1 // SPDX-License-Identifier: GPL-2.0
2 /******************************************************************************
3 *
4 * Copyright(c) 2003 - 2004 Intel Corporation. All rights reserved.
5 *
6 * Contact Information:
7 * James P. Ketrenos <ipw2100-admin@linux.intel.com>
8 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
9 *
10 *
11 * Few modifications for Realtek's Wi-Fi drivers by
12 * Andrea Merello <andrea.merello@gmail.com>
13 *
14 * A special thanks goes to Realtek for their support !
15 *
16 ******************************************************************************/
17
18 #include <linux/compiler.h>
19 #include <linux/errno.h>
20 #include <linux/if_arp.h>
21 #include <linux/in6.h>
22 #include <linux/in.h>
23 #include <linux/ip.h>
24 #include <linux/kernel.h>
25 #include <linux/module.h>
26 #include <linux/netdevice.h>
27 #include <linux/pci.h>
28 #include <linux/proc_fs.h>
29 #include <linux/skbuff.h>
30 #include <linux/slab.h>
31 #include <linux/tcp.h>
32 #include <linux/types.h>
33 #include <linux/wireless.h>
34 #include <linux/etherdevice.h>
35 #include <linux/uaccess.h>
36 #include <linux/if_vlan.h>
37
38 #include "ieee80211.h"
39
40
41 /*
42 *
43 *
44 * 802.11 Data Frame
45 *
46 *
47 * 802.11 frame_contorl for data frames - 2 bytes
48 * ,-----------------------------------------------------------------------------------------.
49 * bits | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | a | b | c | d | e |
50 * |----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------|
51 * val | 0 | 0 | 0 | 1 | x | 0 | 0 | 0 | 1 | 0 | x | x | x | x | x |
52 * |----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------|
53 * desc | ^-ver-^ | ^type-^ | ^-----subtype-----^ | to |from |more |retry| pwr |more |wep |
54 * | | | x=0 data,x=1 data+ack | DS | DS |frag | | mgm |data | |
55 * '-----------------------------------------------------------------------------------------'
56 * /\
57 * |
58 * 802.11 Data Frame |
59 * ,--------- 'ctrl' expands to >-----------'
60 * |
61 * ,--'---,-------------------------------------------------------------.
62 * Bytes | 2 | 2 | 6 | 6 | 6 | 2 | 0..2312 | 4 |
63 * |------|------|---------|---------|---------|------|---------|------|
64 * Desc. | ctrl | dura | DA/RA | TA | SA | Sequ | Frame | fcs |
65 * | | tion | (BSSID) | | | ence | data | |
66 * `--------------------------------------------------| |------'
67 * Total: 28 non-data bytes `----.----'
68 * |
69 * .- 'Frame data' expands to <---------------------------'
70 * |
71 * V
72 * ,---------------------------------------------------.
73 * Bytes | 1 | 1 | 1 | 3 | 2 | 0-2304 |
74 * |------|------|---------|----------|------|---------|
75 * Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP |
76 * | DSAP | SSAP | | | | Packet |
77 * | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8| | |
78 * `-----------------------------------------| |
79 * Total: 8 non-data bytes `----.----'
80 * |
81 * .- 'IP Packet' expands, if WEP enabled, to <--'
82 * |
83 * V
84 * ,-----------------------.
85 * Bytes | 4 | 0-2296 | 4 |
86 * |-----|-----------|-----|
87 * Desc. | IV | Encrypted | ICV |
88 * | | IP Packet | |
89 * `-----------------------'
90 * Total: 8 non-data bytes
91 *
92 *
93 * 802.3 Ethernet Data Frame
94 *
95 * ,-----------------------------------------.
96 * Bytes | 6 | 6 | 2 | Variable | 4 |
97 * |-------|-------|------|-----------|------|
98 * Desc. | Dest. | Source| Type | IP Packet | fcs |
99 * | MAC | MAC | | | |
100 * `-----------------------------------------'
101 * Total: 18 non-data bytes
102 *
103 * In the event that fragmentation is required, the incoming payload is split into
104 * N parts of size ieee->fts. The first fragment contains the SNAP header and the
105 * remaining packets are just data.
