM_CHECKSUM_NONE :
572 (priv->eeprom_sum.result == 0) ?
573 EEPROM_NG : EEPROM_OK;
574 break;
575 default:
576 netdev_err(priv->net_dev, "mib_attribute=%08x\n",
577 (unsigned int)mib_attribute);
578 break;
579 }
580}
581
582static
583void hostif_mib_set_confirm(struct ks_wlan_private *priv)
584{
585 u32 mib_status;
586 u32 mib_attribute;
587
588 mib_status = get_dword(priv);
589 mib_attribute = get_dword(priv);
590
591 if (mib_status) {
592
593 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n",
594 mib_attribute, mib_status);
595 }
596
597 switch (mib_attribute) {
598 case DOT11_RTS_THRESHOLD:
599 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM);
600 break;
601 case DOT11_FRAGMENTATION_THRESHOLD:
602 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM);
603 break;
604 case DOT11_WEP_DEFAULT_KEY_ID:
605 if (!priv->wpa.wpa_enabled)
606 hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM);
607 break;
608 case DOT11_WEP_DEFAULT_KEY_VALUE1:
609 if (priv->wpa.rsn_enabled)
610 hostif_sme_enqueue(priv, SME_SET_PMK_TSC);
611 else
612 hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM);
613 break;
614 case DOT11_WEP_DEFAULT_KEY_VALUE2:
615 if (priv->wpa.rsn_enabled)
616 hostif_sme_enqueue(priv, SME_SET_GMK1_TSC);
617 else
618 hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM);
619 break;
620 case DOT11_WEP_DEFAULT_KEY_VALUE3:
621 if (priv->wpa.rsn_enabled)
622 hostif_sme_enqueue(priv, SME_SET_GMK2_TSC);
623 else
624 hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM);
625 break;
626 case DOT11_WEP_DEFAULT_KEY_VALUE4:
627 if (!priv->wpa.rsn_enabled)
628 hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM);
629 break;
630 case DOT11_PRIVACY_INVOKED:
631 if (!priv->wpa.rsn_enabled)
632 hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM);
633 break;
634 case DOT11_RSN_ENABLED:
635 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM);
636 break;
637 case LOCAL_RSN_MODE:
638 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM);
639 break;
640 case LOCAL_MULTICAST_ADDRESS:
641 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST);
642 break;
643 case LOCAL_MULTICAST_FILTER:
644 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM);
645 break;
646 case LOCAL_CURRENTADDRESS:
647 priv->mac_address_valid = true;
648 break;
649 case DOT11_RSN_CONFIG_MULTICAST_CIPHER:
650 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM);
651 break;
652 case DOT11_RSN_CONFIG_UNICAST_CIPHER:
653 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM);
654 break;
655 case DOT11_RSN_CONFIG_AUTH_SUITE:
656 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM);
657 break;
658 case DOT11_GMK1_TSC:
659 if (atomic_read(&priv->psstatus.snooze_guard))
660 atomic_set(&priv->psstatus.snooze_guard, 0);
661 break;
662 case DOT11_GMK2_TSC:
663 if (atomic_read(&priv->psstatus.snooze_guard))
664 atomic_set(&priv->psstatus.snooze_guard, 0);
665 break;
666 case DOT11_PMK_TSC:
667 case LOCAL_PMK:
668 case LOCAL_GAIN:
669 case LOCAL_WPS_ENABLE:
670 case LOCAL_WPS_PROBE_REQ:
671 case LOCAL_REGION:
672 default:
673 break;
674 }
675}
676
677static
678void hostif_power_mgmt_confirm(struct ks_wlan_private *priv)
679{
680 if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE &&
681 priv->reg.operation_mode == MODE_INFRASTRUCTURE) {
682 atomic_set(&priv->psstatus.confirm_wait, 0);
683 priv->dev_state = DEVICE_STATE_SLEEP;
684 ks_wlan_hw_power_save(priv);
685 } else {
686 priv->dev_state = DEVICE_STATE_READY;
687 }
688}
689
690static
691void hostif_sleep_confirm(struct ks_wlan_private *priv)
692{
693 atomic_set(&priv->sleepstatus.doze_request, 1);
694 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
695}
696
697static
698void hostif_start_confirm(struct ks_wlan_private *priv)
699{
700 union iwreq_data wrqu;
701
702 wrqu.data.length = 0;
703 wrqu.data.flags = 0;
704 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
705 if (is_connect_status(priv->connect_status)) {
706 eth_zero_addr(wrqu.ap_addr.sa_data);
707 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
708 }
709 netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count);
710 hostif_sme_enqueue(priv, SME_START_CONFIRM);
711}
712
713static
714void hostif_connect_indication(struct ks_wlan_private *priv)
715{
716 u16 connect_code;
717 unsigned int tmp = 0;
718 unsigned int old_status = priv->connect_status;
719 struct net_device *netdev = priv->net_dev;
720 union iwreq_data wrqu0;
721
722 connect_code = get_word(priv);
723
724 switch (connect_code) {
725 case RESULT_CONNECT:
726 if (!(priv->connect_status & FORCE_DISCONNECT))
727 netif_carrier_on(netdev);
728 tmp = FORCE_DISCONNECT & priv->connect_status;
729 priv->connect_status = tmp + CONNECT_STATUS;
730 break;
731 case RESULT_DISCONNECT:
732 netif_carrier_off(netdev);
733 tmp = FORCE_DISCONNECT & priv->connect_status;
734 priv->connect_status = tmp + DISCONNECT_STATUS;
735 break;
736 default:
737 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n",
738 connect_code, priv->scan_ind_count);
739 netif_carrier_off(netdev);
740 tmp = FORCE_DISCONNECT & priv->connect_status;
741 priv->connect_status = tmp + DISCONNECT_STATUS;
742 break;
743 }
744
745 get_current_ap(priv, (struct link_ap_info *)priv->rxp);
746 if (is_connect_status(priv->connect_status) &&
747 is_disconnect_status(old_status)) {
748
749 atomic_set(&priv->psstatus.snooze_guard, 0);
750 atomic_set(&priv->psstatus.confirm_wait, 0);
751 }
752 ks_wlan_do_power_save(priv);
753
754 wrqu0.data.length = 0;
755 wrqu0.data.flags = 0;
756 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
757 if (is_disconnect_status(priv->connect_status) &&
758 is_connect_status(old_status)) {
759 eth_zero_addr(wrqu0.ap_addr.sa_data);
760 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n",
761 priv->scan_ind_count);
762 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
763 }
764 priv->scan_ind_count = 0;
765}
766
767static
768void hostif_scan_indication(struct ks_wlan_private *priv)
769{
770 int i;
771 struct ap_info *ap_info;
772
773 netdev_dbg(priv->net_dev,
774 "scan_ind_count = %d\n", priv->scan_ind_count);
775 ap_info = (struct ap_info *)(priv->rxp);
776
777 if (priv->scan_ind_count) {
778
779 for (i = 0; i < priv->aplist.size; i++) {
780 u8 *bssid = priv->aplist.ap[i].bssid;
781
782 if (ether_addr_equal(ap_info->bssid, bssid))
783 continue;
784
785 if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP)
786 get_ap_information(priv, ap_info,
787 &priv->aplist.ap[i]);
788 return;
789 }
790 }
791 priv->scan_ind_count++;
792 if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) {
793 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n",
794 priv->scan_ind_count, priv->aplist.size);
795 get_ap_information(priv, (struct ap_info *)(priv->rxp),
796 &priv->aplist.ap[priv->scan_ind_count - 1]);
797 priv->aplist.size = priv->scan_ind_count;
798 } else {
799 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n",
800 priv->scan_ind_count);
