root/drivers/staging/ks7010/ks_hostif.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. inc_smeqhead
  2. inc_smeqtail
  3. cnt_smeqbody
  4. get_byte
  5. get_word
  6. get_dword
  7. ks_wlan_hw_wakeup_task
  8. ks_wlan_do_power_save
  9. get_current_ap
  10. read_ie
  11. michael_mic
  12. get_ap_information
  13. hostif_data_indication_wpa
  14. hostif_data_indication
  15. hostif_mib_get_confirm
  16. hostif_mib_set_confirm
  17. hostif_power_mgmt_confirm
  18. hostif_sleep_confirm
  19. hostif_start_confirm
  20. hostif_connect_indication
  21. hostif_scan_indication
  22. hostif_stop_confirm
  23. hostif_ps_adhoc_set_confirm
  24. hostif_infrastructure_set_confirm
  25. hostif_adhoc_set_confirm
  26. hostif_associate_indication
  27. hostif_bss_scan_confirm
  28. hostif_phy_information_confirm
  29. hostif_mic_failure_confirm
  30. hostif_event_check
  31. hostif_generic_request
  32. hostif_data_request
  33. ps_confirm_wait_inc
  34. send_request_to_device
  35. hostif_mib_get_request
  36. hostif_mib_set_request
  37. hostif_mib_set_request_int
  38. hostif_mib_set_request_bool
  39. hostif_mib_set_request_ostring
  40. hostif_start_request
  41. ks_wlan_cap
  42. init_request
  43. hostif_ps_adhoc_set_request
  44. hostif_infrastructure_set_request
  45. hostif_adhoc_set_request
  46. hostif_adhoc_set2_request
  47. hostif_stop_request
  48. hostif_phy_information_request
  49. hostif_power_mgmt_request
  50. hostif_sleep_request
  51. hostif_bss_scan_request
  52. hostif_mic_failure_request
  53. devio_rec_ind
  54. hostif_receive
  55. hostif_sme_set_wep
  56. hostif_sme_set_rsn
  57. hostif_sme_mode_setup
  58. hostif_sme_multicast_set
  59. hostif_sme_power_mgmt_set
  60. hostif_sme_sleep_set
  61. hostif_sme_set_key
  62. hostif_sme_set_pmksa
  63. hostif_sme_execute
  64. hostif_sme_task
  65. hostif_sme_enqueue
  66. hostif_aplist_init
  67. hostif_status_init
  68. hostif_sme_init
  69. hostif_wpa_init
  70. hostif_power_save_init
  71. hostif_pmklist_init
  72. hostif_counters_init
  73. hostif_init
  74. hostif_exit

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *   Driver for KeyStream wireless LAN cards.
   4  *
   5  *   Copyright (C) 2005-2008 KeyStream Corp.
   6  *   Copyright (C) 2009 Renesas Technology Corp.
   7  */
   8 
   9 #include <crypto/hash.h>
  10 #include <linux/circ_buf.h>
  11 #include <linux/if_arp.h>
  12 #include <net/iw_handler.h>
  13 #include <uapi/linux/llc.h>
  14 #include "eap_packet.h"
  15 #include "ks_wlan.h"
  16 #include "ks_hostif.h"
  17 
  18 #define MICHAEL_MIC_KEY_LEN 8
  19 #define MICHAEL_MIC_LEN     8
  20 
  21 static inline void inc_smeqhead(struct ks_wlan_private *priv)
  22 {
  23         priv->sme_i.qhead = (priv->sme_i.qhead + 1) % SME_EVENT_BUFF_SIZE;
  24 }
  25 
  26 static inline void inc_smeqtail(struct ks_wlan_private *priv)
  27 {
  28         priv->sme_i.qtail = (priv->sme_i.qtail + 1) % SME_EVENT_BUFF_SIZE;
  29 }
  30 
  31 static inline unsigned int cnt_smeqbody(struct ks_wlan_private *priv)
  32 {
  33         return CIRC_CNT_TO_END(priv->sme_i.qhead, priv->sme_i.qtail,
  34                                SME_EVENT_BUFF_SIZE);
  35 }
  36 
  37 static inline u8 get_byte(struct ks_wlan_private *priv)
  38 {
  39         u8 data;
  40 
  41         data = *priv->rxp++;
  42         /* length check in advance ! */
  43         --(priv->rx_size);
  44         return data;
  45 }
  46 
  47 static inline u16 get_word(struct ks_wlan_private *priv)
  48 {
  49         u16 data;
  50 
  51         data = (get_byte(priv) & 0xff);
  52         data |= ((get_byte(priv) << 8) & 0xff00);
  53         return data;
  54 }
  55 
  56 static inline u32 get_dword(struct ks_wlan_private *priv)
  57 {
  58         u32 data;
  59 
  60         data = (get_byte(priv) & 0xff);
  61         data |= ((get_byte(priv) << 8) & 0x0000ff00);
  62         data |= ((get_byte(priv) << 16) & 0x00ff0000);
  63         data |= ((get_byte(priv) << 24) & 0xff000000);
  64         return data;
  65 }
  66 
  67 static void ks_wlan_hw_wakeup_task(struct work_struct *work)
  68 {
  69         struct ks_wlan_private *priv;
  70         int ps_status;
  71         long time_left;
  72 
  73         priv = container_of(work, struct ks_wlan_private, wakeup_work);
  74         ps_status = atomic_read(&priv->psstatus.status);
  75 
  76         if (ps_status == PS_SNOOZE) {
  77                 ks_wlan_hw_wakeup_request(priv);
  78                 time_left = wait_for_completion_interruptible_timeout(
  79                                 &priv->psstatus.wakeup_wait,
  80                                 msecs_to_jiffies(20));
  81                 if (time_left <= 0) {
  82                         netdev_dbg(priv->net_dev, "wake up timeout or interrupted !!!\n");
  83                         schedule_work(&priv->wakeup_work);
  84                         return;
  85                 }
  86         }
  87 
  88         /* power save */
  89         if (atomic_read(&priv->sme_task.count) > 0)
  90                 tasklet_enable(&priv->sme_task);
  91 }
  92 
  93 static void ks_wlan_do_power_save(struct ks_wlan_private *priv)
  94 {
  95         if (is_connect_status(priv->connect_status))
  96                 hostif_sme_enqueue(priv, SME_POW_MNGMT_REQUEST);
  97         else
  98                 priv->dev_state = DEVICE_STATE_READY;
  99 }
 100 
 101 static
 102 int get_current_ap(struct ks_wlan_private *priv, struct link_ap_info *ap_info)
 103 {
 104         struct local_ap *ap;
 105         union iwreq_data wrqu;
 106         struct net_device *netdev = priv->net_dev;
 107         u8 size;
 108 
 109         ap = &priv->current_ap;
 110 
 111         if (is_disconnect_status(priv->connect_status)) {
 112                 memset(ap, 0, sizeof(struct local_ap));
 113                 return -EPERM;
 114         }
 115 
 116         ether_addr_copy(ap->bssid, ap_info->bssid);
 117         memcpy(ap->ssid.body, priv->reg.ssid.body,
 118                priv->reg.ssid.size);
 119         ap->ssid.size = priv->reg.ssid.size;
 120         memcpy(ap->rate_set.body, ap_info->rate_set.body,
 121                ap_info->rate_set.size);
 122         ap->rate_set.size = ap_info->rate_set.size;
 123         if (ap_info->ext_rate_set.size != 0) {
 124                 memcpy(&ap->rate_set.body[ap->rate_set.size],
 125                        ap_info->ext_rate_set.body,
 126                        ap_info->ext_rate_set.size);
 127                 ap->rate_set.size += ap_info->ext_rate_set.size;
 128         }
 129         ap->channel = ap_info->ds_parameter.channel;
 130         ap->rssi = ap_info->rssi;
 131         ap->sq = ap_info->sq;
 132         ap->noise = ap_info->noise;
 133         ap->capability = le16_to_cpu(ap_info->capability);
 134         size = (ap_info->rsn.size <= RSN_IE_BODY_MAX) ?
 135                 ap_info->rsn.size : RSN_IE_BODY_MAX;
 136         if ((ap_info->rsn_mode & RSN_MODE_WPA2) &&
 137             (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2)) {
 138                 ap->rsn_ie.id = RSN_INFO_ELEM_ID;
 139                 ap->rsn_ie.size = size;
 140                 memcpy(ap->rsn_ie.body, ap_info->rsn.body, size);
 141         } else if ((ap_info->rsn_mode & RSN_MODE_WPA) &&
 142                    (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA)) {
 143                 ap->wpa_ie.id = WPA_INFO_ELEM_ID;
 144                 ap->wpa_ie.size = size;
 145                 memcpy(ap->wpa_ie.body, ap_info->rsn.body, size);
 146         } else {
 147                 ap->rsn_ie.id = 0;
 148                 ap->rsn_ie.size = 0;
 149                 ap->wpa_ie.id = 0;
 150                 ap->wpa_ie.size = 0;
 151         }
 152 
 153         wrqu.data.length = 0;
 154         wrqu.data.flags = 0;
 155         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
 156         if (is_connect_status(priv->connect_status)) {
 157                 ether_addr_copy(wrqu.ap_addr.sa_data, priv->current_ap.bssid);
 158                 netdev_dbg(priv->net_dev,
 159                            "IWEVENT: connect bssid=%pM\n",
 160                            wrqu.ap_addr.sa_data);
 161                 wireless_send_event(netdev, SIOCGIWAP, &wrqu, NULL);
 162         }
 163         netdev_dbg(priv->net_dev, "Link AP\n"
 164                    "- bssid=%02X:%02X:%02X:%02X:%02X:%02X\n"
 165                    "- essid=%s\n"
 166                    "- rate_set=%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X\n"
 167                    "- channel=%d\n"
 168                    "- rssi=%d\n"
 169                    "- sq=%d\n"
 170                    "- capability=%04X\n"
 171                    "- rsn.mode=%d\n"
 172                    "- rsn.size=%d\n"
 173                    "- ext_rate_set_size=%d\n"
 174                    "- rate_set_size=%d\n",
 175                    ap->bssid[0], ap->bssid[1], ap->bssid[2],
 176                    ap->bssid[3], ap->bssid[4], ap->bssid[5],
 177                    &ap->ssid.body[0],
 178                    ap->rate_set.body[0], ap->rate_set.body[1],
 179                    ap->rate_set.body[2], ap->rate_set.body[3],
 180                    ap->rate_set.body[4], ap->rate_set.body[5],
 181                    ap->rate_set.body[6], ap->rate_set.body[7],
 182                    ap->channel, ap->rssi, ap->sq, ap->capability,
 183                    ap_info->rsn_mode, ap_info->rsn.size,
 184                    ap_info->ext_rate_set.size, ap_info->rate_set.size);
 185 
 186         return 0;
 187 }
 188 
 189 static u8 read_ie(unsigned char *bp, u8 max, u8 *body)
 190 {
 191         u8 size = (*(bp + 1) <= max) ? *(bp + 1) : max;
 192 
 193         memcpy(body, bp + 2, size);
 194         return size;
 195 }
 196 
 197 static int
 198 michael_mic(u8 *key, u8 *data, unsigned int len, u8 priority, u8 *result)
 199 {
 200         u8 pad_data[4] = { priority, 0, 0, 0 };
 201         struct crypto_shash *tfm = NULL;
 202         struct shash_desc *desc = NULL;
 203         int ret;
 204 
 205         tfm = crypto_alloc_shash("michael_mic", 0, 0);
 206         if (IS_ERR(tfm)) {
 207                 ret = PTR_ERR(tfm);
 208                 goto err;
 209         }
 210 
 211         ret = crypto_shash_setkey(tfm, key, MICHAEL_MIC_KEY_LEN);
 212         if (ret < 0)
 213                 goto err_free_tfm;
 214 
 215         desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL);
 216         if (!desc) {
 217                 ret = -ENOMEM;
 218                 goto err_free_tfm;
 219         }
 220 
 221         desc->tfm = tfm;
 222 
 223         ret = crypto_shash_init(desc);
 224         if (ret < 0)
 225                 goto err_free_desc;
 226 
 227         // Compute the MIC value
 228         /*
 229          * IEEE802.11i  page 47
 230          * Figure 43g TKIP MIC processing format
 231          * +--+--+--------+--+----+--+--+--+--+--+--+--+--+
 232          * |6 |6 |1       |3 |M   |1 |1 |1 |1 |1 |1 |1 |1 | Octet
 233          * +--+--+--------+--+----+--+--+--+--+--+--+--+--+
 234          * |DA|SA|Priority|0 |Data|M0|M1|M2|M3|M4|M5|M6|M7|
 235          * +--+--+--------+--+----+--+--+--+--+--+--+--+--+
 236          */
 237 
 238         ret = crypto_shash_update(desc, data, 12);
 239         if (ret < 0)
 240                 goto err_free_desc;
 241 
 242         ret = crypto_shash_update(desc, pad_data, 4);
 243         if (ret < 0)
 244                 goto err_free_desc;
 245 
 246         ret = crypto_shash_finup(desc, data + 12, len - 12, result);
 247 
 248 err_free_desc:
 249         kzfree(desc);
 250 
 251 err_free_tfm:
 252         crypto_free_shash(tfm);
 253 
 254 err:
 255         return ret;
 256 }
 257 
 258 static
 259 int get_ap_information(struct ks_wlan_private *priv, struct ap_info *ap_info,
 260                        struct local_ap *ap)
 261 {
 262         unsigned char *bp;
 263         int bsize, offset;
 264 
 265         memset(ap, 0, sizeof(struct local_ap));
 266 
 267         ether_addr_copy(ap->bssid, ap_info->bssid);
 268         ap->rssi = ap_info->rssi;
 269         ap->sq = ap_info->sq;
 270         ap->noise = ap_info->noise;
 271         ap->capability = le16_to_cpu(ap_info->capability);
 272         ap->channel = ap_info->ch_info;
 273 
 274         bp = ap_info->body;
 275         bsize = le16_to_cpu(ap_info->body_size);
 276         offset = 0;
 277 
 278         while (bsize > offset) {
 279                 switch (*bp) { /* Information Element ID */
 280                 case WLAN_EID_SSID:
 281                         ap->ssid.size = read_ie(bp, IEEE80211_MAX_SSID_LEN,
 282                                                 ap->ssid.body);
 283                         break;
 284                 case WLAN_EID_SUPP_RATES:
 285                 case WLAN_EID_EXT_SUPP_RATES:
 286                         if ((*(bp + 1) + ap->rate_set.size) <=
 287                             RATE_SET_MAX_SIZE) {
 288                                 memcpy(&ap->rate_set.body[ap->rate_set.size],
 289                                        bp + 2, *(bp + 1));
