SOURCES (LINUX_2_6): orinoco-2.6.12-rfmon-dragorn-1.diff (NEW) - u...
aniolek
aniolek at pld-linux.org
Wed Jun 22 16:52:13 CEST 2005
Author: aniolek Date: Wed Jun 22 14:52:13 2005 GMT
Module: SOURCES Tag: LINUX_2_6
---- Log message:
- updated to 2.6.12
---- Files affected:
SOURCES:
orinoco-2.6.12-rfmon-dragorn-1.diff (NONE -> 1.1.2.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/orinoco-2.6.12-rfmon-dragorn-1.diff
diff -u /dev/null SOURCES/orinoco-2.6.12-rfmon-dragorn-1.diff:1.1.2.1
--- /dev/null Wed Jun 22 16:52:13 2005
+++ SOURCES/orinoco-2.6.12-rfmon-dragorn-1.diff Wed Jun 22 16:52:08 2005
@@ -0,0 +1,938 @@
+diff -ruNBb linux-2.6.12/drivers/net/wireless/hermes.c linux-2.6.12-rfmon/drivers/net/wireless/hermes.c
+--- linux-2.6.12/drivers/net/wireless/hermes.c 2005-06-17 21:48:29.000000000 +0200
++++ linux-2.6.12-rfmon/drivers/net/wireless/hermes.c 2005-06-19 11:41:24.000000000 +0200
+@@ -180,6 +180,10 @@
+ if (err)
+ return err;
+
++ for ( k = 0; k < HERMES_NUMPORTS_MAX; k++) {
++ hw->port_enabled[k] = 0;
++ }
++
+ reg = hermes_read_regn(hw, EVSTAT);
+ k = CMD_INIT_TIMEOUT;
+ while ( (! (reg & HERMES_EV_CMD)) && k) {
+diff -ruNBb linux-2.6.12/drivers/net/wireless/hermes.h linux-2.6.12-rfmon/drivers/net/wireless/hermes.h
+--- linux-2.6.12/drivers/net/wireless/hermes.h 2005-06-17 21:48:29.000000000 +0200
++++ linux-2.6.12-rfmon/drivers/net/wireless/hermes.h 2005-06-19 11:41:24.000000000 +0200
+@@ -34,6 +34,10 @@
+ #include <linux/if_ether.h>
+ #include <asm/byteorder.h>
+
++#define HFA384x_PORTTYPE_IBSS ((uint16_t)3)
++#define HFA384x_WEPFLAGS_DISABLE_TXCRYPT (0x10)
++#define HFA384x_WEPFLAGS_DISABLE_RXCRYPT (0x80)
++
+ /*
+ * Limits and constants
+ */
+@@ -150,6 +154,11 @@
+ /*--- Debugging Commands -----------------------------*/
+ #define HERMES_CMD_TEST (0x0038)
+
++/*--- Debugging Commands -----------------------------*/
++/* We want these in this byte arrangement. Why is it even being changed? */
++#define HERMES_CMD_MONITOR (0x0038)
++#define HERMES_MONITOR_ENABLE (0x000b)
++#define HERMES_MONITOR_DISABLE (0x000f)
+
+ /* Test command arguments */
+ #define HERMES_TEST_SET_CHANNEL 0x0800
+@@ -173,6 +182,38 @@
+ #define HERMES_HOSTSCAN_SYMBOL_BCAST 0x0080
+
+ /*
++ * Configuration RIDs
++ */
++
++#define HERMES_RID_CNF_PORTTYPE (0xfc00)
++#define HERMES_RID_CNF_CHANNEL (0xfc03)
++#define HERMES_RID_CNF_PRISM2_WEP_ON (0xfc28)
++
++/*-- Status Fields --*/
++#define HERMES_RXSTATUS_MSGTYPE (0xE000)
++#define HERMES_RXSTATUS_MACPORT (0x0700)
++#define HERMES_RXSTATUS_UNDECR (0x0002)
++#define HERMES_RXSTATUS_FCSERR (0x0001)
++
++/*--------------------------------------------------------------------
++Communication Frames: Test/Get/Set Field Values for Receive Frames
++--------------------------------------------------------------------*/
++#define HERMES_RXSTATUS_MSGTYPE_GET(value) (((value) & HERMES_RXSTATUS_MSGTYPE) >> 13)
++#define HERMES_RXSTATUS_MSGTYPE_SET(value) ((value) << 13)
++#define HERMES_RXSTATUS_MACPORT_GET(value) (((value) & HERMES_RXSTATUS_MACPORT) >> 8)
