+1 -1312

drivers/staging/rt3070/sta/aironet.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - aironet.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - Paul Lin 04-06-15 Initial 36 36 - */ 37 37 - #include "../rt_config.h" 38 38 - 39 39 - /* 40 40 - ========================================================================== 41 41 - Description: 42 42 - association state machine init, including state transition and timer init 43 43 - Parameters: 44 44 - S - pointer to the association state machine 45 45 - ========================================================================== 46 46 - */ 47 47 - VOID AironetStateMachineInit( 48 48 - IN PRTMP_ADAPTER pAd, 49 49 - IN STATE_MACHINE *S, 50 50 - OUT STATE_MACHINE_FUNC Trans[]) 51 51 - { 52 52 - StateMachineInit(S, Trans, MAX_AIRONET_STATE, MAX_AIRONET_MSG, (STATE_MACHINE_FUNC)Drop, AIRONET_IDLE, AIRONET_MACHINE_BASE); 53 53 - StateMachineSetAction(S, AIRONET_IDLE, MT2_AIRONET_MSG, (STATE_MACHINE_FUNC)AironetMsgAction); 54 54 - StateMachineSetAction(S, AIRONET_IDLE, MT2_AIRONET_SCAN_REQ, (STATE_MACHINE_FUNC)AironetRequestAction); 55 55 - StateMachineSetAction(S, AIRONET_SCANNING, MT2_AIRONET_SCAN_DONE, (STATE_MACHINE_FUNC)AironetReportAction); 56 56 - } 57 57 - 58 58 - /* 59 59 - ========================================================================== 60 60 - Description: 61 61 - This is state machine function. 62 62 - When receiving EAPOL packets which is for 802.1x key management. 63 63 - Use both in WPA, and WPAPSK case. 64 64 - In this function, further dispatch to different functions according to the received packet. 3 categories are : 65 65 - 1. normal 4-way pairwisekey and 2-way groupkey handshake 66 66 - 2. MIC error (Countermeasures attack) report packet from STA. 67 67 - 3. Request for pairwise/group key update from STA 68 68 - Return: 69 69 - ========================================================================== 70 70 - */ 71 71 - VOID AironetMsgAction( 72 72 - IN PRTMP_ADAPTER pAd, 73 73 - IN MLME_QUEUE_ELEM *Elem) 74 74 - { 75 75 - USHORT Length; 76 76 - UCHAR Index, i; 77 77 - PUCHAR pData; 78 78 - PAIRONET_RM_REQUEST_FRAME pRMReq; 79 79 - PRM_REQUEST_ACTION pReqElem; 80 80 - 81 81 - DBGPRINT(RT_DEBUG_TRACE, ("-----> AironetMsgAction\n")); 82 82 - 83 83 - // 0. Get Aironet IAPP header first 84 84 - pRMReq = (PAIRONET_RM_REQUEST_FRAME) &Elem->Msg[LENGTH_802_11]; 85 85 - pData = (PUCHAR) &Elem->Msg[LENGTH_802_11]; 86 86 - 87 87 - // 1. Change endian format form network to little endian 88 88 - Length = be2cpu16(pRMReq->IAPP.Length); 89 89 - 90 90 - // 2.0 Sanity check, this should only happen when CCX 2.0 support is enabled 91 91 - if (pAd->StaCfg.CCXEnable != TRUE) 92 92 - return; 93 93 - 94 94 - // 2.1 Radio measurement must be on 95 95 - if (pAd->StaCfg.CCXControl.field.RMEnable != 1) 96 96 - return; 97 97 - 98 98 - // 2.2. Debug print all bit information 99 99 - DBGPRINT(RT_DEBUG_TRACE, ("IAPP ID & Length %d\n", Length)); 100 100 - DBGPRINT(RT_DEBUG_TRACE, ("IAPP Type %x\n", pRMReq->IAPP.Type)); 101 101 - DBGPRINT(RT_DEBUG_TRACE, ("IAPP SubType %x\n", pRMReq->IAPP.SubType)); 102 102 - DBGPRINT(RT_DEBUG_TRACE, ("IAPP Dialog Token %x\n", pRMReq->IAPP.Token)); 103 103 - DBGPRINT(RT_DEBUG_TRACE, ("IAPP Activation Delay %x\n", pRMReq->Delay)); 104 104 - DBGPRINT(RT_DEBUG_TRACE, ("IAPP Measurement Offset %x\n", pRMReq->Offset)); 105 105 - 106 106 - // 3. Check IAPP frame type, it must be 0x32 for Cisco Aironet extension 107 107 - if (pRMReq->IAPP.Type != AIRONET_IAPP_TYPE) 108 108 - { 109 109 - DBGPRINT(RT_DEBUG_ERROR, ("Wrong IAPP type for Cisco Aironet extension\n")); 110 110 - return; 111 111 - } 112 112 - 113 113 - // 4. Check IAPP frame subtype, it must be 0x01 for Cisco Aironet extension request. 114 114 - // Since we are acting as client only, we will disregards reply subtype. 115 115 - if (pRMReq->IAPP.SubType != AIRONET_IAPP_SUBTYPE_REQUEST) 116 116 - { 117 117 - DBGPRINT(RT_DEBUG_ERROR, ("Wrong IAPP subtype for Cisco Aironet extension\n")); 118 118 - return; 119 119 - } 120 120 - 121 121 - // 5. Verify Destination MAC and Source MAC, both should be all zeros. 122 122 - if (! MAC_ADDR_EQUAL(pRMReq->IAPP.DA, ZERO_MAC_ADDR)) 123 123 - { 124 124 - DBGPRINT(RT_DEBUG_ERROR, ("Wrong IAPP DA for Cisco Aironet extension, it's not Zero\n")); 125 125 - return; 126 126 - } 127 127 - 128 128 - if (! MAC_ADDR_EQUAL(pRMReq->IAPP.SA, ZERO_MAC_ADDR)) 129 129 - { 130 130 - DBGPRINT(RT_DEBUG_ERROR, ("Wrong IAPP SA for Cisco Aironet extension, it's not Zero\n")); 131 131 - return; 132 132 - } 133 133 - 134 134 - // 6. Reinit all report related fields 135 135 - NdisZeroMemory(pAd->StaCfg.FrameReportBuf, 2048); 136 136 - NdisZeroMemory(pAd->StaCfg.BssReportOffset, sizeof(USHORT) * MAX_LEN_OF_BSS_TABLE); 137 137 - NdisZeroMemory(pAd->StaCfg.MeasurementRequest, sizeof(RM_REQUEST_ACTION) * 4); 138 138 - 139 139 - // 7. Point to the start of first element report element 140 140 - pAd->StaCfg.FrameReportLen = LENGTH_802_11 + sizeof(AIRONET_IAPP_HEADER); 141 141 - DBGPRINT(RT_DEBUG_TRACE, ("FR len = %d\n", pAd->StaCfg.FrameReportLen)); 142 142 - pAd->StaCfg.LastBssIndex = 0xff; 143 143 - pAd->StaCfg.RMReqCnt = 0; 144 144 - pAd->StaCfg.ParallelReq = FALSE; 145 145 - pAd->StaCfg.ParallelDuration = 0; 146 146 - pAd->StaCfg.ParallelChannel = 0; 147 147 - pAd->StaCfg.IAPPToken = pRMReq->IAPP.Token; 148 148 - pAd->StaCfg.CurrentRMReqIdx = 0; 149 149 - pAd->StaCfg.CLBusyBytes = 0; 150 150 - // Reset the statistics 151 151 - for (i = 0; i < 8; i++) 152 152 - pAd->StaCfg.RPIDensity[i] = 0; 153 153 - 154 154 - Index = 0; 155 155 - 156 156 - // 8. Save dialog token for report 157 157 - pAd->StaCfg.IAPPToken = pRMReq->IAPP.Token; 158 158 - 159 159 - // Save Activation delay & measurement offset, Not really needed 160 160 - 161 161 - // 9. Point to the first request element 162 162 - pData += sizeof(AIRONET_RM_REQUEST_FRAME); 163 163 - // Length should exclude the CISCO Aironet SNAP header 164 164 - Length -= (sizeof(AIRONET_RM_REQUEST_FRAME) - LENGTH_802_1_H); 165 165 - 166 166 - // 10. Start Parsing the Measurement elements. 167 167 - // Be careful about multiple MR elements within one frames. 168 168 - while (Length > 0) 169 169 - { 170 170 - pReqElem = (PRM_REQUEST_ACTION) pData; 171 171 - switch (pReqElem->ReqElem.Eid) 172 172 - { 173 173 - case IE_MEASUREMENT_REQUEST: 174 174 - // From the example, it seems we only need to support one request in one frame 175 175 - // There is no multiple request in one frame. 176 176 - // Besides, looks like we need to take care the measurement request only. 177 177 - // The measurement request is always 4 bytes. 178 178 - 179 179 - // Start parsing this type of request. 180 180 - // 0. Eid is IE_MEASUREMENT_REQUEST 181 181 - // 1. Length didn't include Eid and Length field, it always be 8. 182 182 - // 2. Measurement Token, we nned to save it for the corresponding report. 183 183 - // 3. Measurement Mode, Although there are definitions, but we din't see value other than 184 184 - // 0 from test specs examples. 185 185 - // 4. Measurement Type, this is what we need to do. 186 186 - switch (pReqElem->ReqElem.Type) 187 187 - { 188 188 - case MSRN_TYPE_CHANNEL_LOAD_REQ: 189 189 - case MSRN_TYPE_NOISE_HIST_REQ: 190 190 - case MSRN_TYPE_BEACON_REQ: 191 191 - // Check the Enable non-serving channel measurement control 192 192 - if (pAd->StaCfg.CCXControl.field.DCRMEnable == 0) 193 193 - { 194 194 - // Check channel before enqueue the action 195 195 - if (pReqElem->Measurement.Channel != pAd->CommonCfg.Channel) 196 196 - break; 197 197 - } 198 198 - else 199 199 - { 200 200 - // If off channel measurement, check the TU duration limit 201 201 - if (pReqElem->Measurement.Channel != pAd->CommonCfg.Channel) 202 202 - if (pReqElem->Measurement.Duration > pAd->StaCfg.CCXControl.field.TuLimit) 203 203 - break; 204 204 - } 205 205 - 206 206 - // Save requests and execute actions later 207 207 - NdisMoveMemory(&pAd->StaCfg.MeasurementRequest[Index], pReqElem, sizeof(RM_REQUEST_ACTION)); 208 208 - Index += 1; 209 209 - break; 210 210 - 211 211 - case MSRN_TYPE_FRAME_REQ: 212 212 - // Since it's option, we will support later 213 213 - // FrameRequestAction(pAd, pData); 214 214 - break; 215 215 - 216 216 - default: 217 217 - break; 218 218 - } 219 219 - 220 220 - // Point to next Measurement request 221 221 - pData += sizeof(RM_REQUEST_ACTION); 222 222 - Length -= sizeof(RM_REQUEST_ACTION); 223 223 - break; 224 224 - 225 225 - // We accept request only, all others are dropped 226 226 - case IE_MEASUREMENT_REPORT: 227 227 - case IE_AP_TX_POWER: 228 228 - case IE_MEASUREMENT_CAPABILITY: 229 229 - default: 230 230 - return; 231 231 - } 232 232 - } 233 233 - 234 234 - // 11. Update some flags and index 235 235 - pAd->StaCfg.RMReqCnt = Index; 236 236 - 237 237 - if (Index) 238 238 - { 239 239 - MlmeEnqueue(pAd, AIRONET_STATE_MACHINE, MT2_AIRONET_SCAN_REQ, 0, NULL); 240 240 - RT28XX_MLME_HANDLER(pAd); 241 241 - } 242 242 - 243 243 - DBGPRINT(RT_DEBUG_TRACE, ("<----- AironetMsgAction\n")); 244 244 - } 245 245 - 246 246 - /* 247 247 - ======================================================================== 248 248 - 249 249 - Routine Description: 250 250 - 251 251 - Arguments: 252 252 - 253 253 - Return Value: 254 254 - None 255 255 - 256 256 - Note: 257 257 - 258 258 - ======================================================================== 259 259 - */ 260 260 - VOID AironetRequestAction( 261 261 - IN PRTMP_ADAPTER pAd, 262 262 - IN MLME_QUEUE_ELEM *Elem) 263 263 - { 264 264 - PRM_REQUEST_ACTION pReq; 265 265 - 266 266 - // 1. Point to next request element 267 267 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[pAd->StaCfg.CurrentRMReqIdx]; 268 268 - 269 269 - // 2. Parse measurement type and call appropriate functions 270 270 - if (pReq->ReqElem.Type == MSRN_TYPE_CHANNEL_LOAD_REQ) 271 271 - // Channel Load measurement request 272 272 - ChannelLoadRequestAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 273 273 - else if (pReq->ReqElem.Type == MSRN_TYPE_NOISE_HIST_REQ) 274 274 - // Noise Histogram measurement request 275 275 - NoiseHistRequestAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 276 276 - else if (pReq->ReqElem.Type == MSRN_TYPE_BEACON_REQ) 277 277 - // Beacon measurement request 278 278 - BeaconRequestAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 279 279 - else 280 280 - // Unknown. Do nothing and return, this should never happen 281 281 - return; 282 282 - 283 283 - // 3. Peek into the next request, if it's parallel, we will update the scan time to the largest one 284 284 - if ((pAd->StaCfg.CurrentRMReqIdx + 1) < pAd->StaCfg.RMReqCnt) 285 285 - { 286 286 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[pAd->StaCfg.CurrentRMReqIdx + 1]; 287 287 - // Check for parallel bit 288 288 - if ((pReq->ReqElem.Mode & 0x01) && (pReq->Measurement.Channel == pAd->StaCfg.CCXScanChannel)) 289 289 - { 290 290 - // Update parallel mode request information 291 291 - pAd->StaCfg.ParallelReq = TRUE; 292 292 - pAd->StaCfg.CCXScanTime = ((pReq->Measurement.Duration > pAd->StaCfg.CCXScanTime) ? 293 293 - (pReq->Measurement.Duration) : (pAd->StaCfg.CCXScanTime)); 294 294 - } 295 295 - } 296 296 - 297 297 - // 4. Call RT28XX_MLME_HANDLER to execute the request mlme commands, Scan request is the only one used 298 298 - RT28XX_MLME_HANDLER(pAd); 299 299 - 300 300 - } 301 301 - 302 302 - 303 303 - /* 304 304 - ======================================================================== 305 305 - 306 306 - Routine Description: 307 307 - Prepare channel load report action, special scan operation added 308 308 - to support 309 309 - 310 310 - Arguments: 311 311 - pAd Pointer to our adapter 312 312 - pData Start from element ID 313 313 - 314 314 - Return Value: 315 315 - None 316 316 - 317 317 - Note: 318 318 - 319 319 - ======================================================================== 320 320 - */ 321 321 - VOID ChannelLoadRequestAction( 322 322 - IN PRTMP_ADAPTER pAd, 323 323 - IN UCHAR Index) 324 324 - { 325 325 - PRM_REQUEST_ACTION pReq; 326 326 - MLME_SCAN_REQ_STRUCT ScanReq; 327 327 - UCHAR ZeroSsid[32]; 328 328 - NDIS_STATUS NStatus; 329 329 - PUCHAR pOutBuffer = NULL; 330 330 - PHEADER_802_11 pNullFrame; 331 331 - 332 332 - DBGPRINT(RT_DEBUG_TRACE, ("ChannelLoadRequestAction ----->\n")); 333 333 - 334 334 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[Index]; 335 335 - NdisZeroMemory(ZeroSsid, 32); 336 336 - 337 337 - // Prepare for special scan request 338 338 - // The scan definition is different with our Active, Passive scan definition. 339 339 - // For CCX2, Active means send out probe request with broadcast BSSID. 340 340 - // Passive means no probe request sent, only listen to the beacons. 341 341 - // The channel scanned is fixed as specified, no need to scan all channels. 342 342 - // The scan wait time is specified in the request too. 343 343 - // Passive scan Mode 344 344 - 345 345 - // Control state machine is not idle, reject the request 346 346 - if ((pAd->Mlme.CntlMachine.CurrState != CNTL_IDLE) && (Index == 0)) 347 347 - return; 348 348 - 349 349 - // Fill out stuff for scan request 350 350 - ScanParmFill(pAd, &ScanReq, ZeroSsid, 0, BSS_ANY, SCAN_CISCO_CHANNEL_LOAD); 351 351 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_SCAN_REQ, sizeof(MLME_SCAN_REQ_STRUCT), &ScanReq); 352 352 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_LIST_SCAN; 353 353 - 354 354 - // Reset some internal control flags to make sure this scan works. 355 355 - BssTableInit(&pAd->StaCfg.CCXBssTab); 356 356 - pAd->StaCfg.ScanCnt = 0; 357 357 - pAd->StaCfg.CCXScanChannel = pReq->Measurement.Channel; 358 358 - pAd->StaCfg.CCXScanTime = pReq->Measurement.Duration; 359 359 - 360 360 - DBGPRINT(RT_DEBUG_TRACE, ("Duration %d, Channel %d!\n", pReq->Measurement.Duration, pReq->Measurement.Channel)); 361 361 - 362 362 - // If it's non serving channel scan, send out a null frame with PSM bit on. 363 363 - if (pAd->StaCfg.CCXScanChannel != pAd->CommonCfg.Channel) 364 364 - { 365 365 - // Use MLME enqueue method 366 366 - NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer); //Get an unused nonpaged memory 367 367 - if (NStatus != NDIS_STATUS_SUCCESS) 368 368 - return; 369 369 - 370 370 - pNullFrame = (PHEADER_802_11) pOutBuffer;; 371 371 - // Make the power save Null frame with PSM bit on 372 372 - MgtMacHeaderInit(pAd, pNullFrame, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid); 373 373 - pNullFrame->Duration = 0; 374 374 - pNullFrame->FC.Type = BTYPE_DATA; 375 375 - pNullFrame->FC.PwrMgmt = PWR_SAVE; 376 376 - 377 377 - // Send using priority queue 378 378 - MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11)); 379 379 - MlmeFreeMemory(pAd, pOutBuffer); 380 380 - DBGPRINT(RT_DEBUG_TRACE, ("Send PSM Data frame for off channel RM\n")); 381 381 - RTMPusecDelay(5000); 382 382 - } 383 383 - 384 384 - pAd->StaCfg.CCXReqType = MSRN_TYPE_CHANNEL_LOAD_REQ; 385 385 - pAd->StaCfg.CLBusyBytes = 0; 386 386 - // Enable Rx with promiscuous reception 387 387 - RTMP_IO_WRITE32(pAd, RX_FILTR_CFG, 0x1010); 388 388 - 389 389 - // Set channel load measurement flag 390 390 - RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_RADIO_MEASUREMENT); 391 391 - 392 392 - pAd->Mlme.AironetMachine.CurrState = AIRONET_SCANNING; 393 393 - 394 394 - DBGPRINT(RT_DEBUG_TRACE, ("ChannelLoadRequestAction <-----\n")); 395 395 - } 396 396 - 397 397 - /* 398 398 - ======================================================================== 399 399 - 400 400 - Routine Description: 401 401 - Prepare noise histogram report action, special scan operation added 402 402 - to support 403 403 - 404 404 - Arguments: 405 405 - pAd Pointer to our adapter 406 406 - pData Start from element ID 407 407 - 408 408 - Return Value: 409 409 - None 410 410 - 411 411 - Note: 412 412 - 413 413 - ======================================================================== 414 414 - */ 415 415 - VOID NoiseHistRequestAction( 416 416 - IN PRTMP_ADAPTER pAd, 417 417 - IN UCHAR Index) 418 418 - { 419 419 - PRM_REQUEST_ACTION pReq; 420 420 - MLME_SCAN_REQ_STRUCT ScanReq; 421 421 - UCHAR ZeroSsid[32], i; 422 422 - NDIS_STATUS NStatus; 423 423 - PUCHAR pOutBuffer = NULL; 424 424 - PHEADER_802_11 pNullFrame; 425 425 - 426 426 - DBGPRINT(RT_DEBUG_TRACE, ("NoiseHistRequestAction ----->\n")); 427 427 - 428 428 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[Index]; 429 429 - NdisZeroMemory(ZeroSsid, 32); 430 430 - 431 431 - // Prepare for special scan request 432 432 - // The scan definition is different with our Active, Passive scan definition. 433 433 - // For CCX2, Active means send out probe request with broadcast BSSID. 434 434 - // Passive means no probe request sent, only listen to the beacons. 435 435 - // The channel scanned is fixed as specified, no need to scan all channels. 436 436 - // The scan wait time is specified in the request too. 437 437 - // Passive scan Mode 438 438 - 439 439 - // Control state machine is not idle, reject the request 440 440 - if ((pAd->Mlme.CntlMachine.CurrState != CNTL_IDLE) && (Index == 0)) 441 441 - return; 442 442 - 443 443 - // Fill out stuff for scan request 444 444 - ScanParmFill(pAd, &ScanReq, ZeroSsid, 0, BSS_ANY, SCAN_CISCO_NOISE); 445 445 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_SCAN_REQ, sizeof(MLME_SCAN_REQ_STRUCT), &ScanReq); 446 446 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_LIST_SCAN; 447 447 - 448 448 - // Reset some internal control flags to make sure this scan works. 449 449 - BssTableInit(&pAd->StaCfg.CCXBssTab); 450 450 - pAd->StaCfg.ScanCnt = 0; 451 451 - pAd->StaCfg.CCXScanChannel = pReq->Measurement.Channel; 452 452 - pAd->StaCfg.CCXScanTime = pReq->Measurement.Duration; 453 453 - pAd->StaCfg.CCXReqType = MSRN_TYPE_NOISE_HIST_REQ; 454 454 - 455 455 - DBGPRINT(RT_DEBUG_TRACE, ("Duration %d, Channel %d!\n", pReq->Measurement.Duration, pReq->Measurement.Channel)); 456 456 - 457 457 - // If it's non serving channel scan, send out a null frame with PSM bit on. 458 458 - if (pAd->StaCfg.CCXScanChannel != pAd->CommonCfg.Channel) 459 459 - { 460 460 - // Use MLME enqueue method 461 461 - NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer); //Get an unused nonpaged memory 462 462 - if (NStatus != NDIS_STATUS_SUCCESS) 463 463 - return; 464 464 - 465 465 - pNullFrame = (PHEADER_802_11) pOutBuffer; 466 466 - // Make the power save Null frame with PSM bit on 467 467 - MgtMacHeaderInit(pAd, pNullFrame, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid); 468 468 - pNullFrame->Duration = 0; 469 469 - pNullFrame->FC.Type = BTYPE_DATA; 470 470 - pNullFrame->FC.PwrMgmt = PWR_SAVE; 471 471 - 472 472 - // Send using priority queue 473 473 - MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11)); 474 474 - MlmeFreeMemory(pAd, pOutBuffer); 475 475 - DBGPRINT(RT_DEBUG_TRACE, ("Send PSM Data frame for off channel RM\n")); 476 476 - RTMPusecDelay(5000); 477 477 - } 478 478 - 479 479 - // Reset the statistics 480 480 - for (i = 0; i < 8; i++) 481 481 - pAd->StaCfg.RPIDensity[i] = 0; 482 482 - 483 483 - // Enable Rx with promiscuous reception 484 484 - RTMP_IO_WRITE32(pAd, RX_FILTR_CFG, 0x1010); 485 485 - 486 486 - // Set channel load measurement flag 487 487 - RTMP_SET_FLAG(pAd, fRTMP_ADAPTER_RADIO_MEASUREMENT); 488 488 - 489 489 - pAd->Mlme.AironetMachine.CurrState = AIRONET_SCANNING; 490 490 - 491 491 - DBGPRINT(RT_DEBUG_TRACE, ("NoiseHistRequestAction <-----\n")); 492 492 - } 493 493 - 494 494 - /* 495 495 - ======================================================================== 496 496 - 497 497 - Routine Description: 498 498 - Prepare Beacon report action, special scan operation added 499 499 - to support 500 500 - 501 501 - Arguments: 502 502 - pAd Pointer to our adapter 503 503 - pData Start from element ID 504 504 - 505 505 - Return Value: 506 506 - None 507 507 - 508 508 - Note: 509 509 - 510 510 - ======================================================================== 511 511 - */ 512 512 - VOID BeaconRequestAction( 513 513 - IN PRTMP_ADAPTER pAd, 514 514 - IN UCHAR Index) 515 515 - { 516 516 - PRM_REQUEST_ACTION pReq; 517 517 - NDIS_STATUS NStatus; 518 518 - PUCHAR pOutBuffer = NULL; 519 519 - PHEADER_802_11 pNullFrame; 520 520 - MLME_SCAN_REQ_STRUCT ScanReq; 521 521 - UCHAR ZeroSsid[32]; 522 522 - 523 523 - DBGPRINT(RT_DEBUG_TRACE, ("BeaconRequestAction ----->\n")); 524 524 - 525 525 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[Index]; 526 526 - NdisZeroMemory(ZeroSsid, 32); 527 527 - 528 528 - // Prepare for special scan request 529 529 - // The scan definition is different with our Active, Passive scan definition. 530 530 - // For CCX2, Active means send out probe request with broadcast BSSID. 531 531 - // Passive means no probe request sent, only listen to the beacons. 532 532 - // The channel scanned is fixed as specified, no need to scan all channels. 533 533 - // The scan wait time is specified in the request too. 534 534 - if (pReq->Measurement.ScanMode == MSRN_SCAN_MODE_PASSIVE) 535 535 - { 536 536 - // Passive scan Mode 537 537 - DBGPRINT(RT_DEBUG_TRACE, ("Passive Scan Mode!\n")); 538 538 - 539 539 - // Control state machine is not idle, reject the request 540 540 - if ((pAd->Mlme.CntlMachine.CurrState != CNTL_IDLE) && (Index == 0)) 541 541 - return; 542 542 - 543 543 - // Fill out stuff for scan request 544 544 - ScanParmFill(pAd, &ScanReq, ZeroSsid, 0, BSS_ANY, SCAN_CISCO_PASSIVE); 545 545 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_SCAN_REQ, sizeof(MLME_SCAN_REQ_STRUCT), &ScanReq); 546 546 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_LIST_SCAN; 547 547 - 548 548 - // Reset some internal control flags to make sure this scan works. 549 549 - BssTableInit(&pAd->StaCfg.CCXBssTab); 550 550 - pAd->StaCfg.ScanCnt = 0; 551 551 - pAd->StaCfg.CCXScanChannel = pReq->Measurement.Channel; 552 552 - pAd->StaCfg.CCXScanTime = pReq->Measurement.Duration; 553 553 - pAd->StaCfg.CCXReqType = MSRN_TYPE_BEACON_REQ; 554 554 - DBGPRINT(RT_DEBUG_TRACE, ("Duration %d!\n", pReq->Measurement.Duration)); 555 555 - 556 556 - // If it's non serving channel scan, send out a null frame with PSM bit on. 557 557 - if (pAd->StaCfg.CCXScanChannel != pAd->CommonCfg.Channel) 558 558 - { 559 559 - // Use MLME enqueue method 560 560 - NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer); //Get an unused nonpaged memory 561 561 - if (NStatus != NDIS_STATUS_SUCCESS) 562 562 - return; 563 563 - 564 564 - pNullFrame = (PHEADER_802_11) pOutBuffer; 565 565 - // Make the power save Null frame with PSM bit on 566 566 - MgtMacHeaderInit(pAd, pNullFrame, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid); 567 567 - pNullFrame->Duration = 0; 568 568 - pNullFrame->FC.Type = BTYPE_DATA; 569 569 - pNullFrame->FC.PwrMgmt = PWR_SAVE; 570 570 - 571 571 - // Send using priority queue 572 572 - MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11)); 573 573 - MlmeFreeMemory(pAd, pOutBuffer); 574 574 - DBGPRINT(RT_DEBUG_TRACE, ("Send PSM Data frame for off channel RM\n")); 575 575 - RTMPusecDelay(5000); 576 576 - } 577 577 - 578 578 - pAd->Mlme.AironetMachine.CurrState = AIRONET_SCANNING; 579 579 - } 580 580 - else if (pReq->Measurement.ScanMode == MSRN_SCAN_MODE_ACTIVE) 581 581 - { 582 582 - // Active scan Mode 583 583 - DBGPRINT(RT_DEBUG_TRACE, ("Active Scan Mode!\n")); 584 584 - 585 585 - // Control state machine is not idle, reject the request 586 586 - if (pAd->Mlme.CntlMachine.CurrState != CNTL_IDLE) 587 587 - return; 588 588 - 589 589 - // Fill out stuff for scan request 590 590 - ScanParmFill(pAd, &ScanReq, ZeroSsid, 0, BSS_ANY, SCAN_CISCO_ACTIVE); 591 591 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_SCAN_REQ, sizeof(MLME_SCAN_REQ_STRUCT), &ScanReq); 592 592 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_LIST_SCAN; 593 593 - 594 594 - // Reset some internal control flags to make sure this scan works. 595 595 - BssTableInit(&pAd->StaCfg.CCXBssTab); 596 596 - pAd->StaCfg.ScanCnt = 0; 597 597 - pAd->StaCfg.CCXScanChannel = pReq->Measurement.Channel; 598 598 - pAd->StaCfg.CCXScanTime = pReq->Measurement.Duration; 599 599 - pAd->StaCfg.CCXReqType = MSRN_TYPE_BEACON_REQ; 600 600 - DBGPRINT(RT_DEBUG_TRACE, ("Duration %d!\n", pReq->Measurement.Duration)); 601 601 - 602 602 - // If it's non serving channel scan, send out a null frame with PSM bit on. 603 603 - if (pAd->StaCfg.CCXScanChannel != pAd->CommonCfg.Channel) 604 604 - { 605 605 - // Use MLME enqueue method 606 606 - NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer); //Get an unused nonpaged memory 607 607 - if (NStatus != NDIS_STATUS_SUCCESS) 608 608 - return; 609 609 - 610 610 - pNullFrame = (PHEADER_802_11) pOutBuffer; 611 611 - // Make the power save Null frame with PSM bit on 612 612 - MgtMacHeaderInit(pAd, pNullFrame, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid); 613 613 - pNullFrame->Duration = 0; 614 614 - pNullFrame->FC.Type = BTYPE_DATA; 615 615 - pNullFrame->FC.PwrMgmt = PWR_SAVE; 616 616 - 617 617 - // Send using priority queue 618 618 - MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11)); 619 619 - MlmeFreeMemory(pAd, pOutBuffer); 620 620 - DBGPRINT(RT_DEBUG_TRACE, ("Send PSM Data frame for off channel RM\n")); 621 621 - RTMPusecDelay(5000); 622 622 - } 623 623 - 624 624 - pAd->Mlme.AironetMachine.CurrState = AIRONET_SCANNING; 625 625 - } 626 626 - else if (pReq->Measurement.ScanMode == MSRN_SCAN_MODE_BEACON_TABLE) 627 627 - { 628 628 - // Beacon report Mode, report all the APS in current bss table 629 629 - DBGPRINT(RT_DEBUG_TRACE, ("Beacon Report Mode!\n")); 630 630 - 631 631 - // Copy current BSS table to CCX table, we can omit this step later on. 632 632 - NdisMoveMemory(&pAd->StaCfg.CCXBssTab, &pAd->ScanTab, sizeof(BSS_TABLE)); 633 633 - 634 634 - // Create beacon report from Bss table 635 635 - AironetCreateBeaconReportFromBssTable(pAd); 636 636 - 637 637 - // Set state to scanning 638 638 - pAd->Mlme.AironetMachine.CurrState = AIRONET_SCANNING; 639 639 - 640 640 - // Enqueue report request 641 641 - // Cisco scan request is finished, prepare beacon report 642 642 - MlmeEnqueue(pAd, AIRONET_STATE_MACHINE, MT2_AIRONET_SCAN_DONE, 0, NULL); 643 643 - } 644 644 - else 645 645 - { 646 646 - // Wrong scan Mode 647 647 - DBGPRINT(RT_DEBUG_TRACE, ("Wrong Scan Mode!\n")); 648 648 - } 649 649 - 650 650 - DBGPRINT(RT_DEBUG_TRACE, ("BeaconRequestAction <-----\n")); 651 651 - } 652 652 - 653 653 - /* 654 654 - ======================================================================== 655 655 - 656 656 - Routine Description: 657 657 - 658 658 - Arguments: 659 659 - 660 660 - Return Value: 661 661 - None 662 662 - 663 663 - Note: 664 664 - 665 665 - ======================================================================== 666 666 - */ 667 667 - VOID AironetReportAction( 668 668 - IN PRTMP_ADAPTER pAd, 669 669 - IN MLME_QUEUE_ELEM *Elem) 670 670 - { 671 671 - PRM_REQUEST_ACTION pReq; 672 672 - ULONG Now32; 673 673 - 674 674 - NdisGetSystemUpTime(&Now32); 675 675 - pAd->StaCfg.LastBeaconRxTime = Now32; 676 676 - 677 677 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[pAd->StaCfg.CurrentRMReqIdx]; 678 678 - 679 679 - DBGPRINT(RT_DEBUG_TRACE, ("AironetReportAction ----->\n")); 680 680 - 681 681 - // 1. Parse measurement type and call appropriate functions 682 682 - if (pReq->ReqElem.Type == MSRN_TYPE_CHANNEL_LOAD_REQ) 683 683 - // Channel Load measurement request 684 684 - ChannelLoadReportAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 685 685 - else if (pReq->ReqElem.Type == MSRN_TYPE_NOISE_HIST_REQ) 686 686 - // Noise Histogram measurement request 687 687 - NoiseHistReportAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 688 688 - else if (pReq->ReqElem.Type == MSRN_TYPE_BEACON_REQ) 689 689 - // Beacon measurement request 690 690 - BeaconReportAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 691 691 - else 692 692 - // Unknown. Do nothing and return 693 693 - ; 694 694 - 695 695 - // 2. Point to the correct index of action element, start from 0 696 696 - pAd->StaCfg.CurrentRMReqIdx++; 697 697 - 698 698 - // 3. Check for parallel actions 699 699 - if (pAd->StaCfg.ParallelReq == TRUE) 700 700 - { 701 701 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[pAd->StaCfg.CurrentRMReqIdx]; 702 702 - 703 703 - // Process next action right away 704 704 - if (pReq->ReqElem.Type == MSRN_TYPE_CHANNEL_LOAD_REQ) 705 705 - // Channel Load measurement request 706 706 - ChannelLoadReportAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 707 707 - else if (pReq->ReqElem.Type == MSRN_TYPE_NOISE_HIST_REQ) 708 708 - // Noise Histogram measurement request 709 709 - NoiseHistReportAction(pAd, pAd->StaCfg.CurrentRMReqIdx); 710 710 - 711 711 - pAd->StaCfg.ParallelReq = FALSE; 712 712 - pAd->StaCfg.CurrentRMReqIdx++; 713 713 - } 714 714 - 715 715 - if (pAd->StaCfg.CurrentRMReqIdx >= pAd->StaCfg.RMReqCnt) 716 716 - { 717 717 - // 4. There is no more unprocessed measurement request, go for transmit this report 718 718 - AironetFinalReportAction(pAd); 719 719 - pAd->Mlme.AironetMachine.CurrState = AIRONET_IDLE; 720 720 - } 721 721 - else 722 722 - { 723 723 - pReq = (PRM_REQUEST_ACTION) &pAd->StaCfg.MeasurementRequest[pAd->StaCfg.CurrentRMReqIdx]; 724 724 - 725 725 - if (pReq->Measurement.Channel != pAd->CommonCfg.Channel) 726 726 - { 727 727 - RTMPusecDelay(100000); 728 728 - } 729 729 - 730 730 - // 5. There are more requests to be measure 731 731 - MlmeEnqueue(pAd, AIRONET_STATE_MACHINE, MT2_AIRONET_SCAN_REQ, 0, NULL); 732 732 - RT28XX_MLME_HANDLER(pAd); 733 733 - } 734 734 - 735 735 - DBGPRINT(RT_DEBUG_TRACE, ("AironetReportAction <-----\n")); 736 736 - } 737 737 - 738 738 - /* 739 739 - ======================================================================== 740 740 - 741 741 - Routine Description: 742 742 - 743 743 - Arguments: 744 744 - 745 745 - Return Value: 746 746 - None 747 747 - 748 748 - Note: 749 749 - 750 750 - ======================================================================== 751 751 - */ 752 752 - VOID AironetFinalReportAction( 753 753 - IN PRTMP_ADAPTER pAd) 754 754 - { 755 755 - PUCHAR pDest; 756 756 - PAIRONET_IAPP_HEADER pIAPP; 757 757 - PHEADER_802_11 pHeader; 758 758 - UCHAR AckRate = RATE_2; 759 759 - USHORT AckDuration = 0; 760 760 - NDIS_STATUS NStatus; 761 761 - PUCHAR pOutBuffer = NULL; 762 762 - ULONG FrameLen = 0; 763 763 - 764 764 - DBGPRINT(RT_DEBUG_TRACE, ("AironetFinalReportAction ----->\n")); 765 765 - 766 766 - // 0. Set up the frame pointer, Frame was inited at the end of message action 767 767 - pDest = &pAd->StaCfg.FrameReportBuf[LENGTH_802_11]; 768 768 - 769 769 - // 1. Update report IAPP fields 770 770 - pIAPP = (PAIRONET_IAPP_HEADER) pDest; 771 771 - 772 772 - // 2. Copy Cisco SNAP header 773 773 - NdisMoveMemory(pIAPP->CiscoSnapHeader, SNAP_AIRONET, LENGTH_802_1_H); 774 774 - 775 775 - // 3. network order for this 16bit length 776 776 - pIAPP->Length = cpu2be16(pAd->StaCfg.FrameReportLen - LENGTH_802_11 - LENGTH_802_1_H); 777 777 - 778 778 - // 3.1 sanity check the report length, ignore it if there is nothing to report 779 779 - if (be2cpu16(pIAPP->Length) <= 18) 780 780 - return; 781 781 - 782 782 - // 4. Type must be 0x32 783 783 - pIAPP->Type = AIRONET_IAPP_TYPE; 784 784 - 785 785 - // 5. SubType for report must be 0x81 786 786 - pIAPP->SubType = AIRONET_IAPP_SUBTYPE_REPORT; 787 787 - 788 788 - // 6. DA is not used and must be zero, although the whole frame was cleared at the start of function 789 789 - // We will do it again here. We can use BSSID instead 790 790 - COPY_MAC_ADDR(pIAPP->DA, pAd->CommonCfg.Bssid); 791 791 - 792 792 - // 7. SA is the client reporting which must be our MAC 793 793 - COPY_MAC_ADDR(pIAPP->SA, pAd->CurrentAddress); 794 794 - 795 795 - // 8. Copy the saved dialog token 796 796 - pIAPP->Token = pAd->StaCfg.IAPPToken; 797 797 - 798 798 - // 9. Make the Report frame 802.11 header 799 799 - // Reuse function in wpa.c 800 800 - pHeader = (PHEADER_802_11) pAd->StaCfg.FrameReportBuf; 801 801 - pAd->Sequence ++; 802 802 - WpaMacHeaderInit(pAd, pHeader, 0, pAd->CommonCfg.Bssid); 803 803 - 804 804 - // ACK size is 14 include CRC, and its rate is based on real time information 805 805 - AckRate = pAd->CommonCfg.ExpectedACKRate[pAd->CommonCfg.MlmeRate]; 806 806 - AckDuration = RTMPCalcDuration(pAd, AckRate, 14); 807 807 - pHeader->Duration = pAd->CommonCfg.Dsifs + AckDuration; 808 808 - 809 809 - // Use MLME enqueue method 810 810 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 811 811 - if (NStatus != NDIS_STATUS_SUCCESS) 812 812 - return; 813 813 - 814 814 - // 10. Prepare report frame with dynamic outbuffer. Just simply copy everything. 815 815 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 816 816 - pAd->StaCfg.FrameReportLen, pAd->StaCfg.FrameReportBuf, 817 817 - END_OF_ARGS); 818 818 - 819 819 - // 11. Send using priority queue 820 820 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 821 821 - MlmeFreeMemory(pAd, pOutBuffer); 822 822 - 823 823 - pAd->StaCfg.CCXReqType = MSRN_TYPE_UNUSED; 824 824 - 825 825 - DBGPRINT(RT_DEBUG_TRACE, ("AironetFinalReportAction <-----\n")); 826 826 - } 827 827 - 828 828 - /* 829 829 - ======================================================================== 830 830 - 831 831 - Routine Description: 832 832 - 833 833 - Arguments: 834 834 - 835 835 - Return Value: 836 836 - None 837 837 - 838 838 - Note: 839 839 - 840 840 - ======================================================================== 841 841 - */ 842 842 - VOID ChannelLoadReportAction( 843 843 - IN PRTMP_ADAPTER pAd, 844 844 - IN UCHAR Index) 845 845 - { 846 846 - PMEASUREMENT_REPORT_ELEMENT pReport; 847 847 - PCHANNEL_LOAD_REPORT pLoad; 848 848 - PUCHAR pDest; 849 849 - UCHAR CCABusyFraction; 850 850 - 851 851 - DBGPRINT(RT_DEBUG_TRACE, ("ChannelLoadReportAction ----->\n")); 852 852 - 853 853 - // Disable Rx with promiscuous reception, make it back to normal 854 854 - RTMP_IO_WRITE32(pAd, RX_FILTR_CFG, STANORMAL); // Staion not drop control frame will fail WiFi Certification. 855 855 - 856 856 - // 0. Setup pointer for processing beacon & probe response 857 857 - pDest = (PUCHAR) &pAd->StaCfg.FrameReportBuf[pAd->StaCfg.FrameReportLen]; 858 858 - pReport = (PMEASUREMENT_REPORT_ELEMENT) pDest; 859 859 - 860 860 - // 1. Fill Measurement report element field. 861 861 - pReport->Eid = IE_MEASUREMENT_REPORT; 862 862 - // Fixed Length at 9, not include Eid and length fields 863 863 - pReport->Length = 9; 864 864 - pReport->Token = pAd->StaCfg.MeasurementRequest[Index].ReqElem.Token; 865 865 - pReport->Mode = pAd->StaCfg.MeasurementRequest[Index].ReqElem.Mode; 866 866 - pReport->Type = MSRN_TYPE_CHANNEL_LOAD_REQ; 867 867 - 868 868 - // 2. Fill channel report measurement data 869 869 - pDest += sizeof(MEASUREMENT_REPORT_ELEMENT); 870 870 - pLoad = (PCHANNEL_LOAD_REPORT) pDest; 871 871 - pLoad->Channel = pAd->StaCfg.MeasurementRequest[Index].Measurement.Channel; 872 872 - pLoad->Spare = 0; 873 873 - pLoad->Duration = pAd->StaCfg.MeasurementRequest[Index].Measurement.Duration; 874 874 - 875 875 - // 3. Calculate the CCA Busy Fraction 876 876 - // (Bytes + ACK size) * 8 / Tx speed * 255 / 1000 / measurement duration, use 24 us Tx speed 877 877 - // = (Bytes + ACK) / 12 / duration 878 878 - // 9 is the good value for pAd->StaCfg.CLFactor 879 879 - // CCABusyFraction = (UCHAR) (pAd->StaCfg.CLBusyBytes / 9 / pLoad->Duration); 880 880 - CCABusyFraction = (UCHAR) (pAd->StaCfg.CLBusyBytes / pAd->StaCfg.CLFactor / pLoad->Duration); 881 881 - if (CCABusyFraction < 10) 882 882 - CCABusyFraction = (UCHAR) (pAd->StaCfg.CLBusyBytes / 3 / pLoad->Duration) + 1; 883 883 - 884 884 - pLoad->CCABusy = CCABusyFraction; 885 885 - DBGPRINT(RT_DEBUG_TRACE, ("CLBusyByte %ld, Duration %d, Result, %d\n", pAd->StaCfg.CLBusyBytes, pLoad->Duration, CCABusyFraction)); 886 886 - 887 887 - DBGPRINT(RT_DEBUG_TRACE, ("FrameReportLen %d\n", pAd->StaCfg.FrameReportLen)); 888 888 - pAd->StaCfg.FrameReportLen += (sizeof(MEASUREMENT_REPORT_ELEMENT) + sizeof(CHANNEL_LOAD_REPORT)); 889 889 - DBGPRINT(RT_DEBUG_TRACE, ("FrameReportLen %d\n", pAd->StaCfg.FrameReportLen)); 890 890 - 891 891 - // 4. Clear channel load measurement flag 892 892 - RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_RADIO_MEASUREMENT); 893 893 - 894 894 - // 5. reset to idle state 895 895 - pAd->Mlme.AironetMachine.CurrState = AIRONET_IDLE; 896 896 - 897 897 - DBGPRINT(RT_DEBUG_TRACE, ("ChannelLoadReportAction <-----\n")); 898 898 - } 899 899 - 900 900 - /* 901 901 - ======================================================================== 902 902 - 903 903 - Routine Description: 904 904 - 905 905 - Arguments: 906 906 - 907 907 - Return Value: 908 908 - None 909 909 - 910 910 - Note: 911 911 - 912 912 - ======================================================================== 913 913 - */ 914 914 - VOID NoiseHistReportAction( 915 915 - IN PRTMP_ADAPTER pAd, 916 916 - IN UCHAR Index) 917 917 - { 918 918 - PMEASUREMENT_REPORT_ELEMENT pReport; 919 919 - PNOISE_HIST_REPORT pNoise; 920 920 - PUCHAR pDest; 921 921 - UCHAR i,NoiseCnt; 922 922 - USHORT TotalRPICnt, TotalRPISum; 923 923 - 924 924 - DBGPRINT(RT_DEBUG_TRACE, ("NoiseHistReportAction ----->\n")); 925 925 - 926 926 - // 0. Disable Rx with promiscuous reception, make it back to normal 927 927 - RTMP_IO_WRITE32(pAd, RX_FILTR_CFG, STANORMAL); // Staion not drop control frame will fail WiFi Certification. 928 928 - // 1. Setup pointer for processing beacon & probe response 929 929 - pDest = (PUCHAR) &pAd->StaCfg.FrameReportBuf[pAd->StaCfg.FrameReportLen]; 930 930 - pReport = (PMEASUREMENT_REPORT_ELEMENT) pDest; 931 931 - 932 932 - // 2. Fill Measurement report element field. 933 933 - pReport->Eid = IE_MEASUREMENT_REPORT; 934 934 - // Fixed Length at 16, not include Eid and length fields 935 935 - pReport->Length = 16; 936 936 - pReport->Token = pAd->StaCfg.MeasurementRequest[Index].ReqElem.Token; 937 937 - pReport->Mode = pAd->StaCfg.MeasurementRequest[Index].ReqElem.Mode; 938 938 - pReport->Type = MSRN_TYPE_NOISE_HIST_REQ; 939 939 - 940 940 - // 3. Fill noise histogram report measurement data 941 941 - pDest += sizeof(MEASUREMENT_REPORT_ELEMENT); 942 942 - pNoise = (PNOISE_HIST_REPORT) pDest; 943 943 - pNoise->Channel = pAd->StaCfg.MeasurementRequest[Index].Measurement.Channel; 944 944 - pNoise->Spare = 0; 945 945 - pNoise->Duration = pAd->StaCfg.MeasurementRequest[Index].Measurement.Duration; 946 946 - // 4. Fill Noise histogram, the total RPI counts should be 0.4 * TU 947 947 - // We estimate 4000 normal packets received durning 10 seconds test. 948 948 - // Adjust it if required. 949 949 - // 3 is a good value for pAd->StaCfg.NHFactor 950 950 - // TotalRPICnt = pNoise->Duration * 3 / 10; 951 951 - TotalRPICnt = pNoise->Duration * pAd->StaCfg.NHFactor / 10; 952 952 - TotalRPISum = 0; 953 953 - 954 954 - for (i = 0; i < 8; i++) 955 955 - { 956 956 - TotalRPISum += pAd->StaCfg.RPIDensity[i]; 957 957 - DBGPRINT(RT_DEBUG_TRACE, ("RPI %d Conuts %d\n", i, pAd->StaCfg.RPIDensity[i])); 958 958 - } 959 959 - 960 960 - // Double check if the counter is larger than our expectation. 961 961 - // We will replace it with the total number plus a fraction. 962 962 - if (TotalRPISum > TotalRPICnt) 963 963 - TotalRPICnt = TotalRPISum + pNoise->Duration / 20; 964 964 - 965 965 - DBGPRINT(RT_DEBUG_TRACE, ("Total RPI Conuts %d\n", TotalRPICnt)); 966 966 - 967 967 - // 5. Initialize noise count for the total summation of 0xff 968 968 - NoiseCnt = 0; 969 969 - for (i = 1; i < 8; i++) 970 970 - { 971 971 - pNoise->Density[i] = (UCHAR) (pAd->StaCfg.RPIDensity[i] * 255 / TotalRPICnt); 972 972 - if ((pNoise->Density[i] == 0) && (pAd->StaCfg.RPIDensity[i] != 0)) 973 973 - pNoise->Density[i]++; 974 974 - NoiseCnt += pNoise->Density[i]; 975 975 - DBGPRINT(RT_DEBUG_TRACE, ("Reported RPI[%d] = 0x%02x\n", i, pNoise->Density[i])); 976 976 - } 977 977 - 978 978 - // 6. RPI[0] represents the rest of counts 979 979 - pNoise->Density[0] = 0xff - NoiseCnt; 980 980 - DBGPRINT(RT_DEBUG_TRACE, ("Reported RPI[0] = 0x%02x\n", pNoise->Density[0])); 981 981 - 982 982 - pAd->StaCfg.FrameReportLen += (sizeof(MEASUREMENT_REPORT_ELEMENT) + sizeof(NOISE_HIST_REPORT)); 983 983 - 984 984 - // 7. Clear channel load measurement flag 985 985 - RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_RADIO_MEASUREMENT); 986 986 - 987 987 - // 8. reset to idle state 988 988 - pAd->Mlme.AironetMachine.CurrState = AIRONET_IDLE; 989 989 - 990 990 - DBGPRINT(RT_DEBUG_TRACE, ("NoiseHistReportAction <-----\n")); 991 991 - } 992 992 - 993 993 - /* 994 994 - ======================================================================== 995 995 - 996 996 - Routine Description: 997 997 - Prepare Beacon report action, 998 998 - 999 999 - Arguments: 1000 1000 - pAd Pointer to our adapter 1001 1001 - 1002 1002 - Return Value: 1003 1003 - None 1004 1004 - 1005 1005 - Note: 1006 1006 - 1007 1007 - ======================================================================== 1008 1008 - */ 1009 1009 - VOID BeaconReportAction( 1010 1010 - IN PRTMP_ADAPTER pAd, 1011 1011 - IN UCHAR Index) 1012 1012 - { 1013 1013 - DBGPRINT(RT_DEBUG_TRACE, ("BeaconReportAction ----->\n")); 1014 1014 - 1015 1015 - // Looks like we don't have anything thing need to do here. 1016 1016 - // All measurement report already finished in AddBeaconReport 1017 1017 - // The length is in the FrameReportLen 1018 1018 - 1019 1019 - // reset Beacon index for next beacon request 1020 1020 - pAd->StaCfg.LastBssIndex = 0xff; 1021 1021 - 1022 1022 - // reset to idle state 1023 1023 - pAd->Mlme.AironetMachine.CurrState = AIRONET_IDLE; 1024 1024 - 1025 1025 - DBGPRINT(RT_DEBUG_TRACE, ("BeaconReportAction <-----\n")); 1026 1026 - } 1027 1027 - 1028 1028 - /* 1029 1029 - ======================================================================== 1030 1030 - 1031 1031 - Routine Description: 1032 1032 - 1033 1033 - Arguments: 1034 1034 - Index Current BSSID in CCXBsstab entry index 1035 1035 - 1036 1036 - Return Value: 1037 1037 - 1038 1038 - Note: 1039 1039 - 1040 1040 - ======================================================================== 1041 1041 - */ 1042 1042 - VOID AironetAddBeaconReport( 1043 1043 - IN PRTMP_ADAPTER pAd, 1044 1044 - IN ULONG Index, 1045 1045 - IN PMLME_QUEUE_ELEM pElem) 1046 1046 - { 1047 1047 - PVOID pMsg; 1048 1048 - PUCHAR pSrc, pDest; 1049 1049 - UCHAR ReqIdx; 1050 1050 - ULONG MsgLen; 1051 1051 - USHORT Length; 1052 1052 - PFRAME_802_11 pFrame; 1053 1053 - PMEASUREMENT_REPORT_ELEMENT pReport; 1054 1054 - PEID_STRUCT pEid; 1055 1055 - PBEACON_REPORT pBeaconReport; 1056 1056 - PBSS_ENTRY pBss; 1057 1057 - 1058 1058 - // 0. Setup pointer for processing beacon & probe response 1059 1059 - pMsg = pElem->Msg; 1060 1060 - MsgLen = pElem->MsgLen; 1061 1061 - pFrame = (PFRAME_802_11) pMsg; 1062 1062 - pSrc = pFrame->Octet; // Start from AP TSF 1063 1063 - pBss = (PBSS_ENTRY) &pAd->StaCfg.CCXBssTab.BssEntry[Index]; 1064 1064 - ReqIdx = pAd->StaCfg.CurrentRMReqIdx; 1065 1065 - 1066 1066 - // 1 Check the Index, if we already create this entry, only update the average RSSI 1067 1067 - if ((Index <= pAd->StaCfg.LastBssIndex) && (pAd->StaCfg.LastBssIndex != 0xff)) 1068 1068 - { 1069 1069 - pDest = (PUCHAR) &pAd->StaCfg.FrameReportBuf[pAd->StaCfg.BssReportOffset[Index]]; 1070 1070 - // Point to bss report information 1071 1071 - pDest += sizeof(MEASUREMENT_REPORT_ELEMENT); 1072 1072 - pBeaconReport = (PBEACON_REPORT) pDest; 1073 1073 - 1074 1074 - // Update Rx power, in dBm 1075 1075 - // Get the original RSSI readback from BBP 1076 1076 - pBeaconReport->RxPower += pAd->BbpRssiToDbmDelta; 1077 1077 - // Average the Rssi reading 1078 1078 - pBeaconReport->RxPower = (pBeaconReport->RxPower + pBss->Rssi) / 2; 1079 1079 - // Get to dBm format 1080 1080 - pBeaconReport->RxPower -= pAd->BbpRssiToDbmDelta; 1081 1081 - 1082 1082 - DBGPRINT(RT_DEBUG_TRACE, ("Bssid %02x:%02x:%02x:%02x:%02x:%02x ", 1083 1083 - pBss->Bssid[0], pBss->Bssid[1], pBss->Bssid[2], 1084 1084 - pBss->Bssid[3], pBss->Bssid[4], pBss->Bssid[5])); 1085 1085 - DBGPRINT(RT_DEBUG_TRACE, ("RxPower[%ld] Rssi %d, Avg Rssi %d\n", Index, (pBss->Rssi - pAd->BbpRssiToDbmDelta), pBeaconReport->RxPower - 256)); 1086 1086 - DBGPRINT(RT_DEBUG_TRACE, ("FrameReportLen = %d\n", pAd->StaCfg.BssReportOffset[Index])); 1087 1087 - 1088 1088 - // Update other information here 1089 1089 - 1090 1090 - // Done 1091 1091 - return; 1092 1092 - } 1093 1093 - 1094 1094 - // 2. Update reported Index 1095 1095 - pAd->StaCfg.LastBssIndex = Index; 1096 1096 - 1097 1097 - // 3. Setup the buffer address for copying this BSSID into reporting frame 1098 1098 - // The offset should start after 802.11 header and report frame header. 1099 1099 - pDest = (PUCHAR) &pAd->StaCfg.FrameReportBuf[pAd->StaCfg.FrameReportLen]; 1100 1100 - 1101 1101 - // 4. Save the start offset of each Bss in report frame 1102 1102 - pAd->StaCfg.BssReportOffset[Index] = pAd->StaCfg.FrameReportLen; 1103 1103 - 1104 1104 - // 5. Fill Measurement report fields 1105 1105 - pReport = (PMEASUREMENT_REPORT_ELEMENT) pDest; 1106 1106 - pReport->Eid = IE_MEASUREMENT_REPORT; 1107 1107 - pReport->Length = 0; 1108 1108 - pReport->Token = pAd->StaCfg.MeasurementRequest[ReqIdx].ReqElem.Token; 1109 1109 - pReport->Mode = pAd->StaCfg.MeasurementRequest[ReqIdx].ReqElem.Mode; 1110 1110 - pReport->Type = MSRN_TYPE_BEACON_REQ; 1111 1111 - Length = sizeof(MEASUREMENT_REPORT_ELEMENT); 1112 1112 - pDest += sizeof(MEASUREMENT_REPORT_ELEMENT); 1113 1113 - 1114 1114 - // 6. Start thebeacon report format 1115 1115 - pBeaconReport = (PBEACON_REPORT) pDest; 1116 1116 - pDest += sizeof(BEACON_REPORT); 1117 1117 - Length += sizeof(BEACON_REPORT); 1118 1118 - 1119 1119 - // 7. Copy Channel number 1120 1120 - pBeaconReport->Channel = pBss->Channel; 1121 1121 - pBeaconReport->Spare = 0; 1122 1122 - pBeaconReport->Duration = pAd->StaCfg.MeasurementRequest[ReqIdx].Measurement.Duration; 1123 1123 - pBeaconReport->PhyType = ((pBss->SupRateLen+pBss->ExtRateLen > 4) ? PHY_ERP : PHY_DSS); 1124 1124 - // 8. Rx power, in dBm 1125 1125 - pBeaconReport->RxPower = pBss->Rssi - pAd->BbpRssiToDbmDelta; 1126 1126 - 1127 1127 - DBGPRINT(RT_DEBUG_TRACE, ("Bssid %02x:%02x:%02x:%02x:%02x:%02x ", 1128 1128 - pBss->Bssid[0], pBss->Bssid[1], pBss->Bssid[2], 1129 1129 - pBss->Bssid[3], pBss->Bssid[4], pBss->Bssid[5])); 1130 1130 - DBGPRINT(RT_DEBUG_TRACE, ("RxPower[%ld], Rssi %d\n", Index, pBeaconReport->RxPower - 256)); 1131 1131 - DBGPRINT(RT_DEBUG_TRACE, ("FrameReportLen = %d\n", pAd->StaCfg.FrameReportLen)); 1132 1132 - 1133 1133 - pBeaconReport->BeaconInterval = pBss->BeaconPeriod; 1134 1134 - COPY_MAC_ADDR(pBeaconReport->BSSID, pFrame->Hdr.Addr3); 1135 1135 - NdisMoveMemory(pBeaconReport->ParentTSF, pSrc, 4); 1136 1136 - NdisMoveMemory(pBeaconReport->TargetTSF, &pElem->TimeStamp.u.LowPart, 4); 1137 1137 - NdisMoveMemory(&pBeaconReport->TargetTSF[4], &pElem->TimeStamp.u.HighPart, 4); 1138 1138 - 1139 1139 - // 9. Skip the beacon frame and offset to start of capabilityinfo since we already processed capabilityinfo 1140 1140 - pSrc += (TIMESTAMP_LEN + 2); 1141 1141 - pBeaconReport->CapabilityInfo = *(USHORT *)pSrc; 1142 1142 - 1143 1143 - // 10. Point to start of element ID 1144 1144 - pSrc += 2; 1145 1145 - pEid = (PEID_STRUCT) pSrc; 1146 1146 - 1147 1147 - // 11. Start process all variable Eid oayload and add the appropriate to the frame report 1148 1148 - while (((PUCHAR) pEid + pEid->Len + 1) < ((PUCHAR) pFrame + MsgLen)) 1149 1149 - { 1150 1150 - // Only limited EID are required to report for CCX 2. It includes SSID, Supported rate, 1151 1151 - // FH paramenter set, DS parameter set, CF parameter set, IBSS parameter set, 1152 1152 - // TIM (report first 4 bytes only, radio measurement capability 1153 1153 - switch (pEid->Eid) 1154 1154 - { 1155 1155 - case IE_SSID: 1156 1156 - case IE_SUPP_RATES: 1157 1157 - case IE_FH_PARM: 1158 1158 - case IE_DS_PARM: 1159 1159 - case IE_CF_PARM: 1160 1160 - case IE_IBSS_PARM: 1161 1161 - NdisMoveMemory(pDest, pEid, pEid->Len + 2); 1162 1162 - pDest += (pEid->Len + 2); 1163 1163 - Length += (pEid->Len + 2); 1164 1164 - break; 1165 1165 - 1166 1166 - case IE_MEASUREMENT_CAPABILITY: 1167 1167 - // Since this IE is duplicated with WPA security IE, we has to do sanity check before 1168 1168 - // recognize it. 1169 1169 - // 1. It also has fixed 6 bytes IE length. 1170 1170 - if (pEid->Len != 6) 1171 1171 - break; 1172 1172 - // 2. Check the Cisco Aironet OUI 1173 1173 - if (NdisEqualMemory(CISCO_OUI, (pSrc + 2), 3)) 1174 1174 - { 1175 1175 - // Matched, this is what we want 1176 1176 - NdisMoveMemory(pDest, pEid, pEid->Len + 2); 1177 1177 - pDest += (pEid->Len + 2); 1178 1178 - Length += (pEid->Len + 2); 1179 1179 - } 1180 1180 - break; 1181 1181 - 1182 1182 - case IE_TIM: 1183 1183 - if (pEid->Len > 4) 1184 1184 - { 1185 1185 - // May truncate and report the first 4 bytes only, with the eid & len, total should be 6 1186 1186 - NdisMoveMemory(pDest, pEid, 6); 1187 1187 - pDest += 6; 1188 1188 - Length += 6; 1189 1189 - } 1190 1190 - else 1191 1191 - { 1192 1192 - NdisMoveMemory(pDest, pEid, pEid->Len + 2); 1193 1193 - pDest += (pEid->Len + 2); 1194 1194 - Length += (pEid->Len + 2); 1195 1195 - } 1196 1196 - break; 1197 1197 - 1198 1198 - default: 1199 1199 - break; 1200 1200 - } 1201 1201 - // 12. Move to next element ID 1202 1202 - pSrc += (2 + pEid->Len); 1203 1203 - pEid = (PEID_STRUCT) pSrc; 1204 1204 - } 1205 1205 - 1206 1206 - // 13. Update the length in the header, not include EID and length 1207 1207 - pReport->Length = Length - 4; 1208 1208 - 1209 1209 - // 14. Update the frame report buffer data length 1210 1210 - pAd->StaCfg.FrameReportLen += Length; 1211 1211 - DBGPRINT(RT_DEBUG_TRACE, ("FR len = %d\n", pAd->StaCfg.FrameReportLen)); 1212 1212 - } 1213 1213 - 1214 1214 - /* 1215 1215 - ======================================================================== 1216 1216 - 1217 1217 - Routine Description: 1218 1218 - 1219 1219 - Arguments: 1220 1220 - Index Current BSSID in CCXBsstab entry index 1221 1221 - 1222 1222 - Return Value: 1223 1223 - 1224 1224 - Note: 1225 1225 - 1226 1226 - ======================================================================== 1227 1227 - */ 1228 1228 - VOID AironetCreateBeaconReportFromBssTable( 1229 1229 - IN PRTMP_ADAPTER pAd) 1230 1230 - { 1231 1231 - PMEASUREMENT_REPORT_ELEMENT pReport; 1232 1232 - PBEACON_REPORT pBeaconReport; 1233 1233 - UCHAR Index, ReqIdx; 1234 1234 - USHORT Length; 1235 1235 - PUCHAR pDest; 1236 1236 - PBSS_ENTRY pBss; 1237 1237 - 1238 1238 - // 0. setup base pointer 1239 1239 - ReqIdx = pAd->StaCfg.CurrentRMReqIdx; 1240 1240 - 1241 1241 - for (Index = 0; Index < pAd->StaCfg.CCXBssTab.BssNr; Index++) 1242 1242 - { 1243 1243 - // 1. Setup the buffer address for copying this BSSID into reporting frame 1244 1244 - // The offset should start after 802.11 header and report frame header. 1245 1245 - pDest = (PUCHAR) &pAd->StaCfg.FrameReportBuf[pAd->StaCfg.FrameReportLen]; 1246 1246 - pBss = (PBSS_ENTRY) &pAd->StaCfg.CCXBssTab.BssEntry[Index]; 1247 1247 - Length = 0; 1248 1248 - 1249 1249 - // 2. Fill Measurement report fields 1250 1250 - pReport = (PMEASUREMENT_REPORT_ELEMENT) pDest; 1251 1251 - pReport->Eid = IE_MEASUREMENT_REPORT; 1252 1252 - pReport->Length = 0; 1253 1253 - pReport->Token = pAd->StaCfg.MeasurementRequest[ReqIdx].ReqElem.Token; 1254 1254 - pReport->Mode = pAd->StaCfg.MeasurementRequest[ReqIdx].ReqElem.Mode; 1255 1255 - pReport->Type = MSRN_TYPE_BEACON_REQ; 1256 1256 - Length = sizeof(MEASUREMENT_REPORT_ELEMENT); 1257 1257 - pDest += sizeof(MEASUREMENT_REPORT_ELEMENT); 1258 1258 - 1259 1259 - // 3. Start the beacon report format 1260 1260 - pBeaconReport = (PBEACON_REPORT) pDest; 1261 1261 - pDest += sizeof(BEACON_REPORT); 1262 1262 - Length += sizeof(BEACON_REPORT); 1263 1263 - 1264 1264 - // 4. Copy Channel number 1265 1265 - pBeaconReport->Channel = pBss->Channel; 1266 1266 - pBeaconReport->Spare = 0; 1267 1267 - pBeaconReport->Duration = pAd->StaCfg.MeasurementRequest[ReqIdx].Measurement.Duration; 1268 1268 - pBeaconReport->PhyType = ((pBss->SupRateLen+pBss->ExtRateLen > 4) ? PHY_ERP : PHY_DSS); 1269 1269 - pBeaconReport->RxPower = pBss->Rssi - pAd->BbpRssiToDbmDelta; 1270 1270 - pBeaconReport->BeaconInterval = pBss->BeaconPeriod; 1271 1271 - pBeaconReport->CapabilityInfo = pBss->CapabilityInfo; 1272 1272 - COPY_MAC_ADDR(pBeaconReport->BSSID, pBss->Bssid); 1273 1273 - NdisMoveMemory(pBeaconReport->ParentTSF, pBss->PTSF, 4); 1274 1274 - NdisMoveMemory(pBeaconReport->TargetTSF, pBss->TTSF, 8); 1275 1275 - 1276 1276 - // 5. Create SSID 1277 1277 - *pDest++ = 0x00; 1278 1278 - *pDest++ = pBss->SsidLen; 1279 1279 - NdisMoveMemory(pDest, pBss->Ssid, pBss->SsidLen); 1280 1280 - pDest += pBss->SsidLen; 1281 1281 - Length += (2 + pBss->SsidLen); 1282 1282 - 1283 1283 - // 6. Create SupportRates 1284 1284 - *pDest++ = 0x01; 1285 1285 - *pDest++ = pBss->SupRateLen; 1286 1286 - NdisMoveMemory(pDest, pBss->SupRate, pBss->SupRateLen); 1287 1287 - pDest += pBss->SupRateLen; 1288 1288 - Length += (2 + pBss->SupRateLen); 1289 1289 - 1290 1290 - // 7. DS Parameter 1291 1291 - *pDest++ = 0x03; 1292 1292 - *pDest++ = 1; 1293 1293 - *pDest++ = pBss->Channel; 1294 1294 - Length += 3; 1295 1295 - 1296 1296 - // 8. IBSS parameter if presents 1297 1297 - if (pBss->BssType == BSS_ADHOC) 1298 1298 - { 1299 1299 - *pDest++ = 0x06; 1300 1300 - *pDest++ = 2; 1301 1301 - *(PUSHORT) pDest = pBss->AtimWin; 1302 1302 - pDest += 2; 1303 1303 - Length += 4; 1304 1304 - } 1305 1305 - 1306 1306 - // 9. Update length field, not include EID and length 1307 1307 - pReport->Length = Length - 4; 1308 1308 - 1309 1309 - // 10. Update total frame size 1310 1310 - pAd->StaCfg.FrameReportLen += Length; 1311 1311 - } 1312 1312 - } 1 1 + #include "../../rt2870/sta/aironet.c"

