1 /******************************************************************************
3 Copyright(c) 2003 - 2004 Intel Corporation. All rights reserved.
5 This program is free software; you can redistribute it and/or modify it
6 under the terms of version 2 of the GNU General Public License as
7 published by the Free Software Foundation.
9 This program is distributed in the hope that it will be useful, but WITHOUT
10 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 You should have received a copy of the GNU General Public License along with
15 this program; if not, write to the Free Software Foundation, Inc., 59
16 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18 The full GNU General Public License is included in this distribution in the
22 James P. Ketrenos <ipw2100-admin@linux.intel.com>
23 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
25 ******************************************************************************/
26 #include <linux/compiler.h>
27 #include <linux/config.h>
28 #include <linux/errno.h>
29 #include <linux/if_arp.h>
30 #include <linux/in6.h>
33 #include <linux/kernel.h>
34 #include <linux/module.h>
35 #include <linux/netdevice.h>
36 #include <linux/proc_fs.h>
37 #include <linux/skbuff.h>
38 #include <linux/slab.h>
39 #include <linux/tcp.h>
40 #include <linux/types.h>
41 #include <linux/version.h>
42 #include <linux/wireless.h>
43 #include <linux/etherdevice.h>
44 #include <asm/uaccess.h>
46 #include <net/ieee80211.h>
52 ,-------------------------------------------------------------------.
53 Bytes | 2 | 2 | 6 | 6 | 6 | 2 | 0..2312 | 4 |
54 |------|------|---------|---------|---------|------|---------|------|
55 Desc. | ctrl | dura | DA/RA | TA | SA | Sequ | Frame | fcs |
56 | | tion | (BSSID) | | | ence | data | |
57 `--------------------------------------------------| |------'
58 Total: 28 non-data bytes `----.----'
60 .- 'Frame data' expands to <---------------------------'
63 ,---------------------------------------------------.
64 Bytes | 1 | 1 | 1 | 3 | 2 | 0-2304 |
65 |------|------|---------|----------|------|---------|
66 Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP |
67 | DSAP | SSAP | | | | Packet |
68 | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8| | |
69 `-----------------------------------------| |
70 Total: 8 non-data bytes `----.----'
72 .- 'IP Packet' expands, if WEP enabled, to <--'
75 ,-----------------------.
76 Bytes | 4 | 0-2296 | 4 |
77 |-----|-----------|-----|
78 Desc. | IV | Encrypted | ICV |
80 `-----------------------'
81 Total: 8 non-data bytes
83 802.3 Ethernet Data Frame
85 ,-----------------------------------------.
86 Bytes | 6 | 6 | 2 | Variable | 4 |
87 |-------|-------|------|-----------|------|
88 Desc. | Dest. | Source| Type | IP Packet | fcs |
90 `-----------------------------------------'
91 Total: 18 non-data bytes
93 In the event that fragmentation is required, the incoming payload is split into
94 N parts of size ieee->fts. The first fragment contains the SNAP header and the
95 remaining packets are just data.
97 If encryption is enabled, each fragment payload size is reduced by enough space
98 to add the prefix and postfix (IV and ICV totalling 8 bytes in the case of WEP)
99 So if you have 1500 bytes of payload with ieee->fts set to 500 without
100 encryption it will take 3 frames. With WEP it will take 4 frames as the
101 payload of each frame is reduced to 492 bytes.
107 * | ETHERNET HEADER ,-<-- PAYLOAD
108 * | | 14 bytes from skb->data
109 * | 2 bytes for Type --> ,T. | (sizeof ethhdr)
111 * |,-Dest.--. ,--Src.---. | | |
112 * | 6 bytes| | 6 bytes | | | |
115 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
118 * | | | | `T' <---- 2 bytes for Type
120 * | | '---SNAP--' <-------- 6 bytes for SNAP
122 * `-IV--' <-------------------- 4 bytes for IV (WEP)
128 static u8 P802_1H_OUI
[P80211_OUI_LEN
] = { 0x00, 0x00, 0xf8 };
129 static u8 RFC1042_OUI
[P80211_OUI_LEN
] = { 0x00, 0x00, 0x00 };
131 static inline int ieee80211_put_snap(u8
* data
, u16 h_proto
)
133 struct ieee80211_snap_hdr
*snap
;
136 snap
= (struct ieee80211_snap_hdr
*)data
;
141 if (h_proto
== 0x8137 || h_proto
== 0x80f3)
145 snap
->oui
[0] = oui
[0];
146 snap
->oui
[1] = oui
[1];
147 snap
->oui
[2] = oui
[2];
149 *(u16
*) (data
+ SNAP_SIZE
) = htons(h_proto
);
151 return SNAP_SIZE
+ sizeof(u16
);
154 static inline int ieee80211_encrypt_fragment(struct ieee80211_device
*ieee
,
155 struct sk_buff
*frag
, int hdr_len
)
157 struct ieee80211_crypt_data
*crypt
= ieee
->crypt
[ieee
->tx_keyidx
];
160 #ifdef CONFIG_IEEE80211_CRYPT_TKIP
161 struct ieee80211_hdr
*header
;
163 if (ieee
->tkip_countermeasures
&&
164 crypt
&& crypt
->ops
&& strcmp(crypt
->ops
->name
, "TKIP") == 0) {
165 header
= (struct ieee80211_hdr
*)frag
->data
;
166 if (net_ratelimit()) {
167 printk(KERN_DEBUG
"%s: TKIP countermeasures: dropped "
168 "TX packet to " MAC_FMT
"\n",
169 ieee
->dev
->name
, MAC_ARG(header
->addr1
));
174 /* To encrypt, frame format is:
175 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */
177 // PR: FIXME: Copied from hostap. Check fragmentation/MSDU/MPDU encryption.
