VOID InsertLinkMetricReportIE(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN UINT32 LinkMetric)
{
ULONG TempLen;
UCHAR Len = 4;
UCHAR IEId = IE_MESH_LINK_METRIC_REPORT;
UINT32 LinkMetricValue;
if (!pAd->MeshTab.wdev.if_dev)
return;
LinkMetricValue = cpu2le32(LinkMetric);
MakeOutgoingFrame(pFrameBuf, &TempLen,
1, &IEId,
1, &Len,
Len, (PUCHAR)&LinkMetricValue,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
return;
}
int write_reg(RTMP_ADAPTER *ad, UINT32 base, UINT16 offset, UINT32 val)
{
NTSTATUS ret;
UINT8 req;
UINT32 io_value;
if (base == 0x40)
req = 0x46;
io_value = cpu2le32(val);
ret = RTUSB_VendorRequest(ad,
USBD_TRANSFER_DIRECTION_OUT,
DEVICE_VENDOR_REQUEST_OUT,
req,
0,
offset,
&io_value,
4);
if (ret) {
DBGPRINT(RT_DEBUG_ERROR, ("write reg fail\n"));
}
return ret;
}
VOID InsertMeshChSwAnnIE(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN UINT8 ChSwMode,
IN UINT8 NewCh,
IN UINT32 NewCPI,
IN UINT8 ChSwCnt,
IN PUCHAR pMeshSA)
{
ULONG TempLen;
UCHAR Len = 13;
UCHAR MeshChSwAnnIE = IE_MESH_CHANNEL_SWITCH_ANNOUNCEMENT;
if (!pAd->MeshTab.wdev.if_dev)
return;
NewCPI = cpu2le32(NewCPI);
MakeOutgoingFrame(pFrameBuf, &TempLen,
1, &MeshChSwAnnIE,
1, &Len,
1, &ChSwMode,
1, &NewCh,
4, &NewCPI,
1, &ChSwCnt,
MAC_ADDR_LEN, pMeshSA,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
return;
}
VOID FT_InsertTimeoutIntervalIE(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN FT_TIMEOUT_INTERVAL_TYPE Type,
IN UINT32 TimeOutValue)
{
ULONG TempLen;
UINT8 Length;
UINT8 TimeOutIntervalIE;
UINT8 TimeoutType;
UINT32 TimeoutValueBuf;
Length = 5;
TimeOutIntervalIE = IE_FT_TIMEOUT_INTERVAL;
TimeoutType = Type;
TimeoutValueBuf = cpu2le32(TimeOutValue);
MakeOutgoingFrame( pFrameBuf, &TempLen,
1, &TimeOutIntervalIE,
1, &Length,
1, (PUCHAR)&TimeoutType,
4, (PUCHAR)&TimeoutValueBuf,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
}
/*
========================================================================
Routine Description:
1. Append bit 1 to end of the message
2. Append the length of message in rightmost 64 bits
3. Transform the Hash Value to digest message
Arguments:
pMD5_CTX Pointer to MD5_CTX_STRUC
Return Value:
digestMessage Digest message
Note:
None
========================================================================
*/
VOID RT_MD5_End (
IN MD5_CTX_STRUC *pMD5_CTX,
OUT UINT8 DigestMessage[])
{
UINT index;
UINT64 message_length_bits;
/* append 1 bits to end of the message */
NdisFillMemory(pMD5_CTX->Block + pMD5_CTX->BlockLen, 1, 0x80);
/* 55 = 64 - 8 - 1: append 1 bit(1 byte) and message length (8 bytes) */
if (pMD5_CTX->BlockLen > 55)
RT_MD5_Hash(pMD5_CTX);
/* End of if */
/* Append the length of message in rightmost 64 bits */
message_length_bits = pMD5_CTX->MessageLen*8;
message_length_bits = cpu2le64(message_length_bits);
NdisMoveMemory(&pMD5_CTX->Block[56], &message_length_bits, 8);
RT_MD5_Hash(pMD5_CTX);
/* Return message digest, transform the UINT32 hash value to bytes */
for (index = 0; index < 4;index++)
pMD5_CTX->HashValue[index] = cpu2le32(pMD5_CTX->HashValue[index]);
/* End of for */
NdisMoveMemory(DigestMessage, pMD5_CTX->HashValue, MD5_DIGEST_SIZE);
} /* End of RT_MD5_End */
/*
========================================================================
Routine Description: Write 32-bit MAC register
Arguments:
Return Value:
IRQL =
Note:
========================================================================
*/
void mt76u_reg_write(
struct rtmp_adapter *pAd,
USHORT Offset,
u32 _val)
{
u32 val = cpu2le32(_val);
/* MT76xx HW has 4 byte alignment constrained */
mt76u_vendor_request(pAd,
DEVICE_VENDOR_REQUEST_OUT,
MT_VEND_MULTI_WRITE,
0, Offset,
&val, 4);
}
VOID InsertMeshHeader(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN UINT8 MeshFlag,
IN UINT8 TTL,
IN UINT32 MeshSeq,
IN PUCHAR Addr4,
IN PUCHAR Addr5,
IN PUCHAR Addr6)
{
ULONG TempLen;
PMESH_FLAG pMeshFlagBuf = (PMESH_FLAG)&MeshFlag;
UINT32 MeshSeqBuf;
MeshSeqBuf = cpu2le32(MeshSeq);
MakeOutgoingFrame( pFrameBuf, &TempLen,
1, &MeshFlag,
1, &TTL,
4, &MeshSeqBuf,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
pFrameBuf += TempLen;
if (Addr4 && (pMeshFlagBuf->field.AE & 0x01))
{
MakeOutgoingFrame( pFrameBuf, &TempLen,
MAC_ADDR_LEN, Addr4,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
pFrameBuf += TempLen;
}
if (Addr5 && Addr6 && (pMeshFlagBuf->field.AE & 0x02))
{
MakeOutgoingFrame( pFrameBuf, &TempLen,
MAC_ADDR_LEN, Addr5,
MAC_ADDR_LEN, Addr6,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
}
return;
}
VOID InsertMeshConfigurationIE(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN BOOLEAN AcptLink)
{
ULONG TempLen;
UCHAR Len = 19;
UCHAR Ver = MESH_VERSION;
MESH_CAPABILITY MeshCapInfo;
UINT32 CPI = cpu2le32(pAd->MeshTab.CPI);
if (!pAd->MeshTab.wdev.if_dev)
return;
/*if(!MESH_ON(pAd)) */
/* return; */
MeshCapInfo.word = cpu2le16(pAd->MeshTab.MeshCapability.word);
/* Force accept the link when Peer-Link-Open/Peer-Link-Confirm. */
if (AcptLink == TRUE)
MeshCapInfo.field.AcceptPeerLinks = 1;
MakeOutgoingFrame( pFrameBuf, &TempLen,
1, &MeshConfigurationIE,
1, &Len,
1, &Ver,
3, &MeshOUI,
1, (PUCHAR)&pAd->MeshTab.PathProtocolId,
3, &MeshOUI,
1, (PUCHAR)&pAd->MeshTab.PathMetricId,
3, &MeshOUI,
1, (PUCHAR)&pAd->MeshTab.ContgesionCtrlId,
4, (PUCHAR)&CPI,
2, (PUCHAR)&MeshCapInfo.word,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
return;
}
// For MT7662 and newer
void usb_cfg_write_v3(RTMP_ADAPTER *ad, u32 value)
{
int ret;
u32 io_value;
io_value = cpu2le32(value);
ret = RTUSB_VendorRequest(ad,
USBD_TRANSFER_DIRECTION_OUT,
DEVICE_VENDOR_REQUEST_OUT,
0x46,
0,
U3DMA_WLCFG,
&io_value,
4);
if (ret) {
DBGPRINT(RT_DEBUG_ERROR, ("usb cfg write fail\n"));
return;
}
}
VOID InsertMeshPathResponseIE(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN UINT8 MeshPrepFlag,
IN UCHAR HopCount,
IN UCHAR TTL,
IN PUCHAR pDestAddr,
IN ULONG DestSeq,
IN PUCHAR pDestProxyAddr,
IN ULONG LifeTime,
IN ULONG Metrics,
IN PUCHAR pOrigAddr,
IN ULONG OrigSeq)
{
ULONG TempLen;
UCHAR MeshPrepLen = 31;
UCHAR MeshPathResponseIE = IE_MESH_PREP;
UCHAR ProxyAddrLen = 0;
if (!pAd->MeshTab.wdev.if_dev)
