diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 18:49:45 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 18:49:45 +0000 |
commit | 2c3c1048746a4622d8c89a29670120dc8fab93c4 (patch) | |
tree | 848558de17fb3008cdf4d861b01ac7781903ce39 /drivers/staging/wlan-ng/p80211conv.c | |
parent | Initial commit. (diff) | |
download | linux-upstream.tar.xz linux-upstream.zip |
Adding upstream version 6.1.76.upstream/6.1.76upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'drivers/staging/wlan-ng/p80211conv.c')
-rw-r--r-- | drivers/staging/wlan-ng/p80211conv.c | 664 |
1 files changed, 664 insertions, 0 deletions
diff --git a/drivers/staging/wlan-ng/p80211conv.c b/drivers/staging/wlan-ng/p80211conv.c new file mode 100644 index 000000000..cd271b1da --- /dev/null +++ b/drivers/staging/wlan-ng/p80211conv.c @@ -0,0 +1,664 @@ +// SPDX-License-Identifier: (GPL-2.0 OR MPL-1.1) +/* + * + * Ether/802.11 conversions and packet buffer routines + * + * Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved. + * -------------------------------------------------------------------- + * + * linux-wlan + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU Public License version 2 (the "GPL"), in which + * case the provisions of the GPL are applicable instead of the + * above. If you wish to allow the use of your version of this file + * only under the terms of the GPL and not to allow others to use + * your version of this file under the MPL, indicate your decision + * by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL. If you do not delete + * the provisions above, a recipient may use your version of this + * file under either the MPL or the GPL. + * + * -------------------------------------------------------------------- + * + * Inquiries regarding the linux-wlan Open Source project can be + * made directly to: + * + * AbsoluteValue Systems Inc. + * info@linux-wlan.com + * http://www.linux-wlan.com + * + * -------------------------------------------------------------------- + * + * Portions of the development of this software were funded by + * Intersil Corporation as part of PRISM(R) chipset product development. + * + * -------------------------------------------------------------------- + * + * This file defines the functions that perform Ethernet to/from + * 802.11 frame conversions. + * + * -------------------------------------------------------------------- + * + *================================================================ + */ + +#include <linux/module.h> +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/types.h> +#include <linux/skbuff.h> +#include <linux/slab.h> +#include <linux/wireless.h> +#include <linux/netdevice.h> +#include <linux/etherdevice.h> +#include <linux/if_ether.h> +#include <linux/byteorder/generic.h> + +#include <asm/byteorder.h> + +#include "p80211types.h" +#include "p80211hdr.h" +#include "p80211conv.h" +#include "p80211mgmt.h" +#include "p80211msg.h" +#include "p80211netdev.h" +#include "p80211ioctl.h" +#include "p80211req.h" + +static const u8 oui_rfc1042[] = { 0x00, 0x00, 0x00 }; +static const u8 oui_8021h[] = { 0x00, 0x00, 0xf8 }; + +/*---------------------------------------------------------------- + * p80211pb_ether_to_80211 + * + * Uses the contents of the ether frame and the etherconv setting + * to build the elements of the 802.11 