+1 -1733

drivers/staging/rt3070/sta/assoc.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - assoc.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - John 2004-9-3 porting from RT2500 36 36 - */ 37 37 - #include "../rt_config.h" 38 38 - 39 39 - UCHAR CipherWpaTemplate[] = { 40 40 - 0xdd, // WPA IE 41 41 - 0x16, // Length 42 42 - 0x00, 0x50, 0xf2, 0x01, // oui 43 43 - 0x01, 0x00, // Version 44 44 - 0x00, 0x50, 0xf2, 0x02, // Multicast 45 45 - 0x01, 0x00, // Number of unicast 46 46 - 0x00, 0x50, 0xf2, 0x02, // unicast 47 47 - 0x01, 0x00, // number of authentication method 48 48 - 0x00, 0x50, 0xf2, 0x01 // authentication 49 49 - }; 50 50 - 51 51 - UCHAR CipherWpa2Template[] = { 52 52 - 0x30, // RSN IE 53 53 - 0x14, // Length 54 54 - 0x01, 0x00, // Version 55 55 - 0x00, 0x0f, 0xac, 0x02, // group cipher, TKIP 56 56 - 0x01, 0x00, // number of pairwise 57 57 - 0x00, 0x0f, 0xac, 0x02, // unicast 58 58 - 0x01, 0x00, // number of authentication method 59 59 - 0x00, 0x0f, 0xac, 0x02, // authentication 60 60 - 0x00, 0x00, // RSN capability 61 61 - }; 62 62 - 63 63 - UCHAR Ccx2IeInfo[] = { 0x00, 0x40, 0x96, 0x03, 0x02}; 64 64 - 65 65 - /* 66 66 - ========================================================================== 67 67 - Description: 68 68 - association state machine init, including state transition and timer init 69 69 - Parameters: 70 70 - S - pointer to the association state machine 71 71 - 72 72 - IRQL = PASSIVE_LEVEL 73 73 - 74 74 - ========================================================================== 75 75 - */ 76 76 - VOID AssocStateMachineInit( 77 77 - IN PRTMP_ADAPTER pAd, 78 78 - IN STATE_MACHINE *S, 79 79 - OUT STATE_MACHINE_FUNC Trans[]) 80 80 - { 81 81 - StateMachineInit(S, Trans, MAX_ASSOC_STATE, MAX_ASSOC_MSG, (STATE_MACHINE_FUNC)Drop, ASSOC_IDLE, ASSOC_MACHINE_BASE); 82 82 - 83 83 - // first column 84 84 - StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)MlmeAssocReqAction); 85 85 - StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)MlmeReassocReqAction); 86 86 - StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)MlmeDisassocReqAction); 87 87 - StateMachineSetAction(S, ASSOC_IDLE, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction); 88 88 - 89 89 - // second column 90 90 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc); 91 91 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc); 92 92 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate); 93 93 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction); 94 94 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_ASSOC_RSP, (STATE_MACHINE_FUNC)PeerAssocRspAction); 95 95 - // 96 96 - // Patch 3Com AP MOde:3CRWE454G72 97 97 - // We send Assoc request frame to this AP, it always send Reassoc Rsp not Associate Rsp. 98 98 - // 99 99 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_REASSOC_RSP, (STATE_MACHINE_FUNC)PeerAssocRspAction); 100 100 - StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_ASSOC_TIMEOUT, (STATE_MACHINE_FUNC)AssocTimeoutAction); 101 101 - 102 102 - // third column 103 103 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc); 104 104 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc); 105 105 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate); 106 106 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction); 107 107 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_REASSOC_RSP, (STATE_MACHINE_FUNC)PeerReassocRspAction); 108 108 - // 109 109 - // Patch, AP doesn't send Reassociate Rsp frame to Station. 110 110 - // 111 111 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_ASSOC_RSP, (STATE_MACHINE_FUNC)PeerReassocRspAction); 112 112 - StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_REASSOC_TIMEOUT, (STATE_MACHINE_FUNC)ReassocTimeoutAction); 113 113 - 114 114 - // fourth column 115 115 - StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc); 116 116 - StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc); 117 117 - StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate); 118 118 - StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction); 119 119 - StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_DISASSOC_TIMEOUT, (STATE_MACHINE_FUNC)DisassocTimeoutAction); 120 120 - 121 121 - // initialize the timer 122 122 - RTMPInitTimer(pAd, &pAd->MlmeAux.AssocTimer, GET_TIMER_FUNCTION(AssocTimeout), pAd, FALSE); 123 123 - RTMPInitTimer(pAd, &pAd->MlmeAux.ReassocTimer, GET_TIMER_FUNCTION(ReassocTimeout), pAd, FALSE); 124 124 - RTMPInitTimer(pAd, &pAd->MlmeAux.DisassocTimer, GET_TIMER_FUNCTION(DisassocTimeout), pAd, FALSE); 125 125 - } 126 126 - 127 127 - /* 128 128 - ========================================================================== 129 129 - Description: 130 130 - Association timeout procedure. After association timeout, this function 131 131 - will be called and it will put a message into the MLME queue 132 132 - Parameters: 133 133 - Standard timer parameters 134 134 - 135 135 - IRQL = DISPATCH_LEVEL 136 136 - 137 137 - ========================================================================== 138 138 - */ 139 139 - VOID AssocTimeout(IN PVOID SystemSpecific1, 140 140 - IN PVOID FunctionContext, 141 141 - IN PVOID SystemSpecific2, 142 142 - IN PVOID SystemSpecific3) 143 143 - { 144 144 - RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext; 145 145 - 146 146 - // Do nothing if the driver is starting halt state. 147 147 - // This might happen when timer already been fired before cancel timer with mlmehalt 148 148 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)) 149 149 - return; 150 150 - 151 151 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_ASSOC_TIMEOUT, 0, NULL); 152 152 - RT28XX_MLME_HANDLER(pAd); 153 153 - } 154 154 - 155 155 - /* 156 156 - ========================================================================== 157 157 - Description: 158 158 - Reassociation timeout procedure. After reassociation timeout, this 159 159 - function will be called and put a message into the MLME queue 160 160 - Parameters: 161 161 - Standard timer parameters 162 162 - 163 163 - IRQL = DISPATCH_LEVEL 164 164 - 165 165 - ========================================================================== 166 166 - */ 167 167 - VOID ReassocTimeout(IN PVOID SystemSpecific1, 168 168 - IN PVOID FunctionContext, 169 169 - IN PVOID SystemSpecific2, 170 170 - IN PVOID SystemSpecific3) 171 171 - { 172 172 - RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext; 173 173 - 174 174 - // Do nothing if the driver is starting halt state. 175 175 - // This might happen when timer already been fired before cancel timer with mlmehalt 176 176 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)) 177 177 - return; 178 178 - 179 179 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_REASSOC_TIMEOUT, 0, NULL); 180 180 - RT28XX_MLME_HANDLER(pAd); 181 181 - } 182 182 - 183 183 - /* 184 184 - ========================================================================== 185 185 - Description: 186 186 - Disassociation timeout procedure. After disassociation timeout, this 187 187 - function will be called and put a message into the MLME queue 188 188 - Parameters: 189 189 - Standard timer parameters 190 190 - 191 191 - IRQL = DISPATCH_LEVEL 192 192 - 193 193 - ========================================================================== 194 194 - */ 195 195 - VOID DisassocTimeout(IN PVOID SystemSpecific1, 196 196 - IN PVOID FunctionContext, 197 197 - IN PVOID SystemSpecific2, 198 198 - IN PVOID SystemSpecific3) 199 199 - { 200 200 - RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext; 201 201 - 202 202 - // Do nothing if the driver is starting halt state. 203 203 - // This might happen when timer already been fired before cancel timer with mlmehalt 204 204 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)) 205 205 - return; 206 206 - 207 207 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_DISASSOC_TIMEOUT, 0, NULL); 208 208 - RT28XX_MLME_HANDLER(pAd); 209 209 - } 210 210 - 211 211 - /* 212 212 - ========================================================================== 213 213 - Description: 214 214 - mlme assoc req handling procedure 215 215 - Parameters: 216 216 - Adapter - Adapter pointer 217 217 - Elem - MLME Queue Element 218 218 - Pre: 219 219 - the station has been authenticated and the following information is stored in the config 220 220 - -# SSID 221 221 - -# supported rates and their length 222 222 - -# listen interval (Adapter->StaCfg.default_listen_count) 223 223 - -# Transmit power (Adapter->StaCfg.tx_power) 224 224 - Post : 225 225 - -# An association request frame is generated and sent to the air 226 226 - -# Association timer starts 227 227 - -# Association state -> ASSOC_WAIT_RSP 228 228 - 229 229 - IRQL = DISPATCH_LEVEL 230 230 - 231 231 - ========================================================================== 232 232 - */ 233 233 - VOID MlmeAssocReqAction( 234 234 - IN PRTMP_ADAPTER pAd, 235 235 - IN MLME_QUEUE_ELEM *Elem) 236 236 - { 237 237 - UCHAR ApAddr[6]; 238 238 - HEADER_802_11 AssocHdr; 239 239 - UCHAR Ccx2Len = 5; 240 240 - UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00}; 241 241 - USHORT ListenIntv; 242 242 - ULONG Timeout; 243 243 - USHORT CapabilityInfo; 244 244 - BOOLEAN TimerCancelled; 245 245 - PUCHAR pOutBuffer = NULL; 246 246 - NDIS_STATUS NStatus; 247 247 - ULONG FrameLen = 0; 248 248 - ULONG tmp; 249 249 - USHORT VarIesOffset; 250 250 - UCHAR CkipFlag; 251 251 - UCHAR CkipNegotiationBuffer[CKIP_NEGOTIATION_LENGTH]; 252 252 - UCHAR AironetCkipIe = IE_AIRONET_CKIP; 253 253 - UCHAR AironetCkipLen = CKIP_NEGOTIATION_LENGTH; 254 254 - UCHAR AironetIPAddressIE = IE_AIRONET_IPADDRESS; 255 255 - UCHAR AironetIPAddressLen = AIRONET_IPADDRESS_LENGTH; 256 256 - UCHAR AironetIPAddressBuffer[AIRONET_IPADDRESS_LENGTH] = {0x00, 0x40, 0x96, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00}; 257 257 - USHORT Status; 258 258 - 259 259 - // Block all authentication request durning WPA block period 260 260 - if (pAd->StaCfg.bBlockAssoc == TRUE) 261 261 - { 262 262 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Block Assoc request durning WPA block period!\n")); 263 263 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 264 264 - Status = MLME_STATE_MACHINE_REJECT; 265 265 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status); 266 266 - } 267 267 - // check sanity first 268 268 - else if (MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv)) 269 269 - { 270 270 - RTMPCancelTimer(&pAd->MlmeAux.AssocTimer, &TimerCancelled); 271 271 - COPY_MAC_ADDR(pAd->MlmeAux.Bssid, ApAddr); 272 272 - 273 273 - // Get an unused nonpaged memory 274 274 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); 275 275 - if (NStatus != NDIS_STATUS_SUCCESS) 276 276 - { 277 277 - DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeAssocReqAction() allocate memory failed \n")); 278 278 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 279 279 - Status = MLME_FAIL_NO_RESOURCE; 280 280 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status); 281 281 - return; 282 282 - } 283 283 - 284 284 - // Add by James 03/06/27 285 285 - pAd->StaCfg.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION); 286 286 - // Association don't need to report MAC address 287 287 - pAd->StaCfg.AssocInfo.AvailableRequestFixedIEs = 288 288 - NDIS_802_11_AI_REQFI_CAPABILITIES | NDIS_802_11_AI_REQFI_LISTENINTERVAL; 289 289 - pAd->StaCfg.AssocInfo.RequestFixedIEs.Capabilities = CapabilityInfo; 290 290 - pAd->StaCfg.AssocInfo.RequestFixedIEs.ListenInterval = ListenIntv; 291 291 - // Only reassociate need this 292 292 - //COPY_MAC_ADDR(pAd->StaCfg.AssocInfo.RequestFixedIEs.CurrentAPAddress, ApAddr); 293 293 - pAd->StaCfg.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION); 294 294 - 295 295 - NdisZeroMemory(pAd->StaCfg.ReqVarIEs, MAX_VIE_LEN); 296 296 - // First add SSID 297 297 - VarIesOffset = 0; 298 298 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &SsidIe, 1); 299 299 - VarIesOffset += 1; 300 300 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SsidLen, 1); 301 301 - VarIesOffset += 1; 302 302 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen); 303 303 - VarIesOffset += pAd->MlmeAux.SsidLen; 304 304 - 305 305 - // Second add Supported rates 306 306 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &SupRateIe, 1); 307 307 - VarIesOffset += 1; 308 308 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SupRateLen, 1); 309 309 - VarIesOffset += 1; 310 310 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->MlmeAux.SupRate, pAd->MlmeAux.SupRateLen); 311 311 - VarIesOffset += pAd->MlmeAux.SupRateLen; 312 312 - // End Add by James 313 313 - 314 314 - if ((pAd->CommonCfg.Channel > 14) && 315 315 - (pAd->CommonCfg.bIEEE80211H == TRUE)) 316 316 - CapabilityInfo |= 0x0100; 317 317 - 318 318 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send ASSOC request...\n")); 319 319 - MgtMacHeaderInit(pAd, &AssocHdr, SUBTYPE_ASSOC_REQ, 0, ApAddr, ApAddr); 320 320 - 321 321 - // Build basic frame first 322 322 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 323 323 - sizeof(HEADER_802_11), &AssocHdr, 324 324 - 2, &CapabilityInfo, 325 325 - 2, &ListenIntv, 326 326 - 1, &SsidIe, 327 327 - 1, &pAd->MlmeAux.SsidLen, 328 328 - pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid, 329 329 - 1, &SupRateIe, 330 330 - 1, &pAd->MlmeAux.SupRateLen, 331 331 - pAd->MlmeAux.SupRateLen, pAd->MlmeAux.SupRate, 332 332 - END_OF_ARGS); 333 333 - 334 334 - if (pAd->MlmeAux.ExtRateLen != 0) 335 335 - { 336 336 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 337 337 - 1, &ExtRateIe, 338 338 - 1, &pAd->MlmeAux.ExtRateLen, 339 339 - pAd->MlmeAux.ExtRateLen, pAd->MlmeAux.ExtRate, 340 340 - END_OF_ARGS); 341 341 - FrameLen += tmp; 342 342 - } 343 343 - 344 344 - // HT 345 345 - if ((pAd->MlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)) 346 346 - { 347 347 - ULONG TmpLen; 348 348 - UCHAR HtLen; 349 349 - UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33}; 350 350 - if (pAd->StaActive.SupportedPhyInfo.bPreNHt == TRUE) 351 351 - { 352 352 - HtLen = SIZE_HT_CAP_IE + 4; 353 353 - MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen, 354 354 - 1, &WpaIe, 355 355 - 1, &HtLen, 356 356 - 4, &BROADCOM[0], 357 357 - pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability, 358 358 - END_OF_ARGS); 359 359 - } 360 360 - else 361 361 - { 362 362 - MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen, 363 363 - 1, &HtCapIe, 364 364 - 1, &pAd->MlmeAux.HtCapabilityLen, 365 365 - pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability, 366 366 - END_OF_ARGS); 367 367 - } 368 368 - FrameLen += TmpLen; 369 369 - } 370 370 - 371 371 - // add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION 372 372 - // Case I: (Aggregation + Piggy-Back) 373 373 - // 1. user enable aggregation, AND 374 374 - // 2. Mac support piggy-back 375 375 - // 3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON 376 376 - // Case II: (Aggregation) 377 377 - // 1. user enable aggregation, AND 378 378 - // 2. AP annouces it's AGGREGATION-capable in BEACON 379 379 - if (pAd->CommonCfg.bAggregationCapable) 380 380 - { 381 381 - if ((pAd->CommonCfg.bPiggyBackCapable) && ((pAd->MlmeAux.APRalinkIe & 0x00000003) == 3)) 382 382 - { 383 383 - ULONG TmpLen; 384 384 - UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00}; 385 385 - MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen, 386 386 - 9, RalinkIe, 387 387 - END_OF_ARGS); 388 388 - FrameLen += TmpLen; 389 389 - } 390 390 - else if (pAd->MlmeAux.APRalinkIe & 0x00000001) 391 391 - { 392 392 - ULONG TmpLen; 393 393 - UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00}; 394 394 - MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen, 395 395 - 9, RalinkIe, 396 396 - END_OF_ARGS); 397 397 - FrameLen += TmpLen; 398 398 - } 399 399 - } 400 400 - else 401 401 - { 402 402 - ULONG TmpLen; 403 403 - UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x06, 0x00, 0x00, 0x00}; 404 404 - MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen, 405 405 - 9, RalinkIe, 406 406 - END_OF_ARGS); 407 407 - FrameLen += TmpLen; 408 408 - } 409 409 - 410 410 - if (pAd->MlmeAux.APEdcaParm.bValid) 411 411 - { 412 412 - if (pAd->CommonCfg.bAPSDCapable && pAd->MlmeAux.APEdcaParm.bAPSDCapable) 413 413 - { 414 414 - QBSS_STA_INFO_PARM QosInfo; 415 415 - 416 416 - NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM)); 417 417 - QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE; 418 418 - QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK; 419 419 - QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI; 420 420 - QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO; 421 421 - QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength; 422 422 - WmeIe[8] |= *(PUCHAR)&QosInfo; 423 423 - } 424 424 - else 425 425 - { 426 426 - // The Parameter Set Count is set to ��0�� in the association request frames 427 427 - // WmeIe[8] |= (pAd->MlmeAux.APEdcaParm.EdcaUpdateCount & 0x0f); 428 428 - } 429 429 - 430 430 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 431 431 - 9, &WmeIe[0], 432 432 - END_OF_ARGS); 433 433 - FrameLen += tmp; 434 434 - } 435 435 - 436 436 - // 437 437 - // Let WPA(#221) Element ID on the end of this association frame. 438 438 - // Otherwise some AP will fail on parsing Element ID and set status fail on Assoc Rsp. 439 439 - // For example: Put Vendor Specific IE on the front of WPA IE. 440 440 - // This happens on AP (Model No:Linksys WRK54G) 441 441 - // 442 442 - if (((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) || 443 443 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) || 444 444 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) || 445 445 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) 446 446 - ) 447 447 - ) 448 448 - { 449 449 - UCHAR RSNIe = IE_WPA; 450 450 - 451 451 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) || 452 452 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2)) 453 453 - { 454 454 - RSNIe = IE_WPA2; 455 455 - } 456 456 - 457 457 - #ifdef SIOCSIWGENIE 458 458 - if (pAd->StaCfg.WpaSupplicantUP != 1) 459 459 - #endif // SIOCSIWGENIE // 460 460 - RTMPMakeRSNIE(pAd, pAd->StaCfg.AuthMode, pAd->StaCfg.WepStatus, BSS0); 461 461 - 462 462 - // Check for WPA PMK cache list 463 463 - if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) 464 464 - { 465 465 - INT idx; 466 466 - BOOLEAN FoundPMK = FALSE; 467 467 - // Search chched PMKID, append it if existed 468 468 - for (idx = 0; idx < PMKID_NO; idx++) 469 469 - { 470 470 - if (NdisEqualMemory(ApAddr, &pAd->StaCfg.SavedPMK[idx].BSSID, 6)) 471 471 - { 472 472 - FoundPMK = TRUE; 473 473 - break; 474 474 - } 475 475 - } 476 476 - 477 477 - if (FoundPMK) 478 478 - { 479 479 - // Set PMK number 480 480 - *(PUSHORT) &pAd->StaCfg.RSN_IE[pAd->StaCfg.RSNIE_Len] = 1; 481 481 - NdisMoveMemory(&pAd->StaCfg.RSN_IE[pAd->StaCfg.RSNIE_Len + 2], &pAd->StaCfg.SavedPMK[idx].PMKID, 16); 482 482 - pAd->StaCfg.RSNIE_Len += 18; 483 483 - } 484 484 - } 485 485 - 486 486 - #ifdef SIOCSIWGENIE 487 487 - if (pAd->StaCfg.WpaSupplicantUP == 1) 488 488 - { 489 489 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 490 490 - pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE, 491 491 - END_OF_ARGS); 492 492 - } 493 493 - else 494 494 - #endif 495 495 - { 496 496 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 497 497 - 1, &RSNIe, 498 498 - 1, &pAd->StaCfg.RSNIE_Len, 499 499 - pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE, 500 500 - END_OF_ARGS); 501 501 - } 502 502 - 503 503 - FrameLen += tmp; 504 504 - 505 505 - #ifdef SIOCSIWGENIE 506 506 - if (pAd->StaCfg.WpaSupplicantUP != 1) 507 507 - #endif 508 508 - { 509 509 - // Append Variable IE 510 510 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &RSNIe, 1); 511 511 - VarIesOffset += 1; 512 512 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->StaCfg.RSNIE_Len, 1); 513 513 - VarIesOffset += 1; 514 514 - } 515 515 - NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->StaCfg.RSN_IE, pAd->StaCfg.RSNIE_Len); 516 516 - VarIesOffset += pAd->StaCfg.RSNIE_Len; 517 517 - 518 518 - // Set Variable IEs Length 519 519 - pAd->StaCfg.ReqVarIELen = VarIesOffset; 520 520 - } 521 521 - 522 522 - // We have update that at PeerBeaconAtJoinRequest() 523 523 - CkipFlag = pAd->StaCfg.CkipFlag; 524 524 - if (CkipFlag != 0) 525 525 - { 526 526 - NdisZeroMemory(CkipNegotiationBuffer, CKIP_NEGOTIATION_LENGTH); 527 527 - CkipNegotiationBuffer[2] = 0x66; 528 528 - // Make it try KP & MIC, since we have to follow the result from AssocRsp 529 529 - CkipNegotiationBuffer[8] = 0x18; 530 530 - CkipNegotiationBuffer[CKIP_NEGOTIATION_LENGTH - 1] = 0x22; 531 531 - CkipFlag = 0x18; 532 532 - 533 533 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 534 534 - 1, &AironetCkipIe, 535 535 - 1, &AironetCkipLen, 536 536 - AironetCkipLen, CkipNegotiationBuffer, 537 537 - END_OF_ARGS); 538 538 - FrameLen += tmp; 539 539 - } 540 540 - 541 541 - // Add CCX v2 request if CCX2 admin state is on 542 542 - if (pAd->StaCfg.CCXControl.field.Enable == 1) 543 543 - { 544 544 - 545 545 - // 546 546 - // Add AironetIPAddressIE for Cisco CCX 2.X 547 547 - // Add CCX Version 548 548 - // 549 549 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 550 550 - 1, &AironetIPAddressIE, 551 551 - 1, &AironetIPAddressLen, 552 552 - AironetIPAddressLen, AironetIPAddressBuffer, 553 553 - 1, &Ccx2Ie, 554 554 - 1, &Ccx2Len, 555 555 - Ccx2Len, Ccx2IeInfo, 556 556 - END_OF_ARGS); 557 557 - FrameLen += tmp; 558 558 - 559 559 - // Add by James 03/06/27 560 560 - // Set Variable IEs Length 561 561 - pAd->StaCfg.ReqVarIELen = VarIesOffset; 562 562 - pAd->StaCfg.AssocInfo.RequestIELength = VarIesOffset; 563 563 - 564 564 - // OffsetResponseIEs follow ReqVarIE 565 565 - pAd->StaCfg.AssocInfo.OffsetResponseIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION) + pAd->StaCfg.ReqVarIELen; 566 566 - // End Add by James 567 567 - } 568 568 - 569 569 - 570 570 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 571 571 - MlmeFreeMemory(pAd, pOutBuffer); 572 572 - 573 573 - RTMPSetTimer(&pAd->MlmeAux.AssocTimer, Timeout); 574 574 - pAd->Mlme.AssocMachine.CurrState = ASSOC_WAIT_RSP; 575 575 - } 576 576 - else 577 577 - { 578 578 - DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeAssocReqAction() sanity check failed. BUG!!!!!! \n")); 579 579 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 580 580 - Status = MLME_INVALID_FORMAT; 581 581 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status); 582 582 - } 583 583 - 584 584 - } 585 585 - 586 586 - /* 587 587 - ========================================================================== 588 588 - Description: 589 589 - mlme reassoc req handling procedure 590 590 - Parameters: 591 591 - Elem - 592 592 - Pre: 593 593 - -# SSID (Adapter->StaCfg.ssid[]) 594 594 - -# BSSID (AP address, Adapter->StaCfg.bssid) 595 595 - -# Supported rates (Adapter->StaCfg.supported_rates[]) 596 596 - -# Supported rates length (Adapter->StaCfg.supported_rates_len) 597 597 - -# Tx power (Adapter->StaCfg.tx_power) 598 598 - 599 599 - IRQL = DISPATCH_LEVEL 600 600 - 601 601 - ========================================================================== 602 602 - */ 603 603 - VOID MlmeReassocReqAction( 604 604 - IN PRTMP_ADAPTER pAd, 605 605 - IN MLME_QUEUE_ELEM *Elem) 606 606 - { 607 607 - UCHAR ApAddr[6]; 608 608 - HEADER_802_11 ReassocHdr; 609 609 - UCHAR Ccx2Len = 5; 610 610 - UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00}; 611 611 - USHORT CapabilityInfo, ListenIntv; 612 612 - ULONG Timeout; 613 613 - ULONG FrameLen = 0; 614 614 - BOOLEAN TimerCancelled; 615 615 - NDIS_STATUS NStatus; 616 616 - ULONG tmp; 617 617 - PUCHAR pOutBuffer = NULL; 618 618 - USHORT Status; 619 619 - 620 620 - // Block all authentication request durning WPA block period 621 621 - if (pAd->StaCfg.bBlockAssoc == TRUE) 622 622 - { 623 623 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Block ReAssoc request durning WPA block period!\n")); 624 624 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 625 625 - Status = MLME_STATE_MACHINE_REJECT; 626 626 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status); 627 627 - } 628 628 - // the parameters are the same as the association 629 629 - else if(MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv)) 630 630 - { 631 631 - RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer, &TimerCancelled); 632 632 - 633 633 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 634 634 - if(NStatus != NDIS_STATUS_SUCCESS) 635 635 - { 636 636 - DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeReassocReqAction() allocate memory failed \n")); 637 637 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 638 638 - Status = MLME_FAIL_NO_RESOURCE; 639 639 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status); 640 640 - return; 641 641 - } 642 642 - 643 643 - COPY_MAC_ADDR(pAd->MlmeAux.Bssid, ApAddr); 644 644 - 645 645 - // make frame, use bssid as the AP address?? 646 646 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send RE-ASSOC request...\n")); 647 647 - MgtMacHeaderInit(pAd, &ReassocHdr, SUBTYPE_REASSOC_REQ, 0, ApAddr, ApAddr); 648 648 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 649 649 - sizeof(HEADER_802_11), &ReassocHdr, 650 650 - 2, &CapabilityInfo, 651 651 - 2, &ListenIntv, 652 652 - MAC_ADDR_LEN, ApAddr, 653 653 - 1, &SsidIe, 654 654 - 1, &pAd->MlmeAux.SsidLen, 655 655 - pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid, 656 656 - 1, &SupRateIe, 657 657 - 1, &pAd->MlmeAux.SupRateLen, 658 658 - pAd->MlmeAux.SupRateLen, pAd->MlmeAux.SupRate, 659 659 - END_OF_ARGS); 660 660 - 661 661 - if (pAd->MlmeAux.ExtRateLen != 0) 662 662 - { 663 663 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 664 664 - 1, &ExtRateIe, 665 665 - 1, &pAd->MlmeAux.ExtRateLen, 666 666 - pAd->MlmeAux.ExtRateLen, pAd->MlmeAux.ExtRate, 667 667 - END_OF_ARGS); 668 668 - FrameLen += tmp; 669 669 - } 670 670 - 671 671 - if (pAd->MlmeAux.APEdcaParm.bValid) 672 672 - { 673 673 - if (pAd->CommonCfg.bAPSDCapable && pAd->MlmeAux.APEdcaParm.bAPSDCapable) 674 674 - { 675 675 - QBSS_STA_INFO_PARM QosInfo; 676 676 - 677 677 - NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM)); 678 678 - QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE; 679 679 - QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK; 680 680 - QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI; 681 681 - QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO; 682 682 - QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength; 683 683 - WmeIe[8] |= *(PUCHAR)&QosInfo; 684 684 - } 685 685 - 686 686 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 687 687 - 9, &WmeIe[0], 688 688 - END_OF_ARGS); 689 689 - FrameLen += tmp; 690 690 - } 691 691 - 692 692 - // HT 693 693 - if ((pAd->MlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)) 694 694 - { 695 695 - ULONG TmpLen; 696 696 - UCHAR HtLen; 697 697 - UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33}; 698 698 - if (pAd->StaActive.SupportedPhyInfo.bPreNHt == TRUE) 699 699 - { 700 700 - HtLen = SIZE_HT_CAP_IE + 4; 701 701 - MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen, 702 702 - 1, &WpaIe, 703 703 - 1, &HtLen, 704 704 - 4, &BROADCOM[0], 705 705 - pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability, 706 706 - END_OF_ARGS); 707 707 - } 708 708 - else 709 709 - { 710 710 - MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen, 711 711 - 1, &HtCapIe, 712 712 - 1, &pAd->MlmeAux.HtCapabilityLen, 713 713 - pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability, 714 714 - END_OF_ARGS); 715 715 - } 716 716 - FrameLen += TmpLen; 717 717 - } 718 718 - 719 719 - // add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION 720 720 - // Case I: (Aggregation + Piggy-Back) 721 721 - // 1. user enable aggregation, AND 722 722 - // 2. Mac support piggy-back 723 723 - // 3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON 724 724 - // Case II: (Aggregation) 725 725 - // 1. user enable aggregation, AND 726 726 - // 2. AP annouces it's AGGREGATION-capable in BEACON 727 727 - if (pAd->CommonCfg.bAggregationCapable) 728 728 - { 729 729 - if ((pAd->CommonCfg.bPiggyBackCapable) && ((pAd->MlmeAux.APRalinkIe & 0x00000003) == 3)) 730 730 - { 731 731 - ULONG TmpLen; 732 732 - UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00}; 733 733 - MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen, 734 734 - 9, RalinkIe, 735 735 - END_OF_ARGS); 736 736 - FrameLen += TmpLen; 737 737 - } 738 738 - else if (pAd->MlmeAux.APRalinkIe & 0x00000001) 739 739 - { 740 740 - ULONG TmpLen; 741 741 - UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00}; 742 742 - MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen, 743 743 - 9, RalinkIe, 744 744 - END_OF_ARGS); 745 745 - FrameLen += TmpLen; 746 746 - } 747 747 - } 748 748 - else 749 749 - { 750 750 - ULONG TmpLen; 751 751 - UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x04, 0x00, 0x00, 0x00}; 752 752 - MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen, 753 753 - 9, RalinkIe, 754 754 - END_OF_ARGS); 755 755 - FrameLen += TmpLen; 756 756 - } 757 757 - 758 758 - // Add CCX v2 request if CCX2 admin state is on 759 759 - if (pAd->StaCfg.CCXControl.field.Enable == 1) 760 760 - { 761 761 - // 762 762 - // Add CCX Version 763 763 - // 764 764 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 765 765 - 1, &Ccx2Ie, 766 766 - 1, &Ccx2Len, 767 767 - Ccx2Len, Ccx2IeInfo, 768 768 - END_OF_ARGS); 769 769 - FrameLen += tmp; 770 770 - } 771 771 - 772 772 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 773 773 - MlmeFreeMemory(pAd, pOutBuffer); 774 774 - 775 775 - RTMPSetTimer(&pAd->MlmeAux.ReassocTimer, Timeout); /* in mSec */ 776 776 - pAd->Mlme.AssocMachine.CurrState = REASSOC_WAIT_RSP; 777 777 - } 778 778 - else 779 779 - { 780 780 - DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeReassocReqAction() sanity check failed. BUG!!!! \n")); 781 781 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 782 782 - Status = MLME_INVALID_FORMAT; 783 783 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status); 784 784 - } 785 785 - } 786 786 - 787 787 - /* 788 788 - ========================================================================== 789 789 - Description: 790 790 - Upper layer issues disassoc request 791 791 - Parameters: 792 792 - Elem - 793 793 - 794 794 - IRQL = PASSIVE_LEVEL 795 795 - 796 796 - ========================================================================== 797 797 - */ 798 798 - VOID MlmeDisassocReqAction( 799 799 - IN PRTMP_ADAPTER pAd, 800 800 - IN MLME_QUEUE_ELEM *Elem) 801 801 - { 802 802 - PMLME_DISASSOC_REQ_STRUCT pDisassocReq; 803 803 - HEADER_802_11 DisassocHdr; 804 804 - PHEADER_802_11 pDisassocHdr; 805 805 - PUCHAR pOutBuffer = NULL; 806 806 - ULONG FrameLen = 0; 807 807 - NDIS_STATUS NStatus; 808 808 - BOOLEAN TimerCancelled; 809 809 - ULONG Timeout = 0; 810 810 - USHORT Status; 811 811 - 812 812 - // skip sanity check 813 813 - pDisassocReq = (PMLME_DISASSOC_REQ_STRUCT)(Elem->Msg); 814 814 - 815 815 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 816 816 - if (NStatus != NDIS_STATUS_SUCCESS) 817 817 - { 818 818 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - MlmeDisassocReqAction() allocate memory failed\n")); 819 819 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 820 820 - Status = MLME_FAIL_NO_RESOURCE; 821 821 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status); 822 822 - return; 823 823 - } 824 824 - 825 825 - 826 826 - 827 827 - RTMPCancelTimer(&pAd->MlmeAux.DisassocTimer, &TimerCancelled); 828 828 - 829 829 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send DISASSOC request[BSSID::%02x:%02x:%02x:%02x:%02x:%02x (Reason=%d)\n", 830 830 - pDisassocReq->Addr[0], pDisassocReq->Addr[1], pDisassocReq->Addr[2], 831 831 - pDisassocReq->Addr[3], pDisassocReq->Addr[4], pDisassocReq->Addr[5], pDisassocReq->Reason)); 832 832 - MgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pDisassocReq->Addr, pDisassocReq->Addr); // patch peap ttls switching issue 833 833 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 834 834 - sizeof(HEADER_802_11),&DisassocHdr, 835 835 - 2, &pDisassocReq->Reason, 836 836 - END_OF_ARGS); 837 837 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 838 838 - 839 839 - // To patch Instance and Buffalo(N) AP 840 840 - // Driver has to send deauth to Instance AP, but Buffalo(N) needs to send disassoc to reset Authenticator's state machine 841 841 - // Therefore, we send both of them. 842 842 - pDisassocHdr = (PHEADER_802_11)pOutBuffer; 843 843 - pDisassocHdr->FC.SubType = SUBTYPE_DEAUTH; 844 844 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 845 845 - 846 846 - MlmeFreeMemory(pAd, pOutBuffer); 847 847 - 848 848 - pAd->StaCfg.DisassocReason = REASON_DISASSOC_STA_LEAVING; 849 849 - COPY_MAC_ADDR(pAd->StaCfg.DisassocSta, pDisassocReq->Addr); 850 850 - 851 851 - RTMPSetTimer(&pAd->MlmeAux.DisassocTimer, Timeout); /* in mSec */ 852 852 - pAd->Mlme.AssocMachine.CurrState = DISASSOC_WAIT_RSP; 853 853 - 854 854 - { 855 855 - union iwreq_data wrqu; 856 856 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 857 857 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 858 858 - } 859 859 - } 860 860 - 861 861 - /* 862 862 - ========================================================================== 863 863 - Description: 864 864 - peer sends assoc rsp back 865 865 - Parameters: 866 866 - Elme - MLME message containing the received frame 867 867 - 868 868 - IRQL = DISPATCH_LEVEL 869 869 - 870 870 - ========================================================================== 871 871 - */ 872 872 - VOID PeerAssocRspAction( 873 873 - IN PRTMP_ADAPTER pAd, 874 874 - IN MLME_QUEUE_ELEM *Elem) 875 875 - { 876 876 - USHORT CapabilityInfo, Status, Aid; 877 877 - UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], SupRateLen; 878 878 - UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRateLen; 879 879 - UCHAR Addr2[MAC_ADDR_LEN]; 880 880 - BOOLEAN TimerCancelled; 881 881 - UCHAR CkipFlag; 882 882 - EDCA_PARM EdcaParm; 883 883 - HT_CAPABILITY_IE HtCapability; 884 884 - ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE 885 885 - UCHAR HtCapabilityLen; 886 886 - UCHAR AddHtInfoLen; 887 887 - UCHAR NewExtChannelOffset = 0xff; 888 888 - 889 889 - if (PeerAssocRspSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &CapabilityInfo, &Status, &Aid, SupRate, &SupRateLen, ExtRate, &ExtRateLen, 890 890 - &HtCapability,&AddHtInfo, &HtCapabilityLen,&AddHtInfoLen,&NewExtChannelOffset, &EdcaParm, &CkipFlag)) 891 891 - { 892 892 - // The frame is for me ? 893 893 - if(MAC_ADDR_EQUAL(Addr2, pAd->MlmeAux.Bssid)) 894 894 - { 895 895 - DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspAction():ASSOC - receive ASSOC_RSP to me (status=%d)\n", Status)); 896 896 - DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspAction():MacTable [%d].AMsduSize = %d. ClientStatusFlags = 0x%lx \n",Elem->Wcid, pAd->MacTab.Content[BSSID_WCID].AMsduSize, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags)); 897 897 - RTMPCancelTimer(&pAd->MlmeAux.AssocTimer, &TimerCancelled); 898 898 - if(Status == MLME_SUCCESS) 899 899 - { 900 900 - UCHAR MaxSupportedRateIn500Kbps = 0; 901 901 - UCHAR idx; 902 902 - 903 903 - // supported rates array may not be sorted. sort it and find the maximum rate 904 904 - for (idx=0; idx<SupRateLen; idx++) 905 905 - { 906 906 - if (MaxSupportedRateIn500Kbps < (SupRate[idx] & 0x7f)) 907 907 - MaxSupportedRateIn500Kbps = SupRate[idx] & 0x7f; 908 908 - } 909 909 - 910 910 - for (idx=0; idx<ExtRateLen; idx++) 911 911 - { 912 912 - if (MaxSupportedRateIn500Kbps < (ExtRate[idx] & 0x7f)) 913 913 - MaxSupportedRateIn500Kbps = ExtRate[idx] & 0x7f; 914 914 - } 915 915 - // go to procedure listed on page 376 916 916 - AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen, 917 917 - &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo); 918 918 - 919 919 - StaAddMacTableEntry(pAd, &pAd->MacTab.Content[BSSID_WCID], MaxSupportedRateIn500Kbps, &HtCapability, HtCapabilityLen, CapabilityInfo); 920 920 - 921 921 - pAd->StaCfg.CkipFlag = CkipFlag; 922 922 - if (CkipFlag & 0x18) 923 923 - { 924 924 - NdisZeroMemory(pAd->StaCfg.TxSEQ, 4); 925 925 - NdisZeroMemory(pAd->StaCfg.RxSEQ, 4); 926 926 - NdisZeroMemory(pAd->StaCfg.CKIPMIC, 4); 927 927 - pAd->StaCfg.GIV[0] = RandomByte(pAd); 928 928 - pAd->StaCfg.GIV[1] = RandomByte(pAd); 929 929 - pAd->StaCfg.GIV[2] = RandomByte(pAd); 930 930 - pAd->StaCfg.bCkipOn = TRUE; 931 931 - DBGPRINT(RT_DEBUG_TRACE, ("<CCX> pAd->StaCfg.CkipFlag = 0x%02x\n", pAd->StaCfg.CkipFlag)); 932 932 - } 933 933 - } 934 934 - else 935 935 - { 936 936 - } 937 937 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 938 938 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status); 939 939 - } 940 940 - } 941 941 - else 942 942 - { 943 943 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerAssocRspAction() sanity check fail\n")); 944 944 - } 945 945 - } 946 946 - 947 947 - /* 948 948 - ========================================================================== 949 949 - Description: 950 950 - peer sends reassoc rsp 951 951 - Parametrs: 952 952 - Elem - MLME message cntaining the received frame 953 953 - 954 954 - IRQL = DISPATCH_LEVEL 955 955 - 956 956 - ========================================================================== 957 957 - */ 958 958 - VOID PeerReassocRspAction( 959 959 - IN PRTMP_ADAPTER pAd, 960 960 - IN MLME_QUEUE_ELEM *Elem) 961 961 - { 962 962 - USHORT CapabilityInfo; 963 963 - USHORT Status; 964 964 - USHORT Aid; 965 965 - UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], SupRateLen; 966 966 - UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRateLen; 967 967 - UCHAR Addr2[MAC_ADDR_LEN]; 968 968 - UCHAR CkipFlag; 969 969 - BOOLEAN TimerCancelled; 970 970 - EDCA_PARM EdcaParm; 971 971 - HT_CAPABILITY_IE HtCapability; 972 972 - ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE 973 973 - UCHAR HtCapabilityLen; 974 974 - UCHAR AddHtInfoLen; 975 975 - UCHAR NewExtChannelOffset = 0xff; 976 976 - 977 977 - if(PeerAssocRspSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &CapabilityInfo, &Status, &Aid, SupRate, &SupRateLen, ExtRate, &ExtRateLen, 978 978 - &HtCapability, &AddHtInfo, &HtCapabilityLen, &AddHtInfoLen,&NewExtChannelOffset, &EdcaParm, &CkipFlag)) 979 979 - { 980 980 - if(MAC_ADDR_EQUAL(Addr2, pAd->MlmeAux.Bssid)) // The frame is for me ? 981 981 - { 982 982 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - receive REASSOC_RSP to me (status=%d)\n", Status)); 983 983 - RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer, &TimerCancelled); 984 984 - 985 985 - if(Status == MLME_SUCCESS) 986 986 - { 987 987 - // go to procedure listed on page 376 988 988 - AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen, 989 989 - &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo); 990 990 - 991 991 - { 992 992 - union iwreq_data wrqu; 993 993 - wext_notify_event_assoc(pAd); 994 994 - 995 995 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 996 996 - memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN); 997 997 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 998 998 - 999 999 - } 1000 1000 - 1001 1001 - } 1002 1002 - 1003 1003 - { 1004 1004 - // CkipFlag is no use for reassociate 1005 1005 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1006 1006 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status); 1007 1007 - } 1008 1008 - } 1009 1009 - } 1010 1010 - else 1011 1011 - { 1012 1012 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerReassocRspAction() sanity check fail\n")); 1013 1013 - } 1014 1014 - 1015 1015 - } 1016 1016 - 1017 1017 - /* 1018 1018 - ========================================================================== 1019 1019 - Description: 1020 1020 - procedures on IEEE 802.11/1999 p.376 1021 1021 - Parametrs: 1022 1022 - 1023 1023 - IRQL = DISPATCH_LEVEL 1024 1024 - 1025 1025 - ========================================================================== 1026 1026 - */ 1027 1027 - VOID AssocPostProc( 1028 1028 - IN PRTMP_ADAPTER pAd, 1029 1029 - IN PUCHAR pAddr2, 1030 1030 - IN USHORT CapabilityInfo, 1031 1031 - IN USHORT Aid, 1032 1032 - IN UCHAR SupRate[], 1033 1033 - IN UCHAR SupRateLen, 1034 1034 - IN UCHAR ExtRate[], 1035 1035 - IN UCHAR ExtRateLen, 1036 1036 - IN PEDCA_PARM pEdcaParm, 1037 1037 - IN HT_CAPABILITY_IE *pHtCapability, 1038 1038 - IN UCHAR HtCapabilityLen, 1039 1039 - IN ADD_HT_INFO_IE *pAddHtInfo) // AP might use this additional ht info IE 1040 1040 - { 1041 1041 - ULONG Idx; 1042 1042 - 1043 1043 - pAd->MlmeAux.BssType = BSS_INFRA; 1044 1044 - COPY_MAC_ADDR(pAd->MlmeAux.Bssid, pAddr2); 1045 1045 - pAd->MlmeAux.Aid = Aid; 1046 1046 - pAd->MlmeAux.CapabilityInfo = CapabilityInfo & SUPPORTED_CAPABILITY_INFO; 1047 1047 - 1048 1048 - // Some HT AP might lost WMM IE. We add WMM ourselves. beacuase HT requires QoS on. 1049 1049 - if ((HtCapabilityLen > 0) && (pEdcaParm->bValid == FALSE)) 1050 1050 - { 1051 1051 - pEdcaParm->bValid = TRUE; 1052 1052 - pEdcaParm->Aifsn[0] = 3; 1053 1053 - pEdcaParm->Aifsn[1] = 7; 1054 1054 - pEdcaParm->Aifsn[2] = 2; 1055 1055 - pEdcaParm->Aifsn[3] = 2; 1056 1056 - 1057 1057 - pEdcaParm->Cwmin[0] = 4; 1058 1058 - pEdcaParm->Cwmin[1] = 4; 1059 1059 - pEdcaParm->Cwmin[2] = 3; 1060 1060 - pEdcaParm->Cwmin[3] = 2; 1061 1061 - 1062 1062 - pEdcaParm->Cwmax[0] = 10; 1063 1063 - pEdcaParm->Cwmax[1] = 10; 1064 1064 - pEdcaParm->Cwmax[2] = 4; 1065 1065 - pEdcaParm->Cwmax[3] = 3; 1066 1066 - 1067 1067 - pEdcaParm->Txop[0] = 0; 1068 1068 - pEdcaParm->Txop[1] = 0; 1069 1069 - pEdcaParm->Txop[2] = 96; 1070 1070 - pEdcaParm->Txop[3] = 48; 1071 1071 - 1072 1072 - } 1073 1073 - 1074 1074 - NdisMoveMemory(&pAd->MlmeAux.APEdcaParm, pEdcaParm, sizeof(EDCA_PARM)); 1075 1075 - 1076 1076 - // filter out un-supported rates 1077 1077 - pAd->MlmeAux.SupRateLen = SupRateLen; 1078 1078 - NdisMoveMemory(pAd->MlmeAux.SupRate, SupRate, SupRateLen); 1079 1079 - RTMPCheckRates(pAd, pAd->MlmeAux.SupRate, &pAd->MlmeAux.SupRateLen); 1080 1080 - 1081 1081 - // filter out un-supported rates 1082 1082 - pAd->MlmeAux.ExtRateLen = ExtRateLen; 1083 1083 - NdisMoveMemory(pAd->MlmeAux.ExtRate, ExtRate, ExtRateLen); 1084 1084 - RTMPCheckRates(pAd, pAd->MlmeAux.ExtRate, &pAd->MlmeAux.ExtRateLen); 1085 1085 - 1086 1086 - if (HtCapabilityLen > 0) 1087 1087 - { 1088 1088 - RTMPCheckHt(pAd, BSSID_WCID, pHtCapability, pAddHtInfo); 1089 1089 - } 1090 1090 - DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> AP.AMsduSize = %d. ClientStatusFlags = 0x%lx \n", pAd->MacTab.Content[BSSID_WCID].AMsduSize, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags)); 1091 1091 - 1092 1092 - DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> (Mmps=%d, AmsduSize=%d, )\n", 1093 1093 - pAd->MacTab.Content[BSSID_WCID].MmpsMode, pAd->MacTab.Content[BSSID_WCID].AMsduSize)); 1094 1094 - 1095 1095 - // Set New WPA information 1096 1096 - Idx = BssTableSearch(&pAd->ScanTab, pAddr2, pAd->MlmeAux.Channel); 1097 1097 - if (Idx == BSS_NOT_FOUND) 1098 1098 - { 1099 1099 - DBGPRINT_ERR(("ASSOC - Can't find BSS after receiving Assoc response\n")); 1100 1100 - } 1101 1101 - else 1102 1102 - { 1103 1103 - // Init variable 1104 1104 - pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = 0; 1105 1105 - NdisZeroMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, MAX_LEN_OF_RSNIE); 1106 1106 - 1107 1107 - // Store appropriate RSN_IE for WPA SM negotiation later 1108 1108 - if ((pAd->StaCfg.AuthMode >= Ndis802_11AuthModeWPA) && (pAd->ScanTab.BssEntry[Idx].VarIELen != 0)) 1109 1109 - { 1110 1110 - PUCHAR pVIE; 1111 1111 - USHORT len; 1112 1112 - PEID_STRUCT pEid; 1113 1113 - 1114 1114 - pVIE = pAd->ScanTab.BssEntry[Idx].VarIEs; 1115 1115 - len = pAd->ScanTab.BssEntry[Idx].VarIELen; 1116 1116 - 1117 1117 - while (len > 0) 1118 1118 - { 1119 1119 - pEid = (PEID_STRUCT) pVIE; 1120 1120 - // For WPA/WPAPSK 1121 1121 - if ((pEid->Eid == IE_WPA) && (NdisEqualMemory(pEid->Octet, WPA_OUI, 4)) 1122 1122 - && (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK)) 1123 1123 - { 1124 1124 - NdisMoveMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, pVIE, (pEid->Len + 2)); 1125 1125 - pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = (pEid->Len + 2); 1126 1126 - DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> Store RSN_IE for WPA SM negotiation \n")); 1127 1127 - } 1128 1128 - // For WPA2/WPA2PSK 1129 1129 - else if ((pEid->Eid == IE_RSN) && (NdisEqualMemory(pEid->Octet + 2, RSN_OUI, 3)) 1130 1130 - && (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2 || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK)) 1131 1131 - { 1132 1132 - NdisMoveMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, pVIE, (pEid->Len + 2)); 1133 1133 - pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = (pEid->Len + 2); 1134 1134 - DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> Store RSN_IE for WPA2 SM negotiation \n")); 1135 1135 - } 1136 1136 - 1137 1137 - pVIE += (pEid->Len + 2); 1138 1138 - len -= (pEid->Len + 2); 1139 1139 - } 1140 1140 - } 1141 1141 - 1142 1142 - if (pAd->MacTab.Content[BSSID_WCID].RSNIE_Len == 0) 1143 1143 - { 1144 1144 - DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> no RSN_IE \n")); 1145 1145 - } 1146 1146 - else 1147 1147 - { 1148 1148 - hex_dump("RSN_IE", pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len); 1149 1149 - } 1150 1150 - } 1151 1151 - } 1152 1152 - 1153 1153 - /* 1154 1154 - ========================================================================== 1155 1155 - Description: 1156 1156 - left part of IEEE 802.11/1999 p.374 1157 1157 - Parameters: 1158 1158 - Elem - MLME message containing the received frame 1159 1159 - 1160 1160 - IRQL = DISPATCH_LEVEL 1161 1161 - 1162 1162 - ========================================================================== 1163 1163 - */ 1164 1164 - VOID PeerDisassocAction( 1165 1165 - IN PRTMP_ADAPTER pAd, 1166 1166 - IN MLME_QUEUE_ELEM *Elem) 1167 1167 - { 1168 1168 - UCHAR Addr2[MAC_ADDR_LEN]; 1169 1169 - USHORT Reason; 1170 1170 - 1171 1171 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction()\n")); 1172 1172 - if(PeerDisassocSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Reason)) 1173 1173 - { 1174 1174 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction() Reason = %d\n", Reason)); 1175 1175 - if (INFRA_ON(pAd) && MAC_ADDR_EQUAL(pAd->CommonCfg.Bssid, Addr2)) 1176 1176 - { 1177 1177 - 1178 1178 - if (pAd->CommonCfg.bWirelessEvent) 1179 1179 - { 1180 1180 - RTMPSendWirelessEvent(pAd, IW_DISASSOC_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 1181 1181 - } 1182 1182 - 1183 1183 - // 1184 1184 - // Get Current System time and Turn on AdjacentAPReport 1185 1185 - // 1186 1186 - NdisGetSystemUpTime(&pAd->StaCfg.CCXAdjacentAPLinkDownTime); 1187 1187 - pAd->StaCfg.CCXAdjacentAPReportFlag = TRUE; 1188 1188 - LinkDown(pAd, TRUE); 1189 1189 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1190 1190 - 1191 1191 - { 1192 1192 - union iwreq_data wrqu; 1193 1193 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 1194 1194 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 1195 1195 - } 1196 1196 - } 1197 1197 - } 1198 1198 - else 1199 1199 - { 1200 1200 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction() sanity check fail\n")); 1201 1201 - } 1202 1202 - 1203 1203 - } 1204 1204 - 1205 1205 - /* 1206 1206 - ========================================================================== 1207 1207 - Description: 1208 1208 - what the state machine will do after assoc timeout 1209 1209 - Parameters: 1210 1210 - Elme - 1211 1211 - 1212 1212 - IRQL = DISPATCH_LEVEL 1213 1213 - 1214 1214 - ========================================================================== 1215 1215 - */ 1216 1216 - VOID AssocTimeoutAction( 1217 1217 - IN PRTMP_ADAPTER pAd, 1218 1218 - IN MLME_QUEUE_ELEM *Elem) 1219 1219 - { 1220 1220 - USHORT Status; 1221 1221 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - AssocTimeoutAction\n")); 1222 1222 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1223 1223 - Status = MLME_REJ_TIMEOUT; 1224 1224 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status); 1225 1225 - } 1226 1226 - 1227 1227 - /* 1228 1228 - ========================================================================== 1229 1229 - Description: 1230 1230 - what the state machine will do after reassoc timeout 1231 1231 - 1232 1232 - IRQL = DISPATCH_LEVEL 1233 1233 - 1234 1234 - ========================================================================== 1235 1235 - */ 1236 1236 - VOID ReassocTimeoutAction( 1237 1237 - IN PRTMP_ADAPTER pAd, 1238 1238 - IN MLME_QUEUE_ELEM *Elem) 1239 1239 - { 1240 1240 - USHORT Status; 1241 1241 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - ReassocTimeoutAction\n")); 1242 1242 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1243 1243 - Status = MLME_REJ_TIMEOUT; 1244 1244 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status); 1245 1245 - } 1246 1246 - 1247 1247 - /* 1248 1248 - ========================================================================== 1249 1249 - Description: 1250 1250 - what the state machine will do after disassoc timeout 1251 1251 - 1252 1252 - IRQL = DISPATCH_LEVEL 1253 1253 - 1254 1254 - ========================================================================== 1255 1255 - */ 1256 1256 - VOID DisassocTimeoutAction( 1257 1257 - IN PRTMP_ADAPTER pAd, 1258 1258 - IN MLME_QUEUE_ELEM *Elem) 1259 1259 - { 1260 1260 - USHORT Status; 1261 1261 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - DisassocTimeoutAction\n")); 1262 1262 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1263 1263 - Status = MLME_SUCCESS; 1264 1264 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status); 1265 1265 - } 1266 1266 - 1267 1267 - VOID InvalidStateWhenAssoc( 1268 1268 - IN PRTMP_ADAPTER pAd, 1269 1269 - IN MLME_QUEUE_ELEM *Elem) 1270 1270 - { 1271 1271 - USHORT Status; 1272 1272 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenAssoc(state=%ld), reset ASSOC state machine\n", 1273 1273 - pAd->Mlme.AssocMachine.CurrState)); 1274 1274 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1275 1275 - Status = MLME_STATE_MACHINE_REJECT; 1276 1276 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status); 1277 1277 - } 1278 1278 - 1279 1279 - VOID InvalidStateWhenReassoc( 1280 1280 - IN PRTMP_ADAPTER pAd, 1281 1281 - IN MLME_QUEUE_ELEM *Elem) 1282 1282 - { 1283 1283 - USHORT Status; 1284 1284 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenReassoc(state=%ld), reset ASSOC state machine\n", 1285 1285 - pAd->Mlme.AssocMachine.CurrState)); 1286 1286 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1287 1287 - Status = MLME_STATE_MACHINE_REJECT; 1288 1288 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status); 1289 1289 - } 1290 1290 - 1291 1291 - VOID InvalidStateWhenDisassociate( 1292 1292 - IN PRTMP_ADAPTER pAd, 1293 1293 - IN MLME_QUEUE_ELEM *Elem) 1294 1294 - { 1295 1295 - USHORT Status; 1296 1296 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenDisassoc(state=%ld), reset ASSOC state machine\n", 1297 1297 - pAd->Mlme.AssocMachine.CurrState)); 1298 1298 - pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE; 1299 1299 - Status = MLME_STATE_MACHINE_REJECT; 1300 1300 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status); 1301 1301 - } 1302 1302 - 1303 1303 - /* 1304 1304 - ========================================================================== 1305 1305 - Description: 1306 1306 - right part of IEEE 802.11/1999 page 374 1307 1307 - Note: 1308 1308 - This event should never cause ASSOC state machine perform state 1309 1309 - transition, and has no relationship with CNTL machine. So we separate 1310 1310 - this routine as a service outside of ASSOC state transition table. 1311 1311 - 1312 1312 - IRQL = DISPATCH_LEVEL 1313 1313 - 1314 1314 - ========================================================================== 1315 1315 - */ 1316 1316 - VOID Cls3errAction( 1317 1317 - IN PRTMP_ADAPTER pAd, 1318 1318 - IN PUCHAR pAddr) 1319 1319 - { 1320 1320 - HEADER_802_11 DisassocHdr; 1321 1321 - PHEADER_802_11 pDisassocHdr; 1322 1322 - PUCHAR pOutBuffer = NULL; 1323 1323 - ULONG FrameLen = 0; 1324 1324 - NDIS_STATUS NStatus; 1325 1325 - USHORT Reason = REASON_CLS3ERR; 1326 1326 - 1327 1327 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 1328 1328 - if (NStatus != NDIS_STATUS_SUCCESS) 1329 1329 - return; 1330 1330 - 1331 1331 - DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Class 3 Error, Send DISASSOC frame\n")); 1332 1332 - MgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pAddr, pAd->CommonCfg.Bssid); // patch peap ttls switching issue 1333 1333 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1334 1334 - sizeof(HEADER_802_11),&DisassocHdr, 1335 1335 - 2, &Reason, 1336 1336 - END_OF_ARGS); 1337 1337 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 1338 1338 - 1339 1339 - // To patch Instance and Buffalo(N) AP 1340 1340 - // Driver has to send deauth to Instance AP, but Buffalo(N) needs to send disassoc to reset Authenticator's state machine 1341 1341 - // Therefore, we send both of them. 1342 1342 - pDisassocHdr = (PHEADER_802_11)pOutBuffer; 1343 1343 - pDisassocHdr->FC.SubType = SUBTYPE_DEAUTH; 1344 1344 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 1345 1345 - 1346 1346 - MlmeFreeMemory(pAd, pOutBuffer); 1347 1347 - 1348 1348 - pAd->StaCfg.DisassocReason = REASON_CLS3ERR; 1349 1349 - COPY_MAC_ADDR(pAd->StaCfg.DisassocSta, pAddr); 1350 1350 - } 1351 1351 - 1352 1352 - /* 1353 1353 - ========================================================================== 1354 1354 - Description: 1355 1355 - Switch between WEP and CKIP upon new association up. 1356 1356 - Parameters: 1357 1357 - 1358 1358 - IRQL = DISPATCH_LEVEL 1359 1359 - 1360 1360 - ========================================================================== 1361 1361 - */ 1362 1362 - VOID SwitchBetweenWepAndCkip( 1363 1363 - IN PRTMP_ADAPTER pAd) 1364 1364 - { 1365 1365 - int i; 1366 1366 - SHAREDKEY_MODE_STRUC csr1; 1367 1367 - 1368 1368 - // if KP is required. change the CipherAlg in hardware shard key table from WEP 1369 1369 - // to CKIP. else remain as WEP 1370 1370 - if (pAd->StaCfg.bCkipOn && (pAd->StaCfg.CkipFlag & 0x10)) 1371 1371 - { 1372 1372 - // modify hardware key table so that MAC use correct algorithm to decrypt RX 1373 1373 - RTMP_IO_READ32(pAd, SHARED_KEY_MODE_BASE, &csr1.word); 1374 1374 - if (csr1.field.Bss0Key0CipherAlg == CIPHER_WEP64) 1375 1375 - csr1.field.Bss0Key0CipherAlg = CIPHER_CKIP64; 1376 1376 - else if (csr1.field.Bss0Key0CipherAlg == CIPHER_WEP128) 1377 1377 - csr1.field.Bss0Key0CipherAlg = CIPHER_CKIP128; 1378 1378 - 1379 1379 - if (csr1.field.Bss0Key1CipherAlg == CIPHER_WEP64) 1380 1380 - csr1.field.Bss0Key1CipherAlg = CIPHER_CKIP64; 1381 1381 - else if (csr1.field.Bss0Key1CipherAlg == CIPHER_WEP128) 1382 1382 - csr1.field.Bss0Key1CipherAlg = CIPHER_CKIP128; 1383 1383 - 1384 1384 - if (csr1.field.Bss0Key2CipherAlg == CIPHER_WEP64) 1385 1385 - csr1.field.Bss0Key2CipherAlg = CIPHER_CKIP64; 1386 1386 - else if (csr1.field.Bss0Key2CipherAlg == CIPHER_WEP128) 1387 1387 - csr1.field.Bss0Key2CipherAlg = CIPHER_CKIP128; 1388 1388 - 1389 1389 - if (csr1.field.Bss0Key3CipherAlg == CIPHER_WEP64) 1390 1390 - csr1.field.Bss0Key3CipherAlg = CIPHER_CKIP64; 1391 1391 - else if (csr1.field.Bss0Key3CipherAlg == CIPHER_WEP128) 1392 1392 - csr1.field.Bss0Key3CipherAlg = CIPHER_CKIP128; 1393 1393 - RTMP_IO_WRITE32(pAd, SHARED_KEY_MODE_BASE, csr1.word); 1394 1394 - DBGPRINT(RT_DEBUG_TRACE, ("SwitchBetweenWepAndCkip: modify BSS0 cipher to %s\n", CipherName[csr1.field.Bss0Key0CipherAlg])); 1395 1395 - 1396 1396 - // modify software key table so that driver can specify correct algorithm in TXD upon TX 1397 1397 - for (i=0; i<SHARE_KEY_NUM; i++) 1398 1398 - { 1399 1399 - if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_WEP64) 1400 1400 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_CKIP64; 1401 1401 - else if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_WEP128) 1402 1402 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_CKIP128; 1403 1403 - } 1404 1404 - } 1405 1405 - 1406 1406 - // else if KP NOT inused. change the CipherAlg in hardware shard key table from CKIP 1407 1407 - // to WEP. 1408 1408 - else 1409 1409 - { 1410 1410 - // modify hardware key table so that MAC use correct algorithm to decrypt RX 1411 1411 - RTMP_IO_READ32(pAd, SHARED_KEY_MODE_BASE, &csr1.word); 1412 1412 - if (csr1.field.Bss0Key0CipherAlg == CIPHER_CKIP64) 1413 1413 - csr1.field.Bss0Key0CipherAlg = CIPHER_WEP64; 1414 1414 - else if (csr1.field.Bss0Key0CipherAlg == CIPHER_CKIP128) 1415 1415 - csr1.field.Bss0Key0CipherAlg = CIPHER_WEP128; 1416 1416 - 1417 1417 - if (csr1.field.Bss0Key1CipherAlg == CIPHER_CKIP64) 1418 1418 - csr1.field.Bss0Key1CipherAlg = CIPHER_WEP64; 1419 1419 - else if (csr1.field.Bss0Key1CipherAlg == CIPHER_CKIP128) 1420 1420 - csr1.field.Bss0Key1CipherAlg = CIPHER_WEP128; 1421 1421 - 1422 1422 - if (csr1.field.Bss0Key2CipherAlg == CIPHER_CKIP64) 1423 1423 - csr1.field.Bss0Key2CipherAlg = CIPHER_WEP64; 1424 1424 - else if (csr1.field.Bss0Key2CipherAlg == CIPHER_CKIP128) 1425 1425 - csr1.field.Bss0Key2CipherAlg = CIPHER_WEP128; 1426 1426 - 1427 1427 - if (csr1.field.Bss0Key3CipherAlg == CIPHER_CKIP64) 1428 1428 - csr1.field.Bss0Key3CipherAlg = CIPHER_WEP64; 1429 1429 - else if (csr1.field.Bss0Key3CipherAlg == CIPHER_CKIP128) 1430 1430 - csr1.field.Bss0Key3CipherAlg = CIPHER_WEP128; 1431 1431 - 1432 1432 - // modify software key table so that driver can specify correct algorithm in TXD upon TX 1433 1433 - for (i=0; i<SHARE_KEY_NUM; i++) 1434 1434 - { 1435 1435 - if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_CKIP64) 1436 1436 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_WEP64; 1437 1437 - else if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_CKIP128) 1438 1438 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_WEP128; 1439 1439 - } 1440 1440 - 1441 1441 - // 1442 1442 - // On WPA-NONE, must update CipherAlg. 1443 1443 - // Because the OID_802_11_WEP_STATUS was been set after OID_802_11_ADD_KEY 1444 1444 - // and CipherAlg will be CIPHER_NONE by Windows ZeroConfig. 1445 1445 - // So we need to update CipherAlg after connect. 1446 1446 - // 1447 1447 - if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPANone) 1448 1448 - { 1449 1449 - for (i = 0; i < SHARE_KEY_NUM; i++) 1450 1450 - { 1451 1451 - if (pAd->SharedKey[BSS0][i].KeyLen != 0) 1452 1452 - { 1453 1453 - if (pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled) 1454 1454 - { 1455 1455 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_TKIP; 1456 1456 - } 1457 1457 - else if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1458 1458 - { 1459 1459 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_AES; 1460 1460 - } 1461 1461 - } 1462 1462 - else 1463 1463 - { 1464 1464 - pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_NONE; 1465 1465 - } 1466 1466 - } 1467 1467 - 1468 1468 - csr1.field.Bss0Key0CipherAlg = pAd->SharedKey[BSS0][0].CipherAlg; 1469 1469 - csr1.field.Bss0Key1CipherAlg = pAd->SharedKey[BSS0][1].CipherAlg; 1470 1470 - csr1.field.Bss0Key2CipherAlg = pAd->SharedKey[BSS0][2].CipherAlg; 1471 1471 - csr1.field.Bss0Key3CipherAlg = pAd->SharedKey[BSS0][3].CipherAlg; 1472 1472 - } 1473 1473 - RTMP_IO_WRITE32(pAd, SHARED_KEY_MODE_BASE, csr1.word); 1474 1474 - DBGPRINT(RT_DEBUG_TRACE, ("SwitchBetweenWepAndCkip: modify BSS0 cipher to %s\n", CipherName[csr1.field.Bss0Key0CipherAlg])); 1475 1475 - } 1476 1476 - } 1477 1477 - 1478 1478 - int wext_notify_event_assoc( 1479 1479 - IN RTMP_ADAPTER *pAd) 1480 1480 - { 1481 1481 - union iwreq_data wrqu; 1482 1482 - char custom[IW_CUSTOM_MAX] = {0}; 1483 1483 - 1484 1484 - #if WIRELESS_EXT > 17 1485 1485 - if (pAd->StaCfg.ReqVarIELen <= IW_CUSTOM_MAX) 1486 1486 - { 1487 1487 - wrqu.data.length = pAd->StaCfg.ReqVarIELen; 1488 1488 - memcpy(custom, pAd->StaCfg.ReqVarIEs, pAd->StaCfg.ReqVarIELen); 1489 1489 - wireless_send_event(pAd->net_dev, IWEVASSOCREQIE, &wrqu, custom); 1490 1490 - } 1491 1491 - else 1492 1492 - DBGPRINT(RT_DEBUG_TRACE, ("pAd->StaCfg.ReqVarIELen > MAX_CUSTOM_LEN\n")); 1493 1493 - #else 1494 1494 - if (((pAd->StaCfg.ReqVarIELen*2) + 17) <= IW_CUSTOM_MAX) 1495 1495 - { 1496 1496 - UCHAR idx; 1497 1497 - wrqu.data.length = (pAd->StaCfg.ReqVarIELen*2) + 17; 1498 1498 - sprintf(custom, "ASSOCINFO(ReqIEs="); 1499 1499 - for (idx=0; idx<pAd->StaCfg.ReqVarIELen; idx++) 1500 1500 - sprintf(custom, "%s%02x", custom, pAd->StaCfg.ReqVarIEs[idx]); 1501 1501 - wireless_send_event(pAd->net_dev, IWEVCUSTOM, &wrqu, custom); 1502 1502 - } 1503 1503 - else 1504 1504 - DBGPRINT(RT_DEBUG_TRACE, ("(pAd->StaCfg.ReqVarIELen*2) + 17 > MAX_CUSTOM_LEN\n")); 1505 1505 - #endif 1506 1506 - 1507 1507 - return 0; 1508 1508 - 1509 1509 - } 1510 1510 - 1511 1511 - BOOLEAN StaAddMacTableEntry( 1512 1512 - IN PRTMP_ADAPTER pAd, 1513 1513 - IN PMAC_TABLE_ENTRY pEntry, 1514 1514 - IN UCHAR MaxSupportedRateIn500Kbps, 1515 1515 - IN HT_CAPABILITY_IE *pHtCapability, 1516 1516 - IN UCHAR HtCapabilityLen, 1517 1517 - IN USHORT CapabilityInfo) 1518 1518 - { 1519 1519 - UCHAR MaxSupportedRate = RATE_11; 1520 1520 - 1521 1521 - if (ADHOC_ON(pAd)) 1522 1522 - CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE); 1523 1523 - 1524 1524 - switch (MaxSupportedRateIn500Kbps) 1525 1525 - { 1526 1526 - case 108: MaxSupportedRate = RATE_54; break; 1527 1527 - case 96: MaxSupportedRate = RATE_48; break; 1528 1528 - case 72: MaxSupportedRate = RATE_36; break; 1529 1529 - case 48: MaxSupportedRate = RATE_24; break; 1530 1530 - case 36: MaxSupportedRate = RATE_18; break; 1531 1531 - case 24: MaxSupportedRate = RATE_12; break; 1532 1532 - case 18: MaxSupportedRate = RATE_9; break; 1533 1533 - case 12: MaxSupportedRate = RATE_6; break; 1534 1534 - case 22: MaxSupportedRate = RATE_11; break; 1535 1535 - case 11: MaxSupportedRate = RATE_5_5; break; 1536 1536 - case 4: MaxSupportedRate = RATE_2; break; 1537 1537 - case 2: MaxSupportedRate = RATE_1; break; 1538 1538 - default: MaxSupportedRate = RATE_11; break; 1539 1539 - } 1540 1540 - 1541 1541 - if ((pAd->CommonCfg.PhyMode == PHY_11G) && (MaxSupportedRate < RATE_FIRST_OFDM_RATE)) 1542 1542 - return FALSE; 1543 1543 - 1544 1544 - // 11n only 1545 1545 - if (((pAd->CommonCfg.PhyMode == PHY_11N_2_4G) || (pAd->CommonCfg.PhyMode == PHY_11N_5G))&& (HtCapabilityLen == 0)) 1546 1546 - return FALSE; 1547 1547 - 1548 1548 - if (!pEntry) 1549 1549 - return FALSE; 1550 1550 - 1551 1551 - NdisAcquireSpinLock(&pAd->MacTabLock); 1552 1552 - if (pEntry) 1553 1553 - { 1554 1554 - pEntry->PortSecured = WPA_802_1X_PORT_SECURED; 1555 1555 - if ((MaxSupportedRate < RATE_FIRST_OFDM_RATE) || 1556 1556 - (pAd->CommonCfg.PhyMode == PHY_11B)) 1557 1557 - { 1558 1558 - pEntry->RateLen = 4; 1559 1559 - if (MaxSupportedRate >= RATE_FIRST_OFDM_RATE) 1560 1560 - MaxSupportedRate = RATE_11; 1561 1561 - } 1562 1562 - else 1563 1563 - pEntry->RateLen = 12; 1564 1564 - 1565 1565 - pEntry->MaxHTPhyMode.word = 0; 1566 1566 - pEntry->MinHTPhyMode.word = 0; 1567 1567 - pEntry->HTPhyMode.word = 0; 1568 1568 - pEntry->MaxSupportedRate = MaxSupportedRate; 1569 1569 - if (pEntry->MaxSupportedRate < RATE_FIRST_OFDM_RATE) 1570 1570 - { 1571 1571 - pEntry->MaxHTPhyMode.field.MODE = MODE_CCK; 1572 1572 - pEntry->MaxHTPhyMode.field.MCS = pEntry->MaxSupportedRate; 1573 1573 - pEntry->MinHTPhyMode.field.MODE = MODE_CCK; 1574 1574 - pEntry->MinHTPhyMode.field.MCS = pEntry->MaxSupportedRate; 1575 1575 - pEntry->HTPhyMode.field.MODE = MODE_CCK; 1576 1576 - pEntry->HTPhyMode.field.MCS = pEntry->MaxSupportedRate; 1577 1577 - } 1578 1578 - else 1579 1579 - { 1580 1580 - pEntry->MaxHTPhyMode.field.MODE = MODE_OFDM; 1581 1581 - pEntry->MaxHTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate]; 1582 1582 - pEntry->MinHTPhyMode.field.MODE = MODE_OFDM; 1583 1583 - pEntry->MinHTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate]; 1584 1584 - pEntry->HTPhyMode.field.MODE = MODE_OFDM; 1585 1585 - pEntry->HTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate]; 1586 1586 - } 1587 1587 - pEntry->CapabilityInfo = CapabilityInfo; 1588 1588 - CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_AGGREGATION_CAPABLE); 1589 1589 - CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_PIGGYBACK_CAPABLE); 1590 1590 - } 1591 1591 - 1592 1592 - // If this Entry supports 802.11n, upgrade to HT rate. 1593 1593 - if ((HtCapabilityLen != 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)) 1594 1594 - { 1595 1595 - UCHAR j, bitmask; //k,bitmask; 1596 1596 - CHAR i; 1597 1597 - 1598 1598 - if (ADHOC_ON(pAd)) 1599 1599 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE); 1600 1600 - if ((pHtCapability->HtCapInfo.GF) && (pAd->CommonCfg.DesiredHtPhy.GF)) 1601 1601 - { 1602 1602 - pEntry->MaxHTPhyMode.field.MODE = MODE_HTGREENFIELD; 1603 1603 - } 1604 1604 - else 1605 1605 - { 1606 1606 - pEntry->MaxHTPhyMode.field.MODE = MODE_HTMIX; 1607 1607 - pAd->MacTab.fAnyStationNonGF = TRUE; 1608 1608 - pAd->CommonCfg.AddHTInfo.AddHtInfo2.NonGfPresent = 1; 1609 1609 - } 1610 1610 - 1611 1611 - if ((pHtCapability->HtCapInfo.ChannelWidth) && (pAd->CommonCfg.DesiredHtPhy.ChannelWidth)) 1612 1612 - { 1613 1613 - pEntry->MaxHTPhyMode.field.BW= BW_40; 1614 1614 - pEntry->MaxHTPhyMode.field.ShortGI = ((pAd->CommonCfg.DesiredHtPhy.ShortGIfor40)&(pHtCapability->HtCapInfo.ShortGIfor40)); 1615 1615 - } 1616 1616 - else 1617 1617 - { 1618 1618 - pEntry->MaxHTPhyMode.field.BW = BW_20; 1619 1619 - pEntry->MaxHTPhyMode.field.ShortGI = ((pAd->CommonCfg.DesiredHtPhy.ShortGIfor20)&(pHtCapability->HtCapInfo.ShortGIfor20)); 1620 1620 - pAd->MacTab.fAnyStation20Only = TRUE; 1621 1621 - } 1622 1622 - 1623 1623 - // 3*3 1624 1624 - if (pAd->MACVersion >= RALINK_2883_VERSION && pAd->MACVersion < RALINK_3070_VERSION) 1625 1625 - pEntry->MaxHTPhyMode.field.TxBF = pAd->CommonCfg.RegTransmitSetting.field.TxBF; 1626 1626 - 1627 1627 - // find max fixed rate 1628 1628 - for (i=23; i>=0; i--) // 3*3 1629 1629 - { 1630 1630 - j = i/8; 1631 1631 - bitmask = (1<<(i-(j*8))); 1632 1632 - if ((pAd->StaCfg.DesiredHtPhyInfo.MCSSet[j] & bitmask) && (pHtCapability->MCSSet[j] & bitmask)) 1633 1633 - { 1634 1634 - pEntry->MaxHTPhyMode.field.MCS = i; 1635 1635 - break; 1636 1636 - } 1637 1637 - if (i==0) 1638 1638 - break; 1639 1639 - } 1640 1640 - 1641 1641 - 1642 1642 - if (pAd->StaCfg.DesiredTransmitSetting.field.MCS != MCS_AUTO) 1643 1643 - { 1644 1644 - if (pAd->StaCfg.DesiredTransmitSetting.field.MCS == 32) 1645 1645 - { 1646 1646 - // Fix MCS as HT Duplicated Mode 1647 1647 - pEntry->MaxHTPhyMode.field.BW = 1; 1648 1648 - pEntry->MaxHTPhyMode.field.MODE = MODE_HTMIX; 1649 1649 - pEntry->MaxHTPhyMode.field.STBC = 0; 1650 1650 - pEntry->MaxHTPhyMode.field.ShortGI = 0; 1651 1651 - pEntry->MaxHTPhyMode.field.MCS = 32; 1652 1652 - } 1653 1653 - else if (pEntry->MaxHTPhyMode.field.MCS > pAd->StaCfg.HTPhyMode.field.MCS) 1654 1654 - { 1655 1655 - // STA supports fixed MCS 1656 1656 - pEntry->MaxHTPhyMode.field.MCS = pAd->StaCfg.HTPhyMode.field.MCS; 1657 1657 - } 1658 1658 - } 1659 1659 - 1660 1660 - pEntry->MaxHTPhyMode.field.STBC = (pHtCapability->HtCapInfo.RxSTBC & (pAd->CommonCfg.DesiredHtPhy.TxSTBC)); 1661 1661 - pEntry->MpduDensity = pHtCapability->HtCapParm.MpduDensity; 1662 1662 - pEntry->MaxRAmpduFactor = pHtCapability->HtCapParm.MaxRAmpduFactor; 1663 1663 - pEntry->MmpsMode = (UCHAR)pHtCapability->HtCapInfo.MimoPs; 1664 1664 - pEntry->AMsduSize = (UCHAR)pHtCapability->HtCapInfo.AMsduSize; 1665 1665 - pEntry->HTPhyMode.word = pEntry->MaxHTPhyMode.word; 1666 1666 - 1667 1667 - if (pAd->CommonCfg.DesiredHtPhy.AmsduEnable && (pAd->CommonCfg.REGBACapability.field.AutoBA == FALSE)) 1668 1668 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_AMSDU_INUSED); 1669 1669 - if (pHtCapability->HtCapInfo.ShortGIfor20) 1670 1670 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_SGI20_CAPABLE); 1671 1671 - if (pHtCapability->HtCapInfo.ShortGIfor40) 1672 1672 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_SGI40_CAPABLE); 1673 1673 - if (pHtCapability->HtCapInfo.TxSTBC) 1674 1674 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_TxSTBC_CAPABLE); 1675 1675 - if (pHtCapability->HtCapInfo.RxSTBC) 1676 1676 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_RxSTBC_CAPABLE); 1677 1677 - if (pHtCapability->ExtHtCapInfo.PlusHTC) 1678 1678 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_HTC_CAPABLE); 1679 1679 - if (pAd->CommonCfg.bRdg && pHtCapability->ExtHtCapInfo.RDGSupport) 1680 1680 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_RDG_CAPABLE); 1681 1681 - if (pHtCapability->ExtHtCapInfo.MCSFeedback == 0x03) 1682 1682 - CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_MCSFEEDBACK_CAPABLE); 1683 1683 - } 1684 1684 - else 1685 1685 - { 1686 1686 - pAd->MacTab.fAnyStationIsLegacy = TRUE; 1687 1687 - } 1688 1688 - 1689 1689 - NdisMoveMemory(&pEntry->HTCapability, pHtCapability, sizeof(HT_CAPABILITY_IE)); 1690 1690 - 1691 1691 - pEntry->HTPhyMode.word = pEntry->MaxHTPhyMode.word; 1692 1692 - pEntry->CurrTxRate = pEntry->MaxSupportedRate; 1693 1693 - 1694 1694 - // Set asic auto fall back 1695 1695 - if (pAd->StaCfg.bAutoTxRateSwitch == TRUE) 1696 1696 - { 1697 1697 - PUCHAR pTable; 1698 1698 - UCHAR TableSize = 0; 1699 1699 - 1700 1700 - MlmeSelectTxRateTable(pAd, pEntry, &pTable, &TableSize, &pEntry->CurrTxRateIndex); 1701 1701 - pEntry->bAutoTxRateSwitch = TRUE; 1702 1702 - } 1703 1703 - else 1704 1704 - { 1705 1705 - pEntry->HTPhyMode.field.MODE = pAd->StaCfg.HTPhyMode.field.MODE; 1706 1706 - pEntry->HTPhyMode.field.MCS = pAd->StaCfg.HTPhyMode.field.MCS; 1707 1707 - pEntry->bAutoTxRateSwitch = FALSE; 1708 1708 - 1709 1709 - // If the legacy mode is set, overwrite the transmit setting of this entry. 1710 1710 - RTMPUpdateLegacyTxSetting((UCHAR)pAd->StaCfg.DesiredTransmitSetting.field.FixedTxMode, pEntry); 1711 1711 - } 1712 1712 - 1713 1713 - pEntry->PortSecured = WPA_802_1X_PORT_SECURED; 1714 1714 - pEntry->Sst = SST_ASSOC; 1715 1715 - pEntry->AuthState = AS_AUTH_OPEN; 1716 1716 - pEntry->AuthMode = pAd->StaCfg.AuthMode; 1717 1717 - pEntry->WepStatus = pAd->StaCfg.WepStatus; 1718 1718 - 1719 1719 - NdisReleaseSpinLock(&pAd->MacTabLock); 1720 1720 - 1721 1721 - { 1722 1722 - union iwreq_data wrqu; 1723 1723 - wext_notify_event_assoc(pAd); 1724 1724 - 1725 1725 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 1726 1726 - memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN); 1727 1727 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 1728 1728 - 1729 1729 - } 1730 1730 - return TRUE; 1731 1731 - } 1732 1732 - 1733 1733 - 1 1 + #include "../../rt2870/sta/assoc.c"

