2 * Copyright (c) 2007-2008 Atheros Communications Inc.
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 /* Module Name : htr.c */
20 /* This module contains Tx and Rx functions. */
25 /************************************************************************/
28 u16_t zfWlanRxValidate(zdev_t* dev, zbuf_t* buf);
29 u16_t zfWlanRxFilter(zdev_t* dev, zbuf_t* buf);
33 const u8_t zgSnapBridgeTunnel[6] = { 0xAA, 0xAA, 0x03, 0x00, 0x00, 0xF8 };
34 const u8_t zgSnap8021h[6] = { 0xAA, 0xAA, 0x03, 0x00, 0x00, 0x00 };
35 /* Table for converting IP DSCP P2-P0 bits to 802.11e Access Category */
36 const u8_t zcUpToAc[8] = {0, 1, 1, 0, 2, 2, 3, 3}; //WMM default
37 //const u8_t zcUpToAc[8] = {0, 1, 1, 0, 0, 0, 0, 0}; //For 2 TxQ
38 //const u8_t zcUpToAc[8] = {0, 0, 0, 0, 0, 0, 0, 0}; //For single TxQ
39 const u8_t zcMaxspToPktNum[4] = {8, 2, 4, 6};
41 u8_t zfGetEncryModeFromRxStatus(struct zsAdditionInfo* addInfo)
46 securityByte = (addInfo->Tail.Data.SAIndex & 0xc0) >> 4; /* byte4 */
47 securityByte |= (addInfo->Tail.Data.DAIndex & 0xc0) >> 6; /* byte5 */
49 switch( securityByte )
57 #endif //ZM_ENABLE_CENC
61 encryMode = securityByte;
66 if ( (securityByte & 0xf8) == 0x08 )
68 // decrypted by software
71 encryMode = ZM_NO_WEP;
78 void zfGetRxIvIcvLength(zdev_t* dev, zbuf_t* buf, u8_t vap, u16_t* pIvLen,
79 u16_t* pIcvLen, struct zsAdditionInfo* addInfo)
84 zmw_get_wlan_dev(dev);
89 encryMode = zfGetEncryModeFromRxStatus(addInfo);
91 if ( wd->wlanMode == ZM_MODE_AP )
93 if (vap < ZM_MAX_AP_SUPPORT)
95 if (( wd->ap.encryMode[vap] == ZM_WEP64 ) ||
96 ( wd->ap.encryMode[vap] == ZM_WEP128 ) ||
97 ( wd->ap.encryMode[vap] == ZM_WEP256 ))
107 addr[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET);
108 addr[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+2);
109 addr[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+4);
111 /* Find STA's information */
112 id = zfApFindSta(dev, addr);
115 if (wd->ap.staTable[id].encryMode == ZM_TKIP)
120 else if (wd->ap.staTable[id].encryMode == ZM_AES)
123 *pIcvLen = 8; // AES MIC
126 #ifdef ZM_ENABLE_CENC
127 else if (wd->ap.staTable[id].encryMode == ZM_CENC)
132 #endif //ZM_ENABLE_CENC
135 /* WDS port checking */
136 wdsPort = vap - 0x20;
137 if (wdsPort >= ZM_MAX_WDS_SUPPORT)
142 switch (wd->ap.wds.encryMode[wdsPort])
158 #ifdef ZM_ENABLE_CENC
163 #endif //ZM_ENABLE_CENC
167 else if ( wd->wlanMode == ZM_MODE_PSEUDO)
169 /* test: 6518 for QA auto test */
186 #ifdef ZM_ENABLE_CENC
190 #endif //ZM_ENABLE_CENC
195 if ( (encryMode == ZM_WEP64)||
196 (encryMode == ZM_WEP128)||
197 (encryMode == ZM_WEP256) )
202 else if ( encryMode == ZM_TKIP )
207 else if ( encryMode == ZM_AES )
210 *pIcvLen = 8; // AES MIC
212 #ifdef ZM_ENABLE_CENC
213 else if ( encryMode == ZM_CENC)
218 #endif //ZM_ENABLE_CENC
223 /************************************************************************/
225 /* FUNCTION DESCRIPTION zfAgingDefragList */
226 /* Force flushing whole defrag list or aging the buffer */
227 /* in the defrag list. */
230 /* dev : device pointer */
231 /* flushFlag : 1=>flushing, 0=>Aging */
237 /* Stephen Chen Atheros Communications, INC. 2007.1 */
239 /************************************************************************/
240 void zfAgingDefragList(zdev_t* dev, u16_t flushFlag)
243 zmw_get_wlan_dev(dev);
244 zmw_declare_for_critical_section();
246 zmw_enter_critical_section(dev);
248 for(i=0; i<ZM_MAX_DEFRAG_ENTRIES; i++)
250 if (wd->defragTable.defragEntry[i].fragCount != 0 )
252 if (((wd->tick - wd->defragTable.defragEntry[i].tick) >
253 (ZM_DEFRAG_AGING_TIME_SEC * ZM_TICK_PER_SECOND))
256 zm_msg1_rx(ZM_LV_2, "Aging defrag list :", i);
257 /* Free the buffers in the defrag list */
258 for (j=0; j<wd->defragTable.defragEntry[i].fragCount; j++)
260 zfwBufFree(dev, wd->defragTable.defragEntry[i].fragment[j], 0);
264 wd->defragTable.defragEntry[i].fragCount = 0;
267 zmw_leave_critical_section(dev);
273 /************************************************************************/
275 /* FUNCTION DESCRIPTION zfAddFirstFragToDefragList */
276 /* Add first fragment to defragment list, the first empty entry */
277 /* will be selected. If the list is full, sequentially select */
278 /* one entry for replacement. */
281 /* dev : device pointer */
282 /* buf : first fragment buffer */
283 /* addr : address of first fragment buffer */
284 /* seqNum : sequence of first fragment buffer */
290 /* Stephen Chen Atheros Communications, INC. 2007.1 */
292 /************************************************************************/
293 void zfAddFirstFragToDefragList(zdev_t* dev, zbuf_t* buf, u8_t* addr, u16_t seqNum)
296 zmw_get_wlan_dev(dev);
297 zmw_declare_for_critical_section();
299 zmw_enter_critical_section(dev);
301 /* Find an empty one in defrag list */
302 for(i=0; i<ZM_MAX_DEFRAG_ENTRIES; i++)
304 if ( wd->defragTable.defragEntry[i].fragCount == 0 )
310 /* If full, sequentially replace existing one */
311 if (i == ZM_MAX_DEFRAG_ENTRIES)
313 i = wd->defragTable.replaceNum++ & (ZM_MAX_DEFRAG_ENTRIES-1);
314 /* Free the buffers in the defrag list to be replaced */
315 for (j=0; j<wd->defragTable.defragEntry[i].fragCount; j++)
317 zfwBufFree(dev, wd->defragTable.defragEntry[i].fragment[j], 0);
321 wd->defragTable.defragEntry[i].fragCount = 1;
322 wd->defragTable.defragEntry[i].fragment[0] = buf;
323 wd->defragTable.defragEntry[i].seqNum = seqNum;
324 wd->defragTable.defragEntry[i].tick = wd->tick;
328 wd->defragTable.defragEntry[i].addr[j] = addr[j];
331 zmw_leave_critical_section(dev);
337 /************************************************************************/
339 /* FUNCTION DESCRIPTION zfAddFragToDefragList */
340 /* Add middle or last fragment to defragment list. */
343 /* dev : device pointer */
344 /* buf : first fragment buffer */
345 /* addr : address of fragment buffer */
346 /* seqNum : sequence fragment buffer */
347 /* fragNum : fragment number of fragment buffer */
348 /* moreFrag : more frag bit of fragment buffer */
349 /* addInfo : addition info of fragment buffer */
355 /* Stephen Chen Atheros Communications, INC. 2007.1 */
357 /************************************************************************/
358 zbuf_t* zfAddFragToDefragList(zdev_t* dev, zbuf_t* buf, u8_t* addr,
359 u16_t seqNum, u8_t fragNum, u8_t moreFrag,
360 struct zsAdditionInfo* addInfo)
363 zbuf_t* returnBuf = NULL;
364 u16_t defragDone = 0;
366 u16_t startAddr, fragHead, frameLen, ivLen, icvLen;
367 zmw_get_wlan_dev(dev);
368 zmw_declare_for_critical_section();
370 zmw_enter_critical_section(dev);
372 /* Find frag in the defrag list */
373 for(i=0; i<ZM_MAX_DEFRAG_ENTRIES; i++)
375 if ( wd->defragTable.defragEntry[i].fragCount != 0 )
377 /* Compare address */
380 if (addr[j] != wd->defragTable.defragEntry[i].addr[j])
387 /* Compare sequence and fragment number */
388 if (seqNum == wd->defragTable.defragEntry[i].seqNum)
390 if ((fragNum == wd->defragTable.defragEntry[i].fragCount)
393 /* Add frag frame to defrag list */
394 wd->defragTable.defragEntry[i].fragment[fragNum] = buf;
395 wd->defragTable.defragEntry[i].fragCount++;
400 /* merge all fragment if more data bit is cleared */
401 returnBuf = wd->defragTable.defragEntry[i].fragment[0];
402 startAddr = zfwBufGetSize(dev, returnBuf);
403 /* skip WLAN header 24(Data) or 26(QoS Data) */
404 fragHead = 24 + ((zmw_rx_buf_readh(dev, returnBuf, 0) & 0x80) >> 6);
405 zfGetRxIvIcvLength(dev, returnBuf, 0, &ivLen, &icvLen, addInfo);
406 fragHead += ivLen; /* skip IV */
407 for(k=1; k<wd->defragTable.defragEntry[i].fragCount; k++)
409 frameLen = zfwBufGetSize(dev,
410 wd->defragTable.defragEntry[i].fragment[k]);
411 if ((startAddr+frameLen-fragHead) < 1560)
413 zfRxBufferCopy(dev, returnBuf, wd->defragTable.defragEntry[i].fragment[k],
414 startAddr, fragHead, frameLen-fragHead);
415 startAddr += (frameLen-fragHead);
421 zfwBufFree(dev, wd->defragTable.defragEntry[i].fragment[k], 0);
424 wd->defragTable.defragEntry[i].fragCount = 0;
425 zfwBufSetSize(dev, returnBuf, startAddr);
434 zmw_leave_critical_section(dev);
438 zfwBufFree(dev, returnBuf, 0);
443 zfwBufFree(dev, buf, 0);
451 /* return value = NULL => save or free this frame */
452 zbuf_t* zfDefragment(zdev_t* dev, zbuf_t* buf, u8_t* pbIsDefrag,
453 struct zsAdditionInfo* addInfo)
460 zmw_get_wlan_dev(dev);
462 ZM_BUFFER_TRACE(dev, buf)
465 seqNum = zmw_buf_readh(dev, buf, 22);
466 fragNum = (u8_t)(seqNum & 0xf);
467 moreFragBit = (zmw_buf_readb(dev, buf, 1) & ZM_BIT_2) >> 2;
469 if ((fragNum == 0) && (moreFragBit == 0))
471 /* Not part of a fragmentation */
477 wd->commTally.swRxFragmentCount++;
478 seqNum = seqNum >> 4;
481 addr[i] = zmw_rx_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+i);
487 /* First part of a fragmentation */
488 zm_msg1_rx(ZM_LV_2, "First Frag, seq=", seqNum);
489 zfAddFirstFragToDefragList(dev, buf, addr, seqNum);
494 /* Middle or last part of a fragmentation */
495 zm_msg1_rx(ZM_LV_2, "Frag seq=", seqNum);
496 zm_msg1_rx(ZM_LV_2, "Frag moreFragBit=", moreFragBit);
497 buf = zfAddFragToDefragList(dev, buf, addr, seqNum, fragNum, moreFragBit, addInfo);
509 #if ZM_PROTOCOL_RESPONSE_SIMULATION
510 u16_t zfSwap(u16_t num)
512 return ((num >> 8) + ((num & 0xff) << 8));
516 void zfProtRspSim(zdev_t* dev, zbuf_t* buf)
527 ethType = zmw_rx_buf_readh(dev, buf, 12);
528 zm_msg2_rx(ZM_LV_2, "ethType=", ethType);
531 if (ethType == 0x0608)
533 arpOp = zmw_rx_buf_readh(dev, buf, 20);
534 dip[0] = zmw_rx_buf_readh(dev, buf, 38);
535 dip[1] = zmw_rx_buf_readh(dev, buf, 40);
536 zm_msg2_rx(ZM_LV_2, "arpOp=", arpOp);
537 zm_msg2_rx(ZM_LV_2, "ip0=", dip[0]);
538 zm_msg2_rx(ZM_LV_2, "ip1=", dip[1]);
540 //ARP request to 192.168.1.15
541 if ((arpOp == 0x0100) && (dip[0] == 0xa8c0) && (dip[1] == 0x0f01)) {
542 zm_msg0_rx(ZM_LV_2, "ARP");
544 zmw_rx_buf_writeh(dev, buf, 20, 0x0200);
546 /* dst hardware address */
548 /* src hardware address */
549 //zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
550 //zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
551 //zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
556 temp = zmw_rx_buf_readh(dev, buf, 22+(i*2));
557 zmw_rx_buf_writeh(dev, buf, 32+(i*2), temp);
560 /* src hardware address */
561 zmw_rx_buf_writeh(dev, buf, 22, 0xa000);
562 zmw_rx_buf_writeh(dev, buf, 24, 0x0000);
563 zmw_rx_buf_writeh(dev, buf, 26, 0x0000);
566 zmw_rx_buf_writeh(dev, buf, 28, 0xa8c0);
567 zmw_rx_buf_writeh(dev, buf, 30, 0x0f01);
571 else if (ethType == 0x0008)
573 zm_msg0_rx(ZM_LV_2, "IP");
574 prot = zmw_rx_buf_readb(dev, buf, 23);
575 dip[0] = zmw_rx_buf_readh(dev, buf, 30);
576 dip[1] = zmw_rx_buf_readh(dev, buf, 32);
577 zm_msg2_rx(ZM_LV_2, "prot=", prot);
578 zm_msg2_rx(ZM_LV_2, "ip0=", dip[0]);
579 zm_msg2_rx(ZM_LV_2, "ip1=", dip[1]);
581 /* PING request to 192.168.1.15 */
582 if ((prot == 0x1) && (dip[0] == 0xa8c0) && (dip[1] == 0x0f01))
584 zm_msg0_rx(ZM_LV_2, "ICMP");
588 temp = zmw_rx_buf_readh(dev, buf, 6+(i*2));
589 zmw_rx_buf_writeh(dev, buf, i*2, temp);
592 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
593 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
594 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
596 /* exchange src ip and dst ip */
599 temp = zmw_rx_buf_readh(dev, buf, 26+(i*2));
600 zmw_rx_buf_writeh(dev, buf, 30+(i*2), temp);
602 zmw_rx_buf_writeh(dev, buf, 26, 0xa8c0);
