2 ** $Id: //Department/DaVinci/BRANCHES/MT662X_593X_WIFI_DRIVER_V2_3/mgmt/sec_fsm.c#1 $
6 \brief This is the file implement security check state machine.
8 In security module, do the port control check after success join to an AP,
9 and the path to NORMAL TR, the state machine handle these state transition.
12 /*******************************************************************************
13 * Copyright (c) 2007 MediaTek Inc.
15 * All rights reserved. Copying, compilation, modification, distribution
16 * or any other use whatsoever of this material is strictly prohibited
17 * except in accordance with a Software License Agreement with
19 ********************************************************************************
22 /*******************************************************************************
25 * BY OPENING THIS FILE, BUYER HEREBY UNEQUIVOCALLY ACKNOWLEDGES AND
26 * AGREES THAT THE SOFTWARE/FIRMWARE AND ITS DOCUMENTATIONS ("MEDIATEK
27 * SOFTWARE") RECEIVED FROM MEDIATEK AND/OR ITS REPRESENTATIVES ARE
28 * PROVIDED TO BUYER ON AN "AS-IS" BASIS ONLY. MEDIATEK EXPRESSLY
29 * DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
30 * LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
31 * PARTICULAR PURPOSE OR NONINFRINGEMENT. NEITHER DOES MEDIATEK PROVIDE
32 * ANY WARRANTY WHATSOEVER WITH RESPECT TO THE SOFTWARE OF ANY THIRD PARTY
33 * WHICH MAY BE USED BY, INCORPORATED IN, OR SUPPLIED WITH THE MEDIATEK
34 * SOFTWARE, AND BUYER AGREES TO LOOK ONLY TO SUCH THIRD PARTY FOR ANY
35 * WARRANTY CLAIM RELATING THERETO. MEDIATEK SHALL ALSO NOT BE RESPONSIBLE
36 * FOR ANY MEDIATEK SOFTWARE RELEASES MADE TO BUYER'S SPECIFICATION OR TO
37 * CONFORM TO A PARTICULAR STANDARD OR OPEN FORUM.
39 * BUYER'S SOLE AND EXCLUSIVE REMEDY AND MEDIATEK'S ENTIRE AND CUMULATIVE
40 * LIABILITY WITH RESPECT TO THE MEDIATEK SOFTWARE RELEASED HEREUNDER WILL
41 * BE, AT MEDIATEK'S OPTION, TO REVISE OR REPLACE THE MEDIATEK SOFTWARE AT
42 * ISSUE, OR REFUND ANY SOFTWARE LICENSE FEES OR SERVICE CHARGE PAID BY
43 * BUYER TO MEDIATEK FOR SUCH MEDIATEK SOFTWARE AT ISSUE.
45 * THE TRANSACTION CONTEMPLATED HEREUNDER SHALL BE CONSTRUED IN ACCORDANCE
46 * WITH THE LAWS OF THE STATE OF CALIFORNIA, USA, EXCLUDING ITS CONFLICT
47 * OF LAWS PRINCIPLES. ANY DISPUTES, CONTROVERSIES OR CLAIMS ARISING
48 * THEREOF AND RELATED THERETO SHALL BE SETTLED BY ARBITRATION IN SAN
49 * FRANCISCO, CA, UNDER THE RULES OF THE INTERNATIONAL CHAMBER OF COMMERCE
51 ********************************************************************************
58 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
59 * Adjust code for DBG and CONFIG_XLOG.
62 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
63 * modify the xlog related code.
66 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
67 * change the debug module level.
70 * [WCXRP00001078] [MT6620 Wi-Fi][Driver] Adding the mediatek log improment support : XLOG
71 * adding the code for XLOG.
74 * [WCXRP00000248] [MT6620 Wi-Fi][FW]Fixed the Klockwork error
75 * fixed the kclocwork error.
77 * 01 26 2011 yuche.tsai
78 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
81 * 01 25 2011 yuche.tsai
82 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
83 * Fix Compile Error when DBG is disabled.
85 * 01 25 2011 yuche.tsai
86 * [WCXRP00000388] [Volunteer Patch][MT6620][Driver/Fw] change Station Type in station record.
87 * Change Station Type in Station Record, Modify MACRO definition for getting station type & network type index & Role.
90 * [WCXRP00000072] [MT6620 Wi-Fi][Driver] Fix TKIP Counter Measure EAPoL callback register issue
91 * [MT6620 Wi-Fi][Driver] Fix TKIP Counter Measure EAPoL callback register issue.
95 * [WCXRP00005002][MT6620 Wi-Fi][Driver] Eliminate Linux Compile Warning.
97 * 09 03 2010 kevin.huang
99 * Refine #include sequence and solve recursive/nested #include issue
103 * adding the eapol callback setting.
