tSirRetStatus
limValidateIEInformationInProbeRspFrame (tpAniSirGlobal pMac,
tANI_U8 *pRxPacketInfo)
{
tSirRetStatus status = eSIR_SUCCESS;
tANI_U8 *pFrame;
tANI_U32 nFrame;
tANI_U32 nMissingRsnBytes;
/* Validate a Probe response frame for malformed frame.
* If the frame is malformed then do not consider as it
* may cause problem fetching wrong IE values
*/
if (WDA_GET_RX_PAYLOAD_LEN(pRxPacketInfo) < (SIR_MAC_B_PR_SSID_OFFSET + SIR_MAC_MIN_IE_LEN))
{
return eSIR_FAILURE;
}
pFrame = WDA_GET_RX_MPDU_DATA(pRxPacketInfo);
nFrame = WDA_GET_RX_PAYLOAD_LEN(pRxPacketInfo);
nMissingRsnBytes = 0;
status = ValidateAndRectifyIEs(pMac, pFrame, nFrame, &nMissingRsnBytes);
if ( status == eSIR_SUCCESS )
{
WDA_GET_RX_MPDU_LEN(pRxPacketInfo) += nMissingRsnBytes;
}
return status;
}
void
limProcessProbeRspFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession psessionEntry)
{
tANI_U8 *pBody;
tANI_U32 frameLen = 0;
tSirMacAddr currentBssId;
tpSirMacMgmtHdr pHdr;
tSirProbeRespBeacon probeRsp;
tANI_U8 qosEnabled = false;
tANI_U8 wmeEnabled = false;
probeRsp.ssId.length = 0;
probeRsp.wpa.length = 0;
probeRsp.propIEinfo.apName.length = 0;
#if (WNI_POLARIS_FW_PACKAGE == ADVANCED)
probeRsp.propIEinfo.aniIndicator = 0;
probeRsp.propIEinfo.wdsLength = 0;
#endif
pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
PELOG2(limLog(pMac, LOG2,
FL("Received Probe Response frame with length=%d from "),
WDA_GET_RX_MPDU_LEN(pRxPacketInfo));
limPrintMacAddr(pMac, pHdr->sa, LOG2);)
if (limDeactivateMinChannelTimerDuringScan(pMac) != eSIR_SUCCESS)
void
limProcessProbeRspFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession psessionEntry)
{
tANI_U8 *pBody;
tANI_U32 frameLen = 0;
tSirMacAddr currentBssId;
tpSirMacMgmtHdr pHdr;
tSirProbeRespBeacon *pProbeRsp;
tANI_U8 qosEnabled = false;
tANI_U8 wmeEnabled = false;
if(eHAL_STATUS_SUCCESS != palAllocateMemory(pMac->hHdd,
(void **)&pProbeRsp, sizeof(tSirProbeRespBeacon)))
{
limLog(pMac, LOGE, FL("Unable to PAL allocate memory in limProcessProbeRspFrame") );
return;
}
pProbeRsp->ssId.length = 0;
pProbeRsp->wpa.length = 0;
pProbeRsp->propIEinfo.apName.length = 0;
pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
PELOG2(limLog(pMac, LOG2,
FL("Received Probe Response frame with length=%d from "),
WDA_GET_RX_MPDU_LEN(pRxPacketInfo));
limPrintMacAddr(pMac, pHdr->sa, LOG2);)
if (limDeactivateMinChannelTimerDuringScan(pMac) != eSIR_SUCCESS)
/**
* sysBbtProcessMessageCore
*
* FUNCTION:
* Process BBT messages
*
* LOGIC:
*
* ASSUMPTIONS:
*
* NOTE:
*
* @param tpAniSirGlobal A pointer to MAC params instance
* @param pMsg message pointer
* @param tANI_U32 type
* @param tANI_U32 sub type
* @return None
*/
tSirRetStatus
sysBbtProcessMessageCore(tpAniSirGlobal pMac, tpSirMsgQ pMsg, tANI_U32 type,
tANI_U32 subType)
{
static tANI_U32 lastDeauthPacketTime = 0;
tSirRetStatus ret;
void* pBd;
tMgmtFrmDropReason dropReason;
vos_pkt_t *pVosPkt = (vos_pkt_t *)pMsg->bodyptr;
VOS_STATUS vosStatus =
WDA_DS_PeekRxPacketInfo( pVosPkt, (v_PVOID_t *)&pBd, VOS_FALSE );
#ifdef WLAN_FEATURE_11W
tANI_U8 sessionId;
tpPESession psessionEntry;
tpSirMacMgmtHdr pMacHdr;
#endif /* WLAN_FEATURE_11W */
pMac->sys.gSysBbtReceived++;
if ( !VOS_IS_STATUS_SUCCESS(vosStatus) )
{
goto fail;
}
PELOG3(sysLog(pMac, LOG3, FL("Rx Mgmt Frame Subtype: %d\n"), subType);