 290                                 ap->rate_set.size += *(bp + 1);
 291                         } else {
 292                                 memcpy(&ap->rate_set.body[ap->rate_set.size],
 293                                        bp + 2,
 294                                        RATE_SET_MAX_SIZE - ap->rate_set.size);
 295                                 ap->rate_set.size +=
 296                                     (RATE_SET_MAX_SIZE - ap->rate_set.size);
 297                         }
 298                         break;
 299                 case WLAN_EID_RSN:
 300                         ap->rsn_ie.id = *bp;
 301                         ap->rsn_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
 302                                                   ap->rsn_ie.body);
 303                         break;
 304                 case WLAN_EID_VENDOR_SPECIFIC: /* WPA */
 305                         /* WPA OUI check */
 306                         if (memcmp(bp + 2, CIPHER_ID_WPA_WEP40, 4) == 0) {
 307                                 ap->wpa_ie.id = *bp;
 308                                 ap->wpa_ie.size = read_ie(bp, RSN_IE_BODY_MAX,
 309                                                           ap->wpa_ie.body);
 310                         }
 311                         break;
 312                 case WLAN_EID_DS_PARAMS:
 313                 case WLAN_EID_FH_PARAMS:
 314                 case WLAN_EID_CF_PARAMS:
 315                 case WLAN_EID_TIM:
 316                 case WLAN_EID_IBSS_PARAMS:
 317                 case WLAN_EID_COUNTRY:
 318                 case WLAN_EID_ERP_INFO:
 319                         break;
 320                 default:
 321                         netdev_err(priv->net_dev,
 322                                    "unknown Element ID=%d\n", *bp);
 323                         break;
 324                 }
 325 
 326                 offset += 2;    /* id & size field */
 327                 offset += *(bp + 1);    /* +size offset */
 328                 bp += (*(bp + 1) + 2);  /* pointer update */
 329         }
 330 
 331         return 0;
 332 }
 333 
 334 static
 335 int hostif_data_indication_wpa(struct ks_wlan_private *priv,
 336                                unsigned short auth_type)
 337 {
 338         struct ether_hdr *eth_hdr;
 339         unsigned short eth_proto;
 340         unsigned char recv_mic[MICHAEL_MIC_LEN];
 341         char buf[128];
 342         unsigned long now;
 343         struct mic_failure *mic_failure;
 344         u8 mic[MICHAEL_MIC_LEN];
 345         union iwreq_data wrqu;
 346         unsigned int key_index = auth_type - 1;
 347         struct wpa_key *key = &priv->wpa.key[key_index];
 348 
 349         eth_hdr = (struct ether_hdr *)(priv->rxp);
 350         eth_proto = ntohs(eth_hdr->h_proto);
 351 
 352         if (eth_hdr->h_dest_snap != eth_hdr->h_source_snap) {
 353                 netdev_err(priv->net_dev, "invalid data format\n");
 354                 priv->nstats.rx_errors++;
 355                 return -EINVAL;
 356         }
 357         if (((auth_type == TYPE_PMK1 &&
 358               priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) ||
 359              (auth_type == TYPE_GMK1 &&
 360               priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP) ||
 361              (auth_type == TYPE_GMK2 &&
 362               priv->wpa.group_suite == IW_AUTH_CIPHER_TKIP)) &&
 363             key->key_len) {
 364                 int ret;
 365 
 366                 netdev_dbg(priv->net_dev, "TKIP: protocol=%04X: size=%u\n",
 367                            eth_proto, priv->rx_size);
 368                 /* MIC save */
 369                 memcpy(&recv_mic[0],
 370                        (priv->rxp) + ((priv->rx_size) - sizeof(recv_mic)),
 371                        sizeof(recv_mic));
 372                 priv->rx_size = priv->rx_size - sizeof(recv_mic);
 373 
 374                 ret = michael_mic(key->rx_mic_key, priv->rxp, priv->rx_size,
 375                                   0, mic);
 376                 if (ret < 0)
 377                         return ret;
 378                 if (memcmp(mic, recv_mic, sizeof(mic)) != 0) {
 379                         now = jiffies;
 380                         mic_failure = &priv->wpa.mic_failure;
 381                         /* MIC FAILURE */
 382                         if (mic_failure->last_failure_time &&
 383                             (now - mic_failure->last_failure_time) / HZ >= 60) {
 384                                 mic_failure->failure = 0;
 385                         }
 386                         netdev_err(priv->net_dev, "MIC FAILURE\n");
 387                         if (mic_failure->failure == 0) {
 388                                 mic_failure->failure = 1;
 389                                 mic_failure->counter = 0;
 390                         } else if (mic_failure->failure == 1) {
 391                                 mic_failure->failure = 2;
 392                                 mic_failure->counter =
 393                                         (u16)((now - mic_failure->last_failure_time) / HZ);
 394                                 /*  range 1-60 */
 395                                 if (!mic_failure->counter)
 396                                         mic_failure->counter = 1;
 397                         }
 398                         priv->wpa.mic_failure.last_failure_time = now;
 399 
 400                         /*  needed parameters: count, keyid, key type, TSC */
 401                         sprintf(buf,
 402                                 "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr=%pM)",
 403                                 key_index,
 404                                 eth_hdr->h_dest[0] & 0x01 ? "broad" : "uni",
 405                                 eth_hdr->h_source);
 406                         memset(&wrqu, 0, sizeof(wrqu));
 407                         wrqu.data.length = strlen(buf);
 408                         wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu,
 409                                             buf);
 410                         return -EINVAL;
 411                 }
 412         }
 413         return 0;
 414 }
 415 
 416 static
 417 void hostif_data_indication(struct ks_wlan_private *priv)
 418 {
 419         unsigned int rx_ind_size;       /* indicate data size */
 420         struct sk_buff *skb;
 421         u16 auth_type;
 422         unsigned char temp[256];
 423         struct ether_hdr *eth_hdr;
 424         struct ieee802_1x_hdr *aa1x_hdr;
 425         size_t size;
 426         int ret;
 427 
 428         /* min length check */
 429         if (priv->rx_size <= ETH_HLEN) {
 430                 priv->nstats.rx_errors++;
 431                 return;
 432         }
 433 
 434         auth_type = get_word(priv);     /* AuthType */
 435         get_word(priv); /* Reserve Area */
 436 
 437         eth_hdr = (struct ether_hdr *)(priv->rxp);
 438 
 439         /* source address check */
 440         if (ether_addr_equal(&priv->eth_addr[0], eth_hdr->h_source)) {
 441                 netdev_err(priv->net_dev, "invalid : source is own mac address !!\n");
 442                 netdev_err(priv->net_dev,
 443                            "eth_hdrernet->h_dest=%02X:%02X:%02X:%02X:%02X:%02X\n",
 444                            eth_hdr->h_source[0], eth_hdr->h_source[1],
 445                            eth_hdr->h_source[2], eth_hdr->h_source[3],
 446                            eth_hdr->h_source[4], eth_hdr->h_source[5]);
 447                 priv->nstats.rx_errors++;
 448                 return;
 449         }
 450 
 451         /*  for WPA */
 452         if (auth_type != TYPE_DATA && priv->wpa.rsn_enabled) {
 453                 ret = hostif_data_indication_wpa(priv, auth_type);
 454                 if (ret)
 455                         return;
 456         }
 457 
 458         if ((priv->connect_status & FORCE_DISCONNECT) ||
 459             priv->wpa.mic_failure.failure == 2) {
 460                 return;
 461         }
 462 
 463         /* check 13th byte at rx data */
 464         switch (*(priv->rxp + 12)) {
 465         case LLC_SAP_SNAP:
 466                 rx_ind_size = priv->rx_size - 6;
 467                 skb = dev_alloc_skb(rx_ind_size);
 468                 if (!skb) {
 469                         priv->nstats.rx_dropped++;
 470                         return;
 471                 }
 472                 netdev_dbg(priv->net_dev, "SNAP, rx_ind_size = %d\n",
 473                            rx_ind_size);
 474 
 475                 size = ETH_ALEN * 2;
 476                 skb_put_data(skb, priv->rxp, size);
 477 
 478                 /* (SNAP+UI..) skip */
 479 
 480                 size = rx_ind_size - (ETH_ALEN * 2);
 481                 skb_put_data(skb, &eth_hdr->h_proto, size);
 482 
 483                 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + ETHER_HDR_SIZE);
 484                 break;
 485         case LLC_SAP_NETBEUI:
 486                 rx_ind_size = (priv->rx_size + 2);
 487                 skb = dev_alloc_skb(rx_ind_size);
 488                 if (!skb) {
 489                         priv->nstats.rx_dropped++;
 490                         return;
 491                 }
 492                 netdev_dbg(priv->net_dev, "NETBEUI/NetBIOS rx_ind_size=%d\n",
 493                            rx_ind_size);
 494 
 495                 /* 8802/FDDI MAC copy */
 496                 skb_put_data(skb, priv->rxp, 12);
 497 
 498                 /* NETBEUI size add */
 499                 temp[0] = (((rx_ind_size - 12) >> 8) & 0xff);
 500                 temp[1] = ((rx_ind_size - 12) & 0xff);
 501                 skb_put_data(skb, temp, 2);
 502 
 503                 /* copy after Type */
 504                 skb_put_data(skb, priv->rxp + 12, rx_ind_size - 14);
 505 
 506                 aa1x_hdr = (struct ieee802_1x_hdr *)(priv->rxp + 14);
 507                 break;
 508         default:        /* other rx data */
 509                 netdev_err(priv->net_dev, "invalid data format\n");
 510                 priv->nstats.rx_errors++;
 511                 return;
 512         }
 513 
 514         if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY &&
 515             priv->wpa.rsn_enabled)
 516                 atomic_set(&priv->psstatus.snooze_guard, 1);
 517 
 518         /* rx indication */
 519         skb->dev = priv->net_dev;
 520         skb->protocol = eth_type_trans(skb, skb->dev);
 521         priv->nstats.rx_packets++;
 522         priv->nstats.rx_bytes += rx_ind_size;
 523         netif_rx(skb);
 524 }
 525 
 526 static
 527 void hostif_mib_get_confirm(struct ks_wlan_private *priv)
 528 {
 529         struct net_device *dev = priv->net_dev;
 530         u32 mib_status;
 531         u32 mib_attribute;
 532         u16 mib_val_size;
 533         u16 mib_val_type;
 534 
 535         mib_status = get_dword(priv);
 536         mib_attribute = get_dword(priv);
 537         mib_val_size = get_word(priv);
 538         mib_val_type = get_word(priv);
 539 
 540         if (mib_status) {
 541                 netdev_err(priv->net_dev, "attribute=%08X, status=%08X\n",
 542                            mib_attribute, mib_status);
 543                 return;
 544         }
 545 
 546         switch (mib_attribute) {
 547         case DOT11_MAC_ADDRESS:
 548                 hostif_sme_enqueue(priv, SME_GET_MAC_ADDRESS);
 549                 ether_addr_copy(priv->eth_addr, priv->rxp);
 550                 priv->mac_address_valid = true;
 551                 ether_addr_copy(dev->dev_addr, priv->eth_addr);
 552                 netdev_info(dev, "MAC ADDRESS = %pM\n", priv->eth_addr);
 553                 break;
 554         case DOT11_PRODUCT_VERSION:
 555                 priv->version_size = priv->rx_size;
 556                 memcpy(priv->firmware_version, priv->rxp, priv->rx_size);
 557                 priv->firmware_version[priv->rx_size] = '\0';
 558                 netdev_info(dev, "firmware ver. = %s\n",
 559                             priv->firmware_version);
 560                 hostif_sme_enqueue(priv, SME_GET_PRODUCT_VERSION);
 561                 /* wake_up_interruptible_all(&priv->confirm_wait); */
 562                 complete(&priv->confirm_wait);
 563                 break;
 564         case LOCAL_GAIN:
 565                 memcpy(&priv->gain, priv->rxp, sizeof(priv->gain));
 566                 netdev_dbg(priv->net_dev, "tx_mode=%d, rx_mode=%d, tx_gain=%d, rx_gain=%d\n",
 567                            priv->gain.tx_mode, priv->gain.rx_mode,
 568                            priv->gain.tx_gain, priv->gain.rx_gain);
 569                 break;
 570         case LOCAL_EEPROM_SUM:
 571                 memcpy(&priv->eeprom_sum, priv->rxp, sizeof(priv->eeprom_sum));
 572                 if (priv->eeprom_sum.type != 0 &&
 573                     priv->eeprom_sum.type != 1) {
 574                         netdev_err(dev, "LOCAL_EEPROM_SUM error!\n");
 575                         return;
 576                 }
 577                 priv->eeprom_checksum = (priv->eeprom_sum.type == 0) ?