frame. + * + * We don't actually set + * up the frame header here. That's the MAC's job. We're only handling + * conversion of DIXII or 802.3+LLC frames to something that works + * with 802.11. + * + * Note -- 802.11 header is NOT part of the skb. Likewise, the 802.11 + * FCS is also not present and will need to be added elsewhere. + * + * Arguments: + * ethconv Conversion type to perform + * skb skbuff containing the ether frame + * p80211_hdr 802.11 header + * + * Returns: + * 0 on success, non-zero otherwise + * + * Call context: + * May be called in interrupt or non-interrupt context + *---------------------------------------------------------------- + */ +int skb_ether_to_p80211(struct wlandevice *wlandev, u32 ethconv, + struct sk_buff *skb, struct p80211_hdr *p80211_hdr, + struct p80211_metawep *p80211_wep) +{ + __le16 fc; + u16 proto; + struct wlan_ethhdr e_hdr; + struct wlan_llc *e_llc; + struct wlan_snap *e_snap; + int foo; + + memcpy(&e_hdr, skb->data, sizeof(e_hdr)); + + if (skb->len <= 0) { + pr_debug("zero-length skb!\n"); + return 1; + } + + if (ethconv == WLAN_ETHCONV_ENCAP) { /* simplest case */ + pr_debug("ENCAP len: %d\n", skb->len); + /* here, we don't care what kind of ether frm. Just stick it */ + /* in the 80211 payload */ + /* which is to say, leave the skb alone. */ + } else { + /* step 1: classify ether frame, DIX or 802.3? */ + proto = ntohs(e_hdr.type); + if (proto <= ETH_DATA_LEN) { + pr_debug("802.3 len: %d\n", skb->len); + /* codes <= 1500 reserved for 802.3 lengths */ + /* it's 802.3, pass ether payload unchanged, */ + + /* trim off ethernet header */ + skb_pull(skb, ETH_HLEN); + + /* leave off any PAD octets. */ + skb_trim(skb, proto); + } else { + pr_debug("DIXII len: %d\n", skb->len); + /* it's DIXII, time for some conversion */ + + /* trim off ethernet header */ + skb_pull(skb, ETH_HLEN); + + /* tack on SNAP */ + e_snap = skb_push(skb, sizeof(struct wlan_snap)); + e_snap->type = htons(proto); + if (ethconv == WLAN_ETHCONV_8021h && + p80211_stt_findproto(proto)) { + memcpy(e_snap->oui, oui_8021h, + WLAN_IEEE_OUI_LEN); + } else { + memcpy(e_snap->oui, oui_rfc1042, + WLAN_IEEE_OUI_LEN); + } + + /* tack on llc */ + e_llc = skb_push(skb, sizeof(struct wlan_llc)); + e_llc->dsap = 0xAA; /* SNAP, see IEEE 802 */ + e_llc->ssap = 0xAA; + e_llc->ctl = 0x03; + } + } + + /* Set up the 802.11 header */ + /* It's a data frame */ + fc = cpu_to_le16(WLAN_SET_FC_FTYPE(WLAN_FTYPE_DATA) | + WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DATAONLY)); + + switch (wlandev->macmode) { + case WLAN_MACMODE_IBSS_STA: + memcpy(p80211_hdr->address1, &e_hdr.daddr, ETH_ALEN); + memcpy(p80211_hdr->address2, wlandev->netdev->dev_addr, ETH_ALEN); + memcpy(p80211_hdr->address3, wlandev->bssid, ETH_ALEN); + break; + case WLAN_MACMODE_ESS_STA: + fc |= cpu_to_le16(WLAN_SET_FC_TODS(1)); + memcpy(p80211_hdr->address1, wlandev->bssid, ETH_ALEN); + memcpy(p80211_hdr->address2, wlandev->netdev->dev_addr, ETH_ALEN); + memcpy(p80211_hdr->address3, &e_hdr.daddr, ETH_ALEN); + break; + case WLAN_MACMODE_ESS_AP: + fc |= cpu_to_le16(WLAN_SET_FC_FROMDS(1)); + memcpy(p80211_hdr->address1, &e_hdr.daddr, ETH_ALEN); + memcpy(p80211_hdr->address2, wlandev->bssid, ETH_ALEN); + memcpy(p80211_hdr->address3, &e_hdr.saddr, ETH_ALEN); + break; + default: + netdev_err(wlandev->netdev, + "Error: Converting eth to wlan in unknown mode.