801 }
802}
803
804static
805void hostif_stop_confirm(struct ks_wlan_private *priv)
806{
807 unsigned int tmp = 0;
808 unsigned int old_status = priv->connect_status;
809 struct net_device *netdev = priv->net_dev;
810 union iwreq_data wrqu0;
811
812 if (priv->dev_state == DEVICE_STATE_SLEEP)
813 priv->dev_state = DEVICE_STATE_READY;
814
815
816 if (is_connect_status(priv->connect_status)) {
817 netif_carrier_off(netdev);
818 tmp = FORCE_DISCONNECT & priv->connect_status;
819 priv->connect_status = tmp | DISCONNECT_STATUS;
820 netdev_info(netdev, "IWEVENT: disconnect\n");
821
822 wrqu0.data.length = 0;
823 wrqu0.data.flags = 0;
824 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
825 if (is_disconnect_status(priv->connect_status) &&
826 is_connect_status(old_status)) {
827 eth_zero_addr(wrqu0.ap_addr.sa_data);
828 netdev_info(netdev, "IWEVENT: disconnect\n");
829 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
830 }
831 priv->scan_ind_count = 0;
832 }
833
834 hostif_sme_enqueue(priv, SME_STOP_CONFIRM);
835}
836
837static
838void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv)
839{
840 priv->infra_status = 0;
841 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
842}
843
844static
845void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv)
846{
847 get_word(priv);
848 priv->infra_status = 1;
849 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
850}
851
852static
853void hostif_adhoc_set_confirm(struct ks_wlan_private *priv)
854{
855 priv->infra_status = 1;
856 hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
857}
858
859static
860void hostif_associate_indication(struct ks_wlan_private *priv)
861{
862 struct association_request *assoc_req;
863 struct association_response *assoc_resp;
864 unsigned char *pb;
865 union iwreq_data wrqu;
866 char buf[IW_CUSTOM_MAX];
867 char *pbuf = &buf[0];
868 int i;
869
870 static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs=";
871 static const char associnfo_leader1[] = " RespIEs=";
872
873 assoc_req = (struct association_request *)(priv->rxp);
874 assoc_resp = (struct association_response *)(assoc_req + 1);
875 pb = (unsigned char *)(assoc_resp + 1);
876
877 memset(&wrqu, 0, sizeof(wrqu));
878 memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1);
879 wrqu.data.length += sizeof(associnfo_leader0) - 1;
880 pbuf += sizeof(associnfo_leader0) - 1;
881
882 for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++)
883 pbuf += sprintf(pbuf, "%02x", *(pb + i));
884 wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2;
885
886 memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1);
887 wrqu.data.length += sizeof(associnfo_leader1) - 1;
888 pbuf += sizeof(associnfo_leader1) - 1;
889
890 pb += le16_to_cpu(assoc_req->req_ies_size);
891 for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++)
892 pbuf += sprintf(pbuf, "%02x", *(pb + i));
893 wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2;
894
895 pbuf += sprintf(pbuf, ")");
896 wrqu.data.length += 1;
897
898 wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf);
899}
900
901static
902void hostif_bss_scan_confirm(struct ks_wlan_private *priv)
903{
904 u32 result_code;
905 struct net_device *dev = priv->net_dev;
906 union iwreq_data wrqu;
907
908 result_code = get_dword(priv);
909 netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n",
910 result_code, priv->scan_ind_count);
911
912 priv->sme_i.sme_flag &= ~SME_AP_SCAN;
913 hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM);
914
915 wrqu.data.length = 0;
916 wrqu.data.flags = 0;
917 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
918 priv->scan_ind_count = 0;
919}
920
921static
922void hostif_phy_information_confirm(struct ks_wlan_private *priv)
923{
924 struct iw_statistics *wstats = &priv->wstats;
925 u8 rssi, signal;
926 u8 link_speed;
927 u32 transmitted_frame_count, received_fragment_count;
928 u32 failed_count, fcs_error_count;
929
930 rssi = get_byte(priv);
931 signal = get_byte(priv);
932 get_byte(priv);
933 link_speed = get_byte(priv);
934 transmitted_frame_count = get_dword(priv);
935 received_fragment_count = get_dword(priv);
936 failed_count = get_dword(priv);
937 fcs_error_count = get_dword(priv);
938
939 netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n",
940 rssi, signal);
941 priv->current_rate = (link_speed & RATE_MASK);
942 wstats->qual.qual = signal;
943 wstats->qual.level = 256 - rssi;
944 wstats->qual.noise = 0;
945 wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
946
947 netdev_dbg(priv->net_dev, "\n rssi=%u\n"
948 " signal=%u\n"
949 " link_speed=%ux500Kbps\n"
950 " transmitted_frame_count=%u\n"
951 " received_fragment_count=%u\n"
952 " failed_count=%u\n"
953 " fcs_error_count=%u\n",
954 rssi, signal, link_speed, transmitted_frame_count,
955 received_fragment_count, failed_count, fcs_error_count);
956
957 complete(&priv->confirm_wait);
958}
959
960static
961void hostif_mic_failure_confirm(struct ks_wlan_private *priv)
962{
963 netdev_dbg(priv->net_dev, "mic_failure=%u\n",
964 priv->wpa.mic_failure.failure);
965 hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM);
966}
967
968static
969void hostif_event_check(struct ks_wlan_private *priv)
970{
971 u16 event;
972
973 event = get_word(priv);
974 switch (event) {
975 case HIF_DATA_IND:
976 hostif_data_indication(priv);
977 break;
978 case HIF_MIB_GET_CONF:
979 hostif_mib_get_confirm(priv);
980 break;
981 case HIF_MIB_SET_CONF:
982 hostif_mib_set_confirm(priv);
983 break;
984 case HIF_POWER_MGMT_CONF:
985 hostif_power_mgmt_confirm(priv);
986 break;
987 case HIF_SLEEP_CONF:
988 hostif_sleep_confirm(priv);
989 break;
990 case HIF_START_CONF:
991 hostif_start_confirm(priv);
992 break;
993 case HIF_CONNECT_IND:
994 hostif_connect_indication(priv);
995 break;
996 case HIF_STOP_CONF:
997 hostif_stop_confirm(priv);
998 break;
999 case HIF_PS_ADH_SET_CONF:
1000 hostif_ps_adhoc_set_confirm(priv);
1001 break;
1002 case HIF_INFRA_SET_CONF:
1003 case HIF_INFRA_SET2_CONF:
1004 hostif_infrastructure_set_confirm(priv);
1005 break;
1006 case HIF_ADH_SET_CONF:
1007 case HIF_ADH_SET2_CONF:
1008 hostif_adhoc_set_confirm(priv);
1009 break;
1010 case HIF_ASSOC_INFO_IND:
1011 hostif_associate_indication(priv);
1012 break;
1013 case HIF_MIC_FAILURE_CONF:
1014 hostif_mic_failure_confirm(priv);
1015 break;
1016 case HIF_SCAN_CONF:
1017 hostif_bss_scan_confirm(priv);
1018 break;
1019 case HIF_PHY_INFO_CONF:
1020 case HIF_PHY_INFO_IND:
1021 hostif_phy_information_confirm(priv);
1022 break;
1023 case HIF_SCAN_IND:
1024 hostif_scan_indication(priv);
1025 break;
1026 case HIF_AP_SET_CONF:
1027 default:
1028 netdev_err(priv->net_dev, "undefined event[%04X]\n", event);
1029
1030 complete(&priv->confirm_wait);
1031 break;
1032 }
1033
1034
1035 priv->hostt.buff[priv->hostt.qtail] = event;
1036 priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE;
1037}
1038
1039
1040static void *hostif_generic_request(size_t size, int event)