 578                                          EEPROM_CHECKSUM_NONE :
 579                                          (priv->eeprom_sum.result == 0) ?
 580                                          EEPROM_NG : EEPROM_OK;
 581                 break;
 582         default:
 583                 netdev_err(priv->net_dev, "mib_attribute=%08x\n",
 584                            (unsigned int)mib_attribute);
 585                 break;
 586         }
 587 }
 588 
 589 static
 590 void hostif_mib_set_confirm(struct ks_wlan_private *priv)
 591 {
 592         u32 mib_status;
 593         u32 mib_attribute;
 594 
 595         mib_status = get_dword(priv);
 596         mib_attribute = get_dword(priv);
 597 
 598         if (mib_status) {
 599                 /* in case of error */
 600                 netdev_err(priv->net_dev, "error :: attribute=%08X, status=%08X\n",
 601                            mib_attribute, mib_status);
 602         }
 603 
 604         switch (mib_attribute) {
 605         case DOT11_RTS_THRESHOLD:
 606                 hostif_sme_enqueue(priv, SME_RTS_THRESHOLD_CONFIRM);
 607                 break;
 608         case DOT11_FRAGMENTATION_THRESHOLD:
 609                 hostif_sme_enqueue(priv, SME_FRAGMENTATION_THRESHOLD_CONFIRM);
 610                 break;
 611         case DOT11_WEP_DEFAULT_KEY_ID:
 612                 if (!priv->wpa.wpa_enabled)
 613                         hostif_sme_enqueue(priv, SME_WEP_INDEX_CONFIRM);
 614                 break;
 615         case DOT11_WEP_DEFAULT_KEY_VALUE1:
 616                 if (priv->wpa.rsn_enabled)
 617                         hostif_sme_enqueue(priv, SME_SET_PMK_TSC);
 618                 else
 619                         hostif_sme_enqueue(priv, SME_WEP_KEY1_CONFIRM);
 620                 break;
 621         case DOT11_WEP_DEFAULT_KEY_VALUE2:
 622                 if (priv->wpa.rsn_enabled)
 623                         hostif_sme_enqueue(priv, SME_SET_GMK1_TSC);
 624                 else
 625                         hostif_sme_enqueue(priv, SME_WEP_KEY2_CONFIRM);
 626                 break;
 627         case DOT11_WEP_DEFAULT_KEY_VALUE3:
 628                 if (priv->wpa.rsn_enabled)
 629                         hostif_sme_enqueue(priv, SME_SET_GMK2_TSC);
 630                 else
 631                         hostif_sme_enqueue(priv, SME_WEP_KEY3_CONFIRM);
 632                 break;
 633         case DOT11_WEP_DEFAULT_KEY_VALUE4:
 634                 if (!priv->wpa.rsn_enabled)
 635                         hostif_sme_enqueue(priv, SME_WEP_KEY4_CONFIRM);
 636                 break;
 637         case DOT11_PRIVACY_INVOKED:
 638                 if (!priv->wpa.rsn_enabled)
 639                         hostif_sme_enqueue(priv, SME_WEP_FLAG_CONFIRM);
 640                 break;
 641         case DOT11_RSN_ENABLED:
 642                 hostif_sme_enqueue(priv, SME_RSN_ENABLED_CONFIRM);
 643                 break;
 644         case LOCAL_RSN_MODE:
 645                 hostif_sme_enqueue(priv, SME_RSN_MODE_CONFIRM);
 646                 break;
 647         case LOCAL_MULTICAST_ADDRESS:
 648                 hostif_sme_enqueue(priv, SME_MULTICAST_REQUEST);
 649                 break;
 650         case LOCAL_MULTICAST_FILTER:
 651                 hostif_sme_enqueue(priv, SME_MULTICAST_CONFIRM);
 652                 break;
 653         case LOCAL_CURRENTADDRESS:
 654                 priv->mac_address_valid = true;
 655                 break;
 656         case DOT11_RSN_CONFIG_MULTICAST_CIPHER:
 657                 hostif_sme_enqueue(priv, SME_RSN_MCAST_CONFIRM);
 658                 break;
 659         case DOT11_RSN_CONFIG_UNICAST_CIPHER:
 660                 hostif_sme_enqueue(priv, SME_RSN_UCAST_CONFIRM);
 661                 break;
 662         case DOT11_RSN_CONFIG_AUTH_SUITE:
 663                 hostif_sme_enqueue(priv, SME_RSN_AUTH_CONFIRM);
 664                 break;
 665         case DOT11_GMK1_TSC:
 666                 if (atomic_read(&priv->psstatus.snooze_guard))
 667                         atomic_set(&priv->psstatus.snooze_guard, 0);
 668                 break;
 669         case DOT11_GMK2_TSC:
 670                 if (atomic_read(&priv->psstatus.snooze_guard))
 671                         atomic_set(&priv->psstatus.snooze_guard, 0);
 672                 break;
 673         case DOT11_PMK_TSC:
 674         case LOCAL_PMK:
 675         case LOCAL_GAIN:
 676         case LOCAL_WPS_ENABLE:
 677         case LOCAL_WPS_PROBE_REQ:
 678         case LOCAL_REGION:
 679         default:
 680                 break;
 681         }
 682 }
 683 
 684 static
 685 void hostif_power_mgmt_confirm(struct ks_wlan_private *priv)
 686 {
 687         if (priv->reg.power_mgmt > POWER_MGMT_ACTIVE &&
 688             priv->reg.operation_mode == MODE_INFRASTRUCTURE) {
 689                 atomic_set(&priv->psstatus.confirm_wait, 0);
 690                 priv->dev_state = DEVICE_STATE_SLEEP;
 691                 ks_wlan_hw_power_save(priv);
 692         } else {
 693                 priv->dev_state = DEVICE_STATE_READY;
 694         }
 695 }
 696 
 697 static
 698 void hostif_sleep_confirm(struct ks_wlan_private *priv)
 699 {
 700         atomic_set(&priv->sleepstatus.doze_request, 1);
 701         queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
 702 }
 703 
 704 static
 705 void hostif_start_confirm(struct ks_wlan_private *priv)
 706 {
 707         union iwreq_data wrqu;
 708 
 709         wrqu.data.length = 0;
 710         wrqu.data.flags = 0;
 711         wrqu.ap_addr.sa_family = ARPHRD_ETHER;
 712         if (is_connect_status(priv->connect_status)) {
 713                 eth_zero_addr(wrqu.ap_addr.sa_data);
 714                 wireless_send_event(priv->net_dev, SIOCGIWAP, &wrqu, NULL);
 715         }
 716         netdev_dbg(priv->net_dev, " scan_ind_count=%d\n", priv->scan_ind_count);
 717         hostif_sme_enqueue(priv, SME_START_CONFIRM);
 718 }
 719 
 720 static
 721 void hostif_connect_indication(struct ks_wlan_private *priv)
 722 {
 723         u16 connect_code;
 724         unsigned int tmp = 0;
 725         unsigned int old_status = priv->connect_status;
 726         struct net_device *netdev = priv->net_dev;
 727         union iwreq_data wrqu0;
 728 
 729         connect_code = get_word(priv);
 730 
 731         switch (connect_code) {
 732         case RESULT_CONNECT:
 733                 if (!(priv->connect_status & FORCE_DISCONNECT))
 734                         netif_carrier_on(netdev);
 735                 tmp = FORCE_DISCONNECT & priv->connect_status;
 736                 priv->connect_status = tmp + CONNECT_STATUS;
 737                 break;
 738         case RESULT_DISCONNECT:
 739                 netif_carrier_off(netdev);
 740                 tmp = FORCE_DISCONNECT & priv->connect_status;
 741                 priv->connect_status = tmp + DISCONNECT_STATUS;
 742                 break;
 743         default:
 744                 netdev_dbg(priv->net_dev, "unknown connect_code=%d :: scan_ind_count=%d\n",
 745                            connect_code, priv->scan_ind_count);
 746                 netif_carrier_off(netdev);
 747                 tmp = FORCE_DISCONNECT & priv->connect_status;
 748                 priv->connect_status = tmp + DISCONNECT_STATUS;
 749                 break;
 750         }
 751 
 752         get_current_ap(priv, (struct link_ap_info *)priv->rxp);
 753         if (is_connect_status(priv->connect_status) &&
 754             is_disconnect_status(old_status)) {
 755                 /* for power save */
 756                 atomic_set(&priv->psstatus.snooze_guard, 0);
 757                 atomic_set(&priv->psstatus.confirm_wait, 0);
 758         }
 759         ks_wlan_do_power_save(priv);
 760 
 761         wrqu0.data.length = 0;
 762         wrqu0.data.flags = 0;
 763         wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
 764         if (is_disconnect_status(priv->connect_status) &&
 765             is_connect_status(old_status)) {
 766                 eth_zero_addr(wrqu0.ap_addr.sa_data);
 767                 netdev_dbg(priv->net_dev, "disconnect :: scan_ind_count=%d\n",
 768                            priv->scan_ind_count);
 769                 wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
 770         }
 771         priv->scan_ind_count = 0;
 772 }
 773 
 774 static
 775 void hostif_scan_indication(struct ks_wlan_private *priv)
 776 {
 777         int i;
 778         struct ap_info *ap_info;
 779 
 780         netdev_dbg(priv->net_dev,
 781                    "scan_ind_count = %d\n", priv->scan_ind_count);
 782         ap_info = (struct ap_info *)(priv->rxp);
 783 
 784         if (priv->scan_ind_count) {
 785                 /* bssid check */
 786                 for (i = 0; i < priv->aplist.size; i++) {
 787                         u8 *bssid = priv->aplist.ap[i].bssid;
 788 
 789                         if (ether_addr_equal(ap_info->bssid, bssid))
 790                                 continue;
 791 
 792                         if (ap_info->frame_type == IEEE80211_STYPE_PROBE_RESP)
 793                                 get_ap_information(priv, ap_info,
 794                                                    &priv->aplist.ap[i]);
 795                         return;
 796                 }
 797         }
 798         priv->scan_ind_count++;
 799         if (priv->scan_ind_count < LOCAL_APLIST_MAX + 1) {
 800                 netdev_dbg(priv->net_dev, " scan_ind_count=%d :: aplist.size=%d\n",
 801                            priv->scan_ind_count, priv->aplist.size);
 802                 get_ap_information(priv, (struct ap_info *)(priv->rxp),
 803                                    &priv->aplist.ap[priv->scan_ind_count - 1]);
 804                 priv->aplist.size = priv->scan_ind_count;
 805         } else {
 806                 netdev_dbg(priv->net_dev, " count over :: scan_ind_count=%d\n",
 807                            priv->scan_ind_count);
 808         }
 809 }
 810 
 811 static
 812 void hostif_stop_confirm(struct ks_wlan_private *priv)
 813 {
 814         unsigned int tmp = 0;
 815         unsigned int old_status = priv->connect_status;
 816         struct net_device *netdev = priv->net_dev;
 817         union iwreq_data wrqu0;
 818 
 819         if (priv->dev_state == DEVICE_STATE_SLEEP)
 820                 priv->dev_state = DEVICE_STATE_READY;
 821 
 822         /* disconnect indication */
 823         if (is_connect_status(priv->connect_status)) {
 824                 netif_carrier_off(netdev);
 825                 tmp = FORCE_DISCONNECT & priv->connect_status;
 826                 priv->connect_status = tmp | DISCONNECT_STATUS;
 827                 netdev_info(netdev, "IWEVENT: disconnect\n");
 828 
 829                 wrqu0.data.length = 0;
 830                 wrqu0.data.flags = 0;
 831                 wrqu0.ap_addr.sa_family = ARPHRD_ETHER;
 832                 if (is_disconnect_status(priv->connect_status) &&
 833                     is_connect_status(old_status)) {
 834                         eth_zero_addr(wrqu0.ap_addr.sa_data);
 835                         netdev_info(netdev, "IWEVENT: disconnect\n");
 836                         wireless_send_event(netdev, SIOCGIWAP, &wrqu0, NULL);
 837                 }
 838                 priv->scan_ind_count = 0;
 839         }
 840 
 841         hostif_sme_enqueue(priv, SME_STOP_CONFIRM);
 842 }
 843 
 844 static
 845 void hostif_ps_adhoc_set_confirm(struct ks_wlan_private *priv)
 846 {
 847         priv->infra_status = 0; /* infrastructure mode cancel */
 848         hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
 849 }
 850 
 851 static
 852 void hostif_infrastructure_set_confirm(struct ks_wlan_private *priv)
 853 {
 854         u16 result_code;
 855 
 856         result_code = get_word(priv);
 857         priv->infra_status = 1; /* infrastructure mode set */
 858         hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
 859 }
 860 
 861 static
 862 void hostif_adhoc_set_confirm(struct ks_wlan_private *priv)
 863 {
 864         priv->infra_status = 1; /* infrastructure mode set */
 865         hostif_sme_enqueue(priv, SME_MODE_SET_CONFIRM);
 866 }
 867 
 868 static
 869 void hostif_associate_indication(struct ks_wlan_private *priv)
 870 {
 871         struct association_request *assoc_req;
 872         struct association_response *assoc_resp;
