2 ** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_2/mgmt/auth.c#1 $
6 \brief This file includes the authentication-related functions.
8 This file includes the authentication-related functions.
11 /*******************************************************************************
12 * Copyright (c) 2007 MediaTek Inc.
14 * All rights reserved. Copying, compilation, modification, distribution
15 * or any other use whatsoever of this material is strictly prohibited
16 * except in accordance with a Software License Agreement with
18 ********************************************************************************
21 /*******************************************************************************
24 * BY OPENING THIS FILE, BUYER HEREBY UNEQUIVOCALLY ACKNOWLEDGES AND
25 * AGREES THAT THE SOFTWARE/FIRMWARE AND ITS DOCUMENTATIONS ("MEDIATEK
26 * SOFTWARE") RECEIVED FROM MEDIATEK AND/OR ITS REPRESENTATIVES ARE
27 * PROVIDED TO BUYER ON AN "AS-IS" BASIS ONLY. MEDIATEK EXPRESSLY
28 * DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
29 * LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
30 * PARTICULAR PURPOSE OR NONINFRINGEMENT. NEITHER DOES MEDIATEK PROVIDE
31 * ANY WARRANTY WHATSOEVER WITH RESPECT TO THE SOFTWARE OF ANY THIRD PARTY
32 * WHICH MAY BE USED BY, INCORPORATED IN, OR SUPPLIED WITH THE MEDIATEK
33 * SOFTWARE, AND BUYER AGREES TO LOOK ONLY TO SUCH THIRD PARTY FOR ANY
34 * WARRANTY CLAIM RELATING THERETO. MEDIATEK SHALL ALSO NOT BE RESPONSIBLE
35 * FOR ANY MEDIATEK SOFTWARE RELEASES MADE TO BUYER'S SPECIFICATION OR TO
36 * CONFORM TO A PARTICULAR STANDARD OR OPEN FORUM.
38 * BUYER'S SOLE AND EXCLUSIVE REMEDY AND MEDIATEK'S ENTIRE AND CUMULATIVE
39 * LIABILITY WITH RESPECT TO THE MEDIATEK SOFTWARE RELEASED HEREUNDER WILL
40 * BE, AT MEDIATEK'S OPTION, TO REVISE OR REPLACE THE MEDIATEK SOFTWARE AT
41 * ISSUE, OR REFUND ANY SOFTWARE LICENSE FEES OR SERVICE CHARGE PAID BY
42 * BUYER TO MEDIATEK FOR SUCH MEDIATEK SOFTWARE AT ISSUE.
44 * THE TRANSACTION CONTEMPLATED HEREUNDER SHALL BE CONSTRUED IN ACCORDANCE
45 * WITH THE LAWS OF THE STATE OF CALIFORNIA, USA, EXCLUDING ITS CONFLICT
46 * OF LAWS PRINCIPLES. ANY DISPUTES, CONTROVERSIES OR CLAIMS ARISING
47 * THEREOF AND RELATED THERETO SHALL BE SETTLED BY ARBITRATION IN SAN
48 * FRANCISCO, CA, UNDER THE RULES OF THE INTERNATIONAL CHAMBER OF COMMERCE
50 ********************************************************************************
56 * 11 09 2011 yuche.tsai
58 * Fix Network Index & Station Record Index when TX deauth issue.
60 * 10 19 2011 yuche.tsai
61 * [WCXRP00001045] [WiFi Direct][Driver] Check 2.1 branch.
63 * Davinci Maintrunk Label: MT6620_WIFI_DRIVER_FW_TRUNK_MT6620E5_111019_0926.
65 * 06 22 2011 yuche.tsai
69 * 06 20 2011 yuche.tsai
70 * [WCXRP00000796] [Volunteer Patch][MT6620][Driver] Add BC deauth frame TX feature.
71 * Add feature to send BC deauth frame when under AP/GO mode.
74 * [WCXRP00000674] [MT6620 Wi-Fi][Driver] Refine AAA authSendAuthFrame
75 * Add network type parameter to authSendAuthFrame.
77 * 04 15 2011 chinghwa.yu
78 * [WCXRP00000065] Update BoW design and settings
79 * Add BOW short range mode.
82 * [WCXRP00000577] [MT6620 Wi-Fi][Driver][FW] Create V2.0 branch for firmware and driver
83 * create V2.0 driver release based on label "MT6620_WIFI_DRIVER_V2_0_110318_1600" from main trunk
85 * 02 08 2011 yuche.tsai
86 * [WCXRP00000245] 1. Invitation Request/Response.
88 2. Provision Discovery Request/Response
90 * 1. Fix Service Disocvery Logical issue.
91 * 2. Fix a NULL pointer access violation issue when sending deauthentication packet to a class error station.
94 * [WCXRP00000382] [MT6620 Wi-Fi][Driver] Track forwarding packet number with notifying tx thread for serving
95 * 1. add an extra counter for tracking pending forward frames.
96 * 2. notify TX service thread as well when there is pending forward frame
97 * 3. correct build errors leaded by introduction of Wi-Fi direct separation module
100 * [WCXRP00000381] [MT6620 Wi-Fi][Driver] Kernel panic when replying unaccept Auth in AP mode
101 * In AP mode, use STA_REC_INDEX_NOT_FOUND(0xFE) instead of StaRec index when replying an unaccept Auth frame.
104 * [WCXRP00000052] [MT6620 Wi-Fi][Driver] Eliminate Linux Compile Warning
105 * use definition macro to replace hard-coded constant
107 * 09 03 2010 kevin.huang
109 * Refine #include sequence and solve recursive/nested #include issue
113 * eliminate klockwork errors
117 * Replace CFG_SUPPORT_BOW by CFG_ENABLE_BT_OVER_WIFI.
118 * There is no CFG_SUPPORT_BOW in driver domain source.
120 * 08 16 2010 kevin.huang
122 * Refine AAA functions
126 * surpress compilation warning.
130 * [WPD00003833] [MT6620 and MT5931] Driver migration - move to new repository.
133 * [WPD00003833][MT6620 and MT5931] Driver migration
134 * send MMPDU in basic rate.
137 * [WPD00003833][MT6620 and MT5931] Driver migration
138 * specify correct value for management frames.
140 * 06 18 2010 cm.chang
141 * [WPD00003841][LITE Driver] Migrate RLM/CNM to host driver
142 * Provide cnmMgtPktAlloc() and alloc/free function of msg/buf
145 * [WPD00003833][MT6620 and MT5931] Driver migration
146 * add management dispatching function table.
149 * [WPD00003833][MT6620 and MT5931] Driver migration
150 * auth.c is migrated.
152 * 05 28 2010 kevin.huang
153 * [BORA00000794][WIFISYS][New Feature]Power Management Support
154 * Update authSendDeauthFrame() for correct the value of eNetTypeIndex in MSDU_INFO_T
156 * 05 24 2010 kevin.huang
157 * [BORA00000794][WIFISYS][New Feature]Power Management Support
158 * Check Net is active before sending Deauth frame.
160 * 05 24 2010 kevin.huang
161 * [BORA00000794][WIFISYS][New Feature]Power Management Support
162 * Refine authSendAuthFrame() for NULL STA_RECORD_T case and minimum deauth interval.