1041{
1042 struct hostif_hdr *p;
1043
1044 p = kzalloc(hif_align_size(size), GFP_ATOMIC);
1045 if (!p)
1046 return NULL;
1047
1048 p->size = cpu_to_le16(size - sizeof(p->size));
1049 p->event = cpu_to_le16(event);
1050
1051 return p;
1052}
1053
1054int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb)
1055{
1056 unsigned int skb_len = 0;
1057 unsigned char *buffer = NULL;
1058 unsigned int length = 0;
1059 struct hostif_data_request *pp;
1060 unsigned char *p;
1061 unsigned short eth_proto;
1062 struct ether_hdr *eth_hdr;
1063 unsigned short keyinfo = 0;
1064 struct ieee802_1x_hdr *aa1x_hdr;
1065 struct wpa_eapol_key *eap_key;
1066 struct ethhdr *eth;
1067 size_t size;
1068 int ret;
1069
1070 skb_len = skb->len;
1071 if (skb_len > ETH_FRAME_LEN) {
1072 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len);
1073 ret = -EOVERFLOW;
1074 goto err_kfree_skb;
1075 }
1076
1077 if (is_disconnect_status(priv->connect_status) ||
1078 (priv->connect_status & FORCE_DISCONNECT) ||
1079 priv->wpa.mic_failure.stop) {
1080 if (netif_queue_stopped(priv->net_dev))
1081 netif_wake_queue(priv->net_dev);
1082
1083 dev_kfree_skb(skb);
1084
1085 return 0;
1086 }
1087
1088
1089 if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) {
1090 if (!netif_queue_stopped(priv->net_dev))
1091 netif_stop_queue(priv->net_dev);
1092 }
1093
1094 size = sizeof(*pp) + 6 + skb_len + 8;
1095 pp = kmalloc(hif_align_size(size), GFP_ATOMIC);
1096 if (!pp) {
1097 ret = -ENOMEM;
1098 goto err_kfree_skb;
1099 }
1100
1101 p = (unsigned char *)pp->data;
1102
1103 buffer = skb->data;
1104 length = skb->len;
1105
1106
1107 eth = (struct ethhdr *)skb->data;
1108 if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) {
1109 netdev_err(priv->net_dev,
1110 "Invalid mac address: ethernet->h_source=%pM\n",
1111 eth->h_source);
1112 ret = -ENXIO;
1113 goto err_kfree;
1114 }
1115
1116
1117 size = ETH_ALEN * 2;
1118 memcpy(p, buffer, size);
1119 p += size;
1120 buffer += size;
1121 length -= size;
1122
1123
1124 if (*(buffer + 1) + (*buffer << 8) > 1500) {
1125
1126
1127 *p++ = 0xAA;
1128 *p++ = 0xAA;
1129 *p++ = 0x03;
1130 *p++ = 0x00;
1131 *p++ = 0x00;
1132 *p++ = 0x00;
1133 skb_len += 6;
1134 } else {
1135
1136 buffer += 2;
1137 length -= 2;
1138 skb_len -= 2;
1139 }
1140
1141
1142 memcpy(p, buffer, length);
1143
1144 p += length;
1145
1146
1147 eth_hdr = (struct ether_hdr *)&pp->data[0];
1148 eth_proto = ntohs(eth_hdr->h_proto);
1149
1150
1151 if (eth_proto == ETH_P_PAE &&
1152 priv->wpa.mic_failure.failure > 0) {
1153 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1);
1154 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) {
1155 eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1);
1156 keyinfo = ntohs(eap_key->key_info);
1157 }
1158 }
1159
1160 if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) {
1161
1162 if (eth_proto == ETH_P_PAE &&
1163 priv->wpa.key[1].key_len == 0 &&
1164 priv->wpa.key[2].key_len == 0 &&
1165 priv->wpa.key[3].key_len == 0) {
1166 pp->auth_type = cpu_to_le16(TYPE_AUTH);
1167 } else {
1168 if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) {
1169 u8 mic[MICHAEL_MIC_LEN];
1170
1171 ret = michael_mic(priv->wpa.key[0].tx_mic_key,
1172 &pp->data[0], skb_len,
1173 0, mic);
1174 if (ret < 0)
1175 goto err_kfree;
1176
1177 memcpy(p, mic, sizeof(mic));
1178 length += sizeof(mic);
1179 skb_len += sizeof(mic);
1180 p += sizeof(mic);
1181 pp->auth_type =
1182 cpu_to_le16(TYPE_DATA);
1183 } else if (priv->wpa.pairwise_suite ==
1184 IW_AUTH_CIPHER_CCMP) {
1185 pp->auth_type =
1186 cpu_to_le16(TYPE_DATA);
1187 }
1188 }
1189 } else {
1190 if (eth_proto == ETH_P_PAE)
1191 pp->auth_type = cpu_to_le16(TYPE_AUTH);
1192 else
1193 pp->auth_type = cpu_to_le16(TYPE_DATA);
1194 }
1195
1196
1197 pp->header.size =
1198 cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len));
1199 pp->header.event = cpu_to_le16(HIF_DATA_REQ);
1200
1201
1202 ret = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len),
1203 send_packet_complete, skb);
1204
1205
1206 if (eth_proto == ETH_P_PAE &&
1207 priv->wpa.mic_failure.failure > 0) {
1208 if (keyinfo & WPA_KEY_INFO_ERROR &&
1209 keyinfo & WPA_KEY_INFO_REQUEST) {
1210 netdev_err(priv->net_dev,
1211 "MIC ERROR Report SET : %04X\n", keyinfo);
1212 hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST);
1213 }
1214 if (priv->wpa.mic_failure.failure == 2)
1215 priv->wpa.mic_failure.stop = 1;
1216 }
1217
1218 return ret;
1219
1220err_kfree:
1221 kfree(pp);
1222err_kfree_skb:
1223 dev_kfree_skb(skb);
1224
1225 return ret;
1226}
1227
1228static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv)
1229{
1230 if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET)
1231 atomic_inc(&priv->psstatus.confirm_wait);
1232}
1233
1234static inline void send_request_to_device(struct ks_wlan_private *priv,
1235 void *data, size_t size)
1236{
1237 ps_confirm_wait_inc(priv);
1238 ks_wlan_hw_tx(priv, data, size, NULL, NULL);
1239}
1240
1241static void hostif_mib_get_request(struct ks_wlan_private *priv,
1242 u32 mib_attribute)
1243{
1244 struct hostif_mib_get_request *pp;
1245
1246 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ);
1247 if (!pp)
1248 return;
1249
1250 pp->mib_attribute = cpu_to_le32(mib_attribute);
1251
1252 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1253}
1254
1255static void hostif_mib_set_request(struct ks_wlan_private *priv,
1256 enum mib_attribute attr,
1257 enum mib_data_type type,
1258 void *data, size_t size)
1259{
1260 struct hostif_mib_set_request_t *pp;
1261
1262 if (priv->dev_state < DEVICE_STATE_BOOT)
1263 return;
1264
1265 pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ);
1266 if (!pp)
1267 return;
1268
1269 pp->mib_attribute = cpu_to_le32(attr);
1270 pp->mib_value.size = cpu_to_le16(size);
1271 pp->mib_value.type = cpu_to_le16(type);
1272 memcpy(&pp->mib_value.body, data, size);
1273
1274 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size));
1275}
1276
1277static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv,
1278 enum mib_attribute attr, int val)
1279{
1280 __le32 v = cpu_to_le32(val);
1281 size_t size = sizeof(v);
1282
1283 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size);
1284}
1285
1286static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv,
1287 enum mib_attribute attr,
1288 bool val)
1289{
1290 __le32 v = cpu_to_le32(val);
1291 size_t size = sizeof(v);
1292
1293 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size);
1294}
1295
1296static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv,
1297 enum mib_attribute attr,
1298 void *data, size_t size)
1299{
1300 hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size);
1301}
1302
1303static
1304void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode)
1305{
1306 struct hostif_start_request *pp;
1307
1308 pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ);
1309 if (!pp)
1310 return;
1311
1312 pp->mode = cpu_to_le16(mode);
1313
