INT Show_Repeater_Cli_Proc(RTMP_ADAPTER *pAd, RTMP_STRING *arg)
{
INT i;
UINT32 RegValue;
ULONG DataRate=0;
if (!pAd->ApCfg.bMACRepeaterEn)
return TRUE;
printk("\n");
#ifdef DOT11_N_SUPPORT
printk("HT Operating Mode : %d\n", pAd->CommonCfg.AddHTInfo.AddHtInfo2.OperaionMode);
printk("\n");
#endif /* DOT11_N_SUPPORT */
printk("\n%-19s%-4s%-4s%-4s%-4s%-8s%-7s%-7s%-7s%-10s%-6s%-6s%-6s%-6s%-7s%-7s\n",
"MAC", "AID", "BSS", "PSM", "WMM", "MIMOPS", "RSSI0", "RSSI1",
"RSSI2", "PhMd", "BW", "MCS", "SGI", "STBC", "Idle", "Rate");
for (i = 0; i < MAX_LEN_OF_MAC_TABLE; i++)
{
PMAC_TABLE_ENTRY pEntry = &pAd->MacTab.Content[i];
if (pEntry && IS_ENTRY_APCLI(pEntry)&& (pEntry->Sst == SST_ASSOC) && (pEntry->bReptCli))
{
DataRate=0;
getRate(pEntry->HTPhyMode, &DataRate);
printk("%02X:%02X:%02X:%02X:%02X:%02X ",
pEntry->ReptCliAddr[0], pEntry->ReptCliAddr[1], pEntry->ReptCliAddr[2],
pEntry->ReptCliAddr[3], pEntry->ReptCliAddr[4], pEntry->ReptCliAddr[5]);
printk("%-4d", (int)pEntry->Aid);
printk("%-4d-%d", (int)pEntry->apidx, pEntry->func_tb_idx);
printk("%-4d", (int)pEntry->PsMode);
printk("%-4d", (int)CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE));
#ifdef DOT11_N_SUPPORT
printk("%-8d", (int)pEntry->MmpsMode);
#endif /* DOT11_N_SUPPORT */
printk("%-7d", pEntry->RssiSample.AvgRssi[0]);
printk("%-7d", pEntry->RssiSample.AvgRssi[1]);
printk("%-7d", pEntry->RssiSample.AvgRssi[2]);
printk("%-10s", get_phymode_str(pEntry->HTPhyMode.field.MODE));
printk("%-6s", get_bw_str(pEntry->HTPhyMode.field.BW));
printk("%-6d", pEntry->HTPhyMode.field.MCS);
printk("%-6d", pEntry->HTPhyMode.field.ShortGI);
printk("%-6d", pEntry->HTPhyMode.field.STBC);
printk("%-7d", (int)(pEntry->StaIdleTimeout - pEntry->NoDataIdleCount));
printk("%-7d", (int)DataRate);
printk("%-10d, %d, %d%%\n", pEntry->DebugFIFOCount, pEntry->DebugTxCount,
(pEntry->DebugTxCount) ? ((pEntry->DebugTxCount-pEntry->DebugFIFOCount)*100/pEntry->DebugTxCount) : 0);
printk("\n");
}
}
return TRUE;
}
VOID PMF_PeerSAQueryRspAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
UCHAR Action = Elem->Msg[LENGTH_802_11+1];
if (Action == ACTION_SAQ_RESPONSE)
{
PMAC_TABLE_ENTRY pEntry;
PFRAME_802_11 pHeader;
USHORT TransactionID;
BOOLEAN Cancelled;
DBGPRINT(RT_DEBUG_ERROR, ("[PMF]%s : Receive SA Query Response\n", __FUNCTION__));
pHeader = (PFRAME_802_11) Elem->Msg;
#ifdef CONFIG_AP_SUPPORT
pEntry = MacTableLookup(pAd, pHeader->Hdr.Addr2);
#endif /* CONFIG_AP_SUPPORT */
if (!pEntry)
{
DBGPRINT(RT_DEBUG_ERROR, ("[PMF]%s : Entry is not found, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pHeader->Hdr.Addr2)));
return;
}
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE)))
{
DBGPRINT(RT_DEBUG_ERROR, ("[PMF]%s : Entry is not PMF capable, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pHeader->Hdr.Addr2)));
return;
}
NdisMoveMemory(&TransactionID, &Elem->Msg[LENGTH_802_11+2], sizeof(USHORT));
if (pEntry->TransactionID == TransactionID)
{
pEntry->SAQueryStatus = SAQ_IDLE;
RTMPCancelTimer(&pEntry->SAQueryTimer, &Cancelled);
RTMPCancelTimer(&pEntry->SAQueryConfirmTimer, &Cancelled);
DBGPRINT(RT_DEBUG_ERROR, ("[PMF]%s - Compare TransactionID correctly, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pHeader->Hdr.Addr2)));
}
else
{
DBGPRINT(RT_DEBUG_ERROR, ("[PMF]%s - Compare TransactionID wrong, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pHeader->Hdr.Addr2)));
}
}
}
INT PMF_DecryptUniRobustFrameAction(
IN PRTMP_ADAPTER pAd,
INOUT PUCHAR pMgmtFrame,
IN UINT mgmt_len)
{
PMAC_TABLE_ENTRY pEntry = NULL;
PHEADER_802_11 pHeader = (PHEADER_802_11)pMgmtFrame;
PUCHAR pDate = pMgmtFrame + LENGTH_802_11;
UINT16 data_len = mgmt_len - LENGTH_802_11;
/* Check if the length is valid */
if (data_len <= LEN_CCMP_HDR + LEN_CCMP_MIC)
{
DBGPRINT(RT_DEBUG_ERROR, ("%s : The payload length(%d) is invalid\n",
__FUNCTION__, data_len));
return PMF_UNICAST_DECRYPT_FAILURE;
}
/* Look up the entry through Address 2 of 802.11 header */
#ifdef CONFIG_AP_SUPPORT
pEntry = MacTableLookup(pAd, pHeader->Addr2);
#endif /* CONFIG_AP_SUPPORT */
if (pEntry == NULL)
{
DBGPRINT(RT_DEBUG_ERROR,("%s : the entry doesn't exist !\n", __FUNCTION__));
return PMF_STATUS_SUCCESS;
}
/* check the PMF capable for this entry */
if (CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE) == FALSE)
{
DBGPRINT(RT_DEBUG_ERROR,("%s : the entry no PMF capable !\n", __FUNCTION__));
return PMF_UNICAST_DECRYPT_FAILURE;
}
if (RTMPSoftDecryptCCMP(pAd,
pMgmtFrame,
&pEntry->PairwiseKey,
pDate,
&data_len) == FALSE)
{
return PMF_UNICAST_DECRYPT_FAILURE;
}
return PMF_STATUS_SUCCESS;
}
static VOID APPeerAuthReqAtIdleAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
INT i;
USHORT Seq, Alg, RspReason, Status;
UCHAR Addr1[MAC_ADDR_LEN];
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Chtxt[CIPHER_TEXT_LEN];
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
MULTISSID_STRUCT *pMbss;
struct wifi_dev *wdev;
CHAR rssi;
if (! APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr1,
Addr2, &Alg, &Seq, &Status, Chtxt
))
return;
/* Find which MBSSID to be authenticate */
apidx = get_apidx_by_addr(pAd, Addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
pMbss = &pAd->ApCfg.MBSSID[apidx];
wdev = &pMbss->wdev;
if ((wdev->if_dev == NULL) || ((wdev->if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(wdev->if_dev))))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
}
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
#ifdef DOT11W_PMF_SUPPORT
if ((CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
&& (pEntry->PortSecured == WPA_802_1X_PORT_SECURED))
goto SendAuth;
#endif /* DOT11W_PMF_SUPPORT */
if (!RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[pEntry->apidx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
#ifdef DOT11W_PMF_SUPPORT
SendAuth:
#endif /* DOT11W_PMF_SUPPORT */
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, Seq, Alg, Status, Elem->Wcid, PRINT_MAC(Addr2)));
/* YF@20130102: Refuse the weak signal of AuthReq */
rssi = RTMPMaxRssi(pAd, ConvertToRssi(pAd, (CHAR)Elem->Rssi0, RSSI_0),
ConvertToRssi(pAd, (CHAR)Elem->Rssi1, RSSI_1),
ConvertToRssi(pAd, (CHAR)Elem->Rssi2, RSSI_2));
DBGPRINT(RT_DEBUG_TRACE, ("%s: AUTH_FAIL_REQ Threshold = %d, AUTH_NO_RSP_REQ Threshold = %d, AUTH RSSI = %d\n",
wdev->if_dev->name, pMbss->AuthFailRssiThreshold, pMbss->AuthNoRspRssiThreshold, rssi));
if (((pMbss->AuthFailRssiThreshold != 0) && (rssi < pMbss->AuthFailRssiThreshold)) ||
((pMbss->AuthNoRspRssiThreshold != 0) && (rssi < pMbss->AuthNoRspRssiThreshold)))
{
DBGPRINT(RT_DEBUG_TRACE, ("Reject this AUTH_REQ due to Weak Signal.\n"));
if ((pMbss->AuthFailRssiThreshold != 0) && (rssi < pMbss->AuthFailRssiThreshold))
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