164 * 04 24 2010 cm.chang
165 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
166 * g_aprBssInfo[] depends on CFG_SUPPORT_P2P and CFG_SUPPORT_BOW
168 * 04 19 2010 kevin.huang
169 * [BORA00000714][WIFISYS][New Feature]Beacon Timeout Support
170 * Add Send Deauth for Class 3 Error and Leave Network Support
172 * 02 23 2010 kevin.huang
173 * [BORA00000603][WIFISYS] [New Feature] AAA Module Support
174 * Fix compile warning
176 * 02 05 2010 kevin.huang
177 * [BORA00000603][WIFISYS] [New Feature] AAA Module Support
178 * Add debug message for abnormal authentication frame from AP
180 * 02 04 2010 kevin.huang
181 * [BORA00000603][WIFISYS] [New Feature] AAA Module Support
182 * Add AAA Module Support, Revise Net Type to Net Type Index for array lookup
184 * 01 11 2010 kevin.huang
185 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
186 * Add Deauth and Disassoc Handler
188 * 01 07 2010 kevin.huang
189 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
190 * [BORA00000018] Integrate WIFI part into BORA for the 1st time
192 * Fix the Debug Label
194 * 12 18 2009 cm.chang
195 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
198 * Dec 7 2009 mtk01461
199 * [BORA00000018] Integrate WIFI part into BORA for the 1st time
200 * Update the authComposeAuthFrameHeader()
202 * Dec 7 2009 mtk01088
203 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
204 * adding the send deauth frame function
206 * Dec 3 2009 mtk01461
207 * [BORA00000018] Integrate WIFI part into BORA for the 1st time
208 * Integrate send Auth with TXM
210 * Nov 24 2009 mtk01461
211 * [BORA00000018] Integrate WIFI part into BORA for the 1st time
212 * Revise MGMT Handler with Retain Status
214 * Nov 23 2009 mtk01461
215 * [BORA00000018] Integrate WIFI part into BORA for the 1st time
219 /*******************************************************************************
220 * C O M P I L E R F L A G S
221 ********************************************************************************
224 /*******************************************************************************
225 * E X T E R N A L R E F E R E N C E S
226 ********************************************************************************
230 /*******************************************************************************
232 ********************************************************************************
235 /*******************************************************************************
237 ********************************************************************************
240 /*******************************************************************************
241 * P U B L I C D A T A
242 ********************************************************************************
244 APPEND_IE_ENTRY_T txAuthIETable[] = {
245 { (ELEM_HDR_LEN + ELEM_MAX_LEN_CHALLENGE_TEXT), authAddIEChallengeText }
248 HANDLE_IE_ENTRY_T rxAuthIETable[] = {
249 { ELEM_ID_CHALLENGE_TEXT, authHandleIEChallengeText }
252 /*******************************************************************************
253 * P R I V A T E D A T A
254 ********************************************************************************
257 /*******************************************************************************
259 ********************************************************************************
262 /*******************************************************************************
263 * F U N C T I O N D E C L A R A T I O N S
264 ********************************************************************************
267 /*******************************************************************************
269 ********************************************************************************
271 /*----------------------------------------------------------------------------*/
273 * @brief This function will compose the Authentication frame header and fixed fields.
275 * @param[in] pucBuffer Pointer to the frame buffer.
276 * @param[in] aucPeerMACAddress Given Peer MAC Address.
277 * @param[in] aucMACAddress Given Our MAC Address.
278 * @param[in] u2AuthAlgNum Authentication Algorithm Number
279 * @param[in] u2TransactionSeqNum Transaction Sequence Number
280 * @param[in] u2StatusCode Status Code
284 /*----------------------------------------------------------------------------*/
286 authComposeAuthFrameHeaderAndFF (
287 IN PUINT_8 pucBuffer,
288 IN UINT_8 aucPeerMACAddress[],
289 IN UINT_8 aucMACAddress[],
290 IN UINT_16 u2AuthAlgNum,
291 IN UINT_16 u2TransactionSeqNum,
292 IN UINT_16 u2StatusCode
295 P_WLAN_AUTH_FRAME_T prAuthFrame;
300 ASSERT(aucPeerMACAddress);
301 ASSERT(aucMACAddress);
303 prAuthFrame = (P_WLAN_AUTH_FRAME_T)pucBuffer;
305 //4 <1> Compose the frame header of the Authentication frame.
306 /* Fill the Frame Control field. */
307 u2FrameCtrl = MAC_FRAME_AUTH;
309 /* If this frame is the third frame in the shared key authentication
310 * sequence, it shall be encrypted.
312 if ((u2AuthAlgNum == AUTH_ALGORITHM_NUM_SHARED_KEY) &&
313 (u2TransactionSeqNum == AUTH_TRANSACTION_SEQ_3)) {
315 u2FrameCtrl |= MASK_FC_PROTECTED_FRAME; /* HW will also detect this bit for applying encryption */
318 //WLAN_SET_FIELD_16(&prAuthFrame->u2FrameCtrl, u2FrameCtrl);
319 prAuthFrame->u2FrameCtrl = u2FrameCtrl; // NOTE(Kevin): Optimized for ARM
321 /* Fill the DA field with Target BSSID. */
322 COPY_MAC_ADDR(prAuthFrame->aucDestAddr, aucPeerMACAddress);
324 /* Fill the SA field with our MAC Address. */
325 COPY_MAC_ADDR(prAuthFrame->aucSrcAddr, aucMACAddress);
327 switch (u2TransactionSeqNum) {
328 case AUTH_TRANSACTION_SEQ_1:
329 case AUTH_TRANSACTION_SEQ_3:
331 /* Fill the BSSID field with Target BSSID. */
332 COPY_MAC_ADDR(prAuthFrame->aucBSSID, aucPeerMACAddress);
335 case AUTH_TRANSACTION_SEQ_2:
336 case AUTH_TRANSACTION_SEQ_4:
338 /* Fill the BSSID field with Current BSSID. */
339 COPY_MAC_ADDR(prAuthFrame->aucBSSID, aucMACAddress);
346 /* Clear the SEQ/FRAG_NO field. */
347 prAuthFrame->u2SeqCtrl = 0;
350 //4 <2> Compose the frame body's fixed field part of the Authentication frame.
351 /* Fill the Authentication Algorithm Number field. */
352 //WLAN_SET_FIELD_16(&prAuthFrame->u2AuthAlgNum, u2AuthAlgNum);
353 prAuthFrame->u2AuthAlgNum = u2AuthAlgNum; // NOTE(Kevin): Optimized for ARM
355 /* Fill the Authentication Transaction Sequence Number field. */
356 //WLAN_SET_FIELD_16(&prAuthFrame->u2AuthTransSeqNo, u2TransactionSeqNum);
357 prAuthFrame->u2AuthTransSeqNo = u2TransactionSeqNum; // NOTE(Kevin): Optimized for ARM
359 /* Fill the Status Code field. */
360 //WLAN_SET_FIELD_16(&prAuthFrame->u2StatusCode, u2StatusCode);
361 prAuthFrame->u2StatusCode = u2StatusCode; // NOTE(Kevin): Optimized for ARM
364 } /* end of authComposeAuthFrameHeaderAndFF() */
367 /*----------------------------------------------------------------------------*/
369 * @brief This function will append Challenge Text IE to the Authentication frame
371 * @param[in] prMsduInfo Pointer to the composed MSDU_INFO_T.