107 * adding the tx pkt call back handle for countermeasure.
111 * fixed the compilng error at debug mode.
115 * [WPD00003833] [MT6620 and MT5931] Driver migration - move to new repository.
118 * [WPD00003840][MT6620 5931] Security migration
119 * modify some code for concurrent network.
122 * [WPD00003840][MT6620 5931] Security migration
123 * consdier the concurrent network setting.
126 * [BORA00000626][MT6620] Refine the remove key flow for WHQL testing
127 * fixed the ad-hoc wpa-none send non-encrypted frame issue.
129 * 05 24 2010 kevin.huang
130 * [BORA00000794][WIFISYS][New Feature]Power Management Support
131 * Refine authSendAuthFrame() for NULL STA_RECORD_T case and minimum deauth interval.
133 * 04 24 2010 cm.chang
134 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
135 * g_aprBssInfo[] depends on CFG_SUPPORT_P2P and CFG_SUPPORT_BOW
138 * [BORA00000680][MT6620] Support the statistic for Microsoft os query
139 * fixed the Klocwork error and refine the class error message.
142 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
143 * move the AIS specific variable for security to AIS specific structure.
146 * [BORA00000637][MT6620 Wi-Fi] [Bug] WPA2 pre-authentication timer not correctly initialize
147 * Fixed the pre-authentication timer not correctly init issue, and modify the security related callback function prototype.
150 * [BORA00000605][WIFISYS] Phase3 Integration
151 * Refine the variable and parameter for security.
154 * [BORA00000476][Wi-Fi][firmware] Add the security module initialize code
155 * add and fixed some security function.
158 * [BORA00000476][Wi-Fi][firmware] Add the security module initialize code
159 * fixed the compiling warning
161 * 12 18 2009 cm.chang
162 * [BORA00000018]Integrate WIFI part into BORA for the 1st time
165 * Dec 7 2009 mtk01088
166 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
169 * Dec 4 2009 mtk01088
170 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
173 * Dec 1 2009 mtk01088
174 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
177 * Nov 23 2009 mtk01088
178 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
179 * adjust the function name
181 * Nov 19 2009 mtk01088
182 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
183 * adjust the state machine, to meet the firmware security design v1.1
185 * Nov 18 2009 mtk01088
186 * [BORA00000476] [Wi-Fi][firmware] Add the security module initialize code
191 /*******************************************************************************
192 * C O M P I L E R F L A G S
193 ********************************************************************************
196 /*******************************************************************************
197 * E X T E R N A L R E F E R E N C E S
198 ********************************************************************************
202 #if CFG_RSN_MIGRATION
204 /*******************************************************************************
206 ********************************************************************************
209 /*******************************************************************************
211 ********************************************************************************
214 /*******************************************************************************
215 * P U B L I C D A T A
216 ********************************************************************************
219 /*******************************************************************************
220 * P R I V A T E D A T A
221 ********************************************************************************
224 /*lint -save -e64 Type mismatch */
225 static PUINT_8 apucDebugSecState[SEC_STATE_NUM] = {
226 (PUINT_8)DISP_STRING("SEC_STATE_INIT"),
227 (PUINT_8)DISP_STRING("SEC_STATE_INITIATOR_PORT_BLOCKED"),
228 (PUINT_8)DISP_STRING("SEC_STATE_RESPONDER_PORT_BLOCKED"),
229 (PUINT_8)DISP_STRING("SEC_STATE_CHECK_OK"),
230 (PUINT_8)DISP_STRING("SEC_STATE_SEND_EAPOL"),
231 (PUINT_8)DISP_STRING("SEC_STATE_SEND_DEAUTH"),
232 (PUINT_8)DISP_STRING("SEC_STATE_COUNTERMEASURE"),
237 /*******************************************************************************
239 ********************************************************************************
242 /*******************************************************************************
243 * F U N C T I O N D E C L A R A T I O N S
244 ********************************************************************************
247 /*******************************************************************************
249 ********************************************************************************
252 /*----------------------------------------------------------------------------*/
254 * \brief This function will do initialization of Security FSM and all variables in
257 * \param[in] prSta Pointer to the STA record
261 /*----------------------------------------------------------------------------*/
264 IN P_ADAPTER_T prAdapter,
265 IN P_STA_RECORD_T prSta
268 P_SEC_INFO_T prSecInfo;
269 P_AIS_SPECIFIC_BSS_INFO_T prAisSpecBssInfo;
273 prSecInfo = &prSta->rSecInfo;
276 //At MT5921, is ok, but at MT6620, firmware base ASIC, the firmware
277 //will lost these data, thus, driver have to keep the wep material and
278 //setting to firmware while awake from D3.