return;
}
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, Addr2, apidx))
{
ASSERT(Seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((Alg == AUTH_MODE_OPEN) &&
(pMbss->wdev.AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, wdev, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
#ifdef DOT11W_PMF_SUPPORT
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
|| (pEntry->PortSecured != WPA_802_1X_PORT_SECURED))
#endif /* DOT11W_PMF_SUPPORT */
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((Alg == AUTH_MODE_KEY) &&
((wdev->AuthMode == Ndis802_11AuthModeShared)
|| (wdev->AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, wdev, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, Addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
Seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2,
wdev->if_addr,
wdev->bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &Alg,
2, &Seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
Alg, Seq, pAd->ApCfg.MBSSID[apidx].wdev.AuthMode));
}
}
INT Show_Repeater_Cli_Proc(
IN PRTMP_ADAPTER pAd,
IN PSTRING arg)
{
INT i;
UINT32 RegValue;
UINT32 DataRate=0;
if (!pAd->ApCfg.bMACRepeaterEn)
return TRUE;
printk("\n");
RTMP_IO_READ32(pAd, BKOFF_SLOT_CFG, &RegValue);
printk("BackOff Slot : %s slot time, BKOFF_SLOT_CFG(0x1104) = 0x%08x\n",
OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_SHORT_SLOT_INUSED) ? "short" : "long",
RegValue);
#ifdef DOT11_N_SUPPORT
printk("HT Operating Mode : %d\n", pAd->CommonCfg.AddHTInfo.AddHtInfo2.OperaionMode);
printk("\n");
#endif /* DOT11_N_SUPPORT */
printk("\n%-19s%-4s%-4s%-4s%-4s%-8s%-7s%-7s%-7s%-10s%-6s%-6s%-6s%-6s%-7s%-7s\n",
"MAC", "AID", "BSS", "PSM", "WMM", "MIMOPS", "RSSI0", "RSSI1",
"RSSI2", "PhMd", "BW", "MCS", "SGI", "STBC", "Idle", "Rate");
for (i = MAX_NUMBER_OF_MAC; i < MAX_NUMBER_OF_MAC + ((MAX_EXT_MAC_ADDR_SIZE + 1) * MAX_APCLI_NUM); i++)
{
PMAC_TABLE_ENTRY pEntry = &pAd->MacTab.Content[i];
if (pEntry && IS_ENTRY_APCLI(pEntry)&& (pEntry->Sst == SST_ASSOC) && (pEntry->bReptCli))
{
DataRate=0;
RtmpDrvRateGet(pAd, pEntry->HTPhyMode.field.MODE, pEntry->HTPhyMode.field.ShortGI,
pEntry->HTPhyMode.field.BW,pEntry->HTPhyMode.field.MCS,
newRateGetAntenna(pEntry->HTPhyMode.field.MCS, pEntry->HTPhyMode.field.MODE),&DataRate);
DataRate /= 500000;
DataRate /= 2;
printk("%02X:%02X:%02X:%02X:%02X:%02X ",
pEntry->ReptCliAddr[0], pEntry->ReptCliAddr[1], pEntry->ReptCliAddr[2],
pEntry->ReptCliAddr[3], pEntry->ReptCliAddr[4], pEntry->ReptCliAddr[5]);
printk("%-4d", (int)pEntry->Aid);
printk("%-4d", (int)pEntry->apidx);
printk("%-4d", (int)pEntry->PsMode);
printk("%-4d", (int)CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE));
#ifdef DOT11_N_SUPPORT
printk("%-8d", (int)pEntry->MmpsMode);
#endif /* DOT11_N_SUPPORT */
printk("%-7d", pEntry->RssiSample.AvgRssi0);
printk("%-7d", pEntry->RssiSample.AvgRssi1);
printk("%-7d", pEntry->RssiSample.AvgRssi2);
printk("%-10s", get_phymode_str(pEntry->HTPhyMode.field.MODE));
printk("%-6s", get_bw_str(pEntry->HTPhyMode.field.BW));
printk("%-6d", pEntry->HTPhyMode.field.MCS);
printk("%-6d", pEntry->HTPhyMode.field.ShortGI);
printk("%-6d", pEntry->HTPhyMode.field.STBC);
printk("%-7d", (int)(pEntry->StaIdleTimeout - pEntry->NoDataIdleCount));
printk("%-7d", (int)DataRate);
printk("%-10d, %d, %d%%\n", pEntry->DebugFIFOCount, pEntry->DebugTxCount,
(pEntry->DebugTxCount) ? ((pEntry->DebugTxCount-pEntry->DebugFIFOCount)*100/pEntry->DebugTxCount) : 0);
printk("\n");
}
}
return TRUE;
}
/*
========================================================================
Routine Description:
Handle peer DLS Request action frame.
Arguments:
pAd points to our adapter
*pElem action frame
Return Value:
None
Note:
========================================================================
*/
VOID APPeerDlsReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *pElem)
{
PMAC_TABLE_ENTRY pDAEntry, pSAEntry;
UCHAR DA[MAC_ADDR_LEN], SA[MAC_ADDR_LEN];
UINT16 CapabilityInfo;
UINT16 DLSTimeout;
PUCHAR pOutBuffer = NULL;
PFRAME_802_11 Fr;
UINT16 Status;
UINT32 FrameLen = 0;
HEADER_802_11 DlsRspHdr;
UCHAR Category = CATEGORY_DLS;
UCHAR Action = ACTION_DLS_RESPONSE;
UCHAR SupportedRatesLen;
UCHAR SupportedRates[MAX_LEN_OF_SUPPORTED_RATES];
HT_CAPABILITY_IE HtCapability;
UCHAR HtCapabilityLen;
/* frame sanity check */
if (!PeerDlsReqSanity(pAd, pElem->Msg, pElem->MsgLen, DA, SA,
&CapabilityInfo, &DLSTimeout,
&SupportedRatesLen, &SupportedRates[0],
&HtCapabilityLen, &HtCapability))
{
return;
}
/* check whether the source station is legal */
pSAEntry = MacTableLookup(pAd, SA);
if (!pSAEntry)
return;
pSAEntry->bDlsInit = FALSE;
/* check whether the destination station exists in our associated table */
pDAEntry = MacTableLookup(pAd, DA);
if (!pDAEntry)
Status = MLME_DEST_STA_NOT_IN_QBSS;
else if (pDAEntry && (pDAEntry->apidx != pSAEntry->apidx))
Status = MLME_DEST_STA_NOT_IN_QBSS;
else if (pDAEntry && !CLIENT_STATUS_TEST_FLAG(pDAEntry, fCLIENT_STATUS_WMM_CAPABLE))
Status = MLME_DEST_STA_IS_NOT_A_QSTA;
else if (pDAEntry->WepStatus != pSAEntry->WepStatus)
Status = MLME_QOS_UNSPECIFY; // different security algorithm
else if (!pAd->ApCfg.MBSSID[pSAEntry->apidx].bDLSCapable)
Status = MLME_DLS_NOT_ALLOW_IN_QBSS;
else
Status = MLME_SUCCESS;
if (pDAEntry)
pDAEntry->bDlsInit = FALSE;
/* forward DLS-Request to real destination */
Fr = (PFRAME_802_11)pElem->Msg;
pOutBuffer = kmalloc(MAX_LEN_OF_MLME_BUFFER, MEM_ALLOC_FLAG);
if(pOutBuffer == NULL)
return;
/*
If status is successful, forward DLS-Request frame to destination
otherwise send DLS-Response with reason code to originator.
*/
if (Status == MLME_SUCCESS)
{
NdisMoveMemory(Fr->Hdr.Addr1, DA, MAC_ADDR_LEN);
NdisMoveMemory(Fr->Hdr.Addr2, pAd->ApCfg.MBSSID[pSAEntry->apidx].Bssid, MAC_ADDR_LEN);
NdisMoveMemory(Fr->Hdr.Addr3, SA, MAC_ADDR_LEN);
NdisMoveMemory(pOutBuffer, pElem->Msg, pElem->MsgLen);
FrameLen = pElem->MsgLen;
}
else
{
/* response error to source station */
MgtMacHeaderInit(pAd, &DlsRspHdr, SUBTYPE_ACTION, 0, SA,
pAd->ApCfg.MBSSID[pSAEntry->apidx].Bssid);
/*
Capability information and supported rate field are present
only when status code is zero.
*/
MakeOutgoingFrame(pOutBuffer, (ULONG *) &FrameLen,
sizeof(HEADER_802_11), &DlsRspHdr,
1, &Category,
1, &Action,
2, &Status,
6, SA,
6, DA,
END_OF_ARGS);
}
/* transmit the frame */
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
kfree(pOutBuffer);
DBGPRINT(RT_DEBUG_TRACE,
("DLS - APPeerDlsReqAction() from %02x:%02x:%02x:%02x:%02x:%02x "
"with Status=%d\n",
SA[0], SA[1], SA[2], SA[3], SA[4], SA[5], Status));
}
/*
========================================================================
Routine Description:
Handle peer DLS Request action frame.
