📄 wlan_ccx.c
字号:
memcpy(versionIe.ouiHdr.oui, cisco_oui, sizeof(cisco_oui)); versionIe.ouiHdr.ouiType = CCX_OUI_TYPE_VERSION; /* Set version to be internally stored supported version */ versionIe.version = ccx_supported_version; /* Copy the stack versionIe to the returned buffer parameter */ memcpy(*ppBuffer, (u8*)&versionIe, sizeof(versionIe)); /* Advance the buffer pointer by the size we appended */ *ppBuffer += sizeof(versionIe);// DBGPRINT(DBG_CCX, ("[append_ccx_version_ie] return size=%d\n", sizeof(versionIe))); /* Return appended size */ return (sizeof(versionIe));}static int append_ccx_aironet_ie( u8** ppBuffer ){ CCX_IE_AIRONET_t aironetIe; /* Null checks */ if (ppBuffer == 0) return 0; if (*ppBuffer == 0) return 0; NdisZeroMemory(&aironetIe, sizeof(aironetIe)); /* Setup OUI Header information */ aironetIe.ouiHdr.elemId = CCX_IE_AIRONET; aironetIe.ouiHdr.len = sizeof(CCX_IE_AIRONET_t) - 2; /* -2 for len + id */ memcpy(aironetIe.ouiHdr.oui, aironet_oui, sizeof(aironet_oui)); aironetIe.ouiHdr.ouiType = 0x00; aironetIe.flags[0] = 0x18; memcpy(aironetIe.apName, "MRVL-CW", 7); /* Copy the stack versionIe to the returned buffer parameter */ memcpy(*ppBuffer, (u8*)&aironetIe, sizeof(aironetIe)); /* Advance the buffer pointer by the size we appended */ *ppBuffer += sizeof(aironetIe);// DBGPRINT(DBG_CCX, ("[append_ccx_aironet_ie] return size=%d\n", sizeof(aironetIe))); /* Return appended size */ return (sizeof(aironetIe));}/** * @brief Append a marvell power capability TLV to the buffer. * The minimum power should be set to 0. The maximum power is * taken from the CCX Cell Power IE received in the scan results * before association. * * @param ppBuffer pointer to the buffer pointer * @param minPower min power in power capability TLV * @param maxPower max power in power capability TLV * @return number of bytes appended to **ppBuffer */ static int append_mrvl_power_capability(u8** ppBuffer, u8 minPower, u8 maxPower){ MrvlIEtypes_PowerCapability_t powerCapIe; /* Null checks */ if (ppBuffer == 0) return 0; if (*ppBuffer == 0) return 0; /* Set up marvell Power Capability TLV with passed parameters */ powerCapIe.Header.Type = cpu_to_le16(TLV_TYPE_POWER_CAPABILITY); powerCapIe.Header.Len = cpu_to_le16(sizeof(powerCapIe) - sizeof(powerCapIe.Header)); powerCapIe.MinPower = minPower; powerCapIe.MaxPower = maxPower; DBGPRINT(DBG_CCX, ("CCX: Power Cap Added: min(%d), max(%d)\n", minPower, maxPower)); /* Copy the stack powerCapIe to the returned buffer parameter */ memcpy(*ppBuffer, (u8*)&powerCapIe, sizeof(powerCapIe));// HEXDUMP("CCX: PwrCap IE", *ppBuffer, sizeof(powerCapIe)); /* Advance the buffer pointer by the size we appended */ *ppBuffer += sizeof(powerCapIe); /* Return appended size */ return (sizeof(powerCapIe));}static void ccx_freePacketBuffer(){ int i; for ( i=0; i < CCX_ROGUE_AP_COUNT; i++ ) { if ( pCCXBufVM[i] != NULL ) { NdisFreeMemory(pCCXBufVM[i], MRVDRV_ETH_TX_PACKET_BUFFER_SIZE, 0); pCCXBufVM[i] = NULL; } if ( pCCXBuffer[i] != NULL ) { NdisFreeBuffer(pCCXBuffer[i]); pCCXBuffer[i] = NULL; } if ( pCCXPacket[i] != NULL ) { NdisFreePacket(pCCXPacket[i]); pCCXPacket[i] = NULL; } } if ( ccxBufferPoolHandle != NULL ) { NdisFreeBufferPool(ccxBufferPoolHandle); ccxBufferPoolHandle = NULL; } if ( ccxPacketPoolHandle != NULL ) { NdisFreePacketPool(ccxPacketPoolHandle); ccxPacketPoolHandle = NULL; }}static int ccx_allocatePacketBuffer(){ int i; NDIS_STATUS tStatus; PNDIS_PACKET_OOB_DATA pOOB; // null init ccxPacketPoolHandle = NULL; ccxBufferPoolHandle = NULL; for ( i=0; i < CCX_ROGUE_AP_COUNT; i++ ) { pCCXPacket[i] = NULL; pCCXBuffer[i] = NULL; pCCXBufVM[i] = NULL; } // allocate packet pool // packet pool NdisAllocatePacketPoolEx( &tStatus, &ccxPacketPoolHandle, CCX_ROGUE_AP_COUNT, CCX_ROGUE_AP_COUNT, PROTOCOL_RESERVED_SIZE_IN_PACKET); if ( tStatus != NDIS_STATUS_SUCCESS ) { DBGPRINT( DBG_ERROR, ("[CCX] Unable to allocate packet pool!\n")); goto error; } // buffer pool NdisAllocateBufferPool( &tStatus, &ccxBufferPoolHandle, CCX_ROGUE_AP_COUNT); if ( tStatus != NDIS_STATUS_SUCCESS ) { DBGPRINT( DBG_ERROR, ("Unable to allocate buffer pool!\n")); goto error; } // assign space to used three array for ( i=0; i < CCX_ROGUE_AP_COUNT; i++ ) { // data payload space array tStatus = NdisAllocateMemoryWithTag( &pCCXBufVM[i], MRVDRV_ETH_TX_PACKET_BUFFER_SIZE, MRVDRV_MEMORY_TAG); if ( tStatus != NDIS_STATUS_SUCCESS ) { DBGPRINT( DBG_ERROR, ("Unable to do NdisAllocateMemoryWithTag [%d]\n", i)); goto error; } // buffer array NdisAllocateBuffer( &tStatus, &pCCXBuffer[i], ccxBufferPoolHandle, pCCXBufVM[i], MRVDRV_ETH_TX_PACKET_BUFFER_SIZE); if ( tStatus != NDIS_STATUS_SUCCESS ) { DBGPRINT( DBG_ERROR, ("Unable to do NdisAllocateBuffer [%d]\n", i)); goto error; } // packet array NdisAllocatePacket( &tStatus, &pCCXPacket[i], ccxPacketPoolHandle); if ( tStatus != NDIS_STATUS_SUCCESS ) { DBGPRINT( DBG_ERROR, ("Unable to do NdisAllocatePacket [%d]\n", i)); goto error; } // init OBB space pOOB = NDIS_OOB_DATA_FROM_PACKET(pCCXPacket[i]); NdisZeroMemory(pOOB, sizeof(NDIS_PACKET_OOB_DATA)); NDIS_SET_PACKET_HEADER_SIZE(pCCXPacket[i], MRVDRV_ETH_HEADER_SIZE); // chain the packet and buffer NdisChainBufferAtFront(pCCXPacket[i], pCCXBuffer[i]); } tStatus = NDIS_STATUS_SUCCESS; error: if (tStatus != NDIS_STATUS_SUCCESS) ccx_freePacketBuffer(); return tStatus;}///static UCHAR ccxSnapHdr[8] = {0xaa, 0xaa, 0x03, 0x00, 0x40, 0x96, 0x00, 0x00};static UCHAR ccxSnapHdr[8] = {0xaa, 0xaa, 0x03, 0x00, 0x40, 0x96, 0x00, 0x00};NDIS_STATUSccx_send_packet( IN PMRVDRV_ADAPTER Adapter, IN PNDIS_PACKET pPacket, FSW_CCX_ROGUE_AP_DETECTED *pRougeAPMsg ){ PNDIS_BUFFER pBuffer; PUCHAR pBufVM; UINT bufLen; PCCX_MSG_T pCCXMsg; NdisQueryPacket(pPacket, NULL, NULL, &pBuffer, NULL); NdisQueryBufferSafe(pBuffer, (void *)&pBufVM, &bufLen, NormalPagePriority); NdisAdjustBufferLength(pBuffer, sizeof(CCX_MSG_T)); pCCXMsg = (PCCX_MSG_T)pBufVM; NdisMoveMemory(pCCXMsg->dstAddr, ccxCurBSSID, sizeof(pCCXMsg->dstAddr)); NdisMoveMemory(pCCXMsg->srcAddr, ccxStaMac, sizeof(pCCXMsg->srcAddr)); pCCXMsg->protocolLen[0] = 0; pCCXMsg->protocolLen[1] = 0; NdisMoveMemory(pCCXMsg->snapHdr, ccxSnapHdr, sizeof(pCCXMsg->snapHdr)); pCCXMsg->length[0] = 0; pCCXMsg->length[1] = 40; pCCXMsg->msgType = 0x40; pCCXMsg->function = 0x8e; NdisMoveMemory(pCCXMsg->apAddr, ccxCurBSSID, sizeof(pCCXMsg->apAddr)); NdisMoveMemory(pCCXMsg->staAddr, ccxStaMac, sizeof(pCCXMsg->staAddr)); // pCCXMsg->failcode[0] = (UCHAR)(pRougeAPMsg->FailureReason >> 8); pCCXMsg->failcode[1] = (UCHAR)(pRougeAPMsg->FailureReason & 0xFF); NdisMoveMemory(pCCXMsg->rogueAddr, pRougeAPMsg->RogueAPMacAddress, sizeof(pCCXMsg->rogueAddr)); NdisMoveMemory(pCCXMsg->rogueName, pRougeAPMsg->RogueAPName, sizeof(pCCXMsg->rogueName)); pCCXCurPacket = pPacket; DBGPRINT(DBG_CCX, ("[ccx_send_packet] cur packet=%x\n", pCCXCurPacket)); ///return SendSinglePacket(Adapter, pPacket); return CCX_SendSinglePacket(Adapter, pPacket);}#ifdef CCX_TPCNDIS_STATUS ccx_set_txpower(ULONG minPower, ULONG maxPower){ NDIS_STATUS status; UCHAR power=0; ULONG bytesWritten; ULONG bytesNeeded; ///DWORD dwWaitStatus; DBGPRINT(DBG_CCX, ("[ccx_set_power] maxPower=%x, ccxTPCUserPower=%x\n", maxPower, ccxTPCUserPower)); if ( ((int)maxPower) > ccxTPCUserPower ) maxPower = ccxTPCUserPower; bytesNeeded = sizeof(NDIS_802_11_TX_POWER_LEVEL); status=PrepareAndSendCommand( pCcxAdapter, HostCmd_CMD_802_11_RF_TX_POWER, HostCmd_ACT_TX_POWER_OPT_SET, HostCmd_OPTION_USE_INT, 0, HostCmd_PENDING_ON_NONE, 0, FALSE, &bytesWritten, NULL, &bytesNeeded, &maxPower); DBGPRINT(DBG_CCX, ("[ccx_set_power] SET powerLevel=%x, status=%d\n", maxPower, status)); return status;}#endifvoid ccx_associate(){ int status; status = PrepareAndSendCommand( pCcxAdapter, HostCmd_CMD_802_11_ASSOCIATE_EXT, 0, HostCmd_OPTION_USE_INT, (NDIS_OID)0, HostCmd_PENDING_ON_NONE, 0, FALSE, NULL, NULL, NULL, &ccxCurSsid);}/******************************************************** Global Functions********************************************************/void wlan_ccx_init( IN PMRVDRV_ADAPTER pAdapter){ int i; // Set adapter pCcxAdapter = pAdapter; // clear ccxRogueAP for (i=0; i<CCX_ROGUE_AP_COUNT; i++) NdisZeroMemory(&(ccxRogueAP[i]), sizeof(FSW_CCX_ROGUE_AP_DETECTED)); ccx_allocatePacketBuffer();}void wlan_ccx_free(void){ ccx_freePacketBuffer();}void wlan_ccx_setCurMAC( IN PNDIS_802_11_SSID curSsid, IN NDIS_802_11_MAC_ADDRESS curBSSID, IN NDIS_802_11_MAC_ADDRESS curStaMac ){ NdisMoveMemory(&ccxCurSsid, curSsid, sizeof(NDIS_802_11_SSID)); NdisMoveMemory(&ccxCurBSSID, curBSSID, sizeof(NDIS_802_11_MAC_ADDRESS)); NdisMoveMemory(&ccxStaMac, curStaMac, sizeof(NDIS_802_11_MAC_ADDRESS)); }static NDIS_802_11_MAC_ADDRESS tmpMacAddr = {0x01, 0x02, 0x03, 0x04, 0x05,0x06};static UCHAR tmpName[] = "HelloAP";void wlan_ccx_send_packet( IN PMRVDRV_ADAPTER Adapter ){ FSW_CCX_ROGUE_AP_DETECTED rogueAPMsg; rogueAPMsg.FailureReason = 0x04; NdisMoveMemory(rogueAPMsg.RogueAPMacAddress, tmpMacAddr, sizeof(NDIS_802_11_MAC_ADDRESS)); NdisMoveMemory(rogueAPMsg.RogueAPName, tmpName, sizeof(tmpName)); ccx_send_packet(Adapter, pCCXPacket[0], &rogueAPMsg); }int wlan_ccx_isCurPacket(PNDIS_PACKET pPacket){ //DBGPRINT(DBG_CCX, ("[ccx_send_packet] packet=%x, ccxPacket=%x\n", // pPacket, pCCXCurPacket)); if ( pCCXCurPacket == pPacket ) return 1; else return 0;}///crlo:slowping ++void wlan_ccx_clrCurPacket(){ PrintMacro("CurrPacket: %xh\n", pCCXCurPacket);
pCCXCurPacket = NULL; return;}///crlo:slowping --/** * @brief Call back from the main command module to allow CCX proprietary additions * to the association request sent to the firmware. * * @param ppAssocBuf pointer to the buffer pointer for the assoc req. * @param pCcxBssInfo CCX information of the specific AP from the scan⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -