2 ** $Id: //Department/DaVinci/BRANCHES/MT6620_WIFI_DRIVER_V2_3/mgmt/sec_fsm.c#1 $
6 \brief This is the file implement security check state machine.
8 In security module, do the port control check after success join to an AP,
9 and the path to NORMAL TR, the state machine handle these state transition.
18 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
19 * Adjust code for DBG and CONFIG_XLOG.
22 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
23 * modify the xlog related code.
26 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
27 * change the debug module level.
30 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
31 * adding the code for XLOG.
34 * [WCXRP00000248] [MT6620 Wi-Fi][FW]Fixed the Klockwork error
35 * fixed the kclocwork error.
37 * 01 26 2011 yuche.tsai
38 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
41 * 01 25 2011 yuche.tsai
42 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
43 * Fix Compile Error when DBG is disabled.
45 * 01 25 2011 yuche.tsai
46 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
47 * Change Station Type in Station Record, Modify MACRO definition for getting station type & network type index & Role.
50 * [WCXRP00000072] [MT6620 Wi-Fi][Driver] Fix TKIP Counter Measure EAPoL callback register issue
51 * [MT6620 Wi-Fi][Driver] Fix TKIP Counter Measure EAPoL callback register issue.
55 * [WCXRP00005002][MT6620 Wi-Fi][Driver] Eliminate Linux Compile Warning.
57 * 09 03 2010 kevin.huang
59 * Refine #include sequence and solve recursive/nested #include issue
63 * adding the eapol callback setting.
67 * adding the tx pkt call back handle for countermeasure.
71 * fixed the compilng error at debug mode.
75 * [WPD00003833] [MT6620 and MT5931] Driver migration - move to new repository.
78 * [WPD00003840][MT6620 5931] Security migration
79 * modify some code for concurrent network.
82 * [WPD00003840][MT6620 5931] Security migration
83 * consdier the concurrent network setting.
86 * [BORA00000626][MT6620] Refine the remove key flow for WHQL testing
87 * fixed the ad-hoc wpa-none send non-encrypted frame issue.
89 * 05 24 2010 kevin.huang
90 * [BORA00000794][WIFISYS][New Feature]Power Management Support
91 * Refine authSendAuthFrame() for NULL STA_RECORD_T case and minimum deauth interval.
94 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
95 * g_aprBssInfo[] depends on CFG_SUPPORT_P2P and CFG_SUPPORT_BOW
98 * [BORA00000680][MT6620] Support the statistic for Microsoft os query
99 * fixed the Klocwork error and refine the class error message.
102 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
103 * move the AIS specific variable for security to AIS specific structure.
106 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
107 * Fixed the pre-authentication timer not correctly init issue, and modify the security related callback function prototype.
110 * [BORA00000605][WIFISYS] Phase3 Integration
111 * Refine the variable and parameter for security.
114 * [BORA00000476][Wi-Fi][firmware] Add the security module initialize code
115 * add and fixed some security function.
