2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 * Purpose: handle dpc rx functions
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
59 /*--------------------- Static Definitions -------------------------*/
61 /*--------------------- Static Classes ----------------------------*/
63 /*--------------------- Static Variables --------------------------*/
64 static const unsigned char acbyRxRate[MAX_RATE] =
65 {2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
67 /*--------------------- Static Functions --------------------------*/
69 /*--------------------- Static Definitions -------------------------*/
71 /*--------------------- Static Functions --------------------------*/
73 static unsigned char s_byGetRateIdx(unsigned char byRate);
76 s_vGetDASA(unsigned char *pbyRxBufferAddr, unsigned int *pcbHeaderSize,
77 PSEthernetHeader psEthHeader);
80 s_vProcessRxMACHeader(struct vnt_private *pDevice, unsigned char *pbyRxBufferAddr,
81 unsigned int cbPacketSize, bool bIsWEP, bool bExtIV,
82 unsigned int *pcbHeadSize);
84 static bool s_bAPModeRxCtl(
85 struct vnt_private *pDevice,
86 unsigned char *pbyFrame,
90 static bool s_bAPModeRxData(
91 struct vnt_private *pDevice,
93 unsigned int FrameSize,
94 unsigned int cbHeaderOffset,
99 static bool s_bHandleRxEncryption(
100 struct vnt_private *pDevice,
101 unsigned char *pbyFrame,
102 unsigned int FrameSize,
103 unsigned char *pbyRsr,
104 unsigned char *pbyNewRsr,
107 unsigned short *pwRxTSC15_0,
108 unsigned long *pdwRxTSC47_16
111 static bool s_bHostWepRxEncryption(
113 struct vnt_private *pDevice,
114 unsigned char *pbyFrame,
115 unsigned int FrameSize,
116 unsigned char *pbyRsr,
119 unsigned char *pbyNewRsr,
121 unsigned short *pwRxTSC15_0,
122 unsigned long *pdwRxTSC47_16
126 /*--------------------- Export Variables --------------------------*/
131 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
136 * dwRxBufferAddr - Address of Rcv Buffer
137 * cbPacketSize - Rcv Packet size
138 * bIsWEP - If Rcv with WEP
140 * pcbHeaderSize - 802.11 header size
146 s_vProcessRxMACHeader(struct vnt_private *pDevice,
147 unsigned char *pbyRxBufferAddr,
148 unsigned int cbPacketSize, bool bIsWEP, bool bExtIV,
149 unsigned int *pcbHeadSize)
151 unsigned char *pbyRxBuffer;
152 unsigned int cbHeaderSize = 0;
153 unsigned short *pwType;
154 PS802_11Header pMACHeader;
157 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
159 s_vGetDASA((unsigned char *)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
163 // strip IV&ExtIV , add 8 byte
164 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
166 // strip IV , add 4 byte
167 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
170 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
173 pbyRxBuffer = (unsigned char *)(pbyRxBufferAddr + cbHeaderSize);
174 if (ether_addr_equal(pbyRxBuffer, pDevice->abySNAP_Bridgetunnel)) {
176 } else if (ether_addr_equal(pbyRxBuffer, pDevice->abySNAP_RFC1042)) {
178 pwType = (unsigned short *)(pbyRxBufferAddr + cbHeaderSize);
179 if ((*pwType != TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
182 pwType = (unsigned short *)(pbyRxBufferAddr + cbHeaderSize);
185 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
187 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
190 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