1314 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1315
1316 priv->aplist.size = 0;
1317 priv->scan_ind_count = 0;
1318}
1319
1320static __le16 ks_wlan_cap(struct ks_wlan_private *priv)
1321{
1322 u16 capability = 0x0000;
1323
1324 if (priv->reg.preamble == SHORT_PREAMBLE)
1325 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE;
1326
1327 capability &= ~(WLAN_CAPABILITY_PBCC);
1328
1329 if (priv->reg.phy_type != D_11B_ONLY_MODE) {
1330 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
1331 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM);
1332 }
1333
1334 return cpu_to_le16(capability);
1335}
1336
1337static void init_request(struct ks_wlan_private *priv,
1338 struct hostif_request *req)
1339{
1340 req->phy_type = cpu_to_le16(priv->reg.phy_type);
1341 req->cts_mode = cpu_to_le16(priv->reg.cts_mode);
1342 req->scan_type = cpu_to_le16(priv->reg.scan_type);
1343 req->rate_set.size = priv->reg.rate_set.size;
1344 req->capability = ks_wlan_cap(priv);
1345 memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0],
1346 priv->reg.rate_set.size);
1347}
1348
1349static
1350void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv)
1351{
1352 struct hostif_ps_adhoc_set_request *pp;
1353
1354 pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ);
1355 if (!pp)
1356 return;
1357
1358 init_request(priv, &pp->request);
1359 pp->channel = cpu_to_le16(priv->reg.channel);
1360
1361 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1362}
1363
1364static
1365void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event)
1366{
1367 struct hostif_infrastructure_set_request *pp;
1368
1369 pp = hostif_generic_request(sizeof(*pp), event);
1370 if (!pp)
1371 return;
1372
1373 init_request(priv, &pp->request);
1374 pp->ssid.size = priv->reg.ssid.size;
1375 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1376 pp->beacon_lost_count =
1377 cpu_to_le16(priv->reg.beacon_lost_count);
1378 pp->auth_type = cpu_to_le16(priv->reg.authenticate_type);
1379
1380 pp->channel_list.body[0] = 1;
1381 pp->channel_list.body[1] = 8;
1382 pp->channel_list.body[2] = 2;
1383 pp->channel_list.body[3] = 9;
1384 pp->channel_list.body[4] = 3;
1385 pp->channel_list.body[5] = 10;
1386 pp->channel_list.body[6] = 4;
1387 pp->channel_list.body[7] = 11;
1388 pp->channel_list.body[8] = 5;
1389 pp->channel_list.body[9] = 12;
1390 pp->channel_list.body[10] = 6;
1391 pp->channel_list.body[11] = 13;
1392 pp->channel_list.body[12] = 7;
1393 if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1394 pp->channel_list.size = 13;
1395 } else {
1396 pp->channel_list.body[13] = 14;
1397 pp->channel_list.size = 14;
1398 }
1399
1400 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1401}
1402
1403static
1404void hostif_adhoc_set_request(struct ks_wlan_private *priv)
1405{
1406 struct hostif_adhoc_set_request *pp;
1407
1408 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1409 if (!pp)
1410 return;
1411
1412 init_request(priv, &pp->request);
1413 pp->channel = cpu_to_le16(priv->reg.channel);
1414 pp->ssid.size = priv->reg.ssid.size;
1415 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1416
1417 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1418}
1419
1420static
1421void hostif_adhoc_set2_request(struct ks_wlan_private *priv)
1422{
1423 struct hostif_adhoc_set2_request *pp;
1424
1425 pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1426 if (!pp)
1427 return;
1428
1429 init_request(priv, &pp->request);
1430 pp->ssid.size = priv->reg.ssid.size;
1431 memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1432
1433 pp->channel_list.body[0] = priv->reg.channel;
1434 pp->channel_list.size = 1;
1435 memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN);
1436
1437 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1438}
1439
1440static
1441void hostif_stop_request(struct ks_wlan_private *priv)
1442{
1443 struct hostif_stop_request *pp;
1444
1445 pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ);
1446 if (!pp)
1447 return;
1448
1449 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1450}
1451
1452static
1453void hostif_phy_information_request(struct ks_wlan_private *priv)
1454{
1455 struct hostif_phy_information_request *pp;
1456
1457 pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ);
1458 if (!pp)
1459 return;
1460
1461 if (priv->reg.phy_info_timer) {
1462 pp->type = cpu_to_le16(TIME_TYPE);
1463 pp->time = cpu_to_le16(priv->reg.phy_info_timer);
1464 } else {
1465 pp->type = cpu_to_le16(NORMAL_TYPE);
1466 pp->time = cpu_to_le16(0);
1467 }
1468
1469 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1470}
1471
1472static
1473void hostif_power_mgmt_request(struct ks_wlan_private *priv,
1474 u32 mode, u32 wake_up, u32 receive_dtims)
1475{
1476 struct hostif_power_mgmt_request *pp;
1477
1478 pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ);
1479 if (!pp)
1480 return;
1481
1482 pp->mode = cpu_to_le32(mode);
1483 pp->wake_up = cpu_to_le32(wake_up);
1484 pp->receive_dtims = cpu_to_le32(receive_dtims);
1485
1486 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1487}
1488
1489static
1490void hostif_sleep_request(struct ks_wlan_private *priv,
1491 enum sleep_mode_type mode)
1492{
1493 struct hostif_sleep_request *pp;
1494
1495 if (mode == SLP_SLEEP) {
1496 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ);
1497 if (!pp)
1498 return;
1499
1500 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1501 } else if (mode == SLP_ACTIVE) {
1502 atomic_set(&priv->sleepstatus.wakeup_request, 1);
1503 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
1504 } else {
1505 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode);
1506 return;
1507 }
1508}
1509
1510static
1511void hostif_bss_scan_request(struct ks_wlan_private *priv,
1512 unsigned long scan_type, u8 *scan_ssid,
1513 u8 scan_ssid_len)
1514{
1515 struct hostif_bss_scan_request *pp;
1516
1517 pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ);
1518 if (!pp)
1519 return;
1520
1521 pp->scan_type = scan_type;
1522
1523 pp->ch_time_min = cpu_to_le32(110);
1524 pp->ch_time_max = cpu_to_le32(130);
1525 pp->channel_list.body[0] = 1;
1526 pp->channel_list.body[1] = 8;
1527 pp->channel_list.body[2] = 2;
1528 pp->channel_list.body[3] = 9;
1529 pp->channel_list.body[4] = 3;
1530 pp->channel_list.body[5] = 10;
1531 pp->channel_list.body[6] = 4;
1532 pp->channel_list.body[7] = 11;
1533 pp->channel_list.body[8] = 5;
1534 pp->channel_list.body[9] = 12;
1535 pp->channel_list.body[10] = 6;
1536 pp->channel_list.body[11] = 13;
1537 pp->channel_list.body[12] = 7;
1538 if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1539 pp->channel_list.size = 13;
1540 } else {
1541 pp->channel_list.body[13] = 14;
1542 pp->channel_list.size = 14;
1543 }
1544 pp->ssid.size = 0;
1545
1546
1547 if (scan_ssid_len > 0 && scan_ssid_len <= 32) {
1548 pp->ssid.size = scan_ssid_len;
1549 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len);
1550 }
1551