118 * [BORA00000476][Wi-Fi][firmware] Add the security module initialize code
119 * fixed the compiling warning
121 * 12 18 2009 cm.chang
122 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
125 * Dec 7 2009 mtk01088
126 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
129 * Dec 4 2009 mtk01088
130 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
133 * Dec 1 2009 mtk01088
134 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
137 * Nov 23 2009 mtk01088
138 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
139 * adjust the function name
141 * Nov 19 2009 mtk01088
142 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
143 * adjust the state machine, to meet the firmware security design v1.1
145 * Nov 18 2009 mtk01088
146 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
151 /*******************************************************************************
152 * C O M P I L E R F L A G S
153 ********************************************************************************
156 /*******************************************************************************
157 * E X T E R N A L R E F E R E N C E S
158 ********************************************************************************
162 #if CFG_RSN_MIGRATION
164 /*******************************************************************************
166 ********************************************************************************
169 /*******************************************************************************
171 ********************************************************************************
174 /*******************************************************************************
175 * P U B L I C D A T A
176 ********************************************************************************
179 /*******************************************************************************
180 * P R I V A T E D A T A
181 ********************************************************************************
184 /*lint -save -e64 Type mismatch */
185 static PUINT_8 apucDebugSecState[SEC_STATE_NUM] = {
186 (PUINT_8)DISP_STRING("SEC_STATE_INIT"),
187 (PUINT_8)DISP_STRING("SEC_STATE_INITIATOR_PORT_BLOCKED"),
188 (PUINT_8)DISP_STRING("SEC_STATE_RESPONDER_PORT_BLOCKED"),
189 (PUINT_8)DISP_STRING("SEC_STATE_CHECK_OK"),
190 (PUINT_8)DISP_STRING("SEC_STATE_SEND_EAPOL"),
191 (PUINT_8)DISP_STRING("SEC_STATE_SEND_DEAUTH"),
192 (PUINT_8)DISP_STRING("SEC_STATE_COUNTERMEASURE"),
197 /*******************************************************************************
199 ********************************************************************************
202 /*******************************************************************************
203 * F U N C T I O N D E C L A R A T I O N S
204 ********************************************************************************
207 /*******************************************************************************
209 ********************************************************************************
212 /*----------------------------------------------------------------------------*/
214 * \brief This function will do initialization of Security FSM and all variables in
217 * \param[in] prSta Pointer to the STA record
221 /*----------------------------------------------------------------------------*/
224 IN P_ADAPTER_T prAdapter,
225 IN P_STA_RECORD_T prSta
228 P_SEC_INFO_T prSecInfo;
229 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo;
233 prSecInfo = &prSta->rSecInfo;
236 //At MT5921, is ok, but at MT6620, firmware base ASIC, the firmware
237 //will lost these data, thus, driver have to keep the wep material and
238 //setting to firmware while awake from D3.
241 prSecInfo->eCurrentState = SEC_STATE_INIT;
243 prSecInfo->fg2nd1xSend = FALSE;
244 prSecInfo->fgKeyStored = FALSE;
246 if (IS_STA_IN_AIS(prSta)) {
247 prAisSpecBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
249 prAisSpecBssInfo->u4RsnaLastMICFailTime = 0;
250 prAisSpecBssInfo->fgCheckEAPoLTxDone = FALSE;
252 cnmTimerInitTimer(prAdapter,
253 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaEAPoLReportTimeoutTimer,
254 (PFN_MGMT_TIMEOUT_FUNC)secFsmEventEapolTxTimeout,
257 cnmTimerInitTimer(prAdapter,
258 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaBlockTrafficTimer,
259 (PFN_MGMT_TIMEOUT_FUNC)secFsmEventEndOfCounterMeasure,
267 /*----------------------------------------------------------------------------*/
269 * \brief This function will do uninitialization of Security FSM and all variables in
272 * \param[in] prSta Pointer to the STA record
276 /*----------------------------------------------------------------------------*/
277 VOID /* whsu:Todo: */
279 IN P_ADAPTER_T prAdapter,
280 IN P_STA_RECORD_T prSta
283 P_SEC_INFO_T prSecInfo;
287 prSecInfo = &prSta->rSecInfo;
289 prSecInfo->fg2nd1xSend = FALSE;
290 prSecInfo->fgKeyStored = FALSE;
292 //nicPrivacyRemoveWlanTable(prSta->ucWTEntry);
294 if (IS_STA_IN_AIS(prSta)) {
295 cnmTimerStopTimer(prAdapter,
296 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaEAPoLReportTimeoutTimer);
297 cnmTimerStopTimer(prAdapter,
298 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaBlockTrafficTimer);
304 /*----------------------------------------------------------------------------*/
306 * \brief This function will do action part while in STATE transition of
307 * STANDBY to CHECK_OK.
309 * \param[in] prSta Pointer to the Sta record
313 /*----------------------------------------------------------------------------*/
315 secFsmTrans_INIT_to_CHECK_OK (
316 IN P_ADAPTER_T prAdapter,
317 IN P_STA_RECORD_T prSta
320 secSetPortBlocked(prAdapter, prSta, FALSE);
326 /*----------------------------------------------------------------------------*/
328 * \brief This function will do action part while in STATE transition of
329 * INIT to INITIATOR_PORT_BLOCKED.