Arguments:
pAd points to our adapter
*pElem action frame
Return Value:
None
Note:
========================================================================
*/
VOID APPeerDlsReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *pElem)
{
PMAC_TABLE_ENTRY pDAEntry, pSAEntry;
UCHAR DA[MAC_ADDR_LEN], SA[MAC_ADDR_LEN];
UINT16 CapabilityInfo;
UINT16 DLSTimeout;
PUCHAR pOutBuffer = NULL;
PFRAME_802_11 Fr;
UINT16 Status;
UINT32 FrameLen = 0;
HEADER_802_11 DlsRspHdr;
UCHAR Category = CATEGORY_DLS;
UCHAR Action = ACTION_DLS_RESPONSE;
UCHAR SupportedRatesLen = 0;
UCHAR SupportedRates[MAX_LEN_OF_SUPPORTED_RATES];
HT_CAPABILITY_IE HtCapability;
UCHAR HtCapabilityLen;
/* frame sanity check */
if (!PeerDlsReqSanity(pAd, pElem->Msg, pElem->MsgLen, DA, SA,
&CapabilityInfo, &DLSTimeout,
&SupportedRatesLen, &SupportedRates[0],
&HtCapabilityLen, &HtCapability))
{
return;
}
/* check whether the source station is legal */
pSAEntry = MacTableLookup(pAd, SA);
if (!pSAEntry)
return;
pSAEntry->bDlsInit = FALSE;
/* check whether the destination station exists in our associated table */
pDAEntry = MacTableLookup(pAd, DA);
if (!pDAEntry)
Status = MLME_DEST_STA_NOT_IN_QBSS;
else if (pDAEntry && (pDAEntry->apidx != pSAEntry->apidx))
Status = MLME_DEST_STA_NOT_IN_QBSS;
else if (pDAEntry && !CLIENT_STATUS_TEST_FLAG(pDAEntry, fCLIENT_STATUS_WMM_CAPABLE))
Status = MLME_DEST_STA_IS_NOT_A_QSTA;
else if (pDAEntry->WepStatus != pSAEntry->WepStatus)
Status = MLME_QOS_UNSPECIFY; /* different security algorithm */
else if (!pAd->ApCfg.MBSSID[pSAEntry->apidx].bDLSCapable)
Status = MLME_DLS_NOT_ALLOW_IN_QBSS;
else
Status = MLME_SUCCESS;
if (pDAEntry)
pDAEntry->bDlsInit = FALSE;
/* forward DLS-Request to real destination */
Fr = (PFRAME_802_11)pElem->Msg;
os_alloc_mem(pAd, (UCHAR **)&pOutBuffer, MAX_LEN_OF_MLME_BUFFER);
if(pOutBuffer == NULL)
return;
#ifdef CONFIG_HOTSPOT
if (pAd->ApCfg.MBSSID[pSAEntry->apidx].HotSpotCtrl.L2Filter)
Status = MLME_DLS_NOT_ALLOW_IN_QBSS;
#endif
/*
If status is successful, forward DLS-Request frame to destination
otherwise send DLS-Response with reason code to originator.
*/
#if 1
if (Status == MLME_SUCCESS)
{
NdisMoveMemory(Fr->Hdr.Addr1, DA, MAC_ADDR_LEN);
NdisMoveMemory(Fr->Hdr.Addr2, pAd->ApCfg.MBSSID[pSAEntry->apidx].wdev.bssid, MAC_ADDR_LEN);
NdisMoveMemory(Fr->Hdr.Addr3, SA, MAC_ADDR_LEN);
NdisMoveMemory(pOutBuffer, pElem->Msg, pElem->MsgLen);
FrameLen = pElem->MsgLen;
}
else
{
#else
{
Status = 0; /* for test */
#endif
/* response error to source station */
MgtMacHeaderInit(pAd, &DlsRspHdr, SUBTYPE_ACTION, 0, SA,
pAd->ApCfg.MBSSID[pSAEntry->apidx].wdev.if_addr,
pAd->ApCfg.MBSSID[pSAEntry->apidx].wdev.bssid);
/*
Capability information and supported rate field are present
only when status code is zero.
*/
MakeOutgoingFrame(pOutBuffer, (ULONG *) &FrameLen,
sizeof(HEADER_802_11), &DlsRspHdr,
1, &Category,
1, &Action,
2, &Status,
6, SA,
6, DA,
END_OF_ARGS);
}
/* transmit the frame */
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
os_free_mem(NULL, pOutBuffer);
DBGPRINT(RT_DEBUG_TRACE,
("DLS - APPeerDlsReqAction() from %02x:%02x:%02x:%02x:%02x:%02x "
"with Status=%d\n",
SA[0], SA[1], SA[2], SA[3], SA[4], SA[5], Status));
}
/*
========================================================================
Routine Description:
Handle peer DLS Response action frame.
Arguments:
pAd points to our adapter
*pElem action frame
Return Value:
None
Note:
========================================================================
*/
VOID APPeerDlsRspAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *pElem)
{
PMAC_TABLE_ENTRY pDAEntry, pSAEntry;
UCHAR DA[MAC_ADDR_LEN], SA[MAC_ADDR_LEN];
UINT16 CapabilityInfo;
UINT16 StatusCode;
PUCHAR pOutBuffer = NULL;
PFRAME_802_11 Fr;
UINT32 FrameLen = 0;
UCHAR SupportedRatesLen = 0;
UCHAR SupportedRates[MAX_LEN_OF_SUPPORTED_RATES];
UCHAR HtCapabilityLen;
HT_CAPABILITY_IE HtCapability;
/* frame sanity check */
if (! PeerDlsRspSanity(pAd, pElem->Msg, pElem->MsgLen, DA, SA,
&CapabilityInfo, &StatusCode,
&SupportedRatesLen, &SupportedRates[0],
&HtCapabilityLen, &HtCapability))
{
return;
}
DBGPRINT(RT_DEBUG_TRACE,
("DLS - PeerDlsRspAction() from %02x:%02x:%02x:%02x:%02x:%02x "
"with StatusCode=%d\n",
SA[0], SA[1], SA[2], SA[3], SA[4], SA[5], StatusCode));
/* check whether the source station is legal */
pSAEntry = MacTableLookup(pAd, SA);
if (!pSAEntry)
return;
pDAEntry = MacTableLookup(pAd, DA);
if (!pDAEntry)
{
DBGPRINT(RT_DEBUG_TRACE, ("Destination station does not exist!\n"));
return;
}
pSAEntry->bDlsInit = FALSE;
/* forward DLS-Request to real destination */
Fr = (PFRAME_802_11)pElem->Msg;
os_alloc_mem(pAd, (UCHAR **)&pOutBuffer, MAX_LEN_OF_MLME_BUFFER);
if (pOutBuffer == NULL)
return; /* fatal error, no available memory */
NdisMoveMemory(Fr->Hdr.Addr1, DA, MAC_ADDR_LEN);
NdisMoveMemory(Fr->Hdr.Addr2, pAd->ApCfg.MBSSID[pSAEntry->apidx].wdev.bssid, MAC_ADDR_LEN);
NdisMoveMemory(Fr->Hdr.Addr3, SA, MAC_ADDR_LEN);
NdisMoveMemory(pOutBuffer, pElem->Msg, pElem->MsgLen);
FrameLen = pElem->MsgLen;
/* transmit the response frame */
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
os_free_mem(NULL, pOutBuffer);
}
VOID PMF_MlmeSAQueryReq(
IN PRTMP_ADAPTER pAd,
IN MAC_TABLE_ENTRY *pEntry)
{
PUCHAR pOutBuffer = NULL;
HEADER_802_11 SAQReqHdr;
UINT32 FrameLen = 0;
UCHAR SACategoryType, SAActionType;
//UINT ccmp_len = LEN_CCMP_HDR + LEN_CCMP_MIC;
//UCHAR ccmp_buf[ccmp_len];
PPMF_CFG pPmfCfg = NULL;
if (!pEntry)
{
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s : Entry is NULL\n", __FUNCTION__));
return;
}
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE)))
{
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s : Entry is not PMF capable, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pEntry->Addr)));
return;
}
if (pEntry->SAQueryStatus == SAQ_SENDING)
return;
#ifdef CONFIG_AP_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_AP(pAd)
{
pPmfCfg = &pAd->ApCfg.MBSSID[pEntry->func_tb_idx].PmfCfg;
}
#endif /* CONFIG_AP_SUPPORT */
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
pPmfCfg = &pAd->StaCfg.PmfCfg;
}
#endif /* CONFIG_STA_SUPPORT */
if (pPmfCfg)
{
/* Send the SA Query Request */
os_alloc_mem(NULL, (UCHAR **)&pOutBuffer, MAX_LEN_OF_MLME_BUFFER);
if(pOutBuffer == NULL)
return;
#ifdef CONFIG_AP_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_AP(pAd)
{
MgtMacHeaderInit(pAd, &SAQReqHdr, SUBTYPE_ACTION, 0, pEntry->Addr,
pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid,
pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid);
}
#endif /* CONFIG_AP_SUPPORT */