195 pwType = (unsigned short *)(pbyRxBufferAddr + cbHeaderSize);
198 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
200 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
203 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
207 cbHeaderSize -= (ETH_ALEN * 2);
208 pbyRxBuffer = (unsigned char *)(pbyRxBufferAddr + cbHeaderSize);
209 for (ii = 0; ii < ETH_ALEN; ii++)
210 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
211 for (ii = 0; ii < ETH_ALEN; ii++)
212 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
214 *pcbHeadSize = cbHeaderSize;
217 static unsigned char s_byGetRateIdx(unsigned char byRate)
219 unsigned char byRateIdx;
221 for (byRateIdx = 0; byRateIdx < MAX_RATE; byRateIdx++) {
222 if (acbyRxRate[byRateIdx % MAX_RATE] == byRate)
230 s_vGetDASA(unsigned char *pbyRxBufferAddr, unsigned int *pcbHeaderSize,
231 PSEthernetHeader psEthHeader)
233 unsigned int cbHeaderSize = 0;
234 PS802_11Header pMACHeader;
237 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
239 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
240 if (pMACHeader->wFrameCtl & FC_FROMDS) {
241 for (ii = 0; ii < ETH_ALEN; ii++) {
242 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
243 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
247 for (ii = 0; ii < ETH_ALEN; ii++) {
248 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
249 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
254 if (pMACHeader->wFrameCtl & FC_FROMDS) {
255 for (ii = 0; ii < ETH_ALEN; ii++) {
256 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
257 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
261 for (ii = 0; ii < ETH_ALEN; ii++) {
262 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
263 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
267 *pcbHeaderSize = cbHeaderSize;
271 device_receive_frame(
272 struct vnt_private *pDevice,
276 PDEVICE_RD_INFO pRDInfo = pCurrRD->pRDInfo;
277 struct net_device_stats *pStats = &pDevice->stats;
279 PSMgmtObject pMgmt = pDevice->pMgmt;
280 PSRxMgmtPacket pRxPacket = &(pDevice->pMgmt->sRxPacket);
281 PS802_11Header p802_11Header;
282 unsigned char *pbyRsr;
283 unsigned char *pbyNewRsr;
284 unsigned char *pbyRSSI;
286 unsigned short *pwFrameSize;
287 unsigned char *pbyFrame;
288 bool bDeFragRx = false;
290 unsigned int cbHeaderOffset;
291 unsigned int FrameSize;
292 unsigned short wEtherType = 0;
293 int iSANodeIndex = -1;
294 int iDANodeIndex = -1;
296 unsigned int cbIVOffset;
298 unsigned char *pbyRxSts;
299 unsigned char *pbyRxRate;
300 unsigned char *pbySQ;
301 unsigned int cbHeaderSize;
302 PSKeyItem pKey = NULL;
303 unsigned short wRxTSC15_0 = 0;
304 unsigned long dwRxTSC47_16 = 0;
307 unsigned long dwDuration = 0;
309 long ldBmThreshold = 0;
310 PS802_11Header pMACHeader;
311 bool bRxeapol_key = false;
316 pci_unmap_single(pDevice->pcid, pRDInfo->skb_dma,
317 pDevice->rx_buf_sz, PCI_DMA_FROMDEVICE);
319 pwFrameSize = (unsigned short *)(skb->data + 2);
320 FrameSize = cpu_to_le16(pCurrRD->m_rd1RD1.wReqCount) - cpu_to_le16(pCurrRD->m_rd0RD0.wResCount);
322 // Max: 2312Payload + 30HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
323 // Min (ACK): 10HD +4CRC + 2Padding + 4Len + 8TSF + 4RSR
324 if ((FrameSize > 2364) || (FrameSize <= 32)) {
325 // Frame Size error drop this packet.