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOG3, (tANI_U8 *)WDA_GET_RX_MAC_HEADER(pBd), WDA_GET_RX_MPDU_LEN(pBd));
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOG3, WDA_GET_RX_MPDU_DATA(pBd), WDA_GET_RX_PAYLOAD_LEN(pBd));)
/**
* sysBbtProcessMessageCore
*
* FUNCTION:
* Process BBT messages
*
* LOGIC:
*
* ASSUMPTIONS:
*
* NOTE:
*
* @param tpAniSirGlobal A pointer to MAC params instance
* @param pMsg message pointer
* @param tANI_U32 type
* @param tANI_U32 sub type
* @return None
*/
tSirRetStatus
sysBbtProcessMessageCore(tpAniSirGlobal pMac, tpSirMsgQ pMsg, tANI_U32 type,
tANI_U32 subType)
{
tSirRetStatus ret;
void* pBd;
tMgmtFrmDropReason dropReason;
vos_pkt_t *pVosPkt = (vos_pkt_t *)pMsg->bodyptr;
VOS_STATUS vosStatus =
WDA_DS_PeekRxPacketInfo( pVosPkt, (v_PVOID_t *)&pBd, VOS_FALSE );
pMac->sys.gSysBbtReceived++;
if ( !VOS_IS_STATUS_SUCCESS(vosStatus) )
{
goto fail;
}
PELOGW(sysLog(pMac, LOGW, FL("Rx Mgmt Frame Subtype: %d\n"), subType);
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOGW, (tANI_U8 *)WDA_GET_RX_MAC_HEADER(pBd), WDA_GET_RX_MPDU_LEN(pBd));
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOGW, WDA_GET_RX_MPDU_DATA(pBd), WDA_GET_RX_PAYLOAD_LEN(pBd));)
void
limProcessBeaconFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession psessionEntry)
{
tpSirMacMgmtHdr pHdr;
tSchBeaconStruct *pBeacon;
pMac->lim.gLimNumBeaconsRcvd++;
/* here is it required to increment session specific heartBeat beacon counter */
pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
PELOG2(limLog(pMac, LOG2, FL("Received Beacon frame with length=%d from "),
WDA_GET_RX_MPDU_LEN(pRxPacketInfo));
limPrintMacAddr(pMac, pHdr->sa, LOG2);)
if (!pMac->fScanOffload)
void
limProcessProbeRspFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession psessionEntry)
{
tANI_U8 *pBody;
tANI_U32 frameLen = 0;
tSirMacAddr currentBssId;
tpSirMacMgmtHdr pHdr;
tSirProbeRespBeacon *pProbeRsp;
tANI_U8 qosEnabled = false;
tANI_U8 wmeEnabled = false;
if (!psessionEntry)
{
limLog(pMac, LOGE, FL("psessionEntry is NULL") );
return;
}
limLog(pMac,LOG1,"SessionId:%d ProbeRsp Frame is received",
psessionEntry->peSessionId);
pProbeRsp = vos_mem_malloc(sizeof(tSirProbeRespBeacon));
if ( NULL == pProbeRsp )
{
limLog(pMac, LOGE, FL("Unable to allocate memory in limProcessProbeRspFrame") );
return;
}
pProbeRsp->ssId.length = 0;
pProbeRsp->wpa.length = 0;
pProbeRsp->propIEinfo.apName.length = 0;
pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
PELOG2(limLog(pMac, LOG2,
FL("Received Probe Response frame with length=%d from "),
WDA_GET_RX_MPDU_LEN(pRxPacketInfo));
limPrintMacAddr(pMac, pHdr->sa, LOG2);)
if (!pMac->fScanOffload)
void
limProcessBeaconFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession psessionEntry)
{
tpSirMacMgmtHdr pHdr;
tSchBeaconStruct *pBeacon;
pMac->lim.gLimNumBeaconsRcvd++;
/* here is it required to increment session specific heartBeat beacon counter */
pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
limLog(pMac, LOG2, FL("Received Beacon frame with length=%d from "),
WDA_GET_RX_MPDU_LEN(pRxPacketInfo));
limPrintMacAddr(pMac, pHdr->sa, LOG2);
if (!pMac->fScanOffload)
{
if (limDeactivateMinChannelTimerDuringScan(pMac) != eSIR_SUCCESS)
return;
}
/**
* Expect Beacon only when
* 1. STA is in Scan mode waiting for Beacon/Probe response or
* 2. STA is waiting for Beacon/Probe Respose Frame
* to announce join success.
