2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/kernel.h>
13 #include <linux/skbuff.h>
14 #include <linux/netdevice.h>
15 #include <linux/etherdevice.h>
16 #include <net/iw_handler.h>
17 #include <net/mac80211.h>
18 #include <net/ieee80211_radiotap.h>
20 #include "ieee80211_i.h"
21 #include "ieee80211_led.h"
22 #include "ieee80211_common.h"
30 * these don't have dev/sdata fields in the rx data
33 static ieee80211_txrx_result
34 ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx)
36 u8 *data = rx->skb->data;
39 /* does the frame have a qos control field? */
40 if (WLAN_FC_IS_QOS_DATA(rx->fc)) {
41 u8 *qc = data + ieee80211_get_hdrlen(rx->fc) - QOS_CONTROL_LEN;
42 /* frame has qos control */
43 tid = qc[0] & QOS_CONTROL_TID_MASK;
45 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) {
46 /* Separate TID for management frames */
47 tid = NUM_RX_DATA_QUEUES - 1;
49 /* no qos control present */
50 tid = 0; /* 802.1d - Best Effort */
53 #ifdef CONFIG_MAC80211_DEBUG_COUNTERS
54 I802_DEBUG_INC(rx->local->wme_rx_queue[tid]);
56 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]);
58 #endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
61 /* Set skb->priority to 1d tag if highest order bit of TID is not set.
62 * For now, set skb->priority to 0 for other cases. */
63 rx->skb->priority = (tid > 7) ? 0 : tid;
68 static ieee80211_txrx_result
69 ieee80211_rx_h_load_stats(struct ieee80211_txrx_data *rx)
71 struct ieee80211_local *local = rx->local;
72 struct sk_buff *skb = rx->skb;
73 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
74 u32 load = 0, hdrtime;
75 struct ieee80211_rate *rate;
76 struct ieee80211_hw_mode *mode = local->hw.conf.mode;
79 /* Estimate total channel use caused by this frame */
81 if (unlikely(mode->num_rates < 0))
84 rate = &mode->rates[0];
85 for (i = 0; i < mode->num_rates; i++) {
86 if (mode->rates[i].val == rx->u.rx.status->rate) {
87 rate = &mode->rates[i];
92 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
93 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
95 if (mode->mode == MODE_IEEE80211A ||
96 mode->mode == MODE_ATHEROS_TURBO ||
97 mode->mode == MODE_ATHEROS_TURBOG ||
98 (mode->mode == MODE_IEEE80211G &&
99 rate->flags & IEEE80211_RATE_ERP))
100 hdrtime = CHAN_UTIL_HDR_SHORT;
102 hdrtime = CHAN_UTIL_HDR_LONG;
105 if (!is_multicast_ether_addr(hdr->addr1))
108 load += skb->len * rate->rate_inv;
110 /* Divide channel_use by 8 to avoid wrapping around the counter */
111 load >>= CHAN_UTIL_SHIFT;
112 local->channel_use_raw += load;
114 rx->sta->channel_use_raw += load;
115 rx->u.rx.load = load;
117 return TXRX_CONTINUE;
120 ieee80211_rx_handler ieee80211_rx_pre_handlers[] =
122 ieee80211_rx_h_parse_qos,
123 ieee80211_rx_h_load_stats,
129 static ieee80211_txrx_result
130 ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx)
132 rx->sdata->channel_use_raw += rx->u.rx.load;
133 return TXRX_CONTINUE;
137 ieee80211_rx_monitor(struct net_device *dev, struct sk_buff *skb,
138 struct ieee80211_rx_status *status)
140 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
141 struct ieee80211_sub_if_data *sdata;
142 struct ieee80211_rate *rate;
143 struct ieee80211_rtap_hdr {
144 struct ieee80211_radiotap_header hdr;
150 } __attribute__ ((packed)) *rthdr;
154 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
156 if (status->flag & RX_FLAG_RADIOTAP)
159 if (skb_headroom(skb) < sizeof(*rthdr)) {
160 I802_DEBUG_INC(local->rx_expand_skb_head);
161 if (pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) {
167 rthdr = (struct ieee80211_rtap_hdr *) skb_push(skb, sizeof(*rthdr));
168 memset(rthdr, 0, sizeof(*rthdr));
169 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
170 rthdr->hdr.it_present =
171 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
172 (1 << IEEE80211_RADIOTAP_RATE) |
173 (1 << IEEE80211_RADIOTAP_CHANNEL) |
174 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL));
175 rthdr->flags = local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS ?
176 IEEE80211_RADIOTAP_F_FCS : 0;
177 rate = ieee80211_get_rate(local, status->phymode, status->rate);
179 rthdr->rate = rate->rate / 5;
180 rthdr->chan_freq = cpu_to_le16(status->freq);
182 status->phymode == MODE_IEEE80211A ?