375 /*----------------------------------------------------------------------------*/
377 authAddIEChallengeText (
378 IN P_ADAPTER_T prAdapter,
379 IN OUT P_MSDU_INFO_T prMsduInfo
382 P_WLAN_AUTH_FRAME_T prAuthFrame;
383 P_STA_RECORD_T prStaRec;
384 UINT_16 u2TransactionSeqNum;
389 prStaRec = cnmGetStaRecByIndex(prAdapter, prMsduInfo->ucStaRecIndex);
397 /* For Management, frame header and payload are in a continuous buffer */
398 prAuthFrame = (P_WLAN_AUTH_FRAME_T)prMsduInfo->prPacket;
400 WLAN_GET_FIELD_16(&prAuthFrame->u2AuthTransSeqNo, &u2TransactionSeqNum)
402 /* Only consider SEQ_3 for Challenge Text */
403 if ((u2TransactionSeqNum == AUTH_TRANSACTION_SEQ_3) &&
404 (prStaRec->ucAuthAlgNum == AUTH_ALGORITHM_NUM_SHARED_KEY) &&
405 (prStaRec->prChallengeText != NULL)) {
407 COPY_IE(((UINT_32)(prMsduInfo->prPacket) + prMsduInfo->u2FrameLength),
408 (prStaRec->prChallengeText));
410 prMsduInfo->u2FrameLength += IE_SIZE(prStaRec->prChallengeText);
415 } /* end of authAddIEChallengeText() */
419 /*----------------------------------------------------------------------------*/
421 * @brief This function will send the Authenticiation frame
423 * @param[in] prStaRec Pointer to the STA_RECORD_T
424 * @param[in] u2TransactionSeqNum Transaction Sequence Number
426 * @retval WLAN_STATUS_RESOURCES No available resource for frame composing.
427 * @retval WLAN_STATUS_SUCCESS Successfully send frame to TX Module
429 /*----------------------------------------------------------------------------*/
432 IN P_ADAPTER_T prAdapter,
433 IN P_STA_RECORD_T prStaRec,
434 IN UINT_16 u2TransactionSeqNum
437 P_MSDU_INFO_T prMsduInfo;
438 P_BSS_INFO_T prBssInfo;
439 UINT_16 u2EstimatedFrameLen;
440 UINT_16 u2EstimatedExtraIELen;
441 UINT_16 u2PayloadLen;
445 DBGLOG(SAA, LOUD, ("Send Auth Frame\n"));
449 //4 <1> Allocate a PKT_INFO_T for Authentication Frame
450 /* Init with MGMT Header Length + Length of Fixed Fields */
451 u2EstimatedFrameLen = (MAC_TX_RESERVED_FIELD +
452 WLAN_MAC_MGMT_HEADER_LEN +
453 AUTH_ALGORITHM_NUM_FIELD_LEN +
454 AUTH_TRANSACTION_SEQENCE_NUM_FIELD_LEN +
455 STATUS_CODE_FIELD_LEN);
457 /* + Extra IE Length */
458 u2EstimatedExtraIELen = 0;
460 for (i = 0; i < sizeof(txAuthIETable)/sizeof(APPEND_IE_ENTRY_T); i++) {
461 u2EstimatedExtraIELen += txAuthIETable[i].u2EstimatedIELen;
464 u2EstimatedFrameLen += u2EstimatedExtraIELen;
466 /* Allocate a MSDU_INFO_T */
467 if ( (prMsduInfo = cnmMgtPktAlloc(prAdapter, u2EstimatedFrameLen)) == NULL) {
468 DBGLOG(SAA, WARN, ("No PKT_INFO_T for sending Auth Frame.\n"));
469 return WLAN_STATUS_RESOURCES;
472 //4 <2> Compose Authentication Request frame header and fixed fields in MSDU_INfO_T.
473 ASSERT(prStaRec->ucNetTypeIndex < NETWORK_TYPE_INDEX_NUM);
474 prBssInfo = &(prAdapter->rWifiVar.arBssInfo[prStaRec->ucNetTypeIndex]);
476 /* Compose Header and some Fixed Fields */
477 authComposeAuthFrameHeaderAndFF(
478 (PUINT_8)((UINT_32)(prMsduInfo->prPacket) + MAC_TX_RESERVED_FIELD),
479 prStaRec->aucMacAddr,
480 prBssInfo->aucOwnMacAddr,
481 prStaRec->ucAuthAlgNum,
483 STATUS_CODE_RESERVED);
485 u2PayloadLen = (AUTH_ALGORITHM_NUM_FIELD_LEN +
486 AUTH_TRANSACTION_SEQENCE_NUM_FIELD_LEN +
487 STATUS_CODE_FIELD_LEN);
489 //4 <3> Update information of MSDU_INFO_T
490 prMsduInfo->eSrc = TX_PACKET_MGMT;
491 prMsduInfo->ucPacketType = HIF_TX_PACKET_TYPE_MGMT;
492 prMsduInfo->ucStaRecIndex = prStaRec->ucIndex;
493 prMsduInfo->ucNetworkType = prStaRec->ucNetTypeIndex;
494 prMsduInfo->ucMacHeaderLength = WLAN_MAC_MGMT_HEADER_LEN;
495 prMsduInfo->fgIs802_1x = FALSE;
496 prMsduInfo->fgIs802_11 = TRUE;
497 prMsduInfo->u2FrameLength = WLAN_MAC_MGMT_HEADER_LEN + u2PayloadLen;
498 prMsduInfo->ucTxSeqNum = nicIncreaseTxSeqNum(prAdapter);
499 prMsduInfo->pfTxDoneHandler = saaFsmRunEventTxDone;
500 prMsduInfo->fgIsBasicRate = TRUE;
502 //4 <4> Compose IEs in MSDU_INFO_T
503 for (i = 0; i < sizeof(txAuthIETable)/sizeof(APPEND_IE_ENTRY_T); i++) {
504 if (txAuthIETable[i].pfnAppendIE) {
505 txAuthIETable[i].pfnAppendIE(prAdapter, prMsduInfo);
509 /* TODO(Kevin): Also release the unused tail room of the composed MMPDU */
511 //4 <6> Inform TXM to send this Authentication frame.
512 nicTxEnqueueMsdu(prAdapter, prMsduInfo);
514 return WLAN_STATUS_SUCCESS;
515 } /* end of authSendAuthFrame() */
519 /*----------------------------------------------------------------------------*/
521 * @brief This function will send the Authenticiation frame
523 * @param[in] prStaRec Pointer to the STA_RECORD_T
524 * @param[in] u2TransactionSeqNum Transaction Sequence Number
526 * @retval WLAN_STATUS_RESOURCES No available resource for frame composing.