return;
if(!MESH_ON(pAd))
return;
if (pDestProxyAddr)
{
ProxyAddrLen = MAC_ADDR_LEN;
MeshPrepLen += MAC_ADDR_LEN;
}
else
{
ProxyAddrLen = 0;
}
DestSeq = cpu2le32(DestSeq);
LifeTime = cpu2le32(LifeTime);
Metrics = cpu2le32(Metrics);
OrigSeq = cpu2le32(OrigSeq);
MakeOutgoingFrame( pFrameBuf, &TempLen,
1, &MeshPathResponseIE,
1, &MeshPrepLen,
1, &MeshPrepFlag,
1, &HopCount,
1, &TTL,
MAC_ADDR_LEN, pDestAddr,
4, &DestSeq,
ProxyAddrLen, pDestProxyAddr,
4, &LifeTime,
4, &Metrics,
MAC_ADDR_LEN, pOrigAddr,
4, &OrigSeq,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
return;
}
VOID InsertMeshPathRequestIE(
IN PRTMP_ADAPTER pAd,
OUT PUCHAR pFrameBuf,
OUT PULONG pFrameLen,
IN UINT8 MeshPreqFlag,
IN UCHAR HopCount,
IN UCHAR TTL,
IN ULONG ReqID,
IN PUCHAR pOrigAddr,
IN ULONG OrigDsn,
IN PUCHAR pOrigProxyAddr,
IN ULONG LifeTime,
IN ULONG Metrics,
IN UCHAR DestCount,
IN MESH_DEST_ENTRY MeshDestEntry)
{
ULONG TempLen;
UCHAR MeshPreqLen = 26;
UCHAR MeshPathRequestIE = IE_MESH_PREQ;
UCHAR ProxyAddrLen = 0;
if (!pAd->MeshTab.wdev.if_dev)
return;
if(!MESH_ON(pAd))
return;
if (pOrigProxyAddr)
{
ProxyAddrLen = MAC_ADDR_LEN;
MeshPreqLen += MAC_ADDR_LEN;
}
else
{
ProxyAddrLen = 0;
}
MeshPreqLen += (DestCount * 11);
ReqID = cpu2le32(ReqID);
OrigDsn = cpu2le32(OrigDsn);
LifeTime = cpu2le32(LifeTime);
Metrics = cpu2le32(Metrics);
MakeOutgoingFrame( pFrameBuf, &TempLen,
1, &MeshPathRequestIE,
1, &MeshPreqLen,
1, &MeshPreqFlag,
1, &HopCount,
1, &TTL,
4, &ReqID,
MAC_ADDR_LEN, pOrigAddr,
4, &OrigDsn,
ProxyAddrLen, pOrigProxyAddr,
4, &LifeTime,
4, &Metrics,
1, &DestCount,
11, &MeshDestEntry,
END_OF_ARGS);
*pFrameLen = *pFrameLen + TempLen;
return;
}
/**************************************************************
* ar5212SetupBeaconDesc
*
* Fills in the control fields of the beacon descriptor
*
* Assumes: frameLen does not include the FCS
*/
void
ar5212SetupBeaconDesc(WLAN_DEV_INFO* pDev, ATHEROS_DESC *pDesc, A_INT32 beaconCnt, A_BOOL updtAntOnly, A_BOOL isAp)
{
A_UINT32 antMode;
AR5212_TX_CONTROL *pTxControl = TX_CONTROL(pDesc);
BEACON_INFO *pBeaconInfo = pDesc->pVportBss->bss.pBeaconInfo;
const RATE_TABLE *pRateTable = pDesc->pVportBss->bss.pRateTable;
A_UINT16 rateIndex = pDesc->pVportBss->bss.defaultRateIndex;
ASSERT(pBeaconInfo);
/*
** Switch Antennas every 4 beacons
*/
if (updtAntOnly) {
antMode = (beaconCnt & 4) ? 2 : 1;
}
else {
antMode = 0;
}
/* clear the status fields */
pDesc->hw.word[4] = pDesc->hw.word[5] = 0;
/* TURBO_PRIME */
if ((pDev->staConfig.abolt & ABOLT_TURBO_PRIME) && isAp) {
pTxControl->interruptReq = 1;
}
if ((pDesc->pVportBss == GET_BASE_BSS(pDev)) &&
IS_CHAN_G(pDev->staConfig.pChannel->channelFlags)) {
rateIndex = pDev->staConfig.gBeaconRate;
}
pTxControl->TXRate0 = pRateTable->info[rateIndex].rateCode;
/* exit early if this is a AP beacon desc antenna update */
if (isAp && updtAntOnly) {
if (pDev->pHalInfo->swSwapDesc) {
pDesc->hw.word[0] = cpu2le32(pDesc->hw.word[0]);
pDesc->hw.word[1] = cpu2le32(pDesc->hw.word[1]);
}
/* set tx antenna */
pTxControl->antModeXmit = antMode;
/* set buffer and frame length */
pTxControl->bufferLength = pBeaconInfo->frameLen;
pTxControl->frameLength = pBeaconInfo->frameLen + FCS_FIELD_SIZE;
if (pDev->pHalInfo->swSwapDesc) {
pDesc->hw.word[0] = cpu2le32(pDesc->hw.word[0]);
pDesc->hw.word[1] = cpu2le32(pDesc->hw.word[1]);
}
return;
}
if (pRateTable->info[rateIndex].phy == WLAN_PHY_XR) {
pTxControl->CTSEnable = 1;
pTxControl->RTSCTSRate = XR_CTS_RATE(pDev);
pTxControl->RTSCTSDur =
PHY_COMPUTE_TX_TIME(pRateTable,
pTxControl->frameLength,
rateIndex,
FALSE);
}
pTxControl->TXDataTries0 = 1;
pTxControl->noAck = 1;
pTxControl->transmitPwrCtrl = MAX_RATE_POWER;
pTxControl->antModeXmit = antMode;
pTxControl->PktType = HAL_DESC_PKT_TYPE_BEACON;
pTxControl->compProc = 3;
/* set buffer and frame length */
pTxControl->bufferLength = pBeaconInfo->frameLen;
pTxControl->frameLength = pBeaconInfo->frameLen + FCS_FIELD_SIZE;
pTxControl->more = 0;
/* Fill in the link pointers. */
if (!isAp) {
/*
* If we're a client, link the beacon descriptor back onto itself
* with the VEOL bit set.
*
* NOTE WELL: Do NOT link the virtual pointer back to itself as this
* will cause a hang when resetting the queue.
*/
pDesc->nextPhysPtr = pDesc->thisPhysPtr;
pTxControl->VEOL = 1;
ASSERT(pDesc->pNextVirtPtr != pDesc);
}
if (pDev->pHalInfo->swSwapDesc) {
pDesc->bufferPhysPtr = cpu2le32(pDesc->bufferPhysPtr);
pDesc->hw.word[0] = cpu2le32(pDesc->hw.word[0]);
pDesc->hw.word[1] = cpu2le32(pDesc->hw.word[1]);
pDesc->hw.word[2] = cpu2le32(pDesc->hw.word[2]);
pDesc->hw.word[3] = cpu2le32(pDesc->hw.word[3]);
}
}
BOOLEAN PeerBeaconAndProbeRspSanity(
IN PRTMP_ADAPTER pAd,
IN VOID *Msg,
IN ULONG MsgLen,
IN UCHAR MsgChannel,
OUT PUCHAR pAddr2,
OUT PUCHAR pBssid,
OUT CHAR Ssid[],
OUT UCHAR *pSsidLen,
OUT UCHAR *pBssType,
OUT USHORT *pBeaconPeriod,
OUT UCHAR *pChannel,
OUT UCHAR *pNewChannel,
OUT LARGE_INTEGER *pTimestamp,
OUT CF_PARM *pCfParm,
OUT USHORT *pAtimWin,
OUT USHORT *pCapabilityInfo,
OUT UCHAR *pErp,
OUT UCHAR *pDtimCount,
OUT UCHAR *pDtimPeriod,
OUT UCHAR *pBcastFlag,
OUT UCHAR *pMessageToMe,
OUT UCHAR SupRate[],
OUT UCHAR *pSupRateLen,
OUT UCHAR ExtRate[],
OUT UCHAR *pExtRateLen,
OUT UCHAR *pCkipFlag,
OUT UCHAR *pAironetCellPowerLimit,
OUT PEDCA_PARM pEdcaParm,
OUT PQBSS_LOAD_PARM pQbssLoad,
OUT PQOS_CAPABILITY_PARM pQosCapability,
OUT ULONG *pRalinkIe,
OUT UCHAR *pHtCapabilityLen,
#ifdef CONFIG_STA_SUPPORT
OUT UCHAR *pPreNHtCapabilityLen,
#endif // CONFIG_STA_SUPPORT //
OUT HT_CAPABILITY_IE *pHtCapability,
OUT UCHAR *AddHtInfoLen,
OUT ADD_HT_INFO_IE *AddHtInfo,
OUT UCHAR *NewExtChannelOffset, // Ht extension channel offset(above or below)
OUT USHORT *LengthVIE,
OUT PNDIS_802_11_VARIABLE_IEs pVIE)
{
UCHAR *Ptr;
#ifdef CONFIG_STA_SUPPORT
UCHAR TimLen;
#endif // CONFIG_STA_SUPPORT //
PFRAME_802_11 pFrame;
PEID_STRUCT pEid;
UCHAR SubType;
UCHAR Sanity;
//UCHAR ECWMin, ECWMax;
//MAC_CSR9_STRUC Csr9;
ULONG Length = 0;
// For some 11a AP which didn't have DS_IE, we use two conditions to decide the channel
// 1. If the AP is 11n enabled, then check the control channel.