106 *
107 * If encryption is enabled, each fragment payload size is reduced by enough space
108 * to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
109 * So if you have 1500 bytes of payload with ieee->fts set to 500 without
110 * encryption it will take 3 frames. With WEP it will take 4 frames as the
111 * payload of each frame is reduced to 492 bytes.
112 *
113 * SKB visualization
114 *
115 * ,- skb->data
116 * |
117 * | ETHERNET HEADER ,-<-- PAYLOAD
118 * | | 14 bytes from skb->data
119 * | 2 bytes for Type --> ,T. | (sizeof ethhdr)
120 * | | | |
121 * |,-Dest.--. ,--Src.---. | | |
122 * | 6 bytes| | 6 bytes | | | |
123 * v | | | | | |
124 * 0 | v 1 | v | v 2
125 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
126 * ^ | ^ | ^ |
127 * | | | | | |
128 * | | | | `T' <---- 2 bytes for Type
129 * | | | |
130 * | | '---SNAP--' <-------- 6 bytes for SNAP
131 * | |
132 * `-IV--' <-------------------- 4 bytes for IV (WEP)
133 *
134 * SNAP HEADER
135 *
136 */
137
138 static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
139 static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
140
141 static inline int ieee80211_put_snap(u8 *data, u16 h_proto)
142 {
143 struct ieee80211_snap_hdr *snap;
144 u8 *oui;
145
146 snap = (struct ieee80211_snap_hdr *)data;
147 snap->dsap = 0xaa;
148 snap->ssap = 0xaa;
149 snap->ctrl = 0x03;
150
151 if (h_proto == 0x8137 || h_proto == 0x80f3)
152 oui = P802_1H_OUI;
153 else
154 oui = RFC1042_OUI;
155 snap->oui[0] = oui[0];
156 snap->oui[1] = oui[1];
157 snap->oui[2] = oui[2];
158
159 *(__be16 *)(data + SNAP_SIZE) = htons(h_proto);
160
161 return SNAP_SIZE + sizeof(u16);
162 }
163
164 int ieee80211_encrypt_fragment(
165 struct ieee80211_device *ieee,
166 struct sk_buff *frag,
167 int hdr_len)
168 {
169 struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
170 int res;
171
172 if (!(crypt && crypt->ops)) {
173 printk("=========>%s(), crypt is null\n", __func__);
174 return -1;
175 }
176
177 if (ieee->tkip_countermeasures &&
178 crypt && crypt->ops && strcmp(crypt->ops->name, "TKIP") == 0) {
179 if (net_ratelimit()) {
180 struct rtl_80211_hdr_3addrqos *header;
181
182 header = (struct rtl_80211_hdr_3addrqos *)frag->data;
183 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped "
184 "TX packet to %pM\n",
185 ieee->dev->name, header->addr1);
186 }
187 return -1;
188 }
189
190 /* To encrypt, frame format is:
191 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes)
192 */
193
194 // PR: FIXME: Copied from hostap. Check fragmentation/MSDU/MPDU encryption.
195 /* Host-based IEEE 802.11 fragmentation for TX is not yet supported, so
196 * call both MSDU and MPDU encryption functions from here.
197 */
198 atomic_inc(&crypt->refcnt);
199 res = 0;
200 if (crypt->ops->encrypt_msdu)
201 res = crypt->ops->encrypt_msdu(frag, hdr_len, crypt->priv);
202 if (res == 0 && crypt->ops->encrypt_mpdu)
203 res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv);
204
205 atomic_dec(&crypt->refcnt);
206 if (res < 0) {
207 printk(KERN_INFO "%s: Encryption failed: len=%d.\n",
208 ieee->dev->name, frag->len);
209 ieee->ieee_stats.tx_discards++;
210 return -1;
211 }
212
213 return 0;
214 }
215
216
217 void ieee80211_txb_free(struct ieee80211_txb *txb)
218 {
219 //int i;
220 if (unlikely(!txb))
221 return;
222 kfree(txb);
223 }
224 EXPORT_SYMBOL(ieee80211_txb_free);
225
226 static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
227 gfp_t gfp_mask)
228 {
229 struct ieee80211_txb *txb;
230 int i;
231 txb = kmalloc(
232 sizeof(struct ieee80211_txb) + (sizeof(u8 *) * nr_frags),
233 gfp_mask);
234 if (!txb)
235 return NULL;
236
237 memset(txb, 0, sizeof(struct ieee80211_txb));
238 txb->nr_frags = nr_frags;
239 txb->frag_size = __cpu_to_le16(txb_size);
240
241 for (i = 0; i < nr_frags; i++) {
242 txb->fragments[i] = dev_alloc_skb(txb_size);
243 if (unlikely(!txb->fragments[i])) {
244 i--;
245 break;
246 }
247 memset(txb->fragments[i]->cb, 0, sizeof(txb->fragments[i]->cb));
248 }
249 if (unlikely(i != nr_frags)) {
250 while (i >= 0)
251 dev_kfree_skb_any(txb->fragments[i--]);
252 kfree(txb);
253 return NULL;
254 }
255 return txb;
256 }
257
258 // Classify the to-be send data packet
259 // Need to acquire the sent queue index.