281 prSecInfo->eCurrentState = SEC_STATE_INIT;
283 prSecInfo->fg2nd1xSend = FALSE;
284 prSecInfo->fgKeyStored = FALSE;
286 if (IS_STA_IN_AIS(prSta)) {
287 prAisSpecBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
289 prAisSpecBssInfo->u4RsnaLastMICFailTime = 0;
290 prAisSpecBssInfo->fgCheckEAPoLTxDone = FALSE;
292 cnmTimerInitTimer(prAdapter,
293 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaEAPoLReportTimeoutTimer,
294 (PFN_MGMT_TIMEOUT_FUNC)secFsmEventEapolTxTimeout,
297 cnmTimerInitTimer(prAdapter,
298 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaBlockTrafficTimer,
299 (PFN_MGMT_TIMEOUT_FUNC)secFsmEventEndOfCounterMeasure,
307 /*----------------------------------------------------------------------------*/
309 * \brief This function will do uninitialization of Security FSM and all variables in
312 * \param[in] prSta Pointer to the STA record
316 /*----------------------------------------------------------------------------*/
317 VOID /* whsu:Todo: */
319 IN P_ADAPTER_T prAdapter,
320 IN P_STA_RECORD_T prSta
323 P_SEC_INFO_T prSecInfo;
327 prSecInfo = &prSta->rSecInfo;
329 prSecInfo->fg2nd1xSend = FALSE;
330 prSecInfo->fgKeyStored = FALSE;
332 //nicPrivacyRemoveWlanTable(prSta->ucWTEntry);
334 if (IS_STA_IN_AIS(prSta)) {
335 cnmTimerStopTimer(prAdapter,
336 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaEAPoLReportTimeoutTimer);
337 cnmTimerStopTimer(prAdapter,
338 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaBlockTrafficTimer);
344 /*----------------------------------------------------------------------------*/
346 * \brief This function will do action part while in STATE transition of
347 * STANDBY to CHECK_OK.
349 * \param[in] prSta Pointer to the Sta record
353 /*----------------------------------------------------------------------------*/
355 secFsmTrans_INIT_to_CHECK_OK (
356 IN P_ADAPTER_T prAdapter,
357 IN P_STA_RECORD_T prSta
360 secSetPortBlocked(prAdapter, prSta, FALSE);
366 /*----------------------------------------------------------------------------*/
368 * \brief This function will do action part while in STATE transition of
369 * INIT to INITIATOR_PORT_BLOCKED.
371 * \param[in] prSta Pointer to the Sta record
375 /*----------------------------------------------------------------------------*/
377 secFsmTrans_INIT_to_INITIATOR_PORT_BLOCKED (
378 IN P_ADAPTER_T prAdapter,
379 IN P_STA_RECORD_T prSta
387 /*----------------------------------------------------------------------------*/
389 * \brief This function will do action part while in STATE transition of
390 * INIT to RESPONDER_PORT_BLOCKED.
392 * \param[in] prSta Pointer to the Sta record
396 /*----------------------------------------------------------------------------*/
398 secFsmTrans_INIT_to_RESPONDER_PORT_BLOCKED (
399 IN P_ADAPTER_T prAdapter,
400 IN P_STA_RECORD_T prSta
407 /*----------------------------------------------------------------------------*/
409 * \brief This function will do action part while in STATE transition of
410 * INITIATOR_PORT_BLOCKED to CHECK_OK.
412 * \param[in] prSta Pointer to the Sta record
416 /*----------------------------------------------------------------------------*/
418 secFsmTrans_INITIATOR_PORT_BLOCKED_to_CHECK_OK (
419 IN P_ADAPTER_T prAdapter,
420 IN P_STA_RECORD_T prSta
423 secSetPortBlocked(prAdapter, prSta, FALSE);
428 /*----------------------------------------------------------------------------*/
430 * \brief This function will do action part while in STATE transition of
431 * RESPONDER_PORT_BLOCKED to CHECK_OK.
433 * \param[in] prSta Pointer to the Sta record
437 /*----------------------------------------------------------------------------*/
439 secFsmTrans_RESPONDER_PORT_BLOCKED_to_CHECK_OK (
440 IN P_ADAPTER_T prAdapter,
441 IN P_STA_RECORD_T prSta
444 secSetPortBlocked(prAdapter, prSta, FALSE);
449 /*----------------------------------------------------------------------------*/
451 * \brief This function will do action part while in STATE transition of
452 * CHECK_OK to SEND_EAPOL
454 * \param[in] prSta Pointer to the Sta record
458 /*----------------------------------------------------------------------------*/
460 secFsmTrans_CHECK_OK_to_SEND_EAPOL (
461 IN P_ADAPTER_T prAdapter,
462 IN P_STA_RECORD_T prSta
466 P_AIS_SPECIFIC_BSS_INFO_T prAisBssInfo;
472 prAisBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
474 ASSERT(prAisBssInfo);
476 if (!IS_STA_IN_AIS(prSta)) {
477 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
482 prAisBssInfo->fgCheckEAPoLTxDone = TRUE;
484 //cnmTimerStartTimer(prAdapter,
485 // &prAisBssInfo->rRsnaEAPoLReportTimeoutTimer,
486 // SEC_TO_MSEC(EAPOL_REPORT_SEND_TIMEOUT_INTERVAL_SEC));
492 /*----------------------------------------------------------------------------*/
494 * \brief This function will do action part while in STATE transition of
495 * SEND_EAPOL to SEND_DEAUTH.