// 2. If the AP didn't have any info about channel, use the channel we received this frame as the channel. (May inaccuracy!!)
UCHAR CtrlChannel = 0;
// Add for 3 necessary EID field check
Sanity = 0;
*pAtimWin = 0;
*pErp = 0;
*pDtimCount = 0;
*pDtimPeriod = 0;
*pBcastFlag = 0;
*pMessageToMe = 0;
*pExtRateLen = 0;
*pCkipFlag = 0; // Default of CkipFlag is 0
*pAironetCellPowerLimit = 0xFF; // Default of AironetCellPowerLimit is 0xFF
*LengthVIE = 0; // Set the length of VIE to init value 0
*pHtCapabilityLen = 0; // Set the length of VIE to init value 0
#ifdef CONFIG_STA_SUPPORT
if (pAd->OpMode == OPMODE_STA)
*pPreNHtCapabilityLen = 0; // Set the length of VIE to init value 0
#endif // CONFIG_STA_SUPPORT //
*AddHtInfoLen = 0; // Set the length of VIE to init value 0
*pRalinkIe = 0;
*pNewChannel = 0;
*NewExtChannelOffset = 0xff; //Default 0xff means no such IE
pCfParm->bValid = FALSE; // default: no IE_CF found
pQbssLoad->bValid = FALSE; // default: no IE_QBSS_LOAD found
pEdcaParm->bValid = FALSE; // default: no IE_EDCA_PARAMETER found
pQosCapability->bValid = FALSE; // default: no IE_QOS_CAPABILITY found
pFrame = (PFRAME_802_11)Msg;
// get subtype from header
SubType = (UCHAR)pFrame->Hdr.FC.SubType;
// get Addr2 and BSSID from header
COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2);
COPY_MAC_ADDR(pBssid, pFrame->Hdr.Addr3);
// hex_dump("Beacon", Msg, MsgLen);
Ptr = pFrame->Octet;
Length += LENGTH_802_11;
// get timestamp from payload and advance the pointer
NdisMoveMemory(pTimestamp, Ptr, TIMESTAMP_LEN);
pTimestamp->u.LowPart = cpu2le32(pTimestamp->u.LowPart);
pTimestamp->u.HighPart = cpu2le32(pTimestamp->u.HighPart);
Ptr += TIMESTAMP_LEN;
Length += TIMESTAMP_LEN;
// get beacon interval from payload and advance the pointer
NdisMoveMemory(pBeaconPeriod, Ptr, 2);
Ptr += 2;
Length += 2;
// get capability info from payload and advance the pointer
NdisMoveMemory(pCapabilityInfo, Ptr, 2);
Ptr += 2;
Length += 2;
if (CAP_IS_ESS_ON(*pCapabilityInfo))
*pBssType = BSS_INFRA;
else
*pBssType = BSS_ADHOC;
pEid = (PEID_STRUCT) Ptr;
// get variable fields from payload and advance the pointer
while ((Length + 2 + pEid->Len) <= MsgLen)
{
//
// Secure copy VIE to VarIE[MAX_VIE_LEN] didn't overflow.
//
if ((*LengthVIE + pEid->Len + 2) >= MAX_VIE_LEN)
{
DBGPRINT(RT_DEBUG_WARN, ("PeerBeaconAndProbeRspSanity - Variable IEs out of resource [len(=%d) > MAX_VIE_LEN(=%d)]\n",
(*LengthVIE + pEid->Len + 2), MAX_VIE_LEN));
break;
}
switch(pEid->Eid)
{
case IE_SSID:
// Already has one SSID EID in this beacon, ignore the second one
if (Sanity & 0x1)
break;
if(pEid->Len <= MAX_LEN_OF_SSID)
{
NdisMoveMemory(Ssid, pEid->Octet, pEid->Len);
*pSsidLen = pEid->Len;
Sanity |= 0x1;
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_SSID (len=%d)\n",pEid->Len));
return FALSE;
}
break;
case IE_SUPP_RATES:
if(pEid->Len <= MAX_LEN_OF_SUPPORTED_RATES)
{
Sanity |= 0x2;
NdisMoveMemory(SupRate, pEid->Octet, pEid->Len);
*pSupRateLen = pEid->Len;
// TODO: 2004-09-14 not a good design here, cause it exclude extra rates
// from ScanTab. We should report as is. And filter out unsupported
// rates in MlmeAux.
// Check against the supported rates
// RTMPCheckRates(pAd, SupRate, pSupRateLen);
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_SUPP_RATES (len=%d)\n",pEid->Len));
return FALSE;
}
break;
case IE_HT_CAP:
if (pEid->Len >= SIZE_HT_CAP_IE) //Note: allow extension.!!
{
NdisMoveMemory(pHtCapability, pEid->Octet, sizeof(HT_CAPABILITY_IE));
*pHtCapabilityLen = SIZE_HT_CAP_IE; // Nnow we only support 26 bytes.
*(USHORT *)(&pHtCapability->HtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->HtCapInfo));
#ifdef UNALIGNMENT_SUPPORT
{
EXT_HT_CAP_INFO extHtCapInfo;
NdisMoveMemory((PUCHAR)(&extHtCapInfo), (PUCHAR)(&pHtCapability->ExtHtCapInfo), sizeof(EXT_HT_CAP_INFO));
*(USHORT *)(&extHtCapInfo) = cpu2le16(*(USHORT *)(&extHtCapInfo));
NdisMoveMemory((PUCHAR)(&pHtCapability->ExtHtCapInfo), (PUCHAR)(&extHtCapInfo), sizeof(EXT_HT_CAP_INFO));
}
#else
*(USHORT *)(&pHtCapability->ExtHtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->ExtHtCapInfo));
#endif // UNALIGNMENT_SUPPORT //
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
*pPreNHtCapabilityLen = 0; // Now we only support 26 bytes.