260 static int
261 ieee80211_classify(struct sk_buff *skb, struct ieee80211_network *network)
262 {
263 struct ethhdr *eth;
264 struct iphdr *ip;
265 eth = (struct ethhdr *)skb->data;
266 if (eth->h_proto != htons(ETH_P_IP))
267 return 0;
268
269 ip = ip_hdr(skb);
270 switch (ip->tos & 0xfc) {
271 case 0x20:
272 return 2;
273 case 0x40:
274 return 1;
275 case 0x60:
276 return 3;
277 case 0x80:
278 return 4;
279 case 0xa0:
280 return 5;
281 case 0xc0:
282 return 6;
283 case 0xe0:
284 return 7;
285 default:
286 return 0;
287 }
288 }
289
290 static void ieee80211_tx_query_agg_cap(struct ieee80211_device *ieee,
291 struct sk_buff *skb, struct cb_desc *tcb_desc)
292 {
293 PRT_HIGH_THROUGHPUT pHTInfo = ieee->pHTInfo;
294 struct tx_ts_record *pTxTs = NULL;
295 struct rtl_80211_hdr_1addr *hdr = (struct rtl_80211_hdr_1addr *)skb->data;
296
297 if (!pHTInfo->bCurrentHTSupport || !pHTInfo->bEnableHT)
298 return;
299 if (!IsQoSDataFrame(skb->data))
300 return;
301
302 if (is_multicast_ether_addr(hdr->addr1))
303 return;
304 //check packet and mode later
305 if (!ieee->GetNmodeSupportBySecCfg(ieee->dev)) {
306 return;
307 }
308 if (pHTInfo->bCurrentAMPDUEnable) {
309 if (!GetTs(ieee, (struct ts_common_info **)(&pTxTs), hdr->addr1, skb->priority, TX_DIR, true)) {
310 printk("===>can't get TS\n");
311 return;
312 }
313 if (!pTxTs->tx_admitted_ba_record.valid) {
314 TsStartAddBaProcess(ieee, pTxTs);
315 goto FORCED_AGG_SETTING;
316 } else if (!pTxTs->using_ba) {
317 if (SN_LESS(pTxTs->tx_admitted_ba_record.start_seq_ctrl.field.seq_num, (pTxTs->tx_cur_seq + 1) % 4096))
318 pTxTs->using_ba = true;
319 else
320 goto FORCED_AGG_SETTING;
321 }
322
323 if (ieee->iw_mode == IW_MODE_INFRA) {
324 tcb_desc->bAMPDUEnable = true;
325 tcb_desc->ampdu_factor = pHTInfo->CurrentAMPDUFactor;
326 tcb_desc->ampdu_density = pHTInfo->CurrentMPDUDensity;
327 }
328 }
329 FORCED_AGG_SETTING:
330 switch (pHTInfo->ForcedAMPDUMode) {
331 case HT_AGG_AUTO:
332 break;
333
334 case HT_AGG_FORCE_ENABLE:
335 tcb_desc->bAMPDUEnable = true;
336 tcb_desc->ampdu_density = pHTInfo->ForcedMPDUDensity;
337 tcb_desc->ampdu_factor = pHTInfo->ForcedAMPDUFactor;
338 break;
339
340 case HT_AGG_FORCE_DISABLE:
341 tcb_desc->bAMPDUEnable = false;
342 tcb_desc->ampdu_density = 0;
343 tcb_desc->ampdu_factor = 0;
344 break;
345
346 }
347 return;
348 }
349
350 static void ieee80211_qurey_ShortPreambleMode(struct ieee80211_device *ieee,
351 struct cb_desc *tcb_desc)
352 {
353 tcb_desc->bUseShortPreamble = false;
354 if (tcb_desc->data_rate == 2) {//// 1M can only use Long Preamble. 11B spec
355 return;
356 } else if (ieee->current_network.capability & WLAN_CAPABILITY_SHORT_PREAMBLE) {
357 tcb_desc->bUseShortPreamble = true;
358 }
359 return;
360 }