+1 -461

drivers/staging/rt3070/sta/auth.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - auth.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - John 2004-9-3 porting from RT2500 36 36 - */ 37 37 - #include "../rt_config.h" 38 38 - 39 39 - /* 40 40 - ========================================================================== 41 41 - Description: 42 42 - authenticate state machine init, including state transition and timer init 43 43 - Parameters: 44 44 - Sm - pointer to the auth state machine 45 45 - Note: 46 46 - The state machine looks like this 47 47 - 48 48 - AUTH_REQ_IDLE AUTH_WAIT_SEQ2 AUTH_WAIT_SEQ4 49 49 - MT2_MLME_AUTH_REQ mlme_auth_req_action invalid_state_when_auth invalid_state_when_auth 50 50 - MT2_PEER_AUTH_EVEN drop peer_auth_even_at_seq2_action peer_auth_even_at_seq4_action 51 51 - MT2_AUTH_TIMEOUT Drop auth_timeout_action auth_timeout_action 52 52 - 53 53 - IRQL = PASSIVE_LEVEL 54 54 - 55 55 - ========================================================================== 56 56 - */ 57 57 - 58 58 - void AuthStateMachineInit( 59 59 - IN PRTMP_ADAPTER pAd, 60 60 - IN STATE_MACHINE *Sm, 61 61 - OUT STATE_MACHINE_FUNC Trans[]) 62 62 - { 63 63 - StateMachineInit(Sm, Trans, MAX_AUTH_STATE, MAX_AUTH_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_REQ_IDLE, AUTH_MACHINE_BASE); 64 64 - 65 65 - // the first column 66 66 - StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)MlmeAuthReqAction); 67 67 - 68 68 - // the second column 69 69 - StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth); 70 70 - StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq2Action); 71 71 - StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction); 72 72 - 73 73 - // the third column 74 74 - StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth); 75 75 - StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq4Action); 76 76 - StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction); 77 77 - 78 78 - RTMPInitTimer(pAd, &pAd->MlmeAux.AuthTimer, GET_TIMER_FUNCTION(AuthTimeout), pAd, FALSE); 79 79 - } 80 80 - 81 81 - /* 82 82 - ========================================================================== 83 83 - Description: 84 84 - function to be executed at timer thread when auth timer expires 85 85 - 86 86 - IRQL = DISPATCH_LEVEL 87 87 - 88 88 - ========================================================================== 89 89 - */ 90 90 - VOID AuthTimeout( 91 91 - IN PVOID SystemSpecific1, 92 92 - IN PVOID FunctionContext, 93 93 - IN PVOID SystemSpecific2, 94 94 - IN PVOID SystemSpecific3) 95 95 - { 96 96 - RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext; 97 97 - 98 98 - DBGPRINT(RT_DEBUG_TRACE,("AUTH - AuthTimeout\n")); 99 99 - 100 100 - // Do nothing if the driver is starting halt state. 101 101 - // This might happen when timer already been fired before cancel timer with mlmehalt 102 102 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST)) 103 103 - return; 104 104 - 105 105 - // send a de-auth to reset AP's state machine (Patch AP-Dir635) 106 106 - if (pAd->Mlme.AuthMachine.CurrState == AUTH_WAIT_SEQ2) 107 107 - Cls2errAction(pAd, pAd->MlmeAux.Bssid); 108 108 - 109 109 - 110 110 - MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_AUTH_TIMEOUT, 0, NULL); 111 111 - RT28XX_MLME_HANDLER(pAd); 112 112 - } 113 113 - 114 114 - 115 115 - /* 116 116 - ========================================================================== 117 117 - Description: 118 118 - 119 119 - IRQL = DISPATCH_LEVEL 120 120 - 121 121 - ========================================================================== 122 122 - */ 123 123 - VOID MlmeAuthReqAction( 124 124 - IN PRTMP_ADAPTER pAd, 125 125 - IN MLME_QUEUE_ELEM *Elem) 126 126 - { 127 127 - UCHAR Addr[6]; 128 128 - USHORT Alg, Seq, Status; 129 129 - ULONG Timeout; 130 130 - HEADER_802_11 AuthHdr; 131 131 - BOOLEAN TimerCancelled; 132 132 - NDIS_STATUS NStatus; 133 133 - PUCHAR pOutBuffer = NULL; 134 134 - ULONG FrameLen = 0; 135 135 - 136 136 - // Block all authentication request durning WPA block period 137 137 - if (pAd->StaCfg.bBlockAssoc == TRUE) 138 138 - { 139 139 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Block Auth request durning WPA block period!\n")); 140 140 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 141 141 - Status = MLME_STATE_MACHINE_REJECT; 142 142 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 143 143 - } 144 144 - else if(MlmeAuthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr, &Timeout, &Alg)) 145 145 - { 146 146 - // reset timer 147 147 - RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled); 148 148 - COPY_MAC_ADDR(pAd->MlmeAux.Bssid, Addr); 149 149 - pAd->MlmeAux.Alg = Alg; 150 150 - Seq = 1; 151 151 - Status = MLME_SUCCESS; 152 152 - 153 153 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 154 154 - if(NStatus != NDIS_STATUS_SUCCESS) 155 155 - { 156 156 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - MlmeAuthReqAction(Alg:%d) allocate memory failed\n", Alg)); 157 157 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 158 158 - Status = MLME_FAIL_NO_RESOURCE; 159 159 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 160 160 - return; 161 161 - } 162 162 - 163 163 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH request seq#1 (Alg=%d)...\n", Alg)); 164 164 - MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr, pAd->MlmeAux.Bssid); 165 165 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 166 166 - sizeof(HEADER_802_11),&AuthHdr, 167 167 - 2, &Alg, 168 168 - 2, &Seq, 169 169 - 2, &Status, 170 170 - END_OF_ARGS); 171 171 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 172 172 - MlmeFreeMemory(pAd, pOutBuffer); 173 173 - 174 174 - RTMPSetTimer(&pAd->MlmeAux.AuthTimer, Timeout); 175 175 - pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ2; 176 176 - } 177 177 - else 178 178 - { 179 179 - DBGPRINT_ERR(("AUTH - MlmeAuthReqAction() sanity check failed\n")); 180 180 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 181 181 - Status = MLME_INVALID_FORMAT; 182 182 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 183 183 - } 184 184 - } 185 185 - 186 186 - /* 187 187 - ========================================================================== 188 188 - Description: 189 189 - 190 190 - IRQL = DISPATCH_LEVEL 191 191 - 192 192 - ========================================================================== 193 193 - */ 194 194 - VOID PeerAuthRspAtSeq2Action( 195 195 - IN PRTMP_ADAPTER pAd, 196 196 - IN MLME_QUEUE_ELEM *Elem) 197 197 - { 198 198 - UCHAR Addr2[MAC_ADDR_LEN]; 199 199 - USHORT Seq, Status, RemoteStatus, Alg; 200 200 - UCHAR ChlgText[CIPHER_TEXT_LEN]; 201 201 - UCHAR CyperChlgText[CIPHER_TEXT_LEN + 8 + 8]; 202 202 - UCHAR Element[2]; 203 203 - HEADER_802_11 AuthHdr; 204 204 - BOOLEAN TimerCancelled; 205 205 - PUCHAR pOutBuffer = NULL; 206 206 - NDIS_STATUS NStatus; 207 207 - ULONG FrameLen = 0; 208 208 - USHORT Status2; 209 209 - 210 210 - if (PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, ChlgText)) 211 211 - { 212 212 - if (MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Addr2) && Seq == 2) 213 213 - { 214 214 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status)); 215 215 - RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled); 216 216 - 217 217 - if (Status == MLME_SUCCESS) 218 218 - { 219 219 - // Authentication Mode "LEAP" has allow for CCX 1.X 220 220 - if ((pAd->MlmeAux.Alg == Ndis802_11AuthModeOpen) 221 221 - ) 222 222 - { 223 223 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 224 224 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 225 225 - } 226 226 - else 227 227 - { 228 228 - // 2. shared key, need to be challenged 229 229 - Seq++; 230 230 - RemoteStatus = MLME_SUCCESS; 231 231 - 232 232 - // Get an unused nonpaged memory 233 233 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); 234 234 - if(NStatus != NDIS_STATUS_SUCCESS) 235 235 - { 236 236 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthRspAtSeq2Action() allocate memory fail\n")); 237 237 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 238 238 - Status2 = MLME_FAIL_NO_RESOURCE; 239 239 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status2); 240 240 - return; 241 241 - } 242 242 - 243 243 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH request seq#3...\n")); 244 244 - MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2, pAd->MlmeAux.Bssid); 245 245 - AuthHdr.FC.Wep = 1; 246 246 - // Encrypt challenge text & auth information 247 247 - RTMPInitWepEngine( 248 248 - pAd, 249 249 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key, 250 250 - pAd->StaCfg.DefaultKeyId, 251 251 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].KeyLen, 252 252 - CyperChlgText); 253 253 - 254 254 - Alg = cpu2le16(*(USHORT *)&Alg); 255 255 - Seq = cpu2le16(*(USHORT *)&Seq); 256 256 - RemoteStatus= cpu2le16(*(USHORT *)&RemoteStatus); 257 257 - 258 258 - RTMPEncryptData(pAd, (PUCHAR) &Alg, CyperChlgText + 4, 2); 259 259 - RTMPEncryptData(pAd, (PUCHAR) &Seq, CyperChlgText + 6, 2); 260 260 - RTMPEncryptData(pAd, (PUCHAR) &RemoteStatus, CyperChlgText + 8, 2); 261 261 - Element[0] = 16; 262 262 - Element[1] = 128; 263 263 - RTMPEncryptData(pAd, Element, CyperChlgText + 10, 2); 264 264 - RTMPEncryptData(pAd, ChlgText, CyperChlgText + 12, 128); 265 265 - RTMPSetICV(pAd, CyperChlgText + 140); 266 266 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 267 267 - sizeof(HEADER_802_11), &AuthHdr, 268 268 - CIPHER_TEXT_LEN + 16, CyperChlgText, 269 269 - END_OF_ARGS); 270 270 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 271 271 - MlmeFreeMemory(pAd, pOutBuffer); 272 272 - 273 273 - RTMPSetTimer(&pAd->MlmeAux.AuthTimer, AUTH_TIMEOUT); 274 274 - pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ4; 275 275 - } 276 276 - } 277 277 - else 278 278 - { 279 279 - pAd->StaCfg.AuthFailReason = Status; 280 280 - COPY_MAC_ADDR(pAd->StaCfg.AuthFailSta, Addr2); 281 281 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 282 282 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 283 283 - } 284 284 - } 285 285 - } 286 286 - else 287 287 - { 288 288 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthSanity() sanity check fail\n")); 289 289 - } 290 290 - } 291 291 - 292 292 - /* 293 293 - ========================================================================== 294 294 - Description: 295 295 - 296 296 - IRQL = DISPATCH_LEVEL 297 297 - 298 298 - ========================================================================== 299 299 - */ 300 300 - VOID PeerAuthRspAtSeq4Action( 301 301 - IN PRTMP_ADAPTER pAd, 302 302 - IN MLME_QUEUE_ELEM *Elem) 303 303 - { 304 304 - UCHAR Addr2[MAC_ADDR_LEN]; 305 305 - USHORT Alg, Seq, Status; 306 306 - CHAR ChlgText[CIPHER_TEXT_LEN]; 307 307 - BOOLEAN TimerCancelled; 308 308 - 309 309 - if(PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, ChlgText)) 310 310 - { 311 311 - if(MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Addr2) && Seq == 4) 312 312 - { 313 313 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Receive AUTH_RSP seq#4 to me\n")); 314 314 - RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled); 315 315 - 316 316 - if (Status != MLME_SUCCESS) 317 317 - { 318 318 - pAd->StaCfg.AuthFailReason = Status; 319 319 - COPY_MAC_ADDR(pAd->StaCfg.AuthFailSta, Addr2); 320 320 - } 321 321 - 322 322 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 323 323 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 324 324 - } 325 325 - } 326 326 - else 327 327 - { 328 328 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthRspAtSeq4Action() sanity check fail\n")); 329 329 - } 330 330 - } 331 331 - 332 332 - /* 333 333 - ========================================================================== 334 334 - Description: 335 335 - 336 336 - IRQL = DISPATCH_LEVEL 337 337 - 338 338 - ========================================================================== 339 339 - */ 340 340 - VOID MlmeDeauthReqAction( 341 341 - IN PRTMP_ADAPTER pAd, 342 342 - IN MLME_QUEUE_ELEM *Elem) 343 343 - { 344 344 - MLME_DEAUTH_REQ_STRUCT *pInfo; 345 345 - HEADER_802_11 DeauthHdr; 346 346 - PUCHAR pOutBuffer = NULL; 347 347 - NDIS_STATUS NStatus; 348 348 - ULONG FrameLen = 0; 349 349 - USHORT Status; 350 350 - 351 351 - pInfo = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg; 352 352 - 353 353 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 354 354 - if (NStatus != NDIS_STATUS_SUCCESS) 355 355 - { 356 356 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - MlmeDeauthReqAction() allocate memory fail\n")); 357 357 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 358 358 - Status = MLME_FAIL_NO_RESOURCE; 359 359 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DEAUTH_CONF, 2, &Status); 360 360 - return; 361 361 - } 362 362 - 363 363 - 364 364 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send DE-AUTH request (Reason=%d)...\n", pInfo->Reason)); 365 365 - MgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pInfo->Addr, pAd->MlmeAux.Bssid); 366 366 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 367 367 - sizeof(HEADER_802_11),&DeauthHdr, 368 368 - 2, &pInfo->Reason, 369 369 - END_OF_ARGS); 370 370 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 371 371 - MlmeFreeMemory(pAd, pOutBuffer); 372 372 - 373 373 - pAd->StaCfg.DeauthReason = pInfo->Reason; 374 374 - COPY_MAC_ADDR(pAd->StaCfg.DeauthSta, pInfo->Addr); 375 375 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 376 376 - Status = MLME_SUCCESS; 377 377 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DEAUTH_CONF, 2, &Status); 378 378 - 379 379 - // send wireless event - for deauthentication 380 380 - if (pAd->CommonCfg.bWirelessEvent) 381 381 - RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 382 382 - } 383 383 - 384 384 - /* 385 385 - ========================================================================== 386 386 - Description: 387 387 - 388 388 - IRQL = DISPATCH_LEVEL 389 389 - 390 390 - ========================================================================== 391 391 - */ 392 392 - VOID AuthTimeoutAction( 393 393 - IN PRTMP_ADAPTER pAd, 394 394 - IN MLME_QUEUE_ELEM *Elem) 395 395 - { 396 396 - USHORT Status; 397 397 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - AuthTimeoutAction\n")); 398 398 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 399 399 - Status = MLME_REJ_TIMEOUT; 400 400 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 401 401 - } 402 402 - 403 403 - /* 404 404 - ========================================================================== 405 405 - Description: 406 406 - 407 407 - IRQL = DISPATCH_LEVEL 408 408 - 409 409 - ========================================================================== 410 410 - */ 411 411 - VOID InvalidStateWhenAuth( 412 412 - IN PRTMP_ADAPTER pAd, 413 413 - IN MLME_QUEUE_ELEM *Elem) 414 414 - { 415 415 - USHORT Status; 416 416 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - InvalidStateWhenAuth (state=%ld), reset AUTH state machine\n", pAd->Mlme.AuthMachine.CurrState)); 417 417 - pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE; 418 418 - Status = MLME_STATE_MACHINE_REJECT; 419 419 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status); 420 420 - } 421 421 - 422 422 - /* 423 423 - ========================================================================== 424 424 - Description: 425 425 - Some STA/AP 426 426 - Note: 427 427 - This action should never trigger AUTH state transition, therefore we 428 428 - separate it from AUTH state machine, and make it as a standalone service 429 429 - 430 430 - IRQL = DISPATCH_LEVEL 431 431 - 432 432 - ========================================================================== 433 433 - */ 434 434 - VOID Cls2errAction( 435 435 - IN PRTMP_ADAPTER pAd, 436 436 - IN PUCHAR pAddr) 437 437 - { 438 438 - HEADER_802_11 DeauthHdr; 439 439 - PUCHAR pOutBuffer = NULL; 440 440 - NDIS_STATUS NStatus; 441 441 - ULONG FrameLen = 0; 442 442 - USHORT Reason = REASON_CLS2ERR; 443 443 - 444 444 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 445 445 - if (NStatus != NDIS_STATUS_SUCCESS) 446 446 - return; 447 447 - 448 448 - DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Class 2 error, Send DEAUTH frame...\n")); 449 449 - MgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pAddr, pAd->MlmeAux.Bssid); 450 450 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 451 451 - sizeof(HEADER_802_11),&DeauthHdr, 452 452 - 2, &Reason, 453 453 - END_OF_ARGS); 454 454 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 455 455 - MlmeFreeMemory(pAd, pOutBuffer); 456 456 - 457 457 - pAd->StaCfg.DeauthReason = Reason; 458 458 - COPY_MAC_ADDR(pAd->StaCfg.DeauthSta, pAddr); 459 459 - } 460 460 - 461 461 - 1 1 + #include "../../rt2870/sta/auth.c"

+1 -149

drivers/staging/rt3070/sta/auth_rsp.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - auth_rsp.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - John 2004-10-1 copy from RT2560 36 36 - */ 37 37 - #include "../rt_config.h" 38 38 - 39 39 - /* 40 40 - ========================================================================== 41 41 - Description: 42 42 - authentication state machine init procedure 43 43 - Parameters: 44 44 - Sm - the state machine 45 45 - 46 46 - IRQL = PASSIVE_LEVEL 47 47 - 48 48 - ========================================================================== 49 49 - */ 50 50 - VOID AuthRspStateMachineInit( 51 51 - IN PRTMP_ADAPTER pAd, 52 52 - IN PSTATE_MACHINE Sm, 53 53 - IN STATE_MACHINE_FUNC Trans[]) 54 54 - { 55 55 - StateMachineInit(Sm, Trans, MAX_AUTH_RSP_STATE, MAX_AUTH_RSP_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_RSP_IDLE, AUTH_RSP_MACHINE_BASE); 56 56 - 57 57 - // column 1 58 58 - StateMachineSetAction(Sm, AUTH_RSP_IDLE, MT2_PEER_DEAUTH, (STATE_MACHINE_FUNC)PeerDeauthAction); 59 59 - 60 60 - // column 2 61 61 - StateMachineSetAction(Sm, AUTH_RSP_WAIT_CHAL, MT2_PEER_DEAUTH, (STATE_MACHINE_FUNC)PeerDeauthAction); 62 62 - 63 63 - } 64 64 - 65 65 - /* 66 66 - ========================================================================== 67 67 - Description: 68 68 - 69 69 - IRQL = DISPATCH_LEVEL 70 70 - 71 71 - ========================================================================== 72 72 - */ 73 73 - VOID PeerAuthSimpleRspGenAndSend( 74 74 - IN PRTMP_ADAPTER pAd, 75 75 - IN PHEADER_802_11 pHdr80211, 76 76 - IN USHORT Alg, 77 77 - IN USHORT Seq, 78 78 - IN USHORT Reason, 79 79 - IN USHORT Status) 80 80 - { 81 81 - HEADER_802_11 AuthHdr; 82 82 - ULONG FrameLen = 0; 83 83 - PUCHAR pOutBuffer = NULL; 84 84 - NDIS_STATUS NStatus; 85 85 - 86 86 - if (Reason != MLME_SUCCESS) 87 87 - { 88 88 - DBGPRINT(RT_DEBUG_TRACE, ("Peer AUTH fail...\n")); 89 89 - return; 90 90 - } 91 91 - 92 92 - //Get an unused nonpaged memory 93 93 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); 94 94 - if (NStatus != NDIS_STATUS_SUCCESS) 95 95 - return; 96 96 - 97 97 - DBGPRINT(RT_DEBUG_TRACE, ("Send AUTH response (seq#2)...\n")); 98 98 - MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, pHdr80211->Addr2, pAd->MlmeAux.Bssid); 99 99 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 100 100 - sizeof(HEADER_802_11), &AuthHdr, 101 101 - 2, &Alg, 102 102 - 2, &Seq, 103 103 - 2, &Reason, 104 104 - END_OF_ARGS); 105 105 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 106 106 - MlmeFreeMemory(pAd, pOutBuffer); 107 107 - } 108 108 - 109 109 - /* 110 110 - ========================================================================== 111 111 - Description: 112 112 - 113 113 - IRQL = DISPATCH_LEVEL 114 114 - 115 115 - ========================================================================== 116 116 - */ 117 117 - VOID PeerDeauthAction( 118 118 - IN PRTMP_ADAPTER pAd, 119 119 - IN PMLME_QUEUE_ELEM Elem) 120 120 - { 121 121 - UCHAR Addr2[MAC_ADDR_LEN]; 122 122 - USHORT Reason; 123 123 - 124 124 - if (PeerDeauthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Reason)) 125 125 - { 126 126 - if (INFRA_ON(pAd) && MAC_ADDR_EQUAL(Addr2, pAd->CommonCfg.Bssid)) 127 127 - { 128 128 - DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - receive DE-AUTH from our AP (Reason=%d)\n", Reason)); 129 129 - 130 130 - 131 131 - { 132 132 - union iwreq_data wrqu; 133 133 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 134 134 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 135 135 - } 136 136 - 137 137 - // send wireless event - for deauthentication 138 138 - if (pAd->CommonCfg.bWirelessEvent) 139 139 - RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 140 140 - 141 141 - LinkDown(pAd, TRUE); 142 142 - } 143 143 - } 144 144 - else 145 145 - { 146 146 - DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - PeerDeauthAction() sanity check fail\n")); 147 147 - } 148 148 - } 149 149 - 1 1 + #include "../../rt2870/sta/auth_rsp.c"