527 * @retval WLAN_STATUS_SUCCESS Successfully send frame to TX Module
529 /*----------------------------------------------------------------------------*/
532 IN P_ADAPTER_T prAdapter,
533 IN P_STA_RECORD_T prStaRec,
534 IN ENUM_NETWORK_TYPE_INDEX_T eNetTypeIndex,
535 IN P_SW_RFB_T prFalseAuthSwRfb,
536 IN UINT_16 u2TransactionSeqNum,
537 IN UINT_16 u2StatusCode
540 PUINT_8 pucReceiveAddr;
541 PUINT_8 pucTransmitAddr;
542 P_MSDU_INFO_T prMsduInfo;
543 P_BSS_INFO_T prBssInfo;
544 /*get from input parameter*/
545 //ENUM_NETWORK_TYPE_INDEX_T eNetTypeIndex = NETWORK_TYPE_AIS_INDEX;
546 PFN_TX_DONE_HANDLER pfTxDoneHandler = (PFN_TX_DONE_HANDLER)NULL;
547 UINT_16 u2EstimatedFrameLen;
548 UINT_16 u2EstimatedExtraIELen;
549 UINT_16 u2PayloadLen;
550 UINT_16 ucAuthAlgNum;
554 DBGLOG(SAA, LOUD, ("Send Auth Frame %d, Status Code = %d\n",
555 u2TransactionSeqNum, u2StatusCode));
557 //4 <1> Allocate a PKT_INFO_T for Authentication Frame
558 /* Init with MGMT Header Length + Length of Fixed Fields */
559 u2EstimatedFrameLen = (MAC_TX_RESERVED_FIELD +
560 WLAN_MAC_MGMT_HEADER_LEN +
561 AUTH_ALGORITHM_NUM_FIELD_LEN +
562 AUTH_TRANSACTION_SEQENCE_NUM_FIELD_LEN +
563 STATUS_CODE_FIELD_LEN);
565 /* + Extra IE Length */
566 u2EstimatedExtraIELen = 0;
568 for (i = 0; i < sizeof(txAuthIETable)/sizeof(APPEND_IE_ENTRY_T); i++) {
569 u2EstimatedExtraIELen += txAuthIETable[i].u2EstimatedIELen;
572 u2EstimatedFrameLen += u2EstimatedExtraIELen;
574 /* Allocate a MSDU_INFO_T */
575 if ( (prMsduInfo = cnmMgtPktAlloc(prAdapter, u2EstimatedFrameLen)) == NULL) {
576 DBGLOG(SAA, WARN, ("No PKT_INFO_T for sending Auth Frame.\n"));
577 return WLAN_STATUS_RESOURCES;
580 //4 <2> Compose Authentication Request frame header and fixed fields in MSDU_INfO_T.
582 ASSERT(prStaRec->ucNetTypeIndex < NETWORK_TYPE_INDEX_NUM);
584 prBssInfo = &(prAdapter->rWifiVar.arBssInfo[prStaRec->ucNetTypeIndex]);
586 pucTransmitAddr = prBssInfo->aucOwnMacAddr;
588 pucReceiveAddr = prStaRec->aucMacAddr;
590 ucAuthAlgNum = prStaRec->ucAuthAlgNum;
592 switch (u2TransactionSeqNum) {
593 case AUTH_TRANSACTION_SEQ_1:
594 case AUTH_TRANSACTION_SEQ_3:
595 pfTxDoneHandler = saaFsmRunEventTxDone;
598 case AUTH_TRANSACTION_SEQ_2:
599 case AUTH_TRANSACTION_SEQ_4:
600 pfTxDoneHandler = aaaFsmRunEventTxDone;
605 else { /* For Error Status Code */
606 P_WLAN_AUTH_FRAME_T prFalseAuthFrame;
609 ASSERT(prFalseAuthSwRfb);
610 prFalseAuthFrame = (P_WLAN_AUTH_FRAME_T)prFalseAuthSwRfb->pvHeader;
612 ASSERT(u2StatusCode != STATUS_CODE_SUCCESSFUL);
614 pucTransmitAddr = prFalseAuthFrame->aucDestAddr;
616 pucReceiveAddr = prFalseAuthFrame->aucSrcAddr;
618 ucAuthAlgNum = prFalseAuthFrame->u2AuthAlgNum;
620 u2TransactionSeqNum = (prFalseAuthFrame->u2AuthTransSeqNo + 1);
623 /* Compose Header and some Fixed Fields */
624 authComposeAuthFrameHeaderAndFF((PUINT_8)((UINT_32)(prMsduInfo->prPacket) + MAC_TX_RESERVED_FIELD),
631 u2PayloadLen = (AUTH_ALGORITHM_NUM_FIELD_LEN +
632 AUTH_TRANSACTION_SEQENCE_NUM_FIELD_LEN +
633 STATUS_CODE_FIELD_LEN);
635 //4 <3> Update information of MSDU_INFO_T
636 prMsduInfo->eSrc = TX_PACKET_MGMT;
637 prMsduInfo->ucPacketType = HIF_TX_PACKET_TYPE_MGMT;
639 prMsduInfo->ucStaRecIndex = prStaRec->ucIndex;
642 prMsduInfo->ucStaRecIndex = STA_REC_INDEX_NOT_FOUND; //false Auth frame
644 prMsduInfo->ucNetworkType = (UINT_8)eNetTypeIndex;
645 prMsduInfo->ucMacHeaderLength = WLAN_MAC_MGMT_HEADER_LEN;
646 prMsduInfo->fgIs802_1x = FALSE;
647 prMsduInfo->fgIs802_11 = TRUE;
648 prMsduInfo->u2FrameLength = WLAN_MAC_MGMT_HEADER_LEN + u2PayloadLen;
649 prMsduInfo->ucTxSeqNum = nicIncreaseTxSeqNum(prAdapter);
650 prMsduInfo->pfTxDoneHandler = pfTxDoneHandler;
651 prMsduInfo->fgIsBasicRate = TRUE;
653 //4 <4> Compose IEs in MSDU_INFO_T
654 for (i = 0; i < sizeof(txAuthIETable)/sizeof(APPEND_IE_ENTRY_T); i++) {
655 if (txAuthIETable[i].pfnAppendIE) {
656 txAuthIETable[i].pfnAppendIE(prAdapter, prMsduInfo);
660 /* TODO(Kevin): Also release the unused tail room of the composed MMPDU */
662 //4 <6> Inform TXM to send this Authentication frame.
663 nicTxEnqueueMsdu(prAdapter, prMsduInfo);
665 return WLAN_STATUS_SUCCESS;
666 } /* end of authSendAuthFrame() */
668 #endif /* CFG_SUPPORT_AAA */
671 /*----------------------------------------------------------------------------*/
673 * @brief This function will strictly check the TX Authentication frame for SAA/AAA event
676 * @param[in] prMsduInfo Pointer of MSDU_INFO_T
677 * @param[in] u2TransactionSeqNum Transaction Sequence Number
679 * @retval WLAN_STATUS_FAILURE This is not the frame we should handle at current state.
680 * @retval WLAN_STATUS_SUCCESS This is the frame we should handle.
682 /*----------------------------------------------------------------------------*/
684 authCheckTxAuthFrame (
685 IN P_ADAPTER_T prAdapter,
686 IN P_MSDU_INFO_T prMsduInfo,
687 IN UINT_16 u2TransactionSeqNum
690 P_WLAN_AUTH_FRAME_T prAuthFrame;
691 P_STA_RECORD_T prStaRec;
692 UINT_16 u2TxFrameCtrl;
693 UINT_16 u2TxAuthAlgNum;
694 UINT_16 u2TxTransactionSeqNum;
699 prAuthFrame = (P_WLAN_AUTH_FRAME_T)(prMsduInfo->prPacket);
702 prStaRec = cnmGetStaRecByIndex(prAdapter, prMsduInfo->ucStaRecIndex);
706 return WLAN_STATUS_INVALID_PACKET;
709 //WLAN_GET_FIELD_16(&prAuthFrame->u2FrameCtrl, &u2TxFrameCtrl)
710 u2TxFrameCtrl = prAuthFrame->u2FrameCtrl; // NOTE(Kevin): Optimized for ARM
711 u2TxFrameCtrl &= MASK_FRAME_TYPE;
712 if (u2TxFrameCtrl != MAC_FRAME_AUTH) {
713 return WLAN_STATUS_FAILURE;
716 //WLAN_GET_FIELD_16(&prAuthFrame->u2AuthAlgNum, &u2TxAuthAlgNum)
717 u2TxAuthAlgNum = prAuthFrame->u2AuthAlgNum; // NOTE(Kevin): Optimized for ARM
718 if (u2TxAuthAlgNum != (UINT_16)(prStaRec->ucAuthAlgNum)) {
719 return WLAN_STATUS_FAILURE;
722 //WLAN_GET_FIELD_16(&prAuthFrame->u2AuthTransSeqNo, &u2TxTransactionSeqNum)
723 u2TxTransactionSeqNum = prAuthFrame->u2AuthTransSeqNo; // NOTE(Kevin): Optimized for ARM
724 if (u2TxTransactionSeqNum != u2TransactionSeqNum) {
725 return WLAN_STATUS_FAILURE;
728 return WLAN_STATUS_SUCCESS;
730 } /* end of authCheckTxAuthFrame() */
733 /*----------------------------------------------------------------------------*/
735 * @brief This function will check the incoming Auth Frame's Transaction Sequence
736 * Number before delivering it to the corresponding SAA or AAA Module.
738 * @param[in] prSwRfb Pointer to the SW_RFB_T structure.
740 * @retval WLAN_STATUS_SUCCESS Always not retain authentication frames
742 /*----------------------------------------------------------------------------*/
744 authCheckRxAuthFrameTransSeq (
745 IN P_ADAPTER_T prAdapter,
746 IN P_SW_RFB_T prSwRfb
749 P_WLAN_AUTH_FRAME_T prAuthFrame;
750 UINT_16 u2RxTransactionSeqNum;
755 //4 <1> locate the Authentication Frame.
756 prAuthFrame = (P_WLAN_AUTH_FRAME_T) prSwRfb->pvHeader;
758 //4 <2> Parse the Header of Authentication Frame.
759 if ((prSwRfb->u2PacketLen - prSwRfb->u2HeaderLen) < (AUTH_ALGORITHM_NUM_FIELD_LEN +
760 AUTH_TRANSACTION_SEQENCE_NUM_FIELD_LEN +
761 STATUS_CODE_FIELD_LEN)) {
763 return WLAN_STATUS_SUCCESS;
766 //4 <3> Parse the Fixed Fields of Authentication Frame Body.
767 //WLAN_GET_FIELD_16(&prAuthFrame->u2AuthTransSeqNo, &u2RxTransactionSeqNum);
768 u2RxTransactionSeqNum = prAuthFrame->u2AuthTransSeqNo; // NOTE(Kevin): Optimized for ARM
770 switch (u2RxTransactionSeqNum) {
771 case AUTH_TRANSACTION_SEQ_2:
772 case AUTH_TRANSACTION_SEQ_4:
773 saaFsmRunEventRxAuth(prAdapter, prSwRfb);
776 case AUTH_TRANSACTION_SEQ_1:
777 case AUTH_TRANSACTION_SEQ_3:
779 aaaFsmRunEventRxAuth(prAdapter, prSwRfb);
780 #endif /* CFG_SUPPORT_AAA */
784 if (prAuthFrame->u2StatusCode != STATUS_CODE_SUCCESSFUL) {
785 DBGLOG(SAA, WARN, ("Strange Authentication Packet: Auth Trans Seq No = %d, Error Status Code = %d\n",
786 u2RxTransactionSeqNum, prAuthFrame->u2StatusCode));
791 /* TODO(Kevin): Free SW_RFB_T */
795 return WLAN_STATUS_SUCCESS;
797 } /* end of authCheckRxAuthFrameTransSeq() */
800 /*----------------------------------------------------------------------------*/
802 * @brief This function will validate the incoming Authentication Frame and take
803 * the status code out.
805 * @param[in] prSwRfb Pointer to SW RFB data structure.
806 * @param[in] u2TransactionSeqNum Transaction Sequence Number
807 * @param[out] pu2StatusCode Pointer to store the Status Code from Authentication.
809 * @retval WLAN_STATUS_FAILURE This is not the frame we should handle at current state.
810 * @retval WLAN_STATUS_SUCCESS This is the frame we should handle.
812 /*----------------------------------------------------------------------------*/
814 authCheckRxAuthFrameStatus (
815 IN P_ADAPTER_T prAdapter,
816 IN P_SW_RFB_T prSwRfb,
817 IN UINT_16 u2TransactionSeqNum,
818 OUT PUINT_16 pu2StatusCode
821 P_STA_RECORD_T prStaRec;
822 P_WLAN_AUTH_FRAME_T prAuthFrame;
823 UINT_16 u2RxAuthAlgNum;
824 UINT_16 u2RxTransactionSeqNum;
825 //UINT_16 u2RxStatusCode; // NOTE(Kevin): Optimized for ARM
829 ASSERT(pu2StatusCode);
831 prStaRec = cnmGetStaRecByIndex(prAdapter, prSwRfb->ucStaRecIdx);
835 return WLAN_STATUS_INVALID_PACKET;
838 //4 <1> locate the Authentication Frame.
839 prAuthFrame = (P_WLAN_AUTH_FRAME_T) prSwRfb->pvHeader;
841 //4 <2> Parse the Fixed Fields of Authentication Frame Body.
842 //WLAN_GET_FIELD_16(&prAuthFrame->u2AuthAlgNum, &u2RxAuthAlgNum);
843 u2RxAuthAlgNum = prAuthFrame->u2AuthAlgNum; // NOTE(Kevin): Optimized for ARM
844 if (u2RxAuthAlgNum != (UINT_16)prStaRec->ucAuthAlgNum) {
845 DBGLOG(SAA, LOUD, ("Discard Auth frame with auth type = %d, current = %d\n",
846 u2RxAuthAlgNum, prStaRec->ucAuthAlgNum));
847 return WLAN_STATUS_FAILURE;
850 //WLAN_GET_FIELD_16(&prAuthFrame->u2AuthTransSeqNo, &u2RxTransactionSeqNum);
851 u2RxTransactionSeqNum = prAuthFrame->u2AuthTransSeqNo; // NOTE(Kevin): Optimized for ARM
852 if (u2RxTransactionSeqNum != u2TransactionSeqNum) {
853 DBGLOG(SAA, LOUD, ("Discard Auth frame with Transaction Seq No = %d\n",
854 u2RxTransactionSeqNum));
855 return WLAN_STATUS_FAILURE;
858 //4 <3> Get the Status code
859 //WLAN_GET_FIELD_16(&prAuthFrame->u2StatusCode, &u2RxStatusCode);
860 //*pu2StatusCode = u2RxStatusCode;
861 *pu2StatusCode = prAuthFrame->u2StatusCode; // NOTE(Kevin): Optimized for ARM
863 return WLAN_STATUS_SUCCESS;
865 } /* end of authCheckRxAuthFrameStatus() */
868 /*----------------------------------------------------------------------------*/
870 * @brief This function will handle the Challenge Text IE from the Authentication frame
872 * @param[in] prSwRfb Pointer to SW RFB data structure.