* 3. STA/AP is in Learn mode
*/
if ((pMac->lim.gLimMlmState == eLIM_MLM_WT_PROBE_RESP_STATE) ||
(pMac->lim.gLimMlmState == eLIM_MLM_PASSIVE_SCAN_STATE) ||
(pMac->lim.gLimMlmState == eLIM_MLM_LEARN_STATE) ||
(psessionEntry->limMlmState == eLIM_MLM_WT_JOIN_BEACON_STATE)
|| pMac->fScanOffload
)
{
pBeacon = vos_mem_malloc(sizeof(tSchBeaconStruct));
if ( NULL == pBeacon )
{
limLog(pMac, LOGE, FL("Unable to allocate memory in limProcessBeaconFrame") );
return;
}
// Parse received Beacon
if (sirConvertBeaconFrame2Struct(pMac, (tANI_U8 *) pRxPacketInfo,
pBeacon) != eSIR_SUCCESS)
{
// Received wrongly formatted/invalid Beacon.
// Ignore it and move on.
limLog(pMac, LOGW,
FL("Received invalid Beacon in state %d"),
psessionEntry->limMlmState);
limPrintMlmState(pMac, LOGW, psessionEntry->limMlmState);
if ((!psessionEntry->currentBssBeaconCnt) &&
(sirCompareMacAddr( psessionEntry->bssId, pHdr->sa)))
limParseBeaconForTim(pMac, (tANI_U8 *) pRxPacketInfo, psessionEntry);
vos_mem_free(pBeacon);
return;
}
/*during scanning, when any session is active, and beacon/Pr belongs to
one of the session, fill up the following, TBD - HB couter */
if ((!psessionEntry->lastBeaconDtimPeriod) &&
(sirCompareMacAddr( psessionEntry->bssId, pBeacon->bssid)))
{
vos_mem_copy(( tANI_U8* )&psessionEntry->lastBeaconTimeStamp,
( tANI_U8* )pBeacon->timeStamp, sizeof(tANI_U64) );
psessionEntry->lastBeaconDtimCount = pBeacon->tim.dtimCount;
psessionEntry->lastBeaconDtimPeriod= pBeacon->tim.dtimPeriod;
psessionEntry->currentBssBeaconCnt++;
}
MTRACE(macTrace(pMac, TRACE_CODE_RX_MGMT_TSF, 0, pBeacon->timeStamp[0]);)
/**
* sysBbtProcessMessageCore
*
* FUNCTION:
* Process BBT messages
*
* LOGIC:
*
* ASSUMPTIONS:
*
* NOTE:
*
* @param tpAniSirGlobal A pointer to MAC params instance
* @param pMsg message pointer
* @param tANI_U32 type
* @param tANI_U32 sub type
* @return None
*/
tSirRetStatus
sysBbtProcessMessageCore(tpAniSirGlobal pMac, tpSirMsgQ pMsg, tANI_U32 type,
tANI_U32 subType)
{
tANI_U32 framecount;
tSirRetStatus ret;
void* pBd;
tMgmtFrmDropReason dropReason;
vos_pkt_t *pVosPkt = (vos_pkt_t *)pMsg->bodyptr;
VOS_STATUS vosStatus =
WDA_DS_PeekRxPacketInfo( pVosPkt, (v_PVOID_t *)&pBd, VOS_FALSE );
pMac->sys.gSysBbtReceived++;
if ( !VOS_IS_STATUS_SUCCESS(vosStatus) )
{
goto fail;
}
sysLog(pMac, LOG3, FL("Rx Mgmt Frame Subtype: %d\n"), subType);
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOG3, (tANI_U8 *)WDA_GET_RX_MAC_HEADER(pBd), WDA_GET_RX_MPDU_LEN(pBd));
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOG3, WDA_GET_RX_MPDU_DATA(pBd), WDA_GET_RX_PAYLOAD_LEN(pBd));
pMac->sys.gSysFrameCount[type][subType]++;
framecount = pMac->sys.gSysFrameCount[type][subType];
if(type == SIR_MAC_MGMT_FRAME)
{
tpSirMacMgmtHdr mac_hdr;
/*
* Drop beacon frames in deferred state to avoid VOSS run out of
* message wrappers.