603 zmw_rx_buf_writeh(dev, buf, 28, 0x0f01);
605 /* change icmp type to echo reply */
606 zmw_rx_buf_writeb(dev, buf, 34, 0x0);
608 /* update icmp checksum */
609 temp = zmw_rx_buf_readh(dev, buf, 36);
611 zmw_rx_buf_writeh(dev, buf, 36, temp);
613 else if (prot == 0x6)
615 zm_msg0_rx(ZM_LV_2, "TCP");
616 srcPort = zmw_rx_buf_readh(dev, buf, 34);
617 dstPort = zmw_rx_buf_readh(dev, buf, 36);
618 zm_msg2_rx(ZM_LV_2, "Src Port=", srcPort);
619 zm_msg2_rx(ZM_LV_2, "Dst Port=", dstPort);
620 if ((dstPort == 0x1500) || (srcPort == 0x1500))
622 zm_msg0_rx(ZM_LV_2, "FTP");
627 temp = zmw_rx_buf_readh(dev, buf, 6+(i*2));
628 zmw_rx_buf_writeh(dev, buf, i*2, temp);
631 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
632 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
633 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
635 /* exchange src ip and dst ip */
638 temp = zmw_rx_buf_readh(dev, buf, 26+(i*2));
639 zmw_rx_buf_writeh(dev, buf, 30+(i*2), temp);
641 zmw_rx_buf_writeh(dev, buf, 26, 0xa8c0);
642 zmw_rx_buf_writeh(dev, buf, 28, 0x0f01);
645 temp = zmw_rx_buf_readh(dev, buf, 34);
646 temp = zfSwap(zfSwap(temp) + 1);
647 zmw_rx_buf_writeh(dev, buf, 34, temp);
648 temp = zmw_rx_buf_readh(dev, buf, 38);
649 temp = zfSwap(zfSwap(temp) + 1);
650 zmw_rx_buf_writeh(dev, buf, 38, temp);
653 temp = zmw_rx_buf_readh(dev, buf, 50);
659 zmw_rx_buf_writeh(dev, buf, 50, temp);
664 else if (prot == 0x11)
669 temp = zmw_rx_buf_readh(dev, buf, 6+(i*2));
670 zmw_rx_buf_writeh(dev, buf, i*2, temp);
673 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
674 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
675 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
677 zm_msg0_rx(ZM_LV_2, "UDP");
678 srcPort = zmw_rx_buf_readh(dev, buf, 34);
679 dstPort = zmw_rx_buf_readh(dev, buf, 36);
680 zm_msg2_rx(ZM_LV_2, "Src Port=", srcPort);
681 zm_msg2_rx(ZM_LV_2, "Dst Port=", dstPort);
683 /* exchange src ip and dst ip */
686 temp = zmw_rx_buf_readh(dev, buf, 26+(i*2));
687 zmw_rx_buf_writeh(dev, buf, 30+(i*2), temp);
689 zmw_rx_buf_writeh(dev, buf, 26, 0xa8c0);
690 zmw_rx_buf_writeh(dev, buf, 28, 0x0f01);
693 zmw_rx_buf_writeh(dev, buf, 34, srcPort+1);
694 zmw_rx_buf_writeh(dev, buf, 36, dstPort);
697 zmw_rx_buf_writeh(dev, buf, 40, 0);
701 else if (ethType == 0x0060) /* =>0x0060 is port */
703 /* change src for Evl tool loop back receive */
704 zmw_rx_buf_writeh(dev, buf, 6, 0xa000);
705 zmw_rx_buf_writeh(dev, buf, 8, 0x0000);
706 zmw_rx_buf_writeh(dev, buf, 10, 0x0000);
712 /************************************************************************/
714 /* FUNCTION DESCRIPTION zfiTxSendEth */
715 /* Called to native 802.11 management frames */
718 /* dev : device pointer */
719 /* buf : buffer pointer */
720 /* port : WLAN port, 0=>standard, 0x1-0x7=>VAP, 0x20-0x25=>WDS */
726 /* Ray ZyDAS Technology Corporation 2005.5 */
728 /************************************************************************/
729 u16_t zfiTxSend80211Mgmt(zdev_t* dev, zbuf_t* buf, u16_t port)
732 //u16_t addrTblSize = 0;
733 //struct zsAddrTbl addrTbl;
735 u16_t header[(24+25+1)/2];
740 header[i] = zmw_buf_readh(dev, buf, i);
744 zfwBufRemoveHead(dev, buf, 24);
746 err = zfHpSend(dev, header, hlen, NULL, 0, NULL, 0, buf, 0,
747 ZM_EXTERNAL_ALLOC_BUF, 0, 0);
748 if (err != ZM_SUCCESS)
757 zfwBufFree(dev, buf, 0);
761 u8_t zfiIsTxQueueFull(zdev_t* dev)
763 zmw_get_wlan_dev(dev);
764 zmw_declare_for_critical_section();
766 zmw_enter_critical_section(dev);
767 if ((((wd->vtxqHead[0] + 1) & ZM_VTXQ_SIZE_MASK) != wd->vtxqTail[0]) )
769 zmw_leave_critical_section(dev);
774 zmw_leave_critical_section(dev);
779 /************************************************************************/
781 /* FUNCTION DESCRIPTION zfiTxSendEth */
782 /* Called to transmit Ethernet frame from upper layer. */
785 /* dev : device pointer */
786 /* buf : buffer pointer */
787 /* port : WLAN port, 0=>standard, 0x1-0x7=>VAP, 0x20-0x25=>WDS */
793 /* Stephen ZyDAS Technology Corporation 2005.5 */
795 /************************************************************************/
796 u16_t zfiTxSendEth(zdev_t* dev, zbuf_t* buf, u16_t port)
800 zmw_get_wlan_dev(dev);
802 ZM_PERFORMANCE_TX_MSDU(dev, wd->tick);
803 zm_msg1_tx(ZM_LV_2, "zfiTxSendEth(), port=", port);
804 /* Return error if port is disabled */
805 err = zfTxPortControl(dev, buf, port);
806 if (err == ZM_PORT_DISABLED)
808 err = ZM_ERR_TX_PORT_DISABLED;
813 if ((wd->wlanMode == ZM_MODE_AP) && (port < 0x20))
815 /* AP : Buffer frame for power saving STA */
816 ret = zfApBufferPsFrame(dev, buf, port);
824 if (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)
826 if ( zfPowerSavingMgrIsSleeping(dev) )
828 /*check ZM_ENABLE_POWER_SAVE flag*/
829 zfPowerSavingMgrWakeup(dev);
832 #ifdef ZM_ENABLE_IBSS_PS
833 /* IBSS power-saving mode */
834 else if ( wd->wlanMode == ZM_MODE_IBSS )
836 if ( zfStaIbssPSQueueData(dev, buf) )
844 //if ( wd->bQoSEnable )
847 /* Put to VTXQ[ac] */
848 ret = zfPutVtxq(dev, buf);
855 ret = zfTxSendEth(dev, buf, port, ZM_EXTERNAL_ALLOC_BUF, 0);
860 return zfTxSendEth(dev, buf, port, ZM_EXTERNAL_ALLOC_BUF, 0);
864 zm_msg2_tx(ZM_LV_1, "Tx Comp err=", err);
866 zfwBufFree(dev, buf, err);
871 /************************************************************************/
873 /* FUNCTION DESCRIPTION zfTxSendEth */
874 /* Called to transmit Ethernet frame from upper layer. */
877 /* dev : device pointer */
878 /* buf : buffer pointer */
879 /* port : WLAN port, 0=>standard, 0x10-0x17=>VAP, 0x20-0x25=>WDS */
885 /* Stephen ZyDAS Technology Corporation 2005.5 */
887 /************************************************************************/
888 u16_t zfTxSendEth(zdev_t* dev, zbuf_t* buf, u16_t port, u16_t bufType, u16_t flag)
891 //struct zsAddrTbl addrTbl;
893 u16_t header[(8+30+2+18)/2]; /* ctr+(4+a1+a2+a3+2+a4)+qos+iv */
908 u8_t qosType, keyIdx = 0;
911 u8_t tkipFrameOffset = 0;
913 zmw_get_wlan_dev(dev);
915 zmw_declare_for_critical_section();
917 newFlag = flag & 0xff00;
920 zm_msg1_tx(ZM_LV_2, "zfTxSendEth(), port=", port);
922 /* Get IP TOS for QoS AC and IP frag offset */
923 zfTxGetIpTosAndFrag(dev, buf, &up, &fragOff);
931 #ifdef ZM_ENABLE_NATIVE_WIFI
932 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
935 da[0] = zmw_tx_buf_readh(dev, buf, 16);
936 da[1] = zmw_tx_buf_readh(dev, buf, 18);
937 da[2] = zmw_tx_buf_readh(dev, buf, 20);
939 sa[0] = zmw_tx_buf_readh(dev, buf, 10);
940 sa[1] = zmw_tx_buf_readh(dev, buf, 12);
941 sa[2] = zmw_tx_buf_readh(dev, buf, 14);
943 else if ( wd->wlanMode == ZM_MODE_IBSS )
946 da[0] = zmw_tx_buf_readh(dev, buf, 4);
947 da[1] = zmw_tx_buf_readh(dev, buf, 6);
948 da[2] = zmw_tx_buf_readh(dev, buf, 8);
950 sa[0] = zmw_tx_buf_readh(dev, buf, 10);
951 sa[1] = zmw_tx_buf_readh(dev, buf, 12);
952 sa[2] = zmw_tx_buf_readh(dev, buf, 14);
954 else if ( wd->wlanMode == ZM_MODE_AP )
957 da[0] = zmw_tx_buf_readh(dev, buf, 4);
958 da[1] = zmw_tx_buf_readh(dev, buf, 6);
959 da[2] = zmw_tx_buf_readh(dev, buf, 8);
961 sa[0] = zmw_tx_buf_readh(dev, buf, 16);
962 sa[1] = zmw_tx_buf_readh(dev, buf, 18);
963 sa[2] = zmw_tx_buf_readh(dev, buf, 20);
971 da[0] = zmw_tx_buf_readh(dev, buf, 0);
972 da[1] = zmw_tx_buf_readh(dev, buf, 2);
973 da[2] = zmw_tx_buf_readh(dev, buf, 4);
975 sa[0] = zmw_tx_buf_readh(dev, buf, 6);
976 sa[1] = zmw_tx_buf_readh(dev, buf, 8);
977 sa[2] = zmw_tx_buf_readh(dev, buf, 10);
979 //Decide Key Index in ATOM, No meaning in OTUS--CWYang(m)
980 if (wd->wlanMode == ZM_MODE_AP)
982 keyIdx = wd->ap.bcHalKeyIdx[port];
983 id = zfApFindSta(dev, da);
986 switch (wd->ap.staTable[id].encryMode)
990 #ifdef ZM_ENABLE_CENC
992 #endif //ZM_ENABLE_CENC
993 keyIdx = wd->ap.staTable[id].keyIdx;
1000 switch (wd->sta.encryMode)
1005 keyIdx = wd->sta.keyId;
1014 #ifdef ZM_ENABLE_CENC
1016 keyIdx = wd->sta.cencKeyId;
1018 #endif //ZM_ENABLE_CENC
1023 removeLen = zfTxGenWlanSnap(dev, buf, snap, &snapLen);
1024 //zm_msg1_tx(ZM_LV_0, "fragOff=", fragOff);
1027 /* ********************************************************************************************** */
1028 /* Add 20071025 Mxzeng */
1029 /* ********************************************************************************************** */
1030 /* ---------------------------------------------------------------------------------------------- */
1031 /* Ethernet : frameLen = zfwBufGetSize(dev, buf); */
1032 /* ---+--6--+--6--+--2--+-----20-----+-------------------------+------ Variable -------+--------- */
1033 /* | DA | SA | Type| IP Header | TCP(20) UDP(12) ICMP(8) | Application Payload L | */
1034 /* ---+-----+-----+-----+------------+-------------------------+-----------------------+--------- */
1035 /* MSDU = 6 + 6 + 2 + ( Network Layer header ) + ( Transport Layer header ) + L */
1037 /* MSDU - DA - SA : frameLen -= removeLen; */
1038 /* ---+--2--+-----20-----+-------------------------+------ Variable -------+--------------------- */
1039 /* | Type| IP Header | TCP(20) UDP(12) ICMP(8) | Application Payload L | */
1040 /* ---+-----+------------+-------------------------+-----------------------+--------------------- */
1042 /* MPDU : frameLen + mpduLengthOffset ; */
1043 /* -+---2---+----2---+-6-+-6-+--6--+---2----+--1--+--1-+---1---+-------3------+-frameLen-+---4--+- */
1044 /* | frame |duration| DA|SA |BSSID|sequence|SNAP |SNAP|Control| RFC 1042 | | FCS | */
1045 /* |Control| | | | | number |DSAP |SSAP| | encapsulation| | | */
1046 /* -+-------+--------+---+---+-----+--------+-----+----+-------+--------------+----------+------+- */
1047 /* ----------------------------------------------------------------------------------------------- */
1049 if ( wd->sta.encryMode == ZM_TKIP )
1050 tkipFrameOffset = 8;
1052 fragLen = wd->fragThreshold + tkipFrameOffset; // Fragmentation threshold for MPDU Lengths
1053 frameLen = zfwBufGetSize(dev, buf); // MSDU Lengths
1054 frameLen -= removeLen; // MSDU Lengths - DA - SA
1056 /* #1st create MIC Length manually */
1059 /* Access Category */
1060 if (wd->wlanMode == ZM_MODE_AP)
1062 zfApGetStaQosType(dev, da, &qosType);
1068 else if (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)
1070 if (wd->sta.wmeConnected == 0)
1077 /* TODO : STA QoS control field */
1081 /* #2nd Assign sequence number */
1082 zmw_enter_critical_section(dev);
1083 frag.seq[0] = ((wd->seq[zcUpToAc[up&0x7]]++) << 4);
1084 zmw_leave_critical_section(dev);
1086 /* #3rd Pass the total payload to generate MPDU length ! */
1088 frag.bufType[0] = bufType;
1089 frag.flag[0] = (u8_t)flag;
1092 headerLen = zfTxGenWlanHeader(dev, frag.buf[0], header, frag.seq[0],
1093 frag.flag[0], snapLen+micLen, removeLen, port, da, sa,
1094 up, &micLen, snap, snapLen, NULL);
1096 //zm_debug_msg1("#1 headerLen = ", headerLen);
1098 /* #4th Check the HeaderLen and determine whether the MPDU Lengths bigger than Fragmentation threshold */
1099 /* If MPDU Lengths large than fragmentation threshold --> headerLen = 0 */
1100 if( headerLen != 0 )
1102 zf80211FrameSend(dev, frag.buf[0], header, snapLen, da, sa, up,
1103 headerLen, snap, mic, micLen, removeLen, frag.bufType[0],
1104 zcUpToAc[up&0x7], keyIdx);
1106 else //if( headerLen == 0 ) // Need to be fragmented
1108 u16_t mpduLengthOffset;
1109 u16_t pseudSnapLen = 0;
1111 mpduLengthOffset = header[0] - frameLen; // For fragmentation threshold !