326 pr_debug("---------- WRONG Length 1\n");
330 pbyRxSts = (unsigned char *)(skb->data);
331 pbyRxRate = (unsigned char *)(skb->data + 1);
332 pbyRsr = (unsigned char *)(skb->data + FrameSize - 1);
333 pbyRSSI = (unsigned char *)(skb->data + FrameSize - 2);
334 pbyNewRsr = (unsigned char *)(skb->data + FrameSize - 3);
335 pbySQ = (unsigned char *)(skb->data + FrameSize - 4);
336 pqwTSFTime = (__le64 *)(skb->data + FrameSize - 12);
337 pbyFrame = (unsigned char *)(skb->data + 4);
340 FrameSize = cpu_to_le16(*pwFrameSize);
342 if ((FrameSize > 2346)|(FrameSize < 14)) { // Max: 2312Payload + 30HD +4CRC
344 pr_debug("---------- WRONG Length 2\n");
348 // update receive statistic counter
349 STAvUpdateRDStatCounter(&pDevice->scStatistic,
356 pMACHeader = (PS802_11Header)((unsigned char *)(skb->data) + 8);
358 if (pDevice->bMeasureInProgress) {
359 if ((*pbyRsr & RSR_CRCOK) != 0)
360 pDevice->byBasicMap |= 0x01;
362 dwDuration = (FrameSize << 4);
363 dwDuration /= acbyRxRate[*pbyRxRate%MAX_RATE];
364 if (*pbyRxRate <= RATE_11M) {
365 if (*pbyRxSts & 0x01) {
375 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
377 for (ii = 7; ii > 0;) {
378 if (ldBm > ldBmThreshold)
384 pDevice->dwRPIs[ii] += dwDuration;
388 if (!is_multicast_ether_addr(pbyFrame)) {
389 if (WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header)(skb->data + 4))) {
390 pDevice->s802_11Counter.FrameDuplicateCount++;
396 s_vGetDASA(skb->data+4, &cbHeaderSize, &pDevice->sRxEthHeader);
398 // filter packet send from myself
399 if (ether_addr_equal(pDevice->sRxEthHeader.abySrcAddr,
400 pDevice->abyCurrentNetAddr))
403 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
404 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
405 p802_11Header = (PS802_11Header)(pbyFrame);
407 if (BSSDBbIsSTAInNodeDB(pMgmt, (unsigned char *)(p802_11Header->abyAddr2), &iSANodeIndex)) {
408 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
409 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
414 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
415 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex))
419 if (IS_FC_WEP(pbyFrame)) {
420 bool bRxDecryOK = false;
422 pr_debug("rx WEP pkt\n");
424 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
426 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
427 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
428 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
429 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
430 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
432 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
436 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
440 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
447 bRxDecryOK = s_bHandleRxEncryption(pDevice,
459 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
460 pr_debug("ICV Fail\n");
461 if ((pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
462 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
463 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
464 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
465 (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
466 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP))
467 pDevice->s802_11Counter.TKIPICVErrors++;
468 else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
469 pDevice->s802_11Counter.CCMPDecryptErrors++;
474 pr_debug("WEP Func Fail\n");
477 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
478 FrameSize -= 8; // Message Integrity Code
480 FrameSize -= 4; // 4 is ICV
486 //remove the CRC length
487 FrameSize -= ETH_FCS_LEN;
489 if ((!(*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI))) && // unicast address
490 (IS_FRAGMENT_PKT((skb->data+4)))
493 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header)(skb->data+4), FrameSize, bIsWEP, bExtIV);
494 pDevice->s802_11Counter.ReceivedFragmentCount++;
497 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
498 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
505 // Management & Control frame Handle
506 if ((IS_TYPE_DATA((skb->data+4))) == false) {
507 // Handle Control & Manage Frame
509 if (IS_TYPE_MGMT((skb->data+4))) {
510 unsigned char *pbyData1;
511 unsigned char *pbyData2;
513 pRxPacket->p80211Header = (PUWLAN_80211HDR)(skb->data+4);