1552 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1553
1554 priv->aplist.size = 0;
1555 priv->scan_ind_count = 0;
1556}
1557
1558static
1559void hostif_mic_failure_request(struct ks_wlan_private *priv,
1560 u16 failure_count, u16 timer)
1561{
1562 struct hostif_mic_failure_request *pp;
1563
1564 pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ);
1565 if (!pp)
1566 return;
1567
1568 pp->failure_count = cpu_to_le16(failure_count);
1569 pp->timer = cpu_to_le16(timer);
1570
1571 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1572}
1573
1574
1575static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p,
1576 unsigned int size)
1577{
1578 if (!priv->is_device_open)
1579 return;
1580
1581 spin_lock(&priv->dev_read_lock);
1582 priv->dev_data[atomic_read(&priv->rec_count)] = p;
1583 priv->dev_size[atomic_read(&priv->rec_count)] = size;
1584
1585 if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) {
1586
1587 atomic_inc(&priv->event_count);
1588 }
1589 atomic_inc(&priv->rec_count);
1590 if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT)
1591 atomic_set(&priv->rec_count, 0);
1592
1593 wake_up_interruptible_all(&priv->devread_wait);
1594
1595 spin_unlock(&priv->dev_read_lock);
1596}
1597
1598void hostif_receive(struct ks_wlan_private *priv, unsigned char *p,
1599 unsigned int size)
1600{
1601 devio_rec_ind(priv, p, size);
1602
1603 priv->rxp = p;
1604 priv->rx_size = size;
1605
1606 if (get_word(priv) == priv->rx_size)
1607 hostif_event_check(priv);
1608}
1609
1610static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type)
1611{
1612 switch (type) {
1613 case SME_WEP_INDEX_REQUEST:
1614 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1615 priv->reg.wep_index);
1616 break;
1617 case SME_WEP_KEY1_REQUEST:
1618 if (priv->wpa.wpa_enabled)
1619 return;
1620 hostif_mib_set_request_ostring(priv,
1621 DOT11_WEP_DEFAULT_KEY_VALUE1,
1622 &priv->reg.wep_key[0].val[0],
1623 priv->reg.wep_key[0].size);
1624 break;
1625 case SME_WEP_KEY2_REQUEST:
1626 if (priv->wpa.wpa_enabled)
1627 return;
1628 hostif_mib_set_request_ostring(priv,
1629 DOT11_WEP_DEFAULT_KEY_VALUE2,
1630 &priv->reg.wep_key[1].val[0],
1631 priv->reg.wep_key[1].size);
1632 break;
1633 case SME_WEP_KEY3_REQUEST:
1634 if (priv->wpa.wpa_enabled)
1635 return;
1636 hostif_mib_set_request_ostring(priv,
1637 DOT11_WEP_DEFAULT_KEY_VALUE3,
1638 &priv->reg.wep_key[2].val[0],
1639 priv->reg.wep_key[2].size);
1640 break;
1641 case SME_WEP_KEY4_REQUEST:
1642 if (priv->wpa.wpa_enabled)
1643 return;
1644 hostif_mib_set_request_ostring(priv,
1645 DOT11_WEP_DEFAULT_KEY_VALUE4,
1646 &priv->reg.wep_key[3].val[0],
1647 priv->reg.wep_key[3].size);
1648 break;
1649 case SME_WEP_FLAG_REQUEST:
1650 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1651 priv->reg.privacy_invoked);
1652 break;
1653 }
1654}
1655
1656struct wpa_suite {
1657 __le16 size;
1658 unsigned char suite[4][CIPHER_ID_LEN];
1659} __packed;
1660
1661struct rsn_mode {
1662 __le32 rsn_mode;
1663 __le16 rsn_capability;
1664} __packed;
1665
1666static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type)
1667{
1668 struct wpa_suite wpa_suite;
1669 struct rsn_mode rsn_mode;
1670 size_t size;
1671 u32 mode;
1672 const u8 *buf = NULL;
1673
1674 memset(&wpa_suite, 0, sizeof(wpa_suite));
1675
1676 switch (type) {
1677 case SME_RSN_UCAST_REQUEST:
1678 wpa_suite.size = cpu_to_le16(1);
1679 switch (priv->wpa.pairwise_suite) {
1680 case IW_AUTH_CIPHER_NONE:
1681 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1682 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1683 break;
1684 case IW_AUTH_CIPHER_WEP40:
1685 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1686 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1687 break;
1688 case IW_AUTH_CIPHER_TKIP:
1689 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1690 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1691 break;
1692 case IW_AUTH_CIPHER_CCMP:
1693 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1694 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1695 break;
1696 case IW_AUTH_CIPHER_WEP104:
1697 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1698 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1699 break;
1700 }
1701
1702 if (buf)
1703 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1704 size = sizeof(wpa_suite.size) +
1705 (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size));
1706 hostif_mib_set_request_ostring(priv,
1707 DOT11_RSN_CONFIG_UNICAST_CIPHER,
1708 &wpa_suite, size);
1709 break;
1710 case SME_RSN_MCAST_REQUEST:
1711 switch (priv->wpa.group_suite) {
1712 case IW_AUTH_CIPHER_NONE:
1713 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1714 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1715 break;
1716 case IW_AUTH_CIPHER_WEP40:
1717 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1718 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1719 break;
1720 case IW_AUTH_CIPHER_TKIP:
1721 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1722 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1723 break;
1724 case IW_AUTH_CIPHER_CCMP:
1725 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1726 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1727 break;
1728 case IW_AUTH_CIPHER_WEP104:
1729 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1730 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1731 break;
1732 }
1733 if (buf)
1734 memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1735 hostif_mib_set_request_ostring(priv,
1736 DOT11_RSN_CONFIG_MULTICAST_CIPHER,
1737 &wpa_suite.suite[0][0],
1738 CIPHER_ID_LEN);
1739 break;
1740 case SME_RSN_AUTH_REQUEST:
1741 wpa_suite.size = cpu_to_le16(1);
1742 switch (priv->wpa.key_mgmt_suite) {
1743 case IW_AUTH_KEY_MGMT_802_1X:
1744 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1745 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X;
1746 break;
1747 case IW_AUTH_KEY_MGMT_PSK:
1748 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1749 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK;
1750 break;
1751 case 0:
1752 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1753 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE;
1754 break;
1755 case 4:
1756 buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1757 KEY_MGMT_ID_WPA2_WPANONE :
1758 KEY_MGMT_ID_WPA_WPANONE;
1759 break;
1760 }
1761
1762 if (buf)
1763 memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN);
1764 size = sizeof(wpa_suite.size) +
1765 (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size));
1766 hostif_mib_set_request_ostring(priv,
1767 DOT11_RSN_CONFIG_AUTH_SUITE,
1768 &wpa_suite, size);
1769 break;
1770 case SME_RSN_ENABLED_REQUEST:
1771 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED,
1772 priv->wpa.rsn_enabled);
1773 break;
1774 case SME_RSN_MODE_REQUEST:
1775 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1776 RSN_MODE_WPA2 :
1777 (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ?