 873         unsigned char *pb;
 874         union iwreq_data wrqu;
 875         char buf[IW_CUSTOM_MAX];
 876         char *pbuf = &buf[0];
 877         int i;
 878 
 879         static const char associnfo_leader0[] = "ASSOCINFO(ReqIEs=";
 880         static const char associnfo_leader1[] = " RespIEs=";
 881 
 882         assoc_req = (struct association_request *)(priv->rxp);
 883         assoc_resp = (struct association_response *)(assoc_req + 1);
 884         pb = (unsigned char *)(assoc_resp + 1);
 885 
 886         memset(&wrqu, 0, sizeof(wrqu));
 887         memcpy(pbuf, associnfo_leader0, sizeof(associnfo_leader0) - 1);
 888         wrqu.data.length += sizeof(associnfo_leader0) - 1;
 889         pbuf += sizeof(associnfo_leader0) - 1;
 890 
 891         for (i = 0; i < le16_to_cpu(assoc_req->req_ies_size); i++)
 892                 pbuf += sprintf(pbuf, "%02x", *(pb + i));
 893         wrqu.data.length += (le16_to_cpu(assoc_req->req_ies_size)) * 2;
 894 
 895         memcpy(pbuf, associnfo_leader1, sizeof(associnfo_leader1) - 1);
 896         wrqu.data.length += sizeof(associnfo_leader1) - 1;
 897         pbuf += sizeof(associnfo_leader1) - 1;
 898 
 899         pb += le16_to_cpu(assoc_req->req_ies_size);
 900         for (i = 0; i < le16_to_cpu(assoc_resp->resp_ies_size); i++)
 901                 pbuf += sprintf(pbuf, "%02x", *(pb + i));
 902         wrqu.data.length += (le16_to_cpu(assoc_resp->resp_ies_size)) * 2;
 903 
 904         pbuf += sprintf(pbuf, ")");
 905         wrqu.data.length += 1;
 906 
 907         wireless_send_event(priv->net_dev, IWEVCUSTOM, &wrqu, buf);
 908 }
 909 
 910 static
 911 void hostif_bss_scan_confirm(struct ks_wlan_private *priv)
 912 {
 913         u32 result_code;
 914         struct net_device *dev = priv->net_dev;
 915         union iwreq_data wrqu;
 916 
 917         result_code = get_dword(priv);
 918         netdev_dbg(priv->net_dev, "result=%d :: scan_ind_count=%d\n",
 919                    result_code, priv->scan_ind_count);
 920 
 921         priv->sme_i.sme_flag &= ~SME_AP_SCAN;
 922         hostif_sme_enqueue(priv, SME_BSS_SCAN_CONFIRM);
 923 
 924         wrqu.data.length = 0;
 925         wrqu.data.flags = 0;
 926         wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
 927         priv->scan_ind_count = 0;
 928 }
 929 
 930 static
 931 void hostif_phy_information_confirm(struct ks_wlan_private *priv)
 932 {
 933         struct iw_statistics *wstats = &priv->wstats;
 934         u8 rssi, signal, noise;
 935         u8 link_speed;
 936         u32 transmitted_frame_count, received_fragment_count;
 937         u32 failed_count, fcs_error_count;
 938 
 939         rssi = get_byte(priv);
 940         signal = get_byte(priv);
 941         noise = get_byte(priv);
 942         link_speed = get_byte(priv);
 943         transmitted_frame_count = get_dword(priv);
 944         received_fragment_count = get_dword(priv);
 945         failed_count = get_dword(priv);
 946         fcs_error_count = get_dword(priv);
 947 
 948         netdev_dbg(priv->net_dev, "phyinfo confirm rssi=%d signal=%d\n",
 949                    rssi, signal);
 950         priv->current_rate = (link_speed & RATE_MASK);
 951         wstats->qual.qual = signal;
 952         wstats->qual.level = 256 - rssi;
 953         wstats->qual.noise = 0; /* invalid noise value */
 954         wstats->qual.updated = IW_QUAL_ALL_UPDATED | IW_QUAL_DBM;
 955 
 956         netdev_dbg(priv->net_dev, "\n    rssi=%u\n"
 957                    "    signal=%u\n"
 958                    "    link_speed=%ux500Kbps\n"
 959                    "    transmitted_frame_count=%u\n"
 960                    "    received_fragment_count=%u\n"
 961                    "    failed_count=%u\n"
 962                    "    fcs_error_count=%u\n",
 963                    rssi, signal, link_speed, transmitted_frame_count,
 964                    received_fragment_count, failed_count, fcs_error_count);
 965         /* wake_up_interruptible_all(&priv->confirm_wait); */
 966         complete(&priv->confirm_wait);
 967 }
 968 
 969 static
 970 void hostif_mic_failure_confirm(struct ks_wlan_private *priv)
 971 {
 972         netdev_dbg(priv->net_dev, "mic_failure=%u\n",
 973                    priv->wpa.mic_failure.failure);
 974         hostif_sme_enqueue(priv, SME_MIC_FAILURE_CONFIRM);
 975 }
 976 
 977 static
 978 void hostif_event_check(struct ks_wlan_private *priv)
 979 {
 980         u16 event;
 981 
 982         event = get_word(priv);
 983         switch (event) {
 984         case HIF_DATA_IND:
 985                 hostif_data_indication(priv);
 986                 break;
 987         case HIF_MIB_GET_CONF:
 988                 hostif_mib_get_confirm(priv);
 989                 break;
 990         case HIF_MIB_SET_CONF:
 991                 hostif_mib_set_confirm(priv);
 992                 break;
 993         case HIF_POWER_MGMT_CONF:
 994                 hostif_power_mgmt_confirm(priv);
 995                 break;
 996         case HIF_SLEEP_CONF:
 997                 hostif_sleep_confirm(priv);
 998                 break;
 999         case HIF_START_CONF:
1000                 hostif_start_confirm(priv);
1001                 break;
1002         case HIF_CONNECT_IND:
1003                 hostif_connect_indication(priv);
1004                 break;
1005         case HIF_STOP_CONF:
1006                 hostif_stop_confirm(priv);
1007                 break;
1008         case HIF_PS_ADH_SET_CONF:
1009                 hostif_ps_adhoc_set_confirm(priv);
1010                 break;
1011         case HIF_INFRA_SET_CONF:
1012         case HIF_INFRA_SET2_CONF:
1013                 hostif_infrastructure_set_confirm(priv);
1014                 break;
1015         case HIF_ADH_SET_CONF:
1016         case HIF_ADH_SET2_CONF:
1017                 hostif_adhoc_set_confirm(priv);
1018                 break;
1019         case HIF_ASSOC_INFO_IND:
1020                 hostif_associate_indication(priv);
1021                 break;
1022         case HIF_MIC_FAILURE_CONF:
1023                 hostif_mic_failure_confirm(priv);
1024                 break;
1025         case HIF_SCAN_CONF:
1026                 hostif_bss_scan_confirm(priv);
1027                 break;
1028         case HIF_PHY_INFO_CONF:
1029         case HIF_PHY_INFO_IND:
1030                 hostif_phy_information_confirm(priv);
1031                 break;
1032         case HIF_SCAN_IND:
1033                 hostif_scan_indication(priv);
1034                 break;
1035         case HIF_AP_SET_CONF:
1036         default:
1037                 netdev_err(priv->net_dev, "undefined event[%04X]\n", event);
1038                 /* wake_up_all(&priv->confirm_wait); */
1039                 complete(&priv->confirm_wait);
1040                 break;
1041         }
1042 
1043         /* add event to hostt buffer */
1044         priv->hostt.buff[priv->hostt.qtail] = event;
1045         priv->hostt.qtail = (priv->hostt.qtail + 1) % SME_EVENT_BUFF_SIZE;
1046 }
1047 
1048 /* allocate size bytes, set header size and event */
1049 static void *hostif_generic_request(size_t size, int event)
1050 {
1051         struct hostif_hdr *p;
1052 
1053         p = kzalloc(hif_align_size(size), GFP_ATOMIC);
1054         if (!p)
1055                 return NULL;
1056 
1057         p->size = cpu_to_le16(size - sizeof(p->size));
1058         p->event = cpu_to_le16(event);
1059 
1060         return p;
1061 }
1062 
1063 int hostif_data_request(struct ks_wlan_private *priv, struct sk_buff *skb)
1064 {
1065         unsigned int skb_len = 0;
1066         unsigned char *buffer = NULL;
1067         unsigned int length = 0;
1068         struct hostif_data_request *pp;
1069         unsigned char *p;
1070         unsigned short eth_proto;
1071         struct ether_hdr *eth_hdr;
1072         unsigned short keyinfo = 0;
1073         struct ieee802_1x_hdr *aa1x_hdr;
1074         struct wpa_eapol_key *eap_key;
1075         struct ethhdr *eth;
1076         size_t size;
1077         int ret;
1078 
1079         skb_len = skb->len;
1080         if (skb_len > ETH_FRAME_LEN) {
1081                 netdev_err(priv->net_dev, "bad length skb_len=%d\n", skb_len);
1082                 ret = -EOVERFLOW;
1083                 goto err_kfree_skb;
1084         }
1085 
1086         if (is_disconnect_status(priv->connect_status) ||
1087             (priv->connect_status & FORCE_DISCONNECT) ||
1088             priv->wpa.mic_failure.stop) {
1089                 if (netif_queue_stopped(priv->net_dev))
1090                         netif_wake_queue(priv->net_dev);
1091 
1092                 dev_kfree_skb(skb);
1093 
1094                 return 0;
1095         }
1096 
1097         /* power save wakeup */
1098         if (atomic_read(&priv->psstatus.status) == PS_SNOOZE) {
1099                 if (!netif_queue_stopped(priv->net_dev))
1100                         netif_stop_queue(priv->net_dev);
1101         }
1102 
1103         size = sizeof(*pp) + 6 + skb_len + 8;
1104         pp = kmalloc(hif_align_size(size), GFP_ATOMIC);
1105         if (!pp) {
1106                 ret = -ENOMEM;
1107                 goto err_kfree_skb;
1108         }
1109 
1110         p = (unsigned char *)pp->data;
1111 
1112         buffer = skb->data;
1113         length = skb->len;
1114 
1115         /* skb check */
1116         eth = (struct ethhdr *)skb->data;
1117         if (!ether_addr_equal(&priv->eth_addr[0], eth->h_source)) {
1118                 netdev_err(priv->net_dev,
1119                            "Invalid mac address: ethernet->h_source=%pM\n",
1120                            eth->h_source);
1121                 ret = -ENXIO;
1122                 goto err_kfree;
1123         }
1124 
1125         /* dest and src MAC address copy */
1126         size = ETH_ALEN * 2;
1127         memcpy(p, buffer, size);
1128         p += size;
1129         buffer += size;
1130         length -= size;
1131 
1132         /* EtherType/Length check */
1133         if (*(buffer + 1) + (*buffer << 8) > 1500) {
1134                 /* ProtocolEAP = *(buffer+1) + (*buffer << 8); */
1135                 /* SAP/CTL/OUI(6 byte) add */
1136                 *p++ = 0xAA;    /* DSAP */
1137                 *p++ = 0xAA;    /* SSAP */
1138                 *p++ = 0x03;    /* CTL */
1139                 *p++ = 0x00;    /* OUI ("000000") */
1140                 *p++ = 0x00;    /* OUI ("000000") */
1141                 *p++ = 0x00;    /* OUI ("000000") */
1142                 skb_len += 6;
1143         } else {
1144                 /* Length(2 byte) delete */
1145                 buffer += 2;
1146                 length -= 2;
1147                 skb_len -= 2;
1148         }
1149 
1150         /* pp->data copy */
1151         memcpy(p, buffer, length);
1152 
1153         p += length;
1154 
1155         /* for WPA */
1156         eth_hdr = (struct ether_hdr *)&pp->data[0];
1157         eth_proto = ntohs(eth_hdr->h_proto);
1158 
1159         /* for MIC FAILURE REPORT check */
1160         if (eth_proto == ETH_P_PAE &&
1161             priv->wpa.mic_failure.failure > 0) {
1162                 aa1x_hdr = (struct ieee802_1x_hdr *)(eth_hdr + 1);
1163                 if (aa1x_hdr->type == IEEE802_1X_TYPE_EAPOL_KEY) {
1164                         eap_key = (struct wpa_eapol_key *)(aa1x_hdr + 1);
1165                         keyinfo = ntohs(eap_key->key_info);
1166                 }
1167         }
1168 
1169         if (priv->wpa.rsn_enabled && priv->wpa.key[0].key_len) {
1170                 /* no encryption */
1171                 if (eth_proto == ETH_P_PAE &&
1172                     priv->wpa.key[1].key_len == 0 &&
1173                     priv->wpa.key[2].key_len == 0 &&
1174                     priv->wpa.key[3].key_len == 0) {
1175                         pp->auth_type = cpu_to_le16(TYPE_AUTH);
1176                 } else {
1177                         if (priv->wpa.pairwise_suite == IW_AUTH_CIPHER_TKIP) {
1178                                 u8 mic[MICHAEL_MIC_LEN];
1179 
1180                                 ret = michael_mic(priv->wpa.key[0].tx_mic_key,
1181                                                   &pp->data[0], skb_len,
1182                                                   0, mic);
1183                                 if (ret < 0)
1184                                         goto err_kfree;