Ptr = (PUCHAR) pVIE;
NdisMoveMemory(Ptr + *LengthVIE, &pEid->Eid, pEid->Len + 2);
*LengthVIE += (pEid->Len + 2);
}
#endif // CONFIG_STA_SUPPORT //
}
else
{
DBGPRINT(RT_DEBUG_WARN, ("PeerBeaconAndProbeRspSanity - wrong IE_HT_CAP. pEid->Len = %d\n", pEid->Len));
}
break;
case IE_ADD_HT:
if (pEid->Len >= sizeof(ADD_HT_INFO_IE))
{
// This IE allows extension, but we can ignore extra bytes beyond our knowledge , so only
// copy first sizeof(ADD_HT_INFO_IE)
NdisMoveMemory(AddHtInfo, pEid->Octet, sizeof(ADD_HT_INFO_IE));
*AddHtInfoLen = SIZE_ADD_HT_INFO_IE;
CtrlChannel = AddHtInfo->ControlChan;
*(USHORT *)(&AddHtInfo->AddHtInfo2) = cpu2le16(*(USHORT *)(&AddHtInfo->AddHtInfo2));
*(USHORT *)(&AddHtInfo->AddHtInfo3) = cpu2le16(*(USHORT *)(&AddHtInfo->AddHtInfo3));
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
Ptr = (PUCHAR) pVIE;
NdisMoveMemory(Ptr + *LengthVIE, &pEid->Eid, pEid->Len + 2);
*LengthVIE += (pEid->Len + 2);
}
#endif // CONFIG_STA_SUPPORT //
}
/*
========================================================================
Routine Description:
MD5 computation for one block (512 bits)
Arguments:
pMD5_CTX Pointer to Md5_CTX_STRUC
Return Value:
None
Note:
T[i] := floor(abs(sin(i + 1)) * (2 pow 32)), i is number of round
========================================================================
*/
VOID RT_MD5_Hash (
IN MD5_CTX_STRUC *pMD5_CTX)
{
UINT32 X_i;
UINT32 X[16];
UINT32 a,b,c,d;
/* Prepare the message schedule, {X_i} */
NdisMoveMemory(X, pMD5_CTX->Block, MD5_BLOCK_SIZE);
for (X_i = 0; X_i < 16; X_i++)
X[X_i] = cpu2le32(X[X_i]); /* Endian Swap */
/* End of for */
/* MD5 hash computation */
/* Initialize the working variables */
a = pMD5_CTX->HashValue[0];
b = pMD5_CTX->HashValue[1];
c = pMD5_CTX->HashValue[2];
d = pMD5_CTX->HashValue[3];
/*
* Round 1
* Let [abcd k s i] denote the operation
* a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s)
*/
ROUND1(a, b, c, d, X[ 0], 7, 0xd76aa478); /* 1 */
ROUND1(d, a, b, c, X[ 1], 12, 0xe8c7b756); /* 2 */
ROUND1(c, d, a, b, X[ 2], 17, 0x242070db); /* 3 */
ROUND1(b, c, d, a, X[ 3], 22, 0xc1bdceee); /* 4 */
ROUND1(a, b, c, d, X[ 4], 7, 0xf57c0faf); /* 5 */
ROUND1(d, a, b, c, X[ 5], 12, 0x4787c62a); /* 6 */
ROUND1(c, d, a, b, X[ 6], 17, 0xa8304613); /* 7 */
ROUND1(b, c, d, a, X[ 7], 22, 0xfd469501); /* 8 */
ROUND1(a, b, c, d, X[ 8], 7, 0x698098d8); /* 9 */
ROUND1(d, a, b, c, X[ 9], 12, 0x8b44f7af); /* 10 */
ROUND1(c, d, a, b, X[10], 17, 0xffff5bb1); /* 11 */
ROUND1(b, c, d, a, X[11], 22, 0x895cd7be); /* 12 */
ROUND1(a, b, c, d, X[12], 7, 0x6b901122); /* 13 */
ROUND1(d, a, b, c, X[13], 12, 0xfd987193); /* 14 */
ROUND1(c, d, a, b, X[14], 17, 0xa679438e); /* 15 */
ROUND1(b, c, d, a, X[15], 22, 0x49b40821); /* 16 */
/*
* Round 2
* Let [abcd k s i] denote the operation
* a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s)
*/
ROUND2(a, b, c, d, X[ 1], 5, 0xf61e2562); /* 17 */
ROUND2(d, a, b, c, X[ 6], 9, 0xc040b340); /* 18 */
ROUND2(c, d, a, b, X[11], 14, 0x265e5a51); /* 19 */
ROUND2(b, c, d, a, X[ 0], 20, 0xe9b6c7aa); /* 20 */
ROUND2(a, b, c, d, X[ 5], 5, 0xd62f105d); /* 21 */
ROUND2(d, a, b, c, X[10], 9, 0x2441453); /* 22 */
ROUND2(c, d, a, b, X[15], 14, 0xd8a1e681); /* 23 */
ROUND2(b, c, d, a, X[ 4], 20, 0xe7d3fbc8); /* 24 */
ROUND2(a, b, c, d, X[ 9], 5, 0x21e1cde6); /* 25 */
ROUND2(d, a, b, c, X[14], 9, 0xc33707d6); /* 26 */
ROUND2(c, d, a, b, X[ 3], 14, 0xf4d50d87); /* 27 */
ROUND2(b, c, d, a, X[ 8], 20, 0x455a14ed); /* 28 */
ROUND2(a, b, c, d, X[13], 5, 0xa9e3e905); /* 29 */
ROUND2(d, a, b, c, X[ 2], 9, 0xfcefa3f8); /* 30 */
ROUND2(c, d, a, b, X[ 7], 14, 0x676f02d9); /* 31 */
ROUND2(b, c, d, a, X[12], 20, 0x8d2a4c8a); /* 32 */
/*
* Round 3
* Let [abcd k s t] denote the operation
* a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s)
*/
ROUND3(a, b, c, d, X[ 5], 4, 0xfffa3942); /* 33 */
ROUND3(d, a, b, c, X[ 8], 11, 0x8771f681); /* 34 */
ROUND3(c, d, a, b, X[11], 16, 0x6d9d6122); /* 35 */
ROUND3(b, c, d, a, X[14], 23, 0xfde5380c); /* 36 */
ROUND3(a, b, c, d, X[ 1], 4, 0xa4beea44); /* 37 */
ROUND3(d, a, b, c, X[ 4], 11, 0x4bdecfa9); /* 38 */
ROUND3(c, d, a, b, X[ 7], 16, 0xf6bb4b60); /* 39 */
ROUND3(b, c, d, a, X[10], 23, 0xbebfbc70); /* 40 */
ROUND3(a, b, c, d, X[13], 4, 0x289b7ec6); /* 41 */
ROUND3(d, a, b, c, X[ 0], 11, 0xeaa127fa); /* 42 */
ROUND3(c, d, a, b, X[ 3], 16, 0xd4ef3085); /* 43 */
ROUND3(b, c, d, a, X[ 6], 23, 0x4881d05); /* 44 */
ROUND3(a, b, c, d, X[ 9], 4, 0xd9d4d039); /* 45 */
ROUND3(d, a, b, c, X[12], 11, 0xe6db99e5); /* 46 */
ROUND3(c, d, a, b, X[15], 16, 0x1fa27cf8); /* 47 */
ROUND3(b, c, d, a, X[ 2], 23, 0xc4ac5665); /* 48 */
/*
* Round 4
* Let [abcd k s t] denote the operation
* a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s)
*/
ROUND4(a, b, c, d, X[ 0], 6, 0xf4292244); /* 49 */
ROUND4(d, a, b, c, X[ 7], 10, 0x432aff97); /* 50 */
ROUND4(c, d, a, b, X[14], 15, 0xab9423a7); /* 51 */
ROUND4(b, c, d, a, X[ 5], 21, 0xfc93a039); /* 52 */
ROUND4(a, b, c, d, X[12], 6, 0x655b59c3); /* 53 */
ROUND4(d, a, b, c, X[ 3], 10, 0x8f0ccc92); /* 54 */
ROUND4(c, d, a, b, X[10], 15, 0xffeff47d); /* 55 */
ROUND4(b, c, d, a, X[ 1], 21, 0x85845dd1); /* 56 */
ROUND4(a, b, c, d, X[ 8], 6, 0x6fa87e4f); /* 57 */