1113 micLen = zfTxGenWlanTail(dev, buf, snap, snapLen, mic); // Get snap and mic information
1115 fragLen = fragLen - mpduLengthOffset;
1117 //zm_debug_msg1("#2 frameLen = ", frameLen);
1118 //zm_debug_msg1("#3 fragThreshold = ", fragLen);
1121 if (frameLen >= fragLen)
1123 //copy fragLen to frag
1125 while( frameLen > 0 )
1127 frag.buf[i] = zfwBufAllocate(dev, fragLen+32);
1128 if (frag.buf[i] != NULL)
1130 frag.bufType[i] = ZM_INTERNAL_ALLOC_BUF;
1131 frag.seq[i] = frag.seq[0] + i;
1132 offset = removeLen + i*fragLen;
1134 /* Consider the offset if we consider snap length to the other fragmented frame */
1136 offset = offset + pseudSnapLen*(i-1);
1138 if (frameLen > fragLen + pseudSnapLen)
1140 frag.flag[i] = flag | 0x4; /* More data */
1141 /* First fragment */
1145 for (j=0; j<snapLen; j+=2)
1147 zmw_tx_buf_writeh(dev, frag.buf[i], j, snap[(j>>1)]);
1149 zfTxBufferCopy(dev, frag.buf[i], buf, snapLen, offset, fragLen);
1150 zfwBufSetSize(dev, frag.buf[i], snapLen+fragLen);
1152 /* Add pseud snap length to the other fragmented frame */
1153 pseudSnapLen = snapLen;
1155 frameLen -= fragLen;
1157 /* Intermediate Fragment */
1160 //zfTxBufferCopy(dev, frag.buf[i], buf, 0, offset, fragLen);
1161 //zfwBufSetSize(dev, frag.buf[i], fragLen);
1163 zfTxBufferCopy(dev, frag.buf[i], buf, 0, offset, fragLen+pseudSnapLen );
1164 zfwBufSetSize(dev, frag.buf[i], fragLen+pseudSnapLen);
1166 frameLen -= (fragLen+pseudSnapLen);
1168 //frameLen -= fragLen;
1173 zfTxBufferCopy(dev, frag.buf[i], buf, 0, offset, frameLen);
1174 /* Add MIC if need */
1177 zfCopyToRxBuffer(dev, frag.buf[i], (u8_t*) mic, frameLen, micLen);
1179 zfwBufSetSize(dev, frag.buf[i], frameLen+micLen);
1181 frag.flag[i] = (u8_t)flag; /* No more data */
1190 // Please pay attention to the index of the buf !!!
1191 // If write to null buf , the OS will crash !!!
1192 zfwCopyBufContext(dev, buf, frag.buf[i-1]);
1195 snapLen = micLen = removeLen = 0;
1197 zfwBufFree(dev, buf, 0);
1200 for (i=0; i<fragNum; i++)
1202 /* Create WLAN header(Control Setting + 802.11 header + IV) */
1203 headerLen = zfTxGenWlanHeader(dev, frag.buf[i], header, frag.seq[i],
1204 frag.flag[i], snapLen+micLen, removeLen, port, da, sa, up, &micLen,
1205 snap, snapLen, NULL);
1207 zf80211FrameSend(dev, frag.buf[i], header, snapLen, da, sa, up,
1208 headerLen, snap, mic, micLen, removeLen, frag.bufType[i],
1209 zcUpToAc[up&0x7], keyIdx);
1211 } /* for (i=0; i<fragNum; i++) */
1218 /************************************************************************/
1220 /* FUNCTION DESCRIPTION zfTxPortControl */
1221 /* Check port status. */
1224 /* buf : buffer pointer */
1225 /* port : port number, 0=>standard, 10-17=>Virtual AP, 20-25=>WDS */
1228 /* ZM_PORT_ENABLED or ZM_PORT_DISABLE */
1231 /* Signature ZyDAS Technology Corporation 2005.4 */
1233 /************************************************************************/
1234 u16_t zfTxPortControl(zdev_t* dev, zbuf_t* buf, u16_t port)
1236 zmw_get_wlan_dev(dev);
1238 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
1240 if ( wd->sta.adapterState == ZM_STA_STATE_DISCONNECT )
1242 zm_msg0_tx(ZM_LV_3, "Packets dropped due to disconnect state");
1243 return ZM_PORT_DISABLED;
1247 return ZM_PORT_ENABLED;
1252 /************************************************************************/
1254 /* FUNCTION DESCRIPTION zfIdlRecv */
1255 /* Do frame validation and filtering then pass to zfwRecv80211(). */
1258 /* dev : device pointer */
1259 /* buf : received 802.11 frame buffer. */
1265 /* Stephen ZyDAS Technology Corporation 2005.10 */
1267 /************************************************************************/
1268 void zfCoreRecv(zdev_t* dev, zbuf_t* buf, struct zsAdditionInfo* addInfo)
1272 struct agg_tid_rx *tid_rx;
1273 zmw_get_wlan_dev(dev);
1275 ZM_BUFFER_TRACE(dev, buf)
1278 wd->commTally.DriverRxFrmCnt++;
1280 bssid[0] = zmw_buf_readh(dev, buf, 16);
1281 bssid[1] = zmw_buf_readh(dev, buf, 18);
1282 bssid[2] = zmw_buf_readh(dev, buf, 20);
1284 /* Validate Rx frame */
1285 ret = zfWlanRxValidate(dev, buf);
1286 if (ret != ZM_SUCCESS)
1288 zm_msg1_rx(ZM_LV_1, "Rx invalid:", ret);
1292 #ifdef ZM_ENABLE_AGGREGATION
1293 //#ifndef ZM_ENABLE_FW_BA_RETRANSMISSION
1297 tid_rx = zfAggRxEnabled(dev, buf);
1298 if (tid_rx && wd->reorder)
1300 zfAggRx(dev, buf, addInfo, tid_rx);
1305 * end of add by honda
1310 /* Filter Rx frame */
1311 ret = zfWlanRxFilter(dev, buf);
1312 if (ret != ZM_SUCCESS)
1314 zm_msg1_rx(ZM_LV_1, "Rx duplicated:", ret);
1318 /* Discard error frame except mic failure */
1319 if ((addInfo->Tail.Data.ErrorIndication & 0x3f) != 0)
1321 if ( wd->XLinkMode && ((addInfo->Tail.Data.ErrorIndication & 0x3f)==0x10) &&
1322 zfCompareWithBssid(dev, bssid) )
1324 // Bypass frames !!!
1333 /* OTUS command-8212 dump rx packet */
1334 if (wd->rxPacketDump)
1336 zfwDumpBuf(dev, buf);
1339 /* Call zfwRecv80211() wrapper function to deliver Rx packet */
1340 /* to driver framework. */
1342 if (wd->zfcbRecv80211 != NULL)
1344 wd->zfcbRecv80211(dev, buf, addInfo); //CWYang(m)
1348 zfiRecv80211(dev, buf, addInfo);
1353 zm_msg1_rx(ZM_LV_1, "Free packet, error code:", ret);
1355 wd->commTally.DriverDiscardedFrm++;
1357 /* Free Rx buffer */
1358 zfwBufFree(dev, buf, 0);
1364 void zfShowRxEAPOL(zdev_t* dev, zbuf_t* buf, u16_t offset)
1366 u8_t packetType, keyType, code, identifier, type, flags;
1367 u16_t packetLen, keyInfo, keyLen, keyDataLen, length, Op_Code;
1368 u32_t replayCounterH, replayCounterL, vendorId, VendorType;
1370 /* EAPOL packet type */
1371 packetType = zmw_rx_buf_readb(dev, buf, offset+1); // 0: EAP-Packet
1375 // 4: EAPOL-Encapsulated-ASF-Alert
1377 /* EAPOL frame format */
1378 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1379 /* ----------------------------------------------- */
1380 /* PAE Ethernet Type (0x888e) */
1381 /* ----------------------------------------------- 2 */
1382 /* Protocol Version | Type */
1383 /* ----------------------------------------------- 4 */
1385 /* ----------------------------------------------- 6 */
1387 /* ----------------------------------------------- N */
1389 /* EAPOL body length */
1390 packetLen = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+2)) << 8) +
1391 zmw_rx_buf_readb(dev, buf, offset+3);
1393 if( packetType == 0 )
1396 /* EAP-Packet Code */
1397 code = zmw_rx_buf_readb(dev, buf, offset+4); // 1 : Request
1401 // An EAP packet of the type of Success and Failure has no Data field, and has a length of 4.
1403 /* EAP Packet format */
1404 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1405 /* ----------------------------------------------- */
1406 /* Code | Identifier */
1407 /* ----------------------------------------------- 2 */
1409 /* ----------------------------------------------- 4 */
1411 /* ----------------------------------------------- N */
1413 zm_debug_msg0("EAP-Packet");
1414 zm_debug_msg1("Packet Length = ", packetLen);
1415 zm_debug_msg1("EAP-Packet Code = ", code);
1419 zm_debug_msg0("EAP-Packet Request");
1421 /* EAP-Packet Identifier */
1422 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1423 /* EAP-Packet Length */
1424 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1425 zmw_rx_buf_readb(dev, buf, offset+7);
1426 /* EAP-Packet Type */
1427 type = zmw_rx_buf_readb(dev, buf, offset+8); // 1 : Identity
1429 // 3 : Nak (Response Only)
1430 // 4 : MD5-Challenge
1431 // 5 : One Time Password (OTP)
1432 // 6 : Generic Token Card (GTC)
1433 // 254 : (Expanded Types)Wi-Fi Protected Setup
1434 // 255 : Experimental Use
1436 /* The data field in an EAP packet of the type of Request or Response is in the format shown bellowing */
1437 /* 0 1 2 3 4 5 6 7 N */
1438 /* ----------------------------------------------- */
1439 /* Type | Type Data */
1440 /* ----------------------------------------------- */
1442 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1443 zm_debug_msg1("EAP-Packet Length = ", length);
1444 zm_debug_msg1("EAP-Packet Type = ", type);
1448 zm_debug_msg0("EAP-Packet Request Identity");
1450 else if( type == 2 )
1452 zm_debug_msg0("EAP-Packet Request Notification");
1454 else if( type == 4 )
1456 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1458 else if( type == 5 )
1460 zm_debug_msg0("EAP-Packet Request One Time Password");
1462 else if( type == 6 )
1464 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1466 else if( type == 254 )
1468 zm_debug_msg0("EAP-Packet Request Wi-Fi Protected Setup");
1471 /* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 */
1472 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1473 /*| Type | Vendor-Id |*/
1474 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1476 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1477 /*| Vendor data... */
1478 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */
1480 /* EAP-Packet Vendor ID */
1481 vendorId = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+9)) << 16) +
1482 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+10)) << 8) +
1483 zmw_rx_buf_readb(dev, buf, offset+11);
1484 /* EAP-Packet Vendor Type */
1485 VendorType = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+12)) << 24) +
1486 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+13)) << 16) +
1487 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+14)) << 8) +
1488 zmw_rx_buf_readb(dev, buf, offset+15);
1489 /* EAP-Packet Op Code */
1490 Op_Code = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+16)) << 8) +
1491 zmw_rx_buf_readb(dev, buf, offset+17);
1492 /* EAP-Packet Flags */
1493 flags = zmw_rx_buf_readb(dev, buf, offset+18);
1495 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1496 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1497 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1498 zm_debug_msg1("EAP-Packet Flags = ", flags);
1501 else if( code == 2 )
1503 zm_debug_msg0("EAP-Packet Response");
1505 /* EAP-Packet Identifier */
1506 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1507 /* EAP-Packet Length */
1508 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1509 zmw_rx_buf_readb(dev, buf, offset+7);
1510 /* EAP-Packet Type */
1511 type = zmw_rx_buf_readb(dev, buf, offset+8);
1513 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1514 zm_debug_msg1("EAP-Packet Length = ", length);
1515 zm_debug_msg1("EAP-Packet Type = ", type);
1519 zm_debug_msg0("EAP-Packet Response Identity");
1521 else if( type == 2 )
1523 zm_debug_msg0("EAP-Packet Request Notification");
1525 else if( type == 3 )
1527 zm_debug_msg0("EAP-Packet Request Nak");
1529 else if( type == 4 )
1531 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1533 else if( type == 5 )
1535 zm_debug_msg0("EAP-Packet Request One Time Password");
1537 else if( type == 6 )
1539 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1541 else if( type == 254 )
1543 zm_debug_msg0("EAP-Packet Response Wi-Fi Protected Setup");
1545 /* EAP-Packet Vendor ID */
1546 vendorId = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+9)) << 16) +
1547 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+10)) << 8) +
1548 zmw_rx_buf_readb(dev, buf, offset+11);
1549 /* EAP-Packet Vendor Type */
1550 VendorType = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+12)) << 24) +
1551 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+13)) << 16) +
1552 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+14)) << 8) +
1553 zmw_rx_buf_readb(dev, buf, offset+15);
1554 /* EAP-Packet Op Code */
1555 Op_Code = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+16)) << 8) +
1556 zmw_rx_buf_readb(dev, buf, offset+17);
1557 /* EAP-Packet Flags */
1558 flags = zmw_rx_buf_readb(dev, buf, offset+18);
1560 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1561 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1562 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1563 zm_debug_msg1("EAP-Packet Flags = ", flags);
1566 else if( code == 3 )
1568 zm_debug_msg0("EAP-Packet Success");
1570 /* EAP-Packet Identifier */
1571 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1572 /* EAP-Packet Length */
1573 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1574 zmw_rx_buf_readb(dev, buf, offset+7);
1576 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1577 zm_debug_msg1("EAP-Packet Length = ", length);
1579 else if( code == 4 )
1581 zm_debug_msg0("EAP-Packet Failure");
1583 /* EAP-Packet Identifier */
1584 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1585 /* EAP-Packet Length */
1586 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1587 zmw_rx_buf_readb(dev, buf, offset+7);
1589 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1590 zm_debug_msg1("EAP-Packet Length = ", length);
1593 else if( packetType == 1 )
1595 zm_debug_msg0("EAPOL-Start");
1597 else if( packetType == 2 )
1599 zm_debug_msg0("EAPOL-Logoff");
1601 else if( packetType == 3 )
1603 /* EAPOL-Key type */
1604 keyType = zmw_rx_buf_readb(dev, buf, offset+4);
1605 /* EAPOL-Key information */
1606 keyInfo = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+5)) << 8) +
1607 zmw_rx_buf_readb(dev, buf, offset+6);
1608 /* EAPOL-Key length */
1609 keyLen = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+7)) << 8) +
1610 zmw_rx_buf_readb(dev, buf, offset+8);
1611 /* EAPOL-Key replay counter (high double word) */
1612 replayCounterH = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+9)) << 24) +
1613 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+10)) << 16) +
1614 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+11)) << 8) +
1615 zmw_rx_buf_readb(dev, buf, offset+12);
1616 /* EAPOL-Key replay counter (low double word) */
1617 replayCounterL = (((u32_t) zmw_rx_buf_readb(dev, buf, offset+13)) << 24) +
1618 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+14)) << 16) +
1619 (((u32_t) zmw_rx_buf_readb(dev, buf, offset+15)) << 8) +
1620 zmw_rx_buf_readb(dev, buf, offset+16);
1621 /* EAPOL-Key data length */
1622 keyDataLen = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+97)) << 8) +
1623 zmw_rx_buf_readb(dev, buf, offset+98);
1625 zm_debug_msg0("EAPOL-Key");
1626 zm_debug_msg1("packet length = ", packetLen);
1628 if ( keyType == 254 )
1630 zm_debug_msg0("key type = 254 (SSN key descriptor)");
1634 zm_debug_msg2("key type = 0x", keyType);
1637 zm_debug_msg2("replay counter(L) = ", replayCounterL);
1639 zm_debug_msg2("key information = ", keyInfo);
1641 if ( keyInfo & ZM_BIT_3 )
1643 zm_debug_msg0(" - pairwise key");
1647 zm_debug_msg0(" - group key");
1650 if ( keyInfo & ZM_BIT_6 )
1652 zm_debug_msg0(" - Tx key installed");
1656 zm_debug_msg0(" - Tx key not set");
1659 if ( keyInfo & ZM_BIT_7 )
1661 zm_debug_msg0(" - Ack needed");
1665 zm_debug_msg0(" - Ack not needed");
1668 if ( keyInfo & ZM_BIT_8 )
1670 zm_debug_msg0(" - MIC set");
1674 zm_debug_msg0(" - MIC not set");
1677 if ( keyInfo & ZM_BIT_9 )
1679 zm_debug_msg0(" - packet encrypted");
1683 zm_debug_msg0(" - packet not encrypted");
1686 zm_debug_msg1("keyLen = ", keyLen);
1687 zm_debug_msg1("keyDataLen = ", keyDataLen);
1689 else if( packetType == 4 )
1691 zm_debug_msg0("EAPOL-Encapsulated-ASF-Alert");
1695 void zfShowTxEAPOL(zdev_t* dev, zbuf_t* buf, u16_t offset)
1697 u8_t packetType, keyType, code, identifier, type, flags;
1698 u16_t packetLen, keyInfo, keyLen, keyDataLen, length, Op_Code;
1699 u32_t replayCounterH, replayCounterL, vendorId, VendorType;
1701 zm_debug_msg1("EAPOL Packet size = ", zfwBufGetSize(dev, buf));
1703 /* EAPOL packet type */
1708 // 4: EAPOL-Encapsulated-ASF-Alert
1710 /* EAPOL frame format */
1711 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1712 /* ----------------------------------------------- */
1713 /* PAE Ethernet Type (0x888e) */
1714 /* ----------------------------------------------- 2 */
1715 /* Protocol Version | Type */
1716 /* ----------------------------------------------- 4 */
1718 /* ----------------------------------------------- 6 */
1720 /* ----------------------------------------------- N */
1722 packetType = zmw_tx_buf_readb(dev, buf, offset+1);
1723 /* EAPOL body length */
1724 packetLen = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+2)) << 8) +
1725 zmw_tx_buf_readb(dev, buf, offset+3);
1727 if( packetType == 0 )
1729 /* EAP-Packet Code */
1730 code = zmw_tx_buf_readb(dev, buf, offset+4); // 1 : Request
1735 // An EAP packet of the type of Success and Failure has no Data field, and has a length of 4.