361 static void
362 ieee80211_query_HTCapShortGI(struct ieee80211_device *ieee, struct cb_desc *tcb_desc)
363 {
364 PRT_HIGH_THROUGHPUT pHTInfo = ieee->pHTInfo;
365
366 tcb_desc->bUseShortGI = false;
367
368 if (!pHTInfo->bCurrentHTSupport || !pHTInfo->bEnableHT)
369 return;
370
371 if (pHTInfo->bForcedShortGI) {
372 tcb_desc->bUseShortGI = true;
373 return;
374 }
375
376 if ((pHTInfo->bCurBW40MHz == true) && pHTInfo->bCurShortGI40MHz)
377 tcb_desc->bUseShortGI = true;
378 else if ((pHTInfo->bCurBW40MHz == false) && pHTInfo->bCurShortGI20MHz)
379 tcb_desc->bUseShortGI = true;
380 }
381
382 static void ieee80211_query_BandwidthMode(struct ieee80211_device *ieee,
383 struct cb_desc *tcb_desc)
384 {
385 PRT_HIGH_THROUGHPUT pHTInfo = ieee->pHTInfo;
386
387 tcb_desc->bPacketBW = false;
388
389 if (!pHTInfo->bCurrentHTSupport || !pHTInfo->bEnableHT)
390 return;
391
392 if (tcb_desc->bMulticast || tcb_desc->bBroadcast)
393 return;
394
395 if ((tcb_desc->data_rate & 0x80) == 0) // If using legacy rate, it shall use 20MHz channel.
396 return;
397 //BandWidthAutoSwitch is for auto switch to 20 or 40 in long distance
398 if (pHTInfo->bCurBW40MHz && pHTInfo->bCurTxBW40MHz && !ieee->bandwidth_auto_switch.bforced_tx20Mhz)
399 tcb_desc->bPacketBW = true;
400 return;
401 }
402
403 static void ieee80211_query_protectionmode(struct ieee80211_device *ieee,
404 struct cb_desc *tcb_desc,
405 struct sk_buff *skb)
406 {
407 // Common Settings
408 tcb_desc->bRTSSTBC = false;
409 tcb_desc->bRTSUseShortGI = false; // Since protection frames are always sent by legacy rate, ShortGI will never be used.
410 tcb_desc->bCTSEnable = false; // Most of protection using RTS/CTS
411 tcb_desc->RTSSC = 0; // 20MHz: Don't care; 40MHz: Duplicate.
412 tcb_desc->bRTSBW = false; // RTS frame bandwidth is always 20MHz
413
414 if (tcb_desc->bBroadcast || tcb_desc->bMulticast) //only unicast frame will use rts/cts
415 return;
416
417 if (is_broadcast_ether_addr(skb->data + 16)) //check addr3 as infrastructure add3 is DA.
418 return;
419
420 if (ieee->mode < IEEE_N_24G) /* b, g mode */ {
421 // (1) RTS_Threshold is compared to the MPDU, not MSDU.
422 // (2) If there are more than one frag in this MSDU, only the first frag uses protection frame.
423 // Other fragments are protected by previous fragment.
424 // So we only need to check the length of first fragment.
425 if (skb->len > ieee->rts) {
426 tcb_desc->bRTSEnable = true;
427 tcb_desc->rts_rate = MGN_24M;
428 } else if (ieee->current_network.buseprotection) {
429 // Use CTS-to-SELF in protection mode.
430 tcb_desc->bRTSEnable = true;
431 tcb_desc->bCTSEnable = true;
432 tcb_desc->rts_rate = MGN_24M;
433 }
434 //otherwise return;
435 return;
436 } else { // 11n High throughput case.