331 * \param[in] prSta Pointer to the Sta record
335 /*----------------------------------------------------------------------------*/
337 secFsmTrans_INIT_to_INITIATOR_PORT_BLOCKED (
338 IN P_ADAPTER_T prAdapter,
339 IN P_STA_RECORD_T prSta
347 /*----------------------------------------------------------------------------*/
349 * \brief This function will do action part while in STATE transition of
350 * INIT to RESPONDER_PORT_BLOCKED.
352 * \param[in] prSta Pointer to the Sta record
356 /*----------------------------------------------------------------------------*/
358 secFsmTrans_INIT_to_RESPONDER_PORT_BLOCKED (
359 IN P_ADAPTER_T prAdapter,
360 IN P_STA_RECORD_T prSta
367 /*----------------------------------------------------------------------------*/
369 * \brief This function will do action part while in STATE transition of
370 * INITIATOR_PORT_BLOCKED to CHECK_OK.
372 * \param[in] prSta Pointer to the Sta record
376 /*----------------------------------------------------------------------------*/
378 secFsmTrans_INITIATOR_PORT_BLOCKED_to_CHECK_OK (
379 IN P_ADAPTER_T prAdapter,
380 IN P_STA_RECORD_T prSta
383 secSetPortBlocked(prAdapter, prSta, FALSE);
388 /*----------------------------------------------------------------------------*/
390 * \brief This function will do action part while in STATE transition of
391 * RESPONDER_PORT_BLOCKED to CHECK_OK.
393 * \param[in] prSta Pointer to the Sta record
397 /*----------------------------------------------------------------------------*/
399 secFsmTrans_RESPONDER_PORT_BLOCKED_to_CHECK_OK (
400 IN P_ADAPTER_T prAdapter,
401 IN P_STA_RECORD_T prSta
404 secSetPortBlocked(prAdapter, prSta, FALSE);
409 /*----------------------------------------------------------------------------*/
411 * \brief This function will do action part while in STATE transition of
412 * CHECK_OK to SEND_EAPOL
414 * \param[in] prSta Pointer to the Sta record
418 /*----------------------------------------------------------------------------*/
420 secFsmTrans_CHECK_OK_to_SEND_EAPOL (
421 IN P_ADAPTER_T prAdapter,
422 IN P_STA_RECORD_T prSta
426 P_AIS_SPECIFIC_BSS_INFO_T prAisBssInfo;
432 prAisBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
434 ASSERT(prAisBssInfo);
436 if (!IS_STA_IN_AIS(prSta)) {
437 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
442 prAisBssInfo->fgCheckEAPoLTxDone = TRUE;
444 //cnmTimerStartTimer(prAdapter,
445 // &prAisBssInfo->rRsnaEAPoLReportTimeoutTimer,
446 // SEC_TO_MSEC(EAPOL_REPORT_SEND_TIMEOUT_INTERVAL_SEC));
452 /*----------------------------------------------------------------------------*/
454 * \brief This function will do action part while in STATE transition of
455 * SEND_EAPOL to SEND_DEAUTH.
457 * \param[in] prSta Pointer to the Sta record
461 /*----------------------------------------------------------------------------*/
463 secFsmTrans_SEND_EAPOL_to_SEND_DEAUTH (
464 IN P_ADAPTER_T prAdapter,
465 IN P_STA_RECORD_T prSta
469 if (!IS_STA_IN_AIS(prSta)) {
470 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
475 /* Compose deauth frame to AP, a call back function for tx done */
476 if (authSendDeauthFrame(prAdapter,
479 REASON_CODE_MIC_FAILURE,
480 (PFN_TX_DONE_HANDLER)secFsmEventDeauthTxDone) != WLAN_STATUS_SUCCESS) {
486 /*----------------------------------------------------------------------------*/
488 * \brief This function will do action part while in STATE transition of
489 * SEND_DEAUTH to COUNTERMEASURE.