1778 RSN_MODE_WPA : RSN_MODE_NONE;
1779 rsn_mode.rsn_mode = cpu_to_le32(mode);
1780 rsn_mode.rsn_capability = cpu_to_le16(0);
1781 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE,
1782 &rsn_mode, sizeof(rsn_mode));
1783 break;
1784 }
1785}
1786
1787static
1788void hostif_sme_mode_setup(struct ks_wlan_private *priv)
1789{
1790 unsigned char rate_size;
1791 unsigned char rate_octet[RATE_SET_MAX_SIZE];
1792 int i = 0;
1793
1794
1795 if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) {
1796 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1797 priv->reg.rate_set.body[3] = TX_RATE_11M;
1798 priv->reg.rate_set.body[2] = TX_RATE_5M;
1799 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1800 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1801 priv->reg.rate_set.size = 4;
1802 } else {
1803 priv->reg.rate_set.body[11] = TX_RATE_54M;
1804 priv->reg.rate_set.body[10] = TX_RATE_48M;
1805 priv->reg.rate_set.body[9] = TX_RATE_36M;
1806 priv->reg.rate_set.body[8] = TX_RATE_18M;
1807 priv->reg.rate_set.body[7] = TX_RATE_9M;
1808 priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE;
1809 priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE;
1810 priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE;
1811 priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE;
1812 priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE;
1813 priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1814 priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1815 priv->reg.rate_set.size = 12;
1816 }
1817 }
1818
1819
1820 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1821 for (i = 0; i < priv->reg.rate_set.size; i++) {
1822 if (!is_11b_rate(priv->reg.rate_set.body[i]))
1823 break;
1824
1825 if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) {
1826 rate_octet[i] = priv->reg.rate_set.body[i] &
1827 RATE_MASK;
1828 } else {
1829 rate_octet[i] = priv->reg.rate_set.body[i];
1830 }
1831 }
1832
1833 } else {
1834 for (i = 0; i < priv->reg.rate_set.size; i++) {
1835 if (!is_11bg_rate(priv->reg.rate_set.body[i]))
1836 break;
1837
1838 if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) {
1839 rate_octet[i] = priv->reg.rate_set.body[i] &
1840 RATE_MASK;
1841 } else {
1842 rate_octet[i] = priv->reg.rate_set.body[i];
1843 }
1844 }
1845 }
1846 rate_size = i;
1847 if (rate_size == 0) {
1848 if (priv->reg.phy_type == D_11G_ONLY_MODE)
1849 rate_octet[0] = TX_RATE_6M | BASIC_RATE;
1850 else
1851 rate_octet[0] = TX_RATE_2M | BASIC_RATE;
1852 rate_size = 1;
1853 }
1854
1855
1856 priv->reg.rate_set.size = rate_size;
1857 memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size);
1858
1859 switch (priv->reg.operation_mode) {
1860 case MODE_PSEUDO_ADHOC:
1861 hostif_ps_adhoc_set_request(priv);
1862 break;
1863 case MODE_INFRASTRUCTURE:
1864 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1865 hostif_infrastructure_set_request(priv,
1866 HIF_INFRA_SET_REQ);
1867 } else {
1868 hostif_infrastructure_set_request(priv,
1869 HIF_INFRA_SET2_REQ);
1870 netdev_dbg(priv->net_dev,
1871 "Infra bssid = %pM\n", priv->reg.bssid);
1872 }
1873 break;
1874 case MODE_ADHOC:
1875 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1876 hostif_adhoc_set_request(priv);
1877 } else {
1878 hostif_adhoc_set2_request(priv);
1879 netdev_dbg(priv->net_dev,
1880 "Adhoc bssid = %pM\n", priv->reg.bssid);
1881 }
1882 break;
1883 default:
1884 break;
1885 }
1886}
1887
1888static
1889void hostif_sme_multicast_set(struct ks_wlan_private *priv)
1890{
1891 struct net_device *dev = priv->net_dev;
1892 int mc_count;
1893 struct netdev_hw_addr *ha;
1894 char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN];
1895 int i = 0;
1896
1897 spin_lock(&priv->multicast_spin);
1898
1899 memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN);
1900
1901 if (dev->flags & IFF_PROMISC) {
1902 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1903 MCAST_FILTER_PROMISC);
1904 goto spin_unlock;
1905 }
1906
1907 if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) ||
1908 (dev->flags & IFF_ALLMULTI)) {
1909 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1910 MCAST_FILTER_MCASTALL);
1911 goto spin_unlock;
1912 }
1913
1914 if (priv->sme_i.sme_flag & SME_MULTICAST) {
1915 mc_count = netdev_mc_count(dev);
1916 netdev_for_each_mc_addr(ha, dev) {
1917 ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr);
1918 i++;
1919 }
1920 priv->sme_i.sme_flag &= ~SME_MULTICAST;
1921 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS,
1922 &set_address[0],
1923 ETH_ALEN * mc_count);
1924 } else {
1925 priv->sme_i.sme_flag |= SME_MULTICAST;
1926 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1927 MCAST_FILTER_MCAST);
1928 }
1929
1930spin_unlock:
1931 spin_unlock(&priv->multicast_spin);
1932}
1933
1934static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv)
1935{
1936 u32 mode, wake_up, receive_dtims;
1937
1938 if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 &&
1939 priv->reg.power_mgmt != POWER_MGMT_SAVE2) {
1940 mode = POWER_ACTIVE;
1941 wake_up = 0;
1942 receive_dtims = 0;
1943 } else {
1944 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ?