514 pRxPacket->cbMPDULen = FrameSize;
515 pRxPacket->uRSSI = *pbyRSSI;
516 pRxPacket->bySQ = *pbySQ;
517 pRxPacket->qwLocalTSF = le64_to_cpu(*pqwTSFTime);
520 pbyData1 = WLAN_HDR_A3_DATA_PTR(skb->data+4);
521 pbyData2 = WLAN_HDR_A3_DATA_PTR(skb->data+4) + 4;
522 for (ii = 0; ii < (FrameSize - 4); ii++) {
523 *pbyData1 = *pbyData2;
528 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
529 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
531 vMgrRxManagePacket((void *)pDevice, pDevice->pMgmt, pRxPacket);
533 // hostap Deamon handle 802.11 management
534 if (pDevice->bEnableHostapd) {
535 skb->dev = pDevice->apdev;
538 skb_put(skb, FrameSize);
539 skb_reset_mac_header(skb);
540 skb->pkt_type = PACKET_OTHERHOST;
541 skb->protocol = htons(ETH_P_802_2);
542 memset(skb->cb, 0, sizeof(skb->cb));
550 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
551 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
552 if (!(*pbyRsr & RSR_BSSIDOK)) {
554 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
555 pr_err("%s: can not alloc more frag bufs\n",
562 // discard DATA packet while not associate || BSSID error
563 if (!pDevice->bLinkPass || !(*pbyRsr & RSR_BSSIDOK)) {
565 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
566 pr_err("%s: can not alloc more frag bufs\n",
572 //mike add:station mode check eapol-key challenge--->
574 unsigned char Protocol_Version; //802.1x Authentication
575 unsigned char Packet_Type; //802.1x Authentication
581 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
582 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
583 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 + 1];
584 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 + 1 + 1];
585 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
586 if (((Protocol_Version == 1) || (Protocol_Version == 2)) &&
587 (Packet_Type == 3)) { //802.1x OR eapol-key challenge frame receive
592 //mike add:station mode check eapol-key challenge<---
598 if (pDevice->bEnablePSMode) {
599 if (!IS_FC_MOREDATA((skb->data+4))) {
600 if (pDevice->pMgmt->bInTIMWake == true)
601 pDevice->pMgmt->bInTIMWake = false;
605 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
606 if (pDevice->bDiversityEnable && (FrameSize > 50) &&
607 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
608 pDevice->bLinkPass) {
609 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
612 if (pDevice->byLocalID != REV_ID_VT3253_B1)
613 pDevice->uCurrRSSI = *pbyRSSI;
615 pDevice->byCurrSQ = *pbySQ;
617 if ((*pbyRSSI != 0) &&
618 (pMgmt->pCurrBSS != NULL)) {
619 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
620 // Monitor if RSSI is too strong.
621 pMgmt->pCurrBSS->byRSSIStatCnt++;
622 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
623 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
624 for (ii = 0; ii < RSSI_STAT_COUNT; ii++)
625 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0)
626 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
630 // -----------------------------------------------
632 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && pDevice->bEnable8021x) {
633 unsigned char abyMacHdr[24];
635 // Only 802.1x packet incoming allowed
640 wEtherType = (skb->data[cbIVOffset + 4 + 24 + 6] << 8) |
641 skb->data[cbIVOffset + 4 + 24 + 6 + 1];
643 pr_debug("wEtherType = %04x\n", wEtherType);
644 if (wEtherType == ETH_P_PAE) {
645 skb->dev = pDevice->apdev;
648 // strip IV header(8)
649 memcpy(&abyMacHdr[0], (skb->data + 4), 24);
650 memcpy((skb->data + 4 + cbIVOffset), &abyMacHdr[0], 24);
652 skb->data += (cbIVOffset + 4);
653 skb->tail += (cbIVOffset + 4);
654 skb_put(skb, FrameSize);
655 skb_reset_mac_header(skb);
657 skb->pkt_type = PACKET_OTHERHOST;
658 skb->protocol = htons(ETH_P_802_2);
659 memset(skb->cb, 0, sizeof(skb->cb));
664 // check if 802.1x authorized
665 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
669 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
671 FrameSize -= 8; //MIC
674 //--------------------------------------------------------------------------------
676 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
680 __le32 dwMIC_Priority;
681 __le32 dwMICKey0 = 0, dwMICKey1 = 0;
682 u32 dwLocalMIC_L = 0;
683 u32 dwLocalMIC_R = 0;
684 viawget_wpa_header *wpahdr;