873 * @param[in] prIEHdr Pointer to start address of IE
877 /*----------------------------------------------------------------------------*/
879 authHandleIEChallengeText (
880 P_ADAPTER_T prAdapter,
885 P_WLAN_AUTH_FRAME_T prAuthFrame;
886 P_STA_RECORD_T prStaRec;
887 UINT_16 u2TransactionSeqNum;
893 prStaRec = cnmGetStaRecByIndex(prAdapter, prSwRfb->ucStaRecIdx);
900 /* For Management, frame header and payload are in a continuous buffer */
901 prAuthFrame = (P_WLAN_AUTH_FRAME_T)prSwRfb->pvHeader;
903 //WLAN_GET_FIELD_16(&prAuthFrame->u2AuthTransSeqNo, &u2TransactionSeqNum)
904 u2TransactionSeqNum = prAuthFrame->u2AuthTransSeqNo; // NOTE(Kevin): Optimized for ARM
906 /* Only consider SEQ_2 for Challenge Text */
907 if ((u2TransactionSeqNum == AUTH_TRANSACTION_SEQ_2) &&
908 (prStaRec->ucAuthAlgNum == AUTH_ALGORITHM_NUM_SHARED_KEY)) {
910 /* Free previous allocated TCM memory */
911 if (prStaRec->prChallengeText) {
913 cnmMemFree(prAdapter, prStaRec->prChallengeText);
914 prStaRec->prChallengeText = (P_IE_CHALLENGE_TEXT_T)NULL;
917 if ( ( prStaRec->prChallengeText = cnmMemAlloc(prAdapter, RAM_TYPE_MSG, IE_SIZE(prIEHdr)) ) == NULL) {
921 /* Save the Challenge Text from Auth Seq 2 Frame, before sending Auth Seq 3 Frame */
922 COPY_IE(prStaRec->prChallengeText, prIEHdr);
927 } /* end of authAddIEChallengeText() */
930 /*----------------------------------------------------------------------------*/
932 * @brief This function will parse and process the incoming Authentication frame.
934 * @param[in] prSwRfb Pointer to SW RFB data structure.
936 * @retval WLAN_STATUS_SUCCESS This is the frame we should handle.
938 /*----------------------------------------------------------------------------*/
940 authProcessRxAuth2_Auth4Frame (
941 IN P_ADAPTER_T prAdapter,
942 IN P_SW_RFB_T prSwRfb
945 P_WLAN_AUTH_FRAME_T prAuthFrame;
946 PUINT_8 pucIEsBuffer;
955 prAuthFrame = (P_WLAN_AUTH_FRAME_T) prSwRfb->pvHeader;
957 pucIEsBuffer = &prAuthFrame->aucInfoElem[0];
958 u2IEsLen = (prSwRfb->u2PacketLen - prSwRfb->u2HeaderLen) -
959 (AUTH_ALGORITHM_NUM_FIELD_LEN +
960 AUTH_TRANSACTION_SEQENCE_NUM_FIELD_LEN +
961 STATUS_CODE_FIELD_LEN);
963 IE_FOR_EACH(pucIEsBuffer, u2IEsLen, u2Offset) {
964 ucIEID = IE_ID(pucIEsBuffer);
966 for (i = 0; i < (sizeof(rxAuthIETable) / sizeof(HANDLE_IE_ENTRY_T)); i++) {
968 if (ucIEID == rxAuthIETable[i].ucElemID) {
969 rxAuthIETable[i].pfnHandleIE(prAdapter, prSwRfb, (P_IE_HDR_T)pucIEsBuffer);
974 return WLAN_STATUS_SUCCESS;
976 } /* end of authProcessRxAuth2_Auth4Frame() */
979 /*----------------------------------------------------------------------------*/
981 * @brief This function will compose the Deauthentication frame
983 * @param[in] pucBuffer Pointer to the frame buffer.
984 * @param[in] aucPeerMACAddress Given Peer MAC Address.
985 * @param[in] aucMACAddress Given Our MAC Address.
986 * @param[in] u2StatusCode Status Code
990 /*----------------------------------------------------------------------------*/
992 authComposeDeauthFrameHeaderAndFF (
993 IN PUINT_8 pucBuffer,
994 IN UINT_8 aucPeerMACAddress[],
995 IN UINT_8 aucMACAddress[],
996 IN UINT_8 aucBssid[],
997 IN UINT_16 u2ReasonCode
1000 P_WLAN_DEAUTH_FRAME_T prDeauthFrame;
1001 UINT_16 u2FrameCtrl;
1004 ASSERT(aucPeerMACAddress);
1005 ASSERT(aucMACAddress);
1008 prDeauthFrame = (P_WLAN_DEAUTH_FRAME_T)pucBuffer;
1010 //4 <1> Compose the frame header of the Deauthentication frame.
1011 /* Fill the Frame Control field. */
1012 u2FrameCtrl = MAC_FRAME_DEAUTH;
1014 //WLAN_SET_FIELD_16(&prDeauthFrame->u2FrameCtrl, u2FrameCtrl);
1015 prDeauthFrame->u2FrameCtrl = u2FrameCtrl; // NOTE(Kevin): Optimized for ARM
1017 /* Fill the DA field with Target BSSID. */
1018 COPY_MAC_ADDR(prDeauthFrame->aucDestAddr, aucPeerMACAddress);
1020 /* Fill the SA field with our MAC Address. */
1021 COPY_MAC_ADDR(prDeauthFrame->aucSrcAddr, aucMACAddress);
1023 /* Fill the BSSID field with Target BSSID. */
1024 COPY_MAC_ADDR(prDeauthFrame->aucBSSID, aucBssid);
1026 /* Clear the SEQ/FRAG_NO field(HW won't overide the FRAG_NO, so we need to clear it). */
1027 prDeauthFrame->u2SeqCtrl = 0;
1029 //4 <2> Compose the frame body's fixed field part of the Authentication frame.
1030 /* Fill the Status Code field. */
1031 //WLAN_SET_FIELD_16(&prDeauthFrame->u2ReasonCode, u2ReasonCode);
1032 prDeauthFrame->u2ReasonCode = u2ReasonCode; // NOTE(Kevin): Optimized for ARM
1035 } /* end of authComposeDeauthFrameHeaderAndFF() */
1039 /*----------------------------------------------------------------------------*/
1041 * @brief This function will send the Deauthenticiation frame
1043 * @param[in] prStaRec Pointer to the STA_RECORD_T
1044 * @param[in] prClassErrSwRfb Pointer to the SW_RFB_T which is Class Error.
1045 * @param[in] u2ReasonCode A reason code to indicate why to leave BSS.
1046 * @param[in] pfTxDoneHandler TX Done call back function
1048 * @retval WLAN_STATUS_RESOURCES No available resource for frame composing.
1049 * @retval WLAN_STATUS_SUCCESS Successfully send frame to TX Module
1050 * @retval WLAN_STATUS_FAILURE Didn't send Deauth frame for various reasons.