++#define HERMES_RXSTATUS_MACPORT_SET(value) ((value) << 8)
++#define HERMES_RXSTATUS_ISUNDECR(value) ((value) & HERMES_RXSTATUS_UNDECR)
++#define HERMES_RXSTATUS_ISFCSERR(value) ((value) & HERMES_RXSTATUS_FCSERR)
++
++/*--------------------------------------------------------------------
++Communication Frames: Field Masks for Receive Frames
++--------------------------------------------------------------------*/
++/*-- Offsets --------*/
++#define HERMES_RX_DATA_LEN_OFF (44)
++#define HERMES_RX_80211HDR_OFF (14)
++#define HERMES_RX_DATA_OFF (60)
++
++/*
+ * Frame structures and constants
+ */
+
+@@ -181,6 +222,16 @@
+ #define HERMES_802_3_OFFSET (14+32)
+ #define HERMES_802_2_OFFSET (14+32+14)
+
++struct hermes_rx_descriptor {
++ u16 status;
++ u32 time;
++ u8 silence;
++ u8 signal;
++ u8 rate;
++ u8 rxflow;
++ u32 reserved;
++} __attribute__ ((packed));
++
+ #define HERMES_RXSTAT_ERR (0x0003)
+ #define HERMES_RXSTAT_BADCRC (0x0001)
+ #define HERMES_RXSTAT_UNDECRYPTABLE (0x0002)
+@@ -350,6 +401,7 @@
+ #define HERMES_32BIT_REGSPACING 1
+
+ u16 inten; /* Which interrupts should be enabled? */
++ uint8_t port_enabled[HERMES_NUMPORTS_MAX];
+
+ #ifdef HERMES_DEBUG_BUFFER
+ struct hermes_debug_entry dbuf[HERMES_DEBUG_BUFSIZE];
+@@ -397,12 +449,14 @@
+
+ static inline int hermes_enable_port(hermes_t *hw, int port)
+ {
++ hw->port_enabled[port] = 1;
+ return hermes_docmd_wait(hw, HERMES_CMD_ENABLE | (port << 8),
+ 0, NULL);
+ }
+
+ static inline int hermes_disable_port(hermes_t *hw, int port)
+ {
++ hw->port_enabled[port] = 0;
+ return hermes_docmd_wait(hw, HERMES_CMD_DISABLE | (port << 8),
+ 0, NULL);
+ }
+diff -ruNBb linux-2.6.12/drivers/net/wireless/orinoco.c linux-2.6.12-rfmon/drivers/net/wireless/orinoco.c
+--- linux-2.6.12/drivers/net/wireless/orinoco.c 2005-06-17 21:48:29.000000000 +0200
++++ linux-2.6.12-rfmon/drivers/net/wireless/orinoco.c 2005-06-19 11:41:24.000000000 +0200
+@@ -490,6 +490,7 @@
+ #endif
+
+ static int suppress_linkstatus; /* = 0 */
++static int suppress_linkstatus_copy; /* = 0 */
+ module_param(suppress_linkstatus, bool, 0644);
+ MODULE_PARM_DESC(suppress_linkstatus, "Don't log link status changes");
+
+@@ -587,16 +588,6 @@
+
+ #define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
+
+-struct hermes_rx_descriptor {
+- u16 status;
+- u32 time;
+- u8 silence;
+- u8 signal;
+- u8 rate;
+- u8 rxflow;
+- u32 reserved;
+-} __attribute__ ((packed));
+-
+ /********************************************************************/
+ /* Function prototypes */
+ /********************************************************************/
+@@ -809,10 +800,15 @@
+ return 1;
+ }
+
+- if (! netif_carrier_ok(dev)) {
++ if (! netif_carrier_ok(dev) ||
++ dev->type == ARPHRD_IEEE80211_PRISM ||
++ dev->type == ARPHRD_IEEE80211) {
+ /* Oops, the firmware hasn't established a connection,
+ silently drop the packet (this seems to be the
+ safest approach). */
++ /* Also silently drop the packet if we're in rfmon, because
++ * it won't do very good things to try to write to the BAP.