497 * \param[in] prSta Pointer to the Sta record
501 /*----------------------------------------------------------------------------*/
503 secFsmTrans_SEND_EAPOL_to_SEND_DEAUTH (
504 IN P_ADAPTER_T prAdapter,
505 IN P_STA_RECORD_T prSta
509 if (!IS_STA_IN_AIS(prSta)) {
510 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
515 /* Compose deauth frame to AP, a call back function for tx done */
516 if (authSendDeauthFrame(prAdapter,
519 REASON_CODE_MIC_FAILURE,
520 (PFN_TX_DONE_HANDLER)secFsmEventDeauthTxDone) != WLAN_STATUS_SUCCESS) {
526 /*----------------------------------------------------------------------------*/
528 * \brief This function will do action part while in STATE transition of
529 * SEND_DEAUTH to COUNTERMEASURE.
531 * \param[in] prSta Pointer to the Sta record
535 /*----------------------------------------------------------------------------*/
537 secFsmTrans_SEND_DEAUTH_to_COUNTERMEASURE (
538 IN P_ADAPTER_T prAdapter,
539 IN P_STA_RECORD_T prSta
545 if (!IS_STA_IN_AIS(prSta)) {
546 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
551 //Start the 60 sec timer
552 cnmTimerStartTimer(prAdapter,
553 &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaBlockTrafficTimer,
554 SEC_TO_MSEC(COUNTER_MEASURE_TIMEOUT_INTERVAL_SEC));
559 /*----------------------------------------------------------------------------*/
561 * \brief This function will do action part while in STATE transition of
562 * SEND_DEAUTH to COUNTERMEASURE.
564 * \param[in] prSta Pointer to the Sta record
568 /*----------------------------------------------------------------------------*/
570 secFsmTrans_COUNTERMEASURE_to_INIT (
571 IN P_ADAPTER_T prAdapter,
572 IN P_STA_RECORD_T prSta
576 //Clear the counter measure flag
580 /*----------------------------------------------------------------------------*/
582 * \brief The Core FSM engine of security module.
584 * \param[in] prSta Pointer to the Sta record
585 * \param[in] eNextState Enum value of next sec STATE
589 /*----------------------------------------------------------------------------*/
592 IN P_ADAPTER_T prAdapter,
593 IN P_STA_RECORD_T prSta,
594 IN ENUM_SEC_STATE_T eNextState
597 P_SEC_INFO_T prSecInfo;
598 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
602 prSecInfo = &prSta->rSecInfo;
605 DEBUGFUNC("secFsmSteps");
607 /* Do entering Next State */
608 prSecInfo->ePreviousState = prSecInfo->eCurrentState;
610 /* Do entering Next State */
612 DBGLOG(RSN, STATE, ("\n"MACSTR" TRANSITION: [%s] -> [%s]\n\n",
613 MAC2STR(prSta->aucMacAddr),
614 apucDebugSecState[prSecInfo->eCurrentState],
615 apucDebugSecState[eNextState]));
617 DBGLOG(RSN, STATE, ("\n"MACSTR" [%d] TRANSITION: [%d] -> [%d]\n\n",
618 MAC2STR(prSta->aucMacAddr),
620 prSecInfo->eCurrentState,
623 prSecInfo->eCurrentState = eNextState;
625 fgIsTransition = (BOOLEAN)FALSE;
627 /* Do tasks of the State that we just entered */
628 switch (prSecInfo->eCurrentState) {
631 case SEC_STATE_INITIATOR_PORT_BLOCKED:
633 case SEC_STATE_RESPONDER_PORT_BLOCKED:
635 case SEC_STATE_CHECK_OK:
637 case SEC_STATE_SEND_EAPOL:
639 case SEC_STATE_SEND_DEAUTH:
641 case SEC_STATE_COUNTERMEASURE:
644 ASSERT(0); /* Make sure we have handle all STATEs */
649 while (fgIsTransition);
656 /*----------------------------------------------------------------------------*/
658 * \brief This function will do initialization of Security FSM and all variables in