1945 POWER_SAVE : POWER_ACTIVE;
1946 wake_up = 0;
1947 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE &&
1948 priv->reg.power_mgmt == POWER_MGMT_SAVE2);
1949 }
1950
1951 hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims);
1952}
1953
1954static void hostif_sme_sleep_set(struct ks_wlan_private *priv)
1955{
1956 if (priv->sleep_mode != SLP_SLEEP &&
1957 priv->sleep_mode != SLP_ACTIVE)
1958 return;
1959
1960 hostif_sleep_request(priv, priv->sleep_mode);
1961}
1962
1963static
1964void hostif_sme_set_key(struct ks_wlan_private *priv, int type)
1965{
1966 switch (type) {
1967 case SME_SET_FLAG:
1968 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1969 priv->reg.privacy_invoked);
1970 break;
1971 case SME_SET_TXKEY:
1972 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1973 priv->wpa.txkey);
1974 break;
1975 case SME_SET_KEY1:
1976 hostif_mib_set_request_ostring(priv,
1977 DOT11_WEP_DEFAULT_KEY_VALUE1,
1978 &priv->wpa.key[0].key_val[0],
1979 priv->wpa.key[0].key_len);
1980 break;
1981 case SME_SET_KEY2:
1982 hostif_mib_set_request_ostring(priv,
1983 DOT11_WEP_DEFAULT_KEY_VALUE2,
1984 &priv->wpa.key[1].key_val[0],
1985 priv->wpa.key[1].key_len);
1986 break;
1987 case SME_SET_KEY3:
1988 hostif_mib_set_request_ostring(priv,
1989 DOT11_WEP_DEFAULT_KEY_VALUE3,
1990 &priv->wpa.key[2].key_val[0],
1991 priv->wpa.key[2].key_len);
1992 break;
1993 case SME_SET_KEY4:
1994 hostif_mib_set_request_ostring(priv,
1995 DOT11_WEP_DEFAULT_KEY_VALUE4,
1996 &priv->wpa.key[3].key_val[0],
1997 priv->wpa.key[3].key_len);
1998 break;
1999 case SME_SET_PMK_TSC:
2000 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC,
2001 &priv->wpa.key[0].rx_seq[0],
2002 WPA_RX_SEQ_LEN);
2003 break;
2004 case SME_SET_GMK1_TSC:
2005 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC,
2006 &priv->wpa.key[1].rx_seq[0],
2007 WPA_RX_SEQ_LEN);
2008 break;
2009 case SME_SET_GMK2_TSC:
2010 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC,
2011 &priv->wpa.key[2].rx_seq[0],
2012 WPA_RX_SEQ_LEN);
2013 break;
2014 }
2015}
2016
2017static
2018void hostif_sme_set_pmksa(struct ks_wlan_private *priv)
2019{
2020 struct pmk_cache {
2021 __le16 size;
2022 struct {
2023 u8 bssid[ETH_ALEN];
2024 u8 pmkid[IW_PMKID_LEN];
2025 } __packed list[PMK_LIST_MAX];
2026 } __packed pmkcache;
2027 struct pmk *pmk;
2028 size_t size;
2029 int i = 0;
2030
2031 list_for_each_entry(pmk, &priv->pmklist.head, list) {
2032 if (i >= PMK_LIST_MAX)
2033 break;
2034 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid);
2035 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN);
2036 i++;
2037 }
2038 pmkcache.size = cpu_to_le16(priv->pmklist.size);
2039 size = sizeof(priv->pmklist.size) +
2040 ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size);
2041 hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size);
2042}
2043
2044
2045static void hostif_sme_execute(struct ks_wlan_private *priv, int event)
2046{
2047 u16 failure;
2048
2049 switch (event) {
2050 case SME_START:
2051 if (priv->dev_state == DEVICE_STATE_BOOT)
2052 hostif_mib_get_request(priv, DOT11_MAC_ADDRESS);
2053 break;
2054 case SME_MULTICAST_REQUEST:
2055 hostif_sme_multicast_set(priv);
2056 break;
2057 case SME_MACADDRESS_SET_REQUEST:
2058 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS,
2059 &priv->eth_addr[0], ETH_ALEN);
2060 break;
2061 case SME_BSS_SCAN_REQUEST:
2062 hostif_bss_scan_request(priv, priv->reg.scan_type,
2063 priv->scan_ssid, priv->scan_ssid_len);
2064 break;
2065 case SME_POW_MNGMT_REQUEST:
2066 hostif_sme_power_mgmt_set(priv);
2067 break;
2068 case SME_PHY_INFO_REQUEST:
2069 hostif_phy_information_request(priv);
2070 break;
2071 case SME_MIC_FAILURE_REQUEST:
2072 failure = priv->wpa.mic_failure.failure;
2073 if (failure != 1 && failure != 2) {
2074 netdev_err(priv->net_dev,
2075 "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n",
2076 failure);
2077 return;
2078 }
2079 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ?