1737 /* EAP Packet format */
1738 /* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 */
1739 /* ----------------------------------------------- */
1740 /* Code | Identifier */
1741 /* ----------------------------------------------- 2 */
1743 /* ----------------------------------------------- 4 */
1745 /* ----------------------------------------------- N */
1747 zm_debug_msg0("EAP-Packet");
1748 zm_debug_msg1("Packet Length = ", packetLen);
1749 zm_debug_msg1("EAP-Packet Code = ", code);
1753 zm_debug_msg0("EAP-Packet Request");
1755 /* EAP-Packet Identifier */
1756 identifier = zmw_tx_buf_readb(dev, buf, offset+5);
1757 /* EAP-Packet Length */
1758 length = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+6)) << 8) +
1759 zmw_tx_buf_readb(dev, buf, offset+7);
1760 /* EAP-Packet Type */
1761 type = zmw_tx_buf_readb(dev, buf, offset+8); // 1 : Identity
1763 // 3 : Nak (Response Only)
1764 // 4 : MD5-Challenge
1765 // 5 : One Time Password (OTP)
1766 // 6 : Generic Token Card (GTC)
1767 // 254 : (Expanded Types)Wi-Fi Protected Setup
1768 // 255 : Experimental Use
1770 /* The data field in an EAP packet of the type of Request or Response is in the format shown bellowing */
1771 /* 0 1 2 3 4 5 6 7 N */
1772 /* ----------------------------------------------- */
1773 /* Type | Type Data */
1774 /* ----------------------------------------------- */
1776 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1777 zm_debug_msg1("EAP-Packet Length = ", length);
1778 zm_debug_msg1("EAP-Packet Type = ", type);
1782 zm_debug_msg0("EAP-Packet Request Identity");
1784 else if( type == 2 )
1786 zm_debug_msg0("EAP-Packet Request Notification");
1788 else if( type == 4 )
1790 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1792 else if( type == 5 )
1794 zm_debug_msg0("EAP-Packet Request One Time Password");
1796 else if( type == 6 )
1798 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1800 else if( type == 254 )
1802 zm_debug_msg0("EAP-Packet Request Wi-Fi Protected Setup");
1805 /* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 */
1806 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1807 /*| Type | Vendor-Id |*/
1808 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1810 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+*/
1811 /*| Vendor data... */
1812 /*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */
1814 /* EAP-Packet Vendor ID */
1815 vendorId = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+9)) << 16) +
1816 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+10)) << 8) +
1817 zmw_tx_buf_readb(dev, buf, offset+11);
1818 /* EAP-Packet Vendor Type */
1819 VendorType = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+12)) << 24) +
1820 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+13)) << 16) +
1821 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+14)) << 8) +
1822 zmw_tx_buf_readb(dev, buf, offset+15);
1823 /* EAP-Packet Op Code */
1824 Op_Code = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+16)) << 8) +
1825 zmw_tx_buf_readb(dev, buf, offset+17);
1826 /* EAP-Packet Flags */
1827 flags = zmw_tx_buf_readb(dev, buf, offset+18);
1829 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1830 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1831 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1832 zm_debug_msg1("EAP-Packet Flags = ", flags);
1835 else if( code == 2 )
1837 zm_debug_msg0("EAP-Packet Response");
1839 /* EAP-Packet Identifier */
1840 identifier = zmw_tx_buf_readb(dev, buf, offset+5);
1841 /* EAP-Packet Length */
1842 length = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+6)) << 8) +
1843 zmw_tx_buf_readb(dev, buf, offset+7);
1844 /* EAP-Packet Type */
1845 type = zmw_tx_buf_readb(dev, buf, offset+8);
1847 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1848 zm_debug_msg1("EAP-Packet Length = ", length);
1849 zm_debug_msg1("EAP-Packet Type = ", type);
1853 zm_debug_msg0("EAP-Packet Response Identity");
1855 else if( type == 2 )
1857 zm_debug_msg0("EAP-Packet Request Notification");
1859 else if( type == 3 )
1861 zm_debug_msg0("EAP-Packet Request Nak");
1863 else if( type == 4 )
1865 zm_debug_msg0("EAP-Packet Request MD5-Challenge");
1867 else if( type == 5 )
1869 zm_debug_msg0("EAP-Packet Request One Time Password");
1871 else if( type == 6 )
1873 zm_debug_msg0("EAP-Packet Request Generic Token Card");
1875 else if( type == 254 )
1877 zm_debug_msg0("EAP-Packet Response Wi-Fi Protected Setup");
1879 /* EAP-Packet Vendor ID */
1880 vendorId = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+9)) << 16) +
1881 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+10)) << 8) +
1882 zmw_tx_buf_readb(dev, buf, offset+11);
1883 /* EAP-Packet Vendor Type */
1884 VendorType = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+12)) << 24) +
1885 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+13)) << 16) +
1886 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+14)) << 8) +
1887 zmw_tx_buf_readb(dev, buf, offset+15);
1888 /* EAP-Packet Op Code */
1889 Op_Code = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+16)) << 8) +
1890 zmw_tx_buf_readb(dev, buf, offset+17);
1891 /* EAP-Packet Flags */
1892 flags = zmw_tx_buf_readb(dev, buf, offset+18);
1894 zm_debug_msg1("EAP-Packet Vendor ID = ", vendorId);
1895 zm_debug_msg1("EAP-Packet Venodr Type = ", VendorType);
1896 zm_debug_msg1("EAP-Packet Op Code = ", Op_Code);
1897 zm_debug_msg1("EAP-Packet Flags = ", flags);
1900 else if( code == 3 )
1902 zm_debug_msg0("EAP-Packet Success");
1904 /* EAP-Packet Identifier */
1905 identifier = zmw_rx_buf_readb(dev, buf, offset+5);
1906 /* EAP-Packet Length */
1907 length = (((u16_t) zmw_rx_buf_readb(dev, buf, offset+6)) << 8) +
1908 zmw_rx_buf_readb(dev, buf, offset+7);
1910 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1911 zm_debug_msg1("EAP-Packet Length = ", length);
1913 else if( code == 4 )
1915 zm_debug_msg0("EAP-Packet Failure");
1917 /* EAP-Packet Identifier */
1918 identifier = zmw_tx_buf_readb(dev, buf, offset+5);
1919 /* EAP-Packet Length */
1920 length = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+6)) << 8) +
1921 zmw_tx_buf_readb(dev, buf, offset+7);
1923 zm_debug_msg1("EAP-Packet Identifier = ", identifier);
1924 zm_debug_msg1("EAP-Packet Length = ", length);
1927 else if( packetType == 1 )
1929 zm_debug_msg0("EAPOL-Start");
1931 else if( packetType == 2 )
1933 zm_debug_msg0("EAPOL-Logoff");
1935 else if( packetType == 3 )
1937 /* EAPOL-Key type */
1938 keyType = zmw_tx_buf_readb(dev, buf, offset+4);
1939 /* EAPOL-Key information */
1940 keyInfo = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+5)) << 8) +
1941 zmw_tx_buf_readb(dev, buf, offset+6);
1942 /* EAPOL-Key length */
1943 keyLen = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+7)) << 8) +
1944 zmw_tx_buf_readb(dev, buf, offset+8);
1945 /* EAPOL-Key replay counter (high double word) */
1946 replayCounterH = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+9)) << 24) +
1947 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+10)) << 16) +
1948 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+11)) << 8) +
1949 zmw_tx_buf_readb(dev, buf, offset+12);
1950 /* EAPOL-Key replay counter (low double word) */
1951 replayCounterL = (((u32_t) zmw_tx_buf_readb(dev, buf, offset+13)) << 24) +
1952 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+14)) << 16) +
1953 (((u32_t) zmw_tx_buf_readb(dev, buf, offset+15)) << 8) +
1954 zmw_tx_buf_readb(dev, buf, offset+16);
1955 /* EAPOL-Key data length */
1956 keyDataLen = (((u16_t) zmw_tx_buf_readb(dev, buf, offset+97)) << 8) +
1957 zmw_tx_buf_readb(dev, buf, offset+98);
1959 zm_debug_msg0("EAPOL-Key");
1960 zm_debug_msg1("packet length = ", packetLen);
1962 if ( keyType == 254 )
1964 zm_debug_msg0("key type = 254 (SSN key descriptor)");
1968 zm_debug_msg2("key type = 0x", keyType);
1971 zm_debug_msg2("replay counter(L) = ", replayCounterL);
1973 zm_debug_msg2("key information = ", keyInfo);
1975 if ( keyInfo & ZM_BIT_3 )
1977 zm_debug_msg0(" - pairwise key");
1981 zm_debug_msg0(" - group key");
1984 if ( keyInfo & ZM_BIT_6 )
1986 zm_debug_msg0(" - Tx key installed");
1990 zm_debug_msg0(" - Tx key not set");
1993 if ( keyInfo & ZM_BIT_7 )
1995 zm_debug_msg0(" - Ack needed");
1999 zm_debug_msg0(" - Ack not needed");
2002 if ( keyInfo & ZM_BIT_8 )
2004 zm_debug_msg0(" - MIC set");
2008 zm_debug_msg0(" - MIC not set");
2011 if ( keyInfo & ZM_BIT_9 )
2013 zm_debug_msg0(" - packet encrypted");
2017 zm_debug_msg0(" - packet not encrypted");
2020 zm_debug_msg1("keyLen = ", keyLen);
2021 zm_debug_msg1("keyDataLen = ", keyDataLen);
2023 else if( packetType == 4 )
2025 zm_debug_msg0("EAPOL-Encapsulated-ASF-Alert");
2030 /************************************************************************/
2032 /* FUNCTION DESCRIPTION zfiRecv80211 */
2033 /* Called to receive 802.11 frame. */
2036 /* dev : device pointer */
2037 /* buf : received 802.11 frame buffer. */
2043 /* Stephen ZyDAS Technology Corporation 2005.5 */
2045 /************************************************************************/
2046 void zfiRecv80211(zdev_t* dev, zbuf_t* buf, struct zsAdditionInfo* addInfo)
2048 u8_t snapCase=0, encryMode;
2049 u16_t frameType, typeLengthField;
2055 u16_t offset, tailLen;
2061 #ifdef ZM_ENABLE_NATIVE_WIFI
2065 zmw_get_wlan_dev(dev);
2067 ZM_BUFFER_TRACE(dev, buf)
2069 //zm_msg2_rx(ZM_LV_2, "zfiRecv80211(), buf=", buf);
2071 //zm_msg2_rx(ZM_LV_0, "h[0]=", zmw_rx_buf_readh(dev, buf, 0));
2072 //zm_msg2_rx(ZM_LV_0, "h[2]=", zmw_rx_buf_readh(dev, buf, 2));
2073 //zm_msg2_rx(ZM_LV_0, "h[4]=", zmw_rx_buf_readh(dev, buf, 4));
2075 frameCtrl = zmw_rx_buf_readb(dev, buf, 0);
2076 frameType = frameCtrl & 0xf;
2077 frameSubtype = frameCtrl & 0xf0;
2079 #if 0 // Move to ProcessBeacon to judge if there's a new peer station
2080 if ( (wd->wlanMode == ZM_MODE_IBSS)&&
2081 (wd->sta.ibssPartnerStatus != ZM_IBSS_PARTNER_ALIVE) )
2083 zfStaIbssMonitoring(dev, buf);
2088 if (frameType == ZM_WLAN_DATA_FRAME)
2090 wd->sta.TotalNumberOfReceivePackets++;
2091 wd->sta.TotalNumberOfReceiveBytes += zfwBufGetSize(dev, buf);
2092 //zm_debug_msg1("Receive packets = ", wd->sta.TotalNumberOfReceivePackets);
2094 //zm_msg0_rx(ZM_LV_0, "Rx data");
2095 if (wd->wlanMode == ZM_MODE_AP)
2097 ret = zfApUpdatePsBit(dev, buf, &vap, &uapsdTrig);
2098 if (ret != ZM_SUCCESS)
2100 zfwBufFree(dev, buf, 0);
2104 if (((uapsdTrig&0xf) != 0) && ((frameSubtype & 0x80) != 0))
2106 u8_t ac = zcUpToAc[zmw_buf_readb(dev, buf, 24)&0x7];
2112 //printk("QoS ctrl=%d\n", zmw_buf_readb(dev, buf, 24));
2113 //printk("UAPSD trigger, ac=%d\n", ac);
2115 if (((0x8>>ac) & uapsdTrig) != 0)
2117 pktNum = zcMaxspToPktNum[(uapsdTrig>>4) & 0x3];
2119 for (ii=0; ii<6; ii++)
2121 src[ii] = zmw_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+ii);
2124 for (ii=0; ii<pktNum; ii++)
2126 //if ((psBuf = zfQueueGet(dev, wd->ap.uapsdQ)) != NULL)
2127 psBuf = zfQueueGetWithMac(dev, wd->ap.uapsdQ, src, &mb);
2130 if ((ii+1) == pktNum)
2133 flag = 0x100 | (mb<<5);
2139 //more data, not EOSP
2144 //no more data, EOSP
2148 zfTxSendEth(dev, psBuf, 0, ZM_EXTERNAL_ALLOC_BUF, flag);