++ * - Dragorn */
+ stats->tx_errors++;
+ orinoco_unlock(priv, &flags);
+ dev_kfree_skb(skb);
+@@ -968,6 +964,24 @@
+ hermes_write_regn(hw, TXCOMPLFID, DUMMY_FID);
+ }
+
++//#define SET_MAC_ADDRESS
++#ifdef SET_MAC_ADDRESS
++static int
++orinoco_set_mac_address(struct net_device *dev, void *addr)
++{
++ struct orinoco_private *priv = dev->priv;
++ struct sockaddr *mac = addr;
++
++ /* Copy the address */
++ memcpy(dev->dev_addr, mac->sa_data, WLAN_ADDR_LEN);
++
++ /* Reconfig the beast */
++ orinoco_reset(priv);
++
++ return 0;
++}
++#endif /* SET_MAC_ADDRESS */
++
+ static void orinoco_tx_timeout(struct net_device *dev)
+ {
+ struct orinoco_private *priv = netdev_priv(dev);
+@@ -1055,6 +1069,7 @@
+ struct header_struct hdr;
+ struct ethhdr *eh;
+ int err;
++ struct ieee802_11_hdr hdr80211;
+
+ rxfid = hermes_read_regn(hw, RXFID);
+
+@@ -1071,6 +1086,7 @@
+
+ if (status & HERMES_RXSTAT_ERR) {
+ if (status & HERMES_RXSTAT_UNDECRYPTABLE) {
++ if (dev->type != ARPHRD_ETHER) goto sniffing;
+ wstats->discard.code++;
+ DEBUG(1, "%s: Undecryptable frame on Rx. Frame dropped.\n",
+ dev->name);
+@@ -1082,6 +1098,7 @@
+ goto drop;
+ }
+
++sniffing:
+ /* For now we ignore the 802.11 header completely, assuming
+ that the card's firmware has handled anything vital */
+
+@@ -1112,6 +1129,11 @@
+ goto drop;
+ }
+
++ /* Now handle frame based on port# */
++ switch( HERMES_RXSTATUS_MACPORT_GET(status) )
++ {
++ case 0:
++
+ /* We need space for the packet data itself, plus an ethernet
+ header, plus 2 bytes so we can align the IP header on a
+ 32bit boundary, plus 1 byte so we can read in odd length
+@@ -1186,6 +1208,26 @@
+
+ return;
+
++ case 7:
++ if ( ! HERMES_RXSTATUS_ISFCSERR(status) ) {
++ if (hermes_bap_pread(hw, IRQ_BAP, &hdr80211, sizeof(hdr80211),
++ rxfid, HERMES_RX_80211HDR_OFF)) {
++ stats->rx_errors++;
++ }
++ else {
++ /* Copy to wlansnif skb */
++ orinoco_int_rxmonitor( priv, rxfid, length, &desc, &hdr80211);
++ }
++ } else {
++ printk("Received monitor frame: FCSerr set\n");
++ }
++ break;
++ default:
++ printk("Received frame on unsupported port=%d\n",
++ HERMES_RXSTATUS_MACPORT_GET(status) );
++ break;
++ }
++
+ drop:
+ stats->rx_dropped++;
+
+@@ -1591,6 +1633,8 @@
+ hermes_t *hw = &priv->hw;
+ int err;
+ struct hermes_idstring idbuf;
++ int word;
++ struct hermes_response resp;
+
+ /* Set the MAC address */
+ err = hermes_write_ltv(hw, USER_BAP, HERMES_RID_CNFOWNMACADDR,
+@@ -1790,6 +1834,27 @@
+ priv->mc_count = 0;
+ __orinoco_set_multicast_list(dev); /* FIXME: what about the xmit_lock */
+
++ /*
++ * Set the rfmon mode of the card, if we're in rfmon. Otherwise, the firmware
++ * starts sending out a flood of probe requests. We already reinited the firmware
++ * before.