1052 /*----------------------------------------------------------------------------*/
1054 authSendDeauthFrame (
1055 IN P_ADAPTER_T prAdapter,
1056 IN P_STA_RECORD_T prStaRec,
1057 IN P_SW_RFB_T prClassErrSwRfb,
1058 IN UINT_16 u2ReasonCode,
1059 IN PFN_TX_DONE_HANDLER pfTxDoneHandler
1062 P_WLAN_MAC_HEADER_A4_T prWlanMacHeader = NULL;
1063 PUINT_8 pucReceiveAddr;
1064 PUINT_8 pucTransmitAddr;
1065 PUINT_8 pucBssid = NULL;
1067 ENUM_NETWORK_TYPE_INDEX_T eNetTypeIndex = NETWORK_TYPE_AIS_INDEX;
1068 P_MSDU_INFO_T prMsduInfo;
1069 UINT_16 u2EstimatedFrameLen;
1070 UINT_16 u2RxFrameCtrl;
1071 P_BSS_INFO_T prBssInfo;
1073 P_DEAUTH_INFO_T prDeauthInfo;
1074 OS_SYSTIME rCurrentTime;
1075 INT_32 i4NewEntryIndex, i;
1076 UINT_8 ucStaRecIdx = STA_REC_INDEX_NOT_FOUND;
1078 #if CFG_ENABLE_WIFI_DIRECT
1079 UINT_8 aucBMC[] = BC_MAC_ADDR;
1082 /* NOTE(Kevin): The best way to reply the Deauth is according to the incoming data
1085 //4 <1> Find the Receiver Address first.
1086 if (prClassErrSwRfb) {
1087 BOOLEAN fgIsAbleToSendDeauth = FALSE;
1089 prWlanMacHeader = (P_WLAN_MAC_HEADER_A4_T) prClassErrSwRfb->pvHeader;
1091 //WLAN_GET_FIELD_16(&prWlanMacHeader->u2FrameCtrl, &u2RxFrameCtrl);
1092 u2RxFrameCtrl = prWlanMacHeader->u2FrameCtrl; // NOTE(Kevin): Optimized for ARM
1094 /* TODO(Kevin): Currently we won't send Deauth for IBSS node. How about DLS ? */
1095 if ((prWlanMacHeader->u2FrameCtrl & MASK_TO_DS_FROM_DS) == 0) {
1096 return WLAN_STATUS_FAILURE;
1099 /* Check if corresponding BSS is able to send Deauth */
1100 for (i = NETWORK_TYPE_AIS_INDEX; i < NETWORK_TYPE_INDEX_NUM; i++) {
1101 prBssInfo = &(prAdapter->rWifiVar.arBssInfo[i]);
1103 if (IS_NET_ACTIVE(prAdapter, i) &&
1104 (EQUAL_MAC_ADDR(prWlanMacHeader->aucAddr1, prBssInfo->aucOwnMacAddr))) {
1106 fgIsAbleToSendDeauth = TRUE;
1107 eNetTypeIndex = (ENUM_NETWORK_TYPE_INDEX_T)i;
1113 if (!fgIsAbleToSendDeauth) {
1114 return WLAN_STATUS_FAILURE;
1117 pucReceiveAddr = prWlanMacHeader->aucAddr2;
1120 else if (prStaRec) {
1122 pucReceiveAddr = prStaRec->aucMacAddr;
1125 #if CFG_ENABLE_WIFI_DIRECT
1126 pucReceiveAddr = aucBMC;
1128 return WLAN_STATUS_FAILURE;
1132 //4 <2> Check if already send a Deauth frame in MIN_DEAUTH_INTERVAL_MSEC
1133 GET_CURRENT_SYSTIME(&rCurrentTime);
1135 i4NewEntryIndex = -1;
1136 for (i = 0; i < MAX_DEAUTH_INFO_COUNT; i++) {
1137 prDeauthInfo = &(prAdapter->rWifiVar.arDeauthInfo[i]);
1140 /* For continuously sending Deauth frame, the minimum interval is
1141 * MIN_DEAUTH_INTERVAL_MSEC.
1143 if (CHECK_FOR_TIMEOUT(rCurrentTime,
1144 prDeauthInfo->rLastSendTime,
1145 MSEC_TO_SYSTIME(MIN_DEAUTH_INTERVAL_MSEC))) {
1147 i4NewEntryIndex = i;
1149 else if (EQUAL_MAC_ADDR(pucReceiveAddr, prDeauthInfo->aucRxAddr) &&
1150 (!pfTxDoneHandler)) {
1152 return WLAN_STATUS_FAILURE;
1156 //4 <3> Update information.
1157 if (i4NewEntryIndex > 0) {
1159 prDeauthInfo = &(prAdapter->rWifiVar.arDeauthInfo[i4NewEntryIndex]);
1161 COPY_MAC_ADDR(prDeauthInfo->aucRxAddr, pucReceiveAddr);
1162 prDeauthInfo->rLastSendTime = rCurrentTime;
1165 /* NOTE(Kevin): for the case of AP mode, we may encounter this case
1166 * if deauth all the associated clients.
1168 DBGLOG(SAA, WARN, ("No unused DEAUTH_INFO_T !\n"));
1171 //4 <4> Allocate a PKT_INFO_T for Deauthentication Frame
1172 /* Init with MGMT Header Length + Length of Fixed Fields + IE Length */
1173 u2EstimatedFrameLen = (MAC_TX_RESERVED_FIELD +
1174 WLAN_MAC_MGMT_HEADER_LEN +
1175 REASON_CODE_FIELD_LEN);
1177 /* Allocate a MSDU_INFO_T */
1178 if ( (prMsduInfo = cnmMgtPktAlloc(prAdapter, u2EstimatedFrameLen)) == NULL) {
1179 DBGLOG(SAA, WARN, ("No PKT_INFO_T for sending Deauth Request.\n"));
1180 return WLAN_STATUS_RESOURCES;
1183 //4 <5> Find the Transmitter Address and BSSID.
1184 if (prClassErrSwRfb) {
1186 /* The TA of Deauth is the A1 of RX frame */
1187 pucTransmitAddr = prWlanMacHeader->aucAddr1;
1189 switch (prWlanMacHeader->u2FrameCtrl & MASK_TO_DS_FROM_DS) {
1191 case MASK_FC_FROM_DS:
1192 /* The BSSID of Deauth is the A2 of RX frame */
1193 pucBssid = prWlanMacHeader->aucAddr2;
1197 /* The BSSID of Deauth is the A1 of RX frame */
1198 pucBssid = prWlanMacHeader->aucAddr1;
1201 case MASK_TO_DS_FROM_DS:
1202 /* TODO(Kevin): Consider BOW, now we set the BSSID of Deauth
1203 * to the A2 of RX frame for temporary solution.