2151 if ((psBuf == NULL) || (mb == 0))
2153 if ((ii == 0) && (psBuf == NULL))
2155 zfSendMmFrame(dev, ZM_WLAN_FRAME_TYPE_QOS_NULL, (u16_t*)src, 0, 0, 0);
2164 else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
2169 /* Check Is RIFS frame and decide to enable RIFS or not */
2170 if( wd->sta.EnableHT )
2171 zfCheckIsRIFSFrame(dev, buf, frameSubtype);
2173 if ( zfPowerSavingMgrIsSleeping(dev) || wd->sta.psMgr.tempWakeUp == 1)
2175 frameCtrlMSB = zmw_rx_buf_readb(dev, buf, 1);
2177 /* check more data */
2178 if ( frameCtrlMSB & ZM_BIT_5 )
2180 //if rx frame's AC is not delivery-enabled
2181 if ((wd->sta.qosInfo&0xf) != 0xf)
2184 if ((frameSubtype & 0x80) != 0)
2186 rxAc = zcUpToAc[zmw_buf_readb(dev, buf, 24)&0x7];
2189 if (((0x8>>rxAc) & wd->sta.qosInfo) == 0)
2192 wd->sta.psMgr.tempWakeUp = 0;
2197 /*increase beacon count when receive vaild data frame from AP*/
2198 ZM_MAC_WORD_TO_BYTE(wd->sta.bssid, bssid);
2200 if (zfStaIsConnected(dev)&&
2201 zfRxBufferEqualToStr(dev, buf, bssid, ZM_WLAN_HEADER_A2_OFFSET, 6))
2203 wd->sta.rxBeaconCount++;
2207 zm_msg1_rx(ZM_LV_2, "Rx VAP=", vap);
2209 /* handle IV, EXT-IV, ICV, and EXT-ICV */
2210 zfGetRxIvIcvLength(dev, buf, vap, &offset, &tailLen, addInfo);
2212 zfStaIbssPSCheckState(dev, buf);
2214 if ((frameSubtype & 0x80) == 0x80)
2219 len = zfwBufGetSize(dev, buf);
2226 zfwBufSetSize(dev, buf, len);
2230 /* Filter NULL data */
2231 if (((frameSubtype&0x40) != 0) || ((len = zfwBufGetSize(dev, buf))<=24))
2233 zm_msg1_rx(ZM_LV_1, "Free Rx NULL data, len=", len);
2234 zfwBufFree(dev, buf, 0);
2238 /* check and handle defragmentation */
2239 if ( wd->sta.bSafeMode && (wd->sta.wepStatus == ZM_ENCRYPTION_AES) && wd->sta.SWEncryptEnable )
2241 zm_msg0_rx(ZM_LV_1, "Bypass defragmentation packets in safe mode");
2245 buf = zfDefragment(dev, buf, &bIsDefrag, addInfo);
2248 /* In this case, the buffer has been freed in zfDefragment */
2253 ret = ZM_MIC_SUCCESS;
2255 /* If SW WEP/TKIP are not turned on */
2256 if ((wd->sta.SWEncryptEnable & ZM_SW_TKIP_DECRY_EN) == 0 &&
2257 (wd->sta.SWEncryptEnable & ZM_SW_WEP_DECRY_EN) == 0)
2259 encryMode = zfGetEncryModeFromRxStatus(addInfo);
2262 if ( encryMode == ZM_TKIP )
2266 ret = zfMicRxVerify(dev, buf);
2270 /* check MIC failure bit */
2271 if ( ZM_RX_STATUS_IS_MIC_FAIL(addInfo) )
2273 ret = ZM_MIC_FAILURE;
2277 if ( ret == ZM_MIC_FAILURE )
2279 u8_t Unicast_Pkt = 0x0;
2281 if ((zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) & 0x1) == 0)
2283 wd->commTally.swRxUnicastMicFailCount++;
2286 else if (zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) == 0xffff)
2288 wd->commTally.swRxMulticastMicFailCount++;
2292 wd->commTally.swRxMulticastMicFailCount++;
2294 if ( wd->wlanMode == ZM_MODE_AP )
2299 for (idx=0; idx<6; idx++)
2301 addr[idx] = zmw_rx_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+idx);
2304 if (wd->zfcbApMicFailureNotify != NULL)
2306 wd->zfcbApMicFailureNotify(dev, addr, buf);
2313 zm_debug_msg0("Countermeasure : Unicast_Pkt ");
2317 zm_debug_msg0("Countermeasure : Non-Unicast_Pkt ");
2320 if((wd->TKIP_Group_KeyChanging == 0x0) || (Unicast_Pkt == 0x1))
2322 zm_debug_msg0("Countermeasure : Do MIC Check ");
2323 zfStaMicFailureHandling(dev, buf);
2327 zm_debug_msg0("Countermeasure : SKIP MIC Check due to Group Keychanging ");
2330 /* Discard MIC failed frame */
2331 zfwBufFree(dev, buf, 0);
2340 /* TODO: Check whether WEP bit is turned on in MAC header */
2341 encryMode = ZM_NO_WEP;
2343 IsEncryFrame = (zmw_rx_buf_readb(dev, buf, 1) & 0x40);
2347 /* Software decryption for TKIP */
2348 if (wd->sta.SWEncryptEnable & ZM_SW_TKIP_DECRY_EN)
2354 struct zsTkipSeed *rxSeed;
2356 IvOffset = offset + ZM_SIZE_OF_WLAN_DATA_HEADER;
2358 rxSeed = zfStaGetRxSeed(dev, buf);
2362 zm_debug_msg0("rxSeed is NULL");
2364 /* Discard this frame */
2365 zfwBufFree(dev, buf, 0);
2369 iv16 = (zmw_rx_buf_readb(dev, buf, IvOffset) << 8) + zmw_rx_buf_readb(dev, buf, IvOffset+2);
2370 iv32 = zmw_rx_buf_readb(dev, buf, IvOffset+4) +
2371 (zmw_rx_buf_readb(dev, buf, IvOffset+5) << 8) +
2372 (zmw_rx_buf_readb(dev, buf, IvOffset+6) << 16) +
2373 (zmw_rx_buf_readb(dev, buf, IvOffset+7) << 24);
2375 /* TKIP Key Mixing */
2376 zfTkipPhase1KeyMix(iv32, rxSeed);
2377 zfTkipPhase2KeyMix(iv16, rxSeed);
2378 zfTkipGetseeds(iv16, RC4Key, rxSeed);
2381 ret = zfTKIPDecrypt(dev, buf, IvOffset+ZM_SIZE_OF_IV+ZM_SIZE_OF_EXT_IV, 16, RC4Key);
2383 if (ret == ZM_ICV_FAILURE)
2385 zm_debug_msg0("TKIP ICV fail");
2387 /* Discard ICV failed frame */
2388 zfwBufFree(dev, buf, 0);
2392 /* Remove ICV from buffer */
2393 zfwBufSetSize(dev, buf, len-4);
2396 ret = zfMicRxVerify(dev, buf);
2398 if (ret == ZM_MIC_FAILURE)
2400 if ((zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) & 0x1) == 0)
2402 wd->commTally.swRxUnicastMicFailCount++;
2404 else if (zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) == 0xffff)
2406 wd->commTally.swRxMulticastMicFailCount++;
2410 wd->commTally.swRxMulticastMicFailCount++;
2412 if ( wd->wlanMode == ZM_MODE_AP )
2417 for (idx=0; idx<6; idx++)
2419 addr[idx] = zmw_rx_buf_readb(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+idx);
2422 if (wd->zfcbApMicFailureNotify != NULL)
2424 wd->zfcbApMicFailureNotify(dev, addr, buf);
2429 zfStaMicFailureHandling(dev, buf);
2432 zm_debug_msg0("MIC fail");
2433 /* Discard MIC failed frame */
2434 zfwBufFree(dev, buf, 0);
2438 encryMode = ZM_TKIP;
2439 offset += ZM_SIZE_OF_IV + ZM_SIZE_OF_EXT_IV;
2441 else if(wd->sta.SWEncryptEnable & ZM_SW_WEP_DECRY_EN)
2448 IvOffset = offset + ZM_SIZE_OF_WLAN_DATA_HEADER;
2451 iv[0] = zmw_rx_buf_readb(dev, buf, IvOffset);
2452 iv[1] = zmw_rx_buf_readb(dev, buf, IvOffset+1);
2453 iv[2] = zmw_rx_buf_readb(dev, buf, IvOffset+2);
2455 keyIdx = ((zmw_rx_buf_readb(dev, buf, IvOffset+3) >> 6) & 0x03);
2457 IvOffset += ZM_SIZE_OF_IV;
2459 if (wd->sta.SWEncryMode[keyIdx] == ZM_WEP64)
2463 else if (wd->sta.SWEncryMode[keyIdx] == ZM_WEP128)
2467 else if (wd->sta.SWEncryMode[keyIdx] == ZM_WEP256)
2472 zfWEPDecrypt(dev, buf, IvOffset, keyLen, wd->sta.wepKey[keyIdx], iv);
2474 if (ret == ZM_ICV_FAILURE)
2476 zm_debug_msg0("WEP ICV fail");
2478 /* Discard ICV failed frame */
2479 zfwBufFree(dev, buf, 0);
2483 encryMode = wd->sta.SWEncryMode[keyIdx];
2485 /* Remove ICV from buffer */
2486 zfwBufSetSize(dev, buf, len-4);
2488 offset += ZM_SIZE_OF_IV;
2493 #ifdef ZM_ENABLE_CENC
2494 //else if ( encryMode == ZM_CENC ) /* check if CENC */
2495 if ( encryMode == ZM_CENC )
2499 rxIV[0] = (zmw_rx_buf_readh(dev, buf, 28) << 16)
2500 + zmw_rx_buf_readh(dev, buf, 26);
2501 rxIV[1] = (zmw_rx_buf_readh(dev, buf, 32) << 16)
2502 + zmw_rx_buf_readh(dev, buf, 30);
2503 rxIV[2] = (zmw_rx_buf_readh(dev, buf, 36) << 16)
2504 + zmw_rx_buf_readh(dev, buf, 34);
2505 rxIV[3] = (zmw_rx_buf_readh(dev, buf, 40) << 16)
2506 + zmw_rx_buf_readh(dev, buf, 38);
2508 //zm_debug_msg2("rxIV[0] = 0x", rxIV[0]);
2509 //zm_debug_msg2("rxIV[1] = 0x", rxIV[1]);
2510 //zm_debug_msg2("rxIV[2] = 0x", rxIV[2]);
2511 //zm_debug_msg2("rxIV[3] = 0x", rxIV[3]);
2513 /* destination address*/
2514 da[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET);
2515 da[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+2);
2516 da[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+4);
2518 if ( wd->wlanMode == ZM_MODE_AP )
2525 /* Accumlate the PN sequence */
2526 wd->sta.rxivGK[0] ++;
2528 if (wd->sta.rxivGK[0] == 0)
2530 wd->sta.rxivGK[1]++;
2533 if (wd->sta.rxivGK[1] == 0)
2535 wd->sta.rxivGK[2]++;
2538 if (wd->sta.rxivGK[2] == 0)
2540 wd->sta.rxivGK[3]++;
2543 if (wd->sta.rxivGK[3] == 0)
2545 wd->sta.rxivGK[0] = 0;
2546 wd->sta.rxivGK[1] = 0;
2547 wd->sta.rxivGK[2] = 0;
2550 //zm_debug_msg2("wd->sta.rxivGK[0] = 0x", wd->sta.rxivGK[0]);
2551 //zm_debug_msg2("wd->sta.rxivGK[1] = 0x", wd->sta.rxivGK[1]);
2552 //zm_debug_msg2("wd->sta.rxivGK[2] = 0x", wd->sta.rxivGK[2]);
2553 //zm_debug_msg2("wd->sta.rxivGK[3] = 0x", wd->sta.rxivGK[3]);
2555 if ( !((wd->sta.rxivGK[0] == rxIV[0])
2556 && (wd->sta.rxivGK[1] == rxIV[1])
2557 && (wd->sta.rxivGK[2] == rxIV[2])
2558 && (wd->sta.rxivGK[3] == rxIV[3])))
2560 u8_t PacketDiscard = 0;
2561 /* Discard PN Code Error frame */
2562 if (rxIV[0] < wd->sta.rxivGK[0])
2566 if (wd->sta.rxivGK[0] > 0xfffffff0)
2568 if ((rxIV[0] < 0xfffffff0)
2569 && (((0xffffffff - wd->sta.rxivGK[0]) + rxIV[0]) > 16))
2576 if ((rxIV[0] - wd->sta.rxivGK[0]) > 16)
2581 // sync sta pn code with ap because of losting some packets
2582 wd->sta.rxivGK[0] = rxIV[0];
2583 wd->sta.rxivGK[1] = rxIV[1];
2584 wd->sta.rxivGK[2] = rxIV[2];
2585 wd->sta.rxivGK[3] = rxIV[3];
2588 zm_debug_msg0("Discard PN Code lost too much multicast frame");
2589 zfwBufFree(dev, buf, 0);
2596 /* Accumlate the PN sequence */
2597 wd->sta.rxiv[0] += 2;
2599 if (wd->sta.rxiv[0] == 0 || wd->sta.rxiv[0] == 1)
2604 if (wd->sta.rxiv[1] == 0)
2609 if (wd->sta.rxiv[2] == 0)
2614 if (wd->sta.rxiv[3] == 0)
2616 wd->sta.rxiv[0] = 0;
2617 wd->sta.rxiv[1] = 0;
2618 wd->sta.rxiv[2] = 0;
2621 //zm_debug_msg2("wd->sta.rxiv[0] = 0x", wd->sta.rxiv[0]);
2622 //zm_debug_msg2("wd->sta.rxiv[1] = 0x", wd->sta.rxiv[1]);
2623 //zm_debug_msg2("wd->sta.rxiv[2] = 0x", wd->sta.rxiv[2]);
2624 //zm_debug_msg2("wd->sta.rxiv[3] = 0x", wd->sta.rxiv[3]);
2626 if ( !((wd->sta.rxiv[0] == rxIV[0])
2627 && (wd->sta.rxiv[1] == rxIV[1])
2628 && (wd->sta.rxiv[2] == rxIV[2])
2629 && (wd->sta.rxiv[3] == rxIV[3])))
2631 zm_debug_msg0("PN Code mismatch, lost unicast frame, sync pn code to recv packet");
2632 // sync sta pn code with ap because of losting some packets
2633 wd->sta.rxiv[0] = rxIV[0];
2634 wd->sta.rxiv[1] = rxIV[1];
2635 wd->sta.rxiv[2] = rxIV[2];
2636 wd->sta.rxiv[3] = rxIV[3];
2637 /* Discard PN Code Error frame */
2638 //zm_debug_msg0("Discard PN Code mismatch unicast frame");
2639 //zfwBufFree(dev, buf, 0);
2645 #endif //ZM_ENABLE_CENC
2648 if ((zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) & 0x1) == 0)
2650 /* for ACU to display RxRate */
2651 zfWlanUpdateRxRate(dev, addInfo);
2653 wd->commTally.rxUnicastFrm++;
2654 wd->commTally.rxUnicastOctets += (len-24);
2656 else if (zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET) == 0xffff)
2658 wd->commTally.rxBroadcastFrm++;
2659 wd->commTally.rxBroadcastOctets += (len-24);
2663 wd->commTally.rxMulticastFrm++;
2664 wd->commTally.rxMulticastOctets += (len-24);
2666 wd->ledStruct.rxTraffic++;
2668 if ((frameSubtype & 0x80) == 0x80)
2670 /* if QoS control bit-7 is 1 => A-MSDU frame */
2671 if ((zmw_rx_buf_readh(dev, buf, 24) & 0x80) != 0)
2673 zfDeAmsdu(dev, buf, vap, encryMode);
2678 // Remove MIC of TKIP
2679 if ( encryMode == ZM_TKIP )
2681 zfwBufSetSize(dev, buf, zfwBufGetSize(dev, buf) - 8);
2684 /* Convert 802.11 and SNAP header to ethernet header */
2685 if ( (wd->wlanMode == ZM_MODE_INFRASTRUCTURE)||
2686 (wd->wlanMode == ZM_MODE_IBSS) )
2688 /* destination address*/
2689 da[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET);
2690 da[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+2);
2691 da[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A1_OFFSET+4);
2693 /* check broadcast frame */
2694 if ( (da[0] == 0xffff) && (da[1] == 0xffff) && (da[2] == 0xffff) )
2696 // Ap send broadcast frame to the DUT !