++ * - Dragorn
++ */
++ if (dev->type == ARPHRD_IEEE80211_PRISM || dev->type == ARPHRD_IEEE80211) {
++ word = HFA384x_PORTTYPE_IBSS;
++ err = hermes_write_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_PORTTYPE, word);
++ if (err)
++ return err;
++
++ /* Enable monitor mode */
++ word = HERMES_CMD_MONITOR | (HERMES_MONITOR_ENABLE << 8);
++ err = hermes_docmd_wait(hw, word, 0, &resp);
++ if (err)
++ return err;
++ }
++
++
+ return 0;
+ }
+
+@@ -1876,6 +1941,18 @@
+ if (orinoco_lock(priv, &flags) != 0)
+ return -EBUSY;
+
++ /*
++ * If we are in rmfmon mode we need to treat this like going into rfmon again,
++ * so re-init the firmware like the rfmon function does.
++ * We'll also need to do some other rfmonish behavior in config_rids
++ * - Dragorn
++ */
++ if (dev->type == ARPHRD_IEEE80211_PRISM || dev->type == ARPHRD_IEEE80211) {
++ hermes_set_irqmask(hw, 0);
++ hermes_init(hw);
++ hermes_set_irqmask(hw, ORINOCO_INTEN);
++ }
++
+ err = hermes_disable_port(hw, 0);
+ if (err) {
+ printk(KERN_WARNING "%s: Unable to disable port while reconfiguring card\n",
+@@ -2461,6 +2538,9 @@
+ dev->tx_timeout = orinoco_tx_timeout;
+ dev->watchdog_timeo = HZ; /* 1 second timeout */
+ dev->get_stats = orinoco_get_stats;
++#ifdef SET_MAC_ADDRESS
++ dev->set_mac_address = orinoco_set_mac_address;
++#endif /* SET_MAC_ADDRESS */
+ dev->get_wireless_stats = orinoco_get_wireless_stats;
+ dev->do_ioctl = orinoco_ioctl;
+ dev->change_mtu = orinoco_change_mtu;
+@@ -3637,6 +3717,170 @@
+ return 0;
+ }
+
++/*----------------------------------------------------------------
++* orinoco_wlansniff
++*
++* Start or stop sniffing.
++*
++* Arguments:
++* wlandev wlan device structure
++* msgp ptr to msg buffer
++*
++* Returns:
++* 0 success and done
++* <0 success, but we're waiting for something to finish.
++* >0 an error occurred while handling the message.