+1 -2461

drivers/staging/rt3070/sta/connect.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - connect.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - John 2004-08-08 Major modification from RT2560 36 36 - */ 37 37 - #include "../rt_config.h" 38 38 - 39 39 - UCHAR CipherSuiteWpaNoneTkip[] = { 40 40 - 0x00, 0x50, 0xf2, 0x01, // oui 41 41 - 0x01, 0x00, // Version 42 42 - 0x00, 0x50, 0xf2, 0x02, // Multicast 43 43 - 0x01, 0x00, // Number of unicast 44 44 - 0x00, 0x50, 0xf2, 0x02, // unicast 45 45 - 0x01, 0x00, // number of authentication method 46 46 - 0x00, 0x50, 0xf2, 0x00 // authentication 47 47 - }; 48 48 - UCHAR CipherSuiteWpaNoneTkipLen = (sizeof(CipherSuiteWpaNoneTkip) / sizeof(UCHAR)); 49 49 - 50 50 - UCHAR CipherSuiteWpaNoneAes[] = { 51 51 - 0x00, 0x50, 0xf2, 0x01, // oui 52 52 - 0x01, 0x00, // Version 53 53 - 0x00, 0x50, 0xf2, 0x04, // Multicast 54 54 - 0x01, 0x00, // Number of unicast 55 55 - 0x00, 0x50, 0xf2, 0x04, // unicast 56 56 - 0x01, 0x00, // number of authentication method 57 57 - 0x00, 0x50, 0xf2, 0x00 // authentication 58 58 - }; 59 59 - UCHAR CipherSuiteWpaNoneAesLen = (sizeof(CipherSuiteWpaNoneAes) / sizeof(UCHAR)); 60 60 - 61 61 - // The following MACRO is called after 1. starting an new IBSS, 2. succesfully JOIN an IBSS, 62 62 - // or 3. succesfully ASSOCIATE to a BSS, 4. successfully RE_ASSOCIATE to a BSS 63 63 - // All settings successfuly negotiated furing MLME state machines become final settings 64 64 - // and are copied to pAd->StaActive 65 65 - #define COPY_SETTINGS_FROM_MLME_AUX_TO_ACTIVE_CFG(_pAd) \ 66 66 - { \ 67 67 - (_pAd)->CommonCfg.SsidLen = (_pAd)->MlmeAux.SsidLen; \ 68 68 - NdisMoveMemory((_pAd)->CommonCfg.Ssid, (_pAd)->MlmeAux.Ssid, (_pAd)->MlmeAux.SsidLen); \ 69 69 - COPY_MAC_ADDR((_pAd)->CommonCfg.Bssid, (_pAd)->MlmeAux.Bssid); \ 70 70 - (_pAd)->CommonCfg.Channel = (_pAd)->MlmeAux.Channel; \ 71 71 - (_pAd)->CommonCfg.CentralChannel = (_pAd)->MlmeAux.CentralChannel; \ 72 72 - (_pAd)->StaActive.Aid = (_pAd)->MlmeAux.Aid; \ 73 73 - (_pAd)->StaActive.AtimWin = (_pAd)->MlmeAux.AtimWin; \ 74 74 - (_pAd)->StaActive.CapabilityInfo = (_pAd)->MlmeAux.CapabilityInfo; \ 75 75 - (_pAd)->CommonCfg.BeaconPeriod = (_pAd)->MlmeAux.BeaconPeriod; \ 76 76 - (_pAd)->StaActive.CfpMaxDuration = (_pAd)->MlmeAux.CfpMaxDuration; \ 77 77 - (_pAd)->StaActive.CfpPeriod = (_pAd)->MlmeAux.CfpPeriod; \ 78 78 - (_pAd)->StaActive.SupRateLen = (_pAd)->MlmeAux.SupRateLen; \ 79 79 - NdisMoveMemory((_pAd)->StaActive.SupRate, (_pAd)->MlmeAux.SupRate, (_pAd)->MlmeAux.SupRateLen);\ 80 80 - (_pAd)->StaActive.ExtRateLen = (_pAd)->MlmeAux.ExtRateLen; \ 81 81 - NdisMoveMemory((_pAd)->StaActive.ExtRate, (_pAd)->MlmeAux.ExtRate, (_pAd)->MlmeAux.ExtRateLen);\ 82 82 - NdisMoveMemory(&(_pAd)->CommonCfg.APEdcaParm, &(_pAd)->MlmeAux.APEdcaParm, sizeof(EDCA_PARM));\ 83 83 - NdisMoveMemory(&(_pAd)->CommonCfg.APQosCapability, &(_pAd)->MlmeAux.APQosCapability, sizeof(QOS_CAPABILITY_PARM));\ 84 84 - NdisMoveMemory(&(_pAd)->CommonCfg.APQbssLoad, &(_pAd)->MlmeAux.APQbssLoad, sizeof(QBSS_LOAD_PARM));\ 85 85 - COPY_MAC_ADDR((_pAd)->MacTab.Content[BSSID_WCID].Addr, (_pAd)->MlmeAux.Bssid); \ 86 86 - (_pAd)->MacTab.Content[BSSID_WCID].Aid = (_pAd)->MlmeAux.Aid; \ 87 87 - (_pAd)->MacTab.Content[BSSID_WCID].PairwiseKey.CipherAlg = (_pAd)->StaCfg.PairCipher;\ 88 88 - COPY_MAC_ADDR((_pAd)->MacTab.Content[BSSID_WCID].PairwiseKey.BssId, (_pAd)->MlmeAux.Bssid);\ 89 89 - (_pAd)->MacTab.Content[BSSID_WCID].RateLen = (_pAd)->StaActive.SupRateLen + (_pAd)->StaActive.ExtRateLen;\ 90 90 - } 91 91 - 92 92 - /* 93 93 - ========================================================================== 94 94 - Description: 95 95 - 96 96 - IRQL = PASSIVE_LEVEL 97 97 - 98 98 - ========================================================================== 99 99 - */ 100 100 - VOID MlmeCntlInit( 101 101 - IN PRTMP_ADAPTER pAd, 102 102 - IN STATE_MACHINE *S, 103 103 - OUT STATE_MACHINE_FUNC Trans[]) 104 104 - { 105 105 - // Control state machine differs from other state machines, the interface 106 106 - // follows the standard interface 107 107 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 108 108 - } 109 109 - 110 110 - /* 111 111 - ========================================================================== 112 112 - Description: 113 113 - 114 114 - IRQL = DISPATCH_LEVEL 115 115 - 116 116 - ========================================================================== 117 117 - */ 118 118 - VOID MlmeCntlMachinePerformAction( 119 119 - IN PRTMP_ADAPTER pAd, 120 120 - IN STATE_MACHINE *S, 121 121 - IN MLME_QUEUE_ELEM *Elem) 122 122 - { 123 123 - switch(pAd->Mlme.CntlMachine.CurrState) 124 124 - { 125 125 - case CNTL_IDLE: 126 126 - { 127 127 - CntlIdleProc(pAd, Elem); 128 128 - } 129 129 - break; 130 130 - case CNTL_WAIT_DISASSOC: 131 131 - CntlWaitDisassocProc(pAd, Elem); 132 132 - break; 133 133 - case CNTL_WAIT_JOIN: 134 134 - CntlWaitJoinProc(pAd, Elem); 135 135 - break; 136 136 - 137 137 - // CNTL_WAIT_REASSOC is the only state in CNTL machine that does 138 138 - // not triggered directly or indirectly by "RTMPSetInformation(OID_xxx)". 139 139 - // Therefore not protected by NDIS's "only one outstanding OID request" 140 140 - // rule. Which means NDIS may SET OID in the middle of ROAMing attempts. 141 141 - // Current approach is to block new SET request at RTMPSetInformation() 142 142 - // when CntlMachine.CurrState is not CNTL_IDLE 143 143 - case CNTL_WAIT_REASSOC: 144 144 - CntlWaitReassocProc(pAd, Elem); 145 145 - break; 146 146 - 147 147 - case CNTL_WAIT_START: 148 148 - CntlWaitStartProc(pAd, Elem); 149 149 - break; 150 150 - case CNTL_WAIT_AUTH: 151 151 - CntlWaitAuthProc(pAd, Elem); 152 152 - break; 153 153 - case CNTL_WAIT_AUTH2: 154 154 - CntlWaitAuthProc2(pAd, Elem); 155 155 - break; 156 156 - case CNTL_WAIT_ASSOC: 157 157 - CntlWaitAssocProc(pAd, Elem); 158 158 - break; 159 159 - 160 160 - case CNTL_WAIT_OID_LIST_SCAN: 161 161 - if(Elem->MsgType == MT2_SCAN_CONF) 162 162 - { 163 163 - // Resume TxRing after SCANING complete. We hope the out-of-service time 164 164 - // won't be too long to let upper layer time-out the waiting frames 165 165 - RTMPResumeMsduTransmission(pAd); 166 166 - if (pAd->StaCfg.CCXReqType != MSRN_TYPE_UNUSED) 167 167 - { 168 168 - // Cisco scan request is finished, prepare beacon report 169 169 - MlmeEnqueue(pAd, AIRONET_STATE_MACHINE, MT2_AIRONET_SCAN_DONE, 0, NULL); 170 170 - } 171 171 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 172 172 - 173 173 - // 174 174 - // Set LED status to previous status. 175 175 - // 176 176 - if (pAd->bLedOnScanning) 177 177 - { 178 178 - pAd->bLedOnScanning = FALSE; 179 179 - RTMPSetLED(pAd, pAd->LedStatus); 180 180 - } 181 181 - } 182 182 - break; 183 183 - 184 184 - case CNTL_WAIT_OID_DISASSOC: 185 185 - if (Elem->MsgType == MT2_DISASSOC_CONF) 186 186 - { 187 187 - LinkDown(pAd, FALSE); 188 188 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 189 189 - } 190 190 - break; 191 191 - #ifdef RT2870 192 192 - // 193 193 - // This state is for that we want to connect to an AP but 194 194 - // it didn't find on BSS List table. So we need to scan the air first, 195 195 - // after that we can try to connect to the desired AP if available. 196 196 - // 197 197 - case CNTL_WAIT_SCAN_FOR_CONNECT: 198 198 - if(Elem->MsgType == MT2_SCAN_CONF) 199 199 - { 200 200 - // Resume TxRing after SCANING complete. We hope the out-of-service time 201 201 - // won't be too long to let upper layer time-out the waiting frames 202 202 - RTMPResumeMsduTransmission(pAd); 203 203 - #ifdef CCX_SUPPORT 204 204 - if (pAd->StaCfg.CCXReqType != MSRN_TYPE_UNUSED) 205 205 - { 206 206 - // Cisco scan request is finished, prepare beacon report 207 207 - MlmeEnqueue(pAd, AIRONET_STATE_MACHINE, MT2_AIRONET_SCAN_DONE, 0, NULL); 208 208 - } 209 209 - #endif // CCX_SUPPORT // 210 210 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 211 211 - 212 212 - // 213 213 - // Check if we can connect to. 214 214 - // 215 215 - BssTableSsidSort(pAd, &pAd->MlmeAux.SsidBssTab, pAd->MlmeAux.AutoReconnectSsid, pAd->MlmeAux.AutoReconnectSsidLen); 216 216 - if (pAd->MlmeAux.SsidBssTab.BssNr > 0) 217 217 - { 218 218 - MlmeAutoReconnectLastSSID(pAd); 219 219 - } 220 220 - } 221 221 - break; 222 222 - #endif // RT2870 // 223 223 - default: 224 224 - DBGPRINT_ERR(("!ERROR! CNTL - Illegal message type(=%ld)", Elem->MsgType)); 225 225 - break; 226 226 - } 227 227 - } 228 228 - 229 229 - 230 230 - /* 231 231 - ========================================================================== 232 232 - Description: 233 233 - 234 234 - IRQL = DISPATCH_LEVEL 235 235 - 236 236 - ========================================================================== 237 237 - */ 238 238 - VOID CntlIdleProc( 239 239 - IN PRTMP_ADAPTER pAd, 240 240 - IN MLME_QUEUE_ELEM *Elem) 241 241 - { 242 242 - MLME_DISASSOC_REQ_STRUCT DisassocReq; 243 243 - 244 244 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RADIO_OFF)) 245 245 - return; 246 246 - 247 247 - switch(Elem->MsgType) 248 248 - { 249 249 - case OID_802_11_SSID: 250 250 - CntlOidSsidProc(pAd, Elem); 251 251 - break; 252 252 - 253 253 - case OID_802_11_BSSID: 254 254 - CntlOidRTBssidProc(pAd,Elem); 255 255 - break; 256 256 - 257 257 - case OID_802_11_BSSID_LIST_SCAN: 258 258 - CntlOidScanProc(pAd,Elem); 259 259 - break; 260 260 - 261 261 - case OID_802_11_DISASSOCIATE: 262 262 - DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid, REASON_DISASSOC_STA_LEAVING); 263 263 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ, sizeof(MLME_DISASSOC_REQ_STRUCT), &DisassocReq); 264 264 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_DISASSOC; 265 265 - 266 266 - if (pAd->StaCfg.WpaSupplicantUP != WPA_SUPPLICANT_ENABLE_WITH_WEB_UI) 267 267 - { 268 268 - // Set the AutoReconnectSsid to prevent it reconnect to old SSID 269 269 - // Since calling this indicate user don't want to connect to that SSID anymore. 270 270 - pAd->MlmeAux.AutoReconnectSsidLen= 32; 271 271 - NdisZeroMemory(pAd->MlmeAux.AutoReconnectSsid, pAd->MlmeAux.AutoReconnectSsidLen); 272 272 - } 273 273 - break; 274 274 - 275 275 - case MT2_MLME_ROAMING_REQ: 276 276 - CntlMlmeRoamingProc(pAd, Elem); 277 277 - break; 278 278 - 279 279 - case OID_802_11_MIC_FAILURE_REPORT_FRAME: 280 280 - WpaMicFailureReportFrame(pAd, Elem); 281 281 - break; 282 282 - 283 283 - default: 284 284 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Illegal message in CntlIdleProc(MsgType=%ld)\n",Elem->MsgType)); 285 285 - break; 286 286 - } 287 287 - } 288 288 - 289 289 - VOID CntlOidScanProc( 290 290 - IN PRTMP_ADAPTER pAd, 291 291 - IN MLME_QUEUE_ELEM *Elem) 292 292 - { 293 293 - MLME_SCAN_REQ_STRUCT ScanReq; 294 294 - ULONG BssIdx = BSS_NOT_FOUND; 295 295 - BSS_ENTRY CurrBss; 296 296 - 297 297 - // record current BSS if network is connected. 298 298 - // 2003-2-13 do not include current IBSS if this is the only STA in this IBSS. 299 299 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED)) 300 300 - { 301 301 - BssIdx = BssSsidTableSearch(&pAd->ScanTab, pAd->CommonCfg.Bssid, pAd->CommonCfg.Ssid, pAd->CommonCfg.SsidLen, pAd->CommonCfg.Channel); 302 302 - if (BssIdx != BSS_NOT_FOUND) 303 303 - { 304 304 - NdisMoveMemory(&CurrBss, &pAd->ScanTab.BssEntry[BssIdx], sizeof(BSS_ENTRY)); 305 305 - } 306 306 - } 307 307 - 308 308 - // clean up previous SCAN result, add current BSS back to table if any 309 309 - BssTableInit(&pAd->ScanTab); 310 310 - if (BssIdx != BSS_NOT_FOUND) 311 311 - { 312 312 - // DDK Note: If the NIC is associated with a particular BSSID and SSID 313 313 - // that are not contained in the list of BSSIDs generated by this scan, the 314 314 - // BSSID description of the currently associated BSSID and SSID should be 315 315 - // appended to the list of BSSIDs in the NIC's database. 316 316 - // To ensure this, we append this BSS as the first entry in SCAN result 317 317 - NdisMoveMemory(&pAd->ScanTab.BssEntry[0], &CurrBss, sizeof(BSS_ENTRY)); 318 318 - pAd->ScanTab.BssNr = 1; 319 319 - } 320 320 - 321 321 - ScanParmFill(pAd, &ScanReq, "", 0, BSS_ANY, SCAN_ACTIVE); 322 322 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_SCAN_REQ, 323 323 - sizeof(MLME_SCAN_REQ_STRUCT), &ScanReq); 324 324 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_LIST_SCAN; 325 325 - } 326 326 - 327 327 - /* 328 328 - ========================================================================== 329 329 - Description: 330 330 - Before calling this routine, user desired SSID should already been 331 331 - recorded in CommonCfg.Ssid[] 332 332 - IRQL = DISPATCH_LEVEL 333 333 - 334 334 - ========================================================================== 335 335 - */ 336 336 - VOID CntlOidSsidProc( 337 337 - IN PRTMP_ADAPTER pAd, 338 338 - IN MLME_QUEUE_ELEM * Elem) 339 339 - { 340 340 - PNDIS_802_11_SSID pOidSsid = (NDIS_802_11_SSID *)Elem->Msg; 341 341 - MLME_DISASSOC_REQ_STRUCT DisassocReq; 342 342 - ULONG Now; 343 343 - 344 344 - // Step 1. record the desired user settings to MlmeAux 345 345 - NdisZeroMemory(pAd->MlmeAux.Ssid, MAX_LEN_OF_SSID); 346 346 - NdisMoveMemory(pAd->MlmeAux.Ssid, pOidSsid->Ssid, pOidSsid->SsidLength); 347 347 - pAd->MlmeAux.SsidLen = (UCHAR)pOidSsid->SsidLength; 348 348 - NdisZeroMemory(pAd->MlmeAux.Bssid, MAC_ADDR_LEN); 349 349 - pAd->MlmeAux.BssType = pAd->StaCfg.BssType; 350 350 - 351 351 - 352 352 - // 353 353 - // Update Reconnect Ssid, that user desired to connect. 354 354 - // 355 355 - NdisZeroMemory(pAd->MlmeAux.AutoReconnectSsid, MAX_LEN_OF_SSID); 356 356 - NdisMoveMemory(pAd->MlmeAux.AutoReconnectSsid, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen); 357 357 - pAd->MlmeAux.AutoReconnectSsidLen = pAd->MlmeAux.SsidLen; 358 358 - 359 359 - // step 2. find all matching BSS in the lastest SCAN result (inBssTab) 360 360 - // & log them into MlmeAux.SsidBssTab for later-on iteration. Sort by RSSI order 361 361 - BssTableSsidSort(pAd, &pAd->MlmeAux.SsidBssTab, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen); 362 362 - 363 363 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - %d BSS of %d BSS match the desire (%d)SSID - %s\n", 364 364 - pAd->MlmeAux.SsidBssTab.BssNr, pAd->ScanTab.BssNr, pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid)); 365 365 - NdisGetSystemUpTime(&Now); 366 366 - 367 367 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED) && 368 368 - (pAd->CommonCfg.SsidLen == pAd->MlmeAux.SsidBssTab.BssEntry[0].SsidLen) && 369 369 - NdisEqualMemory(pAd->CommonCfg.Ssid, pAd->MlmeAux.SsidBssTab.BssEntry[0].Ssid, pAd->CommonCfg.SsidLen) && 370 370 - MAC_ADDR_EQUAL(pAd->CommonCfg.Bssid, pAd->MlmeAux.SsidBssTab.BssEntry[0].Bssid)) 371 371 - { 372 372 - // Case 1. already connected with an AP who has the desired SSID 373 373 - // with highest RSSI 374 374 - 375 375 - // Add checking Mode "LEAP" for CCX 1.0 376 376 - if (((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) || 377 377 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) || 378 378 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) || 379 379 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) 380 380 - ) && 381 381 - (pAd->StaCfg.PortSecured == WPA_802_1X_PORT_NOT_SECURED)) 382 382 - { 383 383 - // case 1.1 For WPA, WPA-PSK, if the 1x port is not secured, we have to redo 384 384 - // connection process 385 385 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - disassociate with current AP...\n")); 386 386 - DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid, REASON_DISASSOC_STA_LEAVING); 387 387 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ, 388 388 - sizeof(MLME_DISASSOC_REQ_STRUCT), &DisassocReq); 389 389 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_DISASSOC; 390 390 - } 391 391 - else if (pAd->bConfigChanged == TRUE) 392 392 - { 393 393 - // case 1.2 Important Config has changed, we have to reconnect to the same AP 394 394 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - disassociate with current AP Because config changed...\n")); 395 395 - DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid, REASON_DISASSOC_STA_LEAVING); 396 396 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ, 397 397 - sizeof(MLME_DISASSOC_REQ_STRUCT), &DisassocReq); 398 398 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_DISASSOC; 399 399 - } 400 400 - else 401 401 - { 402 402 - // case 1.3. already connected to the SSID with highest RSSI. 403 403 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - already with this BSSID. ignore this SET_SSID request\n")); 404 404 - // 405 405 - // (HCT 12.1) 1c_wlan_mediaevents required 406 406 - // media connect events are indicated when associating with the same AP 407 407 - // 408 408 - if (INFRA_ON(pAd)) 409 409 - { 410 410 - // 411 411 - // Since MediaState already is NdisMediaStateConnected 412 412 - // We just indicate the connect event again to meet the WHQL required. 413 413 - // 414 414 - pAd->IndicateMediaState = NdisMediaStateConnected; 415 415 - RTMP_IndicateMediaState(pAd); 416 416 - pAd->ExtraInfo = GENERAL_LINK_UP; // Update extra information to link is up 417 417 - } 418 418 - 419 419 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 420 420 - 421 421 - { 422 422 - union iwreq_data wrqu; 423 423 - 424 424 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 425 425 - memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN); 426 426 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 427 427 - 428 428 - } 429 429 - } 430 430 - } 431 431 - else if (INFRA_ON(pAd)) 432 432 - { 433 433 - // 434 434 - // For RT61 435 435 - // [88888] OID_802_11_SSID should have returned NDTEST_WEP_AP2(Returned: ) 436 436 - // RT61 may lost SSID, and not connect to NDTEST_WEP_AP2 and will connect to NDTEST_WEP_AP2 by Autoreconnect 437 437 - // But media status is connected, so the SSID not report correctly. 438 438 - // 439 439 - if (!SSID_EQUAL(pAd->CommonCfg.Ssid, pAd->CommonCfg.SsidLen, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen)) 440 440 - { 441 441 - // 442 442 - // Different SSID means not Roaming case, so we let LinkDown() to Indicate a disconnect event. 443 443 - // 444 444 - pAd->MlmeAux.CurrReqIsFromNdis = TRUE; 445 445 - } 446 446 - // case 2. active INFRA association existent 447 447 - // roaming is done within miniport driver, nothing to do with configuration 448 448 - // utility. so upon a new SET(OID_802_11_SSID) is received, we just 449 449 - // disassociate with the current associated AP, 450 450 - // then perform a new association with this new SSID, no matter the 451 451 - // new/old SSID are the same or not. 452 452 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - disassociate with current AP...\n")); 453 453 - DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid, REASON_DISASSOC_STA_LEAVING); 454 454 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ, 455 455 - sizeof(MLME_DISASSOC_REQ_STRUCT), &DisassocReq); 456 456 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_DISASSOC; 457 457 - } 458 458 - else 459 459 - { 460 460 - if (ADHOC_ON(pAd)) 461 461 - { 462 462 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - drop current ADHOC\n")); 463 463 - LinkDown(pAd, FALSE); 464 464 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED); 465 465 - pAd->IndicateMediaState = NdisMediaStateDisconnected; 466 466 - RTMP_IndicateMediaState(pAd); 467 467 - pAd->ExtraInfo = GENERAL_LINK_DOWN; 468 468 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():NDIS_STATUS_MEDIA_DISCONNECT Event C!\n")); 469 469 - } 470 470 - 471 471 - if ((pAd->MlmeAux.SsidBssTab.BssNr == 0) && 472 472 - (pAd->StaCfg.bAutoReconnect == TRUE) && 473 473 - (pAd->MlmeAux.BssType == BSS_INFRA) && 474 474 - (MlmeValidateSSID(pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen) == TRUE) 475 475 - ) 476 476 - { 477 477 - MLME_SCAN_REQ_STRUCT ScanReq; 478 478 - 479 479 - DBGPRINT(RT_DEBUG_TRACE, ("CntlOidSsidProc():CNTL - No matching BSS, start a new scan\n")); 480 480 - ScanParmFill(pAd, &ScanReq, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen, BSS_ANY, SCAN_ACTIVE); 481 481 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_SCAN_REQ, sizeof(MLME_SCAN_REQ_STRUCT), &ScanReq); 482 482 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_OID_LIST_SCAN; 483 483 - // Reset Missed scan number 484 484 - pAd->StaCfg.LastScanTime = Now; 485 485 - } 486 486 - else 487 487 - { 488 488 - pAd->MlmeAux.BssIdx = 0; 489 489 - IterateOnBssTab(pAd); 490 490 - } 491 491 - } 492 492 - } 493 493 - 494 494 - 495 495 - /* 496 496 - ========================================================================== 497 497 - Description: 498 498 - 499 499 - IRQL = DISPATCH_LEVEL 500 500 - 501 501 - ========================================================================== 502 502 - */ 503 503 - VOID CntlOidRTBssidProc( 504 504 - IN PRTMP_ADAPTER pAd, 505 505 - IN MLME_QUEUE_ELEM * Elem) 506 506 - { 507 507 - ULONG BssIdx; 508 508 - PUCHAR pOidBssid = (PUCHAR)Elem->Msg; 509 509 - MLME_DISASSOC_REQ_STRUCT DisassocReq; 510 510 - MLME_JOIN_REQ_STRUCT JoinReq; 511 511 - 512 512 - // record user desired settings 513 513 - COPY_MAC_ADDR(pAd->MlmeAux.Bssid, pOidBssid); 514 514 - pAd->MlmeAux.BssType = pAd->StaCfg.BssType; 515 515 - 516 516 - // 517 517 - // Update Reconnect Ssid, that user desired to connect. 518 518 - // 519 519 - NdisZeroMemory(pAd->MlmeAux.AutoReconnectSsid, MAX_LEN_OF_SSID); 520 520 - pAd->MlmeAux.AutoReconnectSsidLen = pAd->MlmeAux.SsidLen; 521 521 - NdisMoveMemory(pAd->MlmeAux.AutoReconnectSsid, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen); 522 522 - 523 523 - // find the desired BSS in the latest SCAN result table 524 524 - BssIdx = BssTableSearch(&pAd->ScanTab, pOidBssid, pAd->MlmeAux.Channel); 525 525 - if (BssIdx == BSS_NOT_FOUND) 526 526 - { 527 527 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - BSSID not found. reply NDIS_STATUS_NOT_ACCEPTED\n")); 528 528 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 529 529 - return; 530 530 - } 531 531 - 532 532 - // copy the matched BSS entry from ScanTab to MlmeAux.SsidBssTab. Why? 533 533 - // Because we need this entry to become the JOIN target in later on SYNC state machine 534 534 - pAd->MlmeAux.BssIdx = 0; 535 535 - pAd->MlmeAux.SsidBssTab.BssNr = 1; 536 536 - NdisMoveMemory(&pAd->MlmeAux.SsidBssTab.BssEntry[0], &pAd->ScanTab.BssEntry[BssIdx], sizeof(BSS_ENTRY)); 537 537 - 538 538 - // 2002-11-26 skip the following checking. i.e. if user wants to re-connect to same AP 539 539 - // we just follow normal procedure. The reason of user doing this may because he/she changed 540 540 - // AP to another channel, but we still received BEACON from it thus don't claim Link Down. 541 541 - // Since user knows he's changed AP channel, he'll re-connect again. By skipping the following 542 542 - // checking, we'll disassociate then re-do normal association with this AP at the new channel. 543 543 - // 2003-1-6 Re-enable this feature based on microsoft requirement which prefer not to re-do 544 544 - // connection when setting the same BSSID. 545 545 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED) && 546 546 - MAC_ADDR_EQUAL(pAd->CommonCfg.Bssid, pOidBssid)) 547 547 - { 548 548 - // already connected to the same BSSID, go back to idle state directly 549 549 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - already in this BSSID. ignore this SET_BSSID request\n")); 550 550 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 551 551 - 552 552 - { 553 553 - union iwreq_data wrqu; 554 554 - 555 555 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 556 556 - memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN); 557 557 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 558 558 - 559 559 - } 560 560 - } 561 561 - else 562 562 - { 563 563 - if (INFRA_ON(pAd)) 564 564 - { 565 565 - // disassoc from current AP first 566 566 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - disassociate with current AP ...\n")); 567 567 - DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid, REASON_DISASSOC_STA_LEAVING); 568 568 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ, 569 569 - sizeof(MLME_DISASSOC_REQ_STRUCT), &DisassocReq); 570 570 - 571 571 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_DISASSOC; 572 572 - } 573 573 - else 574 574 - { 575 575 - if (ADHOC_ON(pAd)) 576 576 - { 577 577 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - drop current ADHOC\n")); 578 578 - LinkDown(pAd, FALSE); 579 579 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED); 580 580 - pAd->IndicateMediaState = NdisMediaStateDisconnected; 581 581 - RTMP_IndicateMediaState(pAd); 582 582 - pAd->ExtraInfo = GENERAL_LINK_DOWN; 583 583 - DBGPRINT(RT_DEBUG_TRACE, ("NDIS_STATUS_MEDIA_DISCONNECT Event C!\n")); 584 584 - } 585 585 - 586 586 - // Change the wepstatus to original wepstatus 587 587 - pAd->StaCfg.WepStatus = pAd->StaCfg.OrigWepStatus; 588 588 - pAd->StaCfg.PairCipher = pAd->StaCfg.OrigWepStatus; 589 589 - pAd->StaCfg.GroupCipher = pAd->StaCfg.OrigWepStatus; 590 590 - 591 591 - // Check cipher suite, AP must have more secured cipher than station setting 592 592 - // Set the Pairwise and Group cipher to match the intended AP setting 593 593 - // We can only connect to AP with less secured cipher setting 594 594 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) || (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK)) 595 595 - { 596 596 - pAd->StaCfg.GroupCipher = pAd->ScanTab.BssEntry[BssIdx].WPA.GroupCipher; 597 597 - 598 598 - if (pAd->StaCfg.WepStatus == pAd->ScanTab.BssEntry[BssIdx].WPA.PairCipher) 599 599 - pAd->StaCfg.PairCipher = pAd->ScanTab.BssEntry[BssIdx].WPA.PairCipher; 600 600 - else if (pAd->ScanTab.BssEntry[BssIdx].WPA.PairCipherAux != Ndis802_11WEPDisabled) 601 601 - pAd->StaCfg.PairCipher = pAd->ScanTab.BssEntry[BssIdx].WPA.PairCipherAux; 602 602 - else // There is no PairCipher Aux, downgrade our capability to TKIP 603 603 - pAd->StaCfg.PairCipher = Ndis802_11Encryption2Enabled; 604 604 - } 605 605 - else if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) || (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK)) 606 606 - { 607 607 - pAd->StaCfg.GroupCipher = pAd->ScanTab.BssEntry[BssIdx].WPA2.GroupCipher; 608 608 - 609 609 - if (pAd->StaCfg.WepStatus == pAd->ScanTab.BssEntry[BssIdx].WPA2.PairCipher) 610 610 - pAd->StaCfg.PairCipher = pAd->ScanTab.BssEntry[BssIdx].WPA2.PairCipher; 611 611 - else if (pAd->ScanTab.BssEntry[BssIdx].WPA2.PairCipherAux != Ndis802_11WEPDisabled) 612 612 - pAd->StaCfg.PairCipher = pAd->ScanTab.BssEntry[BssIdx].WPA2.PairCipherAux; 613 613 - else // There is no PairCipher Aux, downgrade our capability to TKIP 614 614 - pAd->StaCfg.PairCipher = Ndis802_11Encryption2Enabled; 615 615 - 616 616 - // RSN capability 617 617 - pAd->StaCfg.RsnCapability = pAd->ScanTab.BssEntry[BssIdx].WPA2.RsnCapability; 618 618 - } 619 619 - 620 620 - // Set Mix cipher flag 621 621 - pAd->StaCfg.bMixCipher = (pAd->StaCfg.PairCipher == pAd->StaCfg.GroupCipher) ? FALSE : TRUE; 622 622 - if (pAd->StaCfg.bMixCipher == TRUE) 623 623 - { 624 624 - // If mix cipher, re-build RSNIE 625 625 - RTMPMakeRSNIE(pAd, pAd->StaCfg.AuthMode, pAd->StaCfg.WepStatus, 0); 626 626 - } 627 627 - // No active association, join the BSS immediately 628 628 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - joining %02x:%02x:%02x:%02x:%02x:%02x ...\n", 629 629 - pOidBssid[0],pOidBssid[1],pOidBssid[2],pOidBssid[3],pOidBssid[4],pOidBssid[5])); 630 630 - 631 631 - JoinParmFill(pAd, &JoinReq, pAd->MlmeAux.BssIdx); 632 632 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_JOIN_REQ, sizeof(MLME_JOIN_REQ_STRUCT), &JoinReq); 633 633 - 634 634 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_JOIN; 635 635 - } 636 636 - } 637 637 - } 638 638 - 639 639 - // Roaming is the only external request triggering CNTL state machine 640 640 - // despite of other "SET OID" operation. All "SET OID" related oerations 641 641 - // happen in sequence, because no other SET OID will be sent to this device 642 642 - // until the the previous SET operation is complete (successful o failed). 643 643 - // So, how do we quarantee this ROAMING request won't corrupt other "SET OID"? 644 644 - // or been corrupted by other "SET OID"? 645 645 - // 646 646 - // IRQL = DISPATCH_LEVEL 647 647 - VOID CntlMlmeRoamingProc( 648 648 - IN PRTMP_ADAPTER pAd, 649 649 - IN MLME_QUEUE_ELEM *Elem) 650 650 - { 651 651 - // TODO: 652 652 - // AP in different channel may show lower RSSI than actual value?? 653 653 - // should we add a weighting factor to compensate it? 654 654 - DBGPRINT(RT_DEBUG_TRACE,("CNTL - Roaming in MlmeAux.RoamTab...\n")); 655 655 - 656 656 - NdisMoveMemory(&pAd->MlmeAux.SsidBssTab, &pAd->MlmeAux.RoamTab, sizeof(pAd->MlmeAux.RoamTab)); 657 657 - pAd->MlmeAux.SsidBssTab.BssNr = pAd->MlmeAux.RoamTab.BssNr; 658 658 - 659 659 - BssTableSortByRssi(&pAd->MlmeAux.SsidBssTab); 660 660 - pAd->MlmeAux.BssIdx = 0; 661 661 - IterateOnBssTab(pAd); 662 662 - } 663 663 - 664 664 - /* 665 665 - ========================================================================== 666 666 - Description: 667 667 - 668 668 - IRQL = DISPATCH_LEVEL 669 669 - 670 670 - ========================================================================== 671 671 - */ 672 672 - VOID CntlWaitDisassocProc( 673 673 - IN PRTMP_ADAPTER pAd, 674 674 - IN MLME_QUEUE_ELEM *Elem) 675 675 - { 676 676 - MLME_START_REQ_STRUCT StartReq; 677 677 - 678 678 - if (Elem->MsgType == MT2_DISASSOC_CONF) 679 679 - { 680 680 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Dis-associate successful\n")); 681 681 - 682 682 - if (pAd->CommonCfg.bWirelessEvent) 683 683 - { 684 684 - RTMPSendWirelessEvent(pAd, IW_DISASSOC_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 685 685 - } 686 686 - 687 687 - LinkDown(pAd, FALSE); 688 688 - 689 689 - // case 1. no matching BSS, and user wants ADHOC, so we just start a new one 690 690 - if ((pAd->MlmeAux.SsidBssTab.BssNr==0) && (pAd->StaCfg.BssType == BSS_ADHOC)) 691 691 - { 692 692 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - No matching BSS, start a new ADHOC (Ssid=%s)...\n",pAd->MlmeAux.Ssid)); 693 693 - StartParmFill(pAd, &StartReq, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen); 694 694 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_START_REQ, sizeof(MLME_START_REQ_STRUCT), &StartReq); 695 695 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_START; 696 696 - } 697 697 - // case 2. try each matched BSS 698 698 - else 699 699 - { 700 700 - pAd->MlmeAux.BssIdx = 0; 701 701 - 702 702 - IterateOnBssTab(pAd); 703 703 - } 704 704 - } 705 705 - } 706 706 - 707 707 - /* 708 708 - ========================================================================== 709 709 - Description: 710 710 - 711 711 - IRQL = DISPATCH_LEVEL 712 712 - 713 713 - ========================================================================== 714 714 - */ 715 715 - VOID CntlWaitJoinProc( 716 716 - IN PRTMP_ADAPTER pAd, 717 717 - IN MLME_QUEUE_ELEM *Elem) 718 718 - { 719 719 - USHORT Reason; 720 720 - MLME_AUTH_REQ_STRUCT AuthReq; 721 721 - 722 722 - if (Elem->MsgType == MT2_JOIN_CONF) 723 723 - { 724 724 - NdisMoveMemory(&Reason, Elem->Msg, sizeof(USHORT)); 725 725 - if (Reason == MLME_SUCCESS) 726 726 - { 727 727 - // 1. joined an IBSS, we are pretty much done here 728 728 - if (pAd->MlmeAux.BssType == BSS_ADHOC) 729 729 - { 730 730 - // 731 731 - // 5G bands rules of Japan: 732 732 - // Ad hoc must be disabled in W53(ch52,56,60,64) channels. 733 733 - // 734 734 - if ( (pAd->CommonCfg.bIEEE80211H == 1) && 735 735 - RadarChannelCheck(pAd, pAd->CommonCfg.Channel) 736 736 - ) 737 737 - { 738 738 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 739 739 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Channel=%d, Join adhoc on W53(52,56,60,64) Channels are not accepted\n", pAd->CommonCfg.Channel)); 740 740 - return; 741 741 - } 742 742 - 743 743 - LinkUp(pAd, BSS_ADHOC); 744 744 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 745 745 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - join the IBSS = %02x:%02x:%02x:%02x:%02x:%02x ...\n", 746 746 - pAd->CommonCfg.Bssid[0],pAd->CommonCfg.Bssid[1],pAd->CommonCfg.Bssid[2], 747 747 - pAd->CommonCfg.Bssid[3],pAd->CommonCfg.Bssid[4],pAd->CommonCfg.Bssid[5])); 748 748 - 749 749 - pAd->IndicateMediaState = NdisMediaStateConnected; 750 750 - pAd->ExtraInfo = GENERAL_LINK_UP; 751 751 - } 752 752 - // 2. joined a new INFRA network, start from authentication 753 753 - else 754 754 - { 755 755 - { 756 756 - // either Ndis802_11AuthModeShared or Ndis802_11AuthModeAutoSwitch, try shared key first 757 757 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeShared) || 758 758 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeAutoSwitch)) 759 759 - { 760 760 - AuthParmFill(pAd, &AuthReq, pAd->MlmeAux.Bssid, Ndis802_11AuthModeShared); 761 761 - } 762 762 - else 763 763 - { 764 764 - AuthParmFill(pAd, &AuthReq, pAd->MlmeAux.Bssid, Ndis802_11AuthModeOpen); 765 765 - } 766 766 - } 767 767 - MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_MLME_AUTH_REQ, 768 768 - sizeof(MLME_AUTH_REQ_STRUCT), &AuthReq); 769 769 - 770 770 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_AUTH; 771 771 - } 772 772 - } 773 773 - else 774 774 - { 775 775 - // 3. failed, try next BSS 776 776 - pAd->MlmeAux.BssIdx++; 777 777 - IterateOnBssTab(pAd); 778 778 - } 779 779 - } 780 780 - } 781 781 - 782 782 - 783 783 - /* 784 784 - ========================================================================== 785 785 - Description: 786 786 - 787 787 - IRQL = DISPATCH_LEVEL 788 788 - 789 789 - ========================================================================== 790 790 - */ 791 791 - VOID CntlWaitStartProc( 792 792 - IN PRTMP_ADAPTER pAd, 793 793 - IN MLME_QUEUE_ELEM *Elem) 794 794 - { 795 795 - USHORT Result; 796 796 - 797 797 - if (Elem->MsgType == MT2_START_CONF) 798 798 - { 799 799 - NdisMoveMemory(&Result, Elem->Msg, sizeof(USHORT)); 800 800 - if (Result == MLME_SUCCESS) 801 801 - { 802 802 - // 803 803 - // 5G bands rules of Japan: 804 804 - // Ad hoc must be disabled in W53(ch52,56,60,64) channels. 805 805 - // 806 806 - if ( (pAd->CommonCfg.bIEEE80211H == 1) && 807 807 - RadarChannelCheck(pAd, pAd->CommonCfg.Channel) 808 808 - ) 809 809 - { 810 810 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 811 811 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Channel=%d, Start adhoc on W53(52,56,60,64) Channels are not accepted\n", pAd->CommonCfg.Channel)); 812 812 - return; 813 813 - } 814 814 - 815 815 - if (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED) 816 816 - { 817 817 - N_ChannelCheck(pAd); 818 818 - SetCommonHT(pAd); 819 819 - NdisMoveMemory(&pAd->MlmeAux.AddHtInfo, &pAd->CommonCfg.AddHTInfo, sizeof(ADD_HT_INFO_IE)); 820 820 - RTMPCheckHt(pAd, BSSID_WCID, &pAd->CommonCfg.HtCapability, &pAd->CommonCfg.AddHTInfo); 821 821 - pAd->StaActive.SupportedPhyInfo.bHtEnable = TRUE; 822 822 - NdisZeroMemory(&pAd->StaActive.SupportedPhyInfo.MCSSet[0], 16); 823 823 - NdisMoveMemory(&pAd->StaActive.SupportedPhyInfo.MCSSet[0], &pAd->CommonCfg.HtCapability.MCSSet[0], 16); 824 824 - COPY_HTSETTINGS_FROM_MLME_AUX_TO_ACTIVE_CFG(pAd); 825 825 - 826 826 - if ((pAd->CommonCfg.HtCapability.HtCapInfo.ChannelWidth == BW_40) && 827 827 - (pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset == EXTCHA_ABOVE)) 828 828 - { 829 829 - pAd->MlmeAux.CentralChannel = pAd->CommonCfg.Channel + 2; 830 830 - } 831 831 - else if ((pAd->CommonCfg.HtCapability.HtCapInfo.ChannelWidth == BW_40) && 832 832 - (pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset == EXTCHA_BELOW)) 833 833 - { 834 834 - pAd->MlmeAux.CentralChannel = pAd->CommonCfg.Channel - 2; 835 835 - } 836 836 - } 837 837 - else 838 838 - { 839 839 - pAd->StaActive.SupportedPhyInfo.bHtEnable = FALSE; 840 840 - } 841 841 - LinkUp(pAd, BSS_ADHOC); 842 842 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 843 843 - // Before send beacon, driver need do radar detection 844 844 - if ((pAd->CommonCfg.Channel > 14 ) 845 845 - && (pAd->CommonCfg.bIEEE80211H == 1) 846 846 - && RadarChannelCheck(pAd, pAd->CommonCfg.Channel)) 847 847 - { 848 848 - pAd->CommonCfg.RadarDetect.RDMode = RD_SILENCE_MODE; 849 849 - pAd->CommonCfg.RadarDetect.RDCount = 0; 850 850 - } 851 851 - 852 852 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - start a new IBSS = %02x:%02x:%02x:%02x:%02x:%02x ...\n", 853 853 - pAd->CommonCfg.Bssid[0],pAd->CommonCfg.Bssid[1],pAd->CommonCfg.Bssid[2], 854 854 - pAd->CommonCfg.Bssid[3],pAd->CommonCfg.Bssid[4],pAd->CommonCfg.Bssid[5])); 855 855 - } 856 856 - else 857 857 - { 858 858 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Start IBSS fail. BUG!!!!!\n")); 859 859 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 860 860 - } 861 861 - } 862 862 - } 863 863 - 864 864 - /* 865 865 - ========================================================================== 866 866 - Description: 867 867 - 868 868 - IRQL = DISPATCH_LEVEL 869 869 - 870 870 - ========================================================================== 871 871 - */ 872 872 - VOID CntlWaitAuthProc( 873 873 - IN PRTMP_ADAPTER pAd, 874 874 - IN MLME_QUEUE_ELEM *Elem) 875 875 - { 876 876 - USHORT Reason; 877 877 - MLME_ASSOC_REQ_STRUCT AssocReq; 878 878 - MLME_AUTH_REQ_STRUCT AuthReq; 879 879 - 880 880 - if (Elem->MsgType == MT2_AUTH_CONF) 881 881 - { 882 882 - NdisMoveMemory(&Reason, Elem->Msg, sizeof(USHORT)); 883 883 - if (Reason == MLME_SUCCESS) 884 884 - { 885 885 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - AUTH OK\n")); 886 886 - AssocParmFill(pAd, &AssocReq, pAd->MlmeAux.Bssid, pAd->MlmeAux.CapabilityInfo, 887 887 - ASSOC_TIMEOUT, pAd->StaCfg.DefaultListenCount); 888 888 - 889 889 - { 890 890 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_ASSOC_REQ, 891 891 - sizeof(MLME_ASSOC_REQ_STRUCT), &AssocReq); 892 892 - 893 893 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_ASSOC; 894 894 - } 895 895 - } 896 896 - else 897 897 - { 898 898 - // This fail may because of the AP already keep us in its MAC table without 899 899 - // ageing-out. The previous authentication attempt must have let it remove us. 900 900 - // so try Authentication again may help. For D-Link DWL-900AP+ compatibility. 901 901 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - AUTH FAIL, try again...\n")); 902 902 - 903 903 - { 904 904 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeShared) || 905 905 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeAutoSwitch)) 906 906 - { 907 907 - // either Ndis802_11AuthModeShared or Ndis802_11AuthModeAutoSwitch, try shared key first 908 908 - AuthParmFill(pAd, &AuthReq, pAd->MlmeAux.Bssid, Ndis802_11AuthModeShared); 909 909 - } 910 910 - else 911 911 - { 912 912 - AuthParmFill(pAd, &AuthReq, pAd->MlmeAux.Bssid, Ndis802_11AuthModeOpen); 913 913 - } 914 914 - } 915 915 - MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_MLME_AUTH_REQ, 916 916 - sizeof(MLME_AUTH_REQ_STRUCT), &AuthReq); 917 917 - 918 918 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_AUTH2; 919 919 - } 920 920 - } 921 921 - } 922 922 - 923 923 - /* 924 924 - ========================================================================== 925 925 - Description: 926 926 - 927 927 - IRQL = DISPATCH_LEVEL 928 928 - 929 929 - ========================================================================== 930 930 - */ 931 931 - VOID CntlWaitAuthProc2( 932 932 - IN PRTMP_ADAPTER pAd, 933 933 - IN MLME_QUEUE_ELEM *Elem) 934 934 - { 935 935 - USHORT Reason; 936 936 - MLME_ASSOC_REQ_STRUCT AssocReq; 937 937 - MLME_AUTH_REQ_STRUCT AuthReq; 938 938 - 939 939 - if (Elem->MsgType == MT2_AUTH_CONF) 940 940 - { 941 941 - NdisMoveMemory(&Reason, Elem->Msg, sizeof(USHORT)); 942 942 - if (Reason == MLME_SUCCESS) 943 943 - { 944 944 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - AUTH OK\n")); 945 945 - AssocParmFill(pAd, &AssocReq, pAd->MlmeAux.Bssid, pAd->MlmeAux.CapabilityInfo, 946 946 - ASSOC_TIMEOUT, pAd->StaCfg.DefaultListenCount); 947 947 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_ASSOC_REQ, 948 948 - sizeof(MLME_ASSOC_REQ_STRUCT), &AssocReq); 949 949 - 950 950 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_ASSOC; 951 951 - } 952 952 - else 953 953 - { 954 954 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeAutoSwitch) && 955 955 - (pAd->MlmeAux.Alg == Ndis802_11AuthModeShared)) 956 956 - { 957 957 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - AUTH FAIL, try OPEN system...\n")); 958 958 - AuthParmFill(pAd, &AuthReq, pAd->MlmeAux.Bssid, Ndis802_11AuthModeOpen); 959 959 - MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_MLME_AUTH_REQ, 960 960 - sizeof(MLME_AUTH_REQ_STRUCT), &AuthReq); 961 961 - 962 962 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_AUTH2; 963 963 - } 964 964 - else 965 965 - { 966 966 - // not success, try next BSS 967 967 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - AUTH FAIL, give up; try next BSS\n")); 968 968 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; //??????? 969 969 - pAd->MlmeAux.BssIdx++; 970 970 - IterateOnBssTab(pAd); 971 971 - } 972 972 - } 973 973 - } 974 974 - } 975 975 - 976 976 - /* 977 977 - ========================================================================== 978 978 - Description: 979 979 - 980 980 - IRQL = DISPATCH_LEVEL 981 981 - 982 982 - ========================================================================== 983 983 - */ 984 984 - VOID CntlWaitAssocProc( 985 985 - IN PRTMP_ADAPTER pAd, 986 986 - IN MLME_QUEUE_ELEM *Elem) 987 987 - { 988 988 - USHORT Reason; 989 989 - 990 990 - if (Elem->MsgType == MT2_ASSOC_CONF) 991 991 - { 992 992 - NdisMoveMemory(&Reason, Elem->Msg, sizeof(USHORT)); 993 993 - if (Reason == MLME_SUCCESS) 994 994 - { 995 995 - LinkUp(pAd, BSS_INFRA); 996 996 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 997 997 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Association successful on BSS #%ld\n",pAd->MlmeAux.BssIdx)); 998 998 - 999 999 - if (pAd->CommonCfg.bWirelessEvent) 1000 1000 - { 1001 1001 - RTMPSendWirelessEvent(pAd, IW_ASSOC_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 1002 1002 - } 1003 1003 - } 1004 1004 - else 1005 1005 - { 1006 1006 - // not success, try next BSS 1007 1007 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Association fails on BSS #%ld\n",pAd->MlmeAux.BssIdx)); 1008 1008 - pAd->MlmeAux.BssIdx++; 1009 1009 - IterateOnBssTab(pAd); 1010 1010 - } 1011 1011 - } 1012 1012 - } 1013 1013 - 1014 1014 - /* 1015 1015 - ========================================================================== 1016 1016 - Description: 1017 1017 - 1018 1018 - IRQL = DISPATCH_LEVEL 1019 1019 - 1020 1020 - ========================================================================== 1021 1021 - */ 1022 1022 - VOID CntlWaitReassocProc( 1023 1023 - IN PRTMP_ADAPTER pAd, 1024 1024 - IN MLME_QUEUE_ELEM *Elem) 1025 1025 - { 1026 1026 - USHORT Result; 1027 1027 - 1028 1028 - if (Elem->MsgType == MT2_REASSOC_CONF) 1029 1029 - { 1030 1030 - NdisMoveMemory(&Result, Elem->Msg, sizeof(USHORT)); 1031 1031 - if (Result == MLME_SUCCESS) 1032 1032 - { 1033 1033 - // 1034 1034 - // NDIS requires a new Link UP indication but no Link Down for RE-ASSOC 1035 1035 - // 1036 1036 - LinkUp(pAd, BSS_INFRA); 1037 1037 - 1038 1038 - // send wireless event - for association 1039 1039 - if (pAd->CommonCfg.bWirelessEvent) 1040 1040 - RTMPSendWirelessEvent(pAd, IW_ASSOC_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 1041 1041 - 1042 1042 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 1043 1043 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Re-assocition successful on BSS #%ld\n", pAd->MlmeAux.RoamIdx)); 1044 1044 - } 1045 1045 - else 1046 1046 - { 1047 1047 - // reassoc failed, try to pick next BSS in the BSS Table 1048 1048 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - Re-assocition fails on BSS #%ld\n", pAd->MlmeAux.RoamIdx)); 1049 1049 - pAd->MlmeAux.RoamIdx++; 1050 1050 - IterateOnBssTab2(pAd); 1051 1051 - } 1052 1052 - } 1053 1053 - } 1054 1054 - 1055 1055 - 1056 1056 - VOID AdhocTurnOnQos( 1057 1057 - IN PRTMP_ADAPTER pAd) 1058 1058 - { 1059 1059 - #define AC0_DEF_TXOP 0 1060 1060 - #define AC1_DEF_TXOP 0 1061 1061 - #define AC2_DEF_TXOP 94 1062 1062 - #define AC3_DEF_TXOP 47 1063 1063 - 1064 1064 - // Turn on QOs if use HT rate. 1065 1065 - if (pAd->CommonCfg.APEdcaParm.bValid == FALSE) 1066 1066 - { 1067 1067 - pAd->CommonCfg.APEdcaParm.bValid = TRUE; 1068 1068 - pAd->CommonCfg.APEdcaParm.Aifsn[0] = 3; 1069 1069 - pAd->CommonCfg.APEdcaParm.Aifsn[1] = 7; 1070 1070 - pAd->CommonCfg.APEdcaParm.Aifsn[2] = 1; 1071 1071 - pAd->CommonCfg.APEdcaParm.Aifsn[3] = 1; 1072 1072 - 1073 1073 - pAd->CommonCfg.APEdcaParm.Cwmin[0] = 4; 1074 1074 - pAd->CommonCfg.APEdcaParm.Cwmin[1] = 4; 1075 1075 - pAd->CommonCfg.APEdcaParm.Cwmin[2] = 3; 1076 1076 - pAd->CommonCfg.APEdcaParm.Cwmin[3] = 2; 1077 1077 - 1078 1078 - pAd->CommonCfg.APEdcaParm.Cwmax[0] = 10; 1079 1079 - pAd->CommonCfg.APEdcaParm.Cwmax[1] = 6; 1080 1080 - pAd->CommonCfg.APEdcaParm.Cwmax[2] = 4; 1081 1081 - pAd->CommonCfg.APEdcaParm.Cwmax[3] = 3; 1082 1082 - 1083 1083 - pAd->CommonCfg.APEdcaParm.Txop[0] = 0; 1084 1084 - pAd->CommonCfg.APEdcaParm.Txop[1] = 0; 1085 1085 - pAd->CommonCfg.APEdcaParm.Txop[2] = AC2_DEF_TXOP; 1086 1086 - pAd->CommonCfg.APEdcaParm.Txop[3] = AC3_DEF_TXOP; 1087 1087 - } 1088 1088 - AsicSetEdcaParm(pAd, &pAd->CommonCfg.APEdcaParm); 1089 1089 - } 1090 1090 - 1091 1091 - /* 1092 1092 - ========================================================================== 1093 1093 - Description: 1094 1094 - 1095 1095 - IRQL = DISPATCH_LEVEL 1096 1096 - 1097 1097 - ========================================================================== 1098 1098 - */ 1099 1099 - VOID LinkUp( 1100 1100 - IN PRTMP_ADAPTER pAd, 1101 1101 - IN UCHAR BssType) 1102 1102 - { 1103 1103 - ULONG Now; 1104 1104 - UINT32 Data; 1105 1105 - BOOLEAN Cancelled; 1106 1106 - UCHAR Value = 0, idx; 1107 1107 - MAC_TABLE_ENTRY *pEntry = NULL, *pCurrEntry; 1108 1108 - 1109 1109 - pEntry = &pAd->MacTab.Content[BSSID_WCID]; 1110 1110 - 1111 1111 - // 1112 1112 - // ASSOC - DisassocTimeoutAction 1113 1113 - // CNTL - Dis-associate successful 1114 1114 - // !!! LINK DOWN !!! 1115 1115 - // [88888] OID_802_11_SSID should have returned NDTEST_WEP_AP2(Returned: ) 1116 1116 - // 1117 1117 - // To prevent DisassocTimeoutAction to call Link down after we link up, 1118 1118 - // cancel the DisassocTimer no matter what it start or not. 1119 1119 - // 1120 1120 - RTMPCancelTimer(&pAd->MlmeAux.DisassocTimer, &Cancelled); 1121 1121 - 1122 1122 - COPY_SETTINGS_FROM_MLME_AUX_TO_ACTIVE_CFG(pAd); 1123 1123 - 1124 1124 - COPY_HTSETTINGS_FROM_MLME_AUX_TO_ACTIVE_CFG(pAd); 1125 1125 - 1126 1126 - // It's quite difficult to tell if a newly added KEY is WEP or CKIP until a new BSS 1127 1127 - // is formed (either ASSOC/RE-ASSOC done or IBSS started. LinkUP should be a safe place 1128 1128 - // to examine if cipher algorithm switching is required. 1129 1129 - //rt2860b. Don't know why need this 1130 1130 - SwitchBetweenWepAndCkip(pAd); 1131 1131 - 1132 1132 - 1133 1133 - if (BssType == BSS_ADHOC) 1134 1134 - { 1135 1135 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_ADHOC_ON); 1136 1136 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_INFRA_ON); 1137 1137 - 1138 1138 - if ((pAd->CommonCfg.HtCapability.HtCapInfo.ChannelWidth == BW_40) && 1139 1139 - (pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset == EXTCHA_ABOVE)) 1140 1140 - { 1141 1141 - pAd->CommonCfg.CentralChannel = pAd->CommonCfg.Channel + 2; 1142 1142 - } 1143 1143 - else if ((pAd->CommonCfg.Channel > 2) && 1144 1144 - (pAd->CommonCfg.HtCapability.HtCapInfo.ChannelWidth == BW_40) && 1145 1145 - (pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset == EXTCHA_BELOW)) 1146 1146 - { 1147 1147 - pAd->CommonCfg.CentralChannel = pAd->CommonCfg.Channel - 2; 1148 1148 - } 1149 1149 - 1150 1150 - if (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED) 1151 1151 - AdhocTurnOnQos(pAd); 1152 1152 - 1153 1153 - DBGPRINT(RT_DEBUG_TRACE, ("!!!Adhoc LINK UP !!! \n" )); 1154 1154 - } 1155 1155 - else 1156 1156 - { 1157 1157 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_INFRA_ON); 1158 1158 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_ADHOC_ON); 1159 1159 - 1160 1160 - DBGPRINT(RT_DEBUG_TRACE, ("!!!Infra LINK UP !!! \n" )); 1161 1161 - } 1162 1162 - 1163 1163 - // 3*3 1164 1164 - // reset Tx beamforming bit 1165 1165 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &Value); 1166 1166 - Value &= (~0x01); 1167 1167 - Value |= pAd->CommonCfg.RegTransmitSetting.field.TxBF; 1168 1168 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, Value); 1169 1169 - 1170 1170 - // Change to AP channel 1171 1171 - if ((pAd->CommonCfg.CentralChannel > pAd->CommonCfg.Channel) && (pAd->MlmeAux.HtCapability.HtCapInfo.ChannelWidth == BW_40)) 1172 1172 - { 1173 1173 - // Must using 40MHz. 1174 1174 - pAd->CommonCfg.BBPCurrentBW = BW_40; 1175 1175 - AsicSwitchChannel(pAd, pAd->CommonCfg.CentralChannel, FALSE); 1176 1176 - AsicLockChannel(pAd, pAd->CommonCfg.CentralChannel); 1177 1177 - 1178 1178 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &Value); 1179 1179 - Value &= (~0x18); 1180 1180 - Value |= 0x10; 1181 1181 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, Value); 1182 1182 - 1183 1183 - // RX : control channel at lower 1184 1184 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &Value); 1185 1185 - Value &= (~0x20); 1186 1186 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, Value); 1187 1187 - 1188 1188 - RTMP_IO_READ32(pAd, TX_BAND_CFG, &Data); 1189 1189 - Data &= 0xfffffffe; 1190 1190 - RTMP_IO_WRITE32(pAd, TX_BAND_CFG, Data); 1191 1191 - 1192 1192 - if (pAd->MACVersion == 0x28600100) 1193 1193 - { 1194 1194 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, 0x1A); 1195 1195 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, 0x0A); 1196 1196 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R73, 0x16); 1197 1197 - DBGPRINT(RT_DEBUG_TRACE, ("!!!rt2860C !!! \n" )); 1198 1198 - } 1199 1199 - 1200 1200 - DBGPRINT(RT_DEBUG_TRACE, ("!!!40MHz Lower LINK UP !!! Control Channel at Below. Central = %d \n", pAd->CommonCfg.CentralChannel )); 1201 1201 - } 1202 1202 - else if ((pAd->CommonCfg.CentralChannel < pAd->CommonCfg.Channel) && (pAd->MlmeAux.HtCapability.HtCapInfo.ChannelWidth == BW_40)) 1203 1203 - { 1204 1204 - // Must using 40MHz. 1205 1205 - pAd->CommonCfg.BBPCurrentBW = BW_40; 1206 1206 - AsicSwitchChannel(pAd, pAd->CommonCfg.CentralChannel, FALSE); 1207 1207 - AsicLockChannel(pAd, pAd->CommonCfg.CentralChannel); 1208 1208 - 1209 1209 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &Value); 1210 1210 - Value &= (~0x18); 1211 1211 - Value |= 0x10; 1212 1212 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, Value); 1213 1213 - 1214 1214 - RTMP_IO_READ32(pAd, TX_BAND_CFG, &Data); 1215 1215 - Data |= 0x1; 1216 1216 - RTMP_IO_WRITE32(pAd, TX_BAND_CFG, Data); 1217 1217 - 1218 1218 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &Value); 1219 1219 - Value |= (0x20); 1220 1220 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, Value); 1221 1221 - 1222 1222 - if (pAd->MACVersion == 0x28600100) 1223 1223 - { 1224 1224 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, 0x1A); 1225 1225 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, 0x0A); 1226 1226 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R73, 0x16); 1227 1227 - DBGPRINT(RT_DEBUG_TRACE, ("!!!rt2860C !!! \n" )); 1228 1228 - } 1229 1229 - 1230 1230 - DBGPRINT(RT_DEBUG_TRACE, ("!!! 40MHz Upper LINK UP !!! Control Channel at UpperCentral = %d \n", pAd->CommonCfg.CentralChannel )); 1231 1231 - } 1232 1232 - else 1233 1233 - { 1234 1234 - pAd->CommonCfg.BBPCurrentBW = BW_20; 1235 1235 - pAd->CommonCfg.CentralChannel = pAd->CommonCfg.Channel; 1236 1236 - AsicSwitchChannel(pAd, pAd->CommonCfg.Channel, FALSE); 1237 1237 - AsicLockChannel(pAd, pAd->CommonCfg.Channel); 1238 1238 - 1239 1239 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &Value); 1240 1240 - Value &= (~0x18); 1241 1241 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, Value); 1242 1242 - 1243 1243 - RTMP_IO_READ32(pAd, TX_BAND_CFG, &Data); 1244 1244 - Data &= 0xfffffffe; 1245 1245 - RTMP_IO_WRITE32(pAd, TX_BAND_CFG, Data); 1246 1246 - 1247 1247 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &Value); 1248 1248 - Value &= (~0x20); 1249 1249 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, Value); 1250 1250 - 1251 1251 - if (pAd->MACVersion == 0x28600100) 1252 1252 - { 1253 1253 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R69, 0x16); 1254 1254 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R70, 0x08); 1255 1255 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R73, 0x11); 1256 1256 - DBGPRINT(RT_DEBUG_TRACE, ("!!!rt2860C !!! \n" )); 1257 1257 - } 1258 1258 - 1259 1259 - DBGPRINT(RT_DEBUG_TRACE, ("!!! 