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
MgtMacHeaderInit(pAd, &SAQReqHdr, SUBTYPE_ACTION, 0, pEntry->Addr,
pAd->CurrentAddress,
pEntry->Addr);
}
#endif /* CONFIG_STA_SUPPORT */
pEntry->TransactionID++;
SACategoryType = CATEGORY_SA;
SAActionType = ACTION_SAQ_REQUEST;
MakeOutgoingFrame(pOutBuffer, (ULONG *) &FrameLen,
sizeof(HEADER_802_11), &SAQReqHdr,
1, &SACategoryType,
1, &SAActionType,
2, &pEntry->TransactionID,
END_OF_ARGS);
if (pEntry->SAQueryStatus == SAQ_IDLE) {
RTMPSetTimer(&pEntry->SAQueryTimer, 1000); /* 1000ms */
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s -- SAQueryTimer\n", __FUNCTION__));
}
pEntry->SAQueryStatus = SAQ_SENDING;
RTMPSetTimer(&pEntry->SAQueryConfirmTimer, 200); /* 200ms */
/* transmit the frame */
MiniportMMRequest(pAd, QID_MGMT, pOutBuffer, FrameLen);
os_free_mem(NULL, pOutBuffer);
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s - Send SA Query Request to STA(%02x:%02x:%02x:%02x:%02x:%02x)\n",
__FUNCTION__, PRINT_MAC(pEntry->Addr)));
}
}
VOID PMF_PeerSAQueryReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
UCHAR Action = Elem->Msg[LENGTH_802_11+1];
if (Action == ACTION_SAQ_REQUEST)
{
PMAC_TABLE_ENTRY pEntry;
PFRAME_802_11 pHeader;
USHORT TransactionID;
PUCHAR pOutBuffer = NULL;
HEADER_802_11 SAQRspHdr;
UINT32 FrameLen = 0;
UCHAR SACategoryType, SAActionType;
//UINT ccmp_len = LEN_CCMP_HDR + LEN_CCMP_MIC;
//UCHAR ccmp_buf[ccmp_len];
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s : Receive SA Query Request\n", __FUNCTION__));
pHeader = (PFRAME_802_11) Elem->Msg;
pEntry = MacTableLookup(pAd, pHeader->Hdr.Addr2);
if (!pEntry)
{
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s : Entry is not found, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pHeader->Hdr.Addr2)));
return;
}
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE)))
{
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s : Entry is not PMF capable, STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pHeader->Hdr.Addr2)));
return;
}
NdisMoveMemory(&TransactionID, &Elem->Msg[LENGTH_802_11+2], sizeof(USHORT));
/* Response the SA Query */
os_alloc_mem(NULL, (UCHAR **)&pOutBuffer, MAX_LEN_OF_MLME_BUFFER);
if(pOutBuffer == NULL)
return;
#ifdef CONFIG_AP_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_AP(pAd)
{
MgtMacHeaderInit(pAd, &SAQRspHdr, SUBTYPE_ACTION, 0, pHeader->Hdr.Addr2,
pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid,
pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid);
}
#endif /* CONFIG_AP_SUPPORT */
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
MgtMacHeaderInit(pAd, &SAQRspHdr, SUBTYPE_ACTION, 0, pHeader->Hdr.Addr2,
pAd->CurrentAddress,
pHeader->Hdr.Addr2);
}
#endif /* CONFIG_STA_SUPPORT */
SACategoryType = CATEGORY_SA;
SAActionType = ACTION_SAQ_RESPONSE;
MakeOutgoingFrame(pOutBuffer, (ULONG *) &FrameLen,
sizeof(HEADER_802_11), &SAQRspHdr,
1, &SACategoryType,
1, &SAActionType,
2, &TransactionID,
END_OF_ARGS);
/* transmit the frame */
MiniportMMRequest(pAd, QID_MGMT, pOutBuffer, FrameLen);
os_free_mem(NULL, pOutBuffer);
MTWF_LOG(DBG_CAT_ALL, DBG_SUBCAT_ALL, DBG_LVL_ERROR, ("[PMF]%s - Send SA Query Response to STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(SAQRspHdr.Addr1)));
}
VOID ap_cmm_peer_assoc_req_action(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem,
IN BOOLEAN isReassoc)
{
IE_LISTS *ie_list = NULL;
HEADER_802_11 AssocRspHdr;
USHORT CapabilityInfoForAssocResp;
USHORT StatusCode = MLME_SUCCESS;
USHORT Aid;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
UCHAR MaxSupportedRate = 0;
UCHAR SupRateLen, PhyMode, FlgIs11bSta;
UCHAR i;
MAC_TABLE_ENTRY *pEntry;
#ifdef DBG
UCHAR *sAssoc = isReassoc ? (PUCHAR)"ReASSOC" : (PUCHAR)"ASSOC";
#endif /* DBG */
UCHAR SubType;
BOOLEAN bACLReject = FALSE;
#ifdef DOT1X_SUPPORT
PUINT8 pPmkid = NULL;
UINT8 pmkid_count = 0;
#endif /* DOT1X_SUPPORT */
MULTISSID_STRUCT *wdev;
/* allocate memory */
os_alloc_mem(NULL, (UCHAR **)&ie_list, sizeof(IE_LISTS));
if (ie_list == NULL) {
DBGPRINT(RT_DEBUG_ERROR, ("%s(): mem alloc failed\n", __FUNCTION__));
return;
}
NdisZeroMemory(ie_list, sizeof(IE_LISTS));
if (!PeerAssocReqCmmSanity(pAd, isReassoc, Elem->Msg, Elem->MsgLen, ie_list))
goto LabelOK;
/* check if AP address is same as us */
/* TODO */
/* goto label_err; */
pEntry = MacTableLookup(pAd, ie_list->Addr2);
if (!pEntry) {
DBGPRINT(RT_DEBUG_ERROR, ("NoAuth MAC - %02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(ie_list->Addr2)));
goto LabelOK;
}
if (!VALID_MBSS(pAd, pEntry->apidx)) {
DBGPRINT(RT_DEBUG_ERROR, ("%s():pEntry bounding invalid wdev(apidx=%d)\n",
__FUNCTION__, pEntry->apidx));
goto LabelOK;
}
wdev = &pAd->ApCfg.MBSSID[pEntry->apidx];
PhyMode = wdev->PhyMode;
FlgIs11bSta = 1;
for(i=0; i<ie_list->SupportedRatesLen; i++)
{
if (((ie_list->SupportedRates[i] & 0x7F) != 2) &&
((ie_list->SupportedRates[i] & 0x7F) != 4) &&
((ie_list->SupportedRates[i] & 0x7F) != 11) &&
((ie_list->SupportedRates[i] & 0x7F) != 22))
{
FlgIs11bSta = 0;
break;
}
}
/* clear the previous Pairwise key table */
if(pEntry->Aid != 0 &&
(pEntry->WepStatus >= Ndis802_11Encryption2Enabled
#ifdef DOT1X_SUPPORT
|| wdev->IEEE8021X
#endif /* DOT1X_SUPPORT */
))
{
/* clear GTK state */
pEntry->GTKState = REKEY_NEGOTIATING;
NdisZeroMemory(&pEntry->PairwiseKey, sizeof(CIPHER_KEY));
/* clear this entry as no-security mode */
AsicRemovePairwiseKeyEntry(pAd, pEntry->Aid);
#ifdef DOT1X_SUPPORT
/* Notify 802.1x daemon to clear this sta info */
if (pEntry->AuthMode == Ndis802_11AuthModeWPA ||
pEntry->AuthMode == Ndis802_11AuthModeWPA2 ||
wdev->IEEE8021X)
DOT1X_InternalCmdAction(pAd, pEntry, DOT1X_DISCONNECT_ENTRY);
#endif /* DOT1X_SUPPORT */
}
/* for hidden SSID sake, SSID in AssociateRequest should be fully verified */
if ((ie_list->SsidLen != wdev->SsidLen) ||
(NdisEqualMemory(ie_list->Ssid, wdev->Ssid, ie_list->SsidLen)==0))
goto LabelOK;
/* set a flag for sending Assoc-Fail response to unwanted STA later. */
if (! ApCheckAccessControlList(pAd, ie_list->Addr2, pEntry->apidx))
bACLReject = TRUE;
DBGPRINT(RT_DEBUG_TRACE, ("%s - MBSS(%d), receive %s request from %02x:%02x:%02x:%02x:%02x:%02x\n",
sAssoc, pEntry->apidx, sAssoc, PRINT_MAC(ie_list->Addr2)));
/* supported rates array may not be sorted. sort it and find the maximum rate */
for (i=0; i<ie_list->SupportedRatesLen; i++)
{
if (MaxSupportedRate < (ie_list->SupportedRates[i] & 0x7f))
MaxSupportedRate = ie_list->SupportedRates[i] & 0x7f;
}
/*
Assign RateLen here or we will select wrong rate table in
APBuildAssociation() when 11N compile option is disabled.