183 cpu_to_le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ) :
184 cpu_to_le16(IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ);
185 rthdr->antsignal = status->ssi;
188 sdata->stats.rx_packets++;
189 sdata->stats.rx_bytes += skb->len;
191 skb_set_mac_header(skb, 0);
192 skb->ip_summed = CHECKSUM_UNNECESSARY;
193 skb->pkt_type = PACKET_OTHERHOST;
194 skb->protocol = htons(ETH_P_802_2);
195 memset(skb->cb, 0, sizeof(skb->cb));
199 static ieee80211_txrx_result
200 ieee80211_rx_h_monitor(struct ieee80211_txrx_data *rx)
202 if (rx->sdata->type == IEEE80211_IF_TYPE_MNTR) {
203 ieee80211_rx_monitor(rx->dev, rx->skb, rx->u.rx.status);
207 if (rx->u.rx.status->flag & RX_FLAG_RADIOTAP)
208 skb_pull(rx->skb, ieee80211_get_radiotap_len(rx->skb->data));
210 return TXRX_CONTINUE;
213 static ieee80211_txrx_result
214 ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx)
216 struct ieee80211_local *local = rx->local;
217 struct sk_buff *skb = rx->skb;
219 if (unlikely(local->sta_scanning != 0)) {
220 ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status);
224 if (unlikely(rx->u.rx.in_scan)) {
225 /* scanning finished during invoking of handlers */
226 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
230 return TXRX_CONTINUE;
233 static ieee80211_txrx_result
234 ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
236 struct ieee80211_hdr *hdr;
238 hdr = (struct ieee80211_hdr *) rx->skb->data;
240 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
241 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
242 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
243 rx->sta->last_seq_ctrl[rx->u.rx.queue] ==
245 if (rx->u.rx.ra_match) {
246 rx->local->dot11FrameDuplicateCount++;
247 rx->sta->num_duplicates++;
251 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl;
254 if ((rx->local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) &&
255 rx->skb->len > FCS_LEN)
256 skb_trim(rx->skb, rx->skb->len - FCS_LEN);
258 if (unlikely(rx->skb->len < 16)) {
259 I802_DEBUG_INC(rx->local->rx_handlers_drop_short);
263 if (!rx->u.rx.ra_match)
264 rx->skb->pkt_type = PACKET_OTHERHOST;
265 else if (compare_ether_addr(rx->dev->dev_addr, hdr->addr1) == 0)
266 rx->skb->pkt_type = PACKET_HOST;
267 else if (is_multicast_ether_addr(hdr->addr1)) {
268 if (is_broadcast_ether_addr(hdr->addr1))
269 rx->skb->pkt_type = PACKET_BROADCAST;
271 rx->skb->pkt_type = PACKET_MULTICAST;
273 rx->skb->pkt_type = PACKET_OTHERHOST;
275 /* Drop disallowed frame classes based on STA auth/assoc state;
276 * IEEE 802.11, Chap 5.5.
278 * 80211.o does filtering only based on association state, i.e., it
279 * drops Class 3 frames from not associated stations. hostapd sends
280 * deauth/disassoc frames when needed. In addition, hostapd is
281 * responsible for filtering on both auth and assoc states.
283 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
284 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
285 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
286 rx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
287 (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) {
288 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
289 !(rx->fc & IEEE80211_FCTL_TODS) &&
290 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
291 || !rx->u.rx.ra_match) {
292 /* Drop IBSS frames and frames for other hosts
297 if (!rx->local->apdev)
300 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
301 ieee80211_msg_sta_not_assoc);
305 if (rx->sdata->type == IEEE80211_IF_TYPE_STA)
310 if (rx->sta && rx->sta->key && always_sta_key) {
311 rx->key = rx->sta->key;
313 if (rx->sta && rx->sta->key)
314 rx->key = rx->sta->key;
316 rx->key = rx->sdata->default_key;
318 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
319 rx->fc & IEEE80211_FCTL_PROTECTED) {
320 int keyidx = ieee80211_wep_get_keyidx(rx->skb);
322 if (keyidx >= 0 && keyidx < NUM_DEFAULT_KEYS &&
323 (!rx->sta || !rx->sta->key || keyidx > 0))
324 rx->key = rx->sdata->keys[keyidx];
327 if (!rx->u.rx.ra_match)
329 printk(KERN_DEBUG "%s: RX WEP frame with "
330 "unknown keyidx %d (A1=" MAC_FMT " A2="
331 MAC_FMT " A3=" MAC_FMT ")\n",
332 rx->dev->name, keyidx,
335 MAC_ARG(hdr->addr3));
336 if (!rx->local->apdev)
339 rx->local, rx->skb, rx->u.rx.status,
340 ieee80211_msg_wep_frame_unknown_key);
346 if (rx->fc & IEEE80211_FCTL_PROTECTED && rx->key && rx->u.rx.ra_match) {
347 rx->key->tx_rx_count++;
348 if (unlikely(rx->local->key_tx_rx_threshold &&
349 rx->key->tx_rx_count >
350 rx->local->key_tx_rx_threshold)) {
351 ieee80211_key_threshold_notify(rx->dev, rx->key,
356 return TXRX_CONTINUE;