20MHz LINK UP !!! \n" )); 1260 1260 - } 1261 1261 - 1262 1262 - RTMPSetAGCInitValue(pAd, pAd->CommonCfg.BBPCurrentBW); 1263 1263 - // 1264 1264 - // Save BBP_R66 value, it will be used in RTUSBResumeMsduTransmission 1265 1265 - // 1266 1266 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R66, &pAd->BbpTuning.R66CurrentValue); 1267 1267 - 1268 1268 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK UP !!! (BssType=%d, AID=%d, ssid=%s, Channel=%d, CentralChannel = %d)\n", 1269 1269 - BssType, pAd->StaActive.Aid, pAd->CommonCfg.Ssid, pAd->CommonCfg.Channel, pAd->CommonCfg.CentralChannel)); 1270 1270 - 1271 1271 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK UP !!! (Density =%d, )\n", pAd->MacTab.Content[BSSID_WCID].MpduDensity)); 1272 1272 - 1273 1273 - AsicSetBssid(pAd, pAd->CommonCfg.Bssid); 1274 1274 - 1275 1275 - AsicSetSlotTime(pAd, TRUE); 1276 1276 - AsicSetEdcaParm(pAd, &pAd->CommonCfg.APEdcaParm); 1277 1277 - 1278 1278 - // Call this for RTS protectionfor legacy rate, we will always enable RTS threshold, but normally it will not hit 1279 1279 - AsicUpdateProtect(pAd, 0, (OFDMSETPROTECT | CCKSETPROTECT), TRUE, FALSE); 1280 1280 - 1281 1281 - if ((pAd->StaActive.SupportedPhyInfo.bHtEnable == TRUE)) 1282 1282 - { 1283 1283 - // Update HT protectionfor based on AP's operating mode. 1284 1284 - if (pAd->MlmeAux.AddHtInfo.AddHtInfo2.NonGfPresent == 1) 1285 1285 - { 1286 1286 - AsicUpdateProtect(pAd, pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode, ALLN_SETPROTECT, FALSE, TRUE); 1287 1287 - } 1288 1288 - else 1289 1289 - AsicUpdateProtect(pAd, pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode, ALLN_SETPROTECT, FALSE, FALSE); 1290 1290 - } 1291 1291 - 1292 1292 - NdisZeroMemory(&pAd->DrsCounters, sizeof(COUNTER_DRS)); 1293 1293 - 1294 1294 - NdisGetSystemUpTime(&Now); 1295 1295 - pAd->StaCfg.LastBeaconRxTime = Now; // last RX timestamp 1296 1296 - 1297 1297 - if ((pAd->CommonCfg.TxPreamble != Rt802_11PreambleLong) && 1298 1298 - CAP_IS_SHORT_PREAMBLE_ON(pAd->StaActive.CapabilityInfo)) 1299 1299 - { 1300 1300 - MlmeSetTxPreamble(pAd, Rt802_11PreambleShort); 1301 1301 - } 1302 1302 - 1303 1303 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_AGGREGATION_INUSED); 1304 1304 - 1305 1305 - if (pAd->CommonCfg.RadarDetect.RDMode == RD_SILENCE_MODE) 1306 1306 - { 1307 1307 - } 1308 1308 - pAd->CommonCfg.RadarDetect.RDMode = RD_NORMAL_MODE; 1309 1309 - 1310 1310 - if (BssType == BSS_ADHOC) 1311 1311 - { 1312 1312 - MakeIbssBeacon(pAd); 1313 1313 - if ((pAd->CommonCfg.Channel > 14) 1314 1314 - && (pAd->CommonCfg.bIEEE80211H == 1) 1315 1315 - && RadarChannelCheck(pAd, pAd->CommonCfg.Channel)) 1316 1316 - { 1317 1317 - ; //Do nothing 1318 1318 - } 1319 1319 - else 1320 1320 - { 1321 1321 - AsicEnableIbssSync(pAd); 1322 1322 - } 1323 1323 - 1324 1324 - // In ad hoc mode, use MAC table from index 1. 1325 1325 - // p.s ASIC use all 0xff as termination of WCID table search.To prevent it's 0xff-ff-ff-ff-ff-ff, Write 0 here. 1326 1326 - RTMP_IO_WRITE32(pAd, MAC_WCID_BASE, 0x00); 1327 1327 - RTMP_IO_WRITE32(pAd, 0x1808, 0x00); 1328 1328 - 1329 1329 - // If WEP is enabled, add key material and cipherAlg into Asic 1330 1330 - // Fill in Shared Key Table(offset: 0x6c00) and Shared Key Mode(offset: 0x7000) 1331 1331 - 1332 1332 - if (pAd->StaCfg.WepStatus == Ndis802_11WEPEnabled) 1333 1333 - { 1334 1334 - PUCHAR Key; 1335 1335 - UCHAR CipherAlg; 1336 1336 - 1337 1337 - for (idx=0; idx < SHARE_KEY_NUM; idx++) 1338 1338 - { 1339 1339 - CipherAlg = pAd->SharedKey[BSS0][idx].CipherAlg; 1340 1340 - Key = pAd->SharedKey[BSS0][idx].Key; 1341 1341 - 1342 1342 - if (pAd->SharedKey[BSS0][idx].KeyLen > 0) 1343 1343 - { 1344 1344 - // Set key material and cipherAlg to Asic 1345 1345 - AsicAddSharedKeyEntry(pAd, BSS0, idx, CipherAlg, Key, NULL, NULL); 1346 1346 - 1347 1347 - if (idx == pAd->StaCfg.DefaultKeyId) 1348 1348 - { 1349 1349 - // Update WCID attribute table and IVEIV table for this group key table 1350 1350 - RTMPAddWcidAttributeEntry(pAd, BSS0, idx, CipherAlg, NULL); 1351 1351 - } 1352 1352 - } 1353 1353 - 1354 1354 - 1355 1355 - } 1356 1356 - } 1357 1357 - // If WPANone is enabled, add key material and cipherAlg into Asic 1358 1358 - // Fill in Shared Key Table(offset: 0x6c00) and Shared Key Mode(offset: 0x7000) 1359 1359 - else if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPANone) 1360 1360 - { 1361 1361 - pAd->StaCfg.DefaultKeyId = 0; // always be zero 1362 1362 - 1363 1363 - NdisZeroMemory(&pAd->SharedKey[BSS0][0], sizeof(CIPHER_KEY)); 1364 1364 - pAd->SharedKey[BSS0][0].KeyLen = LEN_TKIP_EK; 1365 1365 - NdisMoveMemory(pAd->SharedKey[BSS0][0].Key, pAd->StaCfg.PMK, LEN_TKIP_EK); 1366 1366 - 1367 1367 - if (pAd->StaCfg.PairCipher == Ndis802_11Encryption2Enabled) 1368 1368 - { 1369 1369 - NdisMoveMemory(pAd->SharedKey[BSS0][0].RxMic, &pAd->StaCfg.PMK[16], LEN_TKIP_RXMICK); 1370 1370 - NdisMoveMemory(pAd->SharedKey[BSS0][0].TxMic, &pAd->StaCfg.PMK[16], LEN_TKIP_TXMICK); 1371 1371 - } 1372 1372 - 1373 1373 - // Decide its ChiperAlg 1374 1374 - if (pAd->StaCfg.PairCipher == Ndis802_11Encryption2Enabled) 1375 1375 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_TKIP; 1376 1376 - else if (pAd->StaCfg.PairCipher == Ndis802_11Encryption3Enabled) 1377 1377 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_AES; 1378 1378 - else 1379 1379 - { 1380 1380 - DBGPRINT(RT_DEBUG_TRACE, ("Unknow Cipher (=%d), set Cipher to AES\n", pAd->StaCfg.PairCipher)); 1381 1381 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_AES; 1382 1382 - } 1383 1383 - 1384 1384 - // Set key material and cipherAlg to Asic 1385 1385 - AsicAddSharedKeyEntry(pAd, 1386 1386 - BSS0, 1387 1387 - 0, 1388 1388 - pAd->SharedKey[BSS0][0].CipherAlg, 1389 1389 - pAd->SharedKey[BSS0][0].Key, 1390 1390 - pAd->SharedKey[BSS0][0].TxMic, 1391 1391 - pAd->SharedKey[BSS0][0].RxMic); 1392 1392 - 1393 1393 - // Update WCID attribute table and IVEIV table for this group key table 1394 1394 - RTMPAddWcidAttributeEntry(pAd, BSS0, 0, pAd->SharedKey[BSS0][0].CipherAlg, NULL); 1395 1395 - 1396 1396 - } 1397 1397 - 1398 1398 - } 1399 1399 - else // BSS_INFRA 1400 1400 - { 1401 1401 - // Check the new SSID with last SSID 1402 1402 - while (Cancelled == TRUE) 1403 1403 - { 1404 1404 - if (pAd->CommonCfg.LastSsidLen == pAd->CommonCfg.SsidLen) 1405 1405 - { 1406 1406 - if (RTMPCompareMemory(pAd->CommonCfg.LastSsid, pAd->CommonCfg.Ssid, pAd->CommonCfg.LastSsidLen) == 0) 1407 1407 - { 1408 1408 - // Link to the old one no linkdown is required. 1409 1409 - break; 1410 1410 - } 1411 1411 - } 1412 1412 - // Send link down event before set to link up 1413 1413 - pAd->IndicateMediaState = NdisMediaStateDisconnected; 1414 1414 - RTMP_IndicateMediaState(pAd); 1415 1415 - pAd->ExtraInfo = GENERAL_LINK_DOWN; 1416 1416 - DBGPRINT(RT_DEBUG_TRACE, ("NDIS_STATUS_MEDIA_DISCONNECT Event AA!\n")); 1417 1417 - break; 1418 1418 - } 1419 1419 - 1420 1420 - // 1421 1421 - // On WPA mode, Remove All Keys if not connect to the last BSSID 1422 1422 - // Key will be set after 4-way handshake. 1423 1423 - // 1424 1424 - if ((pAd->StaCfg.AuthMode >= Ndis802_11AuthModeWPA)) 1425 1425 - { 1426 1426 - ULONG IV; 1427 1427 - 1428 1428 - // Remove all WPA keys 1429 1429 - RTMPWPARemoveAllKeys(pAd); 1430 1430 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_NOT_SECURED; 1431 1431 - pAd->StaCfg.PrivacyFilter = Ndis802_11PrivFilter8021xWEP; 1432 1432 - 1433 1433 - // Fixed connection failed with Range Maximizer - 515 AP (Marvell Chip) when security is WPAPSK/TKIP 1434 1434 - // If IV related values are too large in GroupMsg2, AP would ignore this message. 1435 1435 - IV = 0; 1436 1436 - IV |= (pAd->StaCfg.DefaultKeyId << 30); 1437 1437 - AsicUpdateWCIDIVEIV(pAd, BSSID_WCID, IV, 0); 1438 1438 - } 1439 1439 - // NOTE: 1440 1440 - // the decision of using "short slot time" or not may change dynamically due to 1441 1441 - // new STA association to the AP. so we have to decide that upon parsing BEACON, not here 1442 1442 - 1443 1443 - // NOTE: 1444 1444 - // the decision to use "RTC/CTS" or "CTS-to-self" protection or not may change dynamically 1445 1445 - // due to new STA association to the AP. so we have to decide that upon parsing BEACON, not here 1446 1446 - 1447 1447 - ComposePsPoll(pAd); 1448 1448 - ComposeNullFrame(pAd); 1449 1449 - 1450 1450 - AsicEnableBssSync(pAd); 1451 1451 - 1452 1452 - // Add BSSID to WCID search table 1453 1453 - AsicUpdateRxWCIDTable(pAd, BSSID_WCID, pAd->CommonCfg.Bssid); 1454 1454 - 1455 1455 - NdisAcquireSpinLock(&pAd->MacTabLock); 1456 1456 - // add this BSSID entry into HASH table 1457 1457 - { 1458 1458 - UCHAR HashIdx; 1459 1459 - 1460 1460 - //pEntry = &pAd->MacTab.Content[BSSID_WCID]; 1461 1461 - HashIdx = MAC_ADDR_HASH_INDEX(pAd->CommonCfg.Bssid); 1462 1462 - if (pAd->MacTab.Hash[HashIdx] == NULL) 1463 1463 - { 1464 1464 - pAd->MacTab.Hash[HashIdx] = pEntry; 1465 1465 - } 1466 1466 - else 1467 1467 - { 1468 1468 - pCurrEntry = pAd->MacTab.Hash[HashIdx]; 1469 1469 - while (pCurrEntry->pNext != NULL) 1470 1470 - pCurrEntry = pCurrEntry->pNext; 1471 1471 - pCurrEntry->pNext = pEntry; 1472 1472 - } 1473 1473 - } 1474 1474 - NdisReleaseSpinLock(&pAd->MacTabLock); 1475 1475 - 1476 1476 - 1477 1477 - // If WEP is enabled, add paiewise and shared key 1478 1478 - if (((pAd->StaCfg.WpaSupplicantUP)&& 1479 1479 - (pAd->StaCfg.WepStatus == Ndis802_11WEPEnabled)&& 1480 1480 - (pAd->StaCfg.PortSecured == WPA_802_1X_PORT_SECURED)) || 1481 1481 - ((pAd->StaCfg.WpaSupplicantUP == WPA_SUPPLICANT_DISABLE)&& 1482 1482 - (pAd->StaCfg.WepStatus == Ndis802_11WEPEnabled))) 1483 1483 - { 1484 1484 - PUCHAR Key; 1485 1485 - UCHAR CipherAlg; 1486 1486 - 1487 1487 - for (idx=0; idx < SHARE_KEY_NUM; idx++) 1488 1488 - { 1489 1489 - CipherAlg = pAd->SharedKey[BSS0][idx].CipherAlg; 1490 1490 - Key = pAd->SharedKey[BSS0][idx].Key; 1491 1491 - 1492 1492 - if (pAd->SharedKey[BSS0][idx].KeyLen > 0) 1493 1493 - { 1494 1494 - // Set key material and cipherAlg to Asic 1495 1495 - AsicAddSharedKeyEntry(pAd, BSS0, idx, CipherAlg, Key, NULL, NULL); 1496 1496 - 1497 1497 - if (idx == pAd->StaCfg.DefaultKeyId) 1498 1498 - { 1499 1499 - // Assign group key info 1500 1500 - RTMPAddWcidAttributeEntry(pAd, BSS0, idx, CipherAlg, NULL); 1501 1501 - 1502 1502 - // Assign pairwise key info 1503 1503 - RTMPAddWcidAttributeEntry(pAd, BSS0, idx, CipherAlg, pEntry); 1504 1504 - } 1505 1505 - } 1506 1506 - } 1507 1507 - } 1508 1508 - 1509 1509 - // only INFRASTRUCTURE mode need to indicate connectivity immediately; ADHOC mode 1510 1510 - // should wait until at least 2 active nodes in this BSSID. 1511 1511 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED); 1512 1512 - 1513 1513 - // For GUI ++ 1514 1514 - if (pAd->StaCfg.AuthMode < Ndis802_11AuthModeWPA) 1515 1515 - { 1516 1516 - pAd->IndicateMediaState = NdisMediaStateConnected; 1517 1517 - pAd->ExtraInfo = GENERAL_LINK_UP; 1518 1518 - RTMP_IndicateMediaState(pAd); 1519 1519 - } 1520 1520 - // -- 1521 1521 - 1522 1522 - // Add BSSID in my MAC Table. 1523 1523 - NdisAcquireSpinLock(&pAd->MacTabLock); 1524 1524 - RTMPMoveMemory(pAd->MacTab.Content[BSSID_WCID].Addr, pAd->CommonCfg.Bssid, MAC_ADDR_LEN); 1525 1525 - pAd->MacTab.Content[BSSID_WCID].Aid = BSSID_WCID; 1526 1526 - pAd->MacTab.Content[BSSID_WCID].pAd = pAd; 1527 1527 - pAd->MacTab.Content[BSSID_WCID].ValidAsCLI = TRUE; //Although this is bssid..still set ValidAsCl 1528 1528 - pAd->MacTab.Size = 1; // infra mode always set MACtab size =1. 1529 1529 - pAd->MacTab.Content[BSSID_WCID].Sst = SST_ASSOC; 1530 1530 - pAd->MacTab.Content[BSSID_WCID].AuthState = SST_ASSOC; 1531 1531 - pAd->MacTab.Content[BSSID_WCID].AuthMode = pAd->StaCfg.AuthMode; 1532 1532 - pAd->MacTab.Content[BSSID_WCID].WepStatus = pAd->StaCfg.WepStatus; 1533 1533 - NdisReleaseSpinLock(&pAd->MacTabLock); 1534 1534 - 1535 1535 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK UP !!! ClientStatusFlags=%lx)\n", 1536 1536 - pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags)); 1537 1537 - 1538 1538 - MlmeUpdateTxRates(pAd, TRUE, BSS0); 1539 1539 - MlmeUpdateHtTxRates(pAd, BSS0); 1540 1540 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK UP !! (StaActive.bHtEnable =%d, )\n", pAd->StaActive.SupportedPhyInfo.bHtEnable)); 1541 1541 - 1542 1542 - if (pAd->CommonCfg.bAggregationCapable) 1543 1543 - { 1544 1544 - if ((pAd->CommonCfg.bPiggyBackCapable) && (pAd->MlmeAux.APRalinkIe & 0x00000003) == 3) 1545 1545 - { 1546 1546 - 1547 1547 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_PIGGYBACK_INUSED); 1548 1548 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_AGGREGATION_INUSED); 1549 1549 - RTMPSetPiggyBack(pAd, TRUE); 1550 1550 - DBGPRINT(RT_DEBUG_TRACE, ("Turn on Piggy-Back\n")); 1551 1551 - } 1552 1552 - else if (pAd->MlmeAux.APRalinkIe & 0x00000001) 1553 1553 - { 1554 1554 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_AGGREGATION_INUSED); 1555 1555 - } 1556 1556 - } 1557 1557 - 1558 1558 - if (pAd->MlmeAux.APRalinkIe != 0x0) 1559 1559 - { 1560 1560 - if (CLIENT_STATUS_TEST_FLAG(&pAd->MacTab.Content[BSSID_WCID], fCLIENT_STATUS_RDG_CAPABLE)) 1561 1561 - { 1562 1562 - AsicEnableRDG(pAd); 1563 1563 - } 1564 1564 - 1565 1565 - OPSTATUS_SET_FLAG(pAd, fCLIENT_STATUS_RALINK_CHIPSET); 1566 1566 - CLIENT_STATUS_SET_FLAG(&pAd->MacTab.Content[BSSID_WCID], fCLIENT_STATUS_RALINK_CHIPSET); 1567 1567 - } 1568 1568 - else 1569 1569 - { 1570 1570 - OPSTATUS_CLEAR_FLAG(pAd, fCLIENT_STATUS_RALINK_CHIPSET); 1571 1571 - CLIENT_STATUS_CLEAR_FLAG(&pAd->MacTab.Content[BSSID_WCID], fCLIENT_STATUS_RALINK_CHIPSET); 1572 1572 - } 1573 1573 - } 1574 1574 - 1575 1575 - DBGPRINT(RT_DEBUG_TRACE, ("NDIS_STATUS_MEDIA_CONNECT Event B!.BACapability = %x. ClientStatusFlags = %lx\n", pAd->CommonCfg.BACapability.word, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags)); 1576 1576 - 1577 1577 - // Set LED 1578 1578 - RTMPSetLED(pAd, LED_LINK_UP); 1579 1579 - 1580 1580 - pAd->Mlme.PeriodicRound = 0; 1581 1581 - pAd->Mlme.OneSecPeriodicRound = 0; 1582 1582 - pAd->bConfigChanged = FALSE; // Reset config flag 1583 1583 - pAd->ExtraInfo = GENERAL_LINK_UP; // Update extra information to link is up 1584 1584 - 1585 1585 - // Set asic auto fall back 1586 1586 - { 1587 1587 - PUCHAR pTable; 1588 1588 - UCHAR TableSize = 0; 1589 1589 - 1590 1590 - MlmeSelectTxRateTable(pAd, &pAd->MacTab.Content[BSSID_WCID], &pTable, &TableSize, &pAd->CommonCfg.TxRateIndex); 1591 1591 - AsicUpdateAutoFallBackTable(pAd, pTable); 1592 1592 - } 1593 1593 - 1594 1594 - NdisAcquireSpinLock(&pAd->MacTabLock); 1595 1595 - pEntry->HTPhyMode.word = pAd->StaCfg.HTPhyMode.word; 1596 1596 - pEntry->MaxHTPhyMode.word = pAd->StaCfg.HTPhyMode.word; 1597 1597 - if (pAd->StaCfg.bAutoTxRateSwitch == FALSE) 1598 1598 - { 1599 1599 - pEntry->bAutoTxRateSwitch = FALSE; 1600 1600 - 1601 1601 - if (pEntry->HTPhyMode.field.MCS == 32) 1602 1602 - pEntry->HTPhyMode.field.ShortGI = GI_800; 1603 1603 - 1604 1604 - if ((pEntry->HTPhyMode.field.MCS > MCS_7) || (pEntry->HTPhyMode.field.MCS == 32)) 1605 1605 - pEntry->HTPhyMode.field.STBC = STBC_NONE; 1606 1606 - 1607 1607 - // If the legacy mode is set, overwrite the transmit setting of this entry. 1608 1608 - if (pEntry->HTPhyMode.field.MODE <= MODE_OFDM) 1609 1609 - RTMPUpdateLegacyTxSetting((UCHAR)pAd->StaCfg.DesiredTransmitSetting.field.FixedTxMode, pEntry); 1610 1610 - } 1611 1611 - else 1612 1612 - pEntry->bAutoTxRateSwitch = TRUE; 1613 1613 - NdisReleaseSpinLock(&pAd->MacTabLock); 1614 1614 - 1615 1615 - // Let Link Status Page display first initial rate. 1616 1616 - pAd->LastTxRate = (USHORT)(pEntry->HTPhyMode.word); 1617 1617 - // Select DAC according to HT or Legacy 1618 1618 - if (pAd->StaActive.SupportedPhyInfo.MCSSet[0] != 0x00) 1619 1619 - { 1620 1620 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R1, &Value); 1621 1621 - Value &= (~0x18); 1622 1622 - if (pAd->Antenna.field.TxPath == 2) 1623 1623 - { 1624 1624 - Value |= 0x10; 1625 1625 - } 1626 1626 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R1, Value); 1627 1627 - } 1628 1628 - else 1629 1629 - { 1630 1630 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R1, &Value); 1631 1631 - Value &= (~0x18); 1632 1632 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R1, Value); 1633 1633 - } 1634 1634 - 1635 1635 - if (pAd->StaActive.SupportedPhyInfo.bHtEnable == FALSE) 1636 1636 - { 1637 1637 - } 1638 1638 - else if (pEntry->MaxRAmpduFactor == 0) 1639 1639 - { 1640 1640 - // If HT AP doesn't support MaxRAmpduFactor = 1, we need to set max PSDU to 0. 1641 1641 - // Because our Init value is 1 at MACRegTable. 1642 1642 - RTMP_IO_WRITE32(pAd, MAX_LEN_CFG, 0x0fff); 1643 1643 - } 1644 1644 - 1645 1645 - // Patch for Marvel AP to gain high throughput 1646 1646 - // Need to set as following, 1647 1647 - // 1. Set txop in register-EDCA_AC0_CFG as 0x60 1648 1648 - // 2. Set EnTXWriteBackDDONE in register-WPDMA_GLO_CFG as zero 1649 1649 - // 3. PBF_MAX_PCNT as 0x1F3FBF9F 1650 1650 - // 4. kick per two packets when dequeue 1651 1651 - // 1652 1652 - // Txop can only be modified when RDG is off, WMM is disable and TxBurst is enable 1653 1653 - // 1654 1654 - // if 1. Legacy AP WMM on, or 2. 11n AP, AMPDU disable. Force turn off burst no matter what bEnableTxBurst is. 1655 1655 - if (!((pAd->CommonCfg.RxStream == 1)&&(pAd->CommonCfg.TxStream == 1)) && 1656 1656 - (((pAd->StaActive.SupportedPhyInfo.bHtEnable == FALSE) && OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_WMM_INUSED)) 1657 1657 - || ((pAd->StaActive.SupportedPhyInfo.bHtEnable == TRUE) && (pAd->CommonCfg.BACapability.field.Policy == BA_NOTUSE)))) 1658 1658 - { 1659 1659 - RTMP_IO_READ32(pAd, EDCA_AC0_CFG, &Data); 1660 1660 - Data &= 0xFFFFFF00; 1661 1661 - RTMP_IO_WRITE32(pAd, EDCA_AC0_CFG, Data); 1662 1662 - 1663 1663 - RTMP_IO_WRITE32(pAd, PBF_MAX_PCNT, 0x1F3F7F9F); 1664 1664 - DBGPRINT(RT_DEBUG_TRACE, ("Txburst 1\n")); 1665 1665 - } 1666 1666 - else 1667 1667 - if (pAd->CommonCfg.bEnableTxBurst) 1668 1668 - { 1669 1669 - RTMP_IO_READ32(pAd, EDCA_AC0_CFG, &Data); 1670 1670 - Data &= 0xFFFFFF00; 1671 1671 - Data |= 0x60; 1672 1672 - RTMP_IO_WRITE32(pAd, EDCA_AC0_CFG, Data); 1673 1673 - pAd->CommonCfg.IOTestParm.bNowAtherosBurstOn = TRUE; 1674 1674 - 1675 1675 - RTMP_IO_WRITE32(pAd, PBF_MAX_PCNT, 0x1F3FBF9F); 1676 1676 - DBGPRINT(RT_DEBUG_TRACE, ("Txburst 2\n")); 1677 1677 - } 1678 1678 - else 1679 1679 - { 1680 1680 - RTMP_IO_READ32(pAd, EDCA_AC0_CFG, &Data); 1681 1681 - Data &= 0xFFFFFF00; 1682 1682 - RTMP_IO_WRITE32(pAd, EDCA_AC0_CFG, Data); 1683 1683 - 1684 1684 - RTMP_IO_WRITE32(pAd, PBF_MAX_PCNT, 0x1F3F7F9F); 1685 1685 - DBGPRINT(RT_DEBUG_TRACE, ("Txburst 3\n")); 1686 1686 - } 1687 1687 - 1688 1688 - // Re-check to turn on TX burst or not. 1689 1689 - if ((pAd->CommonCfg.IOTestParm.bLastAtheros == TRUE) && ((STA_WEP_ON(pAd))||(STA_TKIP_ON(pAd)))) 1690 1690 - { 1691 1691 - pAd->CommonCfg.IOTestParm.bNextDisableRxBA = TRUE; 1692 1692 - if (pAd->CommonCfg.bEnableTxBurst) 1693 1693 - { 1694 1694 - UINT32 MACValue = 0; 1695 1695 - // Force disable TXOP value in this case. The same action in MLMEUpdateProtect too. 1696 1696 - // I didn't change PBF_MAX_PCNT setting. 1697 1697 - RTMP_IO_READ32(pAd, EDCA_AC0_CFG, &MACValue); 1698 1698 - MACValue &= 0xFFFFFF00; 1699 1699 - RTMP_IO_WRITE32(pAd, EDCA_AC0_CFG, MACValue); 1700 1700 - pAd->CommonCfg.IOTestParm.bNowAtherosBurstOn = FALSE; 1701 1701 - } 1702 1702 - } 1703 1703 - else 1704 1704 - { 1705 1705 - pAd->CommonCfg.IOTestParm.bNextDisableRxBA = FALSE; 1706 1706 - } 1707 1707 - 1708 1708 - pAd->CommonCfg.IOTestParm.bLastAtheros = FALSE; 1709 1709 - COPY_MAC_ADDR(pAd->CommonCfg.LastBssid, pAd->CommonCfg.Bssid); 1710 1710 - DBGPRINT(RT_DEBUG_TRACE, ("!!!pAd->bNextDisableRxBA= %d \n", pAd->CommonCfg.IOTestParm.bNextDisableRxBA)); 1711 1711 - // BSSID add in one MAC entry too. Because in Tx, ASIC need to check Cipher and IV/EIV, BAbitmap 1712 1712 - // Pther information in MACTab.Content[BSSID_WCID] is not necessary for driver. 1713 1713 - // Note: As STA, The MACTab.Content[BSSID_WCID]. PairwiseKey and Shared Key for BSS0 are the same. 1714 1714 - 1715 1715 - if (pAd->StaCfg.WepStatus <= Ndis802_11WEPDisabled) 1716 1716 - { 1717 1717 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_SECURED; 1718 1718 - pAd->StaCfg.PrivacyFilter = Ndis802_11PrivFilterAcceptAll; 1719 1719 - } 1720 1720 - 1721 1721 - NdisAcquireSpinLock(&pAd->MacTabLock); 1722 1722 - pEntry->PortSecured = pAd->StaCfg.PortSecured; 1723 1723 - NdisReleaseSpinLock(&pAd->MacTabLock); 1724 1724 - 1725 1725 - // 1726 1726 - // Patch Atheros AP TX will breakdown issue. 1727 1727 - // AP Model: DLink DWL-8200AP 1728 1728 - // 1729 1729 - if (INFRA_ON(pAd) && OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_WMM_INUSED) && STA_TKIP_ON(pAd)) 1730 1730 - { 1731 1731 - RTMP_IO_WRITE32(pAd, RX_PARSER_CFG, 0x01); 1732 1732 - } 1733 1733 - else 1734 1734 - { 1735 1735 - RTMP_IO_WRITE32(pAd, RX_PARSER_CFG, 0x00); 1736 1736 - } 1737 1737 - 1738 1738 - RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BSS_SCAN_IN_PROGRESS); 1739 1739 - } 1740 1740 - 1741 1741 - /* 1742 1742 - ========================================================================== 1743 1743 - 1744 1744 - Routine Description: 1745 1745 - Disconnect current BSSID 1746 1746 - 1747 1747 - Arguments: 1748 1748 - pAd - Pointer to our adapter 1749 1749 - IsReqFromAP - Request from AP 1750 1750 - 1751 1751 - Return Value: 1752 1752 - None 1753 1753 - 1754 1754 - IRQL = DISPATCH_LEVEL 1755 1755 - 1756 1756 - Note: 1757 1757 - We need more information to know it's this requst from AP. 1758 1758 - If yes! we need to do extra handling, for example, remove the WPA key. 1759 1759 - Otherwise on 4-way handshaking will faied, since the WPA key didn't be 1760 1760 - remove while auto reconnect. 1761 1761 - Disconnect request from AP, it means we will start afresh 4-way handshaking 1762 1762 - on WPA mode. 1763 1763 - 1764 1764 - ========================================================================== 1765 1765 - */ 1766 1766 - VOID LinkDown( 1767 1767 - IN PRTMP_ADAPTER pAd, 1768 1768 - IN BOOLEAN IsReqFromAP) 1769 1769 - { 1770 1770 - UCHAR i, ByteValue = 0; 1771 1771 - 1772 1772 - // Do nothing if monitor mode is on 1773 1773 - if (MONITOR_ON(pAd)) 1774 1774 - return; 1775 1775 - 1776 1776 - if (pAd->CommonCfg.bWirelessEvent) 1777 1777 - { 1778 1778 - RTMPSendWirelessEvent(pAd, IW_STA_LINKDOWN_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 1779 1779 - } 1780 1780 - 1781 1781 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK DOWN !!!\n")); 1782 1782 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_AGGREGATION_INUSED); 1783 1783 - 1784 1784 - if (ADHOC_ON(pAd)) // Adhoc mode link down 1785 1785 - { 1786 1786 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK DOWN 1!!!\n")); 1787 1787 - 1788 1788 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_ADHOC_ON); 1789 1789 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED); 1790 1790 - pAd->IndicateMediaState = NdisMediaStateDisconnected; 1791 1791 - RTMP_IndicateMediaState(pAd); 1792 1792 - pAd->ExtraInfo = GENERAL_LINK_DOWN; 1793 1793 - BssTableDeleteEntry(&pAd->ScanTab, pAd->CommonCfg.Bssid, pAd->CommonCfg.Channel); 1794 1794 - DBGPRINT(RT_DEBUG_TRACE, ("!!! MacTab.Size=%d !!!\n", pAd->MacTab.Size)); 1795 1795 - } 1796 1796 - else // Infra structure mode 1797 1797 - { 1798 1798 - DBGPRINT(RT_DEBUG_TRACE, ("!!! LINK DOWN 2!!!\n")); 1799 1799 - 1800 1800 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_INFRA_ON); 1801 1801 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED); 1802 1802 - 1803 1803 - // Saved last SSID for linkup comparison 1804 1804 - pAd->CommonCfg.LastSsidLen = pAd->CommonCfg.SsidLen; 1805 1805 - NdisMoveMemory(pAd->CommonCfg.LastSsid, pAd->CommonCfg.Ssid, pAd->CommonCfg.LastSsidLen); 1806 1806 - COPY_MAC_ADDR(pAd->CommonCfg.LastBssid, pAd->CommonCfg.Bssid); 1807 1807 - if (pAd->MlmeAux.CurrReqIsFromNdis == TRUE) 1808 1808 - { 1809 1809 - pAd->IndicateMediaState = NdisMediaStateDisconnected; 1810 1810 - RTMP_IndicateMediaState(pAd); 1811 1811 - pAd->ExtraInfo = GENERAL_LINK_DOWN; 1812 1812 - DBGPRINT(RT_DEBUG_TRACE, ("NDIS_STATUS_MEDIA_DISCONNECT Event A!\n")); 1813 1813 - pAd->MlmeAux.CurrReqIsFromNdis = FALSE; 1814 1814 - } 1815 1815 - else 1816 1816 - { 1817 1817 - // 1818 1818 - // If disassociation request is from NDIS, then we don't need to delete BSSID from entry. 1819 1819 - // Otherwise lost beacon or receive De-Authentication from AP, 1820 1820 - // then we should delete BSSID from BssTable. 1821 1821 - // If we don't delete from entry, roaming will fail. 1822 1822 - // 1823 1823 - BssTableDeleteEntry(&pAd->ScanTab, pAd->CommonCfg.Bssid, pAd->CommonCfg.Channel); 1824 1824 - } 1825 1825 - 1826 1826 - // restore back to - 1827 1827 - // 1. long slot (20 us) or short slot (9 us) time 1828 1828 - // 2. turn on/off RTS/CTS and/or CTS-to-self protection 1829 1829 - // 3. short preamble 1830 1830 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_BG_PROTECTION_INUSED); 1831 1831 - 1832 1832 - if (pAd->StaCfg.CCXAdjacentAPReportFlag == TRUE) 1833 1833 - { 1834 1834 - // 1835 1835 - // Record current AP's information. 1836 1836 - // for later used reporting Adjacent AP report. 1837 1837 - // 1838 1838 - pAd->StaCfg.CCXAdjacentAPChannel = pAd->CommonCfg.Channel; 1839 1839 - pAd->StaCfg.CCXAdjacentAPSsidLen = pAd->CommonCfg.SsidLen; 1840 1840 - NdisMoveMemory(pAd->StaCfg.CCXAdjacentAPSsid, pAd->CommonCfg.Ssid, pAd->StaCfg.CCXAdjacentAPSsidLen); 1841 1841 - COPY_MAC_ADDR(pAd->StaCfg.CCXAdjacentAPBssid, pAd->CommonCfg.Bssid); 1842 1842 - } 1843 1843 - } 1844 1844 - 1845 1845 - for (i=1; i<MAX_LEN_OF_MAC_TABLE; i++) 1846 1846 - { 1847 1847 - if (pAd->MacTab.Content[i].ValidAsCLI == TRUE) 1848 1848 - MacTableDeleteEntry(pAd, pAd->MacTab.Content[i].Aid, pAd->MacTab.Content[i].Addr); 1849 1849 - } 1850 1850 - 1851 1851 - pAd->StaCfg.CCXQosECWMin = 4; 1852 1852 - pAd->StaCfg.CCXQosECWMax = 10; 1853 1853 - 1854 1854 - AsicSetSlotTime(pAd, TRUE); //FALSE); 1855 1855 - AsicSetEdcaParm(pAd, NULL); 1856 1856 - 1857 1857 - // Set LED 1858 1858 - RTMPSetLED(pAd, LED_LINK_DOWN); 1859 1859 - pAd->LedIndicatorStregth = 0xF0; 1860 1860 - RTMPSetSignalLED(pAd, -100); // Force signal strength Led to be turned off, firmware is not done it. 1861 1861 - 1862 1862 - AsicDisableSync(pAd); 1863 1863 - 1864 1864 - pAd->Mlme.PeriodicRound = 0; 1865 1865 - pAd->Mlme.OneSecPeriodicRound = 0; 1866 1866 - 1867 1867 - if (pAd->StaCfg.BssType == BSS_INFRA) 1868 1868 - { 1869 1869 - // Remove StaCfg Information after link down 1870 1870 - NdisZeroMemory(pAd->CommonCfg.Bssid, MAC_ADDR_LEN); 1871 1871 - NdisZeroMemory(pAd->CommonCfg.Ssid, MAX_LEN_OF_SSID); 1872 1872 - pAd->CommonCfg.SsidLen = 0; 1873 1873 - } 1874 1874 - 1875 1875 - NdisZeroMemory(&pAd->MlmeAux.HtCapability, sizeof(HT_CAPABILITY_IE)); 1876 1876 - NdisZeroMemory(&pAd->MlmeAux.AddHtInfo, sizeof(ADD_HT_INFO_IE)); 1877 1877 - pAd->MlmeAux.HtCapabilityLen = 0; 1878 1878 - pAd->MlmeAux.NewExtChannelOffset = 0xff; 1879 1879 - 1880 1880 - // Reset WPA-PSK state. Only reset when supplicant enabled 1881 1881 - if (pAd->StaCfg.WpaState != SS_NOTUSE) 1882 1882 - { 1883 1883 - pAd->StaCfg.WpaState = SS_START; 1884 1884 - // Clear Replay counter 1885 1885 - NdisZeroMemory(pAd->StaCfg.ReplayCounter, 8); 1886 1886 - } 1887 1887 - 1888 1888 - 1889 1889 - // 1890 1890 - // if link down come from AP, we need to remove all WPA keys on WPA mode. 1891 1891 - // otherwise will cause 4-way handshaking failed, since the WPA key not empty. 1892 1892 - // 1893 1893 - if ((IsReqFromAP) && (pAd->StaCfg.AuthMode >= Ndis802_11AuthModeWPA)) 1894 1894 - { 1895 1895 - // Remove all WPA keys 1896 1896 - RTMPWPARemoveAllKeys(pAd); 1897 1897 - } 1898 1898 - 1899 1899 - // 802.1x port control 1900 1900 - 1901 1901 - // Prevent clear PortSecured here with static WEP 1902 1902 - // NetworkManger set security policy first then set SSID to connect AP. 1903 1903 - if (pAd->StaCfg.WpaSupplicantUP && 1904 1904 - (pAd->StaCfg.WepStatus == Ndis802_11WEPEnabled) && 1905 1905 - (pAd->StaCfg.IEEE8021X == FALSE)) 1906 1906 - { 1907 1907 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_SECURED; 1908 1908 - } 1909 1909 - else 1910 1910 - { 1911 1911 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_NOT_SECURED; 1912 1912 - pAd->StaCfg.PrivacyFilter = Ndis802_11PrivFilter8021xWEP; 1913 1913 - } 1914 1914 - 1915 1915 - NdisAcquireSpinLock(&pAd->MacTabLock); 1916 1916 - pAd->MacTab.Content[BSSID_WCID].PortSecured = pAd->StaCfg.PortSecured; 1917 1917 - NdisReleaseSpinLock(&pAd->MacTabLock); 1918 1918 - 1919 1919 - pAd->StaCfg.MicErrCnt = 0; 1920 1920 - 1921 1921 - // Turn off Ckip control flag 1922 1922 - pAd->StaCfg.bCkipOn = FALSE; 1923 1923 - pAd->StaCfg.CCXEnable = FALSE; 1924 1924 - 1925 1925 - pAd->IndicateMediaState = NdisMediaStateDisconnected; 1926 1926 - // Update extra information to link is up 1927 1927 - pAd->ExtraInfo = GENERAL_LINK_DOWN; 1928 1928 - 1929 1929 - pAd->StaActive.SupportedPhyInfo.bHtEnable = FALSE; 1930 1930 - 1931 1931 - // Reset the Current AP's IP address 1932 1932 - NdisZeroMemory(pAd->StaCfg.AironetIPAddress, 4); 1933 1933 - #ifdef RT2870 1934 1934 - pAd->bUsbTxBulkAggre = FALSE; 1935 1935 - #endif // RT2870 // 1936 1936 - 1937 1937 - // Clean association information 1938 1938 - NdisZeroMemory(&pAd->StaCfg.AssocInfo, sizeof(NDIS_802_11_ASSOCIATION_INFORMATION)); 1939 1939 - pAd->StaCfg.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION); 1940 1940 - pAd->StaCfg.ReqVarIELen = 0; 1941 1941 - pAd->StaCfg.ResVarIELen = 0; 1942 1942 - 1943 1943 - // 1944 1944 - // Reset RSSI value after link down 1945 1945 - // 1946 1946 - pAd->StaCfg.RssiSample.AvgRssi0 = 0; 1947 1947 - pAd->StaCfg.RssiSample.AvgRssi0X8 = 0; 1948 1948 - pAd->StaCfg.RssiSample.AvgRssi1 = 0; 1949 1949 - pAd->StaCfg.RssiSample.AvgRssi1X8 = 0; 1950 1950 - pAd->StaCfg.RssiSample.AvgRssi2 = 0; 1951 1951 - pAd->StaCfg.RssiSample.AvgRssi2X8 = 0; 1952 1952 - 1953 1953 - // Restore MlmeRate 1954 1954 - pAd->CommonCfg.MlmeRate = pAd->CommonCfg.BasicMlmeRate; 1955 1955 - pAd->CommonCfg.RtsRate = pAd->CommonCfg.BasicMlmeRate; 1956 1956 - 1957 1957 - // 1958 1958 - // After Link down, reset piggy-back setting in ASIC. Disable RDG. 1959 1959 - // 1960 1960 - if (pAd->CommonCfg.BBPCurrentBW == BW_40) 1961 1961 - { 1962 1962 - pAd->CommonCfg.BBPCurrentBW = BW_20; 1963 1963 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &ByteValue); 1964 1964 - ByteValue &= (~0x18); 1965 1965 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, ByteValue); 1966 1966 - } 1967 1967 - 1968 1968 - // Reset DAC 1969 1969 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R1, &ByteValue); 1970 1970 - ByteValue &= (~0x18); 1971 1971 - if (pAd->Antenna.field.TxPath == 2) 1972 1972 - { 1973 1973 - ByteValue |= 0x10; 1974 1974 - } 1975 1975 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R1, ByteValue); 1976 1976 - 1977 1977 - RTMPSetPiggyBack(pAd,FALSE); 1978 1978 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_PIGGYBACK_INUSED); 1979 1979 - 1980 1980 - pAd->CommonCfg.BACapability.word = pAd->CommonCfg.REGBACapability.word; 1981 1981 - 1982 1982 - // Restore all settings in the following. 1983 1983 - AsicUpdateProtect(pAd, 0, (ALLN_SETPROTECT|CCKSETPROTECT|OFDMSETPROTECT), TRUE, FALSE); 1984 1984 - AsicDisableRDG(pAd); 1985 1985 - pAd->CommonCfg.IOTestParm.bCurrentAtheros = FALSE; 1986 1986 - pAd->CommonCfg.IOTestParm.bNowAtherosBurstOn = FALSE; 1987 1987 - 1988 1988 - RTMP_IO_WRITE32(pAd, MAX_LEN_CFG, 0x1fff); 1989 1989 - RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BSS_SCAN_IN_PROGRESS); 1990 1990 - 1991 1991 - { 1992 1992 - union iwreq_data wrqu; 1993 1993 - memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN); 1994 1994 - wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL); 1995 1995 - } 1996 1996 - 1997 1997 - #ifdef RT30xx 1998 1998 - if (IS_RT3090(pAd)) 1999 1999 - { 2000 2000 - UINT32 macdata; 2001 2001 - // disable MMPS BBP control register 2002 2002 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &ByteValue); 2003 2003 - ByteValue &= ~(0x04); //bit 2 2004 2004 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, ByteValue); 2005 2005 - 2006 2006 - // disable MMPS MAC control register 2007 2007 - RTMP_IO_READ32(pAd, 0x1210, &macdata); 2008 2008 - macdata &= ~(0x09); //bit 0, 3 2009 2009 - RTMP_IO_WRITE32(pAd, 0x1210, macdata); 2010 2010 - } 2011 2011 - #endif // RT30xx // 2012 2012 - 2013 2013 - } 2014 2014 - 2015 2015 - /* 2016 2016 - ========================================================================== 2017 2017 - Description: 2018 2018 - 2019 2019 - IRQL = DISPATCH_LEVEL 2020 2020 - 2021 2021 - ========================================================================== 2022 2022 - */ 2023 2023 - VOID IterateOnBssTab( 2024 2024 - IN PRTMP_ADAPTER pAd) 2025 2025 - { 2026 2026 - MLME_START_REQ_STRUCT StartReq; 2027 2027 - MLME_JOIN_REQ_STRUCT JoinReq; 2028 2028 - ULONG BssIdx; 2029 2029 - 2030 2030 - // Change the wepstatus to original wepstatus 2031 2031 - pAd->StaCfg.WepStatus = pAd->StaCfg.OrigWepStatus; 2032 2032 - pAd->StaCfg.PairCipher = pAd->StaCfg.OrigWepStatus; 2033 2033 - pAd->StaCfg.GroupCipher = pAd->StaCfg.OrigWepStatus; 2034 2034 - 2035 2035 - BssIdx = pAd->MlmeAux.BssIdx; 2036 2036 - if (BssIdx < pAd->MlmeAux.SsidBssTab.BssNr) 2037 2037 - { 2038 2038 - // Check cipher suite, AP must have more secured cipher than station setting 2039 2039 - // Set the Pairwise and Group cipher to match the intended AP setting 2040 2040 - // We can only connect to AP with less secured cipher setting 2041 2041 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) || (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK)) 2042 2042 - { 2043 2043 - pAd->StaCfg.GroupCipher = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA.GroupCipher; 2044 2044 - 2045 2045 - if (pAd->StaCfg.WepStatus == pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA.PairCipher) 2046 2046 - pAd->StaCfg.PairCipher = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA.PairCipher; 2047 2047 - else if (pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA.PairCipherAux != Ndis802_11WEPDisabled) 2048 2048 - pAd->StaCfg.PairCipher = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA.PairCipherAux; 2049 2049 - else // There is no PairCipher Aux, downgrade our capability to TKIP 2050 2050 - pAd->StaCfg.PairCipher = Ndis802_11Encryption2Enabled; 2051 2051 - } 2052 2052 - else if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) || (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK)) 2053 2053 - { 2054 2054 - pAd->StaCfg.GroupCipher = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA2.GroupCipher; 2055 2055 - 2056 2056 - if (pAd->StaCfg.WepStatus == pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA2.PairCipher) 2057 2057 - pAd->StaCfg.PairCipher = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA2.PairCipher; 2058 2058 - else if (pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA2.PairCipherAux != Ndis802_11WEPDisabled) 2059 2059 - pAd->StaCfg.PairCipher = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA2.PairCipherAux; 2060 2060 - else // There is no PairCipher Aux, downgrade our capability to TKIP 2061 2061 - pAd->StaCfg.PairCipher = Ndis802_11Encryption2Enabled; 2062 2062 - 2063 2063 - // RSN capability 2064 2064 - pAd->StaCfg.RsnCapability = pAd->MlmeAux.SsidBssTab.BssEntry[BssIdx].WPA2.RsnCapability; 2065 2065 - } 2066 2066 - 2067 2067 - // Set Mix cipher flag 2068 2068 - pAd->StaCfg.bMixCipher = (pAd->StaCfg.PairCipher == pAd->StaCfg.GroupCipher) ? FALSE : TRUE; 2069 2069 - if (pAd->StaCfg.bMixCipher == TRUE) 2070 2070 - { 2071 2071 - // If mix cipher, re-build RSNIE 2072 2072 - RTMPMakeRSNIE(pAd, pAd->StaCfg.AuthMode, pAd->StaCfg.WepStatus, 0); 2073 2073 - } 2074 2074 - 2075 2075 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - iterate BSS %ld of %d\n", BssIdx, pAd->MlmeAux.SsidBssTab.BssNr)); 2076 2076 - JoinParmFill(pAd, &JoinReq, BssIdx); 2077 2077 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_JOIN_REQ, sizeof(MLME_JOIN_REQ_STRUCT), 2078 2078 - &JoinReq); 2079 2079 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_JOIN; 2080 2080 - } 2081 2081 - else if (pAd->StaCfg.BssType == BSS_ADHOC) 2082 2082 - { 2083 2083 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - All BSS fail; start a new ADHOC (Ssid=%s)...\n",pAd->MlmeAux.Ssid)); 2084 2084 - StartParmFill(pAd, &StartReq, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen); 2085 2085 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_MLME_START_REQ, sizeof(MLME_START_REQ_STRUCT), &StartReq); 2086 2086 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_START; 2087 2087 - } 2088 2088 - else // no more BSS 2089 2089 - { 2090 2090 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - All roaming failed, stay @ ch #%d\n", pAd->CommonCfg.Channel)); 2091 2091 - AsicSwitchChannel(pAd, pAd->CommonCfg.Channel, FALSE); 2092 2092 - AsicLockChannel(pAd, pAd->CommonCfg.Channel); 2093 2093 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 2094 2094 - } 2095 2095 - } 2096 2096 - 2097 2097 - // for re-association only 2098 2098 - // IRQL = DISPATCH_LEVEL 2099 2099 - VOID IterateOnBssTab2( 2100 2100 - IN PRTMP_ADAPTER pAd) 2101 2101 - { 2102 2102 - MLME_REASSOC_REQ_STRUCT ReassocReq; 2103 2103 - ULONG BssIdx; 2104 2104 - BSS_ENTRY *pBss; 2105 2105 - 2106 2106 - BssIdx = pAd->MlmeAux.RoamIdx; 2107 2107 - pBss = &pAd->MlmeAux.RoamTab.BssEntry[BssIdx]; 2108 2108 - 2109 2109 - if (BssIdx < pAd->MlmeAux.RoamTab.BssNr) 2110 2110 - { 2111 2111 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - iterate BSS %ld of %d\n", BssIdx, pAd->MlmeAux.RoamTab.BssNr)); 2112 2112 - 2113 2113 - AsicSwitchChannel(pAd, pBss->Channel, FALSE); 2114 2114 - AsicLockChannel(pAd, pBss->Channel); 2115 2115 - 2116 2116 - // reassociate message has the same structure as associate message 2117 2117 - AssocParmFill(pAd, &ReassocReq, pBss->Bssid, pBss->CapabilityInfo, 2118 2118 - ASSOC_TIMEOUT, pAd->StaCfg.DefaultListenCount); 2119 2119 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_REASSOC_REQ, 2120 2120 - sizeof(MLME_REASSOC_REQ_STRUCT), &ReassocReq); 2121 2121 - 2122 2122 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_REASSOC; 2123 2123 - } 2124 2124 - else // no more BSS 2125 2125 - { 2126 2126 - DBGPRINT(RT_DEBUG_TRACE, ("CNTL - All fast roaming failed, back to ch #%d\n",pAd->CommonCfg.Channel)); 2127 2127 - AsicSwitchChannel(pAd, pAd->CommonCfg.Channel, FALSE); 2128 2128 - AsicLockChannel(pAd, pAd->CommonCfg.Channel); 2129 2129 - pAd->Mlme.CntlMachine.CurrState = CNTL_IDLE; 2130 2130 - } 2131 2131 - } 2132 2132 - 2133 2133 - /* 2134 2134 - ========================================================================== 2135 2135 - Description: 2136 2136 - 2137 2137 - IRQL = DISPATCH_LEVEL 2138 2138 - 2139 2139 - ========================================================================== 2140 2140 - */ 2141 2141 - VOID JoinParmFill( 2142 2142 - IN PRTMP_ADAPTER pAd, 2143 2143 - IN OUT MLME_JOIN_REQ_STRUCT *JoinReq, 2144 2144 - IN ULONG BssIdx) 2145 2145 - { 2146 2146 - JoinReq->BssIdx = BssIdx; 2147 2147 - } 2148 2148 - 2149 2149 - /* 2150 2150 - ========================================================================== 2151 2151 - Description: 2152 2152 - 2153 2153 - IRQL = DISPATCH_LEVEL 2154 2154 - 2155 2155 - ========================================================================== 2156 2156 - */ 2157 2157 - VOID ScanParmFill( 2158 2158 - IN PRTMP_ADAPTER pAd, 2159 2159 - IN OUT MLME_SCAN_REQ_STRUCT *ScanReq, 2160 2160 - IN CHAR Ssid[], 2161 2161 - IN UCHAR SsidLen, 2162 2162 - IN UCHAR BssType, 2163 2163 - IN UCHAR ScanType) 2164 2164 - { 2165 2165 - NdisZeroMemory(ScanReq->Ssid, MAX_LEN_OF_SSID); 2166 2166 - ScanReq->SsidLen = SsidLen; 2167 2167 - NdisMoveMemory(ScanReq->Ssid, Ssid, SsidLen); 2168 2168 - ScanReq->BssType = BssType; 2169 2169 - ScanReq->ScanType = ScanType; 2170 2170 - } 2171 2171 - 2172 2172 - /* 2173 2173 - ========================================================================== 2174 2174 - Description: 2175 2175 - 2176 2176 - IRQL = DISPATCH_LEVEL 2177 2177 - 2178 2178 - ========================================================================== 2179 2179 - */ 2180 2180 - VOID StartParmFill( 2181 2181 - IN PRTMP_ADAPTER pAd, 2182 2182 - IN OUT MLME_START_REQ_STRUCT *StartReq, 2183 2183 - IN CHAR Ssid[], 2184 2184 - IN UCHAR SsidLen) 2185 2185 - { 2186 2186 - ASSERT(SsidLen <= MAX_LEN_OF_SSID); 2187 2187 - NdisMoveMemory(StartReq->Ssid, Ssid, SsidLen); 2188 2188 - StartReq->SsidLen = SsidLen; 2189 2189 - } 2190 2190 - 2191 2191 - /* 2192 2192 - ========================================================================== 2193 2193 - Description: 2194 2194 - 2195 2195 - IRQL = DISPATCH_LEVEL 2196 2196 - 2197 2197 - ========================================================================== 2198 2198 - */ 2199 2199 - VOID AuthParmFill( 2200 2200 - IN PRTMP_ADAPTER pAd, 2201 2201 - IN OUT MLME_AUTH_REQ_STRUCT *AuthReq, 2202 2202 - IN PUCHAR pAddr, 2203 2203 - IN USHORT Alg) 2204 2204 - { 2205 2205 - COPY_MAC_ADDR(AuthReq->Addr, pAddr); 2206 2206 - AuthReq->Alg = Alg; 2207 2207 - AuthReq->Timeout = AUTH_TIMEOUT; 2208 2208 - } 2209 2209 - 2210 2210 - /* 2211 2211 - ========================================================================== 2212 2212 - Description: 2213 2213 - 2214 2214 - IRQL = DISPATCH_LEVEL 2215 2215 - 2216 2216 - ========================================================================== 2217 2217 - */ 2218 2218 - 2219 2219 - 2220 2220 - #ifdef RT2870 2221 2221 - 2222 2222 - VOID MlmeCntlConfirm( 2223 2223 - IN PRTMP_ADAPTER pAd, 2224 2224 - IN ULONG MsgType, 2225 2225 - IN USHORT Msg) 2226 2226 - { 2227 2227 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MsgType, sizeof(USHORT), &Msg); 2228 2228 - } 2229 2229 - 2230 2230 - VOID ComposePsPoll( 2231 2231 - IN PRTMP_ADAPTER pAd) 2232 2232 - { 2233 2233 - PTXINFO_STRUC pTxInfo; 2234 2234 - PTXWI_STRUC pTxWI; 2235 2235 - 2236 2236 - DBGPRINT(RT_DEBUG_TRACE, ("ComposePsPoll\n")); 2237 2237 - NdisZeroMemory(&pAd->PsPollFrame, sizeof(PSPOLL_FRAME)); 2238 2238 - 2239 2239 - pAd->PsPollFrame.FC.PwrMgmt = 0; 2240 2240 - pAd->PsPollFrame.FC.Type = BTYPE_CNTL; 2241 2241 - pAd->PsPollFrame.FC.SubType = SUBTYPE_PS_POLL; 2242 2242 - pAd->PsPollFrame.Aid = pAd->StaActive.Aid | 0xC000; 2243 2243 - COPY_MAC_ADDR(pAd->PsPollFrame.Bssid, pAd->CommonCfg.Bssid); 2244 2244 - COPY_MAC_ADDR(pAd->PsPollFrame.Ta, pAd->CurrentAddress); 2245 2245 - 2246 2246 - RTMPZeroMemory(&pAd->PsPollContext.TransferBuffer->field.WirelessPacket[0], 100); 2247 2247 - pTxInfo = (PTXINFO_STRUC)&pAd->PsPollContext.TransferBuffer->field.WirelessPacket[0]; 2248 2248 - RTMPWriteTxInfo(pAd, pTxInfo, (USHORT)(sizeof(PSPOLL_FRAME)+TXWI_SIZE), TRUE, EpToQueue[MGMTPIPEIDX], FALSE, FALSE); 2249 2249 - pTxWI = (PTXWI_STRUC)&pAd->PsPollContext.TransferBuffer->field.WirelessPacket[TXINFO_SIZE]; 2250 2250 - RTMPWriteTxWI(pAd, pTxWI, FALSE, FALSE, FALSE, FALSE, TRUE, FALSE, 0, BSSID_WCID, (sizeof(PSPOLL_FRAME)), 2251 2251 - 0, 0, (UCHAR)pAd->CommonCfg.MlmeTransmit.field.MCS, IFS_BACKOFF, FALSE, &pAd->CommonCfg.MlmeTransmit); 2252 2252 - RTMPMoveMemory(&pAd->PsPollContext.TransferBuffer->field.WirelessPacket[TXWI_SIZE+TXINFO_SIZE], &pAd->PsPollFrame, sizeof(PSPOLL_FRAME)); 2253 2253 - // Append 4 extra zero bytes. 2254 2254 - pAd->PsPollContext.BulkOutSize = TXINFO_SIZE + TXWI_SIZE + sizeof(PSPOLL_FRAME) + 4; 2255 2255 - } 2256 2256 - 2257 2257 - // IRQL = DISPATCH_LEVEL 2258 2258 - VOID ComposeNullFrame( 2259 2259 - IN PRTMP_ADAPTER pAd) 2260 2260 - { 2261 2261 - PTXINFO_STRUC pTxInfo; 2262 2262 - PTXWI_STRUC pTxWI; 2263 2263 - 2264 2264 - NdisZeroMemory(&pAd->NullFrame, sizeof(HEADER_802_11)); 2265 2265 - pAd->NullFrame.FC.Type = BTYPE_DATA; 2266 2266 - pAd->NullFrame.FC.SubType = SUBTYPE_NULL_FUNC; 2267 2267 - pAd->NullFrame.FC.ToDs = 1; 2268 2268 - COPY_MAC_ADDR(pAd->NullFrame.Addr1, pAd->CommonCfg.Bssid); 2269 2269 - COPY_MAC_ADDR(pAd->NullFrame.Addr2, pAd->CurrentAddress); 2270 2270 - COPY_MAC_ADDR(pAd->NullFrame.Addr3, pAd->CommonCfg.Bssid); 2271 2271 - RTMPZeroMemory(&pAd->NullContext.TransferBuffer->field.WirelessPacket[0], 100); 2272 2272 - pTxInfo = (PTXINFO_STRUC)&pAd->NullContext.TransferBuffer->field.WirelessPacket[0]; 2273 2273 - RTMPWriteTxInfo(pAd, pTxInfo, (USHORT)(sizeof(HEADER_802_11)+TXWI_SIZE), TRUE, EpToQueue[MGMTPIPEIDX], FALSE, FALSE); 2274 2274 - pTxWI = (PTXWI_STRUC)&pAd->NullContext.TransferBuffer->field.WirelessPacket[TXINFO_SIZE]; 2275 2275 - RTMPWriteTxWI(pAd, pTxWI, FALSE, FALSE, FALSE, FALSE, TRUE, FALSE, 0, BSSID_WCID, (sizeof(HEADER_802_11)), 2276 2276 - 0, 0, (UCHAR)pAd->CommonCfg.MlmeTransmit.field.MCS, IFS_BACKOFF, FALSE, &pAd->CommonCfg.MlmeTransmit); 2277 2277 - RTMPMoveMemory(&pAd->NullContext.TransferBuffer->field.WirelessPacket[TXWI_SIZE+TXINFO_SIZE], &pAd->NullFrame, sizeof(HEADER_802_11)); 2278 2278 - pAd->NullContext.BulkOutSize = TXINFO_SIZE + TXWI_SIZE + sizeof(pAd->NullFrame) + 4; 2279 2279 - } 2280 2280 - #endif // RT2870 // 2281 2281 - 2282 2282 - 2283 2283 - /* 2284 2284 - ========================================================================== 2285 2285 - Description: 2286 2286 - Pre-build a BEACON frame in the shared memory 2287 2287 - 2288 2288 - IRQL = PASSIVE_LEVEL 2289 2289 - IRQL = DISPATCH_LEVEL 2290 2290 - 2291 2291 - ========================================================================== 2292 2292 - */ 2293 2293 - ULONG MakeIbssBeacon( 2294 2294 - IN PRTMP_ADAPTER pAd) 2295 2295 - { 2296 2296 - UCHAR DsLen = 1, IbssLen = 2; 2297 2297 - UCHAR LocalErpIe[3] = {IE_ERP, 1, 0x04}; 2298 2298 - HEADER_802_11 BcnHdr; 2299 2299 - USHORT CapabilityInfo; 2300 2300 - LARGE_INTEGER FakeTimestamp; 2301 2301 - ULONG FrameLen = 0; 2302 2302 - PTXWI_STRUC pTxWI = &pAd->BeaconTxWI; 2303 2303 - CHAR *pBeaconFrame = pAd->BeaconBuf; 2304 2304 - BOOLEAN Privacy; 2305 2305 - UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES]; 2306 2306 - UCHAR SupRateLen = 0; 2307 2307 - UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES]; 2308 2308 - UCHAR ExtRateLen = 0; 2309 2309 - UCHAR RSNIe = IE_WPA; 2310 2310 - 2311 2311 - if ((pAd->CommonCfg.PhyMode == PHY_11B) && (pAd->CommonCfg.Channel <= 14)) 2312 2312 - { 2313 2313 - SupRate[0] = 0x82; // 1 mbps 2314 2314 - SupRate[1] = 0x84; // 2 mbps 2315 2315 - SupRate[2] = 0x8b; // 5.5 mbps 2316 2316 - SupRate[3] = 0x96; // 11 mbps 2317 2317 - SupRateLen = 4; 2318 2318 - ExtRateLen = 0; 2319 2319 - } 2320 2320 - else if (pAd->CommonCfg.Channel > 14) 2321 2321 - { 2322 2322 - SupRate[0] = 0x8C; // 6 mbps, in units of 0.5 Mbps, basic rate 2323 2323 - SupRate[1] = 0x12; // 9 mbps, in units of 0.5 Mbps 2324 2324 - SupRate[2] = 0x98; // 12 mbps, in units of 0.5 Mbps, basic rate 2325 2325 - SupRate[3] = 0x24; // 18 mbps, in units of 0.5 Mbps 2326 2326 - SupRate[4] = 0xb0; // 24 mbps, in units of 0.5 Mbps, basic rate 2327 2327 - SupRate[5] = 0x48; // 36 mbps, in units of 0.5 Mbps 2328 2328 - SupRate[6] = 0x60; // 48 mbps, in units of 0.5 Mbps 2329 2329 - SupRate[7] = 0x6c; // 54 mbps, in units of 0.5 Mbps 2330 2330 - SupRateLen = 8; 2331 2331 - ExtRateLen = 0; 2332 2332 - 2333 2333 - // 2334 2334 - // Also Update MlmeRate & RtsRate for G only & A only 2335 2335 - // 2336 2336 - pAd->CommonCfg.MlmeRate = RATE_6; 2337 2337 - pAd->CommonCfg.RtsRate = RATE_6; 2338 2338 - pAd->CommonCfg.MlmeTransmit.field.MODE = MODE_OFDM; 2339 2339 - pAd->CommonCfg.MlmeTransmit.field.MCS = OfdmRateToRxwiMCS[pAd->CommonCfg.MlmeRate]; 2340 2340 - pAd->MacTab.Content[BSS0Mcast_WCID].HTPhyMode.field.MODE = MODE_OFDM; 2341 2341 - pAd->MacTab.Content[BSS0Mcast_WCID].HTPhyMode.field.MCS = OfdmRateToRxwiMCS[pAd->CommonCfg.MlmeRate]; 2342 2342 - } 2343 2343 - else 2344 2344 - { 2345 2345 - SupRate[0] = 0x82; // 1 mbps 2346 2346 - SupRate[1] = 0x84; // 2 mbps 2347 2347 - SupRate[2] = 0x8b; // 5.5 mbps 2348 2348 - SupRate[3] = 0x96; // 11 mbps 2349 2349 - SupRateLen = 4; 2350 2350 - 2351 2351 - ExtRate[0] = 0x0C; // 6 mbps, in units of 0.5 Mbps, 2352 2352 - ExtRate[1] = 0x12; // 9 mbps, in units of 0.5 Mbps 2353 2353 - ExtRate[2] = 0x18; // 12 mbps, in units of 0.5 Mbps, 2354 2354 - ExtRate[3] = 0x24; // 18 mbps, in units of 0.5 Mbps 2355 2355 - ExtRate[4] = 0x30; // 24 mbps, in units of 0.5 Mbps, 2356 2356 - ExtRate[5] = 0x48; // 36 mbps, in units of 0.5 Mbps 2357 2357 - ExtRate[6] = 0x60; // 48 mbps, in units of 0.5 Mbps 2358 2358 - ExtRate[7] = 0x6c; // 54 mbps, in units of 0.5 Mbps 2359 2359 - ExtRateLen = 8; 2360 2360 - } 2361 2361 - 2362 2362 - pAd->StaActive.SupRateLen = SupRateLen; 2363 2363 - NdisMoveMemory(pAd->StaActive.SupRate, SupRate, SupRateLen); 2364 2364 - pAd->StaActive.ExtRateLen = ExtRateLen; 2365 2365 - NdisMoveMemory(pAd->StaActive.ExtRate, ExtRate, ExtRateLen); 2366 2366 - 2367 2367 - // compose IBSS beacon frame 2368 2368 - MgtMacHeaderInit(pAd, &BcnHdr, SUBTYPE_BEACON, 0, BROADCAST_ADDR, pAd->CommonCfg.Bssid); 2369 2369 - Privacy = (pAd->StaCfg.WepStatus == Ndis802_11Encryption1Enabled) || 2370 2370 - (pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled) || 2371 2371 - (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled); 2372 2372 - CapabilityInfo = CAP_GENERATE(0, 1, Privacy, (pAd->CommonCfg.TxPreamble == Rt802_11PreambleShort), 0, 0); 2373 2373 - 2374 2374 - MakeOutgoingFrame(pBeaconFrame, &FrameLen, 2375 2375 - sizeof(HEADER_802_11), &BcnHdr, 2376 2376 - TIMESTAMP_LEN, &FakeTimestamp, 2377 2377 - 2, &pAd->CommonCfg.BeaconPeriod, 2378 2378 - 2, &CapabilityInfo, 2379 2379 - 1, &SsidIe, 2380 2380 - 1, &pAd->CommonCfg.SsidLen, 2381 2381 - pAd->CommonCfg.SsidLen, pAd->CommonCfg.Ssid, 2382 2382 - 1, &SupRateIe, 2383 2383 - 1, &SupRateLen, 2384 2384 - SupRateLen, SupRate, 2385 2385 - 1, &DsIe, 2386 2386 - 1, &DsLen, 2387 2387 - 1, &pAd->CommonCfg.Channel, 2388 2388 - 1, &IbssIe, 2389 2389 - 1, &IbssLen, 2390 2390 - 2, &pAd->StaActive.AtimWin, 2391 2391 - END_OF_ARGS); 2392 2392 - 2393 2393 - // add ERP_IE and EXT_RAE IE of in 802.11g 2394 2394 - if (ExtRateLen) 2395 2395 - { 2396 2396 - ULONG tmp; 2397 2397 - 2398 2398 - MakeOutgoingFrame(pBeaconFrame + FrameLen, &tmp, 2399 2399 - 3, LocalErpIe, 2400 2400 - 1, &ExtRateIe, 2401 2401 - 1, &ExtRateLen, 2402 2402 - ExtRateLen, ExtRate, 2403 2403 - END_OF_ARGS); 2404 2404 - FrameLen += tmp; 2405 2405 - } 2406 2406 - 2407 2407 - // If adhoc secruity is set for WPA-None, append the cipher suite IE 2408 2408 - if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPANone) 2409 2409 - { 2410 2410 - ULONG tmp; 2411 2411 - RTMPMakeRSNIE(pAd, pAd->StaCfg.AuthMode, pAd->StaCfg.WepStatus, BSS0); 2412 2412 - 2413 2413 - MakeOutgoingFrame(pBeaconFrame + FrameLen, &tmp, 2414 2414 - 1, &RSNIe, 2415 2415 - 1, &pAd->StaCfg.RSNIE_Len, 2416 2416 - pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE, 2417 2417 - END_OF_ARGS); 2418 2418 - FrameLen += tmp; 2419 2419 - } 2420 2420 - 2421 2421 - if ((pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)) 2422 2422 - { 2423 2423 - ULONG TmpLen; 2424 2424 - UCHAR HtLen, HtLen1; 2425 2425 - 2426 2426 - // add HT Capability IE 2427 2427 - HtLen = sizeof(pAd->CommonCfg.HtCapability); 2428 2428 - HtLen1 = sizeof(pAd->CommonCfg.AddHTInfo); 2429 2429 - 2430 2430 - MakeOutgoingFrame(pBeaconFrame+FrameLen, &TmpLen, 2431 2431 - 1, &HtCapIe, 2432 2432 - 1, &HtLen, 2433 2433 - HtLen, &pAd->CommonCfg.HtCapability, 2434 2434 - 1, &AddHtInfoIe, 2435 2435 - 1, &HtLen1, 2436 2436 - HtLen1, &pAd->CommonCfg.AddHTInfo, 2437 2437 - END_OF_ARGS); 2438 2438 - 2439 2439 - FrameLen += TmpLen; 2440 2440 - } 2441 2441 - 2442 2442 - //beacon use reserved WCID 0xff 2443 2443 - if (pAd->CommonCfg.Channel > 14) 2444 2444 - { 2445 2445 - RTMPWriteTxWI(pAd, pTxWI, FALSE, FALSE, TRUE, FALSE, FALSE, TRUE, 0, 0xff, FrameLen, 2446 2446 - PID_MGMT, PID_BEACON, RATE_1, IFS_HTTXOP, FALSE, &pAd->CommonCfg.MlmeTransmit); 2447 2447 - } 2448 2448 - else 2449 2449 - { 2450 2450 - // Set to use 1Mbps for Adhoc beacon. 2451 2451 - HTTRANSMIT_SETTING Transmit; 2452 2452 - Transmit.word = 0; 2453 2453 - RTMPWriteTxWI(pAd, pTxWI, FALSE, FALSE, TRUE, FALSE, FALSE, TRUE, 0, 0xff, FrameLen, 2454 2454 - PID_MGMT, PID_BEACON, RATE_1, IFS_HTTXOP, FALSE, &Transmit); 2455 2455 - } 2456 2456 - 2457 2457 - DBGPRINT(RT_DEBUG_TRACE, ("MakeIbssBeacon (len=%ld), SupRateLen=%d, ExtRateLen=%d, Channel=%d, PhyMode=%d\n", 2458 2458 - FrameLen, SupRateLen, ExtRateLen, pAd->CommonCfg.Channel, pAd->CommonCfg.PhyMode)); 2459 2459 - return FrameLen; 2460 2460 - } 2461 2461 - 1 1 + #include "../../rt2870/sta/connect.c" 2462 2