686 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
687 dwMICKey0 = cpu_to_le32(*(u32 *)(&pKey->abyKey[24]));
688 dwMICKey1 = cpu_to_le32(*(u32 *)(&pKey->abyKey[28]));
690 if (pDevice->pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
691 dwMICKey0 = cpu_to_le32(*(u32 *)(&pKey->abyKey[16]));
692 dwMICKey1 = cpu_to_le32(*(u32 *)(&pKey->abyKey[20]));
693 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
694 dwMICKey0 = cpu_to_le32(*(u32 *)(&pKey->abyKey[16]));
695 dwMICKey1 = cpu_to_le32(*(u32 *)(&pKey->abyKey[20]));
697 dwMICKey0 = cpu_to_le32(*(u32 *)(&pKey->abyKey[24]));
698 dwMICKey1 = cpu_to_le32(*(u32 *)(&pKey->abyKey[28]));
702 MIC_vInit(dwMICKey0, dwMICKey1);
703 MIC_vAppend((unsigned char *)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
705 MIC_vAppend((unsigned char *)&dwMIC_Priority, 4);
706 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
707 MIC_vAppend((unsigned char *)(skb->data + 4 + WLAN_HDR_ADDR3_LEN + 8),
708 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
709 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
712 pdwMIC_L = (__le32 *)(skb->data + 4 + FrameSize);
713 pdwMIC_R = (__le32 *)(skb->data + 4 + FrameSize + 4);
715 if ((le32_to_cpu(*pdwMIC_L) != dwLocalMIC_L) ||
716 (le32_to_cpu(*pdwMIC_R) != dwLocalMIC_R) ||
717 pDevice->bRxMICFail) {
718 pr_debug("MIC comparison is fail!\n");
719 pDevice->bRxMICFail = false;
720 pDevice->s802_11Counter.TKIPLocalMICFailures++;
722 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
723 pr_err("%s: can not alloc more frag bufs\n",
727 //2008-0409-07, <Add> by Einsn Liu
728 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
729 //send event to wpa_supplicant
731 union iwreq_data wrqu;
732 struct iw_michaelmicfailure ev;
733 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
735 memset(&ev, 0, sizeof(ev));
736 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
737 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
738 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
739 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
740 ev.flags |= IW_MICFAILURE_PAIRWISE;
742 ev.flags |= IW_MICFAILURE_GROUP;
745 ev.src_addr.sa_family = ARPHRD_ETHER;
746 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
747 memset(&wrqu, 0, sizeof(wrqu));
748 wrqu.data.length = sizeof(ev);
749 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
754 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
755 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
756 if ((pDevice->pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
757 (pDevice->pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
758 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
759 wpahdr->type = VIAWGET_PTK_MIC_MSG;
761 wpahdr->type = VIAWGET_GTK_MIC_MSG;
763 wpahdr->resp_ie_len = 0;
764 wpahdr->req_ie_len = 0;
765 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
766 pDevice->skb->dev = pDevice->wpadev;
767 skb_reset_mac_header(pDevice->skb);
768 pDevice->skb->pkt_type = PACKET_HOST;
769 pDevice->skb->protocol = htons(ETH_P_802_2);
770 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
771 netif_rx(pDevice->skb);
772 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
779 } //---end of SOFT MIC-----------------------------------------------------------------------
781 // ++++++++++ Reply Counter Check +++++++++++++
783 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
784 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
786 unsigned short wLocalTSC15_0 = 0;
787 unsigned long dwLocalTSC47_16 = 0;
788 unsigned long long RSC = 0;
790 RSC = *((unsigned long long *)&(pKey->KeyRSC));
791 wLocalTSC15_0 = (unsigned short)RSC;
792 dwLocalTSC47_16 = (unsigned long)(RSC>>16);
799 if ((pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
800 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
802 if ((wRxTSC15_0 < wLocalTSC15_0) &&
803 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
804 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
805 pr_debug("TSC is illegal~~!\n ");
806 if (pKey->byCipherSuite == KEY_CTL_TKIP)
807 pDevice->s802_11Counter.TKIPReplays++;
809 pDevice->s802_11Counter.CCMPReplays++;
812 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
813 pr_err("%s: can not alloc more frag bufs\n",