359 static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
361 struct ieee80211_sub_if_data *sdata;
362 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
365 atomic_inc(&sdata->bss->num_sta_ps);
366 sta->flags |= WLAN_STA_PS;
368 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
369 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d enters power "
370 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
371 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
374 static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
376 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
379 struct ieee80211_sub_if_data *sdata;
380 struct ieee80211_tx_packet_data *pkt_data;
382 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
384 atomic_dec(&sdata->bss->num_sta_ps);
385 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM);
387 if (!skb_queue_empty(&sta->ps_tx_buf)) {
388 if (local->ops->set_tim)
389 local->ops->set_tim(local_to_hw(local), sta->aid, 0);
391 bss_tim_clear(local, sdata->bss, sta->aid);
393 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
394 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d exits power "
395 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
396 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
397 /* Send all buffered frames to the station */
398 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
399 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
401 pkt_data->requeue = 1;
404 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
405 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
406 local->total_ps_buffered--;
408 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
409 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d send PS frame "
410 "since STA not sleeping anymore\n", dev->name,
411 MAC_ARG(sta->addr), sta->aid);
412 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
413 pkt_data->requeue = 1;
420 static ieee80211_txrx_result
421 ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
423 struct sta_info *sta = rx->sta;
424 struct net_device *dev = rx->dev;
425 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
428 return TXRX_CONTINUE;
430 /* Update last_rx only for IBSS packets which are for the current
431 * BSSID to avoid keeping the current IBSS network alive in cases where
432 * other STAs are using different BSSID. */
433 if (rx->sdata->type == IEEE80211_IF_TYPE_IBSS) {
434 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len);
435 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0)
436 sta->last_rx = jiffies;
438 if (!is_multicast_ether_addr(hdr->addr1) ||
439 rx->sdata->type == IEEE80211_IF_TYPE_STA) {
440 /* Update last_rx only for unicast frames in order to prevent
441 * the Probe Request frames (the only broadcast frames from a
442 * STA in infrastructure mode) from keeping a connection alive.
444 sta->last_rx = jiffies;
447 if (!rx->u.rx.ra_match)
448 return TXRX_CONTINUE;
451 sta->rx_bytes += rx->skb->len;
452 sta->last_rssi = (sta->last_rssi * 15 +
453 rx->u.rx.status->ssi) / 16;
454 sta->last_signal = (sta->last_signal * 15 +
455 rx->u.rx.status->signal) / 16;
456 sta->last_noise = (sta->last_noise * 15 +
457 rx->u.rx.status->noise) / 16;
459 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
460 /* Change STA power saving mode only in the end of a frame
461 * exchange sequence */
462 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
463 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta);
464 else if (!(sta->flags & WLAN_STA_PS) &&
465 (rx->fc & IEEE80211_FCTL_PM))
466 ap_sta_ps_start(dev, sta);
469 /* Drop data::nullfunc frames silently, since they are used only to
470 * control station power saving mode. */
471 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
472 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_NULLFUNC) {
473 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc);
474 /* Update counter and free packet here to avoid counting this
475 * as a dropped packed. */
477 dev_kfree_skb(rx->skb);
481 return TXRX_CONTINUE;
482 } /* ieee80211_rx_h_sta_process */
484 static ieee80211_txrx_result
485 ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
487 if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
488 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
489 !rx->key || rx->key->alg != ALG_WEP || !rx->u.rx.ra_match)
490 return TXRX_CONTINUE;
492 /* Check for weak IVs, if hwaccel did not remove IV from the frame */
493 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) ||
494 rx->key->force_sw_encrypt) {
495 u8 *iv = ieee80211_wep_is_weak_iv(rx->skb, rx->key);