491 * \param[in] prSta Pointer to the Sta record
495 /*----------------------------------------------------------------------------*/
497 secFsmTrans_SEND_DEAUTH_to_COUNTERMEASURE (
498 IN P_ADAPTER_T prAdapter,
499 IN P_STA_RECORD_T prSta
505 if (!IS_STA_IN_AIS(prSta)) {
506 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
511 //Start the 60 sec timer
512 cnmTimerStartTimer(prAdapter,
513 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaBlockTrafficTimer,
514 SEC_TO_MSEC(COUNTER_MEASURE_TIMEOUT_INTERVAL_SEC));
519 /*----------------------------------------------------------------------------*/
521 * \brief This function will do action part while in STATE transition of
522 * SEND_DEAUTH to COUNTERMEASURE.
524 * \param[in] prSta Pointer to the Sta record
528 /*----------------------------------------------------------------------------*/
530 secFsmTrans_COUNTERMEASURE_to_INIT (
531 IN P_ADAPTER_T prAdapter,
532 IN P_STA_RECORD_T prSta
536 //Clear the counter measure flag
540 /*----------------------------------------------------------------------------*/
542 * \brief The Core FSM engine of security module.
544 * \param[in] prSta Pointer to the Sta record
545 * \param[in] eNextState Enum value of next sec STATE
549 /*----------------------------------------------------------------------------*/
552 IN P_ADAPTER_T prAdapter,
553 IN P_STA_RECORD_T prSta,
554 IN ENUM_SEC_STATE_T eNextState
557 P_SEC_INFO_T prSecInfo;
558 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
562 prSecInfo = &prSta->rSecInfo;
565 DEBUGFUNC("secFsmSteps");
567 /* Do entering Next State */
568 prSecInfo->ePreviousState = prSecInfo->eCurrentState;
570 /* Do entering Next State */
572 DBGLOG(RSN, STATE, ("\n"MACSTR" TRANSITION: [%s] -> [%s]\n\n",
573 MAC2STR(prSta->aucMacAddr),
574 apucDebugSecState[prSecInfo->eCurrentState],
575 apucDebugSecState[eNextState]));
577 DBGLOG(RSN, STATE, ("\n"MACSTR" [%d] TRANSITION: [%d] -> [%d]\n\n",
578 MAC2STR(prSta->aucMacAddr),
580 prSecInfo->eCurrentState,
583 prSecInfo->eCurrentState = eNextState;
585 fgIsTransition = (BOOLEAN)FALSE;
587 /* Do tasks of the State that we just entered */
588 switch (prSecInfo->eCurrentState) {
591 case SEC_STATE_INITIATOR_PORT_BLOCKED:
593 case SEC_STATE_RESPONDER_PORT_BLOCKED:
595 case SEC_STATE_CHECK_OK:
597 case SEC_STATE_SEND_EAPOL:
599 case SEC_STATE_SEND_DEAUTH:
601 case SEC_STATE_COUNTERMEASURE:
604 ASSERT(0); /* Make sure we have handle all STATEs */
609 while (fgIsTransition);
616 /*----------------------------------------------------------------------------*/
618 * \brief This function will do initialization of Security FSM and all variables in
621 * \param[in] prSta Pointer to the Sta record
625 /*----------------------------------------------------------------------------*/
628 IN P_ADAPTER_T prAdapter,
629 IN P_STA_RECORD_T prSta
632 P_SEC_INFO_T prSecInfo;
633 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
634 ENUM_SEC_STATE_T eNextState;
636 DBGLOG(RSN, TRACE, ("secFsmRunEventStart\n"));
643 if (!IS_STA_IN_AIS(prSta))
646 DBGLOG(RSN, TRACE, ("secFsmRunEventStart for sta "MACSTR" network %d\n",
647 MAC2STR(prSta->aucMacAddr), prSta->ucNetTypeIndex));
649 prSecInfo = (P_SEC_INFO_T)&prSta->rSecInfo;
651 eNextState = prSecInfo->eCurrentState;
653 secSetPortBlocked(prAdapter, prSta, TRUE);
655 //prSta->fgTransmitKeyExist = FALSE;
656 //whsu:: nicPrivacySetStaDefaultWTIdx(prSta);
658 #if 1 /* Since the 1x and key can set to firmware in order, always enter the check ok state */
659 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, CHECK_OK);
661 if (IS_STA_IN_AIS(prSta->eStaType)) {
662 if (secRsnKeyHandshakeEnabled(prAdapter) == TRUE