++* Side effects:
++*
++* Call context:
++* process thread (usually)
++* interrupt
++----------------------------------------------------------------*/
++static int orinoco_wlansniff(struct net_device *dev, struct iwreq *wrq)
++{
++ struct orinoco_private *priv = dev->priv;
++ hermes_t *hw = &(priv->hw);
++ struct hermes_response resp;
++ int result = 0;
++ uint16_t word;
++
++ int *parms = (int *) wrq->u.name;
++ int enable = parms[0] > 0;
++ unsigned long flags;
++ int noMonitor = dev->type != ARPHRD_IEEE80211_PRISM &&
++ dev->type != ARPHRD_IEEE80211;
++
++ orinoco_lock(priv, &flags);
++
++ switch (enable)
++ {
++ case P80211ENUM_truth_false:
++ /* Confirm that we're in monitor mode */
++ if ( noMonitor ) {
++ result = -EFAULT;
++ }
++ /* Disable monitor mode */
++ suppress_linkstatus = suppress_linkstatus_copy;
++ word = HERMES_CMD_MONITOR | (HERMES_MONITOR_DISABLE << 8);
++ result = hermes_docmd_wait(hw, word, 0, &resp);
++
++ if ( result ) break;
++
++ /* Disable port 0 */
++ result = hermes_disable_port(hw, 0);
++ if ( result ) break;
++
++ /* Clear the driver state */
++ dev->type = ARPHRD_ETHER;
++
++ /* Restore the wepflags */ //Orinoco doesn't like this
++/*
++ result = hermes_write_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_PRISM2_WEP_ON,
++ priv->presniff_wepflags);
++ if ( result ) break;
++
++*/
++ /* Set the port to its prior type and enable (if necessary) */
++ if (priv->presniff_port_type != 0 ) {
++ word = priv->presniff_port_type;
++ result = hermes_write_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_PORTTYPE, word);
++ if ( result ) break;
++
++ /* Enable the port */
++ result = hermes_enable_port(hw, 0);
++ if ( result ) break;
++
++ }
++
++ break;
++ case P80211ENUM_truth_true:
++ // Only do this if we're not in monitor mode already
++ if (noMonitor) {
++ /* Re-initialize the card before changing channel as advised at
++ * http://lists.samba.org/pipermail/wireless/2002-June/004491.html
++ * by Ian Goldberg. Implementation by Pat Swieskowski.
++ */
++ // __orinoco_down(dev);
++ hermes_set_irqmask(hw, 0);
++ hermes_init(hw);
++ // _orinoco_up(dev);
++ hermes_set_irqmask(hw, ORINOCO_INTEN);
++ suppress_linkstatus = 1;
++ /*
++ __orinoco_stop_irqs(priv);
++ hermes_reset(hw);
++ __orinoco_start_irqs(priv, HERMES_EV_RX | HERMES_EV_ALLOC |
++ HERMES_EV_TX | HERMES_EV_TXEXC |
++ HERMES_EV_WTERR | HERMES_EV_INFO |
++ HERMES_EV_INFDROP);
++ */
++ /* Disable the port (if enabled), only check Port 0 */
++ if ( hw->port_enabled[0] ) {
++ /* Save macport 0 state */
++ result = hermes_read_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_PORTTYPE,
++ &(priv->presniff_port_type));
++ if ( result ) break;
++
++ /* Save the wepflags state */
++ result = hermes_read_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_PRISM2_WEP_ON,
++ &(priv->presniff_wepflags));
++ if ( result ) break;
++ }
++ else {
++ priv->presniff_port_type = 0;
++ }
++ }
++
++ // Disable the port
++ result = hermes_disable_port(hw, 0);
++ if ( result ) break;
++
++ /* Set the channel we wish to sniff */
++ if (parms[1] > 0 && parms[1] < 15) {
++ word = parms[1];
++ result = hermes_write_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_CHANNEL, word);
++ } else {
++ result = -EFAULT;
++ }
++
++ if ( result ) break;
++
++ if (noMonitor) {
++ /* Set the port type to pIbss */
++ word = HFA384x_PORTTYPE_IBSS;
++ result = hermes_write_wordrec(hw, USER_BAP,
++ HERMES_RID_CNF_PORTTYPE, word);
++ if ( result ) break;