661 * \param[in] prSta Pointer to the Sta record
665 /*----------------------------------------------------------------------------*/
668 IN P_ADAPTER_T prAdapter,
669 IN P_STA_RECORD_T prSta
672 P_SEC_INFO_T prSecInfo;
673 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
674 ENUM_SEC_STATE_T eNextState;
676 DBGLOG(RSN, TRACE, ("secFsmRunEventStart\n"));
683 if (!IS_STA_IN_AIS(prSta))
686 DBGLOG(RSN, TRACE, ("secFsmRunEventStart for sta "MACSTR" network %d\n",
687 MAC2STR(prSta->aucMacAddr), prSta->ucNetTypeIndex));
689 prSecInfo = (P_SEC_INFO_T)&prSta->rSecInfo;
691 eNextState = prSecInfo->eCurrentState;
693 secSetPortBlocked(prAdapter, prSta, TRUE);
695 //prSta->fgTransmitKeyExist = FALSE;
696 //whsu:: nicPrivacySetStaDefaultWTIdx(prSta);
698 #if 1 /* Since the 1x and key can set to firmware in order, always enter the check ok state */
699 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, CHECK_OK);
701 if (IS_STA_IN_AIS(prSta->eStaType)) {
702 if (secRsnKeyHandshakeEnabled(prAdapter) == TRUE
704 || (prAdapter->rWifiVar.rConnSettings.fgWapiMode)
707 prSta->fgTransmitKeyExist = FALSE;
708 //nicPrivacyInitialize(prSta->ucNetTypeIndex);
709 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, INITIATOR_PORT_BLOCKED);
712 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, CHECK_OK);
715 #if CFG_ENABLE_WIFI_DIRECT || CFG_ENABLE_BT_OVER_WIFI
716 #if CFG_ENABLE_WIFI_DIRECT && CFG_ENABLE_BT_OVER_WIFI
717 else if ((prSta->eStaType == STA_TYPE_BOW_CLIENT) ||
718 (prSta->eStaType == STA_TYPE_P2P_GC))
719 #elif CFG_ENABLE_WIFI_DIRECT
720 else if (prSta->eStaType == STA_TYPE_P2P_GC)
721 #elif CFG_ENABLE_BT_OVER_WIFI
722 else if (prSta->eStaType == STA_TYPE_BOW_CLIENT)
725 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, RESPONDER_PORT_BLOCKED);
729 SEC_STATE_TRANSITION(prAdapter, prSta, INIT, INITIATOR_PORT_BLOCKED);
732 if (prSecInfo->eCurrentState != eNextState) {
733 secFsmSteps(prAdapter, prSta, eNextState);
737 } /* secFsmRunEventStart */
740 /*----------------------------------------------------------------------------*/
742 * \brief This function called by reset procedure to force the sec fsm enter
745 * \param[in] ucNetTypeIdx The Specific Network type index
746 * \param[in] prSta Pointer to the Sta record
750 /*----------------------------------------------------------------------------*/
753 IN P_ADAPTER_T prAdapter,
754 IN P_STA_RECORD_T prSta
757 P_SEC_INFO_T prSecInfo;
759 DBGLOG(RSN, TRACE, ("secFsmEventAbort for sta "MACSTR" network %d\n",
760 MAC2STR(prSta->aucMacAddr), prSta->ucNetTypeIndex));
767 if (!IS_STA_IN_AIS(prSta))
770 prSecInfo = (P_SEC_INFO_T)&prSta->rSecInfo;
772 prSta->fgTransmitKeyExist = FALSE;
774 secSetPortBlocked(prAdapter, prSta, TRUE);
776 if (prSecInfo == NULL)
779 if (IS_STA_IN_AIS(prSta)) {
781 prAdapter->rWifiVar.rAisSpecificBssInfo.fgTransmitKeyExist = FALSE;
783 if (prSecInfo->eCurrentState == SEC_STATE_SEND_EAPOL) {
784 if (prAdapter->rWifiVar.rAisSpecificBssInfo.fgCheckEAPoLTxDone == FALSE) {
785 DBGLOG(RSN, TRACE, ("EAPOL STATE not match the flag\n"));
786 //cnmTimerStopTimer(prAdapter, &prAdapter->rWifiVar.rAisSpecificBssInfo.rRsnaEAPoLReportTimeoutTimer);
790 prSecInfo->eCurrentState = SEC_STATE_INIT;
794 /*----------------------------------------------------------------------------*/
796 * \brief This function will indicate an Event of "2nd EAPoL Tx is sending" to Sec FSM.