1185 
1186                                 memcpy(p, mic, sizeof(mic));
1187                                 length += sizeof(mic);
1188                                 skb_len += sizeof(mic);
1189                                 p += sizeof(mic);
1190                                 pp->auth_type =
1191                                     cpu_to_le16(TYPE_DATA);
1192                         } else if (priv->wpa.pairwise_suite ==
1193                                    IW_AUTH_CIPHER_CCMP) {
1194                                 pp->auth_type =
1195                                     cpu_to_le16(TYPE_DATA);
1196                         }
1197                 }
1198         } else {
1199                 if (eth_proto == ETH_P_PAE)
1200                         pp->auth_type = cpu_to_le16(TYPE_AUTH);
1201                 else
1202                         pp->auth_type = cpu_to_le16(TYPE_DATA);
1203         }
1204 
1205         /* header value set */
1206         pp->header.size =
1207             cpu_to_le16((sizeof(*pp) - sizeof(pp->header.size) + skb_len));
1208         pp->header.event = cpu_to_le16(HIF_DATA_REQ);
1209 
1210         /* tx request */
1211         ret = ks_wlan_hw_tx(priv, pp, hif_align_size(sizeof(*pp) + skb_len),
1212                             send_packet_complete, skb);
1213 
1214         /* MIC FAILURE REPORT check */
1215         if (eth_proto == ETH_P_PAE &&
1216             priv->wpa.mic_failure.failure > 0) {
1217                 if (keyinfo & WPA_KEY_INFO_ERROR &&
1218                     keyinfo & WPA_KEY_INFO_REQUEST) {
1219                         netdev_err(priv->net_dev,
1220                                    "MIC ERROR Report SET : %04X\n", keyinfo);
1221                         hostif_sme_enqueue(priv, SME_MIC_FAILURE_REQUEST);
1222                 }
1223                 if (priv->wpa.mic_failure.failure == 2)
1224                         priv->wpa.mic_failure.stop = 1;
1225         }
1226 
1227         return ret;
1228 
1229 err_kfree:
1230         kfree(pp);
1231 err_kfree_skb:
1232         dev_kfree_skb(skb);
1233 
1234         return ret;
1235 }
1236 
1237 static inline void ps_confirm_wait_inc(struct ks_wlan_private *priv)
1238 {
1239         if (atomic_read(&priv->psstatus.status) > PS_ACTIVE_SET)
1240                 atomic_inc(&priv->psstatus.confirm_wait);
1241 }
1242 
1243 static inline void send_request_to_device(struct ks_wlan_private *priv,
1244                                           void *data, size_t size)
1245 {
1246         ps_confirm_wait_inc(priv);
1247         ks_wlan_hw_tx(priv, data, size, NULL, NULL);
1248 }
1249 
1250 static void hostif_mib_get_request(struct ks_wlan_private *priv,
1251                                    u32 mib_attribute)
1252 {
1253         struct hostif_mib_get_request *pp;
1254 
1255         pp = hostif_generic_request(sizeof(*pp), HIF_MIB_GET_REQ);
1256         if (!pp)
1257                 return;
1258 
1259         pp->mib_attribute = cpu_to_le32(mib_attribute);
1260 
1261         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1262 }
1263 
1264 static void hostif_mib_set_request(struct ks_wlan_private *priv,
1265                                    enum mib_attribute attr,
1266                                    enum mib_data_type type,
1267                                    void *data, size_t size)
1268 {
1269         struct hostif_mib_set_request_t *pp;
1270 
1271         if (priv->dev_state < DEVICE_STATE_BOOT)
1272                 return;
1273 
1274         pp = hostif_generic_request(sizeof(*pp), HIF_MIB_SET_REQ);
1275         if (!pp)
1276                 return;
1277 
1278         pp->mib_attribute = cpu_to_le32(attr);
1279         pp->mib_value.size = cpu_to_le16(size);
1280         pp->mib_value.type = cpu_to_le16(type);
1281         memcpy(&pp->mib_value.body, data, size);
1282 
1283         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp) + size));
1284 }
1285 
1286 static inline void hostif_mib_set_request_int(struct ks_wlan_private *priv,
1287                                               enum mib_attribute attr, int val)
1288 {
1289         __le32 v = cpu_to_le32(val);
1290         size_t size = sizeof(v);
1291 
1292         hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_INT, &v, size);
1293 }
1294 
1295 static inline void hostif_mib_set_request_bool(struct ks_wlan_private *priv,
1296                                                enum mib_attribute attr,
1297                                                bool val)
1298 {
1299         __le32 v = cpu_to_le32(val);
1300         size_t size = sizeof(v);
1301 
1302         hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_BOOL, &v, size);
1303 }
1304 
1305 static inline void hostif_mib_set_request_ostring(struct ks_wlan_private *priv,
1306                                                   enum mib_attribute attr,
1307                                                   void *data, size_t size)
1308 {
1309         hostif_mib_set_request(priv, attr, MIB_VALUE_TYPE_OSTRING, data, size);
1310 }
1311 
1312 static
1313 void hostif_start_request(struct ks_wlan_private *priv, unsigned char mode)
1314 {
1315         struct hostif_start_request *pp;
1316 
1317         pp = hostif_generic_request(sizeof(*pp), HIF_START_REQ);
1318         if (!pp)
1319                 return;
1320 
1321         pp->mode = cpu_to_le16(mode);
1322 
1323         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1324 
1325         priv->aplist.size = 0;
1326         priv->scan_ind_count = 0;
1327 }
1328 
1329 static __le16 ks_wlan_cap(struct ks_wlan_private *priv)
1330 {
1331         u16 capability = 0x0000;
1332 
1333         if (priv->reg.preamble == SHORT_PREAMBLE)
1334                 capability |= WLAN_CAPABILITY_SHORT_PREAMBLE;
1335 
1336         capability &= ~(WLAN_CAPABILITY_PBCC);  /* pbcc not support */
1337 
1338         if (priv->reg.phy_type != D_11B_ONLY_MODE) {
1339                 capability |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
1340                 capability &= ~(WLAN_CAPABILITY_DSSS_OFDM);
1341         }
1342 
1343         return cpu_to_le16(capability);
1344 }
1345 
1346 static void init_request(struct ks_wlan_private *priv,
1347                          struct hostif_request *req)
1348 {
1349         req->phy_type = cpu_to_le16(priv->reg.phy_type);
1350         req->cts_mode = cpu_to_le16(priv->reg.cts_mode);
1351         req->scan_type = cpu_to_le16(priv->reg.scan_type);
1352         req->rate_set.size = priv->reg.rate_set.size;
1353         req->capability = ks_wlan_cap(priv);
1354         memcpy(&req->rate_set.body[0], &priv->reg.rate_set.body[0],
1355                priv->reg.rate_set.size);
1356 }
1357 
1358 static
1359 void hostif_ps_adhoc_set_request(struct ks_wlan_private *priv)
1360 {
1361         struct hostif_ps_adhoc_set_request *pp;
1362 
1363         pp = hostif_generic_request(sizeof(*pp), HIF_PS_ADH_SET_REQ);
1364         if (!pp)
1365                 return;
1366 
1367         init_request(priv, &pp->request);
1368         pp->channel = cpu_to_le16(priv->reg.channel);
1369 
1370         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1371 }
1372 
1373 static
1374 void hostif_infrastructure_set_request(struct ks_wlan_private *priv, int event)
1375 {
1376         struct hostif_infrastructure_set_request *pp;
1377 
1378         pp = hostif_generic_request(sizeof(*pp), event);
1379         if (!pp)
1380                 return;
1381 
1382         init_request(priv, &pp->request);
1383         pp->ssid.size = priv->reg.ssid.size;
1384         memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1385         pp->beacon_lost_count =
1386             cpu_to_le16(priv->reg.beacon_lost_count);
1387         pp->auth_type = cpu_to_le16(priv->reg.authenticate_type);
1388 
1389         pp->channel_list.body[0] = 1;
1390         pp->channel_list.body[1] = 8;
1391         pp->channel_list.body[2] = 2;
1392         pp->channel_list.body[3] = 9;
1393         pp->channel_list.body[4] = 3;
1394         pp->channel_list.body[5] = 10;
1395         pp->channel_list.body[6] = 4;
1396         pp->channel_list.body[7] = 11;
1397         pp->channel_list.body[8] = 5;
1398         pp->channel_list.body[9] = 12;
1399         pp->channel_list.body[10] = 6;
1400         pp->channel_list.body[11] = 13;
1401         pp->channel_list.body[12] = 7;
1402         if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1403                 pp->channel_list.size = 13;
1404         } else {
1405                 pp->channel_list.body[13] = 14;
1406                 pp->channel_list.size = 14;
1407         }
1408 
1409         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1410 }
1411 
1412 static
1413 void hostif_adhoc_set_request(struct ks_wlan_private *priv)
1414 {
1415         struct hostif_adhoc_set_request *pp;
1416 
1417         pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1418         if (!pp)
1419                 return;
1420 
1421         init_request(priv, &pp->request);
1422         pp->channel = cpu_to_le16(priv->reg.channel);
1423         pp->ssid.size = priv->reg.ssid.size;
1424         memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1425 
1426         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1427 }
1428 
1429 static
1430 void hostif_adhoc_set2_request(struct ks_wlan_private *priv)
1431 {
1432         struct hostif_adhoc_set2_request *pp;
1433 
1434         pp = hostif_generic_request(sizeof(*pp), HIF_ADH_SET_REQ);
1435         if (!pp)
1436                 return;
1437 
1438         init_request(priv, &pp->request);
1439         pp->ssid.size = priv->reg.ssid.size;
1440         memcpy(&pp->ssid.body[0], &priv->reg.ssid.body[0], priv->reg.ssid.size);
1441 
1442         pp->channel_list.body[0] = priv->reg.channel;
1443         pp->channel_list.size = 1;
1444         memcpy(pp->bssid, priv->reg.bssid, ETH_ALEN);
1445 
1446         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1447 }
1448 
1449 static
1450 void hostif_stop_request(struct ks_wlan_private *priv)
1451 {
1452         struct hostif_stop_request *pp;
1453 
1454         pp = hostif_generic_request(sizeof(*pp), HIF_STOP_REQ);
1455         if (!pp)
1456                 return;
1457 
1458         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1459 }
1460 
1461 static
1462 void hostif_phy_information_request(struct ks_wlan_private *priv)
1463 {
1464         struct hostif_phy_information_request *pp;
1465 
1466         pp = hostif_generic_request(sizeof(*pp), HIF_PHY_INFO_REQ);
1467         if (!pp)
1468                 return;
1469 
1470         if (priv->reg.phy_info_timer) {
1471                 pp->type = cpu_to_le16(TIME_TYPE);
1472                 pp->time = cpu_to_le16(priv->reg.phy_info_timer);
1473         } else {
1474                 pp->type = cpu_to_le16(NORMAL_TYPE);
1475                 pp->time = cpu_to_le16(0);
1476         }
1477 
1478         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1479 }
1480 
1481 static
1482 void hostif_power_mgmt_request(struct ks_wlan_private *priv,
1483                                u32 mode, u32 wake_up, u32 receive_dtims)
1484 {
1485         struct hostif_power_mgmt_request *pp;
1486 
1487         pp = hostif_generic_request(sizeof(*pp), HIF_POWER_MGMT_REQ);
1488         if (!pp)
1489                 return;
1490 
1491         pp->mode = cpu_to_le32(mode);
1492         pp->wake_up = cpu_to_le32(wake_up);
1493         pp->receive_dtims = cpu_to_le32(receive_dtims);
1494 
1495         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1496 }
1497 
1498 static
1499 void hostif_sleep_request(struct ks_wlan_private *priv,
1500                           enum sleep_mode_type mode)
1501 {
1502         struct hostif_sleep_request *pp;
1503 
1504         if (mode == SLP_SLEEP) {
1505                 pp = hostif_generic_request(sizeof(*pp), HIF_SLEEP_REQ);
1506                 if (!pp)
1507                         return;
1508 
1509                 send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1510         } else if (mode == SLP_ACTIVE) {
1511                 atomic_set(&priv->sleepstatus.wakeup_request, 1);
1512                 queue_delayed_work(priv->wq, &priv->rw_dwork, 1);
1513         } else {
1514                 netdev_err(priv->net_dev, "invalid mode %ld\n", (long)mode);