+1 -2429

drivers/staging/rt3070/sta/rtmp_data.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - rtmp_data.c 29 29 - 30 30 - Abstract: 31 31 - Data path subroutines 32 32 - 33 33 - Revision History: 34 34 - Who When What 35 35 - -------- ---------- ---------------------------------------------- 36 36 - John Aug/17/04 major modification for RT2561/2661 37 37 - Jan Lee Mar/17/06 major modification for RT2860 New Ring Design 38 38 - */ 39 39 - #include "../rt_config.h" 40 40 - 41 41 - 42 42 - 43 43 - VOID STARxEAPOLFrameIndicate( 44 44 - IN PRTMP_ADAPTER pAd, 45 45 - IN MAC_TABLE_ENTRY *pEntry, 46 46 - IN RX_BLK *pRxBlk, 47 47 - IN UCHAR FromWhichBSSID) 48 48 - { 49 49 - PRT28XX_RXD_STRUC pRxD = &(pRxBlk->RxD); 50 50 - PRXWI_STRUC pRxWI = pRxBlk->pRxWI; 51 51 - UCHAR *pTmpBuf; 52 52 - 53 53 - 54 54 - if (pAd->StaCfg.WpaSupplicantUP) 55 55 - { 56 56 - // All EAPoL frames have to pass to upper layer (ex. WPA_SUPPLICANT daemon) 57 57 - // TBD : process fragmented EAPol frames 58 58 - { 59 59 - // In 802.1x mode, if the received frame is EAP-SUCCESS packet, turn on the PortSecured variable 60 60 - if ( pAd->StaCfg.IEEE8021X == TRUE && 61 61 - (EAP_CODE_SUCCESS == WpaCheckEapCode(pAd, pRxBlk->pData, pRxBlk->DataSize, LENGTH_802_1_H))) 62 62 - { 63 63 - PUCHAR Key; 64 64 - UCHAR CipherAlg; 65 65 - int idx = 0; 66 66 - 67 67 - DBGPRINT_RAW(RT_DEBUG_TRACE, ("Receive EAP-SUCCESS Packet\n")); 68 68 - STA_PORT_SECURED(pAd); 69 69 - 70 70 - if (pAd->StaCfg.IEEE8021x_required_keys == FALSE) 71 71 - { 72 72 - idx = pAd->StaCfg.DesireSharedKeyId; 73 73 - CipherAlg = pAd->StaCfg.DesireSharedKey[idx].CipherAlg; 74 74 - Key = pAd->StaCfg.DesireSharedKey[idx].Key; 75 75 - 76 76 - if (pAd->StaCfg.DesireSharedKey[idx].KeyLen > 0) 77 77 - { 78 78 - #ifdef RT2870 79 79 - union 80 80 - { 81 81 - char buf[sizeof(NDIS_802_11_WEP)+MAX_LEN_OF_KEY- 1]; 82 82 - NDIS_802_11_WEP keyinfo; 83 83 - } WepKey; 84 84 - int len; 85 85 - 86 86 - 87 87 - NdisZeroMemory(&WepKey, sizeof(WepKey)); 88 88 - len =pAd->StaCfg.DesireSharedKey[idx].KeyLen; 89 89 - 90 90 - NdisMoveMemory(WepKey.keyinfo.KeyMaterial, 91 91 - pAd->StaCfg.DesireSharedKey[idx].Key, 92 92 - pAd->StaCfg.DesireSharedKey[idx].KeyLen); 93 93 - 94 94 - WepKey.keyinfo.KeyIndex = 0x80000000 + idx; 95 95 - WepKey.keyinfo.KeyLength = len; 96 96 - pAd->SharedKey[BSS0][idx].KeyLen =(UCHAR) (len <= 5 ? 5 : 13); 97 97 - 98 98 - pAd->IndicateMediaState = NdisMediaStateConnected; 99 99 - pAd->ExtraInfo = GENERAL_LINK_UP; 100 100 - // need to enqueue cmd to thread 101 101 - RTUSBEnqueueCmdFromNdis(pAd, OID_802_11_ADD_WEP, TRUE, &WepKey, sizeof(WepKey.keyinfo) + len - 1); 102 102 - #endif // RT2870 // 103 103 - // For Preventing ShardKey Table is cleared by remove key procedure. 104 104 - pAd->SharedKey[BSS0][idx].CipherAlg = CipherAlg; 105 105 - pAd->SharedKey[BSS0][idx].KeyLen = pAd->StaCfg.DesireSharedKey[idx].KeyLen; 106 106 - NdisMoveMemory(pAd->SharedKey[BSS0][idx].Key, 107 107 - pAd->StaCfg.DesireSharedKey[idx].Key, 108 108 - pAd->StaCfg.DesireSharedKey[idx].KeyLen); 109 109 - } 110 110 - } 111 111 - } 112 112 - 113 113 - Indicate_Legacy_Packet(pAd, pRxBlk, FromWhichBSSID); 114 114 - return; 115 115 - } 116 116 - } 117 117 - else 118 118 - { 119 119 - // Special DATA frame that has to pass to MLME 120 120 - // 1. Cisco Aironet frames for CCX2. We need pass it to MLME for special process 121 121 - // 2. EAPOL handshaking frames when driver supplicant enabled, pass to MLME for special process 122 122 - { 123 123 - pTmpBuf = pRxBlk->pData - LENGTH_802_11; 124 124 - NdisMoveMemory(pTmpBuf, pRxBlk->pHeader, LENGTH_802_11); 125 125 - REPORT_MGMT_FRAME_TO_MLME(pAd, pRxWI->WirelessCliID, pTmpBuf, pRxBlk->DataSize + LENGTH_802_11, pRxWI->RSSI0, pRxWI->RSSI1, pRxWI->RSSI2, pRxD->PlcpSignal); 126 126 - DBGPRINT_RAW(RT_DEBUG_TRACE, ("!!! report EAPOL/AIRONET DATA to MLME (len=%d) !!!\n", pRxBlk->DataSize)); 127 127 - } 128 128 - } 129 129 - 130 130 - RELEASE_NDIS_PACKET(pAd, pRxBlk->pRxPacket, NDIS_STATUS_FAILURE); 131 131 - return; 132 132 - 133 133 - } 134 134 - 135 135 - VOID STARxDataFrameAnnounce( 136 136 - IN PRTMP_ADAPTER pAd, 137 137 - IN MAC_TABLE_ENTRY *pEntry, 138 138 - IN RX_BLK *pRxBlk, 139 139 - IN UCHAR FromWhichBSSID) 140 140 - { 141 141 - 142 142 - // non-EAP frame 143 143 - if (!RTMPCheckWPAframe(pAd, pEntry, pRxBlk->pData, pRxBlk->DataSize, FromWhichBSSID)) 144 144 - { 145 145 - 146 146 - { 147 147 - // drop all non-EAP DATA frame before 148 148 - // this client's Port-Access-Control is secured 149 149 - if (pRxBlk->pHeader->FC.Wep) 150 150 - { 151 151 - // unsupported cipher suite 152 152 - if (pAd->StaCfg.WepStatus == Ndis802_11EncryptionDisabled) 153 153 - { 154 154 - // release packet 155 155 - RELEASE_NDIS_PACKET(pAd, pRxBlk->pRxPacket, NDIS_STATUS_FAILURE); 156 156 - return; 157 157 - } 158 158 - } 159 159 - else 160 160 - { 161 161 - // encryption in-use but receive a non-EAPOL clear text frame, drop it 162 162 - if ((pAd->StaCfg.WepStatus != Ndis802_11EncryptionDisabled) && 163 163 - (pAd->StaCfg.PortSecured == WPA_802_1X_PORT_NOT_SECURED)) 164 164 - { 165 165 - // release packet 166 166 - RELEASE_NDIS_PACKET(pAd, pRxBlk->pRxPacket, NDIS_STATUS_FAILURE); 167 167 - return; 168 168 - } 169 169 - } 170 170 - } 171 171 - RX_BLK_CLEAR_FLAG(pRxBlk, fRX_EAP); 172 172 - if (!RX_BLK_TEST_FLAG(pRxBlk, fRX_ARALINK)) 173 173 - { 174 174 - // Normal legacy, AMPDU or AMSDU 175 175 - CmmRxnonRalinkFrameIndicate(pAd, pRxBlk, FromWhichBSSID); 176 176 - 177 177 - } 178 178 - else 179 179 - { 180 180 - // ARALINK 181 181 - CmmRxRalinkFrameIndicate(pAd, pEntry, pRxBlk, FromWhichBSSID); 182 182 - } 183 183 - } 184 184 - else 185 185 - { 186 186 - RX_BLK_SET_FLAG(pRxBlk, fRX_EAP); 187 187 - 188 188 - if (RX_BLK_TEST_FLAG(pRxBlk, fRX_AMPDU) && (pAd->CommonCfg.bDisableReordering == 0)) 189 189 - { 190 190 - Indicate_AMPDU_Packet(pAd, pRxBlk, FromWhichBSSID); 191 191 - } 192 192 - else 193 193 - { 194 194 - // Determin the destination of the EAP frame 195 195 - // to WPA state machine or upper layer 196 196 - STARxEAPOLFrameIndicate(pAd, pEntry, pRxBlk, FromWhichBSSID); 197 197 - } 198 198 - } 199 199 - } 200 200 - 201 201 - 202 202 - // For TKIP frame, calculate the MIC value 203 203 - BOOLEAN STACheckTkipMICValue( 204 204 - IN PRTMP_ADAPTER pAd, 205 205 - IN MAC_TABLE_ENTRY *pEntry, 206 206 - IN RX_BLK *pRxBlk) 207 207 - { 208 208 - PHEADER_802_11 pHeader = pRxBlk->pHeader; 209 209 - UCHAR *pData = pRxBlk->pData; 210 210 - USHORT DataSize = pRxBlk->DataSize; 211 211 - UCHAR UserPriority = pRxBlk->UserPriority; 212 212 - PCIPHER_KEY pWpaKey; 213 213 - UCHAR *pDA, *pSA; 214 214 - 215 215 - pWpaKey = &pAd->SharedKey[BSS0][pRxBlk->pRxWI->KeyIndex]; 216 216 - 217 217 - pDA = pHeader->Addr1; 218 218 - if (RX_BLK_TEST_FLAG(pRxBlk, fRX_INFRA)) 219 219 - { 220 220 - pSA = pHeader->Addr3; 221 221 - } 222 222 - else 223 223 - { 224 224 - pSA = pHeader->Addr2; 225 225 - } 226 226 - 227 227 - if (RTMPTkipCompareMICValue(pAd, 228 228 - pData, 229 229 - pDA, 230 230 - pSA, 231 231 - pWpaKey->RxMic, 232 232 - UserPriority, 233 233 - DataSize) == FALSE) 234 234 - { 235 235 - DBGPRINT_RAW(RT_DEBUG_ERROR,("Rx MIC Value error 2\n")); 236 236 - 237 237 - if (pAd->StaCfg.WpaSupplicantUP) 238 238 - { 239 239 - WpaSendMicFailureToWpaSupplicant(pAd, (pWpaKey->Type == PAIRWISEKEY) ? TRUE : FALSE); 240 240 - } 241 241 - else 242 242 - { 243 243 - RTMPReportMicError(pAd, pWpaKey); 244 244 - } 245 245 - 246 246 - // release packet 247 247 - RELEASE_NDIS_PACKET(pAd, pRxBlk->pRxPacket, NDIS_STATUS_FAILURE); 248 248 - return FALSE; 249 249 - } 250 250 - 251 251 - return TRUE; 252 252 - } 253 253 - 254 254 - 255 255 - // 256 256 - // All Rx routines use RX_BLK structure to hande rx events 257 257 - // It is very important to build pRxBlk attributes 258 258 - // 1. pHeader pointer to 802.11 Header 259 259 - // 2. pData pointer to payload including LLC (just skip Header) 260 260 - // 3. set payload size including LLC to DataSize 261 261 - // 4. set some flags with RX_BLK_SET_FLAG() 262 262 - // 263 263 - VOID STAHandleRxDataFrame( 264 264 - IN PRTMP_ADAPTER pAd, 265 265 - IN RX_BLK *pRxBlk) 266 266 - { 267 267 - PRT28XX_RXD_STRUC pRxD = &(pRxBlk->RxD); 268 268 - PRXWI_STRUC pRxWI = pRxBlk->pRxWI; 269 269 - PHEADER_802_11 pHeader = pRxBlk->pHeader; 270 270 - PNDIS_PACKET pRxPacket = pRxBlk->pRxPacket; 271 271 - BOOLEAN bFragment = FALSE; 272 272 - MAC_TABLE_ENTRY *pEntry = NULL; 273 273 - UCHAR FromWhichBSSID = BSS0; 274 274 - UCHAR UserPriority = 0; 275 275 - 276 276 - { 277 277 - // before LINK UP, all DATA frames are rejected 278 278 - if (!OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED)) 279 279 - { 280 280 - // release packet 281 281 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 282 282 - return; 283 283 - } 284 284 - 285 285 - // Drop not my BSS frames 286 286 - if (pRxD->MyBss == 0) 287 287 - { 288 288 - { 289 289 - // release packet 290 290 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 291 291 - return; 292 292 - } 293 293 - } 294 294 - 295 295 - pAd->RalinkCounters.RxCountSinceLastNULL++; 296 296 - if (pAd->CommonCfg.bAPSDCapable && pAd->CommonCfg.APEdcaParm.bAPSDCapable && (pHeader->FC.SubType & 0x08)) 297 297 - { 298 298 - UCHAR *pData; 299 299 - DBGPRINT(RT_DEBUG_TRACE,("bAPSDCapable\n")); 300 300 - 301 301 - // Qos bit 4 302 302 - pData = (PUCHAR)pHeader + LENGTH_802_11; 303 303 - if ((*pData >> 4) & 0x01) 304 304 - { 305 305 - DBGPRINT(RT_DEBUG_TRACE,("RxDone- Rcv EOSP frame, driver may fall into sleep\n")); 306 306 - pAd->CommonCfg.bInServicePeriod = FALSE; 307 307 - 308 308 - // Force driver to fall into sleep mode when rcv EOSP frame 309 309 - if (!OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_DOZE)) 310 310 - { 311 311 - USHORT TbttNumToNextWakeUp; 312 312 - USHORT NextDtim = pAd->StaCfg.DtimPeriod; 313 313 - ULONG Now; 314 314 - 315 315 - NdisGetSystemUpTime(&Now); 316 316 - NextDtim -= (USHORT)(Now - pAd->StaCfg.LastBeaconRxTime)/pAd->CommonCfg.BeaconPeriod; 317 317 - 318 318 - TbttNumToNextWakeUp = pAd->StaCfg.DefaultListenCount; 319 319 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_RECEIVE_DTIM) && (TbttNumToNextWakeUp > NextDtim)) 320 320 - TbttNumToNextWakeUp = NextDtim; 321 321 - 322 322 - MlmeSetPsmBit(pAd, PWR_SAVE); 323 323 - // if WMM-APSD is failed, try to disable following line 324 324 - AsicSleepThenAutoWakeup(pAd, TbttNumToNextWakeUp); 325 325 - } 326 326 - } 327 327 - 328 328 - if ((pHeader->FC.MoreData) && (pAd->CommonCfg.bInServicePeriod)) 329 329 - { 330 330 - DBGPRINT(RT_DEBUG_TRACE,("Sending another trigger frame when More Data bit is set to 1\n")); 331 331 - } 332 332 - } 333 333 - 334 334 - // Drop NULL, CF-ACK(no data), CF-POLL(no data), and CF-ACK+CF-POLL(no data) data frame 335 335 - if ((pHeader->FC.SubType & 0x04)) // bit 2 : no DATA 336 336 - { 337 337 - // release packet 338 338 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 339 339 - return; 340 340 - } 341 341 - 342 342 - // Drop not my BSS frame (we can not only check the MyBss bit in RxD) 343 343 - 344 344 - if (INFRA_ON(pAd)) 345 345 - { 346 346 - // Infrastructure mode, check address 2 for BSSID 347 347 - if (!RTMPEqualMemory(&pHeader->Addr2, &pAd->CommonCfg.Bssid, 6)) 348 348 - { 349 349 - // Receive frame not my BSSID 350 350 - // release packet 351 351 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 352 352 - return; 353 353 - } 354 354 - } 355 355 - else // Ad-Hoc mode or Not associated 356 356 - { 357 357 - // Ad-Hoc mode, check address 3 for BSSID 358 358 - if (!RTMPEqualMemory(&pHeader->Addr3, &pAd->CommonCfg.Bssid, 6)) 359 359 - { 360 360 - // Receive frame not my BSSID 361 361 - // release packet 362 362 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 363 363 - return; 364 364 - } 365 365 - } 366 366 - 367 367 - // 368 368 - // find pEntry 369 369 - // 370 370 - if (pRxWI->WirelessCliID < MAX_LEN_OF_MAC_TABLE) 371 371 - { 372 372 - pEntry = &pAd->MacTab.Content[pRxWI->WirelessCliID]; 373 373 - } 374 374 - else 375 375 - { 376 376 - // 1. release packet if infra mode 377 377 - // 2. new a pEntry if ad-hoc mode 378 378 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 379 379 - return; 380 380 - } 381 381 - 382 382 - // infra or ad-hoc 383 383 - if (INFRA_ON(pAd)) 384 384 - { 385 385 - RX_BLK_SET_FLAG(pRxBlk, fRX_INFRA); 386 386 - ASSERT(pRxWI->WirelessCliID == BSSID_WCID); 387 387 - } 388 388 - 389 389 - // check Atheros Client 390 390 - if ((pEntry->bIAmBadAtheros == FALSE) && (pRxD->AMPDU == 1) && (pHeader->FC.Retry )) 391 391 - { 392 392 - pEntry->bIAmBadAtheros = TRUE; 393 393 - pAd->CommonCfg.IOTestParm.bCurrentAtheros = TRUE; 394 394 - pAd->CommonCfg.IOTestParm.bLastAtheros = TRUE; 395 395 - if (!STA_AES_ON(pAd)) 396 396 - { 397 397 - AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, TRUE, FALSE); 398 398 - } 399 399 - } 400 400 - } 401 401 - 402 402 - pRxBlk->pData = (UCHAR *)pHeader; 403 403 - 404 404 - // 405 405 - // update RxBlk->pData, DataSize 406 406 - // 802.11 Header, QOS, HTC, Hw Padding 407 407 - // 408 408 - 409 409 - // 1. skip 802.11 HEADER 410 410 - { 411 411 - pRxBlk->pData += LENGTH_802_11; 412 412 - pRxBlk->DataSize -= LENGTH_802_11; 413 413 - } 414 414 - 415 415 - // 2. QOS 416 416 - if (pHeader->FC.SubType & 0x08) 417 417 - { 418 418 - RX_BLK_SET_FLAG(pRxBlk, fRX_QOS); 419 419 - UserPriority = *(pRxBlk->pData) & 0x0f; 420 420 - // bit 7 in QoS Control field signals the HT A-MSDU format 421 421 - if ((*pRxBlk->pData) & 0x80) 422 422 - { 423 423 - RX_BLK_SET_FLAG(pRxBlk, fRX_AMSDU); 424 424 - } 425 425 - 426 426 - // skip QOS contorl field 427 427 - pRxBlk->pData += 2; 428 428 - pRxBlk->DataSize -=2; 429 429 - } 430 430 - pRxBlk->UserPriority = UserPriority; 431 431 - 432 432 - // 3. Order bit: A-Ralink or HTC+ 433 433 - if (pHeader->FC.Order) 434 434 - { 435 435 - #ifdef AGGREGATION_SUPPORT 436 436 - if ((pRxWI->PHYMODE <= MODE_OFDM) && (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_AGGREGATION_INUSED))) 437 437 - { 438 438 - RX_BLK_SET_FLAG(pRxBlk, fRX_ARALINK); 439 439 - } 440 440 - else 441 441 - #endif 442 442 - { 443 443 - RX_BLK_SET_FLAG(pRxBlk, fRX_HTC); 444 444 - // skip HTC contorl field 445 445 - pRxBlk->pData += 4; 446 446 - pRxBlk->DataSize -= 4; 447 447 - } 448 448 - } 449 449 - 450 450 - // 4. skip HW padding 451 451 - if (pRxD->L2PAD) 452 452 - { 453 453 - // just move pData pointer 454 454 - // because DataSize excluding HW padding 455 455 - RX_BLK_SET_FLAG(pRxBlk, fRX_PAD); 456 456 - pRxBlk->pData += 2; 457 457 - } 458 458 - 459 459 - if (pRxD->BA) 460 460 - { 461 461 - RX_BLK_SET_FLAG(pRxBlk, fRX_AMPDU); 462 462 - } 463 463 - 464 464 - // 465 465 - // Case I Process Broadcast & Multicast data frame 466 466 - // 467 467 - if (pRxD->Bcast || pRxD->Mcast) 468 468 - { 469 469 - INC_COUNTER64(pAd->WlanCounters.MulticastReceivedFrameCount); 470 470 - 471 471 - // Drop Mcast/Bcast frame with fragment bit on 472 472 - if (pHeader->FC.MoreFrag) 473 473 - { 474 474 - // release packet 475 475 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 476 476 - return; 477 477 - } 478 478 - 479 479 - // Filter out Bcast frame which AP relayed for us 480 480 - if (pHeader->FC.FrDs && MAC_ADDR_EQUAL(pHeader->Addr3, pAd->CurrentAddress)) 481 481 - { 482 482 - // release packet 483 483 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 484 484 - return; 485 485 - } 486 486 - 487 487 - Indicate_Legacy_Packet(pAd, pRxBlk, FromWhichBSSID); 488 488 - return; 489 489 - } 490 490 - else if (pRxD->U2M) 491 491 - { 492 492 - pAd->LastRxRate = (USHORT)((pRxWI->MCS) + (pRxWI->BW <<7) + (pRxWI->ShortGI <<8)+ (pRxWI->PHYMODE <<14)) ; 493 493 - 494 494 - if (ADHOC_ON(pAd)) 495 495 - { 496 496 - pEntry = MacTableLookup(pAd, pHeader->Addr2); 497 497 - if (pEntry) 498 498 - Update_Rssi_Sample(pAd, &pEntry->RssiSample, pRxWI); 499 499 - } 500 500 - 501 501 - 502 502 - Update_Rssi_Sample(pAd, &pAd->StaCfg.RssiSample, pRxWI); 503 503 - 504 504 - pAd->StaCfg.LastSNR0 = (UCHAR)(pRxWI->SNR0); 505 505 - pAd->StaCfg.LastSNR1 = (UCHAR)(pRxWI->SNR1); 506 506 - 507 507 - pAd->RalinkCounters.OneSecRxOkDataCnt++; 508 508 - 509 509 - 510 510 - if (!((pHeader->Frag == 0) && (pHeader->FC.MoreFrag == 0))) 511 511 - { 512 512 - // re-assemble the fragmented packets 513 513 - // return complete frame (pRxPacket) or NULL 514 514 - bFragment = TRUE; 515 515 - pRxPacket = RTMPDeFragmentDataFrame(pAd, pRxBlk); 516 516 - } 517 517 - 518 518 - if (pRxPacket) 519 519 - { 520 520 - pEntry = &pAd->MacTab.Content[pRxWI->WirelessCliID]; 521 521 - 522 522 - // process complete frame 523 523 - if (bFragment && (pRxD->Decrypted) && (pEntry->WepStatus == Ndis802_11Encryption2Enabled)) 524 524 - { 525 525 - // Minus MIC length 526 526 - pRxBlk->DataSize -= 8; 527 527 - 528 528 - // For TKIP frame, calculate the MIC value 529 529 - if (STACheckTkipMICValue(pAd, pEntry, pRxBlk) == FALSE) 530 530 - { 531 531 - return; 532 532 - } 533 533 - } 534 534 - 535 535 - STARxDataFrameAnnounce(pAd, pEntry, pRxBlk, FromWhichBSSID); 536 536 - return; 537 537 - } 538 538 - else 539 539 - { 540 540 - // just return 541 541 - // because RTMPDeFragmentDataFrame() will release rx packet, 542 542 - // if packet is fragmented 543 543 - return; 544 544 - } 545 545 - } 546 546 - 547 547 - ASSERT(0); 548 548 - // release packet 549 549 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 550 550 - } 551 551 - 552 552 - VOID STAHandleRxMgmtFrame( 553 553 - IN PRTMP_ADAPTER pAd, 554 554 - IN RX_BLK *pRxBlk) 555 555 - { 556 556 - PRT28XX_RXD_STRUC pRxD = &(pRxBlk->RxD); 557 557 - PRXWI_STRUC pRxWI = pRxBlk->pRxWI; 558 558 - PHEADER_802_11 pHeader = pRxBlk->pHeader; 559 559 - PNDIS_PACKET pRxPacket = pRxBlk->pRxPacket; 560 560 - 561 561 - do 562 562 - { 563 563 - 564 564 - // We should collect RSSI not only U2M data but also my beacon 565 565 - if ((pHeader->FC.SubType == SUBTYPE_BEACON) && (MAC_ADDR_EQUAL(&pAd->CommonCfg.Bssid, &pHeader->Addr2)) 566 566 - && (pAd->RxAnt.EvaluatePeriod == 0)) 567 567 - { 568 568 - Update_Rssi_Sample(pAd, &pAd->StaCfg.RssiSample, pRxWI); 569 569 - 570 570 - pAd->StaCfg.LastSNR0 = (UCHAR)(pRxWI->SNR0); 571 571 - pAd->StaCfg.LastSNR1 = (UCHAR)(pRxWI->SNR1); 572 572 - } 573 573 - 574 574 - #ifdef RT30xx 575 575 - // collect rssi information for antenna diversity 576 576 - if (pAd->NicConfig2.field.AntDiversity) 577 577 - { 578 578 - if ((pRxD->U2M) || ((pHeader->FC.SubType == SUBTYPE_BEACON) && (MAC_ADDR_EQUAL(&pAd->CommonCfg.Bssid, &pHeader->Addr2)))) 579 579 - { 580 580 - COLLECT_RX_ANTENNA_AVERAGE_RSSI(pAd, ConvertToRssi(pAd, (UCHAR)pRxWI->RSSI0, RSSI_0), 0); //Note: RSSI2 not used on RT73 581 581 - pAd->StaCfg.NumOfAvgRssiSample ++; 582 582 - } 583 583 - } 584 584 - #endif // RT30xx // 585 585 - 586 586 - // First check the size, it MUST not exceed the mlme queue size 587 587 - if (pRxWI->MPDUtotalByteCount > MGMT_DMA_BUFFER_SIZE) 588 588 - { 589 589 - DBGPRINT_ERR(("STAHandleRxMgmtFrame: frame too large, size = %d \n", pRxWI->MPDUtotalByteCount)); 590 590 - break; 591 591 - } 592 592 - 593 593 - REPORT_MGMT_FRAME_TO_MLME(pAd, pRxWI->WirelessCliID, pHeader, pRxWI->MPDUtotalByteCount, 594 594 - pRxWI->RSSI0, pRxWI->RSSI1, pRxWI->RSSI2, pRxD->PlcpSignal); 595 595 - } while (FALSE); 596 596 - 597 597 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_SUCCESS); 598 598 - } 599 599 - 600 600 - VOID STAHandleRxControlFrame( 601 601 - IN PRTMP_ADAPTER pAd, 602 602 - IN RX_BLK *pRxBlk) 603 603 - { 604 604 - PRXWI_STRUC pRxWI = pRxBlk->pRxWI; 605 605 - PHEADER_802_11 pHeader = pRxBlk->pHeader; 606 606 - PNDIS_PACKET pRxPacket = pRxBlk->pRxPacket; 607 607 - 608 608 - switch (pHeader->FC.SubType) 609 609 - { 610 610 - case SUBTYPE_BLOCK_ACK_REQ: 611 611 - { 612 612 - CntlEnqueueForRecv(pAd, pRxWI->WirelessCliID, (pRxWI->MPDUtotalByteCount), (PFRAME_BA_REQ)pHeader); 613 613 - } 614 614 - break; 615 615 - case SUBTYPE_BLOCK_ACK: 616 616 - case SUBTYPE_ACK: 617 617 - default: 618 618 - break; 619 619 - } 620 620 - 621 621 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 622 622 - } 623 623 - 624 624 - 625 625 - /* 626 626 - ======================================================================== 627 627 - 628 628 - Routine Description: 629 629 - Process RxDone interrupt, running in DPC level 630 630 - 631 631 - Arguments: 632 632 - pAd Pointer to our adapter 633 633 - 634 634 - Return Value: 635 635 - None 636 636 - 637 637 - IRQL = DISPATCH_LEVEL 638 638 - 639 639 - Note: 640 640 - This routine has to maintain Rx ring read pointer. 641 641 - Need to consider QOS DATA format when converting to 802.3 642 642 - ======================================================================== 643 643 - */ 644 644 - BOOLEAN STARxDoneInterruptHandle( 645 645 - IN PRTMP_ADAPTER pAd, 646 646 - IN BOOLEAN argc) 647 647 - { 648 648 - NDIS_STATUS Status; 649 649 - UINT32 RxProcessed, RxPending; 650 650 - BOOLEAN bReschedule = FALSE; 651 651 - RT28XX_RXD_STRUC *pRxD; 652 652 - UCHAR *pData; 653 653 - PRXWI_STRUC pRxWI; 654 654 - PNDIS_PACKET pRxPacket; 655 655 - PHEADER_802_11 pHeader; 656 656 - RX_BLK RxCell; 657 657 - 658 658 - RxProcessed = RxPending = 0; 659 659 - 660 660 - // process whole rx ring 661 661 - while (1) 662 662 - { 663 663 - 664 664 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RADIO_OFF | 665 665 - fRTMP_ADAPTER_RESET_IN_PROGRESS | 666 666 - fRTMP_ADAPTER_HALT_IN_PROGRESS | 667 667 - fRTMP_ADAPTER_NIC_NOT_EXIST) || 668 668 - !RTMP_TEST_FLAG(pAd,fRTMP_ADAPTER_START_UP)) 669 669 - { 670 670 - break; 671 671 - } 672 672 - 673 673 - 674 674 - RxProcessed ++; // test 675 675 - 676 676 - // 1. allocate a new data packet into rx ring to replace received packet 677 677 - // then processing the received packet 678 678 - // 2. the callee must take charge of release of packet 679 679 - // 3. As far as driver is concerned , 680 680 - // the rx packet must 681 681 - // a. be indicated to upper layer or 682 682 - // b. be released if it is discarded 683 683 - pRxPacket = GetPacketFromRxRing(pAd, &(RxCell.RxD), &bReschedule, &RxPending); 684 684 - if (pRxPacket == NULL) 685 685 - { 686 686 - // no more packet to process 687 687 - break; 688 688 - } 689 689 - 690 690 - // get rx ring descriptor 691 691 - pRxD = &(RxCell.RxD); 692 692 - // get rx data buffer 693 693 - pData = GET_OS_PKT_DATAPTR(pRxPacket); 694 694 - pRxWI = (PRXWI_STRUC) pData; 695 695 - pHeader = (PHEADER_802_11) (pData+RXWI_SIZE) ; 696 696 - 697 697 - // build RxCell 698 698 - RxCell.pRxWI = pRxWI; 699 699 - RxCell.pHeader = pHeader; 700 700 - RxCell.pRxPacket = pRxPacket; 701 701 - RxCell.pData = (UCHAR *) pHeader; 702 702 - RxCell.DataSize = pRxWI->MPDUtotalByteCount; 703 703 - RxCell.Flags = 0; 704 704 - 705 705 - // Increase Total receive byte counter after real data received no mater any error or not 706 706 - pAd->RalinkCounters.ReceivedByteCount += pRxWI->MPDUtotalByteCount; 707 707 - pAd->RalinkCounters.RxCount ++; 708 708 - 709 709 - INC_COUNTER64(pAd->WlanCounters.ReceivedFragmentCount); 710 710 - 711 711 - if (pRxWI->MPDUtotalByteCount < 14) 712 712 - Status = NDIS_STATUS_FAILURE; 713 713 - 714 714 - if (MONITOR_ON(pAd)) 715 715 - { 716 716 - send_monitor_packets(pAd, &RxCell); 717 717 - break; 718 718 - } 719 719 - /* RT2870 invokes STARxDoneInterruptHandle() in rtusb_bulk.c */ 720 720 - 721 721 - // Check for all RxD errors 722 722 - Status = RTMPCheckRxError(pAd, pHeader, pRxWI, pRxD); 723 723 - 724 724 - // Handle the received frame 725 725 - if (Status == NDIS_STATUS_SUCCESS) 726 726 - { 727 727 - switch (pHeader->FC.Type) 728 728 - { 729 729 - // CASE I, receive a DATA frame 730 730 - case BTYPE_DATA: 731 731 - { 732 732 - // process DATA frame 733 733 - STAHandleRxDataFrame(pAd, &RxCell); 734 734 - } 735 735 - break; 736 736 - // CASE II, receive a MGMT frame 737 737 - case BTYPE_MGMT: 738 738 - { 739 739 - STAHandleRxMgmtFrame(pAd, &RxCell); 740 740 - } 741 741 - break; 742 742 - // CASE III. receive a CNTL frame 743 743 - case BTYPE_CNTL: 744 744 - { 745 745 - STAHandleRxControlFrame(pAd, &RxCell); 746 746 - } 747 747 - break; 748 748 - // discard other type 749 749 - default: 750 750 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 751 751 - break; 752 752 - } 753 753 - } 754 754 - else 755 755 - { 756 756 - pAd->Counters8023.RxErrors++; 757 757 - // discard this frame 758 758 - RELEASE_NDIS_PACKET(pAd, pRxPacket, NDIS_STATUS_FAILURE); 759 759 - } 760 760 - } 761 761 - 762 762 - return bReschedule; 763 763 - } 764 764 - 765 765 - /* 766 766 - ======================================================================== 767 767 - 768 768 - Routine Description: 769 769 - Arguments: 770 770 - pAd Pointer to our adapter 771 771 - 772 772 - IRQL = DISPATCH_LEVEL 773 773 - 774 774 - ======================================================================== 775 775 - */ 776 776 - VOID RTMPHandleTwakeupInterrupt( 777 777 - IN PRTMP_ADAPTER pAd) 778 778 - { 779 779 - AsicForceWakeup(pAd, FALSE); 780 780 - } 781 781 - 782 782 - /* 783 783 - ======================================================================== 784 784 - Routine Description: 785 785 - Early checking and OS-depened parsing for Tx packet send to our STA driver. 786 786 - 787 787 - Arguments: 788 788 - NDIS_HANDLE MiniportAdapterContext Pointer refer to the device handle, i.e., the pAd. 789 789 - PPNDIS_PACKET ppPacketArray The packet array need to do transmission. 790 790 - UINT NumberOfPackets Number of packet in packet array. 791 791 - 792 792 - Return Value: 793 793 - NONE 794 794 - 795 795 - Note: 796 796 - This function do early checking and classification for send-out packet. 797 797 - You only can put OS-depened & STA related code in here. 798 798 - ======================================================================== 799 799 - */ 800 800 - VOID STASendPackets( 801 801 - IN NDIS_HANDLE MiniportAdapterContext, 802 802 - IN PPNDIS_PACKET ppPacketArray, 803 803 - IN UINT NumberOfPackets) 804 804 - { 805 805 - UINT Index; 806 806 - PRTMP_ADAPTER pAd = (PRTMP_ADAPTER) MiniportAdapterContext; 807 807 - PNDIS_PACKET pPacket; 808 808 - BOOLEAN allowToSend = FALSE; 809 809 - 810 810 - 811 811 - for (Index = 0; Index < NumberOfPackets; Index++) 812 812 - { 813 813 - pPacket = ppPacketArray[Index]; 814 814 - 815 815 - do 816 816 - { 817 817 - 818 818 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS) || 819 819 - RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS) || 820 820 - RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RADIO_OFF)) 821 821 - { 822 822 - // Drop send request since hardware is in reset state 823 823 - break; 824 824 - } 825 825 - else if (!INFRA_ON(pAd) && !ADHOC_ON(pAd)) 826 826 - { 827 827 - // Drop send request since there are no physical connection yet 828 828 - break; 829 829 - } 830 830 - else 831 831 - { 832 832 - // Record that orignal packet source is from NDIS layer,so that 833 833 - // later on driver knows how to release this NDIS PACKET 834 834 - RTMP_SET_PACKET_WCID(pPacket, 0); // this field is useless when in STA mode 835 835 - RTMP_SET_PACKET_SOURCE(pPacket, PKTSRC_NDIS); 836 836 - NDIS_SET_PACKET_STATUS(pPacket, NDIS_STATUS_PENDING); 837 837 - pAd->RalinkCounters.PendingNdisPacketCount++; 838 838 - 839 839 - allowToSend = TRUE; 840 840 - } 841 841 - } while(FALSE); 842 842 - 843 843 - if (allowToSend == TRUE) 844 844 - STASendPacket(pAd, pPacket); 845 845 - else 846 846 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 847 847 - } 848 848 - 849 849 - // Dequeue outgoing frames from TxSwQueue[] and process it 850 850 - RTMPDeQueuePacket(pAd, FALSE, NUM_OF_TX_RING, MAX_TX_PROCESS); 851 851 - 852 852 - } 853 853 - 854 854 - 855 855 - /* 856 856 - ======================================================================== 857 857 - Routine Description: 858 858 - This routine is used to do packet parsing and classification for Tx packet 859 859 - to STA device, and it will en-queue packets to our TxSwQueue depends on AC 860 860 - class. 861 861 - 862 862 - Arguments: 863 863 - pAd Pointer to our adapter 864 864 - pPacket Pointer to send packet 865 865 - 866 866 - Return Value: 867 867 - NDIS_STATUS_SUCCESS If succes to queue the packet into TxSwQueue. 868 868 - NDIS_STATUS_FAILURE If failed to do en-queue. 869 869 - 870 870 - Note: 871 871 - You only can put OS-indepened & STA related code in here. 872 872 - ======================================================================== 873 873 - */ 874 874 - NDIS_STATUS STASendPacket( 875 875 - IN PRTMP_ADAPTER pAd, 876 876 - IN PNDIS_PACKET pPacket) 877 877 - { 878 878 - PACKET_INFO PacketInfo; 879 879 - PUCHAR pSrcBufVA; 880 880 - UINT SrcBufLen; 881 881 - UINT AllowFragSize; 882 882 - UCHAR NumberOfFrag; 883 883 - UCHAR QueIdx, UserPriority; 884 884 - MAC_TABLE_ENTRY *pEntry = NULL; 885 885 - unsigned int IrqFlags; 886 886 - UCHAR FlgIsIP = 0; 887 887 - UCHAR Rate; 888 888 - 889 889 - // Prepare packet information structure for buffer descriptor 890 890 - // chained within a single NDIS packet. 891 891 - RTMP_QueryPacketInfo(pPacket, &PacketInfo, &pSrcBufVA, &SrcBufLen); 892 892 - 893 893 - if (pSrcBufVA == NULL) 894 894 - { 895 895 - DBGPRINT(RT_DEBUG_ERROR,("STASendPacket --> pSrcBufVA == NULL !!!SrcBufLen=%x\n",SrcBufLen)); 896 896 - // Resourece is low, system did not allocate virtual address 897 897 - // return NDIS_STATUS_FAILURE directly to upper layer 898 898 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 899 899 - return NDIS_STATUS_FAILURE; 900 900 - } 901 901 - 902 902 - 903 903 - if (SrcBufLen < 14) 904 904 - { 905 905 - DBGPRINT(RT_DEBUG_ERROR,("STASendPacket --> Ndis Packet buffer error !!!\n")); 906 906 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 907 907 - return (NDIS_STATUS_FAILURE); 908 908 - } 909 909 - 910 910 - // In HT rate adhoc mode, A-MPDU is often used. So need to lookup BA Table and MAC Entry. 911 911 - // Note multicast packets in adhoc also use BSSID_WCID index. 912 912 - { 913 913 - if(INFRA_ON(pAd)) 914 914 - { 915 915 - { 916 916 - pEntry = &pAd->MacTab.Content[BSSID_WCID]; 917 917 - RTMP_SET_PACKET_WCID(pPacket, BSSID_WCID); 918 918 - Rate = pAd->CommonCfg.TxRate; 919 919 - } 920 920 - } 921 921 - else if (ADHOC_ON(pAd)) 922 922 - { 923 923 - if (*pSrcBufVA & 0x01) 924 924 - { 925 925 - RTMP_SET_PACKET_WCID(pPacket, MCAST_WCID); 926 926 - pEntry = &pAd->MacTab.Content[MCAST_WCID]; 927 927 - } 928 928 - else 929 929 - { 930 930 - pEntry = MacTableLookup(pAd, pSrcBufVA); 931 931 - } 932 932 - Rate = pAd->CommonCfg.TxRate; 933 933 - } 934 934 - } 935 935 - 936 936 - if (!pEntry) 937 937 - { 938 938 - DBGPRINT(RT_DEBUG_ERROR,("STASendPacket->Cannot find pEntry(%2x:%2x:%2x:%2x:%2x:%2x) in MacTab!\n", PRINT_MAC(pSrcBufVA))); 939 939 - // Resourece is low, system did not allocate virtual address 940 940 - // return NDIS_STATUS_FAILURE directly to upper layer 941 941 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 942 942 - return NDIS_STATUS_FAILURE; 943 943 - } 944 944 - 945 945 - if (ADHOC_ON(pAd) 946 946 - ) 947 947 - { 948 948 - RTMP_SET_PACKET_WCID(pPacket, (UCHAR)pEntry->Aid); 949 949 - } 950 950 - 951 951 - // 952 952 - // Check the Ethernet Frame type of this packet, and set the RTMP_SET_PACKET_SPECIFIC flags. 953 953 - // Here we set the PACKET_SPECIFIC flags(LLC, VLAN, DHCP/ARP, EAPOL). 954 954 - RTMPCheckEtherType(pAd, pPacket); 955 955 - 956 956 - 957 957 - 958 958 - // 959 959 - // WPA 802.1x secured port control - drop all non-802.1x frame before port secured 960 960 - // 961 961 - if (((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) || 962 962 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) || 963 963 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) || 964 964 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) 965 965 - || (pAd->StaCfg.IEEE8021X == TRUE) 966 966 - ) 967 967 - && ((pAd->StaCfg.PortSecured == WPA_802_1X_PORT_NOT_SECURED) || (pAd->StaCfg.MicErrCnt >= 2)) 968 968 - && (RTMP_GET_PACKET_EAPOL(pPacket)== FALSE) 969 969 - ) 970 970 - { 971 971 - DBGPRINT(RT_DEBUG_TRACE,("STASendPacket --> Drop packet before port secured !!!\n")); 972 972 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 973 973 - 974 974 - return (NDIS_STATUS_FAILURE); 975 975 - } 976 976 - 977 977 - 978 978 - // STEP 1. Decide number of fragments required to deliver this MSDU. 979 979 - // The estimation here is not very accurate because difficult to 980 980 - // take encryption overhead into consideration here. The result 981 981 - // "NumberOfFrag" is then just used to pre-check if enough free 982 982 - // TXD are available to hold this MSDU. 983 983 - 984 984 - 985 985 - if (*pSrcBufVA & 0x01) // fragmentation not allowed on multicast & broadcast 986 986 - NumberOfFrag = 1; 987 987 - else if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_AGGREGATION_INUSED)) 988 988 - NumberOfFrag = 1; // Aggregation overwhelms fragmentation 989 989 - else if (CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_AMSDU_INUSED)) 990 990 - NumberOfFrag = 1; // Aggregation overwhelms fragmentation 991 991 - else if ((pAd->StaCfg.HTPhyMode.field.MODE == MODE_HTMIX) || (pAd->StaCfg.HTPhyMode.field.MODE == MODE_HTGREENFIELD)) 992 992 - NumberOfFrag = 1; // MIMO RATE overwhelms fragmentation 993 993 - else 994 994 - { 995 995 - // The calculated "NumberOfFrag" is a rough estimation because of various 996 996 - // encryption/encapsulation overhead not taken into consideration. This number is just 997 997 - // used to make sure enough free TXD are available before fragmentation takes place. 998 998 - // In case the actual required number of fragments of an NDIS packet 999 999 - // excceeds "NumberOfFrag"caculated here and not enough free TXD available, the 1000 1000 - // last fragment (i.e. last MPDU) will be dropped in RTMPHardTransmit() due to out of 1001 1001 - // resource, and the NDIS packet will be indicated NDIS_STATUS_FAILURE. This should 1002 1002 - // rarely happen and the penalty is just like a TX RETRY fail. Affordable. 1003 1003 - 1004 1004 - AllowFragSize = (pAd->CommonCfg.FragmentThreshold) - LENGTH_802_11 - LENGTH_CRC; 1005 1005 - NumberOfFrag = ((PacketInfo.TotalPacketLength - LENGTH_802_3 + LENGTH_802_1_H) / AllowFragSize) + 1; 1006 1006 - // To get accurate number of fragmentation, Minus 1 if the size just match to allowable fragment size 1007 1007 - if (((PacketInfo.TotalPacketLength - LENGTH_802_3 + LENGTH_802_1_H) % AllowFragSize) == 0) 1008 1008 - { 1009 1009 - NumberOfFrag--; 1010 1010 - } 1011 1011 - } 1012 1012 - 1013 1013 - // Save fragment number to Ndis packet reserved field 1014 1014 - RTMP_SET_PACKET_FRAGMENTS(pPacket, NumberOfFrag); 1015 1015 - 1016 1016 - 1017 1017 - // STEP 2. Check the requirement of RTS: 1018 1018 - // If multiple fragment required, RTS is required only for the first fragment 1019 1019 - // if the fragment size large than RTS threshold 1020 1020 - // For RT28xx, Let ASIC send RTS/CTS 1021 1021 - RTMP_SET_PACKET_RTS(pPacket, 0); 1022 1022 - RTMP_SET_PACKET_TXRATE(pPacket, pAd->CommonCfg.TxRate); 1023 1023 - 1024 1024 - // 1025 1025 - // STEP 3. Traffic classification. outcome = <UserPriority, QueIdx> 1026 1026 - // 1027 1027 - UserPriority = 0; 1028 1028 - QueIdx = QID_AC_BE; 1029 1029 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_WMM_INUSED) && 1030 1030 - CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE)) 1031 1031 - { 1032 1032 - USHORT Protocol; 1033 1033 - UCHAR LlcSnapLen = 0, Byte0, Byte1; 1034 1034 - do 1035 1035 - { 1036 1036 - // get Ethernet protocol field 1037 1037 - Protocol = (USHORT)((pSrcBufVA[12] << 8) + pSrcBufVA[13]); 1038 1038 - if (Protocol <= 1500) 1039 1039 - { 1040 1040 - // get Ethernet protocol field from LLC/SNAP 1041 1041 - if (Sniff2BytesFromNdisBuffer(PacketInfo.pFirstBuffer, LENGTH_802_3 + 6, &Byte0, &Byte1) != NDIS_STATUS_SUCCESS) 1042 1042 - break; 1043 1043 - 1044 1044 - Protocol = (USHORT)((Byte0 << 8) + Byte1); 1045 1045 - LlcSnapLen = 8; 1046 1046 - } 1047 1047 - 1048 1048 - // always AC_BE for non-IP packet 1049 1049 - if (Protocol != 0x0800) 1050 1050 - break; 1051 1051 - 1052 1052 - // get IP header 1053 1053 - if (Sniff2BytesFromNdisBuffer(PacketInfo.pFirstBuffer, LENGTH_802_3 + LlcSnapLen, &Byte0, &Byte1) != NDIS_STATUS_SUCCESS) 1054 1054 - break; 1055 1055 - 1056 1056 - // return AC_BE if packet is not IPv4 1057 1057 - if ((Byte0 & 0xf0) != 0x40) 1058 1058 - break; 1059 1059 - 1060 1060 - FlgIsIP = 1; 1061 1061 - UserPriority = (Byte1 & 0xe0) >> 5; 1062 1062 - QueIdx = MapUserPriorityToAccessCategory[UserPriority]; 1063 1063 - 1064 1064 - // TODO: have to check ACM bit. apply TSPEC if ACM is ON 1065 1065 - // TODO: downgrade UP & QueIdx before passing ACM 1066 1066 - if (pAd->CommonCfg.APEdcaParm.bACM[QueIdx]) 1067 1067 - { 1068 1068 - UserPriority = 0; 1069 1069 - QueIdx = QID_AC_BE; 1070 1070 - } 1071 1071 - } while (FALSE); 1072 1072 - } 1073 1073 - 1074 1074 - RTMP_SET_PACKET_UP(pPacket, UserPriority); 1075 1075 - 1076 1076 - 1077 1077 - 1078 1078 - // Make sure SendTxWait queue resource won't be used by other threads 1079 1079 - RTMP_IRQ_LOCK(&pAd->irq_lock, IrqFlags); 1080 1080 - if (pAd->TxSwQueue[QueIdx].Number >= MAX_PACKETS_IN_QUEUE) 1081 1081 - { 1082 1082 - RTMP_IRQ_UNLOCK(&pAd->irq_lock, IrqFlags); 1083 1083 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 1084 1084 - 1085 1085 - return NDIS_STATUS_FAILURE; 1086 1086 - } 1087 1087 - else 1088 1088 - { 1089 1089 - InsertTailQueue(&pAd->TxSwQueue[QueIdx], PACKET_TO_QUEUE_ENTRY(pPacket)); 1090 1090 - } 1091 1091 - RTMP_IRQ_UNLOCK(&pAd->irq_lock, IrqFlags); 1092 1092 - 1093 1093 - if ((pAd->CommonCfg.BACapability.field.AutoBA == TRUE)&& 1094 1094 - IS_HT_STA(pEntry)) 1095 1095 - { 1096 1096 - if (((pEntry->TXBAbitmap & (1<<UserPriority)) == 0) && 1097 1097 - ((pEntry->BADeclineBitmap & (1<<UserPriority)) == 0) && 1098 1098 - (pEntry->PortSecured == WPA_802_1X_PORT_SECURED) 1099 1099 - // For IOT compatibility, if 1100 1100 - // 1. It is Ralink chip or 1101 1101 - // 2. It is OPEN or AES mode, 1102 1102 - // then BA session can be bulit. 1103 1103 - && ((pEntry->ValidAsCLI && pAd->MlmeAux.APRalinkIe != 0x0) || 1104 1104 - (pEntry->WepStatus == Ndis802_11WEPDisabled || pEntry->WepStatus == Ndis802_11Encryption3Enabled)) 1105 1105 - ) 1106 1106 - { 1107 1107 - BAOriSessionSetUp(pAd, pEntry, 0, 0, 10, FALSE); 1108 1108 - } 1109 1109 - } 1110 1110 - 1111 1111 - pAd->RalinkCounters.OneSecOsTxCount[QueIdx]++; // TODO: for debug only. to be removed 1112 1112 - return NDIS_STATUS_SUCCESS; 1113 1113 - } 1114 1114 - 1115 1115 - 1116 1116 - /* 1117 1117 - ======================================================================== 1118 1118 - 1119 1119 - Routine Description: 1120 1120 - This subroutine will scan through releative ring descriptor to find 1121 1121 - out avaliable free ring descriptor and compare with request size. 1122 1122 - 1123 1123 - Arguments: 1124 1124 - pAd Pointer to our adapter 1125 1125 - QueIdx Selected TX Ring 1126 1126 - 1127 1127 - Return Value: 1128 1128 - NDIS_STATUS_FAILURE Not enough free descriptor 1129 1129 - NDIS_STATUS_SUCCESS Enough free descriptor 1130 1130 - 1131 1131 - IRQL = PASSIVE_LEVEL 1132 1132 - IRQL = DISPATCH_LEVEL 1133 1133 - 1134 1134 - Note: 1135 1135 - 1136 1136 - ======================================================================== 1137 1137 - */ 1138 1138 - 1139 1139 - #ifdef RT2870 1140 1140 - /* 1141 1141 - Actually, this function used to check if the TxHardware Queue still has frame need to send. 1142 1142 - If no frame need to send, go to sleep, else, still wake up. 1143 1143 - */ 1144 1144 - NDIS_STATUS RTMPFreeTXDRequest( 1145 1145 - IN PRTMP_ADAPTER pAd, 1146 1146 - IN UCHAR QueIdx, 1147 1147 - IN UCHAR NumberRequired, 1148 1148 - IN PUCHAR FreeNumberIs) 1149 1149 - { 1150 1150 - NDIS_STATUS Status = NDIS_STATUS_FAILURE; 1151 1151 - unsigned long IrqFlags; 1152 1152 - HT_TX_CONTEXT *pHTTXContext; 1153 1153 - 1154 1154 - switch (QueIdx) 1155 1155 - { 1156 1156 - case QID_AC_BK: 1157 1157 - case QID_AC_BE: 1158 1158 - case QID_AC_VI: 1159 1159 - case QID_AC_VO: 1160 1160 - case QID_HCCA: 1161 1161 - { 1162 1162 - pHTTXContext = &pAd->TxContext[QueIdx]; 1163 1163 - RTMP_IRQ_LOCK(&pAd->TxContextQueueLock[QueIdx], IrqFlags); 1164 1164 - if ((pHTTXContext->CurWritePosition != pHTTXContext->ENextBulkOutPosition) || 1165 1165 - (pHTTXContext->IRPPending == TRUE)) 1166 1166 - { 1167 1167 - Status = NDIS_STATUS_FAILURE; 1168 1168 - } 1169 1169 - else 1170 1170 - { 1171 1171 - Status = NDIS_STATUS_SUCCESS; 1172 1172 - } 1173 1173 - RTMP_IRQ_UNLOCK(&pAd->TxContextQueueLock[QueIdx], IrqFlags); 1174 1174 - } 1175 1175 - break; 1176 1176 - 1177 1177 - case QID_MGMT: 1178 1178 - if (pAd->MgmtRing.TxSwFreeIdx != MGMT_RING_SIZE) 1179 1179 - Status = NDIS_STATUS_FAILURE; 1180 1180 - else 1181 1181 - Status = NDIS_STATUS_SUCCESS; 1182 1182 - break; 1183 1183 - 1184 1184 - default: 1185 1185 - DBGPRINT(RT_DEBUG_ERROR,("RTMPFreeTXDRequest::Invalid QueIdx(=%d)\n", QueIdx)); 1186 1186 - break; 1187 1187 - } 1188 1188 - 1189 1189 - return (Status); 1190 1190 - 1191 1191 - } 1192 1192 - #endif // RT2870 // 1193 1193 - 1194 1194 - 1195 1195 - VOID RTMPSendDisassociationFrame( 1196 1196 - IN PRTMP_ADAPTER pAd) 1197 1197 - { 1198 1198 - } 1199 1199 - 1200 1200 - VOID RTMPSendNullFrame( 1201 1201 - IN PRTMP_ADAPTER pAd, 1202 1202 - IN UCHAR TxRate, 1203 1203 - IN BOOLEAN bQosNull) 1204 1204 - { 1205 1205 - UCHAR NullFrame[48]; 1206 1206 - ULONG Length; 1207 1207 - PHEADER_802_11 pHeader_802_11; 1208 1208 - 1209 1209 - // WPA 802.1x secured port control 1210 1210 - if (((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) || 1211 1211 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) || 1212 1212 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) || 1213 1213 - (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) 1214 1214 - || (pAd->StaCfg.IEEE8021X == TRUE) 1215 1215 - ) && 1216 1216 - (pAd->StaCfg.PortSecured == WPA_802_1X_PORT_NOT_SECURED)) 1217 1217 - { 1218 1218 - return; 1219 1219 - } 1220 1220 - 1221 1221 - NdisZeroMemory(NullFrame, 48); 1222 1222 - Length = sizeof(HEADER_802_11); 1223 1223 - 1224 1224 - pHeader_802_11 = (PHEADER_802_11) NullFrame; 1225 1225 - 1226 1226 - pHeader_802_11->FC.Type = BTYPE_DATA; 1227 1227 - pHeader_802_11->FC.SubType = SUBTYPE_NULL_FUNC; 1228 1228 - pHeader_802_11->FC.ToDs = 1; 1229 1229 - COPY_MAC_ADDR(pHeader_802_11->Addr1, pAd->CommonCfg.Bssid); 1230 1230 - COPY_MAC_ADDR(pHeader_802_11->Addr2, pAd->CurrentAddress); 1231 1231 - COPY_MAC_ADDR(pHeader_802_11->Addr3, pAd->CommonCfg.Bssid); 1232 1232 - 1233 1233 - if (pAd->CommonCfg.bAPSDForcePowerSave) 1234 1234 - { 1235 1235 - pHeader_802_11->FC.PwrMgmt = PWR_SAVE; 1236 1236 - } 1237 1237 - else 1238 1238 - { 1239 1239 - pHeader_802_11->FC.PwrMgmt = (pAd->StaCfg.Psm == PWR_SAVE) ? 