821 } // ----- End of Reply Counter Check --------------------------
823 s_vProcessRxMACHeader(pDevice, (unsigned char *)(skb->data+4), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
824 FrameSize -= cbHeaderOffset;
825 cbHeaderOffset += 4; // 4 is Rcv buffer header
827 // Null data, framesize = 14
831 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
832 if (!s_bAPModeRxData(pDevice,
840 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
841 pr_err("%s: can not alloc more frag bufs\n",
849 skb->data += cbHeaderOffset;
850 skb->tail += cbHeaderOffset;
851 skb_put(skb, FrameSize);
852 skb->protocol = eth_type_trans(skb, skb->dev);
854 //drop frame not met IEEE 802.3
856 skb->ip_summed = CHECKSUM_NONE;
857 pStats->rx_bytes += skb->len;
858 pStats->rx_packets++;
862 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
863 pr_err("%s: can not alloc more frag bufs\n",
872 static bool s_bAPModeRxCtl(
873 struct vnt_private *pDevice,
874 unsigned char *pbyFrame,
878 PS802_11Header p802_11Header;
880 PSMgmtObject pMgmt = pDevice->pMgmt;
882 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
883 p802_11Header = (PS802_11Header)(pbyFrame);
884 if (!IS_TYPE_MGMT(pbyFrame)) {
885 // Data & PS-Poll packet
887 if (iSANodeIndex > 0) {
888 // frame class 3 fliter & checking
889 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
890 // send deauth notification
891 // reason = (6) class 2 received from nonauth sta
892 vMgrDeAuthenBeginSta(pDevice,
894 (unsigned char *)(p802_11Header->abyAddr2),
895 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
898 pr_debug("dpc: send vMgrDeAuthenBeginSta 1\n");
901 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
902 // send deassoc notification
903 // reason = (7) class 3 received from nonassoc sta
904 vMgrDisassocBeginSta(pDevice,
906 (unsigned char *)(p802_11Header->abyAddr2),
907 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
910 pr_debug("dpc: send vMgrDisassocBeginSta 2\n");
914 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
915 // delcare received ps-poll event
916 if (IS_CTL_PSPOLL(pbyFrame)) {
917 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = true;
918 bScheduleCommand((void *)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
919 pr_debug("dpc: WLAN_CMD_RX_PSPOLL 1\n");
921 // check Data PS state
922 // if PW bit off, send out all PS bufferring packets.
923 if (!IS_FC_POWERMGT(pbyFrame)) {
924 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = false;
925 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = true;
926 bScheduleCommand((void *)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
927 pr_debug("dpc: WLAN_CMD_RX_PSPOLL 2\n");
931 if (IS_FC_POWERMGT(pbyFrame)) {
932 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = true;
933 // Once if STA in PS state, enable multicast bufferring
934 pMgmt->sNodeDBTable[0].bPSEnable = true;
936 // clear all pending PS frame.
937 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
938 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = false;
939 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = true;
940 bScheduleCommand((void *)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
941 pr_debug("dpc: WLAN_CMD_RX_PSPOLL 3\n");
947 vMgrDeAuthenBeginSta(pDevice,
949 (unsigned char *)(p802_11Header->abyAddr2),
950 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
953 pr_debug("dpc: send vMgrDeAuthenBeginSta 3\n");
954 pr_debug("BSSID:%pM\n",
955 p802_11Header->abyAddr3);
956 pr_debug("ADDR2:%pM\n",
957 p802_11Header->abyAddr2);
958 pr_debug("ADDR1:%pM\n",
959 p802_11Header->abyAddr1);
960 pr_debug("dpc: wFrameCtl= %x\n",
961 p802_11Header->wFrameCtl);
962 VNSvInPortB(pDevice->PortOffset + MAC_REG_RCR, &(pDevice->byRxMode));
963 pr_debug("dpc:pDevice->byRxMode = %x\n",
972 static bool s_bHandleRxEncryption(
973 struct vnt_private *pDevice,
974 unsigned char *pbyFrame,
975 unsigned int FrameSize,
976 unsigned char *pbyRsr,
977 unsigned char *pbyNewRsr,
980 unsigned short *pwRxTSC15_0,
981 unsigned long *pdwRxTSC47_16
984 unsigned int PayloadLen = FrameSize;
985 unsigned char *pbyIV;
986 unsigned char byKeyIdx;
987 PSKeyItem pKey = NULL;
988 unsigned char byDecMode = KEY_CTL_WEP;
989 PSMgmtObject pMgmt = pDevice->pMgmt;
994 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