798 * \param[in] prSta Pointer to the Sta record
802 /*----------------------------------------------------------------------------*/
804 secFsmEvent2ndEapolTx (
805 IN P_ADAPTER_T prAdapter,
806 IN P_STA_RECORD_T prSta
809 P_SEC_INFO_T prSecInfo;
810 ENUM_SEC_STATE_T eNextState;
811 //BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
813 DEBUGFUNC("secFsmRunEvent2ndEapolTx");
817 prSecInfo = &prSta->rSecInfo;
818 eNextState = prSecInfo->eCurrentState;
821 DBGLOG(RSN, TRACE, (MACSTR" Sec state %s\n", MAC2STR(prSta->aucMacAddr),
822 apucDebugSecState[prSecInfo->eCurrentState]));
824 DBGLOG(RSN, TRACE, (MACSTR" Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
827 switch(prSecInfo->eCurrentState) {
828 case SEC_STATE_INITIATOR_PORT_BLOCKED :
829 case SEC_STATE_CHECK_OK :
830 prSecInfo->fg2nd1xSend = TRUE;
834 DBGLOG(RSN, WARN, ("Rcv 2nd EAPoL at %s\n", apucDebugSecState[prSecInfo->eCurrentState]));
836 DBGLOG(RSN, WARN, ("Rcv 2nd EAPoL at [%d]\n", prSecInfo->eCurrentState));
841 if (prSecInfo->eCurrentState != eNextState) {
842 secFsmSteps(prAdapter, prSta, eNextState);
847 }/* secFsmRunEvent2ndEapolTx */
850 /*----------------------------------------------------------------------------*/
852 * \brief This function will indicate an Event of "4th EAPoL Tx is Tx done" to Sec FSM.
854 * \param[in] prSta Pointer to the Sta record
858 /*----------------------------------------------------------------------------*/
860 secFsmEvent4ndEapolTxDone (
861 IN P_ADAPTER_T prAdapter,
862 IN P_STA_RECORD_T prSta
865 P_SEC_INFO_T prSecInfo;
866 ENUM_SEC_STATE_T eNextState;
867 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
868 P_CMD_802_11_KEY prStoredKey;
870 DEBUGFUNC("secFsmRunEvent4ndEapolTx");
874 prSecInfo = &prSta->rSecInfo;
875 eNextState = prSecInfo->eCurrentState;
878 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
879 apucDebugSecState[prSecInfo->eCurrentState]));
881 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
884 switch(prSecInfo->eCurrentState) {
885 case SEC_STATE_INITIATOR_PORT_BLOCKED :
886 case SEC_STATE_CHECK_OK :
887 prSecInfo->fg2nd1xSend = FALSE;
888 if (prSecInfo->fgKeyStored) {
889 prStoredKey = (P_CMD_802_11_KEY)prSecInfo->aucStoredKey;
891 //prSta = rxmLookupStaRecIndexFromTA(prStoredKey->aucPeerAddr);
892 //if (nicPrivacySetKeyEntry(prStoredKey, prSta->ucWTEntry) == FALSE)
893 // DBGLOG(RSN, WARN, ("nicPrivacySetKeyEntry() fail,..\n"));
896 prSecInfo->fgKeyStored = FALSE;
897 prSta->fgTransmitKeyExist = TRUE;
899 if (prSecInfo->eCurrentState == SEC_STATE_INITIATOR_PORT_BLOCKED) {
900 SEC_STATE_TRANSITION(prAdapter, prSta, INITIATOR_PORT_BLOCKED, CHECK_OK);
906 DBGLOG(RSN, WARN, ("Rcv thh EAPoL Tx done at %s\n", apucDebugSecState[prSecInfo->eCurrentState]));
908 DBGLOG(RSN, WARN, ("Rcv thh EAPoL Tx done at [%d]\n", prSecInfo->eCurrentState));
913 if (prSecInfo->eCurrentState != eNextState) {
914 secFsmSteps(prAdapter, prSta, eNextState);
919 }/* secFsmRunEvent4ndEapolTx */
922 /*----------------------------------------------------------------------------*/
924 * \brief This function will indicate an Event of "Pairwise key installed" to SEC FSM.