ROUND4(d, a, b, c, X[15], 10, 0xfe2ce6e0); /* 58 */
ROUND4(c, d, a, b, X[ 6], 15, 0xa3014314); /* 59 */
ROUND4(b, c, d, a, X[13], 21, 0x4e0811a1); /* 60 */
ROUND4(a, b, c, d, X[ 4], 6, 0xf7537e82); /* 61 */
ROUND4(d, a, b, c, X[11], 10, 0xbd3af235); /* 62 */
ROUND4(c, d, a, b, X[ 2], 15, 0x2ad7d2bb); /* 63 */
ROUND4(b, c, d, a, X[ 9], 21, 0xeb86d391); /* 64 */
/* Compute the i^th intermediate hash value H^(i) */
pMD5_CTX->HashValue[0] += a;
pMD5_CTX->HashValue[1] += b;
pMD5_CTX->HashValue[2] += c;
pMD5_CTX->HashValue[3] += d;
NdisZeroMemory(pMD5_CTX->Block, MD5_BLOCK_SIZE);
pMD5_CTX->BlockLen = 0;
} /* End of RT_MD5_Hash */
void send_radiotap_monitor_packets(
PNET_DEV pNetDev,
PNDIS_PACKET pRxPacket,
VOID *dot11_hdr,
UCHAR *pData,
USHORT DataSize,
UCHAR L2PAD,
UCHAR PHYMODE,
UCHAR BW,
UCHAR ShortGI,
UCHAR MCS,
UCHAR LDPC,
UCHAR LDPC_EX_SYM,
UCHAR AMPDU,
UCHAR STBC,
UCHAR RSSI1,
UCHAR *pDevName,
UCHAR Channel,
UCHAR CentralChannel,
UCHAR sideband_index,
UINT32 MaxRssi) {
struct sk_buff *pOSPkt;
int rate_index = 0;
USHORT header_len = 0;
UCHAR temp_header[40] = {0};
struct mtk_radiotap_header *mtk_rt_hdr;
UINT32 varlen = 0, padding_len = 0;
UINT64 tmp64;
UINT32 tmp32;
UINT16 tmp16;
UCHAR *pos;
DOT_11_HDR *pHeader = (DOT_11_HDR *)dot11_hdr;
MEM_DBG_PKT_FREE_INC(pRxPacket);
pOSPkt = RTPKT_TO_OSPKT(pRxPacket);
pOSPkt->dev = pNetDev;
if (pHeader->FC.Type == 0x2 /* FC_TYPE_DATA */) {
DataSize -= LENGTH_802_11;
if ((pHeader->FC.ToDs == 1) && (pHeader->FC.FrDs == 1))
header_len = LENGTH_802_11_WITH_ADDR4;
else
header_len = LENGTH_802_11;
/* QOS */
if (pHeader->FC.SubType & 0x08) {
header_len += 2;
/* Data skip QOS contorl field */
DataSize -= 2;
}
/* Order bit: A-Ralink or HTC+ */
if (pHeader->FC.Order) {
header_len += 4;
/* Data skip HTC contorl field */
DataSize -= 4;
}
/* Copy Header */
if (header_len <= 40)
NdisMoveMemory(temp_header, pData, header_len);
/* skip HW padding */
if (L2PAD)
pData += (header_len + 2);
else
pData += header_len;
}
if (DataSize < pOSPkt->len) {
skb_trim(pOSPkt, DataSize);
} else {
skb_put(pOSPkt, (DataSize - pOSPkt->len));
}
if ((pData - pOSPkt->data) > 0) {
skb_put(pOSPkt, (pData - pOSPkt->data));
skb_pull(pOSPkt, (pData - pOSPkt->data));
}
if (skb_headroom(pOSPkt) < (sizeof(*mtk_rt_hdr) + header_len)) {
if (pskb_expand_head(pOSPkt, (sizeof(*mtk_rt_hdr) + header_len), 0, GFP_ATOMIC)) {
DBGPRINT(RT_DEBUG_ERROR,
("%s : Reallocate header size of sk_buff fail!\n",
__FUNCTION__));
goto err_free_sk_buff;
}
}
if (header_len > 0)
NdisMoveMemory(skb_push(pOSPkt, header_len), temp_header, header_len);
/* tsf */
padding_len = ((varlen % 8) == 0) ? 0 : (8 - (varlen % 8));
varlen += (8 + padding_len);
/* flags */
varlen += 1;
/* rate */
if (PHYMODE < MODE_HTMIX)
varlen += 1;
/* channel frequency */
padding_len = ((varlen % 2) == 0) ? 0 : (2 - (varlen % 2));
varlen += (2 + padding_len);
/* channel flags */
varlen += 2;
/* MCS */
if ((PHYMODE == MODE_HTMIX) || (PHYMODE == MODE_HTGREENFIELD)) {
/* known */
varlen += 1;
/* flags */
varlen += 1;
/* index */
varlen += 1;
}
/* A-MPDU */
if (AMPDU) {
/* reference number */
padding_len = ((varlen % 4) == 0) ? 0 : (4 - (varlen % 4));
varlen += (4 + padding_len);
/* flags */
varlen += 2;
/* delimiter crc value */
varlen += 1;
/* reserved */
varlen += 1;
}
/* VHT */
if (PHYMODE == MODE_VHT) {
/* known */
padding_len = ((varlen % 2) == 0) ? 0 : (2 - (varlen % 2));
varlen += (2 + padding_len);
/* flags */
varlen += 1;
/* bandwidth */
varlen += 1;
/* mcs_nss */
varlen += 4;
/* coding */
varlen += 1;
/* group_id */
varlen += 1;
/* partial_aid */
varlen += 2;
}
mtk_rt_hdr = (struct mtk_radiotap_header *)skb_push(pOSPkt, sizeof(*mtk_rt_hdr) + varlen);
NdisZeroMemory(mtk_rt_hdr, sizeof(*mtk_rt_hdr) + varlen);
mtk_rt_hdr->rt_hdr.it_version = PKTHDR_RADIOTAP_VERSION;
mtk_rt_hdr->rt_hdr.it_pad = 0;
mtk_rt_hdr->rt_hdr.it_len = cpu2le16(sizeof(*mtk_rt_hdr) + varlen);
mtk_rt_hdr->rt_hdr.it_present = cpu2le32(
(1 << IEEE80211_RADIOTAP_TSFT) |
(1 << IEEE80211_RADIOTAP_FLAGS));
if (PHYMODE < MODE_HTMIX) {
mtk_rt_hdr->rt_hdr.it_present |= cpu2le32(1 << IEEE80211_RADIOTAP_RATE);
}
mtk_rt_hdr->rt_hdr.it_present |= cpu2le32(1 << IEEE80211_RADIOTAP_CHANNEL);
if ((PHYMODE == MODE_HTMIX) || (PHYMODE == MODE_HTGREENFIELD)) {
mtk_rt_hdr->rt_hdr.it_present |= cpu2le32(1 << IEEE80211_RADIOTAP_MCS);
}
if (AMPDU) {
mtk_rt_hdr->rt_hdr.it_present |= cpu2le32(1 << IEEE80211_RADIOTAP_AMPDU_STATUS);
}
if (PHYMODE == MODE_VHT)
mtk_rt_hdr->rt_hdr.it_present |= cpu2le32(1 << IEEE80211_RADIOTAP_VHT);
varlen = 0;
pos = mtk_rt_hdr->variable;
padding_len = ((varlen % 8) == 0) ? 0 : (8 - (varlen % 8));
pos += padding_len;
varlen += padding_len;
/* tsf */
tmp64 = 0;
NdisMoveMemory(pos, &tmp64, 8);
pos += 8;
varlen += 8;
/* flags */
*pos = 0;
pos++;
varlen++;
/* rate */
if (PHYMODE == MODE_OFDM) {
rate_index = (UCHAR)(MCS) + 4;
*pos = ralinkrate[rate_index];
pos++;
varlen++;
} else if (PHYMODE == MODE_CCK) {
rate_index = (UCHAR)(MCS);
*pos = ralinkrate[rate_index];
pos++;
varlen++;
}
/* channel frequency */
padding_len = ((varlen % 2) == 0) ? 0 : (2 - (varlen % 2));
pos += padding_len;
varlen += padding_len;
#define ieee80211chan2mhz(x) \
(((x) <= 14) ? \