995 if (WLAN_GET_FC_TODS(*(unsigned short *)pbyFrame) &&
996 WLAN_GET_FC_FROMDS(*(unsigned short *)pbyFrame)) {
997 pbyIV += 6; // 6 is 802.11 address4
1000 byKeyIdx = (*(pbyIV+3) & 0xc0);
1002 pr_debug("\nKeyIdx: %d\n", byKeyIdx);
1004 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1005 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1006 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1007 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1008 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1009 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1010 (pDevice->pMgmt->byCSSPK != KEY_CTL_NONE)) {
1011 // unicast pkt use pairwise key
1012 pr_debug("unicast pkt\n");
1013 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == true) {
1014 if (pDevice->pMgmt->byCSSPK == KEY_CTL_TKIP)
1015 byDecMode = KEY_CTL_TKIP;
1016 else if (pDevice->pMgmt->byCSSPK == KEY_CTL_CCMP)
1017 byDecMode = KEY_CTL_CCMP;
1019 pr_debug("unicast pkt: %d, %p\n", byDecMode, pKey);
1022 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1023 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1024 byDecMode = KEY_CTL_TKIP;
1025 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1026 byDecMode = KEY_CTL_CCMP;
1027 pr_debug("group pkt: %d, %d, %p\n",
1028 byKeyIdx, byDecMode, pKey);
1031 // our WEP only support Default Key
1033 // use default group key
1034 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1035 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1036 byDecMode = KEY_CTL_TKIP;
1037 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1038 byDecMode = KEY_CTL_CCMP;
1042 pr_debug("AES:%d %d %d\n",
1043 pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
1046 pr_debug("pKey == NULL\n");
1050 if (byDecMode != pKey->byCipherSuite) {
1055 if (byDecMode == KEY_CTL_WEP) {
1057 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1058 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == true)) {
1063 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1064 memcpy(pDevice->abyPRNG, pbyIV, 3);
1065 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1066 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1067 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1069 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen))
1070 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1073 } else if ((byDecMode == KEY_CTL_TKIP) ||
1074 (byDecMode == KEY_CTL_CCMP)) {
1077 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1078 *pdwRxTSC47_16 = cpu_to_le32(*(unsigned long *)(pbyIV + 4));
1079 pr_debug("ExtIV: %lx\n", *pdwRxTSC47_16);
1080 if (byDecMode == KEY_CTL_TKIP)
1081 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV + 2), *pbyIV));
1083 *pwRxTSC15_0 = cpu_to_le16(*(unsigned short *)pbyIV);
1085 pr_debug("TSC0_15: %x\n", *pwRxTSC15_0);
1087 if ((byDecMode == KEY_CTL_TKIP) &&
1088 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1091 PS802_11Header pMACHeader = (PS802_11Header)(pbyFrame);
1093 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1094 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1095 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1096 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1097 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1098 pr_debug("ICV OK!\n");
1100 pr_debug("ICV FAIL!!!\n");
1101 pr_debug("PayloadLen = %d\n", PayloadLen);
1106 if ((*(pbyIV+3) & 0x20) != 0)
1111 static bool s_bHostWepRxEncryption(
1112 struct vnt_private *pDevice,
1113 unsigned char *pbyFrame,
1114 unsigned int FrameSize,
1115 unsigned char *pbyRsr,
1118 unsigned char *pbyNewRsr,
1120 unsigned short *pwRxTSC15_0,
1121 unsigned long *pdwRxTSC47_16
1124 unsigned int PayloadLen = FrameSize;
1125 unsigned char *pbyIV;
1126 unsigned char byKeyIdx;
1127 unsigned char byDecMode = KEY_CTL_WEP;
1128 PS802_11Header pMACHeader;
1133 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1134 if (WLAN_GET_FC_TODS(*(unsigned short *)pbyFrame) &&
1135 WLAN_GET_FC_FROMDS(*(unsigned short *)pbyFrame)) {
1136 pbyIV += 6; // 6 is 802.11 address4
1139 byKeyIdx = (*(pbyIV+3) & 0xc0);
1141 pr_debug("\nKeyIdx: %d\n", byKeyIdx);
1143 if (pDevice->pMgmt->byCSSGK == KEY_CTL_TKIP)
1144 byDecMode = KEY_CTL_TKIP;
1145 else if (pDevice->pMgmt->byCSSGK == KEY_CTL_CCMP)
1146 byDecMode = KEY_CTL_CCMP;