178 /* Host-based IEEE 802.11 fragmentation for TX is not yet supported, so
179 * call both MSDU and MPDU encryption functions from here. */
180 atomic_inc(&crypt
->refcnt
);
182 if (crypt
->ops
->encrypt_msdu
)
183 res
= crypt
->ops
->encrypt_msdu(frag
, hdr_len
, crypt
->priv
);
184 if (res
== 0 && crypt
->ops
->encrypt_mpdu
)
185 res
= crypt
->ops
->encrypt_mpdu(frag
, hdr_len
, crypt
->priv
);
187 atomic_dec(&crypt
->refcnt
);
189 printk(KERN_INFO
"%s: Encryption failed: len=%d.\n",
190 ieee
->dev
->name
, frag
->len
);
191 ieee
->ieee_stats
.tx_discards
++;
198 void ieee80211_txb_free(struct ieee80211_txb
*txb
)
203 for (i
= 0; i
< txb
->nr_frags
; i
++)
204 if (txb
->fragments
[i
])
205 dev_kfree_skb_any(txb
->fragments
[i
]);
209 static struct ieee80211_txb
*ieee80211_alloc_txb(int nr_frags
, int txb_size
,
212 struct ieee80211_txb
*txb
;
214 txb
= kmalloc(sizeof(struct ieee80211_txb
) + (sizeof(u8
*) * nr_frags
),
219 memset(txb
, 0, sizeof(struct ieee80211_txb
));
220 txb
->nr_frags
= nr_frags
;
221 txb
->frag_size
= txb_size
;
223 for (i
= 0; i
< nr_frags
; i
++) {
224 txb
->fragments
[i
] = dev_alloc_skb(txb_size
);
225 if (unlikely(!txb
->fragments
[i
])) {
230 if (unlikely(i
!= nr_frags
)) {
232 dev_kfree_skb_any(txb
->fragments
[i
--]);
239 /* SKBs are added to the ieee->tx_queue. */
240 int ieee80211_xmit(struct sk_buff
*skb
, struct net_device
*dev
)
242 struct ieee80211_device
*ieee
= netdev_priv(dev
);
243 struct ieee80211_txb
*txb
= NULL
;
244 struct ieee80211_hdr
*frag_hdr
;
245 int i
, bytes_per_frag
, nr_frags
, bytes_last_frag
, frag_size
;
247 struct net_device_stats
*stats
= &ieee
->stats
;
248 int ether_type
, encrypt
;
249 int bytes
, fc
, hdr_len
;
250 struct sk_buff
*skb_frag
;
251 struct ieee80211_hdr header
= { /* Ensure zero initialized */
255 u8 dest
[ETH_ALEN
], src
[ETH_ALEN
];
257 struct ieee80211_crypt_data
*crypt
;
259 spin_lock_irqsave(&ieee
->lock
, flags
);
261 /* If there is no driver handler to take the TXB, dont' bother
263 if (!ieee
->hard_start_xmit
) {
264 printk(KERN_WARNING
"%s: No xmit handler.\n", ieee
->dev
->name
);
268 if (unlikely(skb
->len
< SNAP_SIZE
+ sizeof(u16
))) {
269 printk(KERN_WARNING
"%s: skb too small (%d).\n",
270 ieee
->dev
->name
, skb
->len
);
274 ether_type
= ntohs(((struct ethhdr
*)skb
->data
)->h_proto
);
276 crypt
= ieee
->crypt
[ieee
->tx_keyidx
];
278 encrypt
= !(ether_type
== ETH_P_PAE
&& ieee
->ieee802_1x
) &&
279 ieee
->host_encrypt
&& crypt
&& crypt
->ops
;
281 if (!encrypt
&& ieee
->ieee802_1x
&&
282 ieee
->drop_unencrypted
&& ether_type
!= ETH_P_PAE
) {
287 /* Save source and destination addresses */
288 memcpy(&dest
, skb
->data
, ETH_ALEN
);
289 memcpy(&src
, skb
->data
+ ETH_ALEN
, ETH_ALEN
);
291 /* Advance the SKB to the start of the payload */
292 skb_pull(skb
, sizeof(struct ethhdr
));
294 /* Determine total amount of storage required for TXB packets */
295 bytes
= skb
->len
+ SNAP_SIZE
+ sizeof(u16
);
298 fc
= IEEE80211_FTYPE_DATA
| IEEE80211_STYPE_DATA
|
299 IEEE80211_FCTL_PROTECTED
;
301 fc
= IEEE80211_FTYPE_DATA
| IEEE80211_STYPE_DATA
;
303 if (ieee
->iw_mode
== IW_MODE_INFRA
) {
304 fc
|= IEEE80211_FCTL_TODS
;
305 /* To DS: Addr1 = BSSID, Addr2 = SA,
307 memcpy(&header
.addr1
, ieee
->bssid
, ETH_ALEN
);
308 memcpy(&header
.addr2