\n"); + return 1; + } + + p80211_wep->data = NULL; + + if ((wlandev->hostwep & HOSTWEP_PRIVACYINVOKED) && + (wlandev->hostwep & HOSTWEP_ENCRYPT)) { + /* XXXX need to pick keynum other than default? */ + + p80211_wep->data = kmalloc(skb->len, GFP_ATOMIC); + if (!p80211_wep->data) + return -ENOMEM; + foo = wep_encrypt(wlandev, skb->data, p80211_wep->data, + skb->len, + wlandev->hostwep & HOSTWEP_DEFAULTKEY_MASK, + p80211_wep->iv, p80211_wep->icv); + if (foo) { + netdev_warn(wlandev->netdev, + "Host en-WEP failed, dropping frame (%d).\n", + foo); + kfree(p80211_wep->data); + return 2; + } + fc |= cpu_to_le16(WLAN_SET_FC_ISWEP(1)); + } + + /* skb->nh.raw = skb->data; */ + + p80211_hdr->frame_control = fc; + p80211_hdr->duration_id = 0; + p80211_hdr->sequence_control = 0; + + return 0; +} + +/* jkriegl: from orinoco, modified */ +static void orinoco_spy_gather(struct wlandevice *wlandev, char *mac, + struct p80211_rxmeta *rxmeta) +{ + int i; + + /* Gather wireless spy statistics: for each packet, compare the + * source address with out list, and if match, get the stats... + */ + + for (i = 0; i < wlandev->spy_number; i++) { + if (!memcmp(wlandev->spy_address[i], mac, ETH_ALEN)) { + wlandev->spy_stat[i].level = rxmeta->signal; + wlandev->spy_stat[i].noise = rxmeta->noise; + wlandev->spy_stat[i].qual = + (rxmeta->signal > + rxmeta->noise) ? (rxmeta->signal - + rxmeta->noise) : 0; + wlandev->spy_stat[i].updated = 0x7; + } + } +} + +/*---------------------------------------------------------------- + * p80211pb_80211_to_ether + * + * Uses the contents of a received 802.11 frame and the etherconv + * setting to build an ether frame. + * + * This function extracts the src and dest address from the 802.11 + * frame to use in the construction of the eth frame. + * + * Arguments: + * ethconv Conversion type to perform + * skb Packet buffer containing the 802.11 frame + * + * Returns: + * 0 on success, non-zero otherwise + * + * Call context: + * May be called in interrupt or non-interrupt context + *---------------------------------------------------------------- + */ +int skb_p80211_to_ether(struct wlandevice *wlandev, u32 ethconv, + struct sk_buff *skb) +{ + struct net_device *netdev = wlandev->netdev; + u16 fc; + unsigned int payload_length; + unsigned int payload_offset; + u8 daddr[ETH_ALEN]; + u8 saddr[ETH_ALEN]; + struct p80211_hdr *w_hdr; + struct wlan_ethhdr *e_hdr; + struct wlan_llc *e_llc; + struct wlan_snap *e_snap; + + int foo; + + payload_length = skb->len - WLAN_HDR_A3_LEN - WLAN_CRC_LEN; + payload_offset = WLAN_HDR_A3_LEN; + + w_hdr = (struct p80211_hdr *)skb->data; + + /* setup some vars for convenience */ + fc = le16_to_cpu(w_hdr->frame_control); + if ((WLAN_GET_FC_TODS(fc) == 0) && (WLAN_GET_FC_FROMDS(fc) == 0)) { + ether_addr_copy(daddr, w_hdr->address1); + ether_addr_copy(saddr, w_hdr->address2); + } else if ((WLAN_GET_FC_TODS(fc) == 0) && + (WLAN_GET_FC_FROMDS(fc) == 1)) { + ether_addr_copy(daddr, w_hdr->address1); + ether_addr_copy(saddr, w_hdr->address3); + } else if ((WLAN_GET_FC_TODS(fc) == 1) && + (WLAN_GET_FC_FROMDS(fc) == 0)) { + ether_addr_copy(daddr, w_hdr->address3); + ether_addr_copy(saddr, w_hdr->address2); + } else { + payload_offset = WLAN_HDR_A4_LEN; + if (payload_length < WLAN_HDR_A4_LEN - WLAN_HDR_A3_LEN) { + netdev_err(netdev, "A4 frame too short!