437 PRT_HIGH_THROUGHPUT pHTInfo = ieee->pHTInfo;
438 while (true) {
439 //check ERP protection
440 if (ieee->current_network.buseprotection) {// CTS-to-SELF
441 tcb_desc->bRTSEnable = true;
442 tcb_desc->bCTSEnable = true;
443 tcb_desc->rts_rate = MGN_24M;
444 break;
445 }
446 //check HT op mode
447 if (pHTInfo->bCurrentHTSupport && pHTInfo->bEnableHT) {
448 u8 HTOpMode = pHTInfo->CurrentOpMode;
449 if ((pHTInfo->bCurBW40MHz && (HTOpMode == 2 || HTOpMode == 3)) ||
450 (!pHTInfo->bCurBW40MHz && HTOpMode == 3)) {
451 tcb_desc->rts_rate = MGN_24M; // Rate is 24Mbps.
452 tcb_desc->bRTSEnable = true;
453 break;
454 }
455 }
456 //check rts
457 if (skb->len > ieee->rts) {
458 tcb_desc->rts_rate = MGN_24M; // Rate is 24Mbps.
459 tcb_desc->bRTSEnable = true;
460 break;
461 }
462 //to do list: check MIMO power save condition.
463 //check AMPDU aggregation for TXOP
464 if (tcb_desc->bAMPDUEnable) {
465 tcb_desc->rts_rate = MGN_24M; // Rate is 24Mbps.
466 // According to 8190 design, firmware sends CF-End only if RTS/CTS is enabled. However, it degrads
467 // throughput around 10M, so we disable of this mechanism. 2007.08.03 by Emily
468 tcb_desc->bRTSEnable = false;
469 break;
470 }
471 //check IOT action
472 if (pHTInfo->IOTAction & HT_IOT_ACT_FORCED_CTS2SELF) {
473 tcb_desc->bCTSEnable = true;
474 tcb_desc->rts_rate = MGN_24M;
475 tcb_desc->bRTSEnable = true;
476 break;
477 }
478 // Totally no protection case!!
479 goto NO_PROTECTION;
480 }
481 }
482 // For test , CTS replace with RTS
483 if (0) {
484 tcb_desc->bCTSEnable = true;
485 tcb_desc->rts_rate = MGN_24M;
486 tcb_desc->bRTSEnable = true;
487 }
488 if (ieee->current_network.capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
489 tcb_desc->bUseShortPreamble = true;
490 if (ieee->mode == IW_MODE_MASTER)
491 goto NO_PROTECTION;
492 return;
493 NO_PROTECTION:
494 tcb_desc->bRTSEnable = false;
495 tcb_desc->bCTSEnable = false;
496 tcb_desc->rts_rate = 0;
497 tcb_desc->RTSSC = 0;
498 tcb_desc->bRTSBW = false;
499 }
500
501
502 static void ieee80211_txrate_selectmode(struct ieee80211_device *ieee,
503 struct cb_desc *tcb_desc)
504 {
505 if (ieee->bTxDisableRateFallBack)
506 tcb_desc->bTxDisableRateFallBack = true;
507
508 if (ieee->bTxUseDriverAssingedRate)
509 tcb_desc->bTxUseDriverAssingedRate = true;
510 if (!tcb_desc->bTxDisableRateFallBack || !tcb_desc->bTxUseDriverAssingedRate) {
511 if (ieee->iw_mode == IW_MODE_INFRA || ieee->iw_mode == IW_MODE_ADHOC)
512 tcb_desc->RATRIndex = 0;
513 }
514 }
515
516 static void ieee80211_query_seqnum(struct ieee80211_device *ieee,
517 struct sk_buff *skb, u8 *dst)
518 {
519 if (is_multicast_ether_addr(dst))
520 return;
521 if (IsQoSDataFrame(skb->data)) /* we deal qos data only */ {
522 struct tx_ts_record *pTS = NULL;
523 if (!GetTs(ieee, (struct ts_common_info **)(&pTS), dst, skb->priority, TX_DIR, true)) {
524 return;
525 }
526 pTS->tx_cur_seq = (pTS->tx_cur_seq + 1) % 4096;
527 }
528 }
529
530 int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
531 {
532 struct ieee80211_device *ieee = netdev_priv(dev);
533 struct ieee80211_txb *txb = NULL;
534 struct rtl_80211_hdr_3addrqos *frag_hdr;
535 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size;
536 unsigned long flags;
537 struct net_device_stats *stats = &ieee->stats;
538 int ether_type = 0, encrypt;
539 int bytes, fc, qos_ctl = 0, hdr_len;
540 struct sk_buff *skb_frag;
541 struct rtl_80211_hdr_3addrqos header = { /* Ensure zero initialized */
542 .duration_id = 0,
543 .seq_ctl = 0,
544 .qos_ctl = 0
545 };
546 u8 dest[ETH_ALEN], src[ETH_ALEN];
547 int qos_actived = ieee->current_network.qos_data.active;
548
549 struct ieee80211_crypt_data *crypt;
550
551 struct cb_desc *tcb_desc;
552
553 spin_lock_irqsave(&ieee->lock, flags);
554
555 /* If there is no driver handler to take the TXB, dont' bother
556 * creating it...