926 * \param[in] prSta Pointer to the Sta record
928 * \retval TRUE The key can be installed to HW
929 * \retval FALSE The kay conflict with the current key, abort it
931 /*----------------------------------------------------------------------------*/
933 secFsmEventPTKInstalled (
934 IN P_ADAPTER_T prAdapter,
935 IN P_STA_RECORD_T prSta
938 P_SEC_INFO_T prSecInfo;
939 ENUM_SEC_STATE_T eNextState;
940 BOOLEAN fgStatus = TRUE;
941 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
945 prSecInfo = &prSta->rSecInfo;
946 if (prSecInfo == NULL)
947 return TRUE; /* Not PTK */
950 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
951 apucDebugSecState[prSecInfo->eCurrentState]));
953 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
956 eNextState = prSecInfo->eCurrentState;
958 switch(prSecInfo->eCurrentState) {
960 /* Legacy wep, wpa-none */
963 case SEC_STATE_INITIATOR_PORT_BLOCKED:
964 if (prSecInfo->fg2nd1xSend) {
967 SEC_STATE_TRANSITION(prAdapter, prSta, INITIATOR_PORT_BLOCKED, CHECK_OK);
971 case SEC_STATE_RESPONDER_PORT_BLOCKED:
972 SEC_STATE_TRANSITION(prAdapter, prSta, RESPONDER_PORT_BLOCKED, CHECK_OK);
976 case SEC_STATE_CHECK_OK:
984 if (prSecInfo->eCurrentState != eNextState) {
985 secFsmSteps(prAdapter, prSta, eNextState);
990 } /* end of secFsmRunEventPTKInstalled() */
993 /*----------------------------------------------------------------------------*/
995 * \brief This function will indicate an Event of "Counter Measure" to SEC FSM.
997 * \param[in] prSta Pointer to the Sta record
1001 /*----------------------------------------------------------------------------*/
1003 secFsmEventStartCounterMeasure (
1004 IN P_ADAPTER_T prAdapter,
1005 IN P_STA_RECORD_T prSta
1008 P_SEC_INFO_T prSecInfo;
1009 ENUM_SEC_STATE_T eNextState;
1010 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1012 DEBUGFUNC("secFsmRunEventStartCounterMeasure");
1016 if (!IS_STA_IN_AIS(prSta)) {
1017 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1022 prSecInfo = &prSta->rSecInfo;
1024 eNextState = prSecInfo->eCurrentState;
1027 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
1028 apucDebugSecState[prSecInfo->eCurrentState]));
1030 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
1033 prAdapter->rWifiVar.rAisSpecificBssInfo.u4RsnaLastMICFailTime = 0;
1035 switch(prSecInfo->eCurrentState) {
1036 case SEC_STATE_CHECK_OK:
1038 prAdapter->rWifiVar.rAisSpecificBssInfo.fgCounterMeasure = TRUE;
1040 //<Todo> dls port control
1041 SEC_STATE_TRANSITION(prAdapter, prSta, CHECK_OK, SEND_EAPOL);
1049 /* Call arbFsmSteps() when we are going to change ARB STATE */
1050 if (prSecInfo->eCurrentState != eNextState) {
1051 secFsmSteps(prAdapter, prSta, eNextState);
1056 } /* secFsmRunEventStartCounterMeasure */
1059 /*----------------------------------------------------------------------------*/
1061 * \brief This function will indicate an Event of "802.1x EAPoL Tx Done" to Sec FSM.
1063 * \param[in] prSta Pointer to the Sta record
1067 /*----------------------------------------------------------------------------*/
1069 secFsmEventEapolTxDone (
1070 IN P_ADAPTER_T prAdapter,
1071 IN P_STA_RECORD_T prStaRec,
1072 IN ENUM_TX_RESULT_CODE_T rTxDoneStatus
1075 P_SEC_INFO_T prSecInfo;
1076 ENUM_SEC_STATE_T eNextState;
1077 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1078 P_AIS_SPECIFIC_BSS_INFO_T prAisBssInfo;
1080 DEBUGFUNC("secFsmRunEventEapolTxDone");
1084 if (rTxDoneStatus != TX_RESULT_SUCCESS) {
1085 DBGLOG(RSN, INFO, ("Error EAPoL fram fail to send!!\n"));
1090 if (!IS_STA_IN_AIS(prStaRec)) {
1091 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1096 prAisBssInfo = &prAdapter->rWifiVar.rAisSpecificBssInfo;
1098 ASSERT(prAisBssInfo);
1100 prSecInfo = &prStaRec->rSecInfo;
1101 eNextState = prSecInfo->eCurrentState;
1104 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prStaRec->aucMacAddr),
1105 apucDebugSecState[prSecInfo->eCurrentState]));
1107 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prStaRec->aucMacAddr), prSecInfo->eCurrentState));
1110 switch(prSecInfo->eCurrentState) {
1111 case SEC_STATE_SEND_EAPOL:
1112 if (prAisBssInfo->fgCheckEAPoLTxDone == FALSE) {
1116 prAisBssInfo->fgCheckEAPoLTxDone = FALSE;
1117 //cnmTimerStopTimer(prAdapter, &prAisBssInfo->rRsnaEAPoLReportTimeoutTimer);
1119 SEC_STATE_TRANSITION(prAdapter, prStaRec, SEND_EAPOL, SEND_DEAUTH);
1125 if (prSecInfo->eCurrentState != eNextState) {
1126 secFsmSteps(prAdapter, prStaRec, eNextState);
1131 }/* secFsmRunEventEapolTxDone */
1134 /*----------------------------------------------------------------------------*/
1136 * \brief This function will indicate an Event of "Deauth frame Tx Done" to Sec FSM.