1: 0; 1240 1240 - } 1241 1241 - pHeader_802_11->Duration = pAd->CommonCfg.Dsifs + RTMPCalcDuration(pAd, TxRate, 14); 1242 1242 - 1243 1243 - pAd->Sequence++; 1244 1244 - pHeader_802_11->Sequence = pAd->Sequence; 1245 1245 - 1246 1246 - // Prepare QosNull function frame 1247 1247 - if (bQosNull) 1248 1248 - { 1249 1249 - pHeader_802_11->FC.SubType = SUBTYPE_QOS_NULL; 1250 1250 - 1251 1251 - // copy QOS control bytes 1252 1252 - NullFrame[Length] = 0; 1253 1253 - NullFrame[Length+1] = 0; 1254 1254 - Length += 2;// if pad with 2 bytes for alignment, APSD will fail 1255 1255 - } 1256 1256 - 1257 1257 - HAL_KickOutNullFrameTx(pAd, 0, NullFrame, Length); 1258 1258 - 1259 1259 - } 1260 1260 - 1261 1261 - // IRQL = DISPATCH_LEVEL 1262 1262 - VOID RTMPSendRTSFrame( 1263 1263 - IN PRTMP_ADAPTER pAd, 1264 1264 - IN PUCHAR pDA, 1265 1265 - IN unsigned int NextMpduSize, 1266 1266 - IN UCHAR TxRate, 1267 1267 - IN UCHAR RTSRate, 1268 1268 - IN USHORT AckDuration, 1269 1269 - IN UCHAR QueIdx, 1270 1270 - IN UCHAR FrameGap) 1271 1271 - { 1272 1272 - } 1273 1273 - 1274 1274 - 1275 1275 - 1276 1276 - // -------------------------------------------------------- 1277 1277 - // FIND ENCRYPT KEY AND DECIDE CIPHER ALGORITHM 1278 1278 - // Find the WPA key, either Group or Pairwise Key 1279 1279 - // LEAP + TKIP also use WPA key. 1280 1280 - // -------------------------------------------------------- 1281 1281 - // Decide WEP bit and cipher suite to be used. Same cipher suite should be used for whole fragment burst 1282 1282 - // In Cisco CCX 2.0 Leap Authentication 1283 1283 - // WepStatus is Ndis802_11Encryption1Enabled but the key will use PairwiseKey 1284 1284 - // Instead of the SharedKey, SharedKey Length may be Zero. 1285 1285 - VOID STAFindCipherAlgorithm( 1286 1286 - IN PRTMP_ADAPTER pAd, 1287 1287 - IN TX_BLK *pTxBlk) 1288 1288 - { 1289 1289 - NDIS_802_11_ENCRYPTION_STATUS Cipher; // To indicate cipher used for this packet 1290 1290 - UCHAR CipherAlg = CIPHER_NONE; // cipher alogrithm 1291 1291 - UCHAR KeyIdx = 0xff; 1292 1292 - PUCHAR pSrcBufVA; 1293 1293 - PCIPHER_KEY pKey = NULL; 1294 1294 - 1295 1295 - pSrcBufVA = GET_OS_PKT_DATAPTR(pTxBlk->pPacket); 1296 1296 - 1297 1297 - { 1298 1298 - // Select Cipher 1299 1299 - if ((*pSrcBufVA & 0x01) && (ADHOC_ON(pAd))) 1300 1300 - Cipher = pAd->StaCfg.GroupCipher; // Cipher for Multicast or Broadcast 1301 1301 - else 1302 1302 - Cipher = pAd->StaCfg.PairCipher; // Cipher for Unicast 1303 1303 - 1304 1304 - if (RTMP_GET_PACKET_EAPOL(pTxBlk->pPacket)) 1305 1305 - { 1306 1306 - ASSERT(pAd->SharedKey[BSS0][0].CipherAlg <= CIPHER_CKIP128); 1307 1307 - 1308 1308 - // 4-way handshaking frame must be clear 1309 1309 - if (!(TX_BLK_TEST_FLAG(pTxBlk, fTX_bClearEAPFrame)) && (pAd->SharedKey[BSS0][0].CipherAlg) && 1310 1310 - (pAd->SharedKey[BSS0][0].KeyLen)) 1311 1311 - { 1312 1312 - CipherAlg = pAd->SharedKey[BSS0][0].CipherAlg; 1313 1313 - KeyIdx = 0; 1314 1314 - } 1315 1315 - } 1316 1316 - else if (Cipher == Ndis802_11Encryption1Enabled) 1317 1317 - { 1318 1318 - KeyIdx = pAd->StaCfg.DefaultKeyId; 1319 1319 - } 1320 1320 - else if ((Cipher == Ndis802_11Encryption2Enabled) || 1321 1321 - (Cipher == Ndis802_11Encryption3Enabled)) 1322 1322 - { 1323 1323 - if ((*pSrcBufVA & 0x01) && (ADHOC_ON(pAd))) // multicast 1324 1324 - KeyIdx = pAd->StaCfg.DefaultKeyId; 1325 1325 - else if (pAd->SharedKey[BSS0][0].KeyLen) 1326 1326 - KeyIdx = 0; 1327 1327 - else 1328 1328 - KeyIdx = pAd->StaCfg.DefaultKeyId; 1329 1329 - } 1330 1330 - 1331 1331 - if (KeyIdx == 0xff) 1332 1332 - CipherAlg = CIPHER_NONE; 1333 1333 - else if ((Cipher == Ndis802_11EncryptionDisabled) || (pAd->SharedKey[BSS0][KeyIdx].KeyLen == 0)) 1334 1334 - CipherAlg = CIPHER_NONE; 1335 1335 - else if ( pAd->StaCfg.WpaSupplicantUP && 1336 1336 - (Cipher == Ndis802_11Encryption1Enabled) && 1337 1337 - (pAd->StaCfg.IEEE8021X == TRUE) && 1338 1338 - (pAd->StaCfg.PortSecured == WPA_802_1X_PORT_NOT_SECURED)) 1339 1339 - CipherAlg = CIPHER_NONE; 1340 1340 - else 1341 1341 - { 1342 1342 - //Header_802_11.FC.Wep = 1; 1343 1343 - CipherAlg = pAd->SharedKey[BSS0][KeyIdx].CipherAlg; 1344 1344 - pKey = &pAd->SharedKey[BSS0][KeyIdx]; 1345 1345 - } 1346 1346 - } 1347 1347 - 1348 1348 - pTxBlk->CipherAlg = CipherAlg; 1349 1349 - pTxBlk->pKey = pKey; 1350 1350 - } 1351 1351 - 1352 1352 - 1353 1353 - VOID STABuildCommon802_11Header( 1354 1354 - IN PRTMP_ADAPTER pAd, 1355 1355 - IN TX_BLK *pTxBlk) 1356 1356 - { 1357 1357 - HEADER_802_11 *pHeader_802_11; 1358 1358 - 1359 1359 - // 1360 1360 - // MAKE A COMMON 802.11 HEADER 1361 1361 - // 1362 1362 - 1363 1363 - // normal wlan header size : 24 octets 1364 1364 - pTxBlk->MpduHeaderLen = sizeof(HEADER_802_11); 1365 1365 - 1366 1366 - pHeader_802_11 = (HEADER_802_11 *) &pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]; 1367 1367 - 1368 1368 - NdisZeroMemory(pHeader_802_11, sizeof(HEADER_802_11)); 1369 1369 - 1370 1370 - pHeader_802_11->FC.FrDs = 0; 1371 1371 - pHeader_802_11->FC.Type = BTYPE_DATA; 1372 1372 - pHeader_802_11->FC.SubType = ((TX_BLK_TEST_FLAG(pTxBlk, fTX_bWMM)) ? SUBTYPE_QDATA : SUBTYPE_DATA); 1373 1373 - 1374 1374 - if (pTxBlk->pMacEntry) 1375 1375 - { 1376 1376 - if (TX_BLK_TEST_FLAG(pTxBlk, fTX_bForceNonQoS)) 1377 1377 - { 1378 1378 - pHeader_802_11->Sequence = pTxBlk->pMacEntry->NonQosDataSeq; 1379 1379 - pTxBlk->pMacEntry->NonQosDataSeq = (pTxBlk->pMacEntry->NonQosDataSeq+1) & MAXSEQ; 1380 1380 - } 1381 1381 - else 1382 1382 - { 1383 1383 - { 1384 1384 - pHeader_802_11->Sequence = pTxBlk->pMacEntry->TxSeq[pTxBlk->UserPriority]; 1385 1385 - pTxBlk->pMacEntry->TxSeq[pTxBlk->UserPriority] = (pTxBlk->pMacEntry->TxSeq[pTxBlk->UserPriority]+1) & MAXSEQ; 1386 1386 - } 1387 1387 - } 1388 1388 - } 1389 1389 - else 1390 1390 - { 1391 1391 - pHeader_802_11->Sequence = pAd->Sequence; 1392 1392 - pAd->Sequence = (pAd->Sequence+1) & MAXSEQ; // next sequence 1393 1393 - } 1394 1394 - 1395 1395 - pHeader_802_11->Frag = 0; 1396 1396 - 1397 1397 - pHeader_802_11->FC.MoreData = TX_BLK_TEST_FLAG(pTxBlk, fTX_bMoreData); 1398 1398 - 1399 1399 - { 1400 1400 - if (INFRA_ON(pAd)) 1401 1401 - { 1402 1402 - { 1403 1403 - COPY_MAC_ADDR(pHeader_802_11->Addr1, pAd->CommonCfg.Bssid); 1404 1404 - COPY_MAC_ADDR(pHeader_802_11->Addr2, pAd->CurrentAddress); 1405 1405 - COPY_MAC_ADDR(pHeader_802_11->Addr3, pTxBlk->pSrcBufHeader); 1406 1406 - pHeader_802_11->FC.ToDs = 1; 1407 1407 - } 1408 1408 - } 1409 1409 - else if (ADHOC_ON(pAd)) 1410 1410 - { 1411 1411 - COPY_MAC_ADDR(pHeader_802_11->Addr1, pTxBlk->pSrcBufHeader); 1412 1412 - COPY_MAC_ADDR(pHeader_802_11->Addr2, pAd->CurrentAddress); 1413 1413 - COPY_MAC_ADDR(pHeader_802_11->Addr3, pAd->CommonCfg.Bssid); 1414 1414 - pHeader_802_11->FC.ToDs = 0; 1415 1415 - } 1416 1416 - } 1417 1417 - 1418 1418 - if (pTxBlk->CipherAlg != CIPHER_NONE) 1419 1419 - pHeader_802_11->FC.Wep = 1; 1420 1420 - 1421 1421 - // ----------------------------------------------------------------- 1422 1422 - // STEP 2. MAKE A COMMON 802.11 HEADER SHARED BY ENTIRE FRAGMENT BURST. Fill sequence later. 1423 1423 - // ----------------------------------------------------------------- 1424 1424 - if (pAd->CommonCfg.bAPSDForcePowerSave) 1425 1425 - pHeader_802_11->FC.PwrMgmt = PWR_SAVE; 1426 1426 - else 1427 1427 - pHeader_802_11->FC.PwrMgmt = (pAd->StaCfg.Psm == PWR_SAVE); 1428 1428 - } 1429 1429 - 1430 1430 - VOID STABuildCache802_11Header( 1431 1431 - IN RTMP_ADAPTER *pAd, 1432 1432 - IN TX_BLK *pTxBlk, 1433 1433 - IN UCHAR *pHeader) 1434 1434 - { 1435 1435 - MAC_TABLE_ENTRY *pMacEntry; 1436 1436 - PHEADER_802_11 pHeader80211; 1437 1437 - 1438 1438 - pHeader80211 = (PHEADER_802_11)pHeader; 1439 1439 - pMacEntry = pTxBlk->pMacEntry; 1440 1440 - 1441 1441 - // 1442 1442 - // Update the cached 802.11 HEADER 1443 1443 - // 1444 1444 - 1445 1445 - // normal wlan header size : 24 octets 1446 1446 - pTxBlk->MpduHeaderLen = sizeof(HEADER_802_11); 1447 1447 - 1448 1448 - // More Bit 1449 1449 - pHeader80211->FC.MoreData = TX_BLK_TEST_FLAG(pTxBlk, fTX_bMoreData); 1450 1450 - 1451 1451 - // Sequence 1452 1452 - pHeader80211->Sequence = pMacEntry->TxSeq[pTxBlk->UserPriority]; 1453 1453 - pMacEntry->TxSeq[pTxBlk->UserPriority] = (pMacEntry->TxSeq[pTxBlk->UserPriority]+1) & MAXSEQ; 1454 1454 - 1455 1455 - { 1456 1456 - // The addr3 of normal packet send from DS is Dest Mac address. 1457 1457 - if (ADHOC_ON(pAd)) 1458 1458 - COPY_MAC_ADDR(pHeader80211->Addr3, pAd->CommonCfg.Bssid); 1459 1459 - else 1460 1460 - COPY_MAC_ADDR(pHeader80211->Addr3, pTxBlk->pSrcBufHeader); 1461 1461 - } 1462 1462 - 1463 1463 - // ----------------------------------------------------------------- 1464 1464 - // STEP 2. MAKE A COMMON 802.11 HEADER SHARED BY ENTIRE FRAGMENT BURST. Fill sequence later. 1465 1465 - // ----------------------------------------------------------------- 1466 1466 - if (pAd->CommonCfg.bAPSDForcePowerSave) 1467 1467 - pHeader80211->FC.PwrMgmt = PWR_SAVE; 1468 1468 - else 1469 1469 - pHeader80211->FC.PwrMgmt = (pAd->StaCfg.Psm == PWR_SAVE); 1470 1470 - } 1471 1471 - 1472 1472 - static inline PUCHAR STA_Build_ARalink_Frame_Header( 1473 1473 - IN RTMP_ADAPTER *pAd, 1474 1474 - IN TX_BLK *pTxBlk) 1475 1475 - { 1476 1476 - PUCHAR pHeaderBufPtr; 1477 1477 - HEADER_802_11 *pHeader_802_11; 1478 1478 - PNDIS_PACKET pNextPacket; 1479 1479 - UINT32 nextBufLen; 1480 1480 - PQUEUE_ENTRY pQEntry; 1481 1481 - 1482 1482 - STAFindCipherAlgorithm(pAd, pTxBlk); 1483 1483 - STABuildCommon802_11Header(pAd, pTxBlk); 1484 1484 - 1485 1485 - 1486 1486 - pHeaderBufPtr = &pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]; 1487 1487 - pHeader_802_11 = (HEADER_802_11 *) pHeaderBufPtr; 1488 1488 - 1489 1489 - // steal "order" bit to mark "aggregation" 1490 1490 - pHeader_802_11->FC.Order = 1; 1491 1491 - 1492 1492 - // skip common header 1493 1493 - pHeaderBufPtr += pTxBlk->MpduHeaderLen; 1494 1494 - 1495 1495 - if (TX_BLK_TEST_FLAG(pTxBlk, fTX_bWMM)) 1496 1496 - { 1497 1497 - // 1498 1498 - // build QOS Control bytes 1499 1499 - // 1500 1500 - *pHeaderBufPtr = (pTxBlk->UserPriority & 0x0F); 1501 1501 - 1502 1502 - *(pHeaderBufPtr+1) = 0; 1503 1503 - pHeaderBufPtr +=2; 1504 1504 - pTxBlk->MpduHeaderLen += 2; 1505 1505 - } 1506 1506 - 1507 1507 - // padding at front of LLC header. LLC header should at 4-bytes aligment. 1508 1508 - pTxBlk->HdrPadLen = (ULONG)pHeaderBufPtr; 1509 1509 - pHeaderBufPtr = (PCHAR)ROUND_UP(pHeaderBufPtr, 4); 1510 1510 - pTxBlk->HdrPadLen = (ULONG)(pHeaderBufPtr - pTxBlk->HdrPadLen); 1511 1511 - 1512 1512 - // For RA Aggregation, 1513 1513 - // put the 2nd MSDU length(extra 2-byte field) after QOS_CONTROL in little endian format 1514 1514 - pQEntry = pTxBlk->TxPacketList.Head; 1515 1515 - pNextPacket = QUEUE_ENTRY_TO_PKT(pQEntry); 1516 1516 - nextBufLen = GET_OS_PKT_LEN(pNextPacket); 1517 1517 - if (RTMP_GET_PACKET_VLAN(pNextPacket)) 1518 1518 - nextBufLen -= LENGTH_802_1Q; 1519 1519 - 1520 1520 - *pHeaderBufPtr = (UCHAR)nextBufLen & 0xff; 1521 1521 - *(pHeaderBufPtr+1) = (UCHAR)(nextBufLen >> 8); 1522 1522 - 1523 1523 - pHeaderBufPtr += 2; 1524 1524 - pTxBlk->MpduHeaderLen += 2; 1525 1525 - 1526 1526 - return pHeaderBufPtr; 1527 1527 - 1528 1528 - } 1529 1529 - 1530 1530 - static inline PUCHAR STA_Build_AMSDU_Frame_Header( 1531 1531 - IN RTMP_ADAPTER *pAd, 1532 1532 - IN TX_BLK *pTxBlk) 1533 1533 - { 1534 1534 - PUCHAR pHeaderBufPtr;//, pSaveBufPtr; 1535 1535 - HEADER_802_11 *pHeader_802_11; 1536 1536 - 1537 1537 - 1538 1538 - STAFindCipherAlgorithm(pAd, pTxBlk); 1539 1539 - STABuildCommon802_11Header(pAd, pTxBlk); 1540 1540 - 1541 1541 - pHeaderBufPtr = &pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]; 1542 1542 - pHeader_802_11 = (HEADER_802_11 *) pHeaderBufPtr; 1543 1543 - 1544 1544 - // skip common header 1545 1545 - pHeaderBufPtr += pTxBlk->MpduHeaderLen; 1546 1546 - 1547 1547 - // 1548 1548 - // build QOS Control bytes 1549 1549 - // 1550 1550 - *pHeaderBufPtr = (pTxBlk->UserPriority & 0x0F); 1551 1551 - 1552 1552 - // 1553 1553 - // A-MSDU packet 1554 1554 - // 1555 1555 - *pHeaderBufPtr |= 0x80; 1556 1556 - 1557 1557 - *(pHeaderBufPtr+1) = 0; 1558 1558 - pHeaderBufPtr +=2; 1559 1559 - pTxBlk->MpduHeaderLen += 2; 1560 1560 - 1561 1561 - //pSaveBufPtr = pHeaderBufPtr; 1562 1562 - 1563 1563 - // 1564 1564 - // padding at front of LLC header 1565 1565 - // LLC header should locate at 4-octets aligment 1566 1566 - // 1567 1567 - // @@@ MpduHeaderLen excluding padding @@@ 1568 1568 - // 1569 1569 - pTxBlk->HdrPadLen = (ULONG)pHeaderBufPtr; 1570 1570 - pHeaderBufPtr = (PCHAR) ROUND_UP(pHeaderBufPtr, 4); 1571 1571 - pTxBlk->HdrPadLen = (ULONG)(pHeaderBufPtr - pTxBlk->HdrPadLen); 1572 1572 - 1573 1573 - return pHeaderBufPtr; 1574 1574 - 1575 1575 - } 1576 1576 - 1577 1577 - 1578 1578 - VOID STA_AMPDU_Frame_Tx( 1579 1579 - IN PRTMP_ADAPTER pAd, 1580 1580 - IN TX_BLK *pTxBlk) 1581 1581 - { 1582 1582 - HEADER_802_11 *pHeader_802_11; 1583 1583 - PUCHAR pHeaderBufPtr; 1584 1584 - USHORT FreeNumber; 1585 1585 - MAC_TABLE_ENTRY *pMacEntry; 1586 1586 - BOOLEAN bVLANPkt; 1587 1587 - PQUEUE_ENTRY pQEntry; 1588 1588 - 1589 1589 - ASSERT(pTxBlk); 1590 1590 - 1591 1591 - while(pTxBlk->TxPacketList.Head) 1592 1592 - { 1593 1593 - pQEntry = RemoveHeadQueue(&pTxBlk->TxPacketList); 1594 1594 - pTxBlk->pPacket = QUEUE_ENTRY_TO_PACKET(pQEntry); 1595 1595 - if ( RTMP_FillTxBlkInfo(pAd, pTxBlk) != TRUE) 1596 1596 - { 1597 1597 - RELEASE_NDIS_PACKET(pAd, pTxBlk->pPacket, NDIS_STATUS_FAILURE); 1598 1598 - continue; 1599 1599 - } 1600 1600 - 1601 1601 - bVLANPkt = (RTMP_GET_PACKET_VLAN(pTxBlk->pPacket) ? TRUE : FALSE); 1602 1602 - 1603 1603 - pMacEntry = pTxBlk->pMacEntry; 1604 1604 - if (pMacEntry->isCached) 1605 1605 - { 1606 1606 - // NOTE: Please make sure the size of pMacEntry->CachedBuf[] is smaller than pTxBlk->HeaderBuf[]!!!! 1607 1607 - NdisMoveMemory((PUCHAR)&pTxBlk->HeaderBuf[TXINFO_SIZE], (PUCHAR)&pMacEntry->CachedBuf[0], TXWI_SIZE + sizeof(HEADER_802_11)); 1608 1608 - pHeaderBufPtr = (PUCHAR)(&pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]); 1609 1609 - STABuildCache802_11Header(pAd, pTxBlk, pHeaderBufPtr); 1610 1610 - } 1611 1611 - else 1612 1612 - { 1613 1613 - STAFindCipherAlgorithm(pAd, pTxBlk); 1614 1614 - STABuildCommon802_11Header(pAd, pTxBlk); 1615 1615 - 1616 1616 - pHeaderBufPtr = &pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]; 1617 1617 - } 1618 1618 - 1619 1619 - 1620 1620 - pHeader_802_11 = (HEADER_802_11 *) pHeaderBufPtr; 1621 1621 - 1622 1622 - // skip common header 1623 1623 - pHeaderBufPtr += pTxBlk->MpduHeaderLen; 1624 1624 - 1625 1625 - // 1626 1626 - // build QOS Control bytes 1627 1627 - // 1628 1628 - *pHeaderBufPtr = (pTxBlk->UserPriority & 0x0F); 1629 1629 - *(pHeaderBufPtr+1) = 0; 1630 1630 - pHeaderBufPtr +=2; 1631 1631 - pTxBlk->MpduHeaderLen += 2; 1632 1632 - 1633 1633 - // 1634 1634 - // build HTC+ 1635 1635 - // HTC control filed following QoS field 1636 1636 - // 1637 1637 - if ((pAd->CommonCfg.bRdg == TRUE) && CLIENT_STATUS_TEST_FLAG(pTxBlk->pMacEntry, fCLIENT_STATUS_RDG_CAPABLE)) 1638 1638 - { 1639 1639 - if (pMacEntry->isCached == FALSE) 1640 1640 - { 1641 1641 - // mark HTC bit 1642 1642 - pHeader_802_11->FC.Order = 1; 1643 1643 - 1644 1644 - NdisZeroMemory(pHeaderBufPtr, 4); 1645 1645 - *(pHeaderBufPtr+3) |= 0x80; 1646 1646 - } 1647 1647 - pHeaderBufPtr += 4; 1648 1648 - pTxBlk->MpduHeaderLen += 4; 1649 1649 - } 1650 1650 - 1651 1651 - //pTxBlk->MpduHeaderLen = pHeaderBufPtr - pTxBlk->HeaderBuf - TXWI_SIZE - TXINFO_SIZE; 1652 1652 - ASSERT(pTxBlk->MpduHeaderLen >= 24); 1653 1653 - 1654 1654 - // skip 802.3 header 1655 1655 - pTxBlk->pSrcBufData = pTxBlk->pSrcBufHeader + LENGTH_802_3; 1656 1656 - pTxBlk->SrcBufLen -= LENGTH_802_3; 1657 1657 - 1658 1658 - // skip vlan tag 1659 1659 - if (bVLANPkt) 1660 1660 - { 1661 1661 - pTxBlk->pSrcBufData += LENGTH_802_1Q; 1662 1662 - pTxBlk->SrcBufLen -= LENGTH_802_1Q; 1663 1663 - } 1664 1664 - 1665 1665 - // 1666 1666 - // padding at front of LLC header 1667 1667 - // LLC header should locate at 4-octets aligment 1668 1668 - // 1669 1669 - // @@@ MpduHeaderLen excluding padding @@@ 1670 1670 - // 1671 1671 - pTxBlk->HdrPadLen = (ULONG)pHeaderBufPtr; 1672 1672 - pHeaderBufPtr = (PCHAR) ROUND_UP(pHeaderBufPtr, 4); 1673 1673 - pTxBlk->HdrPadLen = (ULONG)(pHeaderBufPtr - pTxBlk->HdrPadLen); 1674 1674 - 1675 1675 - { 1676 1676 - 1677 1677 - // 1678 1678 - // Insert LLC-SNAP encapsulation - 8 octets 1679 1679 - // 1680 1680 - EXTRA_LLCSNAP_ENCAP_FROM_PKT_OFFSET(pTxBlk->pSrcBufData-2, pTxBlk->pExtraLlcSnapEncap); 1681 1681 - if (pTxBlk->pExtraLlcSnapEncap) 1682 1682 - { 1683 1683 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pExtraLlcSnapEncap, 6); 1684 1684 - pHeaderBufPtr += 6; 1685 1685 - // get 2 octets (TypeofLen) 1686 1686 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufData-2, 2); 1687 1687 - pHeaderBufPtr += 2; 1688 1688 - pTxBlk->MpduHeaderLen += LENGTH_802_1_H; 1689 1689 - } 1690 1690 - 1691 1691 - } 1692 1692 - 1693 1693 - if (pMacEntry->isCached) 1694 1694 - { 1695 1695 - RTMPWriteTxWI_Cache(pAd, (PTXWI_STRUC)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), pTxBlk); 1696 1696 - } 1697 1697 - else 1698 1698 - { 1699 1699 - RTMPWriteTxWI_Data(pAd, (PTXWI_STRUC)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), pTxBlk); 1700 1700 - 1701 1701 - NdisZeroMemory((PUCHAR)(&pMacEntry->CachedBuf[0]), sizeof(pMacEntry->CachedBuf)); 1702 1702 - NdisMoveMemory((PUCHAR)(&pMacEntry->CachedBuf[0]), (PUCHAR)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), (pHeaderBufPtr - (PUCHAR)(&pTxBlk->HeaderBuf[TXINFO_SIZE]))); 1703 1703 - pMacEntry->isCached = TRUE; 1704 1704 - } 1705 1705 - 1706 1706 - // calculate Transmitted AMPDU count and ByteCount 1707 1707 - { 1708 1708 - pAd->RalinkCounters.TransmittedMPDUsInAMPDUCount.u.LowPart ++; 1709 1709 - pAd->RalinkCounters.TransmittedOctetsInAMPDUCount.QuadPart += pTxBlk->SrcBufLen; 1710 1710 - } 1711 1711 - 1712 1712 - //FreeNumber = GET_TXRING_FREENO(pAd, QueIdx); 1713 1713 - 1714 1714 - HAL_WriteTxResource(pAd, pTxBlk, TRUE, &FreeNumber); 1715 1715 - 1716 1716 - // 1717 1717 - // Kick out Tx 1718 1718 - // 1719 1719 - HAL_KickOutTx(pAd, pTxBlk, pTxBlk->QueIdx); 1720 1720 - 1721 1721 - pAd->RalinkCounters.KickTxCount++; 1722 1722 - pAd->RalinkCounters.OneSecTxDoneCount++; 1723 1723 - } 1724 1724 - 1725 1725 - } 1726 1726 - 1727 1727 - 1728 1728 - VOID STA_AMSDU_Frame_Tx( 1729 1729 - IN PRTMP_ADAPTER pAd, 1730 1730 - IN TX_BLK *pTxBlk) 1731 1731 - { 1732 1732 - PUCHAR pHeaderBufPtr; 1733 1733 - USHORT FreeNumber; 1734 1734 - USHORT subFramePayloadLen = 0; // AMSDU Subframe length without AMSDU-Header / Padding. 1735 1735 - USHORT totalMPDUSize=0; 1736 1736 - UCHAR *subFrameHeader; 1737 1737 - UCHAR padding = 0; 1738 1738 - USHORT FirstTx = 0, LastTxIdx = 0; 1739 1739 - BOOLEAN bVLANPkt; 1740 1740 - int frameNum = 0; 1741 1741 - PQUEUE_ENTRY pQEntry; 1742 1742 - 1743 1743 - 1744 1744 - ASSERT(pTxBlk); 1745 1745 - 1746 1746 - ASSERT((pTxBlk->TxPacketList.Number > 1)); 1747 1747 - 1748 1748 - while(pTxBlk->TxPacketList.Head) 1749 1749 - { 1750 1750 - pQEntry = RemoveHeadQueue(&pTxBlk->TxPacketList); 1751 1751 - pTxBlk->pPacket = QUEUE_ENTRY_TO_PACKET(pQEntry); 1752 1752 - if (RTMP_FillTxBlkInfo(pAd, pTxBlk) != TRUE) 1753 1753 - { 1754 1754 - RELEASE_NDIS_PACKET(pAd, pTxBlk->pPacket, NDIS_STATUS_FAILURE); 1755 1755 - continue; 1756 1756 - } 1757 1757 - 1758 1758 - bVLANPkt = (RTMP_GET_PACKET_VLAN(pTxBlk->pPacket) ? TRUE : FALSE); 1759 1759 - 1760 1760 - // skip 802.3 header 1761 1761 - pTxBlk->pSrcBufData = pTxBlk->pSrcBufHeader + LENGTH_802_3; 1762 1762 - pTxBlk->SrcBufLen -= LENGTH_802_3; 1763 1763 - 1764 1764 - // skip vlan tag 1765 1765 - if (bVLANPkt) 1766 1766 - { 1767 1767 - pTxBlk->pSrcBufData += LENGTH_802_1Q; 1768 1768 - pTxBlk->SrcBufLen -= LENGTH_802_1Q; 1769 1769 - } 1770 1770 - 1771 1771 - if (frameNum == 0) 1772 1772 - { 1773 1773 - pHeaderBufPtr = STA_Build_AMSDU_Frame_Header(pAd, pTxBlk); 1774 1774 - 1775 1775 - // NOTE: TxWI->MPDUtotalByteCount will be updated after final frame was handled. 1776 1776 - RTMPWriteTxWI_Data(pAd, (PTXWI_STRUC)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), pTxBlk); 1777 1777 - } 1778 1778 - else 1779 1779 - { 1780 1780 - pHeaderBufPtr = &pTxBlk->HeaderBuf[0]; 1781 1781 - padding = ROUND_UP(LENGTH_AMSDU_SUBFRAMEHEAD + subFramePayloadLen, 4) - (LENGTH_AMSDU_SUBFRAMEHEAD + subFramePayloadLen); 1782 1782 - NdisZeroMemory(pHeaderBufPtr, padding + LENGTH_AMSDU_SUBFRAMEHEAD); 1783 1783 - pHeaderBufPtr += padding; 1784 1784 - pTxBlk->MpduHeaderLen = padding; 1785 1785 - } 1786 1786 - 1787 1787 - // 1788 1788 - // A-MSDU subframe 1789 1789 - // DA(6)+SA(6)+Length(2) + LLC/SNAP Encap 1790 1790 - // 1791 1791 - subFrameHeader = pHeaderBufPtr; 1792 1792 - subFramePayloadLen = pTxBlk->SrcBufLen; 1793 1793 - 1794 1794 - NdisMoveMemory(subFrameHeader, pTxBlk->pSrcBufHeader, 12); 1795 1795 - 1796 1796 - 1797 1797 - pHeaderBufPtr += LENGTH_AMSDU_SUBFRAMEHEAD; 1798 1798 - pTxBlk->MpduHeaderLen += LENGTH_AMSDU_SUBFRAMEHEAD; 1799 1799 - 1800 1800 - 1801 1801 - // 1802 1802 - // Insert LLC-SNAP encapsulation - 8 octets 1803 1803 - // 1804 1804 - EXTRA_LLCSNAP_ENCAP_FROM_PKT_OFFSET(pTxBlk->pSrcBufData-2, pTxBlk->pExtraLlcSnapEncap); 1805 1805 - 1806 1806 - subFramePayloadLen = pTxBlk->SrcBufLen; 1807 1807 - 1808 1808 - if (pTxBlk->pExtraLlcSnapEncap) 1809 1809 - { 1810 1810 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pExtraLlcSnapEncap, 6); 1811 1811 - pHeaderBufPtr += 6; 1812 1812 - // get 2 octets (TypeofLen) 1813 1813 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufData-2, 2); 1814 1814 - pHeaderBufPtr += 2; 1815 1815 - pTxBlk->MpduHeaderLen += LENGTH_802_1_H; 1816 1816 - subFramePayloadLen += LENGTH_802_1_H; 1817 1817 - } 1818 1818 - 1819 1819 - // update subFrame Length field 1820 1820 - subFrameHeader[12] = (subFramePayloadLen & 0xFF00) >> 8; 1821 1821 - subFrameHeader[13] = subFramePayloadLen & 0xFF; 1822 1822 - 1823 1823 - totalMPDUSize += pTxBlk->MpduHeaderLen + pTxBlk->SrcBufLen; 1824 1824 - 1825 1825 - if (frameNum ==0) 1826 1826 - FirstTx = HAL_WriteMultiTxResource(pAd, pTxBlk, frameNum, &FreeNumber); 1827 1827 - else 1828 1828 - LastTxIdx = HAL_WriteMultiTxResource(pAd, pTxBlk, frameNum, &FreeNumber); 1829 1829 - 1830 1830 - frameNum++; 1831 1831 - 1832 1832 - pAd->RalinkCounters.KickTxCount++; 1833 1833 - pAd->RalinkCounters.OneSecTxDoneCount++; 1834 1834 - 1835 1835 - // calculate Transmitted AMSDU Count and ByteCount 1836 1836 - { 1837 1837 - pAd->RalinkCounters.TransmittedAMSDUCount.u.LowPart ++; 1838 1838 - pAd->RalinkCounters.TransmittedOctetsInAMSDU.QuadPart += totalMPDUSize; 1839 1839 - } 1840 1840 - 1841 1841 - } 1842 1842 - 1843 1843 - HAL_FinalWriteTxResource(pAd, pTxBlk, totalMPDUSize, FirstTx); 1844 1844 - HAL_LastTxIdx(pAd, pTxBlk->QueIdx, LastTxIdx); 1845 1845 - 1846 1846 - // 1847 1847 - // Kick out Tx 1848 1848 - // 1849 1849 - HAL_KickOutTx(pAd, pTxBlk, pTxBlk->QueIdx); 1850 1850 - } 1851 1851 - 1852 1852 - VOID STA_Legacy_Frame_Tx( 1853 1853 - IN PRTMP_ADAPTER pAd, 1854 1854 - IN TX_BLK *pTxBlk) 1855 1855 - { 1856 1856 - HEADER_802_11 *pHeader_802_11; 1857 1857 - PUCHAR pHeaderBufPtr; 1858 1858 - USHORT FreeNumber; 1859 1859 - BOOLEAN bVLANPkt; 1860 1860 - PQUEUE_ENTRY pQEntry; 1861 1861 - 1862 1862 - ASSERT(pTxBlk); 1863 1863 - 1864 1864 - 1865 1865 - pQEntry = RemoveHeadQueue(&pTxBlk->TxPacketList); 1866 1866 - pTxBlk->pPacket = QUEUE_ENTRY_TO_PACKET(pQEntry); 1867 1867 - if (RTMP_FillTxBlkInfo(pAd, pTxBlk) != TRUE) 1868 1868 - { 1869 1869 - RELEASE_NDIS_PACKET(pAd, pTxBlk->pPacket, NDIS_STATUS_FAILURE); 1870 1870 - return; 1871 1871 - } 1872 1872 - 1873 1873 - if (pTxBlk->TxFrameType == TX_MCAST_FRAME) 1874 1874 - { 1875 1875 - INC_COUNTER64(pAd->WlanCounters.MulticastTransmittedFrameCount); 1876 1876 - } 1877 1877 - 1878 1878 - if (RTMP_GET_PACKET_RTS(pTxBlk->pPacket)) 1879 1879 - TX_BLK_SET_FLAG(pTxBlk, fTX_bRtsRequired); 1880 1880 - else 1881 1881 - TX_BLK_CLEAR_FLAG(pTxBlk, fTX_bRtsRequired); 1882 1882 - 1883 1883 - bVLANPkt = (RTMP_GET_PACKET_VLAN(pTxBlk->pPacket) ? TRUE : FALSE); 1884 1884 - 1885 1885 - if (pTxBlk->TxRate < pAd->CommonCfg.MinTxRate) 1886 1886 - pTxBlk->TxRate = pAd->CommonCfg.MinTxRate; 1887 1887 - 1888 1888 - STAFindCipherAlgorithm(pAd, pTxBlk); 1889 1889 - STABuildCommon802_11Header(pAd, pTxBlk); 1890 1890 - 1891 1891 - 1892 1892 - // skip 802.3 header 1893 1893 - pTxBlk->pSrcBufData = pTxBlk->pSrcBufHeader + LENGTH_802_3; 1894 1894 - pTxBlk->SrcBufLen -= LENGTH_802_3; 1895 1895 - 1896 1896 - // skip vlan tag 1897 1897 - if (bVLANPkt) 1898 1898 - { 1899 1899 - pTxBlk->pSrcBufData += LENGTH_802_1Q; 1900 1900 - pTxBlk->SrcBufLen -= LENGTH_802_1Q; 1901 1901 - } 1902 1902 - 1903 1903 - pHeaderBufPtr = &pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]; 1904 1904 - pHeader_802_11 = (HEADER_802_11 *) pHeaderBufPtr; 1905 1905 - 1906 1906 - // skip common header 1907 1907 - pHeaderBufPtr += pTxBlk->MpduHeaderLen; 1908 1908 - 1909 1909 - if (TX_BLK_TEST_FLAG(pTxBlk, fTX_bWMM)) 1910 1910 - { 1911 1911 - // 1912 1912 - // build QOS Control bytes 1913 1913 - // 1914 1914 - *pHeaderBufPtr = (pTxBlk->UserPriority & 0x0F); 1915 1915 - *(pHeaderBufPtr+1) = 0; 1916 1916 - pHeaderBufPtr +=2; 1917 1917 - pTxBlk->MpduHeaderLen += 2; 1918 1918 - } 1919 1919 - 1920 1920 - // The remaining content of MPDU header should locate at 4-octets aligment 1921 1921 - pTxBlk->HdrPadLen = (ULONG)pHeaderBufPtr; 1922 1922 - pHeaderBufPtr = (PCHAR) ROUND_UP(pHeaderBufPtr, 4); 1923 1923 - pTxBlk->HdrPadLen = (ULONG)(pHeaderBufPtr - pTxBlk->HdrPadLen); 1924 1924 - 1925 1925 - { 1926 1926 - 1927 1927 - // 1928 1928 - // Insert LLC-SNAP encapsulation - 8 octets 1929 1929 - // 1930 1930 - // 1931 1931 - // if original Ethernet frame contains no LLC/SNAP, 1932 1932 - // then an extra LLC/SNAP encap is required 1933 1933 - // 1934 1934 - EXTRA_LLCSNAP_ENCAP_FROM_PKT_START(pTxBlk->pSrcBufHeader, pTxBlk->pExtraLlcSnapEncap); 1935 1935 - if (pTxBlk->pExtraLlcSnapEncap) 1936 1936 - { 1937 1937 - UCHAR vlan_size; 1938 1938 - 1939 1939 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pExtraLlcSnapEncap, 6); 1940 1940 - pHeaderBufPtr += 6; 1941 1941 - // skip vlan tag 1942 1942 - vlan_size = (bVLANPkt) ? LENGTH_802_1Q : 0; 1943 1943 - // get 2 octets (TypeofLen) 1944 1944 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufHeader+12+vlan_size, 2); 1945 1945 - pHeaderBufPtr += 2; 1946 1946 - pTxBlk->MpduHeaderLen += LENGTH_802_1_H; 1947 1947 - } 1948 1948 - 1949 1949 - } 1950 1950 - 1951 1951 - // 1952 1952 - // prepare for TXWI 1953 1953 - // use Wcid as Key Index 1954 1954 - // 1955 1955 - 1956 1956 - RTMPWriteTxWI_Data(pAd, (PTXWI_STRUC)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), pTxBlk); 1957 1957 - 1958 1958 - //FreeNumber = GET_TXRING_FREENO(pAd, QueIdx); 1959 1959 - 1960 1960 - HAL_WriteTxResource(pAd, pTxBlk, TRUE, &FreeNumber); 1961 1961 - 1962 1962 - pAd->RalinkCounters.KickTxCount++; 1963 1963 - pAd->RalinkCounters.OneSecTxDoneCount++; 1964 1964 - 1965 1965 - // 1966 1966 - // Kick out Tx 1967 1967 - // 1968 1968 - HAL_KickOutTx(pAd, pTxBlk, pTxBlk->QueIdx); 1969 1969 - } 1970 1970 - 1971 1971 - 1972 1972 - VOID STA_ARalink_Frame_Tx( 1973 1973 - IN PRTMP_ADAPTER pAd, 1974 1974 - IN TX_BLK *pTxBlk) 1975 1975 - { 1976 1976 - PUCHAR pHeaderBufPtr; 1977 1977 - USHORT FreeNumber; 1978 1978 - USHORT totalMPDUSize=0; 1979 1979 - USHORT FirstTx, LastTxIdx; 1980 1980 - int frameNum = 0; 1981 1981 - BOOLEAN bVLANPkt; 1982 1982 - PQUEUE_ENTRY pQEntry; 1983 1983 - 1984 1984 - 1985 1985 - ASSERT(pTxBlk); 1986 1986 - 1987 1987 - ASSERT((pTxBlk->TxPacketList.Number== 2)); 1988 1988 - 1989 1989 - 1990 1990 - FirstTx = LastTxIdx = 0; // Is it ok init they as 0? 1991 1991 - while(pTxBlk->TxPacketList.Head) 1992 1992 - { 1993 1993 - pQEntry = RemoveHeadQueue(&pTxBlk->TxPacketList); 1994 1994 - pTxBlk->pPacket = QUEUE_ENTRY_TO_PACKET(pQEntry); 1995 1995 - 1996 1996 - if (RTMP_FillTxBlkInfo(pAd, pTxBlk) != TRUE) 1997 1997 - { 1998 1998 - RELEASE_NDIS_PACKET(pAd, pTxBlk->pPacket, NDIS_STATUS_FAILURE); 1999 1999 - continue; 2000 2000 - } 2001 2001 - 2002 2002 - bVLANPkt = (RTMP_GET_PACKET_VLAN(pTxBlk->pPacket) ? TRUE : FALSE); 2003 2003 - 2004 2004 - // skip 802.3 header 2005 2005 - pTxBlk->pSrcBufData = pTxBlk->pSrcBufHeader + LENGTH_802_3; 2006 2006 - pTxBlk->SrcBufLen -= LENGTH_802_3; 2007 2007 - 2008 2008 - // skip vlan tag 2009 2009 - if (bVLANPkt) 2010 2010 - { 2011 2011 - pTxBlk->pSrcBufData += LENGTH_802_1Q; 2012 2012 - pTxBlk->SrcBufLen -= LENGTH_802_1Q; 2013 2013 - } 2014 2014 - 2015 2015 - if (frameNum == 0) 2016 2016 - { // For first frame, we need to create the 802.11 header + padding(optional) + RA-AGG-LEN + SNAP Header 2017 2017 - 2018 2018 - pHeaderBufPtr = STA_Build_ARalink_Frame_Header(pAd, pTxBlk); 2019 2019 - 2020 2020 - // It's ok write the TxWI here, because the TxWI->MPDUtotalByteCount 2021 2021 - // will be updated after final frame was handled. 2022 2022 - RTMPWriteTxWI_Data(pAd, (PTXWI_STRUC)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), pTxBlk); 2023 2023 - 2024 2024 - 2025 2025 - // 2026 2026 - // Insert LLC-SNAP encapsulation - 8 octets 2027 2027 - // 2028 2028 - EXTRA_LLCSNAP_ENCAP_FROM_PKT_OFFSET(pTxBlk->pSrcBufData-2, pTxBlk->pExtraLlcSnapEncap); 2029 2029 - 2030 2030 - if (pTxBlk->pExtraLlcSnapEncap) 2031 2031 - { 2032 2032 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pExtraLlcSnapEncap, 6); 2033 2033 - pHeaderBufPtr += 6; 2034 2034 - // get 2 octets (TypeofLen) 2035 2035 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufData-2, 2); 2036 2036 - pHeaderBufPtr += 2; 2037 2037 - pTxBlk->MpduHeaderLen += LENGTH_802_1_H; 2038 2038 - } 2039 2039 - } 2040 2040 - else 2041 2041 - { // For second aggregated frame, we need create the 802.3 header to headerBuf, because PCI will copy it to SDPtr0. 2042 2042 - 2043 2043 - pHeaderBufPtr = &pTxBlk->HeaderBuf[0]; 2044 2044 - pTxBlk->MpduHeaderLen = 0; 2045 2045 - 2046 2046 - // A-Ralink sub-sequent frame header is the same as 802.3 header. 2047 2047 - // DA(6)+SA(6)+FrameType(2) 2048 2048 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufHeader, 12); 2049 2049 - pHeaderBufPtr += 12; 2050 2050 - // get 2 octets (TypeofLen) 2051 2051 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufData-2, 2); 2052 2052 - pHeaderBufPtr += 2; 2053 2053 - pTxBlk->MpduHeaderLen = LENGTH_ARALINK_SUBFRAMEHEAD; 2054 2054 - } 2055 2055 - 2056 2056 - totalMPDUSize += pTxBlk->MpduHeaderLen + pTxBlk->SrcBufLen; 2057 2057 - 2058 2058 - //FreeNumber = GET_TXRING_FREENO(pAd, QueIdx); 2059 2059 - if (frameNum ==0) 2060 2060 - FirstTx = HAL_WriteMultiTxResource(pAd, pTxBlk, frameNum, &FreeNumber); 2061 2061 - else 2062 2062 - LastTxIdx = HAL_WriteMultiTxResource(pAd, pTxBlk, frameNum, &FreeNumber); 2063 2063 - 2064 2064 - frameNum++; 2065 2065 - 2066 2066 - pAd->RalinkCounters.OneSecTxAggregationCount++; 2067 2067 - pAd->RalinkCounters.KickTxCount++; 2068 2068 - pAd->RalinkCounters.OneSecTxDoneCount++; 2069 2069 - 2070 2070 - } 2071 2071 - 2072 2072 - HAL_FinalWriteTxResource(pAd, pTxBlk, totalMPDUSize, FirstTx); 2073 2073 - HAL_LastTxIdx(pAd, pTxBlk->QueIdx, LastTxIdx); 2074 2074 - 2075 2075 - // 2076 2076 - // Kick out Tx 2077 2077 - // 2078 2078 - HAL_KickOutTx(pAd, pTxBlk, pTxBlk->QueIdx); 2079 2079 - 2080 2080 - } 2081 2081 - 2082 2082 - 2083 2083 - VOID STA_Fragment_Frame_Tx( 2084 2084 - IN RTMP_ADAPTER *pAd, 2085 2085 - IN TX_BLK *pTxBlk) 2086 2086 - { 2087 2087 - HEADER_802_11 *pHeader_802_11; 2088 2088 - PUCHAR pHeaderBufPtr; 2089 2089 - USHORT FreeNumber; 2090 2090 - UCHAR fragNum = 0; 2091 2091 - PACKET_INFO PacketInfo; 2092 2092 - USHORT EncryptionOverhead = 0; 2093 2093 - UINT32 FreeMpduSize, SrcRemainingBytes; 2094 2094 - USHORT AckDuration; 2095 2095 - UINT NextMpduSize; 2096 2096 - BOOLEAN bVLANPkt; 2097 2097 - PQUEUE_ENTRY pQEntry; 2098 2098 - 2099 2099 - 2100 2100 - ASSERT(pTxBlk); 2101 2101 - 2102 2102 - pQEntry = RemoveHeadQueue(&pTxBlk->TxPacketList); 2103 2103 - pTxBlk->pPacket = QUEUE_ENTRY_TO_PACKET(pQEntry); 2104 2104 - if (RTMP_FillTxBlkInfo(pAd, pTxBlk) != TRUE) 2105 2105 - { 2106 2106 - RELEASE_NDIS_PACKET(pAd, pTxBlk->pPacket, NDIS_STATUS_FAILURE); 2107 2107 - return; 2108 2108 - } 2109 2109 - 2110 2110 - ASSERT(TX_BLK_TEST_FLAG(pTxBlk, fTX_bAllowFrag)); 2111 2111 - bVLANPkt = (RTMP_GET_PACKET_VLAN(pTxBlk->pPacket) ? TRUE : FALSE); 2112 2112 - 2113 2113 - STAFindCipherAlgorithm(pAd, pTxBlk); 2114 2114 - STABuildCommon802_11Header(pAd, pTxBlk); 2115 2115 - 2116 2116 - if (pTxBlk->CipherAlg == CIPHER_TKIP) 2117 2117 - { 2118 2118 - pTxBlk->pPacket = duplicate_pkt_with_TKIP_MIC(pAd, pTxBlk->pPacket); 2119 2119 - if (pTxBlk->pPacket == NULL) 2120 2120 - return; 2121 2121 - RTMP_QueryPacketInfo(pTxBlk->pPacket, &PacketInfo, &pTxBlk->pSrcBufHeader, &pTxBlk->SrcBufLen); 2122 2122 - } 2123 2123 - 2124 2124 - // skip 802.3 header 2125 2125 - pTxBlk->pSrcBufData = pTxBlk->pSrcBufHeader + LENGTH_802_3; 2126 2126 - pTxBlk->SrcBufLen -= LENGTH_802_3; 2127 2127 - 2128 2128 - 2129 2129 - // skip vlan tag 2130 2130 - if (bVLANPkt) 2131 2131 - { 2132 2132 - pTxBlk->pSrcBufData += LENGTH_802_1Q; 2133 2133 - pTxBlk->SrcBufLen -= LENGTH_802_1Q; 2134 2134 - } 2135 2135 - 2136 2136 - pHeaderBufPtr = &pTxBlk->HeaderBuf[TXINFO_SIZE + TXWI_SIZE]; 2137 2137 - pHeader_802_11 = (HEADER_802_11 *)pHeaderBufPtr; 2138 2138 - 2139 2139 - 2140 2140 - // skip common header 2141 2141 - pHeaderBufPtr += pTxBlk->MpduHeaderLen; 2142 2142 - 2143 2143 - if (TX_BLK_TEST_FLAG(pTxBlk, fTX_bWMM)) 2144 2144 - { 2145 2145 - // 2146 2146 - // build QOS Control bytes 2147 2147 - // 2148 2148 - *pHeaderBufPtr = (pTxBlk->UserPriority & 0x0F); 2149 2149 - 2150 2150 - *(pHeaderBufPtr+1) = 0; 2151 2151 - pHeaderBufPtr +=2; 2152 2152 - pTxBlk->MpduHeaderLen += 2; 2153 2153 - } 2154 2154 - 2155 2155 - // 2156 2156 - // padding at front of LLC header 2157 2157 - // LLC header should locate at 4-octets aligment 2158 2158 - // 2159 2159 - pTxBlk->HdrPadLen = (ULONG)pHeaderBufPtr; 2160 2160 - pHeaderBufPtr = (PCHAR) ROUND_UP(pHeaderBufPtr, 4); 2161 2161 - pTxBlk->HdrPadLen = (ULONG)(pHeaderBufPtr - pTxBlk->HdrPadLen); 2162 2162 - 2163 2163 - 2164 2164 - 2165 2165 - // 2166 2166 - // Insert LLC-SNAP encapsulation - 8 octets 2167 2167 - // 2168 2168 - // 2169 2169 - // if original Ethernet frame contains no LLC/SNAP, 2170 2170 - // then an extra LLC/SNAP encap is required 2171 2171 - // 2172 2172 - EXTRA_LLCSNAP_ENCAP_FROM_PKT_START(pTxBlk->pSrcBufHeader, pTxBlk->pExtraLlcSnapEncap); 2173 2173 - if (pTxBlk->pExtraLlcSnapEncap) 2174 2174 - { 2175 2175 - UCHAR vlan_size; 2176 2176 - 2177 2177 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pExtraLlcSnapEncap, 6); 2178 2178 - pHeaderBufPtr += 6; 2179 2179 - // skip vlan tag 2180 2180 - vlan_size = (bVLANPkt) ? LENGTH_802_1Q : 0; 2181 2181 - // get 2 octets (TypeofLen) 2182 2182 - NdisMoveMemory(pHeaderBufPtr, pTxBlk->pSrcBufHeader+12+vlan_size, 2); 2183 2183 - pHeaderBufPtr += 2; 2184 2184 - pTxBlk->MpduHeaderLen += LENGTH_802_1_H; 2185 2185 - } 2186 2186 - 2187 2187 - 2188 2188 - // If TKIP is used and fragmentation is required. Driver has to 2189 2189 - // append TKIP MIC at tail of the scatter buffer 2190 2190 - // MAC ASIC will only perform IV/EIV/ICV insertion but no TKIP MIC 2191 2191 - if (pTxBlk->CipherAlg == CIPHER_TKIP) 2192 2192 - { 2193 2193 - 2194 2194 - // NOTE: DON'T refer the skb->len directly after following copy. Becasue the length is not adjust 2195 2195 - // to correct lenght, refer to pTxBlk->SrcBufLen for the packet length in following progress. 2196 2196 - NdisMoveMemory(pTxBlk->pSrcBufData + pTxBlk->SrcBufLen, &pAd->PrivateInfo.Tx.MIC[0], 8); 2197 2197 - //skb_put((RTPKT_TO_OSPKT(pTxBlk->pPacket))->tail, 8); 2198 2198 - pTxBlk->SrcBufLen += 8; 2199 2199 - pTxBlk->TotalFrameLen += 8; 2200 2200 - pTxBlk->CipherAlg = CIPHER_TKIP_NO_MIC; 2201 2201 - } 2202 2202 - 2203 2203 - // 2204 2204 - // calcuate the overhead bytes that encryption algorithm may add. This 2205 2205 - // affects the calculate of "duration" field 2206 2206 - // 2207 2207 - if ((pTxBlk->CipherAlg == CIPHER_WEP64) || (pTxBlk->CipherAlg == CIPHER_WEP128)) 2208 2208 - EncryptionOverhead = 8; //WEP: IV[4] + ICV[4]; 2209 2209 - else if (pTxBlk->CipherAlg == CIPHER_TKIP_NO_MIC) 2210 2210 - EncryptionOverhead = 12;//TKIP: IV[4] + EIV[4] + ICV[4], MIC will be added to TotalPacketLength 2211 2211 - else if (pTxBlk->CipherAlg == CIPHER_TKIP) 2212 2212 - EncryptionOverhead = 20;//TKIP: IV[4] + EIV[4] + ICV[4] + MIC[8] 2213 2213 - else if (pTxBlk->CipherAlg == CIPHER_AES) 2214 2214 - EncryptionOverhead = 16; // AES: IV[4] + EIV[4] + MIC[8] 2215 2215 - else 2216 2216 - EncryptionOverhead = 0; 2217 2217 - 2218 2218 - // decide how much time an ACK/CTS frame will consume in the air 2219 2219 - AckDuration = RTMPCalcDuration(pAd, pAd->CommonCfg.ExpectedACKRate[pTxBlk->TxRate], 14); 2220 2220 - 2221 2221 - // Init the total payload length of this frame. 2222 2222 - SrcRemainingBytes = pTxBlk->SrcBufLen; 2223 2223 - 2224 2224 - pTxBlk->TotalFragNum = 0xff; 2225 2225 - 2226 2226 - do { 2227 2227 - 2228 2228 - FreeMpduSize = pAd->CommonCfg.FragmentThreshold - LENGTH_CRC; 2229 2229 - 2230 2230 - FreeMpduSize -= pTxBlk->MpduHeaderLen; 2231 2231 - 2232 2232 - if (SrcRemainingBytes <= FreeMpduSize) 2233 2233 - { // this is the last or only fragment 2234 2234 - 2235 2235 - pTxBlk->SrcBufLen = SrcRemainingBytes; 2236 2236 - 2237 2237 - pHeader_802_11->FC.MoreFrag = 0; 2238 2238 - pHeader_802_11->Duration = pAd->CommonCfg.Dsifs + AckDuration; 2239 2239 - 2240 2240 - // Indicate the lower layer that this's the last fragment. 2241 2241 - pTxBlk->TotalFragNum = fragNum; 2242 2242 - } 2243 2243 - else 2244 2244 - { // more fragment is required 2245 2245 - 2246 2246 - pTxBlk->SrcBufLen = FreeMpduSize; 2247 2247 - 2248 2248 - NextMpduSize = min(((UINT)SrcRemainingBytes - pTxBlk->SrcBufLen), ((UINT)pAd->CommonCfg.FragmentThreshold)); 2249 2249 - pHeader_802_11->FC.MoreFrag = 1; 2250 2250 - pHeader_802_11->Duration = (3 * pAd->CommonCfg.Dsifs) + (2 * AckDuration) + RTMPCalcDuration(pAd, pTxBlk->TxRate, NextMpduSize + EncryptionOverhead); 2251 2251 - } 2252 2252 - 2253 2253 - if (fragNum == 0) 2254 2254 - pTxBlk->FrameGap = IFS_HTTXOP; 2255 2255 - else 2256 2256 - pTxBlk->FrameGap = IFS_SIFS; 2257 2257 - 2258 2258 - RTMPWriteTxWI_Data(pAd, (PTXWI_STRUC)(&pTxBlk->HeaderBuf[TXINFO_SIZE]), pTxBlk); 2259 2259 - 2260 2260 - HAL_WriteFragTxResource(pAd, pTxBlk, fragNum, &FreeNumber); 2261 2261 - 2262 2262 - pAd->RalinkCounters.KickTxCount++; 2263 2263 - pAd->RalinkCounters.OneSecTxDoneCount++; 2264 2264 - 2265 2265 - // Update the frame number, remaining size of the NDIS packet payload. 2266 2266 - 2267 2267 - // space for 802.11 header. 2268 2268 - if (fragNum == 0 && pTxBlk->pExtraLlcSnapEncap) 2269 2269 - pTxBlk->MpduHeaderLen -= LENGTH_802_1_H; 2270 2270 - 2271 2271 - fragNum++; 2272 2272 - SrcRemainingBytes -= pTxBlk->SrcBufLen; 2273 2273 - pTxBlk->pSrcBufData += pTxBlk->SrcBufLen; 2274 2274 - 2275 2275 - pHeader_802_11->Frag++; // increase Frag # 2276 2276 - 2277 2277 - }while(SrcRemainingBytes > 0); 2278 2278 - 2279 2279 - // 2280 2280 - // Kick out Tx 2281 2281 - // 2282 2282 - HAL_KickOutTx(pAd, pTxBlk, pTxBlk->QueIdx); 2283 2283 - } 2284 2284 - 2285 2285 - 2286 2286 - #define RELEASE_FRAMES_OF_TXBLK(_pAd, _pTxBlk, _pQEntry, _Status) \ 2287 2287 - while(_pTxBlk->TxPacketList.Head) \ 2288 2288 - { \ 2289 2289 - _pQEntry = RemoveHeadQueue(&_pTxBlk->TxPacketList); \ 2290 2290 - RELEASE_NDIS_PACKET(_pAd, QUEUE_ENTRY_TO_PACKET(_pQEntry), _Status); \ 2291 2291 - } 2292 2292 - 2293 2293 - 2294 2294 - /* 2295 2295 - ======================================================================== 2296 2296 - 2297 2297 - Routine Description: 2298 2298 - Copy frame from waiting queue into relative ring buffer and set 2299 2299 - appropriate ASIC register to kick hardware encryption before really 2300 2300 - sent out to air. 2301 2301 - 2302 2302 - Arguments: 2303 2303 - pAd Pointer to our adapter 2304 2304 - PNDIS_PACKET Pointer to outgoing Ndis frame 2305 2305 - NumberOfFrag Number of fragment required 2306 2306 - 2307 2307 - Return Value: 2308 2308 - None 2309 2309 - 2310 2310 - IRQL = DISPATCH_LEVEL 2311 2311 - 2312 2312 - Note: 2313 2313 - 2314 2314 - ======================================================================== 2315 2315 - */ 2316 2316 - NDIS_STATUS STAHardTransmit( 2317 2317 - IN PRTMP_ADAPTER pAd, 2318 2318 - IN TX_BLK *pTxBlk, 2319 2319 - IN UCHAR QueIdx) 2320 2320 - { 2321 2321 - NDIS_PACKET *pPacket; 2322 2322 - PQUEUE_ENTRY pQEntry; 2323 2323 - 2324 2324 - // --------------------------------------------- 2325 2325 - // STEP 0. DO SANITY CHECK AND SOME EARLY PREPARATION. 2326 2326 - // --------------------------------------------- 2327 2327 - // 2328 2328 - ASSERT(pTxBlk->TxPacketList.Number); 2329 2329 - if (pTxBlk->TxPacketList.Head == NULL) 2330 2330 - { 2331 2331 - DBGPRINT(RT_DEBUG_ERROR, ("pTxBlk->TotalFrameNum == %ld!\n", pTxBlk->TxPacketList.Number)); 2332 2332 - return NDIS_STATUS_FAILURE; 2333 2333 - } 2334 2334 - 2335 2335 - pPacket = QUEUE_ENTRY_TO_PACKET(pTxBlk->TxPacketList.Head); 2336 2336 - 2337 2337 - // ------------------------------------------------------------------ 2338 2338 - // STEP 1. WAKE UP PHY 2339 2339 - // outgoing frame always wakeup PHY to prevent frame lost and 2340 2340 - // turn off PSM bit to improve performance 2341 2341 - // ------------------------------------------------------------------ 2342 2342 - // not to change PSM bit, just send this frame out? 2343 2343 - if ((pAd->StaCfg.Psm == PWR_SAVE) && OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_DOZE)) 2344 2344 - { 2345 2345 - DBGPRINT_RAW(RT_DEBUG_TRACE, ("AsicForceWakeup At HardTx\n")); 2346 2346 - AsicForceWakeup(pAd, TRUE); 2347 2347 - } 2348 2348 - 2349 2349 - // It should not change PSM bit, when APSD turn on. 2350 2350 - if ((!(pAd->CommonCfg.bAPSDCapable && pAd->CommonCfg.APEdcaParm.bAPSDCapable) && (pAd->CommonCfg.bAPSDForcePowerSave == FALSE)) 2351 2351 - || (RTMP_GET_PACKET_EAPOL(pTxBlk->pPacket)) 2352 2352 - || (RTMP_GET_PACKET_WAI(pTxBlk->pPacket))) 2353 2353 - { 2354 2354 - if ((pAd->StaCfg.Psm == PWR_SAVE) && 2355 2355 - (pAd->StaCfg.WindowsPowerMode == Ndis802_11PowerModeFast_PSP)) 2356 2356 - MlmeSetPsmBit(pAd, PWR_ACTIVE); 2357 2357 - } 2358 2358 - 2359 2359 - switch (pTxBlk->TxFrameType) 2360 2360 - { 2361 2361 - case TX_AMPDU_FRAME: 2362 2362 - STA_AMPDU_Frame_Tx(pAd, pTxBlk); 2363 2363 - break; 2364 2364 - case TX_AMSDU_FRAME: 2365 2365 - STA_AMSDU_Frame_Tx(pAd, pTxBlk); 2366 2366 - break; 2367 2367 - case TX_LEGACY_FRAME: 2368 2368 - STA_Legacy_Frame_Tx(pAd, pTxBlk); 2369 2369 - break; 2370 2370 - case TX_MCAST_FRAME: 2371 2371 - STA_Legacy_Frame_Tx(pAd, pTxBlk); 2372 2372 - break; 2373 2373 - case TX_RALINK_FRAME: 2374 2374 - STA_ARalink_Frame_Tx(pAd, pTxBlk); 2375 2375 - break; 2376 2376 - case TX_FRAG_FRAME: 2377 2377 - STA_Fragment_Frame_Tx(pAd, pTxBlk); 2378 2378 - break; 2379 2379 - default: 2380 2380 - { 2381 2381 - // It should not happened! 2382 2382 - DBGPRINT(RT_DEBUG_ERROR, ("Send a pacekt was not classified!! It should not happen!\n")); 2383 2383 - while(pTxBlk->TxPacketList.Number) 2384 2384 - { 2385 2385 - pQEntry = RemoveHeadQueue(&pTxBlk->TxPacketList); 2386 2386 - pPacket = QUEUE_ENTRY_TO_PACKET(pQEntry); 2387 2387 - if (pPacket) 2388 2388 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 2389 2389 - } 2390 2390 - } 2391 2391 - break; 2392 2392 - } 2393 2393 - 2394 2394 - return (NDIS_STATUS_SUCCESS); 2395 2395 - 2396 2396 - } 2397 2397 - 2398 2398 - ULONG HashBytesPolynomial(UCHAR *value, unsigned int len) 2399 2399 - { 2400 2400 - unsigned char *word = value; 2401 2401 - unsigned int ret = 0; 2402 2402 - unsigned int i; 2403 2403 - 2404 2404 - for(i=0; i < len; i++) 2405 2405 - { 2406 2406 - int mod = i % 32; 2407 2407 - ret ^=(unsigned int) (word[i]) << mod; 2408 2408 - ret ^=(unsigned int) (word[i]) >> (32 - mod); 2409 2409 - } 2410 2410 - return ret; 2411 2411 - } 2412 2412 - 2413 2413 - VOID Sta_Announce_or_Forward_802_3_Packet( 2414 2414 - IN PRTMP_ADAPTER pAd, 2415 2415 - IN PNDIS_PACKET pPacket, 2416 2416 - IN UCHAR FromWhichBSSID) 2417 2417 - { 2418 2418 - if (TRUE 2419 2419 - ) 2420 2420 - { 2421 2421 - announce_802_3_packet(pAd, pPacket); 2422 2422 - } 2423 2423 - else 2424 2424 - { 2425 2425 - // release packet 2426 2426 - RELEASE_NDIS_PACKET(pAd, pPacket, NDIS_STATUS_FAILURE); 2427 2427 - } 2428 2428 - } 2429 2429 - 1 1 + #include "../../rt2870/sta/rtmp_data.c"