*/
if ((subType == SIR_MAC_MGMT_BEACON) &&
(!limIsSystemInScanState(pMac)) &&
(true != GET_LIM_PROCESS_DEFD_MESGS(pMac)) &&
!pMac->lim.gLimSystemInScanLearnMode) {
sysLog(pMac, LOG1,
FL("dropping received beacon in deffered state"));
goto fail;
}
dropReason = limIsPktCandidateForDrop(pMac, pBd, subType);
if (dropReason != eMGMT_DROP_NO_DROP) {
sysLog(pMac, LOG1,
FL("Mgmt Frame %d being dropped, reason: %d\n"),
subType, dropReason);
MTRACE(macTrace(pMac, TRACE_CODE_RX_MGMT_DROP, NO_SESSION, dropReason));
goto fail;
}
mac_hdr = WDA_GET_RX_MAC_HEADER(pBd);
if (subType == SIR_MAC_MGMT_ASSOC_REQ) {
sysLog(pMac, LOG1,
FL("ASSOC REQ frame allowed: da: " MAC_ADDRESS_STR ", sa: " MAC_ADDRESS_STR ", bssid: " MAC_ADDRESS_STR ", Assoc Req count so far: %d\n"),
MAC_ADDR_ARRAY(mac_hdr->da),
MAC_ADDR_ARRAY(mac_hdr->sa),
MAC_ADDR_ARRAY(mac_hdr->bssId),
pMac->sys.gSysFrameCount[type][subType]);
}
if (subType == SIR_MAC_MGMT_DEAUTH)
{
sysLog(pMac, LOG1,
FL("DEAUTH frame allowed: da: " MAC_ADDRESS_STR ", sa: " MAC_ADDRESS_STR ", bssid: " MAC_ADDRESS_STR ", DEAUTH count so far: %d\n"),
MAC_ADDR_ARRAY(mac_hdr->da),
MAC_ADDR_ARRAY(mac_hdr->sa),
MAC_ADDR_ARRAY(mac_hdr->bssId),
pMac->sys.gSysFrameCount[type][subType]);
}
if (subType == SIR_MAC_MGMT_DISASSOC)
{
sysLog(pMac, LOG1,
FL("DISASSOC frame allowed: da: " MAC_ADDRESS_STR ", sa: " MAC_ADDRESS_STR ", bssid: " MAC_ADDRESS_STR ", DISASSOC count so far: %d\n"),
MAC_ADDR_ARRAY(mac_hdr->da),
MAC_ADDR_ARRAY(mac_hdr->sa),
MAC_ADDR_ARRAY(mac_hdr->bssId),
pMac->sys.gSysFrameCount[type][subType]);
}
//Post the message to PE Queue
ret = (tSirRetStatus) limPostMsgApi(pMac, pMsg);
if (ret != eSIR_SUCCESS)
{
/* Print only one debug failure out of 512 failure messages */
if(pMac->sys.gSysBbtReceived & 0x0200)
sysLog(pMac, LOGE,
FL("posting to LIM2 failed, ret %d"), ret);
goto fail;
}
pMac->sys.gSysBbtPostedToLim++;
}
else if (type == SIR_MAC_DATA_FRAME)
{
#ifdef FEATURE_WLAN_ESE
sysLog(pMac, LOGW, FL("IAPP Frame...\n"));
//Post the message to PE Queue
ret = (tSirRetStatus) limPostMsgApi(pMac, pMsg);
if (ret != eSIR_SUCCESS)
{
sysLog(pMac, LOGE, FL("posting to LIM2 failed, ret %d\n"), ret);
goto fail;
}
pMac->sys.gSysBbtPostedToLim++;
#endif
}
else
{
sysLog(pMac, LOG3, "BBT received Invalid type %d subType %d "
"LIM state %X. BD dump is:\n",
type, subType, limGetSmeState(pMac));
sirDumpBuf(pMac, SIR_SYS_MODULE_ID, LOG3,
(tANI_U8 *) pBd, WLANHAL_RX_BD_HEADER_SIZE);
goto fail;
}
return eSIR_SUCCESS;
fail:
pMac->sys.gSysBbtDropped++;
return eSIR_FAILURE;
}