*/
pEntry->RateLen = ie_list->SupportedRatesLen;
RTMPSetSupportMCS(pAd,
OPMODE_AP,
pEntry,
ie_list->SupportedRates,
ie_list->SupportedRatesLen,
NULL,
0,
#ifdef DOT11_VHT_AC
ie_list->vht_cap_len,
&ie_list->vht_cap,
#endif /* DOT11_VHT_AC */
&ie_list->HTCapability,
ie_list->ht_cap_len);
/* 2. qualify this STA's auth_asoc status in the MAC table, decide StatusCode */
StatusCode = APBuildAssociation(pAd, pEntry, ie_list, MaxSupportedRate, &Aid);
#ifdef DOT11_VHT_AC
if (ie_list->vht_cap_len)
{
VHT_CAP_INFO *vht_cap = &ie_list->vht_cap.vht_cap;
//+++Add by shiang for debug
if (WMODE_CAP_AC(pAd->CommonCfg.PhyMode)) {
DBGPRINT(RT_DEBUG_TRACE, ("%s():Peer is VHT capable device!\n", __FUNCTION__));
//dump_vht_cap(pAd, &ie_list->vht_cap);
}
//---Add by shiang for debug
}
#endif /* DOT11_VHT_AC */
if (StatusCode == MLME_ASSOC_REJ_DATA_RATE)
RTMPSendWirelessEvent(pAd, IW_STA_MODE_EVENT_FLAG, pEntry->Addr, pEntry->apidx, 0);
/* 3. send Association Response */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
goto LabelOK;
DBGPRINT(RT_DEBUG_TRACE, ("%s - Send %s response (Status=%d)...\n", sAssoc, sAssoc, StatusCode));
Aid |= 0xc000; /* 2 most significant bits should be ON */
SubType = isReassoc ? SUBTYPE_REASSOC_RSP : SUBTYPE_ASSOC_RSP;
CapabilityInfoForAssocResp = wdev->CapabilityInfo; /*use AP's cability */
/* fail in ACL checking => send an Assoc-Fail resp. */
SupRateLen = pAd->CommonCfg.SupRateLen;
/* TODO: need to check rate in support rate element, not number */
if (FlgIs11bSta == 1)
SupRateLen = 4;
if (bACLReject == TRUE)
{
MgtMacHeaderInit(pAd, &AssocRspHdr, SubType, 0, ie_list->Addr2,
wdev->Bssid);
StatusCode = MLME_UNSPECIFY_FAIL;
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AssocRspHdr,
2, &CapabilityInfoForAssocResp,
2, &StatusCode,
2, &Aid,
1, &SupRateIe,
1, &SupRateLen,
SupRateLen, pAd->CommonCfg.SupRate,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, (PVOID) pOutBuffer);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, ie_list->Addr2, pEntry->apidx, 0);
goto LabelOK;
}
MgtMacHeaderInit(pAd, &AssocRspHdr, SubType, 0, ie_list->Addr2,
wdev->Bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AssocRspHdr,
2, &CapabilityInfoForAssocResp,
2, &StatusCode,
2, &Aid,
1, &SupRateIe,
1, &SupRateLen,
SupRateLen, pAd->CommonCfg.SupRate,
END_OF_ARGS);
if ((pAd->CommonCfg.ExtRateLen) && (PhyMode != WMODE_B) && (FlgIs11bSta == 0))
{
ULONG TmpLen;
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &ExtRateIe,
1, &pAd->CommonCfg.ExtRateLen,
pAd->CommonCfg.ExtRateLen, pAd->CommonCfg.ExtRate,
END_OF_ARGS);
FrameLen += TmpLen;
}
/* add WMM IE here */
if (wdev->bWmmCapable && CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE))
{
ULONG TmpLen;
UCHAR WmeParmIe[26] = {IE_VENDOR_SPECIFIC, 24, 0x00, 0x50, 0xf2, 0x02, 0x01, 0x01, 0, 0};
WmeParmIe[8] = pAd->ApCfg.BssEdcaParm.EdcaUpdateCount & 0x0f;
#ifdef UAPSD_SUPPORT
UAPSD_MR_IE_FILL(WmeParmIe[8], &wdev->UapsdInfo);
#endif /* UAPSD_SUPPORT */
for (i=QID_AC_BE; i<=QID_AC_VO; i++)
{
WmeParmIe[10+ (i*4)] = (i << 5) + /* b5-6 is ACI */
((UCHAR)pAd->ApCfg.BssEdcaParm.bACM[i] << 4) + /* b4 is ACM */
(pAd->ApCfg.BssEdcaParm.Aifsn[i] & 0x0f); /* b0-3 is AIFSN */
WmeParmIe[11+ (i*4)] = (pAd->ApCfg.BssEdcaParm.Cwmax[i] << 4) + /* b5-8 is CWMAX */
(pAd->ApCfg.BssEdcaParm.Cwmin[i] & 0x0f); /* b0-3 is CWMIN */
WmeParmIe[12+ (i*4)] = (UCHAR)(pAd->ApCfg.BssEdcaParm.Txop[i] & 0xff); /* low byte of TXOP */
WmeParmIe[13+ (i*4)] = (UCHAR)(pAd->ApCfg.BssEdcaParm.Txop[i] >> 8); /* high byte of TXOP */
}
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
26, WmeParmIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
static void ap_assoc_info_debugshow(
IN RTMP_ADAPTER *pAd,
IN BOOLEAN isReassoc,
IN MAC_TABLE_ENTRY *pEntry,
IN IE_LISTS *ie_list)
{
#ifdef DBG
PUCHAR sAssoc = isReassoc ? (PUCHAR)"ReASSOC" : (PUCHAR)"ASSOC";
#endif /* DBG */
MULTISSID_STRUCT *wdev;
wdev = &pAd->ApCfg.MBSSID[pEntry->apidx];
DBGPRINT(RT_DEBUG_TRACE, ("%s - \n\tAssign AID=%d to STA %02x:%02x:%02x:%02x:%02x:%02x\n",
sAssoc, pEntry->Aid, PRINT_MAC(pEntry->Addr)));
#ifdef DOT11_N_SUPPORT
if (ie_list->ht_cap_len && WMODE_CAP_N(pAd->CommonCfg.PhyMode))
{
assoc_ht_info_debugshow(pAd, pEntry, ie_list->ht_cap_len, &ie_list->HTCapability);
DBGPRINT(RT_DEBUG_TRACE, ("\n%s - Update AP OperaionMode=%d , fAnyStationIsLegacy=%d, fAnyStation20Only=%d, fAnyStationNonGF=%d\n\n",
sAssoc,
pAd->CommonCfg.AddHTInfo.AddHtInfo2.OperaionMode,
pAd->MacTab.fAnyStationIsLegacy,
pAd->MacTab.fAnyStation20Only,
pAd->MacTab.fAnyStationNonGF));
#ifdef DOT11N_DRAFT3
DBGPRINT(RT_DEBUG_TRACE, ("\tExt Cap Info: \n"));
DBGPRINT(RT_DEBUG_TRACE, ("\t\tBss2040CoexistMgmt=%d\n", pEntry->BSS2040CoexistenceMgmtSupport));
#endif /* DOT11N_DRAFT3 */
#ifdef DOT11_VHT_AC
if ((ie_list->vht_cap_len) &&
WMODE_CAP_N(pAd->CommonCfg.PhyMode) &&
(pAd->CommonCfg.Channel > 14))
{
assoc_vht_info_debugshow(pAd, pEntry, &ie_list->vht_cap, NULL);
}
#endif /* DOT11_VHT_AC */
}
else
#endif /* DOT11_N_SUPPORT */
{
DBGPRINT(RT_DEBUG_TRACE, ("%s - legacy STA\n", sAssoc));
DBGPRINT(RT_DEBUG_TRACE, ("\n%s - MODE=%d, MCS=%d\n", sAssoc,
pEntry->HTPhyMode.field.MODE, pEntry->HTPhyMode.field.MCS));
}
DBGPRINT(RT_DEBUG_TRACE, ("\tAuthMode=%d, WepStatus=%d, WpaState=%d, GroupKeyWepStatus=%d\n",
pEntry->AuthMode, pEntry->WepStatus, pEntry->WpaState, wdev->GroupKeyWepStatus));
DBGPRINT(RT_DEBUG_TRACE, ("\tWMMCap=%d, RalinkAgg=%d, PiggyBack=%d, RDG=%d, TxAMSDU=%d, IdleTimeout=%d\n",
CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE),
CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_AGGREGATION_CAPABLE),
CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PIGGYBACK_CAPABLE),
CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_RDG_CAPABLE),
CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_AMSDU_INUSED),
pEntry->StaIdleTimeout));
}
INT PMF_EncryptUniRobustFrameAction(
IN PRTMP_ADAPTER pAd,
IN PUCHAR pMgmtFrame,
IN UINT mgmt_len)
{
PMAC_TABLE_ENTRY pEntry = NULL;
PHEADER_802_11 pHdr = (PHEADER_802_11)pMgmtFrame;
INT data_len;
PUCHAR pBuf;
INT Status;
/* Check if the length is valid */
data_len = mgmt_len - (LENGTH_802_11 + LEN_CCMP_HDR + LEN_CCMP_MIC);
if (data_len <= 0)
{
DBGPRINT(RT_DEBUG_ERROR, ("%s : The payload length(%d) is invalid\n",
__FUNCTION__, data_len));
return PMF_UNICAST_ENCRYPT_FAILURE;