664 || (prAdapter->rWifiVar.rConnSettings.fgWapiMode)
667 prSta->fgTransmitKeyExist = FALSE;
668 //nicPrivacyInitialize(prSta->ucNetTypeIndex);
669 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, INITIATOR_PORT_BLOCKED);
672 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, CHECK_OK);
675 #if CFG_ENABLE_WIFI_DIRECT || CFG_ENABLE_BT_OVER_WIFI
676 #if CFG_ENABLE_WIFI_DIRECT && CFG_ENABLE_BT_OVER_WIFI
677 else if ((prSta->eStaType == STA_TYPE_BOW_CLIENT) ||
678 (prSta->eStaType == STA_TYPE_P2P_GC))
679 #elif CFG_ENABLE_WIFI_DIRECT
680 else if (prSta->eStaType == STA_TYPE_P2P_GC)
681 #elif CFG_ENABLE_BT_OVER_WIFI
682 else if (prSta->eStaType == STA_TYPE_BOW_CLIENT)
685 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, RESPONDER_PORT_BLOCKED);
689 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, INITIATOR_PORT_BLOCKED);
692 if (prSecInfo->eCurrentState != eNextState) {
693 secFsmSteps(prAdapter, prSta, eNextState);
697 } /* secFsmRunEventStart */
700 /*----------------------------------------------------------------------------*/
702 * \brief This function called by reset procedure to force the sec fsm enter
705 * \param[in] ucNetTypeIdx The Specific Network type index
706 * \param[in] prSta Pointer to the Sta record
710 /*----------------------------------------------------------------------------*/
713 IN P_ADAPTER_T prAdapter,
714 IN P_STA_RECORD_T prSta
717 P_SEC_INFO_T prSecInfo;
719 DBGLOG(RSN, TRACE, ("secFsmEventAbort for sta "MACSTR" network %d\n",
720 MAC2STR(prSta->aucMacAddr), prSta->ucNetTypeIndex));
727 if (!IS_STA_IN_AIS(prSta))
730 prSecInfo = (P_SEC_INFO_T)&prSta->rSecInfo;
732 prSta->fgTransmitKeyExist = FALSE;
734 secSetPortBlocked(prAdapter, prSta, TRUE);
736 if (prSecInfo == NULL)
739 if (IS_STA_IN_AIS(prSta)) {
741 prAdapter->rWifiVar.rAisSpecificBssInfo.fgTransmitKeyExist = FALSE;
743 if (prSecInfo->eCurrentState == SEC_STATE_SEND_EAPOL) {
744 if (prAdapter->rWifiVar.rAisSpecificBssInfo.fgCheckEAPoLTxDone == FALSE) {
745 DBGLOG(RSN, TRACE, ("EAPOL STATE not match the flag\n"));
746 //cnmTimerStopTimer(prAdapter, &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaEAPoLReportTimeoutTimer);
750 prSecInfo->eCurrentState = SEC_STATE_INIT;
754 /*----------------------------------------------------------------------------*/
756 * \brief This function will indicate an Event of "2nd EAPoL Tx is sending" to Sec FSM.
758 * \param[in] prSta Pointer to the Sta record
762 /*----------------------------------------------------------------------------*/
764 secFsmEvent2ndEapolTx (
765 IN P_ADAPTER_T prAdapter,
766 IN P_STA_RECORD_T prSta
769 P_SEC_INFO_T prSecInfo;
770 ENUM_SEC_STATE_T eNextState;
771 //BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
773 DEBUGFUNC("secFsmRunEvent2ndEapolTx");
777 prSecInfo = &prSta->rSecInfo;
778 eNextState = prSecInfo->eCurrentState;
781 DBGLOG(RSN, TRACE, (MACSTR" Sec state %s\n", MAC2STR(prSta->aucMacAddr),
782 apucDebugSecState[prSecInfo->eCurrentState]));
784 DBGLOG(RSN, TRACE, (MACSTR" Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
787 switch(prSecInfo->eCurrentState) {
788 case SEC_STATE_INITIATOR_PORT_BLOCKED :
789 case SEC_STATE_CHECK_OK :
790 prSecInfo->fg2nd1xSend = TRUE;
794 DBGLOG(RSN, WARN, ("Rcv 2nd EAPoL at %s\n", apucDebugSecState[prSecInfo->eCurrentState]));
796 DBGLOG(RSN, WARN, ("Rcv 2nd EAPoL at [%d]\n", prSecInfo->eCurrentState));
801 if (prSecInfo->eCurrentState != eNextState) {
802 secFsmSteps(prAdapter, prSta, eNextState);
807 }/* secFsmRunEvent2ndEapolTx */
810 /*----------------------------------------------------------------------------*/
812 * \brief This function will indicate an Event of "4th EAPoL Tx is Tx done" to Sec FSM.