\n"); + return 1; + } + payload_length -= (WLAN_HDR_A4_LEN - WLAN_HDR_A3_LEN); + ether_addr_copy(daddr, w_hdr->address3); + ether_addr_copy(saddr, w_hdr->address4); + } + + /* perform de-wep if necessary.. */ + if ((wlandev->hostwep & HOSTWEP_PRIVACYINVOKED) && + WLAN_GET_FC_ISWEP(fc) && + (wlandev->hostwep & HOSTWEP_DECRYPT)) { + if (payload_length <= 8) { + netdev_err(netdev, + "WEP frame too short (%u).\n", skb->len); + return 1; + } + foo = wep_decrypt(wlandev, skb->data + payload_offset + 4, + payload_length - 8, -1, + skb->data + payload_offset, + skb->data + payload_offset + + payload_length - 4); + if (foo) { + /* de-wep failed, drop skb. */ + pr_debug("Host de-WEP failed, dropping frame (%d).\n", + foo); + wlandev->rx.decrypt_err++; + return 2; + } + + /* subtract the IV+ICV length off the payload */ + payload_length -= 8; + /* chop off the IV */ + skb_pull(skb, 4); + /* chop off the ICV. */ + skb_trim(skb, skb->len - 4); + + wlandev->rx.decrypt++; + } + + e_hdr = (struct wlan_ethhdr *)(skb->data + payload_offset); + + e_llc = (struct wlan_llc *)(skb->data + payload_offset); + e_snap = + (struct wlan_snap *)(skb->data + payload_offset + + sizeof(struct wlan_llc)); + + /* Test for the various encodings */ + if ((payload_length >= sizeof(struct wlan_ethhdr)) && + (e_llc->dsap != 0xaa || e_llc->ssap != 0xaa) && + ((!ether_addr_equal_unaligned(daddr, e_hdr->daddr)) || + (!ether_addr_equal_unaligned(saddr, e_hdr->saddr)))) { + pr_debug("802.3 ENCAP len: %d\n", payload_length); + /* 802.3 Encapsulated */ + /* Test for an overlength frame */ + if (payload_length > (netdev->mtu + ETH_HLEN)) { + /* A bogus length ethfrm has been encap'd. */ + /* Is someone trying an oflow attack? */ + netdev_err(netdev, "ENCAP frame too large (%d > %d)\n", + payload_length, netdev->mtu + ETH_HLEN); + return 1; + } + + /* Chop off the 802.11 header. it's already sane. */ + skb_pull(skb, payload_offset); + /* chop off the 802.11 CRC */ + skb_trim(skb, skb->len - WLAN_CRC_LEN); + + } else if ((payload_length >= sizeof(struct wlan_llc) + + sizeof(struct wlan_snap)) && + (e_llc->dsap == 0xaa) && + (e_llc->ssap == 0xaa) && + (e_llc->ctl == 0x03) && + (((memcmp(e_snap->oui, oui_rfc1042, + WLAN_IEEE_OUI_LEN) == 0) && + (ethconv == WLAN_ETHCONV_8021h) && + (p80211_stt_findproto(be16_to_cpu(e_snap->type)))) || + (memcmp(e_snap->oui, oui_rfc1042, WLAN_IEEE_OUI_LEN) != + 0))) { + pr_debug("SNAP+RFC1042 len: %d\n", payload_length); + /* it's a SNAP + RFC1042 frame && protocol is in STT */ + /* build 802.3 + RFC1042 */ + + /* Test for an overlength frame */ + if (payload_length > netdev->mtu) { + /* A bogus length ethfrm has been sent. */ + /* Is someone trying an oflow attack? */ + netdev_err(netdev, "SNAP frame too large (%d > %d)\n", + payload_length, netdev->mtu); + return 1; + } + + /* chop 802.11 header from skb. */ + skb_pull(skb, payload_offset); + + /* create 802.3 header at beginning of skb. */ + e_hdr = skb_push(skb, ETH_HLEN); + ether_addr_copy(e_hdr->daddr, daddr); + ether_addr_copy(e_hdr->saddr, saddr); + e_hdr->type = htons(payload_length); + + /* chop off the 802.11 CRC */ + skb_trim(skb, skb->len - WLAN_CRC_LEN); + + } else if ((payload_length >= sizeof(struct wlan_llc) + + sizeof(struct wlan_snap)) && + (e_llc->dsap == 0xaa) && + (e_llc->ssap == 