1515                 return;
1516         }
1517 }
1518 
1519 static
1520 void hostif_bss_scan_request(struct ks_wlan_private *priv,
1521                              unsigned long scan_type, u8 *scan_ssid,
1522                              u8 scan_ssid_len)
1523 {
1524         struct hostif_bss_scan_request *pp;
1525 
1526         pp = hostif_generic_request(sizeof(*pp), HIF_SCAN_REQ);
1527         if (!pp)
1528                 return;
1529 
1530         pp->scan_type = scan_type;
1531 
1532         pp->ch_time_min = cpu_to_le32(110);     /* default value */
1533         pp->ch_time_max = cpu_to_le32(130);     /* default value */
1534         pp->channel_list.body[0] = 1;
1535         pp->channel_list.body[1] = 8;
1536         pp->channel_list.body[2] = 2;
1537         pp->channel_list.body[3] = 9;
1538         pp->channel_list.body[4] = 3;
1539         pp->channel_list.body[5] = 10;
1540         pp->channel_list.body[6] = 4;
1541         pp->channel_list.body[7] = 11;
1542         pp->channel_list.body[8] = 5;
1543         pp->channel_list.body[9] = 12;
1544         pp->channel_list.body[10] = 6;
1545         pp->channel_list.body[11] = 13;
1546         pp->channel_list.body[12] = 7;
1547         if (priv->reg.phy_type == D_11G_ONLY_MODE) {
1548                 pp->channel_list.size = 13;
1549         } else {
1550                 pp->channel_list.body[13] = 14;
1551                 pp->channel_list.size = 14;
1552         }
1553         pp->ssid.size = 0;
1554 
1555         /* specified SSID SCAN */
1556         if (scan_ssid_len > 0 && scan_ssid_len <= 32) {
1557                 pp->ssid.size = scan_ssid_len;
1558                 memcpy(&pp->ssid.body[0], scan_ssid, scan_ssid_len);
1559         }
1560 
1561         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1562 
1563         priv->aplist.size = 0;
1564         priv->scan_ind_count = 0;
1565 }
1566 
1567 static
1568 void hostif_mic_failure_request(struct ks_wlan_private *priv,
1569                                 u16 failure_count, u16 timer)
1570 {
1571         struct hostif_mic_failure_request *pp;
1572 
1573         pp = hostif_generic_request(sizeof(*pp), HIF_MIC_FAILURE_REQ);
1574         if (!pp)
1575                 return;
1576 
1577         pp->failure_count = cpu_to_le16(failure_count);
1578         pp->timer = cpu_to_le16(timer);
1579 
1580         send_request_to_device(priv, pp, hif_align_size(sizeof(*pp)));
1581 }
1582 
1583 /* Device I/O Receive indicate */
1584 static void devio_rec_ind(struct ks_wlan_private *priv, unsigned char *p,
1585                           unsigned int size)
1586 {
1587         if (!priv->is_device_open)
1588                 return;
1589 
1590         spin_lock(&priv->dev_read_lock);
1591         priv->dev_data[atomic_read(&priv->rec_count)] = p;
1592         priv->dev_size[atomic_read(&priv->rec_count)] = size;
1593 
1594         if (atomic_read(&priv->event_count) != DEVICE_STOCK_COUNT) {
1595                 /* rx event count inc */
1596                 atomic_inc(&priv->event_count);
1597         }
1598         atomic_inc(&priv->rec_count);
1599         if (atomic_read(&priv->rec_count) == DEVICE_STOCK_COUNT)
1600                 atomic_set(&priv->rec_count, 0);
1601 
1602         wake_up_interruptible_all(&priv->devread_wait);
1603 
1604         spin_unlock(&priv->dev_read_lock);
1605 }
1606 
1607 void hostif_receive(struct ks_wlan_private *priv, unsigned char *p,
1608                     unsigned int size)
1609 {
1610         devio_rec_ind(priv, p, size);
1611 
1612         priv->rxp = p;
1613         priv->rx_size = size;
1614 
1615         if (get_word(priv) == priv->rx_size)
1616                 hostif_event_check(priv);
1617 }
1618 
1619 static void hostif_sme_set_wep(struct ks_wlan_private *priv, int type)
1620 {
1621         switch (type) {
1622         case SME_WEP_INDEX_REQUEST:
1623                 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1624                                            priv->reg.wep_index);
1625                 break;
1626         case SME_WEP_KEY1_REQUEST:
1627                 if (priv->wpa.wpa_enabled)
1628                         return;
1629                 hostif_mib_set_request_ostring(priv,
1630                                                DOT11_WEP_DEFAULT_KEY_VALUE1,
1631                                                &priv->reg.wep_key[0].val[0],
1632                                                priv->reg.wep_key[0].size);
1633                 break;
1634         case SME_WEP_KEY2_REQUEST:
1635                 if (priv->wpa.wpa_enabled)
1636                         return;
1637                 hostif_mib_set_request_ostring(priv,
1638                                                DOT11_WEP_DEFAULT_KEY_VALUE2,
1639                                                &priv->reg.wep_key[1].val[0],
1640                                                priv->reg.wep_key[1].size);
1641                 break;
1642         case SME_WEP_KEY3_REQUEST:
1643                 if (priv->wpa.wpa_enabled)
1644                         return;
1645                 hostif_mib_set_request_ostring(priv,
1646                                                DOT11_WEP_DEFAULT_KEY_VALUE3,
1647                                                &priv->reg.wep_key[2].val[0],
1648                                                priv->reg.wep_key[2].size);
1649                 break;
1650         case SME_WEP_KEY4_REQUEST:
1651                 if (priv->wpa.wpa_enabled)
1652                         return;
1653                 hostif_mib_set_request_ostring(priv,
1654                                                DOT11_WEP_DEFAULT_KEY_VALUE4,
1655                                                &priv->reg.wep_key[3].val[0],
1656                                                priv->reg.wep_key[3].size);
1657                 break;
1658         case SME_WEP_FLAG_REQUEST:
1659                 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1660                                             priv->reg.privacy_invoked);
1661                 break;
1662         }
1663 }
1664 
1665 struct wpa_suite {
1666         __le16 size;
1667         unsigned char suite[4][CIPHER_ID_LEN];
1668 } __packed;
1669 
1670 struct rsn_mode {
1671         __le32 rsn_mode;
1672         __le16 rsn_capability;
1673 } __packed;
1674 
1675 static void hostif_sme_set_rsn(struct ks_wlan_private *priv, int type)
1676 {
1677         struct wpa_suite wpa_suite;
1678         struct rsn_mode rsn_mode;
1679         size_t size;
1680         u32 mode;
1681         const u8 *buf = NULL;
1682 
1683         memset(&wpa_suite, 0, sizeof(wpa_suite));
1684 
1685         switch (type) {
1686         case SME_RSN_UCAST_REQUEST:
1687                 wpa_suite.size = cpu_to_le16(1);
1688                 switch (priv->wpa.pairwise_suite) {
1689                 case IW_AUTH_CIPHER_NONE:
1690                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1691                                 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1692                         break;
1693                 case IW_AUTH_CIPHER_WEP40:
1694                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1695                                 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1696                         break;
1697                 case IW_AUTH_CIPHER_TKIP:
1698                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1699                                 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1700                         break;
1701                 case IW_AUTH_CIPHER_CCMP:
1702                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1703                                 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1704                         break;
1705                 case IW_AUTH_CIPHER_WEP104:
1706                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1707                                 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1708                         break;
1709                 }
1710 
1711                 if (buf)
1712                         memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1713                 size = sizeof(wpa_suite.size) +
1714                        (CIPHER_ID_LEN * le16_to_cpu(wpa_suite.size));
1715                 hostif_mib_set_request_ostring(priv,
1716                                                DOT11_RSN_CONFIG_UNICAST_CIPHER,
1717                                                &wpa_suite, size);
1718                 break;
1719         case SME_RSN_MCAST_REQUEST:
1720                 switch (priv->wpa.group_suite) {
1721                 case IW_AUTH_CIPHER_NONE:
1722                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1723                                 CIPHER_ID_WPA2_NONE : CIPHER_ID_WPA_NONE;
1724                         break;
1725                 case IW_AUTH_CIPHER_WEP40:
1726                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1727                                 CIPHER_ID_WPA2_WEP40 : CIPHER_ID_WPA_WEP40;
1728                         break;
1729                 case IW_AUTH_CIPHER_TKIP:
1730                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1731                                 CIPHER_ID_WPA2_TKIP : CIPHER_ID_WPA_TKIP;
1732                         break;
1733                 case IW_AUTH_CIPHER_CCMP:
1734                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1735                                 CIPHER_ID_WPA2_CCMP : CIPHER_ID_WPA_CCMP;
1736                         break;
1737                 case IW_AUTH_CIPHER_WEP104:
1738                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1739                                 CIPHER_ID_WPA2_WEP104 : CIPHER_ID_WPA_WEP104;
1740                         break;
1741                 }
1742                 if (buf)
1743                         memcpy(&wpa_suite.suite[0][0], buf, CIPHER_ID_LEN);
1744                 hostif_mib_set_request_ostring(priv,
1745                                                DOT11_RSN_CONFIG_MULTICAST_CIPHER,
1746                                                &wpa_suite.suite[0][0],
1747                                                CIPHER_ID_LEN);
1748                 break;
1749         case SME_RSN_AUTH_REQUEST:
1750                 wpa_suite.size = cpu_to_le16(1);
1751                 switch (priv->wpa.key_mgmt_suite) {
1752                 case IW_AUTH_KEY_MGMT_802_1X:
1753                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1754                                 KEY_MGMT_ID_WPA2_1X : KEY_MGMT_ID_WPA_1X;
1755                         break;
1756                 case IW_AUTH_KEY_MGMT_PSK:
1757                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1758                                 KEY_MGMT_ID_WPA2_PSK : KEY_MGMT_ID_WPA_PSK;
1759                         break;
1760                 case 0:
1761                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1762                                 KEY_MGMT_ID_WPA2_NONE : KEY_MGMT_ID_WPA_NONE;
1763                         break;
1764                 case 4:
1765                         buf = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1766                                 KEY_MGMT_ID_WPA2_WPANONE :
1767                                 KEY_MGMT_ID_WPA_WPANONE;
1768                         break;
1769                 }
1770 
1771                 if (buf)
1772                         memcpy(&wpa_suite.suite[0][0], buf, KEY_MGMT_ID_LEN);
1773                 size = sizeof(wpa_suite.size) +
1774                        (KEY_MGMT_ID_LEN * le16_to_cpu(wpa_suite.size));
1775                 hostif_mib_set_request_ostring(priv,
1776                                                DOT11_RSN_CONFIG_AUTH_SUITE,
1777                                                &wpa_suite, size);
1778                 break;
1779         case SME_RSN_ENABLED_REQUEST:
1780                 hostif_mib_set_request_bool(priv, DOT11_RSN_ENABLED,
1781                                             priv->wpa.rsn_enabled);
1782                 break;
1783         case SME_RSN_MODE_REQUEST:
1784                 mode = (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA2) ?