1148 pr_debug("AES:%d %d %d\n",
1149 pDevice->pMgmt->byCSSPK, pDevice->pMgmt->byCSSGK, byDecMode);
1151 if (byDecMode != pKey->byCipherSuite)
1154 if (byDecMode == KEY_CTL_WEP) {
1156 pr_debug("byDecMode == KEY_CTL_WEP\n");
1158 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1159 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == true) ||
1166 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1167 memcpy(pDevice->abyPRNG, pbyIV, 3);
1168 memcpy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1169 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1170 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1172 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen))
1173 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1176 } else if ((byDecMode == KEY_CTL_TKIP) ||
1177 (byDecMode == KEY_CTL_CCMP)) {
1180 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1181 *pdwRxTSC47_16 = cpu_to_le32(*(unsigned long *)(pbyIV + 4));
1182 pr_debug("ExtIV: %lx\n", *pdwRxTSC47_16);
1184 if (byDecMode == KEY_CTL_TKIP)
1185 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1187 *pwRxTSC15_0 = cpu_to_le16(*(unsigned short *)pbyIV);
1189 pr_debug("TSC0_15: %x\n", *pwRxTSC15_0);
1191 if (byDecMode == KEY_CTL_TKIP) {
1192 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || !bOnFly) {
1196 pr_debug("soft KEY_CTL_TKIP\n");
1197 pMACHeader = (PS802_11Header)(pbyFrame);
1198 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1199 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1200 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1201 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1202 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1203 pr_debug("ICV OK!\n");
1205 pr_debug("ICV FAIL!!!\n");
1206 pr_debug("PayloadLen = %d\n",
1212 if (byDecMode == KEY_CTL_CCMP) {
1216 pr_debug("soft KEY_CTL_CCMP\n");
1217 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1218 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1219 pr_debug("CCMP MIC compare OK!\n");
1221 pr_debug("CCMP MIC fail!\n");
1228 if ((*(pbyIV+3) & 0x20) != 0)
1233 static bool s_bAPModeRxData(
1234 struct vnt_private *pDevice,
1235 struct sk_buff *skb,
1236 unsigned int FrameSize,
1237 unsigned int cbHeaderOffset,
1242 PSMgmtObject pMgmt = pDevice->pMgmt;
1243 bool bRelayAndForward = false;
1244 bool bRelayOnly = false;
1245 unsigned char byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1246 unsigned short wAID;
1248 struct sk_buff *skbcpy = NULL;
1250 if (FrameSize > CB_MAX_BUF_SIZE)
1253 if (is_multicast_ether_addr((unsigned char *)(skb->data+cbHeaderOffset))) {
1254 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1255 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1257 // if any node in PS mode, buffer packet until DTIM.
1258 if (skbcpy == NULL) {
1259 pr_info("relay multicast no skb available\n");
1261 skbcpy->dev = pDevice->dev;
1262 skbcpy->len = FrameSize;
1263 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1264 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1266 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1268 pMgmt->abyPSTxMap[0] |= byMask[0];
1271 bRelayAndForward = true;
1275 if (BSSDBbIsSTAInNodeDB(pMgmt, (unsigned char *)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1276 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1277 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1278 // queue this skb until next PS tx, and then release.
1280 skb->data += cbHeaderOffset;
1281 skb->tail += cbHeaderOffset;
1282 skb_put(skb, FrameSize);
1283 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1284 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1285 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1286 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1287 pr_debug("relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1288 iDANodeIndex, (wAID >> 3),
1289 pMgmt->abyPSTxMap[wAID >> 3]);
1298 if (bRelayOnly || bRelayAndForward) {
1299 // relay this packet right now
1300 if (bRelayAndForward)
1303 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0))
1304 ROUTEbRelay(pDevice, (unsigned char *)(skb->data + cbHeaderOffset), FrameSize, (unsigned int)iDANodeIndex);
1309 // none associate, don't forward
1310 if (pDevice->uAssocCount == 0)