1138 * \param[in] pMsduInfo Pointer to the Msdu Info
1139 * \param[in] rStatus The Tx done status
1143 * \note after receive deauth frame, callback function call this
1145 /*----------------------------------------------------------------------------*/
1147 secFsmEventDeauthTxDone (
1148 IN P_ADAPTER_T prAdapter,
1149 IN P_MSDU_INFO_T prMsduInfo,
1150 IN ENUM_TX_RESULT_CODE_T rTxDoneStatus
1153 P_STA_RECORD_T prStaRec;
1154 P_SEC_INFO_T prSecInfo;
1155 ENUM_SEC_STATE_T eNextState;
1156 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1158 DEBUGFUNC("secFsmRunEventDeauthTxDone");
1162 prStaRec = cnmGetStaRecByIndex(prAdapter, prMsduInfo->ucStaRecIndex);
1169 if (!IS_STA_IN_AIS(prStaRec)) {
1170 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1175 prSecInfo = (P_SEC_INFO_T)&prStaRec->rSecInfo;
1178 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prStaRec->aucMacAddr),
1179 apucDebugSecState[prSecInfo->eCurrentState]));
1181 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prStaRec->aucMacAddr), prSecInfo->eCurrentState));
1184 switch(prSecInfo->eCurrentState) {
1185 case SEC_STATE_SEND_DEAUTH:
1187 DBGLOG(RSN, TRACE, ("Set timer %d\n", COUNTER_MEASURE_TIMEOUT_INTERVAL_SEC));
1189 SEC_STATE_TRANSITION(prAdapter, prStaRec, SEND_DEAUTH, COUNTERMEASURE);
1199 }/* secFsmRunEventDeauthTxDone */
1202 /*----------------------------------------------------------------------------*/
1204 * \brief This function will check the eapol error frame fail to send issue.
1206 * \param[in] prSta Pointer to the Sta record
1210 /*----------------------------------------------------------------------------*/
1212 secFsmEventEapolTxTimeout (
1213 IN P_ADAPTER_T prAdapter,
1217 P_STA_RECORD_T prStaRec;
1219 DEBUGFUNC("secFsmRunEventEapolTxTimeout");
1221 prStaRec = (P_STA_RECORD_T)u4Parm;
1225 /* Todo:: How to handle the Eapol Error fail to send case? */
1230 }/* secFsmEventEapolTxTimeout */
1233 /*----------------------------------------------------------------------------*/
1235 * \brief This function will stop the counterMeasure duration.
1237 * \param[in] prSta Pointer to the Sta record
1241 /*----------------------------------------------------------------------------*/
1243 secFsmEventEndOfCounterMeasure (
1244 IN P_ADAPTER_T prAdapter,
1248 P_STA_RECORD_T prSta;
1249 P_SEC_INFO_T prSecInfo;
1250 ENUM_SEC_STATE_T eNextState;
1251 BOOLEAN fgIsTransition = (BOOLEAN)FALSE;
1253 DEBUGFUNC("secFsmRunEventEndOfCounterMeasure");
1255 prSta = (P_STA_RECORD_T)u4Parm;
1259 if (!IS_STA_IN_AIS(prSta)) {
1260 DBGLOG(RSN, INFO, ("Counter Measure should occur at AIS network!!\n"));
1265 prSecInfo = &prSta->rSecInfo;
1266 eNextState = prSecInfo->eCurrentState;
1269 DBGLOG(RSN, TRACE, (MACSTR " Sec state %s\n", MAC2STR(prSta->aucMacAddr),
1270 apucDebugSecState[prSecInfo->eCurrentState]));
1272 DBGLOG(RSN, TRACE, (MACSTR " Sec state [%d]\n", MAC2STR(prSta->aucMacAddr), prSecInfo->eCurrentState));
1275 switch(prSecInfo->eCurrentState) {
1276 case SEC_STATE_SEND_DEAUTH:
1278 prAdapter->rWifiVar.rAisSpecificBssInfo.fgCounterMeasure = FALSE;
1280 SEC_STATE_TRANSITION(prAdapter, prSta, COUNTERMEASURE, INIT);
1288 /* Call arbFsmSteps() when we are going to change ARB STATE */
1289 if (prSecInfo->eCurrentState != eNextState) {
1290 secFsmSteps(prAdapter, prSta, eNextState);
1294 }/* end of secFsmRunEventEndOfCounterMeasure */