557 */
558 if ((!ieee->hard_start_xmit && !(ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE)) ||
559 ((!ieee->softmac_data_hard_start_xmit && (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE)))) {
560 printk(KERN_WARNING "%s: No xmit handler.\n",
561 ieee->dev->name);
562 goto success;
563 }
564
565
566 if (likely(ieee->raw_tx == 0)) {
567 if (unlikely(skb->len < SNAP_SIZE + sizeof(u16))) {
568 printk(KERN_WARNING "%s: skb too small (%d).\n",
569 ieee->dev->name, skb->len);
570 goto success;
571 }
572
573 memset(skb->cb, 0, sizeof(skb->cb));
574 ether_type = ntohs(((struct ethhdr *)skb->data)->h_proto);
575
576 crypt = ieee->crypt[ieee->tx_keyidx];
577
578 encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
579 ieee->host_encrypt && crypt && crypt->ops;
580
581 if (!encrypt && ieee->ieee802_1x &&
582 ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
583 stats->tx_dropped++;
584 goto success;
585 }
586 #ifdef CONFIG_IEEE80211_DEBUG
587 if (crypt && !encrypt && ether_type == ETH_P_PAE) {
588 struct eapol *eap = (struct eapol *)(skb->data +
589 sizeof(struct ethhdr) - SNAP_SIZE - sizeof(u16));
590 IEEE80211_DEBUG_EAP("TX: IEEE 802.11 EAPOL frame: %s\n",
591 eap_get_type(eap->type));
592 }
593 #endif
594
595 /* Save source and destination addresses */
596 memcpy(&dest, skb->data, ETH_ALEN);
597 memcpy(&src, skb->data + ETH_ALEN, ETH_ALEN);
598
599 /* Advance the SKB to the start of the payload */
600 skb_pull(skb, sizeof(struct ethhdr));
601
602 /* Determine total amount of storage required for TXB packets */
603 bytes = skb->len + SNAP_SIZE + sizeof(u16);
604
605 if (encrypt)
606 fc = IEEE80211_FTYPE_DATA | IEEE80211_FCTL_WEP;
607 else
608
609 fc = IEEE80211_FTYPE_DATA;
610
611 //if(ieee->current_network.QoS_Enable)
612 if (qos_actived)
613 fc |= IEEE80211_STYPE_QOS_DATA;
614 else
615 fc |= IEEE80211_STYPE_DATA;
616
617 if (ieee->iw_mode == IW_MODE_INFRA) {
618 fc |= IEEE80211_FCTL_TODS;
619 /* To DS: Addr1 = BSSID, Addr2 = SA,
620 * Addr3 = DA
621 */
622 memcpy(&header.addr1, ieee->current_network.bssid, ETH_ALEN);
623 memcpy(&header.addr2, &src, ETH_ALEN);
624 memcpy(&header.addr3, &dest, ETH_ALEN);
625 } else if (ieee->iw_mode == IW_MODE_ADHOC) {
626 /* not From/To DS: Addr1 = DA, Addr2 = SA,
627 * Addr3 = BSSID
628 */
629 memcpy(&header.addr1, dest, ETH_ALEN);
630 memcpy(&header.addr2, src, ETH_ALEN);
631 memcpy(&header.addr3, ieee->current_network.bssid, ETH_ALEN);
632 }
633
634 header.frame_ctl = cpu_to_le16(fc);
635
636 /* Determine fragmentation size based on destination (multicast
637 * and broadcast are not fragmented)
638 */
639 if (is_multicast_ether_addr(header.addr1)) {
640 frag_size = MAX_FRAG_THRESHOLD;
641 qos_ctl |= QOS_CTL_NOTCONTAIN_ACK;
642 } else {
643 frag_size = ieee->fts;//default:392
644 qos_ctl = 0;
645 }
646
647 //if (ieee->current_network.QoS_Enable)
648 if (qos_actived) {
649 hdr_len = IEEE80211_3ADDR_LEN + 2;
650
651 skb->priority = ieee80211_classify(skb, &ieee->current_network);
652 qos_ctl |= skb->priority; //set in the ieee80211_classify
653 header.qos_ctl = cpu_to_le16(qos_ctl & IEEE80211_QOS_TID);
654 } else {
655 hdr_len = IEEE80211_3ADDR_LEN;
656 }
657 /* Determine amount of payload per fragment. Regardless of if
658 * this stack is providing the full 802.11 header, one will
659 * eventually be affixed to this fragment -- so we must account for
660 * it when determining the amount of payload space.