497 rx->sta->wep_weak_iv_count++;
501 return TXRX_CONTINUE;
504 static ieee80211_txrx_result
505 ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
507 /* If the device handles decryption totally, skip this test */
508 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
509 return TXRX_CONTINUE;
511 if ((rx->key && rx->key->alg != ALG_WEP) ||
512 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
513 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
514 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
515 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
516 return TXRX_CONTINUE;
519 printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
524 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
525 rx->key->force_sw_encrypt) {
526 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
527 printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
528 "failed\n", rx->dev->name);
531 } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
532 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
534 skb_trim(rx->skb, rx->skb->len - 4);
537 return TXRX_CONTINUE;
540 static inline struct ieee80211_fragment_entry *
541 ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
542 unsigned int frag, unsigned int seq, int rx_queue,
543 struct sk_buff **skb)
545 struct ieee80211_fragment_entry *entry;
548 idx = sdata->fragment_next;
549 entry = &sdata->fragments[sdata->fragment_next++];
550 if (sdata->fragment_next >= IEEE80211_FRAGMENT_MAX)
551 sdata->fragment_next = 0;
553 if (!skb_queue_empty(&entry->skb_list)) {
554 #ifdef CONFIG_MAC80211_DEBUG
555 struct ieee80211_hdr *hdr =
556 (struct ieee80211_hdr *) entry->skb_list.next->data;
557 printk(KERN_DEBUG "%s: RX reassembly removed oldest "
558 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d "
559 "addr1=" MAC_FMT " addr2=" MAC_FMT "\n",
560 sdata->dev->name, idx,
561 jiffies - entry->first_frag_time, entry->seq,
562 entry->last_frag, MAC_ARG(hdr->addr1),
563 MAC_ARG(hdr->addr2));
564 #endif /* CONFIG_MAC80211_DEBUG */
565 __skb_queue_purge(&entry->skb_list);
568 __skb_queue_tail(&entry->skb_list, *skb); /* no need for locking */
570 entry->first_frag_time = jiffies;
572 entry->rx_queue = rx_queue;
573 entry->last_frag = frag;
575 entry->extra_len = 0;
580 static inline struct ieee80211_fragment_entry *
581 ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
582 u16 fc, unsigned int frag, unsigned int seq,
583 int rx_queue, struct ieee80211_hdr *hdr)
585 struct ieee80211_fragment_entry *entry;
588 idx = sdata->fragment_next;
589 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
590 struct ieee80211_hdr *f_hdr;
595 idx = IEEE80211_FRAGMENT_MAX - 1;
597 entry = &sdata->fragments[idx];
598 if (skb_queue_empty(&entry->skb_list) || entry->seq != seq ||
599 entry->rx_queue != rx_queue ||
600 entry->last_frag + 1 != frag)
603 f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data;
604 f_fc = le16_to_cpu(f_hdr->frame_control);
606 if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) ||
607 compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 ||
608 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0)
611 if (entry->first_frag_time + 2 * HZ < jiffies) {
612 __skb_queue_purge(&entry->skb_list);
621 static ieee80211_txrx_result
622 ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
624 struct ieee80211_hdr *hdr;
626 unsigned int frag, seq;
627 struct ieee80211_fragment_entry *entry;
630 hdr = (struct ieee80211_hdr *) rx->skb->data;
631 sc = le16_to_cpu(hdr->seq_ctrl);
632 frag = sc & IEEE80211_SCTL_FRAG;
634 if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) ||
635 (rx->skb)->len < 24 ||
636 is_multicast_ether_addr(hdr->addr1))) {
640 I802_DEBUG_INC(rx->local->rx_handlers_fragments);
642 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
645 /* This is the first fragment of a new frame. */
646 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
647 rx->u.rx.queue, &(rx->skb));
648 if (rx->key && rx->key->alg == ALG_CCMP &&
649 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
650 /* Store CCMP PN so that we can verify that the next
651 * fragment has a sequential PN value. */
653 memcpy(entry->last_pn,
654 rx->key->u.ccmp.rx_pn[rx->u.rx.queue],
660 /* This is a fragment for a frame that should already be pending in
661 * fragment cache. Add this fragment to the end of the pending entry.
663 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
664 rx->u.rx.queue, hdr);
666 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
670 /* Verify that MPDUs within one MSDU have sequential PN values.