0xaa) && + (e_llc->ctl == 0x03)) { + pr_debug("802.1h/RFC1042 len: %d\n", payload_length); + /* it's an 802.1h frame || (an RFC1042 && protocol not in STT) + * build a DIXII + RFC894 + */ + + /* Test for an overlength frame */ + if ((payload_length - sizeof(struct wlan_llc) - + sizeof(struct wlan_snap)) + > netdev->mtu) { + /* A bogus length ethfrm has been sent. */ + /* Is someone trying an oflow attack? */ + netdev_err(netdev, "DIXII frame too large (%ld > %d)\n", + (long)(payload_length - + sizeof(struct wlan_llc) - + sizeof(struct wlan_snap)), netdev->mtu); + return 1; + } + + /* chop 802.11 header from skb. */ + skb_pull(skb, payload_offset); + + /* chop llc header from skb. */ + skb_pull(skb, sizeof(struct wlan_llc)); + + /* chop snap header from skb. */ + skb_pull(skb, sizeof(struct wlan_snap)); + + /* create 802.3 header at beginning of skb. */ + e_hdr = skb_push(skb, ETH_HLEN); + e_hdr->type = e_snap->type; + ether_addr_copy(e_hdr->daddr, daddr); + ether_addr_copy(e_hdr->saddr, saddr); + + /* chop off the 802.11 CRC */ + skb_trim(skb, skb->len - WLAN_CRC_LEN); + } else { + pr_debug("NON-ENCAP len: %d\n", payload_length); + /* any NON-ENCAP */ + /* it's a generic 80211+LLC or IPX 'Raw 802.3' */ + /* build an 802.3 frame */ + /* allocate space and setup hostbuf */ + + /* Test for an overlength frame */ + if (payload_length > netdev->mtu) { + /* A bogus length ethfrm has been sent. */ + /* Is someone trying an oflow attack? */ + netdev_err(netdev, "OTHER frame too large (%d > %d)\n", + payload_length, netdev->mtu); + return 1; + } + + /* Chop off the 802.11 header. */ + skb_pull(skb, payload_offset); + + /* create 802.3 header at beginning of skb. */ + e_hdr = skb_push(skb, ETH_HLEN); + ether_addr_copy(e_hdr->daddr, daddr); + ether_addr_copy(e_hdr->saddr, saddr); + e_hdr->type = htons(payload_length); + + /* chop off the 802.11 CRC */ + skb_trim(skb, skb->len - WLAN_CRC_LEN); + } + + /* + * Note that eth_type_trans() expects an skb w/ skb->data pointing + * at the MAC header, it then sets the following skb members: + * skb->mac_header, + * skb->data, and + * skb->pkt_type. + * It then _returns_ the value that _we're_ supposed to stuff in + * skb->protocol. This is nuts. + */ + skb->protocol = eth_type_trans(skb, netdev); + + /* jkriegl: process signal and noise as set in hfa384x_int_rx() */ + /* jkriegl: only process signal/noise if requested by iwspy */ + if (wlandev->spy_number) + orinoco_spy_gather(wlandev, eth_hdr(skb)->h_source, + p80211skb_rxmeta(skb)); + + /* Free the metadata */ + p80211skb_rxmeta_detach(skb); + + return 0; +} + +/*---------------------------------------------------------------- + * p80211_stt_findproto + * + * Searches the 802.1h Selective Translation Table for a given + * protocol. + * + * Arguments: + * proto protocol number (in host order) to search for. + * + * Returns: + * 1 - if the table is empty or a match is found. + * 0 - if the table is non-empty and a match is not found. + * + * Call context: + * May be called in interrupt or non-interrupt context + *---------------------------------------------------------------- + */ +int p80211_stt_findproto(u16 proto) +{ + /* Always return found for now. This is the behavior used by the */ + /* Zoom Win95 driver when 802.1h mode is selected */ + /* TODO: If necessary, add an actual search we'll