}
/* Look up the entry through Address 1 of 802.11 header */
#ifdef CONFIG_AP_SUPPORT
pEntry = MacTableLookup(pAd, pHdr->Addr1);
#endif /* CONFIG_AP_SUPPORT */
if (pEntry == NULL)
{
DBGPRINT(RT_DEBUG_ERROR, ("%s : The entry doesn't exist\n", __FUNCTION__));
return PMF_UNICAST_ENCRYPT_FAILURE;
}
/* check the PMF capable for this entry */
if (CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE) == FALSE)
{
DBGPRINT(RT_DEBUG_ERROR,("%s : the entry no PMF capable !\n", __FUNCTION__));
return PMF_UNICAST_ENCRYPT_FAILURE;
}
/* Allocate a buffer for building PMF packet */
Status = MlmeAllocateMemory(pAd, &pBuf);
if (Status != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_ERROR,("%s : allocate PMF buffer fail!\n", __FUNCTION__));
return PMF_UNICAST_ENCRYPT_FAILURE;
}
/* Construct and insert 8-bytes CCMP header to MPDU header */
RTMPConstructCCMPHdr(0, pEntry->PmfTxTsc, pBuf);
NdisMoveMemory(pBuf + LEN_CCMP_HDR,
&pHdr->Octet[0],
data_len);
// Encrypt the MPDU data by software
RTMPSoftEncryptCCMP(pAd,
(PUCHAR)pHdr,
pEntry->PmfTxTsc,
pEntry->PairwiseKey.Key,
pBuf + LEN_CCMP_HDR,
data_len);
data_len += (LEN_CCMP_HDR + LEN_CCMP_MIC);
NdisMoveMemory(&pHdr->Octet[0], pBuf, data_len);
/* TSC increment for next transmittion */
INC_TX_TSC(pEntry->PmfTxTsc, LEN_WPA_TSC);
MlmeFreeMemory(pAd, pBuf);
return PMF_STATUS_SUCCESS;
}
/*
========================================================================
Routine Description:
Decide if the frame is PMF Robust frame
Arguments:
pHdr : pointer to the 802.11 header
pFrame : point to frame body. It exclude the 802.11 header
frame_len : the frame length without 802.11 header
Return Value:
NOT_ROBUST_FRAME
UNICAST_ROBUST_FRAME
GROUP_ROBUST_FRAME
Note:
========================================================================
*/
INT PMF_RobustFrameClassify(
IN PHEADER_802_11 pHdr,
IN PUCHAR pFrame,
IN UINT frame_len,
IN PUCHAR pData,
IN BOOLEAN IsRx)
{
PMAC_TABLE_ENTRY pEntry = pData;
if ((pHdr->FC.Type != BTYPE_MGMT) || (frame_len <= 0))
return NORMAL_FRAME;
/* Classify the frame */
switch (pHdr->FC.SubType)
{
case SUBTYPE_DISASSOC:
case SUBTYPE_DEAUTH:
break;
case SUBTYPE_ACTION:
{
if ((IsRx == FALSE)
|| (IsRx && (pHdr->FC.Wep == 0)))
{
UCHAR Category = (UCHAR) (pHdr->Octet[0]);
switch (Category)
{
/* Refer to IEEE 802.11w Table7-24 */
case CATEGORY_SPECTRUM:
case CATEGORY_QOS:
case CATEGORY_DLS:
case CATEGORY_BA:
case CATEGORY_RM:
case CATEGORY_FT:
case CATEGORY_SA:
case CATEGORY_PD:
case CATEGORY_VSP:
break;
default:
return NORMAL_FRAME;
}
}
break;
}
default:
return NORMAL_FRAME;
}
if (pHdr->Addr1[0] & 0x01) /* Broadcast frame */
{
UINT8 offset_mmie;
if (frame_len <= (LEN_PMF_MMIE + 2))
return NOT_ROBUST_GROUP_FRAME;
/* The offset of MMIE */
offset_mmie = frame_len - (LEN_PMF_MMIE + 2);
/* check if this is a group Robust frame */
if (((*(pFrame + offset_mmie)) == IE_PMF_MMIE) &&
((*(pFrame + offset_mmie + 1)) == LEN_PMF_MMIE))
return GROUP_ROBUST_FRAME;
else
return NOT_ROBUST_GROUP_FRAME;
}
/* Unicast frame */
else if (pEntry == NULL)
return NORMAL_FRAME;
else if (!CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
return NORMAL_FRAME;
else if (CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE) && (pHdr->FC.Wep == 0) && IsRx)
return NOT_ROBUST_UNICAST_FRAME;
else if (((IsRx == TRUE) && (pHdr->FC.Wep == 1)) || (IsRx == FALSE))
return UNICAST_ROBUST_FRAME;
return ERROR_FRAME;
}
/*
========================================================================
Description:
This routine frees all packets in PSQ that's destined to a specific DA.
BCAST/MCAST in DTIMCount=0 case is also handled here, just like a PS-POLL
is received from a WSTA which has MAC address FF:FF:FF:FF:FF:FF
========================================================================
*/
VOID RtmpHandleRxPsPoll(RTMP_ADAPTER *pAd, UCHAR *pAddr, USHORT wcid, BOOLEAN isActive)
{
QUEUE_ENTRY *pQEntry;
MAC_TABLE_ENTRY *pMacEntry;
unsigned long IrqFlags;
/*
DBGPRINT(RT_DEBUG_TRACE, ("rcv PS-POLL (AID=%d) from %02x:%02x:%02x:%02x:%02x:%02x\n",
Aid, PRINT_MAC(pAddr)));
*/
pMacEntry = &pAd->MacTab.Content[wcid];
if (RTMPEqualMemory(pMacEntry->Addr, pAddr, MAC_ADDR_LEN))
{
#ifdef DROP_MASK_SUPPORT
/* Disable Drop Mask */
set_drop_mask_per_client(pAd, pMacEntry, 2, 0);
#endif /* DROP_MASK_SUPPORT */
#ifdef PS_ENTRY_MAITENANCE
pMacEntry->continuous_ps_count = 0;
#endif /* PS_ENTRY_MAITENANCE */
/* Sta is change to Power Active stat. Reset ContinueTxFailCnt */
pMacEntry->ContinueTxFailCnt = 0;
#ifdef UAPSD_SUPPORT
if (UAPSD_MR_IS_ALL_AC_UAPSD(isActive, pMacEntry))
{
/*
IEEE802.11e spec.
11.2.1.7 Receive operation for STAs in PS mode during the CP
When a non-AP QSTA that is using U-APSD and has all ACs
delivery-enabled detects that the bit corresponding to its AID
is set in the TIM, the non-AP QSTA shall issue a trigger frame
or a PS-Poll frame to retrieve the buffered MSDU or management
frames.
WMM Spec. v1.1a 070601
3.6.2 U-APSD STA Operation
3.6.2.3 In case one or more ACs are not
delivery-enabled ACs, the WMM STA may retrieve MSDUs and
MMPDUs belonging to those ACs by sending PS-Polls to the WMM AP.
In case all ACs are delivery enabled ACs, WMM STA should only
use trigger frames to retrieve MSDUs and MMPDUs belonging to
those ACs, and it should not send PS-Poll frames.
Different definitions in IEEE802.11e and WMM spec.
But we follow the WiFi WMM Spec.
*/
DBGPRINT(RT_DEBUG_TRACE, ("All AC are UAPSD, can not use PS-Poll\n"));
return; /* all AC are U-APSD, can not use PS-Poll */
}
#endif /* UAPSD_SUPPORT */
RTMP_IRQ_LOCK(&pAd->irq_lock, IrqFlags);
if (isActive == FALSE)
{
if (pMacEntry->PsQueue.Head)
{
#ifdef UAPSD_SUPPORT
UINT32 NumOfOldPsPkt;
NumOfOldPsPkt = pAd->TxSwQueue[QID_AC_BE].Number;
#endif /* UAPSD_SUPPORT */
pQEntry = RemoveHeadQueue(&pMacEntry->PsQueue);
if ( pMacEntry->PsQueue.Number >=1 )
RTMP_SET_PACKET_MOREDATA(RTPKT_TO_OSPKT(pQEntry), TRUE);
InsertTailQueueAc(pAd, pMacEntry, &pAd->TxSwQueue[QID_AC_BE], pQEntry);
#ifdef UAPSD_SUPPORT
/* we need to call RTMPDeQueuePacket() immediately as below */
if (NumOfOldPsPkt != pAd->TxSwQueue[QID_AC_BE].Number)
{
if (RTMP_GET_PACKET_DHCP(RTPKT_TO_OSPKT(pQEntry)) ||
RTMP_GET_PACKET_EAPOL(RTPKT_TO_OSPKT(pQEntry)) ||
RTMP_GET_PACKET_WAI(RTPKT_TO_OSPKT(pQEntry)))
{
/*
These packets will use 1M/6M rate to send.