2698 /* check multicast frame */
2699 /* TODO : Remove these code, hardware should be able to block */
2700 /* multicast frame on the multicast address list */
2701 /* or bypass all multicast packet by flag bAllMulticast */
2702 else if ((da[0] & 0x01) && (wd->sta.bAllMulticast == 0))
2704 for(ii=0; ii<wd->sta.multicastList.size; ii++)
2706 if ( zfMemoryIsEqual(wd->sta.multicastList.macAddr[ii].addr,
2713 if ( ii == wd->sta.multicastList.size )
2715 zm_debug_msg0("discard unknown multicast frame");
2717 zfwBufFree(dev, buf, 0);
2722 #ifdef ZM_ENABLE_NATIVE_WIFI //Native Wifi : 1, Ethernet format : 0
2726 for (i=12; i>0; i--)
2728 zmw_rx_buf_writeh(dev, buf, ((i-1)*2)+offset,
2729 zmw_rx_buf_readh(dev, buf, (i-1)*2));
2731 zfwBufRemoveHead(dev, buf, offset);
2735 if (zfRxBufferEqualToStr(dev, buf, zgSnapBridgeTunnel,
2740 else if ( zfRxBufferEqualToStr(dev, buf, zgSnap8021h,
2744 (((u16_t) zmw_rx_buf_readb(dev, buf, 30+offset)) << 8) +
2745 zmw_rx_buf_readb(dev, buf, 31+offset);
2747 //zm_debug_msg2("tpyeLengthField = ", typeLengthField);
2749 //8137 : IPX, 80F3 : Appletalk
2750 if ( (typeLengthField != 0x8137)&&
2751 (typeLengthField != 0x80F3) )
2756 if ( typeLengthField == 0x888E )
2758 zfShowRxEAPOL(dev, buf, 32);
2763 //zfwDumpBuf(dev, buf);
2766 /* source address */
2767 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
2769 /* SA = Address 3 */
2770 sa[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A3_OFFSET);
2771 sa[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A3_OFFSET+2);
2772 sa[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A3_OFFSET+4);
2776 /* SA = Address 2 */
2777 sa[0] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET);
2778 sa[1] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+2);
2779 sa[2] = zmw_rx_buf_readh(dev, buf, ZM_WLAN_HEADER_A2_OFFSET+4);
2785 zmw_rx_buf_writeh(dev, buf, 24+offset, sa[0]);
2786 zmw_rx_buf_writeh(dev, buf, 26+offset, sa[1]);
2787 zmw_rx_buf_writeh(dev, buf, 28+offset, sa[2]);
2789 /* DA = Address 1 */
2790 zmw_rx_buf_writeh(dev, buf, 18+offset, da[0]);
2791 zmw_rx_buf_writeh(dev, buf, 20+offset, da[1]);
2792 zmw_rx_buf_writeh(dev, buf, 22+offset, da[2]);
2793 zfwBufRemoveHead(dev, buf, 18+offset);
2798 zmw_rx_buf_writeh(dev, buf, 16+offset, sa[0]);
2799 zmw_rx_buf_writeh(dev, buf, 18+offset, sa[1]);
2800 zmw_rx_buf_writeh(dev, buf, 20+offset, sa[2]);
2802 /* DA = Address 1 */
2803 zmw_rx_buf_writeh(dev, buf, 10+offset, da[0]);
2804 zmw_rx_buf_writeh(dev, buf, 12+offset, da[1]);
2805 zmw_rx_buf_writeh(dev, buf, 14+offset, da[2]);
2806 zfwBufRemoveHead(dev, buf, 10+offset);
2807 /* Ethernet payload length */
2808 typeLengthField = zfwBufGetSize(dev, buf) - 14;
2809 zmw_rx_buf_writeh(dev, buf, 12, (typeLengthField<<8)+(typeLengthField>>8));
2811 #endif // ZM_ENABLE_NATIVE_WIFI
2813 else if (wd->wlanMode == ZM_MODE_AP)
2815 //if ((zmw_rx_buf_readb(dev, buf, 1) & 0x3) != 3)
2816 if (vap < ZM_MAX_AP_SUPPORT)
2819 #ifdef ZM_ENABLE_NATIVE_WIFI //Native Wifi : 1, Ethernet format : 0
2823 for (i=12; i>0; i--)
2825 zmw_rx_buf_writeh(dev, buf, ((i-1)*2)+offset,
2826 zmw_rx_buf_readh(dev, buf, (i-1)*2));
2828 zfwBufRemoveHead(dev, buf, offset);
2831 /* SA = Address 2 */
2832 zmw_rx_buf_writeh(dev, buf, 24+offset, zmw_rx_buf_readh(dev, buf,
2833 ZM_WLAN_HEADER_A2_OFFSET));
2834 zmw_rx_buf_writeh(dev, buf, 26+offset, zmw_rx_buf_readh(dev, buf,
2835 ZM_WLAN_HEADER_A2_OFFSET+2));
2836 zmw_rx_buf_writeh(dev, buf, 28+offset, zmw_rx_buf_readh(dev, buf,
2837 ZM_WLAN_HEADER_A2_OFFSET+4));
2838 /* DA = Address 3 */
2839 /* Seq : Read 20 write 22, read 18 write 20, read 16 write 18 */
2840 /* sequence must not be inverted */
2841 zmw_rx_buf_writeh(dev, buf, 22+offset, zmw_rx_buf_readh(dev, buf,
2842 ZM_WLAN_HEADER_A3_OFFSET+4));
2843 zmw_rx_buf_writeh(dev, buf, 20+offset, zmw_rx_buf_readh(dev, buf,
2844 ZM_WLAN_HEADER_A3_OFFSET+2));
2845 zmw_rx_buf_writeh(dev, buf, 18+offset, zmw_rx_buf_readh(dev, buf,
2846 ZM_WLAN_HEADER_A3_OFFSET));
2847 zfwBufRemoveHead(dev, buf, 18+offset);
2848 #endif // ZM_ENABLE_NATIVE_WIFI
2850 ret = zfIntrabssForward(dev, buf, vap);
2853 /* Free Rx buffer if intra-BSS unicast frame */
2854 zm_msg0_rx(ZM_LV_2, "Free intra-BSS unicast frame");
2855 zfwBufFree(dev, buf, 0);
2863 zm_msg0_rx(ZM_LV_2, "Rx WDS data");
2865 /* SA = Address 4 */
2866 zmw_rx_buf_writeh(dev, buf, 30+offset, zmw_rx_buf_readh(dev, buf,
2867 ZM_WLAN_HEADER_A4_OFFSET));
2868 zmw_rx_buf_writeh(dev, buf, 32+offset, zmw_rx_buf_readh(dev, buf,
2869 ZM_WLAN_HEADER_A4_OFFSET+2));
2870 zmw_rx_buf_writeh(dev, buf, 34+offset, zmw_rx_buf_readh(dev, buf,
2871 ZM_WLAN_HEADER_A4_OFFSET+4));
2872 /* DA = Address 3 */
2873 /* Seq : Read 20 write 22, read 18 write 20, read 16 write 18 */
2874 /* sequence must not be inverted */
2875 zmw_rx_buf_writeh(dev, buf, 28+offset, zmw_rx_buf_readh(dev, buf,
2876 ZM_WLAN_HEADER_A3_OFFSET+4));
2877 zmw_rx_buf_writeh(dev, buf, 26+offset, zmw_rx_buf_readh(dev, buf,
2878 ZM_WLAN_HEADER_A3_OFFSET+2));
2879 zmw_rx_buf_writeh(dev, buf, 24+offset, zmw_rx_buf_readh(dev, buf,
2880 ZM_WLAN_HEADER_A3_OFFSET));
2881 zfwBufRemoveHead(dev, buf, 24+offset);
2884 else if (wd->wlanMode == ZM_MODE_PSEUDO)
2886 /* WDS test: remove add4 */
2892 /* SA = Address 2 */
2893 zmw_rx_buf_writeh(dev, buf, 24+offset, zmw_rx_buf_readh(dev, buf,
2894 ZM_WLAN_HEADER_A2_OFFSET));
2895 zmw_rx_buf_writeh(dev, buf, 26+offset, zmw_rx_buf_readh(dev, buf,
2896 ZM_WLAN_HEADER_A2_OFFSET+2));
2897 zmw_rx_buf_writeh(dev, buf, 28+offset, zmw_rx_buf_readh(dev, buf,
2898 ZM_WLAN_HEADER_A2_OFFSET+4));
2899 /* DA = Address 1 */
2900 zmw_rx_buf_writeh(dev, buf, 18+offset, zmw_rx_buf_readh(dev, buf,
2901 ZM_WLAN_HEADER_A1_OFFSET));
2902 zmw_rx_buf_writeh(dev, buf, 20+offset, zmw_rx_buf_readh(dev, buf,
2903 ZM_WLAN_HEADER_A1_OFFSET+2));
2904 zmw_rx_buf_writeh(dev, buf, 22+offset, zmw_rx_buf_readh(dev, buf,
2905 ZM_WLAN_HEADER_A1_OFFSET+4));
2906 zfwBufRemoveHead(dev, buf, 18+offset);
2913 /* Call zfwRecvEth() to notify upper layer */
2914 //zm_msg2_rx(ZM_LV_2, "Call zfwRecvEth(), buf=", buf);
2915 //zfwDumpBuf(dev, buf);
2917 #if ZM_PROTOCOL_RESPONSE_SIMULATION == 1
2918 zfProtRspSim(dev, buf);
2920 //zfwDumpBuf(dev, buf);
2923 wd->commTally.NotifyNDISRxFrmCnt++;
2925 if (wd->zfcbRecvEth != NULL)
2927 wd->zfcbRecvEth(dev, buf, vap);
2928 ZM_PERFORMANCE_RX_MSDU(dev, wd->tick)
2931 /* if management frame */
2932 else if (frameType == ZM_WLAN_MANAGEMENT_FRAME)
2934 zm_msg2_rx(ZM_LV_2, "Rx management,FC=", frameCtrl);
2935 /* Call zfProcessManagement() to handle management frame */
2936 zfProcessManagement(dev, buf, addInfo); //CWYang(m)
2937 zfwBufFree(dev, buf, 0);
2940 else if ((wd->wlanMode == ZM_MODE_AP) && (frameCtrl == 0xa4))
2942 zm_msg0_rx(ZM_LV_0, "Rx PsPoll");
2943 zfApProcessPsPoll(dev, buf);
2944 zfwBufFree(dev, buf, 0);
2948 zm_msg0_rx(ZM_LV_1, "Rx discard!!");
2949 wd->commTally.DriverDiscardedFrm++;
2951 zfwBufFree(dev, buf, 0);
2957 /************************************************************************/
2959 /* FUNCTION DESCRIPTION zfWlanRxValidate */
2960 /* Validate Rx frame. */
2963 /* dev : device pointer */
2964 /* buf : received 802.11 frame buffer. */
2970 /* Stephen ZyDAS Technology Corporation 2005.10 */
2972 /************************************************************************/
2973 u16_t zfWlanRxValidate(zdev_t* dev, zbuf_t* buf)
2981 zmw_get_wlan_dev(dev);
2983 frameCtrl = zmw_rx_buf_readh(dev, buf, 0);
2984 frameType = frameCtrl & 0xC;
2985 frameSubType = (frameCtrl & 0xF0) >> 4;
2987 frameLen = zfwBufGetSize(dev, buf);
2989 /* Accept Data/Management frame with protocol version = 0 */
2990 if ((frameType == 0x8) || (frameType == 0x0))
2993 /* TODO : check rx status => erro bit */
2995 /* Check Minimum Length with Wep */
2996 if ((frameCtrl & 0x4000) != 0)
2998 /* Minimum Length = */
2999 /* PLCP(5)+Header(24)+IV(4)+ICV(4)+CRC(4)+RxStatus(8) */
3002 return ZM_ERR_MIN_RX_ENCRYPT_FRAME_LENGTH;
3005 else if ( frameSubType == 0x5 || frameSubType == 0x8 )
3007 /* Minimum Length = PLCP(5)+MACHeader(24)+Timestamp(8)+BeaconInterval(2)+Cap(2)+CRC(4)+RxStatus(8) */
3010 return ZM_ERR_MIN_RX_FRAME_LENGTH;
3015 /* Minimum Length = PLCP(5)+MACHeader(24)+CRC(4)+RxStatus(8) */
3018 return ZM_ERR_MIN_RX_FRAME_LENGTH;
3022 /* Check if frame Length > ZM_WLAN_MAX_RX_SIZE. */
3023 if (frameLen > ZM_WLAN_MAX_RX_SIZE)
3025 return ZM_ERR_MAX_RX_FRAME_LENGTH;
3028 else if ((frameCtrl&0xff) == 0xa4)
3031 //zm_msg0_rx(ZM_LV_0, "rx pspoll");
3033 else if ((frameCtrl&0xff) == ZM_WLAN_FRAME_TYPE_BAR)
3035 if (wd->sta.enableDrvBA == 1)
3037 zfAggRecvBAR(dev, buf);
3040 return ZM_ERR_RX_BAR_FRAME;
3044 return ZM_ERR_RX_FRAME_TYPE;
3047 if ( wd->wlanMode == ZM_MODE_AP )
3050 else if ( wd->wlanMode != ZM_MODE_PSEUDO )
3052 ret = zfStaRxValidateFrame(dev, buf);
3053 if (ret != ZM_SUCCESS)
3055 //zm_debug_msg1("discard frame, code = ", ret);
3064 /************************************************************************/
3066 /* FUNCTION DESCRIPTION zfWlanRxFilter */
3067 /* Filter duplicated frame. */
3070 /* dev : device pointer */
3071 /* buf : received 802.11 frame buffer. */
3077 /* Stephen ZyDAS Technology Corporation 2005.10 */
3079 /************************************************************************/
3080 u16_t zfWlanRxFilter(zdev_t* dev, zbuf_t* buf)
3090 u8_t up = 0; /* User priority */
3092 zmw_get_wlan_dev(dev);
3094 zmw_declare_for_critical_section();
3096 ZM_BUFFER_TRACE(dev, buf)
3101 frameType = zmw_rx_buf_readh(dev, buf, offset);
3103 // Don't divide 2^4 because we don't want the fragmentation pkt to be treated as
3104 // duplicated frames
3105 seq = zmw_rx_buf_readh(dev, buf, offset+22);
3106 dst0 = zmw_rx_buf_readh(dev, buf, offset+4);
3107 src[0] = zmw_rx_buf_readh(dev, buf, offset+10);
3108 src[1] = zmw_rx_buf_readh(dev, buf, offset+12);
3109 src[2] = zmw_rx_buf_readh(dev, buf, offset+14);
3111 /* QoS data frame */
3112 if ((frameType & 0x88) == 0x88)
3114 up = zmw_rx_buf_readb(dev, buf, offset+24);
3118 index = (src[2]+up) & (ZM_FILTER_TABLE_ROW-1);
3120 /* TBD : filter frame with source address == own MAC address */
3121 if ((wd->macAddr[0] == src[0]) && (wd->macAddr[1] == src[1])
3122 && (wd->macAddr[2] == src[2]))
3124 //zm_msg0_rx(ZM_LV_0, "Rx filter=>src is own MAC");
3125 wd->trafTally.rxSrcIsOwnMac++;
3127 return ZM_ERR_RX_SRC_ADDR_IS_OWN_MAC;
3131 zm_msg2_rx(ZM_LV_2, "Rx seq=", seq);
3133 /* Filter unicast frame only */
3134 if ((dst0 & 0x1) == 0)
3136 zmw_enter_critical_section(dev);
3138 for(i=0; i<ZM_FILTER_TABLE_COL; i++)
3140 if ((wd->rxFilterTbl[i][index].addr[0] == src[0])
3141 && (wd->rxFilterTbl[i][index].addr[1] == src[1])
3142 && (wd->rxFilterTbl[i][index].addr[2] == src[2])
3143 && (wd->rxFilterTbl[i][index].up == up))
3145 if (((frameType&0x800)==0x800)
3146 &&(wd->rxFilterTbl[i][index].seq==seq))
3148 zmw_leave_critical_section(dev);
3149 /* hit : duplicated frame */
3150 zm_msg0_rx(ZM_LV_1, "Rx filter hit=>duplicated");
3151 wd->trafTally.rxDuplicate++;
3152 return ZM_ERR_RX_DUPLICATE;
3156 /* hit : not duplicated frame, update sequence number */
3157 wd->rxFilterTbl[i][index].seq = seq;
3158 zmw_leave_critical_section(dev);
3159 zm_msg0_rx(ZM_LV_2, "Rx filter hit");
3163 } /* for(i=0; i<ZM_FILTER_TABLE_COL; i++) */
3165 /* miss : add to table */
3166 zm_msg0_rx(ZM_LV_1, "Rx filter miss");
3167 /* TODO : Random select a column */
3168 col = (u16_t)(wd->tick & (ZM_FILTER_TABLE_COL-1));
3169 wd->rxFilterTbl[col][index].addr[0] = src[0];
3170 wd->rxFilterTbl[col][index].addr[1] = src[1];
3171 wd->rxFilterTbl[col][index].addr[2] = src[2];
3172 wd->rxFilterTbl[col][index].seq = seq;
3173 wd->rxFilterTbl[col][index].up = up;
3175 zmw_leave_critical_section(dev);
3176 } /* if ((dst0 & 0x1) == 0) */
3183 u16_t zfTxGenWlanTail(zdev_t* dev, zbuf_t* buf, u16_t* snap, u16_t snaplen,
3186 struct zsMicVar* pMicKey;
3187 u16_t i, length, payloadOffset;
3188 u8_t bValue, qosType = 0;
3191 zmw_get_wlan_dev(dev);
3193 if ( wd->wlanMode == ZM_MODE_AP )
3195 pMicKey = zfApGetTxMicKey(dev, buf, &qosType);
3197 if ( pMicKey == NULL )
3202 else if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
3204 pMicKey = zfStaGetTxMicKey(dev, buf);
3206 if ( pMicKey == NULL )
3216 length = zfwBufGetSize(dev, buf);
3218 zfMicClear(pMicKey);
3220 /* append DA and SA */
3221 #ifdef ZM_ENABLE_NATIVE_WIFI
3222 for(i=16; i<22; i++)
3224 bValue = zmw_tx_buf_readb(dev, buf, i);
3225 zfMicAppendByte(bValue, pMicKey);
3227 for(i=10; i<16; i++)
3229 bValue = zmw_tx_buf_readb(dev, buf, i);
3230 zfMicAppendByte(bValue, pMicKey);
3235 bValue = zmw_tx_buf_readb(dev, buf, i);
3236 zfMicAppendByte(bValue, pMicKey);
3240 /* append for alignment */
3241 if ( wd->wlanMode == ZM_MODE_INFRASTRUCTURE )
3243 if (wd->sta.wmeConnected != 0)
3244 zfMicAppendByte(zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET + 1) >> 5, pMicKey);
3246 zfMicAppendByte(0, pMicKey);
3248 else if ( wd->wlanMode == ZM_MODE_AP )
3251 zfMicAppendByte(zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET + 1) >> 5, pMicKey);
3253 zfMicAppendByte(0, pMicKey);
3257 /* TODO : Qos Software MIC in IBSS Mode */
3258 zfMicAppendByte(0, pMicKey);
3260 zfMicAppendByte(0, pMicKey);
3261 zfMicAppendByte(0, pMicKey);
3262 zfMicAppendByte(0, pMicKey);
3266 payloadOffset = ZM_80211_FRAME_IP_OFFSET;
3270 payloadOffset = ZM_80211_FRAME_TYPE_OFFSET;
3272 for(i=0; i<(snaplen>>1); i++)
3274 snapByte[i*2] = (u8_t) (snap[i] & 0xff);
3275 snapByte[i*2+1] = (u8_t) ((snap[i] >> 8) & 0xff);
3278 for(i=0; i<snaplen; i++)
3280 zfMicAppendByte(snapByte[i], pMicKey);
3284 for(i=payloadOffset; i<length; i++)
3286 bValue = zmw_tx_buf_readb(dev, buf, i);
3287 zfMicAppendByte(bValue, pMicKey);
3290 zfMicGetMic( (u8_t*) mic, pMicKey);
3292 return ZM_SIZE_OF_MIC;
3296 /************************************************************************/
3298 /* FUNCTION DESCRIPTION zfTxGetIpTosAndFrag */
3299 /* Get IP TOS and frag offset from Tx buffer */
3302 /* dev : device pointer */
3303 /* buf : Tx buffer pointer */
3304 /* up : pointer for returning user priority */
3305 /* fragOff : pointer for returning ip frag offset */
3311 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3313 /************************************************************************/
3314 void zfTxGetIpTosAndFrag(zdev_t* dev, zbuf_t* buf, u8_t* up, u16_t* fragOff)
3324 len = zfwBufGetSize(dev, buf);
3326 if (len >= 34) //Minimum IPv4 packet size, 14(Ether header)+20(IPv4 header)
3328 etherType = (((u16_t)zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_TYPE_OFFSET))<<8)
3329 + zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_TYPE_OFFSET + 1);
3331 /* protocol type = IP */
3332 if (etherType == 0x0800)
3334 ipv = zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET) >> 4;
3335 if (ipv == 0x4) //IPv4
3337 tos = zmw_tx_buf_readb(dev, buf, ZM_80211_FRAME_IP_OFFSET + 1);
3339 *fragOff = zmw_tx_buf_readh(dev, buf, ZM_80211_FRAME_IP_OFFSET + 6);
3341 /* TODO : handle VLAN tag and IPv6 packet */
3347 #ifdef ZM_ENABLE_NATIVE_WIFI
3348 u16_t zfTxGenWlanSnap(zdev_t* dev, zbuf_t* buf, u16_t* snap, u16_t* snaplen)
3350 snap[0] = zmw_buf_readh(dev, buf, ZM_80211_FRAME_HEADER_LEN + 0);
3351 snap[1] = zmw_buf_readh(dev, buf, ZM_80211_FRAME_HEADER_LEN + 2);
3352 snap[2] = zmw_buf_readh(dev, buf, ZM_80211_FRAME_HEADER_LEN + 4);
3355 return ZM_80211_FRAME_HEADER_LEN + *snaplen;
3358 u16_t zfTxGenWlanSnap(zdev_t* dev, zbuf_t* buf, u16_t* snap, u16_t* snaplen)
3364 len = zfwBufGetSize(dev, buf);
3365 if (len < 14) //Minimum Ethernet packet size, 14(Ether header)
3367 /* TODO : Assert? */
3372 /* Generate RFC1042 header */
3373 etherType = (((u16_t)zmw_tx_buf_readb(dev, buf, 12))<<8)
3374 + zmw_tx_buf_readb(dev, buf, 13);
3376 //zm_debug_msg2("ethernet type or length = ", etherType);
3378 if (etherType > 1500)
3380 /* ETHERNET format */
3384 if ((etherType ==0x8137) || (etherType == 0x80f3))
3396 if ( etherType == 0x888E )
3398 zfShowTxEAPOL(dev, buf, 14);
3412 u8_t zfIsVtxqEmpty(zdev_t* dev)
3414 u8_t isEmpty = TRUE;
3417 zmw_get_wlan_dev(dev);
3419 zmw_declare_for_critical_section();
3421 zmw_enter_critical_section(dev);
3423 if (wd->vmmqHead != wd->vmmqTail)
3429 for(i=0; i < 4; i++)
3431 if (wd->vtxqHead[i] != wd->vtxqTail[i])
3439 zmw_leave_critical_section(dev);
3443 /************************************************************************/
3445 /* FUNCTION DESCRIPTION zfPutVtxq */
3446 /* Put Tx buffer to virtual TxQ */
3449 /* dev : device pointer */
3450 /* buf : Tx buffer pointer */
3453 /* ZM_SUCCESS or error code */
3456 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3458 /************************************************************************/
3459 u16_t zfPutVtxq(zdev_t* dev, zbuf_t* buf)
3465 struct aggTally *agg_tal;
3467 #ifdef ZM_ENABLE_AGGREGATION
3468 #ifndef ZM_BYPASS_AGGR_SCHEDULING
3474 zmw_get_wlan_dev(dev);
3476 zmw_declare_for_critical_section();
3478 zfTxGetIpTosAndFrag(dev, buf, &up, &fragOff);
3480 if ( wd->zfcbClassifyTxPacket != NULL )
3482 ac = wd->zfcbClassifyTxPacket(dev, buf);
3486 ac = zcUpToAc[up&0x7] & 0x3;
3491 * main A-MPDU aggregation function
3494 agg_tal = &wd->agg_tal;
3495 agg_tal->got_packets_sum++;
3499 #ifdef ZM_ENABLE_AGGREGATION
3500 #ifndef ZM_BYPASS_AGGR_SCHEDULING
3502 if(wd->enableAggregation==0)
3504 if( (wd->wlanMode == ZM_MODE_AP) ||
3505 (wd->wlanMode == ZM_MODE_INFRASTRUCTURE && wd->sta.EnableHT) ||
3506 (wd->wlanMode == ZM_MODE_PSEUDO) ) {
3507 // (infrastructure_mode && connect_to_11n_ap) || (ap_mode && is_11n_ap)
3508 //ret = zfAggPutVtxq(dev, buf);
3511 ret = zfAggTx(dev, buf, tid);
3512 if (ZM_SUCCESS == ret)
3514 //zfwBufFree(dev, buf, ZM_SUCCESS);
3518 if (ZM_ERR_EXCEED_PRIORITY_THRESHOLD == ret)
3520 wd->commTally.txQosDropCount[ac]++;
3521 zfwBufFree(dev, buf, ZM_SUCCESS);
3523 zm_msg1_tx(ZM_LV_1, "Packet discarded, VTXQ full, ac=", ac);
3525 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD;
3527 if (ZM_ERR_TX_BUFFER_UNAVAILABLE == ret)
3531 * continue following procession, put into VTXQ
3532 * return ZM_SUCCESS;
3540 * end of add by honda
3544 if ((fragOff & 0xff3f) == 0x0020)
3546 /* Don't let ip frag in if VTXQ unable to hold */
3547 /* whole ip frag burst(assume 20 frag) */
3548 zmw_enter_critical_section(dev);
3549 if (((wd->vtxqHead[ac] - wd->vtxqTail[ac])& ZM_VTXQ_SIZE_MASK)
3550 > (ZM_VTXQ_SIZE-20))
3552 wd->qosDropIpFrag[ac] = 1;
3556 wd->qosDropIpFrag[ac] = 0;
3558 zmw_leave_critical_section(dev);
3560 if (wd->qosDropIpFrag[ac] == 1)
3562 //zm_debug_msg2("vtQ full, drop buf = ", buf);
3563 wd->commTally.txQosDropCount[ac]++;
3564 zfwBufFree(dev, buf, ZM_SUCCESS);
3565 zm_msg1_tx(ZM_LV_1, "Packet discarded, first ip frag, ac=", ac);
3566 //VTXQ[] can not hold whold ip frag burst(assume 20 frags)
3567 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD;
3570 else if ((fragOff & 0xff3f) == 0)
3572 wd->qosDropIpFrag[ac] = 0;
3575 if (((fragOff &= 0xff1f) != 0) && (wd->qosDropIpFrag[ac] == 1))
3577 wd->commTally.txQosDropCount[ac]++;
3578 zfwBufFree(dev, buf, ZM_SUCCESS);
3579 zm_msg1_tx(ZM_LV_1, "Packet discarded, ip frag, ac=", ac);
3580 //Discard following ip frags
3581 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD;
3584 zmw_enter_critical_section(dev);
3585 if (((wd->vtxqHead[ac] + 1) & ZM_VTXQ_SIZE_MASK) != wd->vtxqTail[ac])
3587 wd->vtxq[ac][wd->vtxqHead[ac]] = buf;
3588 wd->vtxqHead[ac] = ((wd->vtxqHead[ac] + 1) & ZM_VTXQ_SIZE_MASK);
3589 zmw_leave_critical_section(dev);
3594 zmw_leave_critical_section(dev);
3596 wd->commTally.txQosDropCount[ac]++;
3597 zfwBufFree(dev, buf, ZM_SUCCESS);
3598 zm_msg1_tx(ZM_LV_1, "Packet discarded, VTXQ full, ac=", ac);
3599 return ZM_ERR_EXCEED_PRIORITY_THRESHOLD; //VTXQ[] Full
3604 /************************************************************************/
3606 /* FUNCTION DESCRIPTION zfGetVtxq */
3607 /* Get Tx buffer from virtual TxQ */
3610 /* dev : device pointer */