671 * (IEEE 802.11i, 8.3.3.4.5) */
674 u8 pn[CCMP_PN_LEN], *rpn;
675 if (!rx->key || rx->key->alg != ALG_CCMP)
677 memcpy(pn, entry->last_pn, CCMP_PN_LEN);
678 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
683 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
684 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
685 printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential"
686 " A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x "
687 "(expected %02x%02x%02x%02x%02x%02x)\n",
688 rx->dev->name, MAC_ARG(hdr->addr2),
689 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5],
690 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]);
693 memcpy(entry->last_pn, pn, CCMP_PN_LEN);
696 skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc));
697 __skb_queue_tail(&entry->skb_list, rx->skb);
698 entry->last_frag = frag;
699 entry->extra_len += rx->skb->len;
700 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) {
705 rx->skb = __skb_dequeue(&entry->skb_list);
706 if (skb_tailroom(rx->skb) < entry->extra_len) {
707 I802_DEBUG_INC(rx->local->rx_expand_skb_head2);
708 if (unlikely(pskb_expand_head(rx->skb, 0, entry->extra_len,
710 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
711 __skb_queue_purge(&entry->skb_list);
715 while ((skb = __skb_dequeue(&entry->skb_list))) {
716 memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len);
720 /* Complete frame has been reassembled - process it now */
725 rx->sta->rx_packets++;
726 if (is_multicast_ether_addr(hdr->addr1))
727 rx->local->dot11MulticastReceivedFrameCount++;
729 ieee80211_led_rx(rx->local);
730 return TXRX_CONTINUE;
733 static ieee80211_txrx_result
734 ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
739 if (likely(!rx->sta ||
740 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
741 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
743 return TXRX_CONTINUE;
745 skb = skb_dequeue(&rx->sta->tx_filtered);
747 skb = skb_dequeue(&rx->sta->ps_tx_buf);
749 rx->local->total_ps_buffered--;
751 no_pending_pkts = skb_queue_empty(&rx->sta->tx_filtered) &&
752 skb_queue_empty(&rx->sta->ps_tx_buf);
755 struct ieee80211_hdr *hdr =
756 (struct ieee80211_hdr *) skb->data;
758 /* tell TX path to send one frame even though the STA may
759 * still remain is PS mode after this frame exchange */
762 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
763 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS Poll (entries "
765 MAC_ARG(rx->sta->addr), rx->sta->aid,
766 skb_queue_len(&rx->sta->ps_tx_buf));
767 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
769 /* Use MoreData flag to indicate whether there are more
770 * buffered frames for this STA */
771 if (no_pending_pkts) {
772 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA);
773 rx->sta->flags &= ~WLAN_STA_TIM;
775 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
779 if (no_pending_pkts) {
780 if (rx->local->ops->set_tim)
781 rx->local->ops->set_tim(local_to_hw(rx->local),
784 bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid);
786 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
787 } else if (!rx->u.rx.sent_ps_buffered) {
788 printk(KERN_DEBUG "%s: STA " MAC_FMT " sent PS Poll even "
789 "though there is no buffered frames for it\n",
790 rx->dev->name, MAC_ARG(rx->sta->addr));
791 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
795 /* Free PS Poll skb here instead of returning TXRX_DROP that would
796 * count as an dropped frame. */
797 dev_kfree_skb(rx->skb);
802 static ieee80211_txrx_result
803 ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx)
806 u8 *data = rx->skb->data;
807 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) data;
809 if (!WLAN_FC_IS_QOS_DATA(fc))
810 return TXRX_CONTINUE;
812 /* remove the qos control field, update frame type and meta-data */
813 memmove(data + 2, data, ieee80211_get_hdrlen(fc) - 2);
814 hdr = (struct ieee80211_hdr *) skb_pull(rx->skb, 2);
815 /* change frame type to non QOS */
816 rx->fc = fc &= ~IEEE80211_STYPE_QOS_DATA;
817 hdr->frame_control = cpu_to_le16(fc);
819 return TXRX_CONTINUE;
822 static ieee80211_txrx_result
823 ieee80211_rx_h_802_1x_pae(struct ieee80211_txrx_data *rx)
825 if (rx->sdata->eapol && ieee80211_is_eapol(rx->skb) &&
826 rx->sdata->type != IEEE80211_IF_TYPE_STA && rx->u.rx.ra_match) {
827 /* Pass both encrypted and unencrypted EAPOL frames to user
828 * space for processing. */
829 if (!rx->local->apdev)
831 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
832 ieee80211_msg_normal);
836 if (unlikely(rx->sdata->ieee802_1x &&
837 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
838 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
839 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)) &&
840 !ieee80211_is_eapol(rx->skb))) {
841 #ifdef CONFIG_MAC80211_DEBUG