probably + * need this to match the CMAC's way of doing things. + * Need to do some testing to confirm. + */ + + if (proto == ETH_P_AARP) /* APPLETALK */ + return 1; + + return 0; +} + +/*---------------------------------------------------------------- + * p80211skb_rxmeta_detach + * + * Disconnects the frmmeta and rxmeta from an skb. + * + * Arguments: + * wlandev The wlandev this skb belongs to. + * skb The skb we're attaching to. + * + * Returns: + * 0 on success, non-zero otherwise + * + * Call context: + * May be called in interrupt or non-interrupt context + *---------------------------------------------------------------- + */ +void p80211skb_rxmeta_detach(struct sk_buff *skb) +{ + struct p80211_rxmeta *rxmeta; + struct p80211_frmmeta *frmmeta; + + /* Sanity checks */ + if (!skb) { /* bad skb */ + pr_debug("Called w/ null skb.\n"); + return; + } + frmmeta = p80211skb_frmmeta(skb); + if (!frmmeta) { /* no magic */ + pr_debug("Called w/ bad frmmeta magic.\n"); + return; + } + rxmeta = frmmeta->rx; + if (!rxmeta) { /* bad meta ptr */ + pr_debug("Called w/ bad rxmeta ptr.\n"); + return; + } + + /* Free rxmeta */ + kfree(rxmeta); + + /* Clear skb->cb */ + memset(skb->cb, 0, sizeof(skb->cb)); +} + +/*---------------------------------------------------------------- + * p80211skb_rxmeta_attach + * + * Allocates a p80211rxmeta structure, initializes it, and attaches + * it to an skb. + * + * Arguments: + * wlandev The wlandev this skb belongs to. + * skb The skb we're attaching to. + * + * Returns: + * 0 on success, non-zero otherwise + * + * Call context: + * May be called in interrupt or non-interrupt context + *---------------------------------------------------------------- + */ +int p80211skb_rxmeta_attach(struct wlandevice *wlandev, struct sk_buff *skb) +{ + int result = 0; + struct p80211_rxmeta *rxmeta; + struct p80211_frmmeta *frmmeta; + + /* If these already have metadata, we error out! */ + if (p80211skb_rxmeta(skb)) { + netdev_err(wlandev->netdev, + "%s: RXmeta already attached!\n", wlandev->name); + result = 0; + goto exit; + } + + /* Allocate the rxmeta */ + rxmeta = kzalloc(sizeof(*rxmeta), GFP_ATOMIC); + + if (!rxmeta) { + result = 1; + goto exit; + } + + /* Initialize the rxmeta */ + rxmeta->wlandev = wlandev; + rxmeta->hosttime = jiffies; + + /* Overlay a frmmeta_t onto skb->cb */ + memset(skb->cb, 0, sizeof(struct p80211_frmmeta)); + frmmeta = (struct p80211_frmmeta *)(skb->cb); + frmmeta->magic = P80211_FRMMETA_MAGIC; + frmmeta->rx = rxmeta; +exit: + return result; +} + +/*---------------------------------------------------------------- + * p80211skb_free + * + * Frees an entire p80211skb by checking and freeing the meta struct + * and then freeing the skb. + * + * Arguments: + * wlandev The wlandev this skb belongs to. + * skb The skb we're attaching to. + * + * Returns: + * 0 on success, non-zero otherwise + * + * Call context: + * May be called in interrupt or non-interrupt context + *---------------------------------------------------------------- + */ +void p80211skb_free(struct wlandevice *wlandev, struct sk_buff *skb) +{ + struct p80211_frmmeta *meta; + + meta = p80211skb_frmmeta(skb); + if (meta && meta->rx) + p80211skb_rxmeta_detach(skb); + else + netdev_err(wlandev->netdev, + "Freeing an skb (%p) w/ no frmmeta.\n", skb); + dev_kfree_skb(skb); +} |