If you use 1M(2.4G)/6M(5G) to send, no statistics
count in NICUpdateFifoStaCounters().
So we can not count it for UAPSD; Or the SP will
not closed until timeout.
*/
}
else
UAPSD_MR_MIX_PS_POLL_RCV(pAd, pMacEntry);
}
#endif /* UAPSD_SUPPORT */
}
else
{
/*
or transmit a (QoS) Null Frame;
In addtion, in Station Keep Alive mechanism, we need to
send a QoS Null frame to detect the station live status.
*/
BOOLEAN bQosNull = FALSE;
if (CLIENT_STATUS_TEST_FLAG(pMacEntry, fCLIENT_STATUS_WMM_CAPABLE))
bQosNull = TRUE;
RtmpEnqueueNullFrame(pAd, pMacEntry->Addr, pMacEntry->CurrTxRate,
pMacEntry->Aid, pMacEntry->apidx,
bQosNull, TRUE, 0);
}
}
else
{
#ifdef UAPSD_SUPPORT
/* deliver all queued UAPSD packets */
UAPSD_AllPacketDeliver(pAd, pMacEntry);
/* end the SP if exists */
UAPSD_MR_ENTRY_RESET(pAd, pMacEntry);
#endif /* UAPSD_SUPPORT */
while(pMacEntry->PsQueue.Head)
{
pQEntry = RemoveHeadQueue(&pMacEntry->PsQueue);
InsertTailQueueAc(pAd, pMacEntry, &pAd->TxSwQueue[QID_AC_BE], pQEntry);
}
}
if ((pMacEntry->Aid > 0) && (pMacEntry->Aid < MAX_LEN_OF_MAC_TABLE) &&
(pMacEntry->PsQueue.Number == 0))
{
/* clear corresponding TIM bit because no any PS packet */
#ifdef CONFIG_AP_SUPPORT
if(pMacEntry->wdev->wdev_type == WDEV_TYPE_AP)
{
WLAN_MR_TIM_BIT_CLEAR(pAd, pMacEntry->apidx, pMacEntry->Aid);
}
#endif /* CONFIG_AP_SUPPORT */
pMacEntry->PsQIdleCount = 0;
}
RTMP_IRQ_UNLOCK(&pAd->irq_lock, IrqFlags);
/*
Dequeue outgoing frames from TxSwQueue0..3 queue and process it
TODO: 2004-12-27 it's not a good idea to handle "More Data" bit here.
because the RTMPDeQueue process doesn't guarantee to de-queue the
desired MSDU from the corresponding TxSwQueue/PsQueue when QOS
in-used. We should consider "HardTransmt" this MPDU using MGMT
queue or things like that.
*/
RTMPDeQueuePacket(pAd, FALSE, NUM_OF_TX_RING, MAX_TX_PROCESS);
}
else
{
DBGPRINT(RT_DEBUG_ERROR,("rcv PS-POLL (AID=%d not match) from %02x:%02x:%02x:%02x:%02x:%02x\n",
pMacEntry->Aid, PRINT_MAC(pAddr)));
}
}
/*
========================================================================
Description:
This routine frees all packets in PSQ that's destined to a specific DA.
BCAST/MCAST in DTIMCount=0 case is also handled here, just like a PS-POLL
is received from a WSTA which has MAC address FF:FF:FF:FF:FF:FF
========================================================================
*/
VOID MtHandleRxPsPoll(RTMP_ADAPTER *pAd, UCHAR *pAddr, USHORT wcid, BOOLEAN isActive)
{
#ifdef CONFIG_AP_SUPPORT
#if defined(MT_PS) || defined(UAPSD_SUPPORT)
MAC_TABLE_ENTRY *pMacEntry;
#endif
STA_TR_ENTRY *tr_entry;
BOOLEAN IsDequeu= FALSE;
INT DequeuAC = QID_AC_BE;
INT DequeuCOUNT;
#ifdef MT_PS
INT i, Total_Packet_Number = 0;
#endif /* MT_PS */
//struct tx_swq_fifo *fifo_swq;
ASSERT(wcid < MAX_LEN_OF_MAC_TABLE);
#if defined(MT_PS) || defined(UAPSD_SUPPORT)
pMacEntry = &pAd->MacTab.Content[wcid];
#endif
tr_entry = &pAd->MacTab.tr_entry[wcid];
if (isActive == FALSE) /* ps poll */
{
#ifdef MT_PS
if (tr_entry->ps_state == APPS_RETRIEVE_DONE) /*state is finish(sleep)*/
{
if (pMacEntry->i_psm == I_PSM_DISABLE)
{
MT_SET_IGNORE_PSM(pAd, pMacEntry, I_PSM_ENABLE);
}
}
if(tr_entry->ps_state == APPS_RETRIEVE_DONE || tr_entry->ps_state == APPS_RETRIEVE_IDLE)
{
for (i = 0; i < WMM_QUE_NUM; i++)
Total_Packet_Number = Total_Packet_Number + tr_entry->tx_queue[i].Number;
if (Total_Packet_Number > 0)
{
{
DBGPRINT(RT_DEBUG_TRACE | DBG_FUNC_PS, ("RtmpHandleRxPsPoll fetch tx queue tr_entry->ps_queue.Number= %x tr_entry->tx_queue[0].Number=%x Total_Packet_Number=%x\n",
tr_entry->ps_queue.Number, tr_entry->tx_queue[QID_AC_BE].Number, Total_Packet_Number));
for (i = (WMM_QUE_NUM - 1); i >=0; i--)
{
if (tr_entry->tx_queue[i].Head)
{
if (Total_Packet_Number > 1)
{
RTMP_SET_PACKET_MOREDATA(RTPKT_TO_OSPKT(tr_entry->tx_queue[i].Head), TRUE);
}
RTMP_SET_PACKET_TXTYPE(RTPKT_TO_OSPKT(tr_entry->tx_queue[i].Head), TX_LEGACY_FRAME);
DequeuAC = i;
IsDequeu = TRUE;
DequeuCOUNT = 1;
tr_entry->PsQIdleCount = 0;
break;
}
}
}
}
else /* Recieve ps_poll but no packet==>send NULL Packet */
{
BOOLEAN bQosNull = FALSE;
DBGPRINT(RT_DEBUG_INFO | DBG_FUNC_PS, ("RtmpHandleRxPsPoll no packet tr_entry->ps_queue.Number= %x tr_entry->tx_queue[0].Number=%x Total_Packet_Number=%x\n"
,tr_entry->ps_queue.Number, tr_entry->tx_queue[QID_AC_BE].Number, Total_Packet_Number));
if (CLIENT_STATUS_TEST_FLAG(pMacEntry, fCLIENT_STATUS_WMM_CAPABLE))
bQosNull = TRUE;
RtmpEnqueueNullFrame(pAd, pMacEntry->Addr, tr_entry->CurrTxRate,
pMacEntry->Aid, pMacEntry->func_tb_idx,
bQosNull, TRUE, 0);
}
if (Total_Packet_Number >1)
{
WLAN_MR_TIM_BIT_SET(pAd, tr_entry->func_tb_idx, tr_entry->wcid);
}
else
{
WLAN_MR_TIM_BIT_CLEAR(pAd, tr_entry->func_tb_idx, tr_entry->wcid);
}
} else
tr_entry->PsDeQWaitCnt = 0;
#else
/*
Need to check !! @20140212
New architecture has per AC sw-Q for per entry.