1205 pucBssid = prWlanMacHeader->aucAddr2;
1212 else if (prStaRec) {
1213 eNetTypeIndex = prStaRec->ucNetTypeIndex;
1215 prBssInfo = &(prAdapter->rWifiVar.arBssInfo[eNetTypeIndex]);
1217 pucTransmitAddr = prBssInfo->aucOwnMacAddr;
1219 pucBssid = prBssInfo->aucBSSID;
1221 #if CFG_ENABLE_WIFI_DIRECT
1223 if (prAdapter->fgIsP2PRegistered) {
1224 prBssInfo = &(prAdapter->rWifiVar.arBssInfo[NETWORK_TYPE_P2P_INDEX]);
1226 ucStaRecIdx = STA_REC_INDEX_BMCAST;
1228 pucTransmitAddr = prBssInfo->aucOwnMacAddr;
1230 pucBssid = prBssInfo->aucBSSID;
1232 eNetTypeIndex = NETWORK_TYPE_P2P_INDEX;
1235 return WLAN_STATUS_FAILURE;
1242 //4 <6> compose Deauthentication frame header and some fixed fields */
1243 authComposeDeauthFrameHeaderAndFF(
1244 (PUINT_8)((UINT_32)(prMsduInfo->prPacket) + MAC_TX_RESERVED_FIELD),
1250 #if CFG_SUPPORT_802_11W
1251 if (rsnCheckBipKeyInstalled(prAdapter, prStaRec)) {
1252 P_WLAN_DEAUTH_FRAME_T prDeauthFrame;
1254 prDeauthFrame = (P_WLAN_DEAUTH_FRAME_T)(PUINT_8)((UINT_32)(prMsduInfo->prPacket) + MAC_TX_RESERVED_FIELD);
1256 prDeauthFrame->u2FrameCtrl |= MASK_FC_PROTECTED_FRAME;
1257 DBGLOG(TX, WARN, ("authSendDeauthFrame with protection\n"));
1261 //4 <7> Update information of MSDU_INFO_T
1262 prMsduInfo->eSrc = TX_PACKET_MGMT;
1263 prMsduInfo->ucPacketType = HIF_TX_PACKET_TYPE_MGMT;
1264 prMsduInfo->ucStaRecIndex = ((prStaRec == NULL)?ucStaRecIdx:prStaRec->ucIndex);
1265 prMsduInfo->ucNetworkType = (UINT_8)eNetTypeIndex;
1266 prMsduInfo->ucMacHeaderLength = WLAN_MAC_MGMT_HEADER_LEN;
1267 prMsduInfo->fgIs802_1x = FALSE;
1268 prMsduInfo->fgIs802_11 = TRUE;
1269 prMsduInfo->u2FrameLength = WLAN_MAC_MGMT_HEADER_LEN + REASON_CODE_FIELD_LEN;
1270 prMsduInfo->ucTxSeqNum = nicIncreaseTxSeqNum(prAdapter);
1271 prMsduInfo->pfTxDoneHandler = pfTxDoneHandler;
1272 prMsduInfo->fgIsBasicRate = TRUE;
1274 //4 <8> Inform TXM to send this Deauthentication frame.
1275 nicTxEnqueueMsdu(prAdapter, prMsduInfo);
1277 return WLAN_STATUS_SUCCESS;
1278 } /* end of authSendDeauthFrame() */
1282 /*----------------------------------------------------------------------------*/
1284 * @brief This function will parse and process the incoming Deauthentication frame
1285 * if the given BSSID is matched.
1287 * @param[in] prSwRfb Pointer to SW RFB data structure.
1288 * @param[in] aucBSSID Given BSSID
1289 * @param[out] pu2ReasonCode Pointer to store the Reason Code from Deauthentication.
1291 * @retval WLAN_STATUS_FAILURE This is not the frame we should handle at current state.
1292 * @retval WLAN_STATUS_SUCCESS This is the frame we should handle.
1294 /*----------------------------------------------------------------------------*/
1296 authProcessRxDeauthFrame (
1297 IN P_SW_RFB_T prSwRfb,
1298 IN UINT_8 aucBSSID[],
1299 OUT PUINT_16 pu2ReasonCode
1302 P_WLAN_DEAUTH_FRAME_T prDeauthFrame;
1303 UINT_16 u2RxReasonCode;
1308 ASSERT(pu2ReasonCode);
1310 //4 <1> locate the Deauthentication Frame.
1311 prDeauthFrame = (P_WLAN_DEAUTH_FRAME_T) prSwRfb->pvHeader;
1313 //4 <2> Parse the Header of Deauthentication Frame.
1314 #if 0 // Kevin: Seems redundant
1315 WLAN_GET_FIELD_16(&prDeauthFrame->u2FrameCtrl, &u2RxFrameCtrl)
1316 u2RxFrameCtrl &= MASK_FRAME_TYPE;
1317 if (u2RxFrameCtrl != MAC_FRAME_DEAUTH) {
1318 return WLAN_STATUS_FAILURE;
1322 if ((prSwRfb->u2PacketLen - prSwRfb->u2HeaderLen) < REASON_CODE_FIELD_LEN) {
1324 return WLAN_STATUS_FAILURE;
1327 /* Check if this Deauth Frame is coming from Target BSSID */
1328 if (UNEQUAL_MAC_ADDR(prDeauthFrame->aucBSSID, aucBSSID)) {
1329 DBGLOG(SAA, LOUD, ("Ignore Deauth Frame from other BSS ["MACSTR"]\n",
1330 MAC2STR(prDeauthFrame->aucSrcAddr)));
1331 return WLAN_STATUS_FAILURE;
1334 //4 <3> Parse the Fixed Fields of Deauthentication Frame Body.
1335 WLAN_GET_FIELD_16(&prDeauthFrame->u2ReasonCode, &u2RxReasonCode);
1336 *pu2ReasonCode = u2RxReasonCode;
1338 return WLAN_STATUS_SUCCESS;
1340 } /* end of authProcessRxDeauthFrame() */
1343 /*----------------------------------------------------------------------------*/
1345 * @brief This function will parse and process the incoming Authentication frame.
1347 * @param[in] prSwRfb Pointer to SW RFB data structure.
1348 * @param[in] aucExpectedBSSID Given Expected BSSID.
1349 * @param[in] u2ExpectedAuthAlgNum Given Expected Authentication Algorithm Number
1350 * @param[in] u2ExpectedTransSeqNum Given Expected Transaction Sequence Number.
1351 * @param[out] pu2ReturnStatusCode Return Status Code.
1353 * @retval WLAN_STATUS_SUCCESS This is the frame we should handle.
1354 * @retval WLAN_STATUS_FAILURE The frame we will ignore.
1356 /*----------------------------------------------------------------------------*/
1358 authProcessRxAuth1Frame (
1359 IN P_ADAPTER_T prAdapter,
1360 IN P_SW_RFB_T prSwRfb,
1361 IN UINT_8 aucExpectedBSSID[],
1362 IN UINT_16 u2ExpectedAuthAlgNum,
1363 IN UINT_16 u2ExpectedTransSeqNum,
1364 OUT PUINT_16 pu2ReturnStatusCode
1367 P_WLAN_AUTH_FRAME_T prAuthFrame;
1368 UINT_16 u2ReturnStatusCode = STATUS_CODE_SUCCESSFUL;
1372 ASSERT(aucExpectedBSSID);
1373 ASSERT(pu2ReturnStatusCode);
1375 //4 <1> locate the Authentication Frame.
1376 prAuthFrame = (P_WLAN_AUTH_FRAME_T) prSwRfb->pvHeader;
1378 //4 <2> Check the BSSID
1379 if (UNEQUAL_MAC_ADDR(prAuthFrame->aucBSSID, aucExpectedBSSID)) {
1380 return WLAN_STATUS_FAILURE; /* Just Ignore this MMPDU */
1383 //4 <3> Parse the Fixed Fields of Authentication Frame Body.
1384 if (prAuthFrame->u2AuthAlgNum != u2ExpectedAuthAlgNum) {
1385 u2ReturnStatusCode = STATUS_CODE_AUTH_ALGORITHM_NOT_SUPPORTED;
1388 if (prAuthFrame->u2AuthTransSeqNo != u2ExpectedTransSeqNum) {
1389 u2ReturnStatusCode = STATUS_CODE_AUTH_OUT_OF_SEQ;
1392 *pu2ReturnStatusCode = u2ReturnStatusCode;
1394 return WLAN_STATUS_SUCCESS;
1396 } /* end of authProcessRxAuth1Frame() */