814 * \param[in] prSta Pointer to the Sta record
818 /*----------------------------------------------------------------------------*/
820 secFsmEvent4ndEapolTxDone (
821 IN P_ADAPTER_T prAdapter,
822 IN P_STA_RECORD_T prSta
825 P_SEC_INFO_T prSecInfo;
826 ENUM_SEC_STATE_T eNextState;
827 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
828 P_CMD_802_11_KEY prStoredKey;
830 DEBUGFUNC("secFsmRunEvent4ndEapolTx");
834 prSecInfo = &prSta->rSecInfo;
835 eNextState = prSecInfo->eCurrentState;
838 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
839 apucDebugSecState[prSecInfo->eCurrentState]));
841 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
844 switch(prSecInfo->eCurrentState) {
845 case SEC_STATE_INITIATOR_PORT_BLOCKED :
846 case SEC_STATE_CHECK_OK :
847 prSecInfo->fg2nd1xSend = FALSE;
848 if (prSecInfo->fgKeyStored) {
849 prStoredKey = (P_CMD_802_11_KEY)prSecInfo->aucStoredKey;
851 //prSta = rxmLookupStaRecIndexFromTA(prStoredKey->aucPeerAddr);
852 //if (nicPrivacySetKeyEntry(prStoredKey, prSta->ucWTEntry) == FALSE)
853 // DBGLOG(RSN, WARN, ("nicPrivacySetKeyEntry() fail,..\n"));
856 prSecInfo->fgKeyStored = FALSE;
857 prSta->fgTransmitKeyExist = TRUE;
859 if (prSecInfo->eCurrentState == SEC_STATE_INITIATOR_PORT_BLOCKED) {
860 SEC_STATE_TRANSITION(prAdapter, prSta, INITIATOR_PORT_BLOCKED, CHECK_OK);
866 DBGLOG(RSN, WARN, ("Rcv thh EAPoL Tx done at %s\n", apucDebugSecState[prSecInfo->eCurrentState]));
868 DBGLOG(RSN, WARN, ("Rcv thh EAPoL Tx done at [%d]\n", prSecInfo->eCurrentState));
873 if (prSecInfo->eCurrentState != eNextState) {
874 secFsmSteps(prAdapter, prSta, eNextState);
879 }/* secFsmRunEvent4ndEapolTx */
882 /*----------------------------------------------------------------------------*/
884 * \brief This function will indicate an Event of "Pairwise key installed" to SEC FSM.
886 * \param[in] prSta Pointer to the Sta record
888 * \retval TRUE The key can be installed to HW
889 * \retval FALSE The kay conflict with the current key, abort it
891 /*----------------------------------------------------------------------------*/
893 secFsmEventPTKInstalled (
894 IN P_ADAPTER_T prAdapter,
895 IN P_STA_RECORD_T prSta
898 P_SEC_INFO_T prSecInfo;
899 ENUM_SEC_STATE_T eNextState;
900 BOOLEAN fgStatus = TRUE;
901 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
905 prSecInfo = &prSta->rSecInfo;
906 if (prSecInfo == NULL)
907 return TRUE; /* Not PTK */
910 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
911 apucDebugSecState[prSecInfo->eCurrentState]));
913 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
916 eNextState = prSecInfo->eCurrentState;
918 switch(prSecInfo->eCurrentState) {
920 /* Legacy wep, wpa-none */
923 case SEC_STATE_INITIATOR_PORT_BLOCKED:
924 if (prSecInfo->fg2nd1xSend) {
927 SEC_STATE_TRANSITION(prAdapter, prSta, INITIATOR_PORT_BLOCKED, CHECK_OK);
931 case SEC_STATE_RESPONDER_PORT_BLOCKED:
932 SEC_STATE_TRANSITION(prAdapter, prSta, RESPONDER_PORT_BLOCKED, CHECK_OK);
936 case SEC_STATE_CHECK_OK:
944 if (prSecInfo->eCurrentState != eNextState) {
945 secFsmSteps(prAdapter, prSta, eNextState);
950 } /* end of secFsmRunEventPTKInstalled() */
953 /*----------------------------------------------------------------------------*/
955 * \brief This function will indicate an Event of "Counter Measure" to SEC FSM.