1785                         RSN_MODE_WPA2 :
1786                         (priv->wpa.version == IW_AUTH_WPA_VERSION_WPA) ?
1787                          RSN_MODE_WPA : RSN_MODE_NONE;
1788                 rsn_mode.rsn_mode = cpu_to_le32(mode);
1789                 rsn_mode.rsn_capability = cpu_to_le16(0);
1790                 hostif_mib_set_request_ostring(priv, LOCAL_RSN_MODE,
1791                                                &rsn_mode, sizeof(rsn_mode));
1792                 break;
1793         }
1794 }
1795 
1796 static
1797 void hostif_sme_mode_setup(struct ks_wlan_private *priv)
1798 {
1799         unsigned char rate_size;
1800         unsigned char rate_octet[RATE_SET_MAX_SIZE];
1801         int i = 0;
1802 
1803         /* rate setting if rate segging is auto for changing phy_type (#94) */
1804         if (priv->reg.tx_rate == TX_RATE_FULL_AUTO) {
1805                 if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1806                         priv->reg.rate_set.body[3] = TX_RATE_11M;
1807                         priv->reg.rate_set.body[2] = TX_RATE_5M;
1808                         priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1809                         priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1810                         priv->reg.rate_set.size = 4;
1811                 } else {        /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */
1812                         priv->reg.rate_set.body[11] = TX_RATE_54M;
1813                         priv->reg.rate_set.body[10] = TX_RATE_48M;
1814                         priv->reg.rate_set.body[9] = TX_RATE_36M;
1815                         priv->reg.rate_set.body[8] = TX_RATE_18M;
1816                         priv->reg.rate_set.body[7] = TX_RATE_9M;
1817                         priv->reg.rate_set.body[6] = TX_RATE_24M | BASIC_RATE;
1818                         priv->reg.rate_set.body[5] = TX_RATE_12M | BASIC_RATE;
1819                         priv->reg.rate_set.body[4] = TX_RATE_6M | BASIC_RATE;
1820                         priv->reg.rate_set.body[3] = TX_RATE_11M | BASIC_RATE;
1821                         priv->reg.rate_set.body[2] = TX_RATE_5M | BASIC_RATE;
1822                         priv->reg.rate_set.body[1] = TX_RATE_2M | BASIC_RATE;
1823                         priv->reg.rate_set.body[0] = TX_RATE_1M | BASIC_RATE;
1824                         priv->reg.rate_set.size = 12;
1825                 }
1826         }
1827 
1828         /* rate mask by phy setting */
1829         if (priv->reg.phy_type == D_11B_ONLY_MODE) {
1830                 for (i = 0; i < priv->reg.rate_set.size; i++) {
1831                         if (!is_11b_rate(priv->reg.rate_set.body[i]))
1832                                 break;
1833 
1834                         if ((priv->reg.rate_set.body[i] & RATE_MASK) >= TX_RATE_5M) {
1835                                 rate_octet[i] = priv->reg.rate_set.body[i] &
1836                                                 RATE_MASK;
1837                         } else {
1838                                 rate_octet[i] = priv->reg.rate_set.body[i];
1839                         }
1840                 }
1841 
1842         } else {        /* D_11G_ONLY_MODE or D_11BG_COMPATIBLE_MODE */
1843                 for (i = 0; i < priv->reg.rate_set.size; i++) {
1844                         if (!is_11bg_rate(priv->reg.rate_set.body[i]))
1845                                 break;
1846 
1847                         if (is_ofdm_ext_rate(priv->reg.rate_set.body[i])) {
1848                                 rate_octet[i] = priv->reg.rate_set.body[i] &
1849                                                 RATE_MASK;
1850                         } else {
1851                                 rate_octet[i] = priv->reg.rate_set.body[i];
1852                         }
1853                 }
1854         }
1855         rate_size = i;
1856         if (rate_size == 0) {
1857                 if (priv->reg.phy_type == D_11G_ONLY_MODE)
1858                         rate_octet[0] = TX_RATE_6M | BASIC_RATE;
1859                 else
1860                         rate_octet[0] = TX_RATE_2M | BASIC_RATE;
1861                 rate_size = 1;
1862         }
1863 
1864         /* rate set update */
1865         priv->reg.rate_set.size = rate_size;
1866         memcpy(&priv->reg.rate_set.body[0], &rate_octet[0], rate_size);
1867 
1868         switch (priv->reg.operation_mode) {
1869         case MODE_PSEUDO_ADHOC:
1870                 hostif_ps_adhoc_set_request(priv);
1871                 break;
1872         case MODE_INFRASTRUCTURE:
1873                 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1874                         hostif_infrastructure_set_request(priv,
1875                                                           HIF_INFRA_SET_REQ);
1876                 } else {
1877                         hostif_infrastructure_set_request(priv,
1878                                                           HIF_INFRA_SET2_REQ);
1879                         netdev_dbg(priv->net_dev,
1880                                    "Infra bssid = %pM\n", priv->reg.bssid);
1881                 }
1882                 break;
1883         case MODE_ADHOC:
1884                 if (!is_valid_ether_addr((u8 *)priv->reg.bssid)) {
1885                         hostif_adhoc_set_request(priv);
1886                 } else {
1887                         hostif_adhoc_set2_request(priv);
1888                         netdev_dbg(priv->net_dev,
1889                                    "Adhoc bssid = %pM\n", priv->reg.bssid);
1890                 }
1891                 break;
1892         default:
1893                 break;
1894         }
1895 }
1896 
1897 static
1898 void hostif_sme_multicast_set(struct ks_wlan_private *priv)
1899 {
1900         struct net_device *dev = priv->net_dev;
1901         int mc_count;
1902         struct netdev_hw_addr *ha;
1903         char set_address[NIC_MAX_MCAST_LIST * ETH_ALEN];
1904         int i = 0;
1905 
1906         spin_lock(&priv->multicast_spin);
1907 
1908         memset(set_address, 0, NIC_MAX_MCAST_LIST * ETH_ALEN);
1909 
1910         if (dev->flags & IFF_PROMISC) {
1911                 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1912                                            MCAST_FILTER_PROMISC);
1913                 goto spin_unlock;
1914         }
1915 
1916         if ((netdev_mc_count(dev) > NIC_MAX_MCAST_LIST) ||
1917             (dev->flags & IFF_ALLMULTI)) {
1918                 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1919                                            MCAST_FILTER_MCASTALL);
1920                 goto spin_unlock;
1921         }
1922 
1923         if (priv->sme_i.sme_flag & SME_MULTICAST) {
1924                 mc_count = netdev_mc_count(dev);
1925                 netdev_for_each_mc_addr(ha, dev) {
1926                         ether_addr_copy(&set_address[i * ETH_ALEN], ha->addr);
1927                         i++;
1928                 }
1929                 priv->sme_i.sme_flag &= ~SME_MULTICAST;
1930                 hostif_mib_set_request_ostring(priv, LOCAL_MULTICAST_ADDRESS,
1931                                                &set_address[0],
1932                                                ETH_ALEN * mc_count);
1933         } else {
1934                 priv->sme_i.sme_flag |= SME_MULTICAST;
1935                 hostif_mib_set_request_int(priv, LOCAL_MULTICAST_FILTER,
1936                                            MCAST_FILTER_MCAST);
1937         }
1938 
1939 spin_unlock:
1940         spin_unlock(&priv->multicast_spin);
1941 }
1942 
1943 static void hostif_sme_power_mgmt_set(struct ks_wlan_private *priv)
1944 {
1945         u32 mode, wake_up, receive_dtims;
1946 
1947         if (priv->reg.power_mgmt != POWER_MGMT_SAVE1 &&
1948             priv->reg.power_mgmt != POWER_MGMT_SAVE2) {
1949                 mode = POWER_ACTIVE;
1950                 wake_up = 0;
1951                 receive_dtims = 0;
1952         } else {
1953                 mode = (priv->reg.operation_mode == MODE_INFRASTRUCTURE) ?
1954                         POWER_SAVE : POWER_ACTIVE;
1955                 wake_up = 0;
1956                 receive_dtims = (priv->reg.operation_mode == MODE_INFRASTRUCTURE &&
1957                                  priv->reg.power_mgmt == POWER_MGMT_SAVE2);
1958         }
1959 
1960         hostif_power_mgmt_request(priv, mode, wake_up, receive_dtims);
1961 }
1962 
1963 static void hostif_sme_sleep_set(struct ks_wlan_private *priv)
1964 {
1965         if (priv->sleep_mode != SLP_SLEEP &&
1966             priv->sleep_mode != SLP_ACTIVE)
1967                 return;
1968 
1969         hostif_sleep_request(priv, priv->sleep_mode);
1970 }
1971 
1972 static
1973 void hostif_sme_set_key(struct ks_wlan_private *priv, int type)
1974 {
1975         switch (type) {
1976         case SME_SET_FLAG:
1977                 hostif_mib_set_request_bool(priv, DOT11_PRIVACY_INVOKED,
1978                                             priv->reg.privacy_invoked);
1979                 break;
1980         case SME_SET_TXKEY:
1981                 hostif_mib_set_request_int(priv, DOT11_WEP_DEFAULT_KEY_ID,
1982                                            priv->wpa.txkey);
1983                 break;
1984         case SME_SET_KEY1:
1985                 hostif_mib_set_request_ostring(priv,
1986                                                DOT11_WEP_DEFAULT_KEY_VALUE1,
1987                                                &priv->wpa.key[0].key_val[0],
1988                                                priv->wpa.key[0].key_len);
1989                 break;
1990         case SME_SET_KEY2:
1991                 hostif_mib_set_request_ostring(priv,
1992                                                DOT11_WEP_DEFAULT_KEY_VALUE2,
1993                                                &priv->wpa.key[1].key_val[0],
1994                                                priv->wpa.key[1].key_len);
1995                 break;
1996         case SME_SET_KEY3:
1997                 hostif_mib_set_request_ostring(priv,
1998                                                DOT11_WEP_DEFAULT_KEY_VALUE3,
1999                                                &priv->wpa.key[2].key_val[0],
2000                                                priv->wpa.key[2].key_len);
2001                 break;
2002         case SME_SET_KEY4:
2003                 hostif_mib_set_request_ostring(priv,
2004                                                DOT11_WEP_DEFAULT_KEY_VALUE4,
2005                                                &priv->wpa.key[3].key_val[0],
2006                                                priv->wpa.key[3].key_len);
2007                 break;
2008         case SME_SET_PMK_TSC:
2009                 hostif_mib_set_request_ostring(priv, DOT11_PMK_TSC,
2010                                                &priv->wpa.key[0].rx_seq[0],
2011                                                WPA_RX_SEQ_LEN);
2012                 break;
2013         case SME_SET_GMK1_TSC:
2014                 hostif_mib_set_request_ostring(priv, DOT11_GMK1_TSC,
2015                                                &priv->wpa.key[1].rx_seq[0],
2016                                                WPA_RX_SEQ_LEN);
2017                 break;
2018         case SME_SET_GMK2_TSC:
2019                 hostif_mib_set_request_ostring(priv, DOT11_GMK2_TSC,
2020                                                &priv->wpa.key[2].rx_seq[0],
2021                                                WPA_RX_SEQ_LEN);
2022                 break;
2023         }
2024 }
2025 
2026 static
2027 void hostif_sme_set_pmksa(struct ks_wlan_private *priv)
2028 {
2029         struct pmk_cache {
2030                 __le16 size;
2031                 struct {
2032                         u8 bssid[ETH_ALEN];
2033                         u8 pmkid[IW_PMKID_LEN];
2034                 } __packed list[PMK_LIST_MAX];
2035         } __packed pmkcache;
2036         struct pmk *pmk;
2037         size_t size;
2038         int i = 0;
2039 
2040         list_for_each_entry(pmk, &priv->pmklist.head, list) {
2041                 if (i >= PMK_LIST_MAX)
2042                         break;
2043                 ether_addr_copy(pmkcache.list[i].bssid, pmk->bssid);
2044                 memcpy(pmkcache.list[i].pmkid, pmk->pmkid, IW_PMKID_LEN);
2045                 i++;
2046         }
2047         pmkcache.size = cpu_to_le16(priv->pmklist.size);
2048         size = sizeof(priv->pmklist.size) +
2049                ((ETH_ALEN + IW_PMKID_LEN) * priv->pmklist.size);
2050         hostif_mib_set_request_ostring(priv, LOCAL_PMK, &pmkcache, size);
2051 }
2052 
2053 /* execute sme */
2054 static void hostif_sme_execute(struct ks_wlan_private *priv, int event)
2055 {
2056         u16 failure;
2057 
2058         switch (event) {
2059         case SME_START:
2060                 if (priv->dev_state == DEVICE_STATE_BOOT)
2061                         hostif_mib_get_request(priv, DOT11_MAC_ADDRESS);
2062                 break;
2063         case SME_MULTICAST_REQUEST:
2064                 hostif_sme_multicast_set(priv);
2065                 break;
2066         case SME_MACADDRESS_SET_REQUEST:
2067                 hostif_mib_set_request_ostring(priv, LOCAL_CURRENTADDRESS,
2068                                                &priv->eth_addr[0], ETH_ALEN);
2069                 break;
2070         case SME_BSS_SCAN_REQUEST:
2071                 hostif_bss_scan_request(priv, priv->reg.scan_type,
2072                                         priv->scan_ssid, priv->scan_ssid_len);
2073                 break;
2074         case SME_POW_MNGMT_REQUEST:
2075                 hostif_sme_power_mgmt_set(priv);
2076                 break;
2077         case SME_PHY_INFO_REQUEST:
2078                 hostif_phy_information_request(priv);
2079                 break;
2080         case SME_MIC_FAILURE_REQUEST:
2081                 failure = priv->wpa.mic_failure.failure;
2082                 if (failure != 1 && failure != 2) {
2083                         netdev_err(priv->net_dev,
2084                                    "SME_MIC_FAILURE_REQUEST: failure count=%u error?\n",
2085                                    failure);
2086                         return;
2087                 }
2088                 hostif_mic_failure_request(priv, failure - 1, (failure == 1) ?