2080 0 : priv->wpa.mic_failure.counter);
2081 break;
2082 case SME_MIC_FAILURE_CONFIRM:
2083 if (priv->wpa.mic_failure.failure == 2) {
2084 if (priv->wpa.mic_failure.stop)
2085 priv->wpa.mic_failure.stop = 0;
2086 priv->wpa.mic_failure.failure = 0;
2087 hostif_start_request(priv, priv->reg.operation_mode);
2088 }
2089 break;
2090 case SME_GET_MAC_ADDRESS:
2091 if (priv->dev_state == DEVICE_STATE_BOOT)
2092 hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION);
2093 break;
2094 case SME_GET_PRODUCT_VERSION:
2095 if (priv->dev_state == DEVICE_STATE_BOOT)
2096 priv->dev_state = DEVICE_STATE_PREINIT;
2097 break;
2098 case SME_STOP_REQUEST:
2099 hostif_stop_request(priv);
2100 break;
2101 case SME_RTS_THRESHOLD_REQUEST:
2102 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD,
2103 priv->reg.rts);
2104 break;
2105 case SME_FRAGMENTATION_THRESHOLD_REQUEST:
2106 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD,
2107 priv->reg.fragment);
2108 break;
2109 case SME_WEP_INDEX_REQUEST:
2110 case SME_WEP_KEY1_REQUEST:
2111 case SME_WEP_KEY2_REQUEST:
2112 case SME_WEP_KEY3_REQUEST:
2113 case SME_WEP_KEY4_REQUEST:
2114 case SME_WEP_FLAG_REQUEST:
2115 hostif_sme_set_wep(priv, event);
2116 break;
2117 case SME_RSN_UCAST_REQUEST:
2118 case SME_RSN_MCAST_REQUEST:
2119 case SME_RSN_AUTH_REQUEST:
2120 case SME_RSN_ENABLED_REQUEST:
2121 case SME_RSN_MODE_REQUEST:
2122 hostif_sme_set_rsn(priv, event);
2123 break;
2124 case SME_SET_FLAG:
2125 case SME_SET_TXKEY:
2126 case SME_SET_KEY1:
2127 case SME_SET_KEY2:
2128 case SME_SET_KEY3:
2129 case SME_SET_KEY4:
2130 case SME_SET_PMK_TSC:
2131 case SME_SET_GMK1_TSC:
2132 case SME_SET_GMK2_TSC:
2133 hostif_sme_set_key(priv, event);
2134 break;
2135 case SME_SET_PMKSA:
2136 hostif_sme_set_pmksa(priv);
2137 break;
2138 case SME_WPS_ENABLE_REQUEST:
2139 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE,
2140 priv->wps.wps_enabled);
2141 break;
2142 case SME_WPS_PROBE_REQUEST:
2143 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ,
2144 priv->wps.ie, priv->wps.ielen);
2145 break;
2146 case SME_MODE_SET_REQUEST:
2147 hostif_sme_mode_setup(priv);
2148 break;
2149 case SME_SET_GAIN:
2150 hostif_mib_set_request_ostring(priv, LOCAL_GAIN,
2151 &priv->gain, sizeof(priv->gain));
2152 break;
2153 case SME_GET_GAIN:
2154 hostif_mib_get_request(priv, LOCAL_GAIN);
2155 break;
2156 case SME_GET_EEPROM_CKSUM:
2157 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT;
2158 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM);
2159 break;
2160 case SME_START_REQUEST:
2161 hostif_start_request(priv, priv->reg.operation_mode);
2162 break;
2163 case SME_START_CONFIRM:
2164
2165 atomic_set(&priv->psstatus.snooze_guard, 0);
2166 atomic_set(&priv->psstatus.confirm_wait, 0);
2167 if (priv->dev_state == DEVICE_STATE_PREINIT)
2168 priv->dev_state = DEVICE_STATE_INIT;
2169
2170 complete(&priv->confirm_wait);
2171 break;
2172 case SME_SLEEP_REQUEST:
2173 hostif_sme_sleep_set(priv);
2174 break;
2175 case SME_SET_REGION:
2176 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region);
2177 break;
2178 case SME_MULTICAST_CONFIRM:
2179 case SME_BSS_SCAN_CONFIRM:
2180 case SME_POW_MNGMT_CONFIRM:
2181 case SME_PHY_INFO_CONFIRM:
2182 case SME_STOP_CONFIRM:
2183 case SME_RTS_THRESHOLD_CONFIRM:
2184 case SME_FRAGMENTATION_THRESHOLD_CONFIRM:
2185 case SME_WEP_INDEX_CONFIRM:
2186 case SME_WEP_KEY1_CONFIRM:
2187 case SME_WEP_KEY2_CONFIRM:
2188 case SME_WEP_KEY3_CONFIRM:
2189 case SME_WEP_KEY4_CONFIRM:
2190 case SME_WEP_FLAG_CONFIRM:
2191 case SME_RSN_UCAST_CONFIRM:
2192 case SME_RSN_MCAST_CONFIRM:
2193 case SME_RSN_AUTH_CONFIRM:
2194 case SME_RSN_ENABLED_CONFIRM:
2195 case SME_RSN_MODE_CONFIRM:
2196 case SME_MODE_SET_CONFIRM:
2197 case SME_TERMINATE:
2198 default:
2199 break;
2200 }
2201}
2202
2203static
2204void hostif_sme_task(struct tasklet_struct *t)
2205{
2206 struct ks_wlan_private *priv = from_tasklet(priv, t, sme_task);
2207
2208 if (priv->dev_state < DEVICE_STATE_BOOT)
2209 return;
2210
2211 if (cnt_smeqbody(priv) <= 0)
2212 return;
2213
2214 hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]);
2215 inc_smeqhead(priv);
2216 if (cnt_smeqbody(priv) > 0)
2217 tasklet_schedule(&priv->sme_task);
2218}
2219
2220
2221void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event)
2222{
2223
2224 if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) {
2225 priv->sme_i.event_buff[priv->sme_i.qtail] = event;
2226 inc_smeqtail(priv);
2227 } else {
2228
2229 netdev_err(priv->net_dev, "sme queue buffer overflow\n");
2230 }
2231
2232 tasklet_schedule(&priv->sme_task);
2233}
2234
2235static inline void hostif_aplist_init(struct ks_wlan_private *priv)
2236{
2237 size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap);
2238
2239 priv->aplist.size = 0;
2240 memset(&priv->aplist.ap[0], 0, size);
2241}
2242
2243static inline void hostif_status_init(struct ks_wlan_private *priv)
2244{
2245 priv->infra_status = 0;
2246 priv->current_rate = 4;
2247 priv->connect_status = DISCONNECT_STATUS;
2248}
2249
2250static inline void hostif_sme_init(struct ks_wlan_private *priv)
2251{
2252 priv->sme_i.sme_status = SME_IDLE;
2253 priv->sme_i.qhead = 0;
2254 priv->sme_i.qtail = 0;
2255 spin_lock_init(&priv->sme_i.sme_spin);
2256 priv->sme_i.sme_flag = 0;
2257 tasklet_setup(&priv->sme_task, hostif_sme_task);
2258}
2259
2260static inline void hostif_wpa_init(struct ks_wlan_private *priv)
2261{
2262 memset(&priv->wpa, 0, sizeof(priv->wpa));
2263 priv->wpa.rsn_enabled = false;
2264 priv->wpa.mic_failure.failure = 0;
2265 priv->wpa.mic_failure.last_failure_time = 0;
2266 priv->wpa.mic_failure.stop = 0;
2267}
2268
2269static inline void hostif_power_save_init(struct ks_wlan_private *priv)
2270{
2271 atomic_set(&priv->psstatus.status, PS_NONE);
2272 atomic_set(&priv->psstatus.confirm_wait, 0);
2273 atomic_set(&priv->psstatus.snooze_guard, 0);
2274 init_completion(&priv->psstatus.wakeup_wait);
2275 INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task);
2276}
2277
2278static inline void hostif_pmklist_init(struct ks_wlan_private *priv)
2279{
2280 int i;
2281
2282 memset(&priv->pmklist, 0, sizeof(priv->pmklist));
2283 INIT_LIST_HEAD(&priv->pmklist.head);
2284 for (i = 0; i < PMK_LIST_MAX; i++)
2285 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list);
2286}
2287
2288static inline void hostif_counters_init(struct ks_wlan_private *priv)
2289{
2290 priv->dev_count = 0;
2291 atomic_set(&priv->event_count, 0);
2292 atomic_set(&priv->rec_count, 0);
2293}
2294
2295int hostif_init(struct ks_wlan_private *priv)
2296{
2297 hostif_aplist_init(priv);
2298 hostif_status_init(priv);
2299
2300 spin_lock_init(&priv->multicast_spin);
2301 spin_lock_init(&priv->dev_read_lock);
2302 init_waitqueue_head(&priv->devread_wait);
2303
2304 hostif_counters_init(priv);
2305 hostif_power_save_init(priv);
2306 hostif_wpa_init(priv);
2307 hostif_pmklist_init(priv);
2308 hostif_sme_init(priv);
2309
2310 return 0;
2311}
2312
2313void hostif_exit(struct ks_wlan_private *priv)
2314{
2315 tasklet_kill(&priv->sme_task);
2316}
2317