957 * \param[in] prSta Pointer to the Sta record
961 /*----------------------------------------------------------------------------*/
963 secFsmEventStartCounterMeasure (
964 IN P_ADAPTER_T prAdapter,
965 IN P_STA_RECORD_T prSta
968 P_SEC_INFO_T prSecInfo;
969 ENUM_SEC_STATE_T eNextState;
970 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
972 DEBUGFUNC("secFsmRunEventStartCounterMeasure");
976 if (!IS_STA_IN_AIS(prSta)) {
977 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
982 prSecInfo = &prSta->rSecInfo;
984 eNextState = prSecInfo->eCurrentState;
987 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
988 apucDebugSecState[prSecInfo->eCurrentState]));
990 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
993 prAdapter->rWifiVar.rAisSpecificBssInfo.u4RsnaLastMICFailTime = 0;
995 switch(prSecInfo->eCurrentState) {
996 case SEC_STATE_CHECK_OK:
998 prAdapter->rWifiVar.rAisSpecificBssInfo.fgCounterMeasure = TRUE;
1000 //<Todo> dls port control
1001 SEC_STATE_TRANSITION(prAdapter, prSta, CHECK_OK, SEND_EAPOL);
1009 /* Call arbFsmSteps() when we are going to change ARB STATE */
1010 if (prSecInfo->eCurrentState != eNextState) {
1011 secFsmSteps(prAdapter, prSta, eNextState);
1016 } /* secFsmRunEventStartCounterMeasure */
1019 /*----------------------------------------------------------------------------*/
1021 * \brief This function will indicate an Event of "802.1x EAPoL Tx Done" to Sec FSM.
1023 * \param[in] prSta Pointer to the Sta record
1027 /*----------------------------------------------------------------------------*/
1029 secFsmEventEapolTxDone (
1030 IN P_ADAPTER_T prAdapter,
1031 IN P_STA_RECORD_T prStaRec,
1032 IN ENUM_TX_RESULT_CODE_T rTxDoneStatus
1035 P_SEC_INFO_T prSecInfo;
1036 ENUM_SEC_STATE_T eNextState;
1037 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1038 P_AIS_SPECIFIC_BSS_INFO_T prAisBssInfo;
1040 DEBUGFUNC("secFsmRunEventEapolTxDone");
1044 if (rTxDoneStatus != TX_RESULT_SUCCESS) {
1045 DBGLOG(RSN, INFO, ("Error EAPoL fram fail to send!!\n"));
1050 if (!IS_STA_IN_AIS(prStaRec)) {
1051 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1056 prAisBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
1058 ASSERT(prAisBssInfo);
1060 prSecInfo = &prStaRec->rSecInfo;
1061 eNextState = prSecInfo->eCurrentState;
1064 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prStaRec->aucMacAddr),
1065 apucDebugSecState[prSecInfo->eCurrentState]));
1067 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prStaRec->aucMacAddr), prSecInfo->eCurrentState));
1070 switch(prSecInfo->eCurrentState) {
1071 case SEC_STATE_SEND_EAPOL:
1072 if (prAisBssInfo->fgCheckEAPoLTxDone == FALSE) {
1076 prAisBssInfo->fgCheckEAPoLTxDone = FALSE;
1077 //cnmTimerStopTimer(prAdapter, &prAisBssInfo->rRsnaEAPoLReportTimeoutTimer);
1079 SEC_STATE_TRANSITION(prAdapter, prStaRec, SEND_EAPOL, SEND_DEAUTH);
1085 if (prSecInfo->eCurrentState != eNextState) {
1086 secFsmSteps(prAdapter, prStaRec, eNextState);
1091 }/* secFsmRunEventEapolTxDone */
1094 /*----------------------------------------------------------------------------*/
1096 * \brief This function will indicate an Event of "Deauth frame Tx Done" to Sec FSM.