3613 /* Tx buffer pointer */
3616 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3618 /************************************************************************/
3619 zbuf_t* zfGetVtxq(zdev_t* dev, u8_t ac)
3623 zmw_get_wlan_dev(dev);
3625 zmw_declare_for_critical_section();
3628 zmw_enter_critical_section(dev);
3629 if (wd->vtxqHead[ac] != wd->vtxqTail[ac])
3631 buf = wd->vtxq[ac][wd->vtxqTail[ac]];
3632 wd->vtxqTail[ac] = ((wd->vtxqTail[ac] + 1) & ZM_VTXQ_SIZE_MASK);
3633 zmw_leave_critical_section(dev);
3638 zmw_leave_critical_section(dev);
3639 return 0; //VTXQ[] empty
3643 /************************************************************************/
3645 /* FUNCTION DESCRIPTION zfPutVmmq */
3646 /* Put Tx buffer to virtual MmQ */
3649 /* dev : device pointer */
3650 /* buf : Tx buffer pointer */
3653 /* ZM_SUCCESS or error code */
3656 /* Stephen Chen ZyDAS Technology Corporation 2006.12 */
3658 /************************************************************************/
3659 u16_t zfPutVmmq(zdev_t* dev, zbuf_t* buf)
3661 zmw_get_wlan_dev(dev);
3662 zmw_declare_for_critical_section();
3664 zmw_enter_critical_section(dev);
3665 if (((wd->vmmqHead + 1) & ZM_VMMQ_SIZE_MASK) != wd->vmmqTail)
3667 wd->vmmq[wd->vmmqHead] = buf;
3668 wd->vmmqHead = ((wd->vmmqHead + 1) & ZM_VMMQ_SIZE_MASK);
3669 zmw_leave_critical_section(dev);
3674 zmw_leave_critical_section(dev);
3676 zfwBufFree(dev, buf, ZM_SUCCESS);
3677 zm_msg0_mm(ZM_LV_0, "Packet discarded, VMmQ full");
3678 return ZM_ERR_VMMQ_FULL; //VTXQ[] Full
3683 /************************************************************************/
3685 /* FUNCTION DESCRIPTION zfGetVmmq */
3686 /* Get Tx buffer from virtual MmQ */
3689 /* dev : device pointer */
3692 /* Tx buffer pointer */
3695 /* Stephen Chen ZyDAS Technology Corporation 2006.12 */
3697 /************************************************************************/
3698 zbuf_t* zfGetVmmq(zdev_t* dev)
3701 zmw_get_wlan_dev(dev);
3702 zmw_declare_for_critical_section();
3704 zmw_enter_critical_section(dev);
3705 if (wd->vmmqHead != wd->vmmqTail)
3707 buf = wd->vmmq[wd->vmmqTail];
3708 wd->vmmqTail = ((wd->vmmqTail + 1) & ZM_VMMQ_SIZE_MASK);
3709 zmw_leave_critical_section(dev);
3714 zmw_leave_critical_section(dev);
3715 return 0; //VTXQ[] empty
3719 /************************************************************************/
3721 /* FUNCTION DESCRIPTION zfPushVtxq */
3722 /* Service Virtual TxQ (weighted round robin) */
3723 /* Get Tx buffer form virtual TxQ and put to hardware TxD queue */
3726 /* dev : device pointer */
3732 /* Stephen Chen ZyDAS Technology Corporation 2006.6 */
3734 /************************************************************************/
3735 void zfPushVtxq(zdev_t* dev)
3743 zmw_get_wlan_dev(dev);
3744 zmw_declare_for_critical_section();
3748 //zm_debug_msg1("zfHpGetFreeTxdCount = ", zfHpGetFreeTxdCount(dev));
3750 if (wd->halState == ZM_HAL_STATE_INIT)
3752 if (!wd->modeMDKEnable)
3754 zm_debug_msg0("HAL is not ready for Tx");
3758 else if (wd->sta.DFSDisableTx)
3760 zm_debug_msg0("return because 802.11h DFS Disable Tx");
3763 else if (wd->sta.flagFreqChanging != 0)
3765 //Hold until RF frequency changed
3768 else if (( wd->sta.flagKeyChanging ) && ( wd->wlanMode != ZM_MODE_AP ))
3772 #ifdef ZM_ENABLE_POWER_SAVE
3773 else if ( zfPowerSavingMgrIsSleeping(dev) )
3775 //zm_debug_msg0("Packets queued since the MAC is in power-saving mode\n");
3780 zmw_enter_critical_section(dev);
3781 if (wd->vtxqPushing != 0)
3787 wd->vtxqPushing = 1;
3789 zmw_leave_critical_section(dev);
3800 /* 2006.12.20, Serve Management queue */
3801 while( zfHpGetFreeTxdCount(dev) > 0 )
3803 buf = zfGetVmmq(dev);
3807 //zm_debug_msg2("send buf = ", buf);
3808 err = zfHpSend(dev, NULL, 0, NULL, 0, NULL, 0, buf, 0,
3809 ZM_INTERNAL_ALLOC_BUF, 0, 0xff);
3810 if (err != ZM_SUCCESS)
3812 zfwBufFree(dev, buf, 0);
3820 if ((wd->sta.bScheduleScan) || ((wd->sta.bChannelScan == TRUE) && (zfStaIsConnected(dev))))
3822 //Hold until Scan Stop
3823 wd->vtxqPushing = 0;
3827 #ifdef ZM_ENABLE_AGGREGATION
3828 #ifndef ZM_BYPASS_AGGR_SCHEDULING
3829 if( (wd->wlanMode == ZM_MODE_AP) ||
3830 (wd->wlanMode == ZM_MODE_INFRASTRUCTURE && wd->sta.EnableHT) ||
3831 (wd->wlanMode == ZM_MODE_PSEUDO) ) {
3833 zfAggTxScheduler(dev, 0);
3836 wd->vtxqPushing = 0;
3846 /* Service VTxQ[3] */
3849 freeTxd = zfHpGetFreeTxdCount(dev);
3852 buf = zfGetVtxq(dev, 3);
3856 //zm_debug_msg2("send buf = ", buf);
3857 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3858 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3867 /* Service VTxQ[2] */
3870 freeTxd = zfHpGetFreeTxdCount(dev);
3871 if (freeTxd >= (zfHpGetMaxTxdCount(dev)*1/4))
3873 buf = zfGetVtxq(dev, 2);
3877 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3878 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3880 if (wd->sta.ac0PriorityHigherThanAc2 == 1)
3882 buf = zfGetVtxq(dev, 0);
3886 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3887 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3897 /* Service VTxQ[0] */
3900 freeTxd = zfHpGetFreeTxdCount(dev);
3901 if (freeTxd >= (zfHpGetMaxTxdCount(dev)*2/4))
3903 buf = zfGetVtxq(dev, 0);
3907 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3908 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3918 /* Service VTxQ[1] */
3919 freeTxd = zfHpGetFreeTxdCount(dev);
3920 if (freeTxd >= (zfHpGetMaxTxdCount(dev)*3/4))
3922 buf = zfGetVtxq(dev, 1);
3926 zfTxSendEth(dev, buf, 0, ZM_EXTERNAL_ALLOC_BUF, 0);
3927 ZM_PERFORMANCE_TX_MPDU(dev, wd->tick);
3931 /* All VTxQs are either empty or exceed their threshold */
3934 wd->vtxqPushing = 0;
3941 /************************************************************************/
3943 /* FUNCTION DESCRIPTION zfFlushVtxq */
3944 /* Flush Virtual TxQ and MmQ */
3947 /* dev : device pointer */
3953 /* Stephen Chen Atheros Communications, INC. 2007.1 */
3955 /************************************************************************/
3956 void zfFlushVtxq(zdev_t* dev)
3960 zmw_get_wlan_dev(dev);
3963 while ((buf = zfGetVmmq(dev)) != 0)
3965 zfwBufFree(dev, buf, 0);
3966 zm_debug_msg0("zfFlushVtxq: [Vmmq]");
3967 wd->queueFlushed |= 0x10;
3973 while ((buf = zfGetVtxq(dev, i)) != 0)
3975 zfwBufFree(dev, buf, 0);
3976 zm_debug_msg1("zfFlushVtxq: [zfGetVtxq]- ", i);
3977 wd->queueFlushed |= (1<<i);
3982 void zf80211FrameSend(zdev_t* dev, zbuf_t* buf, u16_t* header, u16_t snapLen,
3983 u16_t* da, u16_t* sa, u8_t up, u16_t headerLen, u16_t* snap,
3984 u16_t* tail, u16_t tailLen, u16_t offset, u16_t bufType,
3985 u8_t ac, u8_t keyIdx)
3990 zmw_get_wlan_dev(dev);
3992 fragLen = zfwBufGetSize(dev, buf);
3993 if ((da[0]&0x1) == 0)
3995 wd->commTally.txUnicastFrm++;
3996 wd->commTally.txUnicastOctets += (fragLen+snapLen);
3998 else if (da[0] == 0xffff)
4000 wd->commTally.txBroadcastFrm++;
4001 wd->commTally.txBroadcastOctets += (fragLen+snapLen);
4005 wd->commTally.txMulticastFrm++;
4006 wd->commTally.txMulticastOctets += (fragLen+snapLen);
4008 wd->ledStruct.txTraffic++;
4010 err = zfHpSend(dev, header, headerLen, snap, snapLen,
4011 tail, tailLen, buf, offset,
4012 bufType, ac, keyIdx);
4013 if (err != ZM_SUCCESS)
4015 if (bufType == ZM_EXTERNAL_ALLOC_BUF)
4017 zfwBufFree(dev, buf, err);
4019 else if (bufType == ZM_INTERNAL_ALLOC_BUF)
4021 zfwBufFree(dev, buf, 0);
4030 void zfCheckIsRIFSFrame(zdev_t* dev, zbuf_t* buf, u16_t frameSubtype)
4032 zmw_get_wlan_dev(dev);
4034 /* #2 Record the sequence number to determine whether the unicast frame is separated by RIFS or not */
4035 if (frameSubtype & 0x80)
4038 u16_t qosControlField;
4040 sequenceNum = ( zmw_buf_readh(dev, buf, 22) >> 4 ); // Discard fragment number !
4041 qosControlField = zmw_buf_readh(dev, buf, 24); // Don't consider WDS (Wireless Distribution System)
4042 //DbgPrint("The QoS Control Field : %d", qosControlField);
4043 //DbgPrint("The RIFS Count : %d", wd->sta.rifsCount);
4045 if( qosControlField & ZM_BIT_5 )
4046 {// ACK policy is "No ACK"
4047 /* RIFS-Like frame */
4048 wd->sta.rifsLikeFrameSequence[wd->sta.rifsLikeFrameCnt] = sequenceNum;
4050 if( wd->sta.rifsState == ZM_RIFS_STATE_DETECTING )
4052 if( wd->sta.rifsLikeFrameSequence[2] != 0 )
4053 {// RIFS-like Pattern collected
4054 if( ( wd->sta.rifsLikeFrameSequence[2] - wd->sta.rifsLikeFrameSequence[1] == 2 ) &&
4055 ( wd->sta.rifsLikeFrameSequence[1] - wd->sta.rifsLikeFrameSequence[0] == 2 ) )
4057 /* RIFS pattern matched */
4059 /* #3 Enable RIFS function if the RIFS pattern matched */
4060 zfHpEnableRifs(dev, ((wd->sta.currentFrequency<3000)?1:0), wd->sta.EnableHT, wd->sta.HT2040);
4063 wd->sta.rifsTimer = wd->tick;
4065 wd->sta.rifsCount++;
4067 // Set state to be Detected
4068 wd->sta.rifsState = ZM_RIFS_STATE_DETECTED;
4073 {// state = Detected
4075 if( (wd->tick - wd->sta.rifsTimer) < ZM_RIFS_TIMER_TIMEOUT )
4076 wd->sta.rifsTimer = wd->tick;
4079 //DbgPrint("SN1 = %d, SN2 = %d, SN3 = %d\n", wd->sta.rifsLikeFrameSequence[0],
4080 // wd->sta.rifsLikeFrameSequence[1],
4081 // wd->sta.rifsLikeFrameSequence[2]);
4083 // Update RIFS-like sequence number
4084 if( wd->sta.rifsLikeFrameSequence[2] != 0 )
4086 wd->sta.rifsLikeFrameSequence[0] = wd->sta.rifsLikeFrameSequence[1];
4087 wd->sta.rifsLikeFrameSequence[1] = wd->sta.rifsLikeFrameSequence[2];
4088 wd->sta.rifsLikeFrameSequence[2] = 0;
4091 // Only record three adjacent frame
4092 if( wd->sta.rifsLikeFrameCnt < 2 )
4093 wd->sta.rifsLikeFrameCnt++;
4097 /* #4 Disable RIFS function if the timer TIMEOUT */
4098 if( wd->sta.rifsState == ZM_RIFS_STATE_DETECTED )
4100 if( ( wd->tick - wd->sta.rifsTimer ) > ZM_RIFS_TIMER_TIMEOUT )
4103 zfHpDisableRifs(dev);
4105 // Reset RIFS-like sequence number FIFO
4106 wd->sta.rifsLikeFrameSequence[0] = 0;
4107 wd->sta.rifsLikeFrameSequence[1] = 0;
4108 wd->sta.rifsLikeFrameSequence[2] = 0;
4109 wd->sta.rifsLikeFrameCnt = 0;
4111 // Set state to be Detecting
4112 wd->sta.rifsState = ZM_RIFS_STATE_DETECTING;