2089                                             0 : priv->wpa.mic_failure.counter);
2090                 break;
2091         case SME_MIC_FAILURE_CONFIRM:
2092                 if (priv->wpa.mic_failure.failure == 2) {
2093                         if (priv->wpa.mic_failure.stop)
2094                                 priv->wpa.mic_failure.stop = 0;
2095                         priv->wpa.mic_failure.failure = 0;
2096                         hostif_start_request(priv, priv->reg.operation_mode);
2097                 }
2098                 break;
2099         case SME_GET_MAC_ADDRESS:
2100                 if (priv->dev_state == DEVICE_STATE_BOOT)
2101                         hostif_mib_get_request(priv, DOT11_PRODUCT_VERSION);
2102                 break;
2103         case SME_GET_PRODUCT_VERSION:
2104                 if (priv->dev_state == DEVICE_STATE_BOOT)
2105                         priv->dev_state = DEVICE_STATE_PREINIT;
2106                 break;
2107         case SME_STOP_REQUEST:
2108                 hostif_stop_request(priv);
2109                 break;
2110         case SME_RTS_THRESHOLD_REQUEST:
2111                 hostif_mib_set_request_int(priv, DOT11_RTS_THRESHOLD,
2112                                            priv->reg.rts);
2113                 break;
2114         case SME_FRAGMENTATION_THRESHOLD_REQUEST:
2115                 hostif_mib_set_request_int(priv, DOT11_FRAGMENTATION_THRESHOLD,
2116                                            priv->reg.fragment);
2117                 break;
2118         case SME_WEP_INDEX_REQUEST:
2119         case SME_WEP_KEY1_REQUEST:
2120         case SME_WEP_KEY2_REQUEST:
2121         case SME_WEP_KEY3_REQUEST:
2122         case SME_WEP_KEY4_REQUEST:
2123         case SME_WEP_FLAG_REQUEST:
2124                 hostif_sme_set_wep(priv, event);
2125                 break;
2126         case SME_RSN_UCAST_REQUEST:
2127         case SME_RSN_MCAST_REQUEST:
2128         case SME_RSN_AUTH_REQUEST:
2129         case SME_RSN_ENABLED_REQUEST:
2130         case SME_RSN_MODE_REQUEST:
2131                 hostif_sme_set_rsn(priv, event);
2132                 break;
2133         case SME_SET_FLAG:
2134         case SME_SET_TXKEY:
2135         case SME_SET_KEY1:
2136         case SME_SET_KEY2:
2137         case SME_SET_KEY3:
2138         case SME_SET_KEY4:
2139         case SME_SET_PMK_TSC:
2140         case SME_SET_GMK1_TSC:
2141         case SME_SET_GMK2_TSC:
2142                 hostif_sme_set_key(priv, event);
2143                 break;
2144         case SME_SET_PMKSA:
2145                 hostif_sme_set_pmksa(priv);
2146                 break;
2147         case SME_WPS_ENABLE_REQUEST:
2148                 hostif_mib_set_request_int(priv, LOCAL_WPS_ENABLE,
2149                                            priv->wps.wps_enabled);
2150                 break;
2151         case SME_WPS_PROBE_REQUEST:
2152                 hostif_mib_set_request_ostring(priv, LOCAL_WPS_PROBE_REQ,
2153                                                priv->wps.ie, priv->wps.ielen);
2154                 break;
2155         case SME_MODE_SET_REQUEST:
2156                 hostif_sme_mode_setup(priv);
2157                 break;
2158         case SME_SET_GAIN:
2159                 hostif_mib_set_request_ostring(priv, LOCAL_GAIN,
2160                                                &priv->gain, sizeof(priv->gain));
2161                 break;
2162         case SME_GET_GAIN:
2163                 hostif_mib_get_request(priv, LOCAL_GAIN);
2164                 break;
2165         case SME_GET_EEPROM_CKSUM:
2166                 priv->eeprom_checksum = EEPROM_FW_NOT_SUPPORT;  /* initialize */
2167                 hostif_mib_get_request(priv, LOCAL_EEPROM_SUM);
2168                 break;
2169         case SME_START_REQUEST:
2170                 hostif_start_request(priv, priv->reg.operation_mode);
2171                 break;
2172         case SME_START_CONFIRM:
2173                 /* for power save */
2174                 atomic_set(&priv->psstatus.snooze_guard, 0);
2175                 atomic_set(&priv->psstatus.confirm_wait, 0);
2176                 if (priv->dev_state == DEVICE_STATE_PREINIT)
2177                         priv->dev_state = DEVICE_STATE_INIT;
2178                 /* wake_up_interruptible_all(&priv->confirm_wait); */
2179                 complete(&priv->confirm_wait);
2180                 break;
2181         case SME_SLEEP_REQUEST:
2182                 hostif_sme_sleep_set(priv);
2183                 break;
2184         case SME_SET_REGION:
2185                 hostif_mib_set_request_int(priv, LOCAL_REGION, priv->region);
2186                 break;
2187         case SME_MULTICAST_CONFIRM:
2188         case SME_BSS_SCAN_CONFIRM:
2189         case SME_POW_MNGMT_CONFIRM:
2190         case SME_PHY_INFO_CONFIRM:
2191         case SME_STOP_CONFIRM:
2192         case SME_RTS_THRESHOLD_CONFIRM:
2193         case SME_FRAGMENTATION_THRESHOLD_CONFIRM:
2194         case SME_WEP_INDEX_CONFIRM:
2195         case SME_WEP_KEY1_CONFIRM:
2196         case SME_WEP_KEY2_CONFIRM:
2197         case SME_WEP_KEY3_CONFIRM:
2198         case SME_WEP_KEY4_CONFIRM:
2199         case SME_WEP_FLAG_CONFIRM:
2200         case SME_RSN_UCAST_CONFIRM:
2201         case SME_RSN_MCAST_CONFIRM:
2202         case SME_RSN_AUTH_CONFIRM:
2203         case SME_RSN_ENABLED_CONFIRM:
2204         case SME_RSN_MODE_CONFIRM:
2205         case SME_MODE_SET_CONFIRM:
2206         case SME_TERMINATE:
2207         default:
2208                 break;
2209         }
2210 }
2211 
2212 static
2213 void hostif_sme_task(unsigned long dev)
2214 {
2215         struct ks_wlan_private *priv = (struct ks_wlan_private *)dev;
2216 
2217         if (priv->dev_state < DEVICE_STATE_BOOT)
2218                 return;
2219 
2220         if (cnt_smeqbody(priv) <= 0)
2221                 return;
2222 
2223         hostif_sme_execute(priv, priv->sme_i.event_buff[priv->sme_i.qhead]);
2224         inc_smeqhead(priv);
2225         if (cnt_smeqbody(priv) > 0)
2226                 tasklet_schedule(&priv->sme_task);
2227 }
2228 
2229 /* send to Station Management Entity module */
2230 void hostif_sme_enqueue(struct ks_wlan_private *priv, u16 event)
2231 {
2232         /* enqueue sme event */
2233         if (cnt_smeqbody(priv) < (SME_EVENT_BUFF_SIZE - 1)) {
2234                 priv->sme_i.event_buff[priv->sme_i.qtail] = event;
2235                 inc_smeqtail(priv);
2236         } else {
2237                 /* in case of buffer overflow */
2238                 netdev_err(priv->net_dev, "sme queue buffer overflow\n");
2239         }
2240 
2241         tasklet_schedule(&priv->sme_task);
2242 }
2243 
2244 static inline void hostif_aplist_init(struct ks_wlan_private *priv)
2245 {
2246         size_t size = LOCAL_APLIST_MAX * sizeof(struct local_ap);
2247 
2248         priv->aplist.size = 0;
2249         memset(&priv->aplist.ap[0], 0, size);
2250 }
2251 
2252 static inline void hostif_status_init(struct ks_wlan_private *priv)
2253 {
2254         priv->infra_status = 0;
2255         priv->current_rate = 4;
2256         priv->connect_status = DISCONNECT_STATUS;
2257 }
2258 
2259 static inline void hostif_sme_init(struct ks_wlan_private *priv)
2260 {
2261         priv->sme_i.sme_status = SME_IDLE;
2262         priv->sme_i.qhead = 0;
2263         priv->sme_i.qtail = 0;
2264         spin_lock_init(&priv->sme_i.sme_spin);
2265         priv->sme_i.sme_flag = 0;
2266         tasklet_init(&priv->sme_task, hostif_sme_task, (unsigned long)priv);
2267 }
2268 
2269 static inline void hostif_wpa_init(struct ks_wlan_private *priv)
2270 {
2271         memset(&priv->wpa, 0, sizeof(priv->wpa));
2272         priv->wpa.rsn_enabled = false;
2273         priv->wpa.mic_failure.failure = 0;
2274         priv->wpa.mic_failure.last_failure_time = 0;
2275         priv->wpa.mic_failure.stop = 0;
2276 }
2277 
2278 static inline void hostif_power_save_init(struct ks_wlan_private *priv)
2279 {
2280         atomic_set(&priv->psstatus.status, PS_NONE);
2281         atomic_set(&priv->psstatus.confirm_wait, 0);
2282         atomic_set(&priv->psstatus.snooze_guard, 0);
2283         init_completion(&priv->psstatus.wakeup_wait);
2284         INIT_WORK(&priv->wakeup_work, ks_wlan_hw_wakeup_task);
2285 }
2286 
2287 static inline void hostif_pmklist_init(struct ks_wlan_private *priv)
2288 {
2289         int i;
2290 
2291         memset(&priv->pmklist, 0, sizeof(priv->pmklist));
2292         INIT_LIST_HEAD(&priv->pmklist.head);
2293         for (i = 0; i < PMK_LIST_MAX; i++)
2294                 INIT_LIST_HEAD(&priv->pmklist.pmk[i].list);
2295 }
2296 
2297 static inline void hostif_counters_init(struct ks_wlan_private *priv)
2298 {
2299         priv->dev_count = 0;
2300         atomic_set(&priv->event_count, 0);
2301         atomic_set(&priv->rec_count, 0);
2302 }
2303 
2304 int hostif_init(struct ks_wlan_private *priv)
2305 {
2306         hostif_aplist_init(priv);
2307         hostif_status_init(priv);
2308 
2309         spin_lock_init(&priv->multicast_spin);
2310         spin_lock_init(&priv->dev_read_lock);
2311         init_waitqueue_head(&priv->devread_wait);
2312 
2313         hostif_counters_init(priv);
2314         hostif_power_save_init(priv);
2315         hostif_wpa_init(priv);
2316         hostif_pmklist_init(priv);
2317         hostif_sme_init(priv);
2318 
2319         return 0;
2320 }
2321 
2322 void hostif_exit(struct ks_wlan_private *priv)
2323 {
2324         tasklet_kill(&priv->sme_task);
2325 }

/* [<][>][^][v][top][bottom][index][help] */