(((x) == 14) ? 2484 : ((x) * 5) + 2407) : \
((x) + 1000) * 5)
tmp16 = cpu2le16(ieee80211chan2mhz(Channel));
NdisMoveMemory(pos, &tmp16, 2);
pos += 2;
varlen += 2;
if (Channel > 14) {
tmp16 = cpu2le16((IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ));
} else {
if (PHYMODE == MODE_CCK) {
tmp16 = cpu2le16(IEEE80211_CHAN_CCK | IEEE80211_CHAN_2GHZ);
} else {
tmp16 = cpu2le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_2GHZ);
}
}
NdisMoveMemory(pos, &tmp16, 2);
pos += 2;
varlen += 2;
/* HT MCS */
if ((PHYMODE == MODE_HTMIX) || (PHYMODE == MODE_HTGREENFIELD)) {
*pos = (IEEE80211_RADIOTAP_MCS_HAVE_BW |
IEEE80211_RADIOTAP_MCS_HAVE_MCS |
IEEE80211_RADIOTAP_MCS_HAVE_GI |
IEEE80211_RADIOTAP_MCS_HAVE_FMT |
IEEE80211_RADIOTAP_MCS_HAVE_FEC);
pos++;
varlen++;
/* BW */
if (BW == 0) {
*pos = HT_BW(IEEE80211_RADIOTAP_MCS_BW_20);
} else {
*pos = HT_BW(IEEE80211_RADIOTAP_MCS_BW_40);
}
/* HT GI */
*pos |= HT_GI(ShortGI);
/* HT format */
if (PHYMODE == MODE_HTMIX)
*pos |= HT_FORMAT(0);
else if (PHYMODE == MODE_HTGREENFIELD)
*pos |= HT_FORMAT(1);
/* HT FEC type */
*pos |= HT_FEC_TYPE(LDPC);
pos++;
varlen++;
/* HT mcs index */
*pos = MCS;
pos++;
varlen++;
}
if (AMPDU) {
/* reference number */
padding_len = ((varlen % 4) == 0) ? 0 : (4 - (varlen % 4));
varlen += padding_len;
pos += padding_len;
tmp32 = 0;
NdisMoveMemory(pos, &tmp32, 4);
pos += 4;
varlen += 2;
/* flags */
tmp16 = 0;
NdisMoveMemory(pos, &tmp16, 2);
pos += 2;
varlen += 2;
/* delimiter CRC value */
*pos = 0;
pos++;
varlen++;
/* reserved */
*pos = 0;
pos++;
varlen++;
}
#ifdef DOT11_VHT_AC
/* VHT */
if (PHYMODE == MODE_VHT) {
/* known */
padding_len = ((varlen % 2) == 0) ? 0 : (2 - (varlen % 2));
varlen += padding_len;
pos += padding_len;
tmp16 = cpu2le16(IEEE80211_RADIOTAP_VHT_KNOWN_STBC |
IEEE80211_RADIOTAP_VHT_KNOWN_GI |
IEEE80211_RADIOTAP_VHT_KNOWN_LDPC_EXTRA_OFDM_SYM |
IEEE80211_RADIOTAP_VHT_KNOWN_BANDWIDTH);
NdisMoveMemory(pos, &tmp16, 2);
pos += 2;
varlen += 2;
/* flags */
*pos = (STBC?IEEE80211_RADIOTAP_VHT_FLAG_STBC:0);
*pos |= (ShortGI?IEEE80211_RADIOTAP_VHT_FLAG_SGI:0);
*pos |= (LDPC_EX_SYM?IEEE80211_RADIOTAP_VHT_FLAG_LDPC_EXTRA_OFDM_SYM:0);
pos++;
varlen++;
/* bandwidth */
if (BW == 0) {
*pos = 0;
} else if (BW == 1) {
*pos = 1;
} else if (BW == 2) {
*pos = 4;
#if 0
if (sideband_index == 0)
*pos = 7; /* 20LL */
else if (sideband_index == 1)
*pos = 8; /* 20LU */
else if (sideband_index == 2)
*pos = 9; /* 20UL */
else if (sideband_index == 3)
*pos = 10; /* 20UU */
#endif
} else {
DBGPRINT(RT_DEBUG_ERROR, ("%s:unknow bw(%d)\n", __FUNCTION__, BW));
}
/* mcs_nss */
pos++;
varlen++;
/* vht_mcs_nss[0] */
*pos = (GET_VHT_NSS(MCS) & 0x0f);
*pos |= ((GET_VHT_MCS(MCS) & 0x0f) << 4);
pos++;
varlen++;
/* vht_mcs_nss[1] */
*pos = 0;
pos++;
varlen++;
/* vht_mcs_nss[2] */
*pos = 0;
pos++;
varlen++;
/* vht_mcs_nss[3] */
*pos = 0;
pos++;
varlen++;
/* coding */
if (LDPC)
*pos = 1;
else
*pos = 0;
pos++;
varlen++;
/* group_id */
*pos = 0;
pos++;
varlen++;
/* partial aid */
tmp16 = 0;
NdisMoveMemory(pos, &tmp16, 2);
pos += 2;
varlen += 2;
}
#endif /* DOT11_VHT_AC */
pOSPkt->dev = pOSPkt->dev;
skb_reset_mac_header(pOSPkt);
pOSPkt->pkt_type = PACKET_OTHERHOST;
pOSPkt->protocol = __constant_htons(ETH_P_80211_RAW);
pOSPkt->ip_summed = CHECKSUM_NONE;
netif_rx_ni(pOSPkt);
return;
err_free_sk_buff:
RELEASE_NDIS_PACKET(NULL, pRxPacket, NDIS_STATUS_FAILURE);
return;
}
/*
==========================================================================
Description:
MLME message sanity check
Return:
TRUE if all parameters are OK, FALSE otherwise
IRQL = DISPATCH_LEVEL
==========================================================================
*/
BOOLEAN PeerBeaconAndProbeRspSanity(
IN PRTMP_ADAPTER pAd,
IN VOID *Msg,
IN ULONG MsgLen,
IN UCHAR MsgChannel,
OUT PUCHAR pAddr2,
OUT PUCHAR pBssid,
OUT CHAR Ssid[],
OUT UCHAR *pSsidLen,
OUT UCHAR *pBssType,
OUT USHORT *pBeaconPeriod,
OUT UCHAR *pChannel,
OUT UCHAR *pNewChannel,
OUT LARGE_INTEGER *pTimestamp,
OUT CF_PARM *pCfParm,
OUT USHORT *pAtimWin,
OUT USHORT *pCapabilityInfo,
OUT UCHAR *pErp,
OUT UCHAR *pDtimCount,
OUT UCHAR *pDtimPeriod,
OUT UCHAR *pBcastFlag,
OUT UCHAR *pMessageToMe,
OUT UCHAR SupRate[],
OUT UCHAR *pSupRateLen,
OUT UCHAR ExtRate[],
OUT UCHAR *pExtRateLen,
OUT UCHAR *pCkipFlag,
OUT UCHAR *pAironetCellPowerLimit,
OUT PEDCA_PARM pEdcaParm,
OUT PQBSS_LOAD_PARM pQbssLoad,
OUT PQOS_CAPABILITY_PARM pQosCapability,
OUT ULONG *pRalinkIe,
OUT UCHAR *pHtCapabilityLen,
OUT HT_CAPABILITY_IE *pHtCapability,
OUT EXT_CAP_INFO_ELEMENT *pExtCapInfo,
OUT UCHAR *AddHtInfoLen,
OUT ADD_HT_INFO_IE *AddHtInfo,
OUT UCHAR *NewExtChannelOffset, /* Ht extension channel offset(above or below)*/
OUT USHORT *LengthVIE,
OUT PNDIS_802_11_VARIABLE_IEs pVIE)
{
UCHAR *Ptr;
PFRAME_802_11 pFrame;
PEID_STRUCT pEid;
UCHAR SubType;
UCHAR Sanity;
/*UCHAR ECWMin, ECWMax;*/
/*MAC_CSR9_STRUC Csr9;*/
ULONG Length = 0;
UCHAR *pPeerWscIe = NULL;
INT PeerWscIeLen = 0;
UCHAR LatchRfChannel = 0;
/*
For some 11a AP which didn't have DS_IE, we use two conditions to decide the channel
1. If the AP is 11n enabled, then check the control channel.
2. If the AP didn't have any info about channel, use the channel we received this
frame as the channel. (May inaccuracy!!)