1098 * \param[in] pMsduInfo Pointer to the Msdu Info
1099 * \param[in] rStatus The Tx done status
1103 * \note after receive deauth frame, callback function call this
1105 /*----------------------------------------------------------------------------*/
1107 secFsmEventDeauthTxDone (
1108 IN P_ADAPTER_T prAdapter,
1109 IN P_MSDU_INFO_T prMsduInfo,
1110 IN ENUM_TX_RESULT_CODE_T rTxDoneStatus
1113 P_STA_RECORD_T prStaRec;
1114 P_SEC_INFO_T prSecInfo;
1115 ENUM_SEC_STATE_T eNextState;
1116 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1118 DEBUGFUNC("secFsmRunEventDeauthTxDone");
1122 prStaRec = cnmGetStaRecByIndex(prAdapter, prMsduInfo->ucStaRecIndex);
1129 if (!IS_STA_IN_AIS(prStaRec)) {
1130 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1135 prSecInfo = (P_SEC_INFO_T)&prStaRec->rSecInfo;
1138 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prStaRec->aucMacAddr),
1139 apucDebugSecState[prSecInfo->eCurrentState]));
1141 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prStaRec->aucMacAddr), prSecInfo->eCurrentState));
1144 switch(prSecInfo->eCurrentState) {
1145 case SEC_STATE_SEND_DEAUTH:
1147 DBGLOG(RSN, TRACE, ("Set timer %d\n", COUNTER_MEASURE_TIMEOUT_INTERVAL_SEC));
1149 SEC_STATE_TRANSITION(prAdapter, prStaRec, SEND_DEAUTH, COUNTERMEASURE);
1159 }/* secFsmRunEventDeauthTxDone */
1162 /*----------------------------------------------------------------------------*/
1164 * \brief This function will check the eapol error frame fail to send issue.
1166 * \param[in] prSta Pointer to the Sta record
1170 /*----------------------------------------------------------------------------*/
1172 secFsmEventEapolTxTimeout (
1173 IN P_ADAPTER_T prAdapter,
1177 P_STA_RECORD_T prStaRec;
1179 DEBUGFUNC("secFsmRunEventEapolTxTimeout");
1181 prStaRec = (P_STA_RECORD_T)u4Parm;
1185 /* Todo:: How to handle the Eapol Error fail to send case? */
1190 }/* secFsmEventEapolTxTimeout */
1193 /*----------------------------------------------------------------------------*/
1195 * \brief This function will stop the counterMeasure duration.
1197 * \param[in] prSta Pointer to the Sta record
1201 /*----------------------------------------------------------------------------*/
1203 secFsmEventEndOfCounterMeasure (
1204 IN P_ADAPTER_T prAdapter,
1208 P_STA_RECORD_T prSta;
1209 P_SEC_INFO_T prSecInfo;
1210 ENUM_SEC_STATE_T eNextState;
1211 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1213 DEBUGFUNC("secFsmRunEventEndOfCounterMeasure");
1215 prSta = (P_STA_RECORD_T)u4Parm;
1219 if (!IS_STA_IN_AIS(prSta)) {
1220 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1225 prSecInfo = &prSta->rSecInfo;
1226 eNextState = prSecInfo->eCurrentState;
1229 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
1230 apucDebugSecState[prSecInfo->eCurrentState]));
1232 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
1235 switch(prSecInfo->eCurrentState) {
1236 case SEC_STATE_SEND_DEAUTH:
1238 prAdapter->rWifiVar.rAisSpecificBssInfo.fgCounterMeasure = FALSE;
1240 SEC_STATE_TRANSITION(prAdapter, prSta, COUNTERMEASURE, INIT);
1248 /* Call arbFsmSteps() when we are going to change ARB STATE */
1249 if (prSecInfo->eCurrentState != eNextState) {
1250 secFsmSteps(prAdapter, prSta, eNextState);
1254 }/* end of secFsmRunEventEndOfCounterMeasure */