661 */
662 bytes_per_frag = frag_size - hdr_len;
663 if (ieee->config &
664 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
665 bytes_per_frag -= IEEE80211_FCS_LEN;
666
667 /* Each fragment may need to have room for encryption pre/postfix */
668 if (encrypt)
669 bytes_per_frag -= crypt->ops->extra_prefix_len +
670 crypt->ops->extra_postfix_len;
671
672 /* Number of fragments is the total bytes_per_frag /
673 * payload_per_fragment
674 */
675 nr_frags = bytes / bytes_per_frag;
676 bytes_last_frag = bytes % bytes_per_frag;
677 if (bytes_last_frag)
678 nr_frags++;
679 else
680 bytes_last_frag = bytes_per_frag;
681
682 /* When we allocate the TXB we allocate enough space for the reserve
683 * and full fragment bytes (bytes_per_frag doesn't include prefix,
684 * postfix, header, FCS, etc.)
685 */
686 txb = ieee80211_alloc_txb(nr_frags, frag_size + ieee->tx_headroom, GFP_ATOMIC);
687 if (unlikely(!txb)) {
688 printk(KERN_WARNING "%s: Could not allocate TXB\n",
689 ieee->dev->name);
690 goto failed;
691 }
692 txb->encrypted = encrypt;
693 txb->payload_size = __cpu_to_le16(bytes);
694
695 //if (ieee->current_network.QoS_Enable)
696 if (qos_actived)
697 txb->queue_index = UP2AC(skb->priority);
698 else
699 txb->queue_index = WME_AC_BK;
700
701
702
703 for (i = 0; i < nr_frags; i++) {
704 skb_frag = txb->fragments[i];
705 tcb_desc = (struct cb_desc *)(skb_frag->cb + MAX_DEV_ADDR_SIZE);
706 if (qos_actived) {
707 skb_frag->priority = skb->priority;//UP2AC(skb->priority);
708 tcb_desc->queue_index = UP2AC(skb->priority);
709 } else {
710 skb_frag->priority = WME_AC_BK;
711 tcb_desc->queue_index = WME_AC_BK;
712 }
713 skb_reserve(skb_frag, ieee->tx_headroom);
714
715 if (encrypt) {
716 if (ieee->hwsec_active)
717 tcb_desc->bHwSec = 1;
718 else
719 tcb_desc->bHwSec = 0;
720 skb_reserve(skb_frag, crypt->ops->extra_prefix_len);
721 } else {
722 tcb_desc->bHwSec = 0;
723 }
724 frag_hdr = skb_put_data(skb_frag, &header, hdr_len);
725
726 /* If this is not the last fragment, then add the MOREFRAGS
727 * bit to the frame control
728 */
729 if (i != nr_frags - 1) {
730 frag_hdr->frame_ctl = cpu_to_le16(
731 fc | IEEE80211_FCTL_MOREFRAGS);
732 bytes = bytes_per_frag;
733
734 } else {
735 /* The last fragment takes the remaining length */
736 bytes = bytes_last_frag;
737 }
738 //if(ieee->current_network.QoS_Enable)
739 if (qos_actived) {
740 // add 1 only indicate to corresponding seq number control 2006/7/12
741 frag_hdr->seq_ctl = cpu_to_le16(ieee->seq_ctrl[UP2AC(skb->priority) + 1] << 4 | i);
742 } else {
743 frag_hdr->seq_ctl = cpu_to_le16(ieee->seq_ctrl[0] << 4 | i);
744 }
745
746 /* Put a SNAP header on the first fragment */
747 if (i == 0) {
748 ieee80211_put_snap(
749 skb_put(skb_frag, SNAP_SIZE + sizeof(u16)),
750 ether_type);
751 bytes -= SNAP_SIZE + sizeof(u16);
752 }
753