*/
UCHAR CtrlChannel = 0;
os_alloc_mem(NULL, &pPeerWscIe, 512);
/* Add for 3 necessary EID field check*/
Sanity = 0;
*pAtimWin = 0;
*pErp = 0;
*pDtimCount = 0;
*pDtimPeriod = 0;
*pBcastFlag = 0;
*pMessageToMe = 0;
*pExtRateLen = 0;
*pCkipFlag = 0; /* Default of CkipFlag is 0*/
*pAironetCellPowerLimit = 0xFF; /* Default of AironetCellPowerLimit is 0xFF*/
*LengthVIE = 0; /* Set the length of VIE to init value 0*/
*pHtCapabilityLen = 0; /* Set the length of VIE to init value 0*/
*AddHtInfoLen = 0; /* Set the length of VIE to init value 0*/
NdisZeroMemory(pExtCapInfo, sizeof(EXT_CAP_INFO_ELEMENT));
*pRalinkIe = 0;
*pNewChannel = 0;
*NewExtChannelOffset = 0xff; /*Default 0xff means no such IE*/
pCfParm->bValid = FALSE; /* default: no IE_CF found*/
pQbssLoad->bValid = FALSE; /* default: no IE_QBSS_LOAD found*/
pEdcaParm->bValid = FALSE; /* default: no IE_EDCA_PARAMETER found*/
pQosCapability->bValid = FALSE; /* default: no IE_QOS_CAPABILITY found*/
pFrame = (PFRAME_802_11)Msg;
/* get subtype from header*/
SubType = (UCHAR)pFrame->Hdr.FC.SubType;
/* get Addr2 and BSSID from header*/
COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2);
COPY_MAC_ADDR(pBssid, pFrame->Hdr.Addr3);
/* hex_dump("Beacon", Msg, MsgLen);*/
Ptr = pFrame->Octet;
Length += LENGTH_802_11;
/* get timestamp from payload and advance the pointer*/
NdisMoveMemory(pTimestamp, Ptr, TIMESTAMP_LEN);
pTimestamp->u.LowPart = cpu2le32(pTimestamp->u.LowPart);
pTimestamp->u.HighPart = cpu2le32(pTimestamp->u.HighPart);
Ptr += TIMESTAMP_LEN;
Length += TIMESTAMP_LEN;
/* get beacon interval from payload and advance the pointer*/
NdisMoveMemory(pBeaconPeriod, Ptr, 2);
Ptr += 2;
Length += 2;
/* get capability info from payload and advance the pointer*/
NdisMoveMemory(pCapabilityInfo, Ptr, 2);
Ptr += 2;
Length += 2;
if (CAP_IS_ESS_ON(*pCapabilityInfo))
*pBssType = BSS_INFRA;
else
*pBssType = BSS_ADHOC;
pEid = (PEID_STRUCT) Ptr;
/* get variable fields from payload and advance the pointer*/
while ((Length + 2 + pEid->Len) <= MsgLen)
{
/* Secure copy VIE to VarIE[MAX_VIE_LEN] didn't overflow.*/
if ((*LengthVIE + pEid->Len + 2) >= MAX_VIE_LEN)
{
DBGPRINT(RT_DEBUG_WARN, ("PeerBeaconAndProbeRspSanity - Variable IEs out of resource [len(=%d) > MAX_VIE_LEN(=%d)]\n",
(*LengthVIE + pEid->Len + 2), MAX_VIE_LEN));
break;
}
switch(pEid->Eid)
{
case IE_SSID:
/* Already has one SSID EID in this beacon, ignore the second one*/
if (Sanity & 0x1)
break;
if(pEid->Len <= MAX_LEN_OF_SSID)
{
NdisMoveMemory(Ssid, pEid->Octet, pEid->Len);
*pSsidLen = pEid->Len;
Sanity |= 0x1;
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_SSID (len=%d)\n",pEid->Len));
goto SanityCheck;
}
break;
case IE_SUPP_RATES:
if(pEid->Len <= MAX_LEN_OF_SUPPORTED_RATES)
{
Sanity |= 0x2;
NdisMoveMemory(SupRate, pEid->Octet, pEid->Len);
*pSupRateLen = pEid->Len;
/*
TODO: 2004-09-14 not a good design here, cause it exclude extra
rates from ScanTab. We should report as is. And filter out
unsupported rates in MlmeAux
*/
/* Check against the supported rates*/
/* RTMPCheckRates(pAd, SupRate, pSupRateLen);*/
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_SUPP_RATES (len=%d)\n",pEid->Len));
goto SanityCheck;
}
break;
case IE_HT_CAP:
if (pEid->Len >= SIZE_HT_CAP_IE) /*Note: allow extension.!!*/
{
NdisMoveMemory(pHtCapability, pEid->Octet, sizeof(HT_CAPABILITY_IE));
*pHtCapabilityLen = SIZE_HT_CAP_IE; /* Nnow we only support 26 bytes.*/
*(USHORT *)(&pHtCapability->HtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->HtCapInfo));
#ifdef UNALIGNMENT_SUPPORT
{
EXT_HT_CAP_INFO extHtCapInfo;
NdisMoveMemory((PUCHAR)(&extHtCapInfo), (PUCHAR)(&pHtCapability->ExtHtCapInfo), sizeof(EXT_HT_CAP_INFO));
*(USHORT *)(&extHtCapInfo) = cpu2le16(*(USHORT *)(&extHtCapInfo));
NdisMoveMemory((PUCHAR)(&pHtCapability->ExtHtCapInfo), (PUCHAR)(&extHtCapInfo), sizeof(EXT_HT_CAP_INFO));
}
#else
*(USHORT *)(&pHtCapability->ExtHtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->ExtHtCapInfo));
#endif /* UNALIGNMENT_SUPPORT */
}
else
{
DBGPRINT(RT_DEBUG_WARN, ("PeerBeaconAndProbeRspSanity - wrong IE_HT_CAP. pEid->Len = %d\n", pEid->Len));
}
break;
case IE_ADD_HT:
if (pEid->Len >= sizeof(ADD_HT_INFO_IE))
{
/*
This IE allows extension, but we can ignore extra bytes beyond our
knowledge , so only copy first sizeof(ADD_HT_INFO_IE)
*/
NdisMoveMemory(AddHtInfo, pEid->Octet, sizeof(ADD_HT_INFO_IE));
*AddHtInfoLen = SIZE_ADD_HT_INFO_IE;
CtrlChannel = AddHtInfo->ControlChan;
*(USHORT *)(&AddHtInfo->AddHtInfo2) = cpu2le16(*(USHORT *)(&AddHtInfo->AddHtInfo2));
*(USHORT *)(&AddHtInfo->AddHtInfo3) = cpu2le16(*(USHORT *)(&AddHtInfo->AddHtInfo3));
}
else
{
DBGPRINT(RT_DEBUG_WARN, ("PeerBeaconAndProbeRspSanity - wrong IE_ADD_HT. \n"));
}
break;
case IE_SECONDARY_CH_OFFSET:
if (pEid->Len == 1)
{
*NewExtChannelOffset = pEid->Octet[0];
}
else
{
DBGPRINT(RT_DEBUG_WARN, ("PeerBeaconAndProbeRspSanity - wrong IE_SECONDARY_CH_OFFSET. \n"));
}
break;
case IE_FH_PARM:
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity(IE_FH_PARM) \n"));
break;
case IE_DS_PARM:
if(pEid->Len == 1)
{
*pChannel = *pEid->Octet;
Sanity |= 0x4;
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_DS_PARM (len=%d)\n",pEid->Len));
goto SanityCheck;
}
break;
case IE_CF_PARM:
if(pEid->Len == 6)
{
pCfParm->bValid = TRUE;
pCfParm->CfpCount = pEid->Octet[0];
pCfParm->CfpPeriod = pEid->Octet[1];
pCfParm->CfpMaxDuration = pEid->Octet[2] + 256 * pEid->Octet[3];
pCfParm->CfpDurRemaining = pEid->Octet[4] + 256 * pEid->Octet[5];
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_CF_PARM\n"));
if (pPeerWscIe)
os_free_mem(NULL, pPeerWscIe);
return FALSE;
}
break;
case IE_IBSS_PARM:
if(pEid->Len == 2)