842 struct ieee80211_hdr *hdr =
843 (struct ieee80211_hdr *) rx->skb->data;
844 printk(KERN_DEBUG "%s: dropped frame from " MAC_FMT
845 " (unauthorized port)\n", rx->dev->name,
846 MAC_ARG(hdr->addr2));
847 #endif /* CONFIG_MAC80211_DEBUG */
851 return TXRX_CONTINUE;
854 static ieee80211_txrx_result
855 ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
857 /* If the device handles decryption totally, skip this test */
858 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
859 return TXRX_CONTINUE;
861 /* Drop unencrypted frames if key is set. */
862 if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
863 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
864 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
865 (rx->key || rx->sdata->drop_unencrypted) &&
866 (rx->sdata->eapol == 0 ||
867 !ieee80211_is_eapol(rx->skb)))) {
868 printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
869 "encryption\n", rx->dev->name);
872 return TXRX_CONTINUE;
875 static ieee80211_txrx_result
876 ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
878 struct net_device *dev = rx->dev;
879 struct ieee80211_local *local = rx->local;
880 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
881 u16 fc, hdrlen, ethertype;
885 struct sk_buff *skb = rx->skb, *skb2;
886 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
889 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
890 return TXRX_CONTINUE;
892 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
895 hdrlen = ieee80211_get_hdrlen(fc);
897 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
899 * IEEE 802.11 address fields:
900 * ToDS FromDS Addr1 Addr2 Addr3 Addr4
901 * 0 0 DA SA BSSID n/a
902 * 0 1 DA BSSID SA n/a
903 * 1 0 BSSID SA DA n/a
907 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
908 case IEEE80211_FCTL_TODS:
910 memcpy(dst, hdr->addr3, ETH_ALEN);
911 memcpy(src, hdr->addr2, ETH_ALEN);
913 if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
914 sdata->type != IEEE80211_IF_TYPE_VLAN)) {
915 printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID="
916 MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n",
917 dev->name, MAC_ARG(hdr->addr1),
918 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3));
922 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
924 memcpy(dst, hdr->addr3, ETH_ALEN);
925 memcpy(src, hdr->addr4, ETH_ALEN);
927 if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
928 printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA="
929 MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA="
931 rx->dev->name, MAC_ARG(hdr->addr1),
932 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3),
933 MAC_ARG(hdr->addr4));
937 case IEEE80211_FCTL_FROMDS:
939 memcpy(dst, hdr->addr1, ETH_ALEN);
940 memcpy(src, hdr->addr3, ETH_ALEN);
942 if (sdata->type != IEEE80211_IF_TYPE_STA) {
948 memcpy(dst, hdr->addr1, ETH_ALEN);
949 memcpy(src, hdr->addr2, ETH_ALEN);
951 if (sdata->type != IEEE80211_IF_TYPE_IBSS) {
952 if (net_ratelimit()) {
953 printk(KERN_DEBUG "%s: dropped IBSS frame (DA="
954 MAC_FMT " SA=" MAC_FMT " BSSID=" MAC_FMT
956 dev->name, MAC_ARG(hdr->addr1),
958 MAC_ARG(hdr->addr3));
965 payload = skb->data + hdrlen;
967 if (unlikely(skb->len - hdrlen < 8)) {
968 if (net_ratelimit()) {
969 printk(KERN_DEBUG "%s: RX too short data frame "
970 "payload\n", dev->name);
975 ethertype = (payload[6] << 8) | payload[7];
977 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
978 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
979 compare_ether_addr(payload, bridge_tunnel_header) == 0)) {
980 /* remove RFC1042 or Bridge-Tunnel encapsulation and
981 * replace EtherType */
982 skb_pull(skb, hdrlen + 6);
983 memcpy(skb_push(skb, ETH_ALEN), src, ETH_ALEN);
984 memcpy(skb_push(skb, ETH_ALEN), dst, ETH_ALEN);
988 skb_pull(skb, hdrlen);
989 len = htons(skb->len);
990 ehdr = (struct ethhdr *) skb_push(skb, sizeof(struct ethhdr));
991 memcpy(ehdr->h_dest, dst, ETH_ALEN);
992 memcpy(ehdr->h_source, src, ETH_ALEN);
999 sdata->stats.rx_packets++;
1000 sdata->stats.rx_bytes += skb->len;
1002 if (local->bridge_packets && (sdata->type == IEEE80211_IF_TYPE_AP
1003 || sdata->type == IEEE80211_IF_TYPE_VLAN) && rx->u.rx.ra_match) {
1004 if (is_multicast_ether_addr(skb->data)) {
1005 /* send multicast frames both to higher layers in
1006 * local net stack and back to the wireless media */
1007 skb2 = skb_copy(skb, GFP_ATOMIC);
1009 printk(KERN_DEBUG "%s: failed to clone "
1010 "multicast frame\n", dev->name);
1012 struct sta_info *dsta;
1013 dsta = sta_info_get(local, skb->data);
1014 if (dsta && !dsta->dev) {
1015 printk(KERN_DEBUG "Station with null dev "
1017 } else if (dsta && dsta->dev == dev) {
1018 /* Destination station is associated to this
1019 * AP, so send the frame directly to it and
1020 * do not pass the frame to local net stack.