++
++ /* Enable monitor mode */
++ word = HERMES_CMD_MONITOR | (HERMES_MONITOR_ENABLE << 8);
++ result = hermes_docmd_wait(hw, word, 0, &resp);
++ if ( result ) break;
++ }
++
++ /* Enable the port */
++ result = hermes_enable_port(hw, 0);
++ if ( result ) break;
++ /* Set the driver state */
++ /* Do we want the prism2 header? */
++ if (parms[0] == 1)
++ dev->type = ARPHRD_IEEE80211_PRISM;
++ else
++ dev->type = ARPHRD_IEEE80211;
++ break;
++ default:
++ result = -EFAULT;
++ break;
++ }
++ orinoco_unlock(priv, &flags);
++ return result;
++}
++
+ static int
+ orinoco_ioctl(struct net_device *dev, struct ifreq *rq, int cmd)
+ {
+@@ -3855,6 +4099,9 @@
+ { SIOCIWFIRSTPRIV + 0x7, 0,
+ IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
+ "get_ibssport" },
++ { SIOCIWFIRSTPRIV + 0x8,
++ IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2,
++ 0, "monitor" },
+ { SIOCIWLASTPRIV, 0, 0, "dump_recs" },
+ };
+
+@@ -3943,6 +4190,16 @@
+ err = orinoco_ioctl_getibssport(dev, wrq);
+ break;
+
++ case SIOCIWFIRSTPRIV + 0x8: /* set sniff (monitor) mode */
++ DEBUG(1, "%s: SIOCIWFIRSTPRIV + 0x8 (monitor)\n",
++ dev->name);
++ if (! capable(CAP_NET_ADMIN)) {
++ err = -EPERM;
++ break;
++ }
++ err = orinoco_wlansniff(dev, wrq);
++ break;
++
+ case SIOCIWLASTPRIV:
+ err = orinoco_debug_dump_recs(dev);
+ if (err)
+@@ -4087,6 +4344,7 @@
+ int i,j;
+ u16 length;
+ int err;
++ struct ieee802_11_hdr hdr80211;
+
+ /* I'm not sure: we might have a lock here, so we'd better go
+ atomic, just in case. */
+@@ -4209,6 +4467,197 @@
+ }
+ #endif /* 0 */
+
++/*----------------------------------------------------------------
++* orinoco_int_rxmonitor
++*
++* Helper function for int_rx. Handles monitor frames.
++* Note that this function allocates space for the FCS and sets it
++* to 0xffffffff. The hfa384x doesn't give us the FCS value but the
++* higher layers expect it. 0xffffffff is used as a flag to indicate
++* the FCS is bogus.
++*
++* Arguments:
++* dev wlan device structure
++* rxfid received FID
++* rxdesc rx descriptor read from card in int_rx
++*
++* Returns:
++* nothing
++*
++* Side effects:
++* Allocates an skb and passes it up via the PF_PACKET interface.
++* Call context:
++* interrupt
++----------------------------------------------------------------*/
++void orinoco_int_rxmonitor( struct orinoco_private *dev, uint16_t rxfid, int len,
++ struct hermes_rx_descriptor *rxdesc, struct ieee802_11_hdr *hdr)
++{
++ hermes_t *hw = &(dev->hw);
++ uint32_t hdrlen = 0;
++ uint32_t datalen = 0;
++ uint32_t skblen = 0;
++ p80211msg_lnxind_wlansniffrm_t *msg;
++ struct net_device_stats *stats = &dev->stats;
++
++
++ uint8_t *datap;
++ uint16_t fc;
++ struct sk_buff *skb;
++
++ /* Don't forget the status, time, and data_len fields are in host order */
++ /* Figure out how big the frame is */
++ fc = le16_to_cpu(hdr->frame_ctl);
++ switch ( WLAN_GET_FC_FTYPE(fc) )
++ {
++ case WLAN_FTYPE_DATA:
++ if ( WLAN_GET_FC_TODS(fc) && WLAN_GET_FC_FROMDS(fc) ) {
++ hdrlen = WLAN_HDR_A4_LEN;
++ } else {
++ hdrlen = WLAN_HDR_A3_LEN;
++ }
++ datalen = len;
++ break;
++ case WLAN_FTYPE_MGMT:
++ hdrlen = WLAN_HDR_A3_LEN;
++ datalen = len;
++ break;
++ case WLAN_FTYPE_CTL:
++ switch ( WLAN_GET_FC_FSTYPE(fc) )
++ {
++ case WLAN_FSTYPE_PSPOLL:
++ case WLAN_FSTYPE_RTS:
++ case WLAN_FSTYPE_CFEND:
++ case WLAN_FSTYPE_CFENDCFACK:
++ hdrlen = 16;
++ break;
<<Diff was trimmed, longer than 597 lines>>
More information about the pld-cvs-commit
mailing list