We should check packets by ACs priority --> 1. VO, 2. VI, 3. BE, 4. BK
*/
DequeuAC = QID_AC_BE;
IsDequeu = TRUE;
DequeuCOUNT = 1;
tr_entry->PsQIdleCount = 0;
#endif /* Ps_poll and ifndef MT_PS */
}
else /* Receive Power bit 0 frame */
{
WLAN_MR_TIM_BIT_CLEAR(pAd, tr_entry->func_tb_idx, tr_entry->wcid);
#ifdef MT_PS
if (pMacEntry->i_psm == I_PSM_ENABLE)
{
MT_SET_IGNORE_PSM(pAd, pMacEntry, I_PSM_DISABLE);
}
#endif /*Power bit is 1 and ifndef MT_PS */
DBGPRINT(RT_DEBUG_INFO | DBG_FUNC_PS, ("RtmpHandleRxPsPoll null0/1 wcid = %x mt_ps_queue.Number = %d\n",
tr_entry->wcid,
tr_entry->ps_queue.Number));
DBGPRINT(RT_DEBUG_INFO | DBG_FUNC_PS, ("%s(%d) tx_queue.Number = BE:%d, BK:%d, VI:%d, VO:%d, ps_state:%x, tx_queue.TokenCount = BE:%d, BK:%d, VI:%d, VO:%d\n",
__FUNCTION__, __LINE__,
tr_entry->tx_queue[QID_AC_BE].Number,
tr_entry->tx_queue[QID_AC_BK].Number,
tr_entry->tx_queue[QID_AC_VI].Number,
tr_entry->tx_queue[QID_AC_VO].Number,
tr_entry->ps_state,
tr_entry->TokenCount[QID_AC_BE],
tr_entry->TokenCount[QID_AC_BK],
tr_entry->TokenCount[QID_AC_VI],
tr_entry->TokenCount[QID_AC_VO]));
#ifdef UAPSD_SUPPORT
if (CLIENT_STATUS_TEST_FLAG(pMacEntry, fCLIENT_STATUS_APSD_CAPABLE))
{
/* deliver all queued UAPSD packets */
UAPSD_AllPacketDeliver(pAd, pMacEntry);
/* end the SP if exists */
UAPSD_MR_ENTRY_RESET(pAd, pMacEntry);
}
#endif /* UAPSD_SUPPORT */
if (tr_entry->enqCount > 0)
{
IsDequeu = TRUE;
DequeuAC = NUM_OF_TX_RING;
if (tr_entry->enqCount > MAX_TX_PROCESS)
{
DequeuCOUNT = MAX_TX_PROCESS;
rtmp_ps_enq(pAd,tr_entry);
}
else
{
DequeuCOUNT = tr_entry->enqCount;
}
}
}
if (IsDequeu == TRUE)
{
RTMPDeQueuePacket(pAd, FALSE, DequeuAC, tr_entry->wcid, DequeuCOUNT);
DBGPRINT(RT_DEBUG_INFO | DBG_FUNC_PS, ("RtmpHandleRxPsPoll IsDequeu == TRUE tr_entry->wcid=%x DequeuCOUNT=%d, ps_state=%d\n",tr_entry->wcid, DequeuCOUNT, tr_entry->ps_state));
}
return;
#endif /* CONFIG_AP_SUPPORT */
}
static VOID APPeerAuthReqAtIdleAction(RTMP_ADAPTER *pAd, MLME_QUEUE_ELEM *Elem)
{
INT i;
USHORT RspReason;
AUTH_FRAME_INFO auth_info;
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
STA_TR_ENTRY *tr_entry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
BSS_STRUCT *pMbss;
struct wifi_dev *wdev;
if (pAd->ApCfg.BANClass3Data == TRUE)
{
DBGPRINT(RT_DEBUG_TRACE, ("Disallow new Association\n"));
return;
}
if (!APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, &auth_info))
return;
/* Find which MBSSID to be authenticate */
apidx = get_apidx_by_addr(pAd, auth_info.addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
pMbss = &pAd->ApCfg.MBSSID[apidx];
wdev = &pMbss->wdev;
ASSERT((wdev->func_idx == apidx));
if ((wdev->if_dev == NULL) || ((wdev->if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(wdev->if_dev))))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
}
pEntry = MacTableLookup(pAd, auth_info.addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
tr_entry = &pAd->MacTab.tr_entry[pEntry->wcid];
#ifdef DOT11W_PMF_SUPPORT
if ((CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
&& (tr_entry->PortSecured == WPA_802_1X_PORT_SECURED))
goto SendAuth;
#endif /* DOT11W_PMF_SUPPORT */
if (!RTMPEqualMemory(auth_info.addr1, pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
#ifdef DOT11W_PMF_SUPPORT
SendAuth:
#endif /* DOT11W_PMF_SUPPORT */
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, auth_info.auth_seq, auth_info.auth_alg,
auth_info.auth_status, Elem->Wcid,
PRINT_MAC(auth_info.addr2)));
#ifdef WSC_V2_SUPPORT
/* Do not check ACL when WPS V2 is enabled and ACL policy is positive. */
if ((pMbss->WscControl.WscConfMode != WSC_DISABLE) &&
(pMbss->WscControl.WscV2Info.bEnableWpsV2) &&
(pMbss->WscControl.WscV2Info.bWpsEnable) &&
(pMbss->AccessControlList.Policy == 1))
;
else
#endif /* WSC_V2_SUPPORT */
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, auth_info.addr2, apidx))
{
ASSERT(auth_info.auth_seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, auth_info.addr2, wdev->wdev_idx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((auth_info.auth_alg == AUTH_MODE_OPEN) &&
(pMbss->wdev.AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, auth_info.addr2, wdev, ENTRY_CLIENT, OPMODE_AP, TRUE);
if (pEntry)
{
tr_entry = &pAd->MacTab.tr_entry[pEntry->wcid];
#ifdef DOT11W_PMF_SUPPORT
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
|| (tr_entry->PortSecured != WPA_802_1X_PORT_SECURED))
#endif /* DOT11W_PMF_SUPPORT */
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((auth_info.auth_alg == AUTH_MODE_KEY) &&
((wdev->AuthMode == Ndis802_11AuthModeShared)
|| (wdev->AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, auth_info.addr2, wdev, ENTRY_CLIENT, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, auth_info.addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
auth_info.auth_seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, auth_info.addr2,
wdev->if_addr,
wdev->bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &auth_info.auth_alg,
2, &auth_info.auth_seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
auth_info.auth_alg, auth_info.auth_seq, pAd->ApCfg.MBSSID[apidx].wdev.AuthMode));
}
}
INT PMF_ExtractBIPAction(
IN PRTMP_ADAPTER pAd,
INOUT PUCHAR pMgmtFrame,
IN UINT mgmt_len)
{
PPMF_CFG pPmfCfg = NULL;
PMAC_TABLE_ENTRY pEntry = NULL;
PHEADER_802_11 pHeader = (PHEADER_802_11)pMgmtFrame;
PPMF_MMIE pMMIE;
INT idx = 0;
PUCHAR pKey = NULL;
UCHAR aad_hdr[LEN_PMF_BIP_AAD_HDR];
UCHAR rcvd_mic[LEN_PMF_BIP_MIC];
UCHAR cal_mic[LEN_PMF_BIP_MIC];
UINT32 body_len = mgmt_len - LENGTH_802_11;
/* Sanity check the total frame body length */
if (body_len <= (2 + LEN_PMF_MMIE))
{
DBGPRINT(RT_DEBUG_ERROR, ("%s : the total length(%d) is too short\n",
__FUNCTION__, body_len));
return PMF_EXTRACT_BIP_FAILURE;
}
/* Look up the entry through Address 2 of 802.11 header */
#ifdef CONFIG_AP_SUPPORT
pEntry = MacTableLookup(pAd, pHeader->Addr2);
#endif /* CONFIG_AP_SUPPORT */
if (pEntry == NULL)
{
DBGPRINT(RT_DEBUG_ERROR,("%s : the entry doesn't exist !\n", __FUNCTION__));
return PMF_STATUS_SUCCESS;
}
/* check the PMF capable for this entry */
if (CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE) == FALSE)
{
DBGPRINT(RT_DEBUG_ERROR,("%s : the entry no PMF capable !\n", __FUNCTION__));
return PMF_EXTRACT_BIP_FAILURE;
}
#ifdef CONFIG_AP_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_AP(pAd)
{
pPmfCfg = &pAd->ApCfg.MBSSID[pEntry->apidx].PmfCfg;
}
#endif // CONFIG_AP_SUPPORT //
/* Pointer to the position of MMIE */
pMMIE = (PPMF_MMIE)(pMgmtFrame + (mgmt_len - LEN_PMF_MMIE));
/* Select the IGTK currently active for transmission of frames to
the intended group of recipients and construct the MMIE (see 7.3.2.55)
with the MIC field masked to zero and the KeyID field set to the
corresponding IGTK KeyID value. */
if (pMMIE->KeyID[0] == 5)
idx = 1;
pKey = &pPmfCfg->IGTK[idx][0];
/* store the MIC value of the received frame */
NdisMoveMemory(rcvd_mic, pMMIE->MIC, LEN_PMF_BIP_MIC);
NdisZeroMemory(pMMIE->MIC, LEN_PMF_BIP_MIC);
/* Compute AAD */
PMF_ConstructBIPAad((PUCHAR)pMgmtFrame, aad_hdr);
/* Calculate BIP MIC */
PMF_CalculateBIPMIC(pAd, aad_hdr,
pMgmtFrame + LENGTH_802_11,
body_len, pKey, cal_mic);
if (!NdisEqualMemory(rcvd_mic, cal_mic, LEN_PMF_BIP_MIC))
{
DBGPRINT(RT_DEBUG_ERROR, ("%s : MIC Different !\n", __FUNCTION__));
return PMF_EXTRACT_BIP_FAILURE;
}
return PMF_STATUS_SUCCESS;
}