1031 /* deliver to local stack */
1032 skb->protocol = eth_type_trans(skb, dev);
1033 memset(skb->cb, 0, sizeof(skb->cb));
1038 /* send to wireless media */
1039 skb2->protocol = __constant_htons(ETH_P_802_3);
1040 skb_set_network_header(skb2, 0);
1041 skb_set_mac_header(skb2, 0);
1042 dev_queue_xmit(skb2);
1048 static ieee80211_txrx_result
1049 ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx)
1051 struct ieee80211_sub_if_data *sdata;
1053 if (!rx->u.rx.ra_match)
1056 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1057 if ((sdata->type == IEEE80211_IF_TYPE_STA ||
1058 sdata->type == IEEE80211_IF_TYPE_IBSS) &&
1059 !rx->local->user_space_mlme) {
1060 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status);
1062 /* Management frames are sent to hostapd for processing */
1063 if (!rx->local->apdev)
1065 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
1066 ieee80211_msg_normal);
1071 static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers(
1072 struct ieee80211_local *local,
1073 ieee80211_rx_handler *handlers,
1074 struct ieee80211_txrx_data *rx,
1075 struct sta_info *sta)
1077 ieee80211_rx_handler *handler;
1078 ieee80211_txrx_result res = TXRX_DROP;
1080 for (handler = handlers; *handler != NULL; handler++) {
1081 res = (*handler)(rx);
1087 I802_DEBUG_INC(local->rx_handlers_drop);
1092 I802_DEBUG_INC(local->rx_handlers_queued);
1098 if (res == TXRX_DROP)
1099 dev_kfree_skb(rx->skb);
1103 static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local,
1104 ieee80211_rx_handler *handlers,
1105 struct ieee80211_txrx_data *rx,
1106 struct sta_info *sta)
1108 if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) ==
1110 dev_kfree_skb(rx->skb);
1113 static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1114 struct ieee80211_hdr *hdr,
1115 struct sta_info *sta,
1116 struct ieee80211_txrx_data *rx)
1120 hdrlen = ieee80211_get_hdrlen_from_skb(rx->skb);
1121 if (rx->skb->len >= hdrlen + 4)
1122 keyidx = rx->skb->data[hdrlen + 3] >> 6;
1126 /* TODO: verify that this is not triggered by fragmented
1127 * frames (hw does not verify MIC for them). */
1128 printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
1129 "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
1130 dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx);
1133 /* Some hardware versions seem to generate incorrect
1134 * Michael MIC reports; ignore them to avoid triggering
1135 * countermeasures. */
1136 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
1137 "error for unknown address " MAC_FMT "\n",
1138 dev->name, MAC_ARG(hdr->addr2));
1142 if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
1143 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
1144 "error for a frame with no ISWEP flag (src "
1145 MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
1149 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
1150 rx->sdata->type == IEEE80211_IF_TYPE_AP) {
1151 keyidx = ieee80211_wep_get_keyidx(rx->skb);
1152 /* AP with Pairwise keys support should never receive Michael
1153 * MIC errors for non-zero keyidx because these are reserved
1154 * for group keys and only the AP is sending real multicast
1157 printk(KERN_DEBUG "%s: ignored Michael MIC error for "
1158 "a frame with non-zero keyidx (%d) (src " MAC_FMT
1159 ")\n", dev->name, keyidx, MAC_ARG(hdr->addr2));
1164 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
1165 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
1166 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
1167 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
1168 "error for a frame that cannot be encrypted "
1169 "(fc=0x%04x) (src " MAC_FMT ")\n",
1170 dev->name, rx->fc, MAC_ARG(hdr->addr2));
1175 union iwreq_data wrqu;
1176 char *buf = kmalloc(128, GFP_ATOMIC);
1180 /* TODO: needed parameters: count, key type, TSC */
1181 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
1182 "keyid=%d %scast addr=" MAC_FMT ")",
1183 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
1184 MAC_ARG(hdr->addr2));
1185 memset(&wrqu, 0, sizeof(wrqu));
1186 wrqu.data.length = strlen(buf);
1187 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
1191 /* TODO: consider verifying the MIC error report with software
1192 * implementation if we get too many spurious reports from the
1194 if (!rx->local->apdev)
1196 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
1197 ieee80211_msg_michael_mic_failure);
1201 dev_kfree_skb(rx->skb);
1205 ieee80211_rx_handler ieee80211_rx_handlers[] =
1207 ieee80211_rx_h_if_stats,
1208 ieee80211_rx_h_monitor,
1209 ieee80211_rx_h_passive_scan,
1210 ieee80211_rx_h_check,
1211 ieee80211_rx_h_sta_process,
1212 ieee80211_rx_h_ccmp_decrypt,
1213 ieee80211_rx_h_tkip_decrypt,
1214 ieee80211_rx_h_wep_weak_iv_detection,
1215 ieee80211_rx_h_wep_decrypt,
1216 ieee80211_rx_h_defragment,
1217 ieee80211_rx_h_ps_poll,
1218 ieee80211_rx_h_michael_mic_verify,
1219 /* this must be after decryption - so header is counted in MPDU mic
1220 * must be before pae and data, so QOS_DATA format frames
1221 * are not passed to user space by these functions
1223 ieee80211_rx_h_remove_qos_control,
1224 ieee80211_rx_h_802_1x_pae,
1225 ieee80211_rx_h_drop_unencrypted,
1226 ieee80211_rx_h_data,
1227 ieee80211_rx_h_mgmt,
1231 /* main receive path */
1234 * This is the receive path handler. It is called by a low level driver when an
1235 * 802.11 MPDU is received from the hardware.
1237 void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
1238 struct ieee80211_rx_status *status)
1240 struct ieee80211_local *local = hw_to_local(hw);
1241 struct ieee80211_sub_if_data *sdata;
1242 struct sta_info *sta;
1243 struct ieee80211_hdr *hdr;
1244 struct ieee80211_txrx_data rx;
1247 int radiotap_len = 0;
1248 struct ieee80211_sub_if_data *prev = NULL;
1249 struct sk_buff *skb_new;
1252 if (status->flag & RX_FLAG_RADIOTAP) {
1253 radiotap_len = ieee80211_get_radiotap_len(skb->data);
1254 skb_pull(skb, radiotap_len);
1257 hdr = (struct ieee80211_hdr *) skb->data;
1258 memset(&rx, 0, sizeof(rx));
1262 rx.u.rx.status = status;
1263 rx.fc = skb->len >= 2 ? le16_to_cpu(hdr->frame_control) : 0;
1264 type = rx.fc & IEEE80211_FCTL_FTYPE;
1265 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
1266 local->dot11ReceivedFragmentCount++;
1267 multicast = is_multicast_ether_addr(hdr->addr1);
1270 sta = rx.sta = sta_info_get(local, hdr->addr2);
1272 sta = rx.sta = NULL;
1276 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev);
1279 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
1280 ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx);
1284 if (unlikely(local->sta_scanning))
1285 rx.u.rx.in_scan = 1;
1287 if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx,
1288 sta) != TXRX_CONTINUE)
1292 skb_push(skb, radiotap_len);
1293 if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) &&
1294 !local->iff_promiscs && !multicast) {
1295 rx.u.rx.ra_match = 1;
1296 ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
1302 bssid = ieee80211_get_bssid(hdr, skb->len - radiotap_len);
1304 read_lock(&local->sub_if_lock);
1305 list_for_each_entry(sdata, &local->sub_if_list, list) {
1306 rx.u.rx.ra_match = 1;
1307 switch (sdata->type) {
1308 case IEEE80211_IF_TYPE_STA:
1311 if (!ieee80211_bssid_match(bssid,
1312 sdata->u.sta.bssid)) {
1313 if (!rx.u.rx.in_scan)
1315 rx.u.rx.ra_match = 0;
1316 } else if (!multicast &&
1317 compare_ether_addr(sdata->dev->dev_addr,
1319 if (!sdata->promisc)
1321 rx.u.rx.ra_match = 0;
1324 case IEEE80211_IF_TYPE_IBSS:
1327 if (!ieee80211_bssid_match(bssid,
1328 sdata->u.sta.bssid)) {
1329 if (!rx.u.rx.in_scan)
1331 rx.u.rx.ra_match = 0;
1332 } else if (!multicast &&
1333 compare_ether_addr(sdata->dev->dev_addr,
1335 if (!sdata->promisc)
1337 rx.u.rx.ra_match = 0;
1340 ieee80211_ibss_add_sta(sdata->dev,
1344 case IEEE80211_IF_TYPE_AP:
1346 if (compare_ether_addr(sdata->dev->dev_addr,
1349 } else if (!ieee80211_bssid_match(bssid,
1350 sdata->dev->dev_addr)) {
1351 if (!rx.u.rx.in_scan)
1353 rx.u.rx.ra_match = 0;
1355 if (sdata->dev == local->mdev && !rx.u.rx.in_scan)
1356 /* do not receive anything via
1357 * master device when not scanning */
1360 case IEEE80211_IF_TYPE_WDS:
1362 (rx.fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
1364 if (compare_ether_addr(sdata->u.wds.remote_addr,
1371 skb_new = skb_copy(skb, GFP_ATOMIC);
1373 if (net_ratelimit())
1374 printk(KERN_DEBUG "%s: failed to copy "
1375 "multicast frame for %s",
1376 local->mdev->name, prev->dev->name);
1382 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
1391 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
1395 read_unlock(&local->sub_if_lock);
1401 EXPORT_SYMBOL(__ieee80211_rx);
1403 /* This is a version of the rx handler that can be called from hard irq
1404 * context. Post the skb on the queue and schedule the tasklet */
1405 void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb,
1406 struct ieee80211_rx_status *status)
1408 struct ieee80211_local *local = hw_to_local(hw);
1410 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
1412 skb->dev = local->mdev;
1413 /* copy status into skb->cb for use by tasklet */
1414 memcpy(skb->cb, status, sizeof(*status));
1415 skb->pkt_type = IEEE80211_RX_MSG;
1416 skb_queue_tail(&local->skb_queue, skb);
1417 tasklet_schedule(&local->tasklet);
1419 EXPORT_SYMBOL(ieee80211_rx_irqsafe);
projects / linux-2.6 / blob