, &src
, ETH_ALEN
);
309 memcpy(&header
.addr3
, &dest
, ETH_ALEN
);
310 } else if (ieee
->iw_mode
== IW_MODE_ADHOC
) {
311 /* not From/To DS: Addr1 = DA, Addr2 = SA,
313 memcpy(&header
.addr1
, dest
, ETH_ALEN
);
314 memcpy(&header
.addr2
, src
, ETH_ALEN
);
315 memcpy(&header
.addr3
, ieee
->bssid
, ETH_ALEN
);
317 header
.frame_ctl
= cpu_to_le16(fc
);
318 hdr_len
= IEEE80211_3ADDR_LEN
;
320 /* Determine fragmentation size based on destination (multicast
321 * and broadcast are not fragmented) */
322 if (is_multicast_ether_addr(dest
) || is_broadcast_ether_addr(dest
))
323 frag_size
= MAX_FRAG_THRESHOLD
;
325 frag_size
= ieee
->fts
;
327 /* Determine amount of payload per fragment. Regardless of if
328 * this stack is providing the full 802.11 header, one will
329 * eventually be affixed to this fragment -- so we must account for
330 * it when determining the amount of payload space. */
331 bytes_per_frag
= frag_size
- IEEE80211_3ADDR_LEN
;
333 (CFG_IEEE80211_COMPUTE_FCS
| CFG_IEEE80211_RESERVE_FCS
))
334 bytes_per_frag
-= IEEE80211_FCS_LEN
;
336 /* Each fragment may need to have room for encryptiong pre/postfix */
338 bytes_per_frag
-= crypt
->ops
->extra_prefix_len
+
339 crypt
->ops
->extra_postfix_len
;
341 /* Number of fragments is the total bytes_per_frag /
342 * payload_per_fragment */
343 nr_frags
= bytes
/ bytes_per_frag
;
344 bytes_last_frag
= bytes
% bytes_per_frag
;
348 bytes_last_frag
= bytes_per_frag
;
350 /* When we allocate the TXB we allocate enough space for the reserve
351 * and full fragment bytes (bytes_per_frag doesn't include prefix,
352 * postfix, header, FCS, etc.) */
353 txb
= ieee80211_alloc_txb(nr_frags
, frag_size
, GFP_ATOMIC
);
354 if (unlikely(!txb
)) {
355 printk(KERN_WARNING
"%s: Could not allocate TXB\n",
359 txb
->encrypted
= encrypt
;
360 txb
->payload_size
= bytes
;
362 for (i
= 0; i
< nr_frags
; i
++) {
363 skb_frag
= txb
->fragments
[i
];
366 skb_reserve(skb_frag
, crypt
->ops
->extra_prefix_len
);
368 frag_hdr
= (struct ieee80211_hdr
*)skb_put(skb_frag
, hdr_len
);
369 memcpy(frag_hdr
, &header
, hdr_len
);
371 /* If this is not the last fragment, then add the MOREFRAGS
372 * bit to the frame control */
373 if (i
!= nr_frags
- 1) {
374 frag_hdr
->frame_ctl
=
375 cpu_to_le16(fc
| IEEE80211_FCTL_MOREFRAGS
);
376 bytes
= bytes_per_frag
;
378 /* The last fragment takes the remaining length */
379 bytes
= bytes_last_frag
;
382 /* Put a SNAP header on the first fragment */
384 ieee80211_put_snap(skb_put
385 (skb_frag
, SNAP_SIZE
+ sizeof(u16
)),
387 bytes
-= SNAP_SIZE
+ sizeof(u16
);
390 memcpy(skb_put(skb_frag
, bytes
), skb
->data
, bytes
);
392 /* Advance the SKB... */
393 skb_pull(skb
, bytes
);
395 /* Encryption routine will move the header forward in order
396 * to insert the IV between the header and the payload */
398 ieee80211_encrypt_fragment(ieee
, skb_frag
, hdr_len
);
400 (CFG_IEEE80211_COMPUTE_FCS
| CFG_IEEE80211_RESERVE_FCS
))
401 skb_put(skb_frag
, 4);
405 spin_unlock_irqrestore(&ieee
->lock
, flags
);
407 dev_kfree_skb_any(skb
);
410 if ((*ieee
->hard_start_xmit
) (txb
, dev
) == 0) {
412 stats
->tx_bytes
+= txb
->payload_size
;
415 ieee80211_txb_free(txb
);
421 spin_unlock_irqrestore(&ieee
->lock
, flags
);
422 netif_stop_queue(dev
);
428 EXPORT_SYMBOL(ieee80211_txb_free
);