754 skb_put_data(skb_frag, skb->data, bytes);
755
756 /* Advance the SKB... */
757 skb_pull(skb, bytes);
758
759 /* Encryption routine will move the header forward in order
760 * to insert the IV between the header and the payload
761 */
762 if (encrypt)
763 ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
764 if (ieee->config &
765 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
766 skb_put(skb_frag, 4);
767 }
768
769 if (qos_actived) {
770 if (ieee->seq_ctrl[UP2AC(skb->priority) + 1] == 0xFFF)
771 ieee->seq_ctrl[UP2AC(skb->priority) + 1] = 0;
772 else
773 ieee->seq_ctrl[UP2AC(skb->priority) + 1]++;
774 } else {
775 if (ieee->seq_ctrl[0] == 0xFFF)
776 ieee->seq_ctrl[0] = 0;
777 else
778 ieee->seq_ctrl[0]++;
779 }
780 } else {
781 if (unlikely(skb->len < sizeof(struct rtl_80211_hdr_3addr))) {
782 printk(KERN_WARNING "%s: skb too small (%d).\n",
783 ieee->dev->name, skb->len);
784 goto success;
785 }
786
787 txb = ieee80211_alloc_txb(1, skb->len, GFP_ATOMIC);
788 if (!txb) {
789 printk(KERN_WARNING "%s: Could not allocate TXB\n",
790 ieee->dev->name);
791 goto failed;
792 }
793
794 txb->encrypted = 0;
795 txb->payload_size = __cpu_to_le16(skb->len);
796 skb_put_data(txb->fragments[0], skb->data, skb->len);
797 }
798
799 success:
800 //WB add to fill data tcb_desc here. only first fragment is considered, need to change, and you may remove to other place.
801 if (txb) {
802 struct cb_desc *tcb_desc = (struct cb_desc *)(txb->fragments[0]->cb + MAX_DEV_ADDR_SIZE);
803 tcb_desc->bTxEnableFwCalcDur = 1;
804 if (is_multicast_ether_addr(header.addr1))
805 tcb_desc->bMulticast = 1;
806 if (is_broadcast_ether_addr(header.addr1))
807 tcb_desc->bBroadcast = 1;
808 ieee80211_txrate_selectmode(ieee, tcb_desc);
809 if (tcb_desc->bMulticast || tcb_desc->bBroadcast)
810 tcb_desc->data_rate = ieee->basic_rate;
811 else
812 tcb_desc->data_rate = CURRENT_RATE(ieee->mode, ieee->rate, ieee->HTCurrentOperaRate);
813 ieee80211_qurey_ShortPreambleMode(ieee, tcb_desc);
814 ieee80211_tx_query_agg_cap(ieee, txb->fragments[0], tcb_desc);
815 ieee80211_query_HTCapShortGI(ieee, tcb_desc);
816 ieee80211_query_BandwidthMode(ieee, tcb_desc);
817 ieee80211_query_protectionmode(ieee, tcb_desc, txb->fragments[0]);
818 ieee80211_query_seqnum(ieee, txb->fragments[0], header.addr1);
819 }
820 spin_unlock_irqrestore(&ieee->lock, flags);
821 dev_kfree_skb_any(skb);
822 if (txb) {
823 if (ieee->softmac_features & IEEE_SOFTMAC_TX_QUEUE) {
824 ieee80211_softmac_xmit(txb, ieee);
825 } else {
826 if ((*ieee->hard_start_xmit)(txb, dev) == 0) {
827 stats->tx_packets++;
828 stats->tx_bytes += __le16_to_cpu(txb->payload_size);
829 return 0;
830 }
831 ieee80211_txb_free(txb);
832 }
833 }
834
835 return 0;
836
837 failed:
838 spin_unlock_irqrestore(&ieee->lock, flags);
839 netif_stop_queue(dev);
840 stats->tx_errors++;
841 return 1;
842
843 }