{
NdisMoveMemory(pAtimWin, pEid->Octet, pEid->Len);
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAndProbeRspSanity - wrong IE_IBSS_PARM\n"));
if (pPeerWscIe)
os_free_mem(NULL, pPeerWscIe);
return FALSE;
}
break;
case IE_CHANNEL_SWITCH_ANNOUNCEMENT:
if(pEid->Len == 3)
{
*pNewChannel = pEid->Octet[1]; /*extract new channel number*/
}
break;
/*
New for WPA
CCX v2 has the same IE, we need to parse that too
Wifi WMM use the same IE vale, need to parse that too
*/
/* case IE_WPA:*/
case IE_VENDOR_SPECIFIC:
/* Check the OUI version, filter out non-standard usage*/
if (NdisEqualMemory(pEid->Octet, RALINK_OUI, 3) && (pEid->Len == 7))
{
/**pRalinkIe = pEid->Octet[3];*/
if (pEid->Octet[3] != 0)
*pRalinkIe = pEid->Octet[3];
else
*pRalinkIe = 0xf0000000; /* Set to non-zero value (can't set bit0-2) to represent this is Ralink Chip. So at linkup, we will set ralinkchip flag.*/
}
else if (NdisEqualMemory(pEid->Octet, WPA_OUI, 4))
{
/* Copy to pVIE which will report to bssid list.*/
Ptr = (PUCHAR) pVIE;
NdisMoveMemory(Ptr + *LengthVIE, &pEid->Eid, pEid->Len + 2);
*LengthVIE += (pEid->Len + 2);
}
else if (NdisEqualMemory(pEid->Octet, WME_PARM_ELEM, 6) && (pEid->Len == 24))
{
PUCHAR ptr;
int i;
/* parsing EDCA parameters*/
pEdcaParm->bValid = TRUE;
pEdcaParm->bQAck = FALSE; /* pEid->Octet[0] & 0x10;*/
pEdcaParm->bQueueRequest = FALSE; /* pEid->Octet[0] & 0x20;*/
pEdcaParm->bTxopRequest = FALSE; /* pEid->Octet[0] & 0x40;*/
pEdcaParm->EdcaUpdateCount = pEid->Octet[6] & 0x0f;
pEdcaParm->bAPSDCapable = (pEid->Octet[6] & 0x80) ? 1 : 0;
ptr = &pEid->Octet[8];
for (i=0; i<4; i++)
{
UCHAR aci = (*ptr & 0x60) >> 5; /* b5~6 is AC INDEX*/
pEdcaParm->bACM[aci] = (((*ptr) & 0x10) == 0x10); /* b5 is ACM*/
pEdcaParm->Aifsn[aci] = (*ptr) & 0x0f; /* b0~3 is AIFSN*/
pEdcaParm->Cwmin[aci] = *(ptr+1) & 0x0f; /* b0~4 is Cwmin*/
pEdcaParm->Cwmax[aci] = *(ptr+1) >> 4; /* b5~8 is Cwmax*/
pEdcaParm->Txop[aci] = *(ptr+2) + 256 * (*(ptr+3)); /* in unit of 32-us*/
ptr += 4; /* point to next AC*/
}
}
else if (NdisEqualMemory(pEid->Octet, WME_INFO_ELEM, 6) && (pEid->Len == 7))
{
/* parsing EDCA parameters*/
pEdcaParm->bValid = TRUE;
pEdcaParm->bQAck = FALSE; /* pEid->Octet[0] & 0x10;*/
pEdcaParm->bQueueRequest = FALSE; /* pEid->Octet[0] & 0x20;*/
pEdcaParm->bTxopRequest = FALSE; /* pEid->Octet[0] & 0x40;*/
pEdcaParm->EdcaUpdateCount = pEid->Octet[6] & 0x0f;
pEdcaParm->bAPSDCapable = (pEid->Octet[6] & 0x80) ? 1 : 0;
/* use default EDCA parameter*/
pEdcaParm->bACM[QID_AC_BE] = 0;
pEdcaParm->Aifsn[QID_AC_BE] = 3;
pEdcaParm->Cwmin[QID_AC_BE] = CW_MIN_IN_BITS;
pEdcaParm->Cwmax[QID_AC_BE] = CW_MAX_IN_BITS;
pEdcaParm->Txop[QID_AC_BE] = 0;
pEdcaParm->bACM[QID_AC_BK] = 0;
pEdcaParm->Aifsn[QID_AC_BK] = 7;
pEdcaParm->Cwmin[QID_AC_BK] = CW_MIN_IN_BITS;
pEdcaParm->Cwmax[QID_AC_BK] = CW_MAX_IN_BITS;
pEdcaParm->Txop[QID_AC_BK] = 0;
pEdcaParm->bACM[QID_AC_VI] = 0;
pEdcaParm->Aifsn[QID_AC_VI] = 2;
pEdcaParm->Cwmin[QID_AC_VI] = CW_MIN_IN_BITS-1;
pEdcaParm->Cwmax[QID_AC_VI] = CW_MAX_IN_BITS;
pEdcaParm->Txop[QID_AC_VI] = 96; /* AC_VI: 96*32us ~= 3ms*/
pEdcaParm->bACM[QID_AC_VO] = 0;
pEdcaParm->Aifsn[QID_AC_VO] = 2;
pEdcaParm->Cwmin[QID_AC_VO] = CW_MIN_IN_BITS-2;
pEdcaParm->Cwmax[QID_AC_VO] = CW_MAX_IN_BITS-1;
pEdcaParm->Txop[QID_AC_VO] = 48; /* AC_VO: 48*32us ~= 1.5ms*/
}
else if (NdisEqualMemory(pEid->Octet, WPS_OUI, 4)
)
{
if (PeerWscIeLen >= 512)
DBGPRINT(RT_DEBUG_ERROR, ("%s: PeerWscIeLen = %d (>= 512)\n", __FUNCTION__, PeerWscIeLen));
if (pPeerWscIe && (PeerWscIeLen < 512))
{
NdisMoveMemory(pPeerWscIe+PeerWscIeLen, pEid->Octet+4, pEid->Len-4);
PeerWscIeLen += (pEid->Len - 4);
}
}
break;
case IE_EXT_SUPP_RATES:
if (pEid->Len <= MAX_LEN_OF_SUPPORTED_RATES)
{
NdisMoveMemory(ExtRate, pEid->Octet, pEid->Len);
*pExtRateLen = pEid->Len;
/*
TODO: 2004-09-14 not a good design here, cause it exclude extra rates
from ScanTab. We should report as is. And filter out unsupported
rates in MlmeAux
*/
/* Check against the supported rates*/
/* RTMPCheckRates(pAd, ExtRate, pExtRateLen);*/
}
break;
case IE_ERP:
if (pEid->Len == 1)
{
*pErp = (UCHAR)pEid->Octet[0];
}
break;
case IE_AIRONET_CKIP:
/*
0. Check Aironet IE length, it must be larger or equal to 28
Cisco AP350 used length as 28
Cisco AP12XX used length as 30
*/
if (pEid->Len < (CKIP_NEGOTIATION_LENGTH - 2))
break;
/* 1. Copy CKIP flag byte to buffer for process*/
*pCkipFlag = *(pEid->Octet + 8);
break;
case IE_AP_TX_POWER:
/* AP Control of Client Transmit Power*/
/*0. Check Aironet IE length, it must be 6*/
if (pEid->Len != 0x06)
break;
/* Get cell power limit in dBm*/
if (NdisEqualMemory(pEid->Octet, CISCO_OUI, 3) == 1)
*pAironetCellPowerLimit = *(pEid->Octet + 4);
break;
/* WPA2 & 802.11i RSN*/
case IE_RSN:
/* There is no OUI for version anymore, check the group cipher OUI before copying*/
if (RTMPEqualMemory(pEid->Octet + 2, RSN_OUI, 3))
{
/* Copy to pVIE which will report to microsoft bssid list.*/
Ptr = (PUCHAR) pVIE;
NdisMoveMemory(Ptr + *LengthVIE, &pEid->Eid, pEid->Len + 2);
*LengthVIE += (pEid->Len + 2);
}
break;
case IE_QBSS_LOAD:
if (pEid->Len == 5)
{
pQbssLoad->bValid = TRUE;
pQbssLoad->StaNum = pEid->Octet[0] + pEid->Octet[1] * 256;
pQbssLoad->ChannelUtilization = pEid->Octet[2];
pQbssLoad->RemainingAdmissionControl = pEid->Octet[3] + pEid->Octet[4] * 256;
/* Copy to pVIE*/
Ptr = (PUCHAR) pVIE;
NdisMoveMemory(Ptr + *LengthVIE, &pEid->Eid, pEid->Len + 2);
*LengthVIE += (pEid->Len + 2);
}
break;
case IE_EXT_CAPABILITY:
if (pEid->Len >= 1)
{
UCHAR MaxSize;
UCHAR MySize = sizeof(EXT_CAP_INFO_ELEMENT);
MaxSize = min(pEid->Len, MySize);
NdisMoveMemory(pExtCapInfo,&pEid->Octet[0], MaxSize);
}
break;
default:
break;
}