+1 -418

drivers/staging/rt3070/sta/sanity.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - sanity.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - John Chang 2004-09-01 add WMM support 36 36 - */ 37 37 - #include "../rt_config.h" 38 38 - 39 39 - extern UCHAR CISCO_OUI[]; 40 40 - 41 41 - extern UCHAR WPA_OUI[]; 42 42 - extern UCHAR RSN_OUI[]; 43 43 - extern UCHAR WME_INFO_ELEM[]; 44 44 - extern UCHAR WME_PARM_ELEM[]; 45 45 - extern UCHAR Ccx2QosInfo[]; 46 46 - extern UCHAR RALINK_OUI[]; 47 47 - extern UCHAR BROADCOM_OUI[]; 48 48 - 49 49 - /* 50 50 - ========================================================================== 51 51 - Description: 52 52 - MLME message sanity check 53 53 - Return: 54 54 - TRUE if all parameters are OK, FALSE otherwise 55 55 - ========================================================================== 56 56 - */ 57 57 - BOOLEAN MlmeStartReqSanity( 58 58 - IN PRTMP_ADAPTER pAd, 59 59 - IN VOID *Msg, 60 60 - IN ULONG MsgLen, 61 61 - OUT CHAR Ssid[], 62 62 - OUT UCHAR *pSsidLen) 63 63 - { 64 64 - MLME_START_REQ_STRUCT *Info; 65 65 - 66 66 - Info = (MLME_START_REQ_STRUCT *)(Msg); 67 67 - 68 68 - if (Info->SsidLen > MAX_LEN_OF_SSID) 69 69 - { 70 70 - DBGPRINT(RT_DEBUG_TRACE, ("MlmeStartReqSanity fail - wrong SSID length\n")); 71 71 - return FALSE; 72 72 - } 73 73 - 74 74 - *pSsidLen = Info->SsidLen; 75 75 - NdisMoveMemory(Ssid, Info->Ssid, *pSsidLen); 76 76 - 77 77 - return TRUE; 78 78 - } 79 79 - 80 80 - /* 81 81 - ========================================================================== 82 82 - Description: 83 83 - MLME message sanity check 84 84 - Return: 85 85 - TRUE if all parameters are OK, FALSE otherwise 86 86 - 87 87 - IRQL = DISPATCH_LEVEL 88 88 - 89 89 - ========================================================================== 90 90 - */ 91 91 - BOOLEAN PeerAssocRspSanity( 92 92 - IN PRTMP_ADAPTER pAd, 93 93 - IN VOID *pMsg, 94 94 - IN ULONG MsgLen, 95 95 - OUT PUCHAR pAddr2, 96 96 - OUT USHORT *pCapabilityInfo, 97 97 - OUT USHORT *pStatus, 98 98 - OUT USHORT *pAid, 99 99 - OUT UCHAR SupRate[], 100 100 - OUT UCHAR *pSupRateLen, 101 101 - OUT UCHAR ExtRate[], 102 102 - OUT UCHAR *pExtRateLen, 103 103 - OUT HT_CAPABILITY_IE *pHtCapability, 104 104 - OUT ADD_HT_INFO_IE *pAddHtInfo, // AP might use this additional ht info IE 105 105 - OUT UCHAR *pHtCapabilityLen, 106 106 - OUT UCHAR *pAddHtInfoLen, 107 107 - OUT UCHAR *pNewExtChannelOffset, 108 108 - OUT PEDCA_PARM pEdcaParm, 109 109 - OUT UCHAR *pCkipFlag) 110 110 - { 111 111 - CHAR IeType, *Ptr; 112 112 - PFRAME_802_11 pFrame = (PFRAME_802_11)pMsg; 113 113 - PEID_STRUCT pEid; 114 114 - ULONG Length = 0; 115 115 - 116 116 - *pNewExtChannelOffset = 0xff; 117 117 - *pHtCapabilityLen = 0; 118 118 - *pAddHtInfoLen = 0; 119 119 - COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2); 120 120 - Ptr = pFrame->Octet; 121 121 - Length += LENGTH_802_11; 122 122 - 123 123 - NdisMoveMemory(pCapabilityInfo, &pFrame->Octet[0], 2); 124 124 - Length += 2; 125 125 - NdisMoveMemory(pStatus, &pFrame->Octet[2], 2); 126 126 - Length += 2; 127 127 - *pCkipFlag = 0; 128 128 - *pExtRateLen = 0; 129 129 - pEdcaParm->bValid = FALSE; 130 130 - 131 131 - if (*pStatus != MLME_SUCCESS) 132 132 - return TRUE; 133 133 - 134 134 - NdisMoveMemory(pAid, &pFrame->Octet[4], 2); 135 135 - Length += 2; 136 136 - 137 137 - // Aid already swaped byte order in RTMPFrameEndianChange() for big endian platform 138 138 - *pAid = (*pAid) & 0x3fff; // AID is low 14-bit 139 139 - 140 140 - // -- get supported rates from payload and advance the pointer 141 141 - IeType = pFrame->Octet[6]; 142 142 - *pSupRateLen = pFrame->Octet[7]; 143 143 - if ((IeType != IE_SUPP_RATES) || (*pSupRateLen > MAX_LEN_OF_SUPPORTED_RATES)) 144 144 - { 145 145 - DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspSanity fail - wrong SupportedRates IE\n")); 146 146 - return FALSE; 147 147 - } 148 148 - else 149 149 - NdisMoveMemory(SupRate, &pFrame->Octet[8], *pSupRateLen); 150 150 - 151 151 - Length = Length + 2 + *pSupRateLen; 152 152 - 153 153 - // many AP implement proprietary IEs in non-standard order, we'd better 154 154 - // tolerate mis-ordered IEs to get best compatibility 155 155 - pEid = (PEID_STRUCT) &pFrame->Octet[8 + (*pSupRateLen)]; 156 156 - 157 157 - // get variable fields from payload and advance the pointer 158 158 - while ((Length + 2 + pEid->Len) <= MsgLen) 159 159 - { 160 160 - switch (pEid->Eid) 161 161 - { 162 162 - case IE_EXT_SUPP_RATES: 163 163 - if (pEid->Len <= MAX_LEN_OF_SUPPORTED_RATES) 164 164 - { 165 165 - NdisMoveMemory(ExtRate, pEid->Octet, pEid->Len); 166 166 - *pExtRateLen = pEid->Len; 167 167 - } 168 168 - break; 169 169 - 170 170 - case IE_HT_CAP: 171 171 - case IE_HT_CAP2: 172 172 - if (pEid->Len >= SIZE_HT_CAP_IE) //Note: allow extension.!! 173 173 - { 174 174 - NdisMoveMemory(pHtCapability, pEid->Octet, SIZE_HT_CAP_IE); 175 175 - 176 176 - *(USHORT *)(&pHtCapability->HtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->HtCapInfo)); 177 177 - *(USHORT *)(&pHtCapability->ExtHtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->ExtHtCapInfo)); 178 178 - 179 179 - *pHtCapabilityLen = SIZE_HT_CAP_IE; 180 180 - } 181 181 - else 182 182 - { 183 183 - DBGPRINT(RT_DEBUG_WARN, ("PeerAssocRspSanity - wrong IE_HT_CAP. \n")); 184 184 - } 185 185 - 186 186 - break; 187 187 - case IE_ADD_HT: 188 188 - case IE_ADD_HT2: 189 189 - if (pEid->Len >= sizeof(ADD_HT_INFO_IE)) 190 190 - { 191 191 - // This IE allows extension, but we can ignore extra bytes beyond our knowledge , so only 192 192 - // copy first sizeof(ADD_HT_INFO_IE) 193 193 - NdisMoveMemory(pAddHtInfo, pEid->Octet, sizeof(ADD_HT_INFO_IE)); 194 194 - 195 195 - *(USHORT *)(&pAddHtInfo->AddHtInfo2) = cpu2le16(*(USHORT *)(&pAddHtInfo->AddHtInfo2)); 196 196 - *(USHORT *)(&pAddHtInfo->AddHtInfo3) = cpu2le16(*(USHORT *)(&pAddHtInfo->AddHtInfo3)); 197 197 - 198 198 - *pAddHtInfoLen = SIZE_ADD_HT_INFO_IE; 199 199 - } 200 200 - else 201 201 - { 202 202 - DBGPRINT(RT_DEBUG_WARN, ("PeerAssocRspSanity - wrong IE_ADD_HT. \n")); 203 203 - } 204 204 - 205 205 - break; 206 206 - case IE_SECONDARY_CH_OFFSET: 207 207 - if (pEid->Len == 1) 208 208 - { 209 209 - *pNewExtChannelOffset = pEid->Octet[0]; 210 210 - } 211 211 - else 212 212 - { 213 213 - DBGPRINT(RT_DEBUG_WARN, ("PeerAssocRspSanity - wrong IE_SECONDARY_CH_OFFSET. \n")); 214 214 - } 215 215 - break; 216 216 - case IE_AIRONET_CKIP: 217 217 - // 0. Check Aironet IE length, it must be larger or equal to 28 218 218 - // Cisco's AP VxWork version(will not be supported) used this IE length as 28 219 219 - // Cisco's AP IOS version used this IE length as 30 220 220 - if (pEid->Len < (CKIP_NEGOTIATION_LENGTH - 2)) 221 221 - break; 222 222 - 223 223 - // 1. Copy CKIP flag byte to buffer for process 224 224 - *pCkipFlag = *(pEid->Octet + 8); 225 225 - break; 226 226 - 227 227 - case IE_AIRONET_IPADDRESS: 228 228 - if (pEid->Len != 0x0A) 229 229 - break; 230 230 - 231 231 - // Get Cisco Aironet IP information 232 232 - if (NdisEqualMemory(pEid->Octet, CISCO_OUI, 3) == 1) 233 233 - NdisMoveMemory(pAd->StaCfg.AironetIPAddress, pEid->Octet + 4, 4); 234 234 - break; 235 235 - 236 236 - // CCX2, WMM use the same IE value 237 237 - // case IE_CCX_V2: 238 238 - case IE_VENDOR_SPECIFIC: 239 239 - // handle WME PARAMTER ELEMENT 240 240 - if (NdisEqualMemory(pEid->Octet, WME_PARM_ELEM, 6) && (pEid->Len == 24)) 241 241 - { 242 242 - PUCHAR ptr; 243 243 - int i; 244 244 - 245 245 - // parsing EDCA parameters 246 246 - pEdcaParm->bValid = TRUE; 247 247 - pEdcaParm->bQAck = FALSE; // pEid->Octet[0] & 0x10; 248 248 - pEdcaParm->bQueueRequest = FALSE; // pEid->Octet[0] & 0x20; 249 249 - pEdcaParm->bTxopRequest = FALSE; // pEid->Octet[0] & 0x40; 250 250 - //pEdcaParm->bMoreDataAck = FALSE; // pEid->Octet[0] & 0x80; 251 251 - pEdcaParm->EdcaUpdateCount = pEid->Octet[6] & 0x0f; 252 252 - pEdcaParm->bAPSDCapable = (pEid->Octet[6] & 0x80) ? 1 : 0; 253 253 - ptr = &pEid->Octet[8]; 254 254 - for (i=0; i<4; i++) 255 255 - { 256 256 - UCHAR aci = (*ptr & 0x60) >> 5; // b5~6 is AC INDEX 257 257 - pEdcaParm->bACM[aci] = (((*ptr) & 0x10) == 0x10); // b5 is ACM 258 258 - pEdcaParm->Aifsn[aci] = (*ptr) & 0x0f; // b0~3 is AIFSN 259 259 - pEdcaParm->Cwmin[aci] = *(ptr+1) & 0x0f; // b0~4 is Cwmin 260 260 - pEdcaParm->Cwmax[aci] = *(ptr+1) >> 4; // b5~8 is Cwmax 261 261 - pEdcaParm->Txop[aci] = *(ptr+2) + 256 * (*(ptr+3)); // in unit of 32-us 262 262 - ptr += 4; // point to next AC 263 263 - } 264 264 - } 265 265 - 266 266 - // handle CCX IE 267 267 - else 268 268 - { 269 269 - // 0. Check the size and CCX admin control 270 270 - if (pAd->StaCfg.CCXControl.field.Enable == 0) 271 271 - break; 272 272 - if (pEid->Len != 5) 273 273 - break; 274 274 - 275 275 - // Turn CCX2 if matched 276 276 - if (NdisEqualMemory(pEid->Octet, Ccx2IeInfo, 5) == 1) 277 277 - pAd->StaCfg.CCXEnable = TRUE; 278 278 - break; 279 279 - } 280 280 - break; 281 281 - 282 282 - default: 283 283 - DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspSanity - ignore unrecognized EID = %d\n", pEid->Eid)); 284 284 - break; 285 285 - } 286 286 - 287 287 - Length = Length + 2 + pEid->Len; 288 288 - pEid = (PEID_STRUCT)((UCHAR*)pEid + 2 + pEid->Len); 289 289 - } 290 290 - 291 291 - // Force CCX2 enable to TRUE for those AP didn't replay CCX v2 IE, we still force it to be on 292 292 - if (pAd->StaCfg.CCXControl.field.Enable == 1) 293 293 - pAd->StaCfg.CCXEnable = TRUE; 294 294 - 295 295 - return TRUE; 296 296 - } 297 297 - 298 298 - /* 299 299 - ========================================================================== 300 300 - Description: 301 301 - MLME message sanity check 302 302 - Return: 303 303 - TRUE if all parameters are OK, FALSE otherwise 304 304 - 305 305 - IRQL = DISPATCH_LEVEL 306 306 - 307 307 - ========================================================================== 308 308 - */ 309 309 - BOOLEAN PeerProbeReqSanity( 310 310 - IN PRTMP_ADAPTER pAd, 311 311 - IN VOID *Msg, 312 312 - IN ULONG MsgLen, 313 313 - OUT PUCHAR pAddr2, 314 314 - OUT CHAR Ssid[], 315 315 - OUT UCHAR *pSsidLen) 316 316 - { 317 317 - UCHAR Idx; 318 318 - UCHAR RateLen; 319 319 - CHAR IeType; 320 320 - PFRAME_802_11 pFrame = (PFRAME_802_11)Msg; 321 321 - 322 322 - COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2); 323 323 - 324 324 - if ((pFrame->Octet[0] != IE_SSID) || (pFrame->Octet[1] > MAX_LEN_OF_SSID)) 325 325 - { 326 326 - DBGPRINT(RT_DEBUG_TRACE, ("PeerProbeReqSanity fail - wrong SSID IE(Type=%d,Len=%d)\n",pFrame->Octet[0],pFrame->Octet[1])); 327 327 - return FALSE; 328 328 - } 329 329 - 330 330 - *pSsidLen = pFrame->Octet[1]; 331 331 - NdisMoveMemory(Ssid, &pFrame->Octet[2], *pSsidLen); 332 332 - 333 333 - Idx = *pSsidLen + 2; 334 334 - 335 335 - // -- get supported rates from payload and advance the pointer 336 336 - IeType = pFrame->Octet[Idx]; 337 337 - RateLen = pFrame->Octet[Idx + 1]; 338 338 - if (IeType != IE_SUPP_RATES) 339 339 - { 340 340 - DBGPRINT(RT_DEBUG_TRACE, ("PeerProbeReqSanity fail - wrong SupportRates IE(Type=%d,Len=%d)\n",pFrame->Octet[Idx],pFrame->Octet[Idx+1])); 341 341 - return FALSE; 342 342 - } 343 343 - else 344 344 - { 345 345 - if ((pAd->CommonCfg.PhyMode == PHY_11G) && (RateLen < 8)) 346 346 - return (FALSE); 347 347 - } 348 348 - 349 349 - return TRUE; 350 350 - } 351 351 - 352 352 - /* 353 353 - ========================================================================== 354 354 - Description: 355 355 - 356 356 - IRQL = DISPATCH_LEVEL 357 357 - 358 358 - ========================================================================== 359 359 - */ 360 360 - BOOLEAN GetTimBit( 361 361 - IN CHAR *Ptr, 362 362 - IN USHORT Aid, 363 363 - OUT UCHAR *TimLen, 364 364 - OUT UCHAR *BcastFlag, 365 365 - OUT UCHAR *DtimCount, 366 366 - OUT UCHAR *DtimPeriod, 367 367 - OUT UCHAR *MessageToMe) 368 368 - { 369 369 - UCHAR BitCntl, N1, N2, MyByte, MyBit; 370 370 - CHAR *IdxPtr; 371 371 - 372 372 - IdxPtr = Ptr; 373 373 - 374 374 - IdxPtr ++; 375 375 - *TimLen = *IdxPtr; 376 376 - 377 377 - // get DTIM Count from TIM element 378 378 - IdxPtr ++; 379 379 - *DtimCount = *IdxPtr; 380 380 - 381 381 - // get DTIM Period from TIM element 382 382 - IdxPtr++; 383 383 - *DtimPeriod = *IdxPtr; 384 384 - 385 385 - // get Bitmap Control from TIM element 386 386 - IdxPtr++; 387 387 - BitCntl = *IdxPtr; 388 388 - 389 389 - if ((*DtimCount == 0) && (BitCntl & 0x01)) 390 390 - *BcastFlag = TRUE; 391 391 - else 392 392 - *BcastFlag = FALSE; 393 393 - 394 394 - // Parse Partial Virtual Bitmap from TIM element 395 395 - N1 = BitCntl & 0xfe; // N1 is the first bitmap byte# 396 396 - N2 = *TimLen - 4 + N1; // N2 is the last bitmap byte# 397 397 - 398 398 - if ((Aid < (N1 << 3)) || (Aid >= ((N2 + 1) << 3))) 399 399 - *MessageToMe = FALSE; 400 400 - else 401 401 - { 402 402 - MyByte = (Aid >> 3) - N1; // my byte position in the bitmap byte-stream 403 403 - MyBit = Aid % 16 - ((MyByte & 0x01)? 8:0); 404 404 - 405 405 - IdxPtr += (MyByte + 1); 406 406 - 407 407 - //if (*IdxPtr) 408 408 - // DBGPRINT(RT_DEBUG_WARN, ("TIM bitmap = 0x%02x\n", *IdxPtr)); 409 409 - 410 410 - if (*IdxPtr & (0x01 << MyBit)) 411 411 - *MessageToMe = TRUE; 412 412 - else 413 413 - *MessageToMe = FALSE; 414 414 - } 415 415 - 416 416 - return TRUE; 417 417 - } 418 418 - 1 1 + #include "../../rt2870/sta/sanity.c"

+1 -1601

drivers/staging/rt3070/sta/sync.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - sync.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - John Chang 2004-09-01 modified for rt2561/2661 36 36 - Jan Lee 2006-08-01 modified for rt2860 for 802.11n 37 37 - */ 38 38 - #include "../rt_config.h" 39 39 - 40 40 - #define ADHOC_ENTRY_BEACON_LOST_TIME (2*OS_HZ) // 2 sec 41 41 - 42 42 - /* 43 43 - ========================================================================== 44 44 - Description: 45 45 - The sync state machine, 46 46 - Parameters: 47 47 - Sm - pointer to the state machine 48 48 - Note: 49 49 - the state machine looks like the following 50 50 - 51 51 - ========================================================================== 52 52 - */ 53 53 - VOID SyncStateMachineInit( 54 54 - IN PRTMP_ADAPTER pAd, 55 55 - IN STATE_MACHINE *Sm, 56 56 - OUT STATE_MACHINE_FUNC Trans[]) 57 57 - { 58 58 - StateMachineInit(Sm, Trans, MAX_SYNC_STATE, MAX_SYNC_MSG, (STATE_MACHINE_FUNC)Drop, SYNC_IDLE, SYNC_MACHINE_BASE); 59 59 - 60 60 - // column 1 61 61 - StateMachineSetAction(Sm, SYNC_IDLE, MT2_MLME_SCAN_REQ, (STATE_MACHINE_FUNC)MlmeScanReqAction); 62 62 - StateMachineSetAction(Sm, SYNC_IDLE, MT2_MLME_JOIN_REQ, (STATE_MACHINE_FUNC)MlmeJoinReqAction); 63 63 - StateMachineSetAction(Sm, SYNC_IDLE, MT2_MLME_START_REQ, (STATE_MACHINE_FUNC)MlmeStartReqAction); 64 64 - StateMachineSetAction(Sm, SYNC_IDLE, MT2_PEER_BEACON, (STATE_MACHINE_FUNC)PeerBeacon); 65 65 - StateMachineSetAction(Sm, SYNC_IDLE, MT2_PEER_PROBE_REQ, (STATE_MACHINE_FUNC)PeerProbeReqAction); 66 66 - 67 67 - //column 2 68 68 - StateMachineSetAction(Sm, JOIN_WAIT_BEACON, MT2_MLME_SCAN_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenScan); 69 69 - StateMachineSetAction(Sm, JOIN_WAIT_BEACON, MT2_MLME_JOIN_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenJoin); 70 70 - StateMachineSetAction(Sm, JOIN_WAIT_BEACON, MT2_MLME_START_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenStart); 71 71 - StateMachineSetAction(Sm, JOIN_WAIT_BEACON, MT2_PEER_BEACON, (STATE_MACHINE_FUNC)PeerBeaconAtJoinAction); 72 72 - StateMachineSetAction(Sm, JOIN_WAIT_BEACON, MT2_BEACON_TIMEOUT, (STATE_MACHINE_FUNC)BeaconTimeoutAtJoinAction); 73 73 - 74 74 - // column 3 75 75 - StateMachineSetAction(Sm, SCAN_LISTEN, MT2_MLME_SCAN_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenScan); 76 76 - StateMachineSetAction(Sm, SCAN_LISTEN, MT2_MLME_JOIN_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenJoin); 77 77 - StateMachineSetAction(Sm, SCAN_LISTEN, MT2_MLME_START_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenStart); 78 78 - StateMachineSetAction(Sm, SCAN_LISTEN, MT2_PEER_BEACON, (STATE_MACHINE_FUNC)PeerBeaconAtScanAction); 79 79 - StateMachineSetAction(Sm, SCAN_LISTEN, MT2_PEER_PROBE_RSP, (STATE_MACHINE_FUNC)PeerBeaconAtScanAction); 80 80 - StateMachineSetAction(Sm, SCAN_LISTEN, MT2_SCAN_TIMEOUT, (STATE_MACHINE_FUNC)ScanTimeoutAction); 81 81 - 82 82 - // timer init 83 83 - RTMPInitTimer(pAd, &pAd->MlmeAux.BeaconTimer, GET_TIMER_FUNCTION(BeaconTimeout), pAd, FALSE); 84 84 - RTMPInitTimer(pAd, &pAd->MlmeAux.ScanTimer, GET_TIMER_FUNCTION(ScanTimeout), pAd, FALSE); 85 85 - } 86 86 - 87 87 - /* 88 88 - ========================================================================== 89 89 - Description: 90 90 - Beacon timeout handler, executed in timer thread 91 91 - 92 92 - IRQL = DISPATCH_LEVEL 93 93 - 94 94 - ========================================================================== 95 95 - */ 96 96 - VOID BeaconTimeout( 97 97 - IN PVOID SystemSpecific1, 98 98 - IN PVOID FunctionContext, 99 99 - IN PVOID SystemSpecific2, 100 100 - IN PVOID SystemSpecific3) 101 101 - { 102 102 - RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext; 103 103 - 104 104 - DBGPRINT(RT_DEBUG_TRACE,("SYNC - BeaconTimeout\n")); 105 105 - 106 106 - // Do nothing if the driver is starting halt state. 107 107 - // This might happen when timer already been fired before cancel timer with mlmehalt 108 108 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)) 109 109 - return; 110 110 - 111 111 - if ((pAd->CommonCfg.BBPCurrentBW == BW_40) 112 112 - ) 113 113 - { 114 114 - UCHAR BBPValue = 0; 115 115 - AsicSwitchChannel(pAd, pAd->CommonCfg.CentralChannel, FALSE); 116 116 - AsicLockChannel(pAd, pAd->CommonCfg.CentralChannel); 117 117 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BBPValue); 118 118 - BBPValue &= (~0x18); 119 119 - BBPValue |= 0x10; 120 120 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BBPValue); 121 121 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - End of SCAN, restore to 40MHz channel %d, Total BSS[%02d]\n",pAd->CommonCfg.CentralChannel, pAd->ScanTab.BssNr)); 122 122 - } 123 123 - 124 124 - MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_BEACON_TIMEOUT, 0, NULL); 125 125 - RT28XX_MLME_HANDLER(pAd); 126 126 - } 127 127 - 128 128 - /* 129 129 - ========================================================================== 130 130 - Description: 131 131 - Scan timeout handler, executed in timer thread 132 132 - 133 133 - IRQL = DISPATCH_LEVEL 134 134 - 135 135 - ========================================================================== 136 136 - */ 137 137 - VOID ScanTimeout( 138 138 - IN PVOID SystemSpecific1, 139 139 - IN PVOID FunctionContext, 140 140 - IN PVOID SystemSpecific2, 141 141 - IN PVOID SystemSpecific3) 142 142 - { 143 143 - RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext; 144 144 - 145 145 - 146 146 - // Do nothing if the driver is starting halt state. 147 147 - // This might happen when timer already been fired before cancel timer with mlmehalt 148 148 - if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS)) 149 149 - return; 150 150 - 151 151 - if (MlmeEnqueue(pAd, SYNC_STATE_MACHINE, MT2_SCAN_TIMEOUT, 0, NULL)) 152 152 - { 153 153 - RT28XX_MLME_HANDLER(pAd); 154 154 - } 155 155 - else 156 156 - { 157 157 - // To prevent SyncMachine.CurrState is SCAN_LISTEN forever. 158 158 - pAd->MlmeAux.Channel = 0; 159 159 - ScanNextChannel(pAd); 160 160 - if (pAd->CommonCfg.bWirelessEvent) 161 161 - { 162 162 - RTMPSendWirelessEvent(pAd, IW_SCAN_ENQUEUE_FAIL_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 163 163 - } 164 164 - } 165 165 - } 166 166 - 167 167 - /* 168 168 - ========================================================================== 169 169 - Description: 170 170 - MLME SCAN req state machine procedure 171 171 - ========================================================================== 172 172 - */ 173 173 - VOID MlmeScanReqAction( 174 174 - IN PRTMP_ADAPTER pAd, 175 175 - IN MLME_QUEUE_ELEM *Elem) 176 176 - { 177 177 - UCHAR Ssid[MAX_LEN_OF_SSID], SsidLen, ScanType, BssType, BBPValue = 0; 178 178 - BOOLEAN TimerCancelled; 179 179 - ULONG Now; 180 180 - USHORT Status; 181 181 - PHEADER_802_11 pHdr80211; 182 182 - PUCHAR pOutBuffer = NULL; 183 183 - NDIS_STATUS NStatus; 184 184 - 185 185 - // Check the total scan tries for one single OID command 186 186 - // If this is the CCX 2.0 Case, skip that! 187 187 - if ( !RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_START_UP)) 188 188 - { 189 189 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - MlmeScanReqAction before Startup\n")); 190 190 - return; 191 191 - } 192 192 - 193 193 - // Increase the scan retry counters. 194 194 - pAd->StaCfg.ScanCnt++; 195 195 - 196 196 - 197 197 - // first check the parameter sanity 198 198 - if (MlmeScanReqSanity(pAd, 199 199 - Elem->Msg, 200 200 - Elem->MsgLen, 201 201 - &BssType, 202 202 - Ssid, 203 203 - &SsidLen, 204 204 - &ScanType)) 205 205 - { 206 206 - 207 207 - // Check for channel load and noise hist request 208 208 - // Suspend MSDU only at scan request, not the last two mentioned 209 209 - if ((ScanType == SCAN_CISCO_NOISE) || (ScanType == SCAN_CISCO_CHANNEL_LOAD)) 210 210 - { 211 211 - if (pAd->StaCfg.CCXScanChannel != pAd->CommonCfg.Channel) 212 212 - RTMPSuspendMsduTransmission(pAd); // Suspend MSDU transmission here 213 213 - } 214 214 - else 215 215 - { 216 216 - // Suspend MSDU transmission here 217 217 - RTMPSuspendMsduTransmission(pAd); 218 218 - } 219 219 - 220 220 - // 221 221 - // To prevent data lost. 222 222 - // Send an NULL data with turned PSM bit on to current associated AP before SCAN progress. 223 223 - // And should send an NULL data with turned PSM bit off to AP, when scan progress done 224 224 - // 225 225 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED) && (INFRA_ON(pAd))) 226 226 - { 227 227 - NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer); 228 228 - if (NStatus == NDIS_STATUS_SUCCESS) 229 229 - { 230 230 - pHdr80211 = (PHEADER_802_11) pOutBuffer; 231 231 - MgtMacHeaderInit(pAd, pHdr80211, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid); 232 232 - pHdr80211->Duration = 0; 233 233 - pHdr80211->FC.Type = BTYPE_DATA; 234 234 - pHdr80211->FC.PwrMgmt = PWR_SAVE; 235 235 - 236 236 - // Send using priority queue 237 237 - MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11)); 238 238 - DBGPRINT(RT_DEBUG_TRACE, ("MlmeScanReqAction -- Send PSM Data frame for off channel RM\n")); 239 239 - MlmeFreeMemory(pAd, pOutBuffer); 240 240 - RTMPusecDelay(5000); 241 241 - } 242 242 - } 243 243 - 244 244 - NdisGetSystemUpTime(&Now); 245 245 - pAd->StaCfg.LastScanTime = Now; 246 246 - // reset all the timers 247 247 - RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer, &TimerCancelled); 248 248 - RTMPCancelTimer(&pAd->MlmeAux.ScanTimer, &TimerCancelled); 249 249 - 250 250 - // record desired BSS parameters 251 251 - pAd->MlmeAux.BssType = BssType; 252 252 - pAd->MlmeAux.ScanType = ScanType; 253 253 - pAd->MlmeAux.SsidLen = SsidLen; 254 254 - NdisZeroMemory(pAd->MlmeAux.Ssid, MAX_LEN_OF_SSID); 255 255 - NdisMoveMemory(pAd->MlmeAux.Ssid, Ssid, SsidLen); 256 256 - 257 257 - // start from the first channel 258 258 - pAd->MlmeAux.Channel = FirstChannel(pAd); 259 259 - 260 260 - // Change the scan channel when dealing with CCX beacon report 261 261 - if ((ScanType == SCAN_CISCO_PASSIVE) || (ScanType == SCAN_CISCO_ACTIVE) || 262 262 - (ScanType == SCAN_CISCO_CHANNEL_LOAD) || (ScanType == SCAN_CISCO_NOISE)) 263 263 - pAd->MlmeAux.Channel = pAd->StaCfg.CCXScanChannel; 264 264 - 265 265 - // Let BBP register at 20MHz to do scan 266 266 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BBPValue); 267 267 - BBPValue &= (~0x18); 268 268 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BBPValue); 269 269 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - BBP R4 to 20MHz.l\n")); 270 270 - ScanNextChannel(pAd); 271 271 - } 272 272 - else 273 273 - { 274 274 - DBGPRINT_ERR(("SYNC - MlmeScanReqAction() sanity check fail\n")); 275 275 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 276 276 - Status = MLME_INVALID_FORMAT; 277 277 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_SCAN_CONF, 2, &Status); 278 278 - } 279 279 - } 280 280 - 281 281 - /* 282 282 - ========================================================================== 283 283 - Description: 284 284 - MLME JOIN req state machine procedure 285 285 - ========================================================================== 286 286 - */ 287 287 - VOID MlmeJoinReqAction( 288 288 - IN PRTMP_ADAPTER pAd, 289 289 - IN MLME_QUEUE_ELEM *Elem) 290 290 - { 291 291 - UCHAR BBPValue = 0; 292 292 - BSS_ENTRY *pBss; 293 293 - BOOLEAN TimerCancelled; 294 294 - HEADER_802_11 Hdr80211; 295 295 - NDIS_STATUS NStatus; 296 296 - ULONG FrameLen = 0; 297 297 - PUCHAR pOutBuffer = NULL; 298 298 - PUCHAR pSupRate = NULL; 299 299 - UCHAR SupRateLen; 300 300 - PUCHAR pExtRate = NULL; 301 301 - UCHAR ExtRateLen; 302 302 - UCHAR ASupRate[] = {0x8C, 0x12, 0x98, 0x24, 0xb0, 0x48, 0x60, 0x6C}; 303 303 - UCHAR ASupRateLen = sizeof(ASupRate)/sizeof(UCHAR); 304 304 - MLME_JOIN_REQ_STRUCT *pInfo = (MLME_JOIN_REQ_STRUCT *)(Elem->Msg); 305 305 - 306 306 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - MlmeJoinReqAction(BSS #%ld)\n", pInfo->BssIdx)); 307 307 - 308 308 - 309 309 - // reset all the timers 310 310 - RTMPCancelTimer(&pAd->MlmeAux.ScanTimer, &TimerCancelled); 311 311 - RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer, &TimerCancelled); 312 312 - 313 313 - pBss = &pAd->MlmeAux.SsidBssTab.BssEntry[pInfo->BssIdx]; 314 314 - 315 315 - // record the desired SSID & BSSID we're waiting for 316 316 - COPY_MAC_ADDR(pAd->MlmeAux.Bssid, pBss->Bssid); 317 317 - 318 318 - // If AP's SSID is not hidden, it is OK for updating ssid to MlmeAux again. 319 319 - if (pBss->Hidden == 0) 320 320 - { 321 321 - NdisMoveMemory(pAd->MlmeAux.Ssid, pBss->Ssid, pBss->SsidLen); 322 322 - pAd->MlmeAux.SsidLen = pBss->SsidLen; 323 323 - } 324 324 - 325 325 - pAd->MlmeAux.BssType = pBss->BssType; 326 326 - pAd->MlmeAux.Channel = pBss->Channel; 327 327 - pAd->MlmeAux.CentralChannel = pBss->CentralChannel; 328 328 - 329 329 - // Let BBP register at 20MHz to do scan 330 330 - RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BBPValue); 331 331 - BBPValue &= (~0x18); 332 332 - RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BBPValue); 333 333 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - BBP R4 to 20MHz.l\n")); 334 334 - 335 335 - // switch channel and waiting for beacon timer 336 336 - AsicSwitchChannel(pAd, pAd->MlmeAux.Channel, FALSE); 337 337 - AsicLockChannel(pAd, pAd->MlmeAux.Channel); 338 338 - RTMPSetTimer(&pAd->MlmeAux.BeaconTimer, JOIN_TIMEOUT); 339 339 - 340 340 - do 341 341 - { 342 342 - if (((pAd->CommonCfg.bIEEE80211H == 1) && 343 343 - (pAd->MlmeAux.Channel > 14) && 344 344 - RadarChannelCheck(pAd, pAd->MlmeAux.Channel)) 345 345 - ) 346 346 - { 347 347 - // 348 348 - // We can't send any Probe request frame to meet 802.11h. 349 349 - // 350 350 - if (pBss->Hidden == 0) 351 351 - break; 352 352 - } 353 353 - 354 354 - // 355 355 - // send probe request 356 356 - // 357 357 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); 358 358 - if (NStatus == NDIS_STATUS_SUCCESS) 359 359 - { 360 360 - if (pAd->MlmeAux.Channel <= 14) 361 361 - { 362 362 - pSupRate = pAd->CommonCfg.SupRate; 363 363 - SupRateLen = pAd->CommonCfg.SupRateLen; 364 364 - pExtRate = pAd->CommonCfg.ExtRate; 365 365 - ExtRateLen = pAd->CommonCfg.ExtRateLen; 366 366 - } 367 367 - else 368 368 - { 369 369 - // 370 370 - // Overwrite Support Rate, CCK rate are not allowed 371 371 - // 372 372 - pSupRate = ASupRate; 373 373 - SupRateLen = ASupRateLen; 374 374 - ExtRateLen = 0; 375 375 - } 376 376 - 377 377 - if (pAd->MlmeAux.BssType == BSS_INFRA) 378 378 - MgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0, pAd->MlmeAux.Bssid, pAd->MlmeAux.Bssid); 379 379 - else 380 380 - MgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0, BROADCAST_ADDR, BROADCAST_ADDR); 381 381 - 382 382 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 383 383 - sizeof(HEADER_802_11), &Hdr80211, 384 384 - 1, &SsidIe, 385 385 - 1, &pAd->MlmeAux.SsidLen, 386 386 - pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid, 387 387 - 1, &SupRateIe, 388 388 - 1, &SupRateLen, 389 389 - SupRateLen, pSupRate, 390 390 - END_OF_ARGS); 391 391 - 392 392 - if (ExtRateLen) 393 393 - { 394 394 - ULONG Tmp; 395 395 - MakeOutgoingFrame(pOutBuffer + FrameLen, &Tmp, 396 396 - 1, &ExtRateIe, 397 397 - 1, &ExtRateLen, 398 398 - ExtRateLen, pExtRate, 399 399 - END_OF_ARGS); 400 400 - FrameLen += Tmp; 401 401 - } 402 402 - 403 403 - 404 404 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 405 405 - MlmeFreeMemory(pAd, pOutBuffer); 406 406 - } 407 407 - } while (FALSE); 408 408 - 409 409 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - Switch to ch %d, Wait BEACON from %02x:%02x:%02x:%02x:%02x:%02x\n", 410 410 - pBss->Channel, pBss->Bssid[0], pBss->Bssid[1], pBss->Bssid[2], pBss->Bssid[3], pBss->Bssid[4], pBss->Bssid[5])); 411 411 - 412 412 - pAd->Mlme.SyncMachine.CurrState = JOIN_WAIT_BEACON; 413 413 - } 414 414 - 415 415 - /* 416 416 - ========================================================================== 417 417 - Description: 418 418 - MLME START Request state machine procedure, starting an IBSS 419 419 - ========================================================================== 420 420 - */ 421 421 - VOID MlmeStartReqAction( 422 422 - IN PRTMP_ADAPTER pAd, 423 423 - IN MLME_QUEUE_ELEM *Elem) 424 424 - { 425 425 - UCHAR Ssid[MAX_LEN_OF_SSID], SsidLen; 426 426 - BOOLEAN TimerCancelled; 427 427 - 428 428 - // New for WPA security suites 429 429 - UCHAR VarIE[MAX_VIE_LEN]; // Total VIE length = MAX_VIE_LEN - -5 430 430 - NDIS_802_11_VARIABLE_IEs *pVIE = NULL; 431 431 - LARGE_INTEGER TimeStamp; 432 432 - BOOLEAN Privacy; 433 433 - USHORT Status; 434 434 - 435 435 - // Init Variable IE structure 436 436 - pVIE = (PNDIS_802_11_VARIABLE_IEs) VarIE; 437 437 - pVIE->Length = 0; 438 438 - TimeStamp.u.LowPart = 0; 439 439 - TimeStamp.u.HighPart = 0; 440 440 - 441 441 - if (MlmeStartReqSanity(pAd, Elem->Msg, Elem->MsgLen, Ssid, &SsidLen)) 442 442 - { 443 443 - // reset all the timers 444 444 - RTMPCancelTimer(&pAd->MlmeAux.ScanTimer, &TimerCancelled); 445 445 - RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer, &TimerCancelled); 446 446 - 447 447 - // 448 448 - // Start a new IBSS. All IBSS parameters are decided now.... 449 449 - // 450 450 - DBGPRINT(RT_DEBUG_TRACE, ("MlmeStartReqAction - Start a new IBSS. All IBSS parameters are decided now.... \n")); 451 451 - pAd->MlmeAux.BssType = BSS_ADHOC; 452 452 - NdisMoveMemory(pAd->MlmeAux.Ssid, Ssid, SsidLen); 453 453 - pAd->MlmeAux.SsidLen = SsidLen; 454 454 - 455 455 - // generate a radom number as BSSID 456 456 - MacAddrRandomBssid(pAd, pAd->MlmeAux.Bssid); 457 457 - DBGPRINT(RT_DEBUG_TRACE, ("MlmeStartReqAction - generate a radom number as BSSID \n")); 458 458 - 459 459 - Privacy = (pAd->StaCfg.WepStatus == Ndis802_11Encryption1Enabled) || 460 460 - (pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled) || 461 461 - (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled); 462 462 - pAd->MlmeAux.CapabilityInfo = CAP_GENERATE(0,1,Privacy, (pAd->CommonCfg.TxPreamble == Rt802_11PreambleShort), 1, 0); 463 463 - pAd->MlmeAux.BeaconPeriod = pAd->CommonCfg.BeaconPeriod; 464 464 - pAd->MlmeAux.AtimWin = pAd->StaCfg.AtimWin; 465 465 - pAd->MlmeAux.Channel = pAd->CommonCfg.Channel; 466 466 - 467 467 - pAd->CommonCfg.CentralChannel = pAd->CommonCfg.Channel; 468 468 - pAd->MlmeAux.CentralChannel = pAd->CommonCfg.CentralChannel; 469 469 - 470 470 - pAd->MlmeAux.SupRateLen= pAd->CommonCfg.SupRateLen; 471 471 - NdisMoveMemory(pAd->MlmeAux.SupRate, pAd->CommonCfg.SupRate, MAX_LEN_OF_SUPPORTED_RATES); 472 472 - RTMPCheckRates(pAd, pAd->MlmeAux.SupRate, &pAd->MlmeAux.SupRateLen); 473 473 - pAd->MlmeAux.ExtRateLen = pAd->CommonCfg.ExtRateLen; 474 474 - NdisMoveMemory(pAd->MlmeAux.ExtRate, pAd->CommonCfg.ExtRate, MAX_LEN_OF_SUPPORTED_RATES); 475 475 - RTMPCheckRates(pAd, pAd->MlmeAux.ExtRate, &pAd->MlmeAux.ExtRateLen); 476 476 - 477 477 - if (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED) 478 478 - { 479 479 - RTMPUpdateHTIE(&pAd->CommonCfg.DesiredHtPhy, &pAd->StaCfg.DesiredHtPhyInfo.MCSSet[0], &pAd->MlmeAux.HtCapability, &pAd->MlmeAux.AddHtInfo); 480 480 - pAd->MlmeAux.HtCapabilityLen = sizeof(HT_CAPABILITY_IE); 481 481 - // Not turn pAd->StaActive.SupportedHtPhy.bHtEnable = TRUE here. 482 482 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC -pAd->StaActive.SupportedHtPhy.bHtEnable = TRUE\n")); 483 483 - } 484 484 - else 485 485 - { 486 486 - pAd->MlmeAux.HtCapabilityLen = 0; 487 487 - pAd->StaActive.SupportedPhyInfo.bHtEnable = FALSE; 488 488 - } 489 489 - // temporarily not support QOS in IBSS 490 490 - NdisZeroMemory(&pAd->MlmeAux.APEdcaParm, sizeof(EDCA_PARM)); 491 491 - NdisZeroMemory(&pAd->MlmeAux.APQbssLoad, sizeof(QBSS_LOAD_PARM)); 492 492 - NdisZeroMemory(&pAd->MlmeAux.APQosCapability, sizeof(QOS_CAPABILITY_PARM)); 493 493 - 494 494 - AsicSwitchChannel(pAd, pAd->MlmeAux.Channel, FALSE); 495 495 - AsicLockChannel(pAd, pAd->MlmeAux.Channel); 496 496 - 497 497 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - MlmeStartReqAction(ch= %d,sup rates= %d, ext rates=%d)\n", 498 498 - pAd->MlmeAux.Channel, pAd->MlmeAux.SupRateLen, pAd->MlmeAux.ExtRateLen)); 499 499 - 500 500 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 501 501 - Status = MLME_SUCCESS; 502 502 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_START_CONF, 2, &Status); 503 503 - } 504 504 - else 505 505 - { 506 506 - DBGPRINT_ERR(("SYNC - MlmeStartReqAction() sanity check fail.\n")); 507 507 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 508 508 - Status = MLME_INVALID_FORMAT; 509 509 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_START_CONF, 2, &Status); 510 510 - } 511 511 - } 512 512 - 513 513 - /* 514 514 - ========================================================================== 515 515 - Description: 516 516 - peer sends beacon back when scanning 517 517 - ========================================================================== 518 518 - */ 519 519 - VOID PeerBeaconAtScanAction( 520 520 - IN PRTMP_ADAPTER pAd, 521 521 - IN MLME_QUEUE_ELEM *Elem) 522 522 - { 523 523 - UCHAR Bssid[MAC_ADDR_LEN], Addr2[MAC_ADDR_LEN]; 524 524 - UCHAR Ssid[MAX_LEN_OF_SSID], BssType, Channel, NewChannel, 525 525 - SsidLen, DtimCount, DtimPeriod, BcastFlag, MessageToMe; 526 526 - CF_PARM CfParm; 527 527 - USHORT BeaconPeriod, AtimWin, CapabilityInfo; 528 528 - PFRAME_802_11 pFrame; 529 529 - LARGE_INTEGER TimeStamp; 530 530 - UCHAR Erp; 531 531 - UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRate[MAX_LEN_OF_SUPPORTED_RATES]; 532 532 - UCHAR SupRateLen, ExtRateLen; 533 533 - USHORT LenVIE; 534 534 - UCHAR CkipFlag; 535 535 - UCHAR AironetCellPowerLimit; 536 536 - EDCA_PARM EdcaParm; 537 537 - QBSS_LOAD_PARM QbssLoad; 538 538 - QOS_CAPABILITY_PARM QosCapability; 539 539 - ULONG RalinkIe; 540 540 - UCHAR VarIE[MAX_VIE_LEN]; // Total VIE length = MAX_VIE_LEN - -5 541 541 - NDIS_802_11_VARIABLE_IEs *pVIE = NULL; 542 542 - HT_CAPABILITY_IE HtCapability; 543 543 - ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE 544 544 - UCHAR HtCapabilityLen = 0, PreNHtCapabilityLen = 0; 545 545 - UCHAR AddHtInfoLen; 546 546 - UCHAR NewExtChannelOffset = 0xff; 547 547 - 548 548 - pFrame = (PFRAME_802_11) Elem->Msg; 549 549 - // Init Variable IE structure 550 550 - pVIE = (PNDIS_802_11_VARIABLE_IEs) VarIE; 551 551 - pVIE->Length = 0; 552 552 - 553 553 - RTMPZeroMemory(&HtCapability, sizeof(HtCapability)); 554 554 - RTMPZeroMemory(&AddHtInfo, sizeof(ADD_HT_INFO_IE)); 555 555 - 556 556 - if (PeerBeaconAndProbeRspSanity(pAd, 557 557 - Elem->Msg, 558 558 - Elem->MsgLen, 559 559 - Elem->Channel, 560 560 - Addr2, 561 561 - Bssid, 562 562 - Ssid, 563 563 - &SsidLen, 564 564 - &BssType, 565 565 - &BeaconPeriod, 566 566 - &Channel, 567 567 - &NewChannel, 568 568 - &TimeStamp, 569 569 - &CfParm, 570 570 - &AtimWin, 571 571 - &CapabilityInfo, 572 572 - &Erp, 573 573 - &DtimCount, 574 574 - &DtimPeriod, 575 575 - &BcastFlag, 576 576 - &MessageToMe, 577 577 - SupRate, 578 578 - &SupRateLen, 579 579 - ExtRate, 580 580 - &ExtRateLen, 581 581 - &CkipFlag, 582 582 - &AironetCellPowerLimit, 583 583 - &EdcaParm, 584 584 - &QbssLoad, 585 585 - &QosCapability, 586 586 - &RalinkIe, 587 587 - &HtCapabilityLen, 588 588 - &PreNHtCapabilityLen, 589 589 - &HtCapability, 590 590 - &AddHtInfoLen, 591 591 - &AddHtInfo, 592 592 - &NewExtChannelOffset, 593 593 - &LenVIE, 594 594 - pVIE)) 595 595 - { 596 596 - ULONG Idx; 597 597 - CHAR Rssi = 0; 598 598 - 599 599 - Idx = BssTableSearch(&pAd->ScanTab, Bssid, Channel); 600 600 - if (Idx != BSS_NOT_FOUND) 601 601 - Rssi = pAd->ScanTab.BssEntry[Idx].Rssi; 602 602 - 603 603 - Rssi = RTMPMaxRssi(pAd, ConvertToRssi(pAd, Elem->Rssi0, RSSI_0), ConvertToRssi(pAd, Elem->Rssi1, RSSI_1), ConvertToRssi(pAd, Elem->Rssi2, RSSI_2)); 604 604 - 605 605 - if ((HtCapabilityLen > 0) || (PreNHtCapabilityLen > 0)) 606 606 - HtCapabilityLen = SIZE_HT_CAP_IE; 607 607 - 608 608 - if ((pAd->StaCfg.CCXReqType != MSRN_TYPE_UNUSED) && (Channel == pAd->StaCfg.CCXScanChannel)) 609 609 - { 610 610 - Idx = BssTableSetEntry(pAd, &pAd->StaCfg.CCXBssTab, Bssid, Ssid, SsidLen, BssType, BeaconPeriod, 611 611 - &CfParm, AtimWin, CapabilityInfo, SupRate, SupRateLen,ExtRate, ExtRateLen, &HtCapability, 612 612 - &AddHtInfo, HtCapabilityLen, AddHtInfoLen, NewExtChannelOffset, Channel, Rssi, TimeStamp, CkipFlag, 613 613 - &EdcaParm, &QosCapability, &QbssLoad, LenVIE, pVIE); 614 614 - if (Idx != BSS_NOT_FOUND) 615 615 - { 616 616 - NdisMoveMemory(pAd->StaCfg.CCXBssTab.BssEntry[Idx].PTSF, &Elem->Msg[24], 4); 617 617 - NdisMoveMemory(&pAd->StaCfg.CCXBssTab.BssEntry[Idx].TTSF[0], &Elem->TimeStamp.u.LowPart, 4); 618 618 - NdisMoveMemory(&pAd->StaCfg.CCXBssTab.BssEntry[Idx].TTSF[4], &Elem->TimeStamp.u.LowPart, 4); 619 619 - if (pAd->StaCfg.CCXReqType == MSRN_TYPE_BEACON_REQ) 620 620 - AironetAddBeaconReport(pAd, Idx, Elem); 621 621 - } 622 622 - } 623 623 - else 624 624 - { 625 625 - Idx = BssTableSetEntry(pAd, &pAd->ScanTab, Bssid, Ssid, SsidLen, BssType, BeaconPeriod, 626 626 - &CfParm, AtimWin, CapabilityInfo, SupRate, SupRateLen, ExtRate, ExtRateLen, &HtCapability, 627 627 - &AddHtInfo, HtCapabilityLen, AddHtInfoLen, NewExtChannelOffset, Channel, Rssi, TimeStamp, CkipFlag, 628 628 - &EdcaParm, &QosCapability, &QbssLoad, LenVIE, pVIE); 629 629 - 630 630 - if (Idx != BSS_NOT_FOUND) 631 631 - { 632 632 - NdisMoveMemory(pAd->ScanTab.BssEntry[Idx].PTSF, &Elem->Msg[24], 4); 633 633 - NdisMoveMemory(&pAd->ScanTab.BssEntry[Idx].TTSF[0], &Elem->TimeStamp.u.LowPart, 4); 634 634 - NdisMoveMemory(&pAd->ScanTab.BssEntry[Idx].TTSF[4], &Elem->TimeStamp.u.LowPart, 4); 635 635 - } 636 636 - } 637 637 - } 638 638 - // sanity check fail, ignored 639 639 - } 640 640 - 641 641 - /* 642 642 - ========================================================================== 643 643 - Description: 644 644 - When waiting joining the (I)BSS, beacon received from external 645 645 - ========================================================================== 646 646 - */ 647 647 - VOID PeerBeaconAtJoinAction( 648 648 - IN PRTMP_ADAPTER pAd, 649 649 - IN MLME_QUEUE_ELEM *Elem) 650 650 - { 651 651 - UCHAR Bssid[MAC_ADDR_LEN], Addr2[MAC_ADDR_LEN]; 652 652 - UCHAR Ssid[MAX_LEN_OF_SSID], SsidLen, BssType, Channel, MessageToMe, 653 653 - DtimCount, DtimPeriod, BcastFlag, NewChannel; 654 654 - LARGE_INTEGER TimeStamp; 655 655 - USHORT BeaconPeriod, AtimWin, CapabilityInfo; 656 656 - CF_PARM Cf; 657 657 - BOOLEAN TimerCancelled; 658 658 - UCHAR Erp; 659 659 - UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRate[MAX_LEN_OF_SUPPORTED_RATES]; 660 660 - UCHAR SupRateLen, ExtRateLen; 661 661 - UCHAR CkipFlag; 662 662 - USHORT LenVIE; 663 663 - UCHAR AironetCellPowerLimit; 664 664 - EDCA_PARM EdcaParm; 665 665 - QBSS_LOAD_PARM QbssLoad; 666 666 - QOS_CAPABILITY_PARM QosCapability; 667 667 - USHORT Status; 668 668 - UCHAR VarIE[MAX_VIE_LEN]; // Total VIE length = MAX_VIE_LEN - -5 669 669 - NDIS_802_11_VARIABLE_IEs *pVIE = NULL; 670 670 - ULONG RalinkIe; 671 671 - ULONG Idx; 672 672 - HT_CAPABILITY_IE HtCapability; 673 673 - ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE 674 674 - UCHAR HtCapabilityLen = 0, PreNHtCapabilityLen = 0; 675 675 - UCHAR AddHtInfoLen; 676 676 - UCHAR NewExtChannelOffset = 0xff; 677 677 - UCHAR CentralChannel; 678 678 - 679 679 - // Init Variable IE structure 680 680 - pVIE = (PNDIS_802_11_VARIABLE_IEs) VarIE; 681 681 - pVIE->Length = 0; 682 682 - RTMPZeroMemory(&HtCapability, sizeof(HtCapability)); 683 683 - RTMPZeroMemory(&AddHtInfo, sizeof(ADD_HT_INFO_IE)); 684 684 - 685 685 - 686 686 - if (PeerBeaconAndProbeRspSanity(pAd, 687 687 - Elem->Msg, 688 688 - Elem->MsgLen, 689 689 - Elem->Channel, 690 690 - Addr2, 691 691 - Bssid, 692 692 - Ssid, 693 693 - &SsidLen, 694 694 - &BssType, 695 695 - &BeaconPeriod, 696 696 - &Channel, 697 697 - &NewChannel, 698 698 - &TimeStamp, 699 699 - &Cf, 700 700 - &AtimWin, 701 701 - &CapabilityInfo, 702 702 - &Erp, 703 703 - &DtimCount, 704 704 - &DtimPeriod, 705 705 - &BcastFlag, 706 706 - &MessageToMe, 707 707 - SupRate, 708 708 - &SupRateLen, 709 709 - ExtRate, 710 710 - &ExtRateLen, 711 711 - &CkipFlag, 712 712 - &AironetCellPowerLimit, 713 713 - &EdcaParm, 714 714 - &QbssLoad, 715 715 - &QosCapability, 716 716 - &RalinkIe, 717 717 - &HtCapabilityLen, 718 718 - &PreNHtCapabilityLen, 719 719 - &HtCapability, 720 720 - &AddHtInfoLen, 721 721 - &AddHtInfo, 722 722 - &NewExtChannelOffset, 723 723 - &LenVIE, 724 724 - pVIE)) 725 725 - { 726 726 - // Disqualify 11b only adhoc when we are in 11g only adhoc mode 727 727 - if ((BssType == BSS_ADHOC) && (pAd->CommonCfg.PhyMode == PHY_11G) && ((SupRateLen+ExtRateLen)< 12)) 728 728 - return; 729 729 - 730 730 - // BEACON from desired BSS/IBSS found. We should be able to decide most 731 731 - // BSS parameters here. 732 732 - // Q. But what happen if this JOIN doesn't conclude a successful ASSOCIATEION? 733 733 - // Do we need to receover back all parameters belonging to previous BSS? 734 734 - // A. Should be not. There's no back-door recover to previous AP. It still need 735 735 - // a new JOIN-AUTH-ASSOC sequence. 736 736 - if (MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Bssid)) 737 737 - { 738 738 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - receive desired BEACON at JoinWaitBeacon... Channel = %d\n", Channel)); 739 739 - RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer, &TimerCancelled); 740 740 - 741 741 - // Update RSSI to prevent No signal display when cards first initialized 742 742 - pAd->StaCfg.RssiSample.LastRssi0 = ConvertToRssi(pAd, Elem->Rssi0, RSSI_0); 743 743 - pAd->StaCfg.RssiSample.LastRssi1 = ConvertToRssi(pAd, Elem->Rssi1, RSSI_1); 744 744 - pAd->StaCfg.RssiSample.LastRssi2 = ConvertToRssi(pAd, Elem->Rssi2, RSSI_2); 745 745 - pAd->StaCfg.RssiSample.AvgRssi0 = pAd->StaCfg.RssiSample.LastRssi0; 746 746 - pAd->StaCfg.RssiSample.AvgRssi0X8 = pAd->StaCfg.RssiSample.AvgRssi0 << 3; 747 747 - pAd->StaCfg.RssiSample.AvgRssi1 = pAd->StaCfg.RssiSample.LastRssi1; 748 748 - pAd->StaCfg.RssiSample.AvgRssi1X8 = pAd->StaCfg.RssiSample.AvgRssi1 << 3; 749 749 - pAd->StaCfg.RssiSample.AvgRssi2 = pAd->StaCfg.RssiSample.LastRssi2; 750 750 - pAd->StaCfg.RssiSample.AvgRssi2X8 = pAd->StaCfg.RssiSample.AvgRssi2 << 3; 751 751 - 752 752 - // 753 753 - // We need to check if SSID only set to any, then we can record the current SSID. 754 754 - // Otherwise will cause hidden SSID association failed. 755 755 - // 756 756 - if (pAd->MlmeAux.SsidLen == 0) 757 757 - { 758 758 - NdisMoveMemory(pAd->MlmeAux.Ssid, Ssid, SsidLen); 759 759 - pAd->MlmeAux.SsidLen = SsidLen; 760 760 - } 761 761 - else 762 762 - { 763 763 - Idx = BssSsidTableSearch(&pAd->ScanTab, Bssid, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen, Channel); 764 764 - 765 765 - if (Idx != BSS_NOT_FOUND) 766 766 - { 767 767 - // 768 768 - // Multiple SSID case, used correct CapabilityInfo 769 769 - // 770 770 - CapabilityInfo = pAd->ScanTab.BssEntry[Idx].CapabilityInfo; 771 771 - } 772 772 - } 773 773 - NdisMoveMemory(pAd->MlmeAux.Bssid, Bssid, MAC_ADDR_LEN); 774 774 - pAd->MlmeAux.CapabilityInfo = CapabilityInfo & SUPPORTED_CAPABILITY_INFO; 775 775 - pAd->MlmeAux.BssType = BssType; 776 776 - pAd->MlmeAux.BeaconPeriod = BeaconPeriod; 777 777 - pAd->MlmeAux.Channel = Channel; 778 778 - pAd->MlmeAux.AtimWin = AtimWin; 779 779 - pAd->MlmeAux.CfpPeriod = Cf.CfpPeriod; 780 780 - pAd->MlmeAux.CfpMaxDuration = Cf.CfpMaxDuration; 781 781 - pAd->MlmeAux.APRalinkIe = RalinkIe; 782 782 - 783 783 - // Copy AP's supported rate to MlmeAux for creating assoication request 784 784 - // Also filter out not supported rate 785 785 - pAd->MlmeAux.SupRateLen = SupRateLen; 786 786 - NdisMoveMemory(pAd->MlmeAux.SupRate, SupRate, SupRateLen); 787 787 - RTMPCheckRates(pAd, pAd->MlmeAux.SupRate, &pAd->MlmeAux.SupRateLen); 788 788 - pAd->MlmeAux.ExtRateLen = ExtRateLen; 789 789 - NdisMoveMemory(pAd->MlmeAux.ExtRate, ExtRate, ExtRateLen); 790 790 - RTMPCheckRates(pAd, pAd->MlmeAux.ExtRate, &pAd->MlmeAux.ExtRateLen); 791 791 - 792 792 - NdisZeroMemory(pAd->StaActive.SupportedPhyInfo.MCSSet, 16); 793 793 - 794 794 - pAd->MlmeAux.NewExtChannelOffset = NewExtChannelOffset; 795 795 - pAd->MlmeAux.HtCapabilityLen = HtCapabilityLen; 796 796 - 797 797 - // filter out un-supported ht rates 798 798 - if (((HtCapabilityLen > 0) || (PreNHtCapabilityLen > 0)) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)) 799 799 - { 800 800 - RTMPZeroMemory(&pAd->MlmeAux.HtCapability, SIZE_HT_CAP_IE); 801 801 - RTMPMoveMemory(&pAd->MlmeAux.AddHtInfo, &AddHtInfo, SIZE_ADD_HT_INFO_IE); 802 802 - 803 803 - // StaActive.SupportedHtPhy.MCSSet stores Peer AP's 11n Rx capability 804 804 - NdisMoveMemory(pAd->StaActive.SupportedPhyInfo.MCSSet, HtCapability.MCSSet, 16); 805 805 - pAd->MlmeAux.NewExtChannelOffset = NewExtChannelOffset; 806 806 - pAd->MlmeAux.HtCapabilityLen = SIZE_HT_CAP_IE; 807 807 - pAd->StaActive.SupportedPhyInfo.bHtEnable = TRUE; 808 808 - if (PreNHtCapabilityLen > 0) 809 809 - pAd->StaActive.SupportedPhyInfo.bPreNHt = TRUE; 810 810 - RTMPCheckHt(pAd, BSSID_WCID, &HtCapability, &AddHtInfo); 811 811 - // Copy AP Parameter to StaActive. This is also in LinkUp. 812 812 - DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAtJoinAction! (MpduDensity=%d, MaxRAmpduFactor=%d, BW=%d)\n", 813 813 - pAd->StaActive.SupportedHtPhy.MpduDensity, pAd->StaActive.SupportedHtPhy.MaxRAmpduFactor, HtCapability.HtCapInfo.ChannelWidth)); 814 814 - 815 815 - if (AddHtInfoLen > 0) 816 816 - { 817 817 - CentralChannel = AddHtInfo.ControlChan; 818 818 - // Check again the Bandwidth capability of this AP. 819 819 - if ((AddHtInfo.ControlChan > 2)&& (AddHtInfo.AddHtInfo.ExtChanOffset == EXTCHA_BELOW) && (HtCapability.HtCapInfo.ChannelWidth == BW_40)) 820 820 - { 821 821 - CentralChannel = AddHtInfo.ControlChan - 2; 822 822 - } 823 823 - else if ((AddHtInfo.AddHtInfo.ExtChanOffset == EXTCHA_ABOVE) && (HtCapability.HtCapInfo.ChannelWidth == BW_40)) 824 824 - { 825 825 - CentralChannel = AddHtInfo.ControlChan + 2; 826 826 - } 827 827 - 828 828 - // Check Error . 829 829 - if (pAd->MlmeAux.CentralChannel != CentralChannel) 830 830 - DBGPRINT(RT_DEBUG_ERROR, ("PeerBeaconAtJoinAction HT===>Beacon Central Channel = %d, Control Channel = %d. Mlmeaux CentralChannel = %d\n", CentralChannel, AddHtInfo.ControlChan, pAd->MlmeAux.CentralChannel)); 831 831 - 832 832 - DBGPRINT(RT_DEBUG_TRACE, ("PeerBeaconAtJoinAction HT===>Central Channel = %d, Control Channel = %d, .\n", CentralChannel, AddHtInfo.ControlChan)); 833 833 - 834 834 - } 835 835 - 836 836 - } 837 837 - else 838 838 - { 839 839 - // To prevent error, let legacy AP must have same CentralChannel and Channel. 840 840 - if ((HtCapabilityLen == 0) && (PreNHtCapabilityLen == 0)) 841 841 - pAd->MlmeAux.CentralChannel = pAd->MlmeAux.Channel; 842 842 - 843 843 - pAd->StaActive.SupportedPhyInfo.bHtEnable = FALSE; 844 844 - RTMPZeroMemory(&pAd->MlmeAux.HtCapability, SIZE_HT_CAP_IE); 845 845 - RTMPZeroMemory(&pAd->MlmeAux.AddHtInfo, SIZE_ADD_HT_INFO_IE); 846 846 - } 847 847 - 848 848 - RTMPUpdateMlmeRate(pAd); 849 849 - 850 850 - // copy QOS related information 851 851 - if ((pAd->CommonCfg.bWmmCapable) 852 852 - || (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED) 853 853 - ) 854 854 - { 855 855 - NdisMoveMemory(&pAd->MlmeAux.APEdcaParm, &EdcaParm, sizeof(EDCA_PARM)); 856 856 - NdisMoveMemory(&pAd->MlmeAux.APQbssLoad, &QbssLoad, sizeof(QBSS_LOAD_PARM)); 857 857 - NdisMoveMemory(&pAd->MlmeAux.APQosCapability, &QosCapability, sizeof(QOS_CAPABILITY_PARM)); 858 858 - } 859 859 - else 860 860 - { 861 861 - NdisZeroMemory(&pAd->MlmeAux.APEdcaParm, sizeof(EDCA_PARM)); 862 862 - NdisZeroMemory(&pAd->MlmeAux.APQbssLoad, sizeof(QBSS_LOAD_PARM)); 863 863 - NdisZeroMemory(&pAd->MlmeAux.APQosCapability, sizeof(QOS_CAPABILITY_PARM)); 864 864 - } 865 865 - 866 866 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - after JOIN, SupRateLen=%d, ExtRateLen=%d\n", 867 867 - pAd->MlmeAux.SupRateLen, pAd->MlmeAux.ExtRateLen)); 868 868 - 869 869 - if (AironetCellPowerLimit != 0xFF) 870 870 - { 871 871 - //We need to change our TxPower for CCX 2.0 AP Control of Client Transmit Power 872 872 - ChangeToCellPowerLimit(pAd, AironetCellPowerLimit); 873 873 - } 874 874 - else //Used the default TX Power Percentage. 875 875 - pAd->CommonCfg.TxPowerPercentage = pAd->CommonCfg.TxPowerDefault; 876 876 - 877 877 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 878 878 - Status = MLME_SUCCESS; 879 879 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_JOIN_CONF, 2, &Status); 880 880 - } 881 881 - // not to me BEACON, ignored 882 882 - } 883 883 - // sanity check fail, ignore this frame 884 884 - } 885 885 - 886 886 - /* 887 887 - ========================================================================== 888 888 - Description: 889 889 - receive BEACON from peer 890 890 - 891 891 - IRQL = DISPATCH_LEVEL 892 892 - 893 893 - ========================================================================== 894 894 - */ 895 895 - VOID PeerBeacon( 896 896 - IN PRTMP_ADAPTER pAd, 897 897 - IN MLME_QUEUE_ELEM *Elem) 898 898 - { 899 899 - UCHAR Bssid[MAC_ADDR_LEN], Addr2[MAC_ADDR_LEN]; 900 900 - CHAR Ssid[MAX_LEN_OF_SSID]; 901 901 - CF_PARM CfParm; 902 902 - UCHAR SsidLen, MessageToMe=0, BssType, Channel, NewChannel, index=0; 903 903 - UCHAR DtimCount=0, DtimPeriod=0, BcastFlag=0; 904 904 - USHORT CapabilityInfo, AtimWin, BeaconPeriod; 905 905 - LARGE_INTEGER TimeStamp; 906 906 - USHORT TbttNumToNextWakeUp; 907 907 - UCHAR Erp; 908 908 - UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRate[MAX_LEN_OF_SUPPORTED_RATES]; 909 909 - UCHAR SupRateLen, ExtRateLen; 910 910 - UCHAR CkipFlag; 911 911 - USHORT LenVIE; 912 912 - UCHAR AironetCellPowerLimit; 913 913 - EDCA_PARM EdcaParm; 914 914 - QBSS_LOAD_PARM QbssLoad; 915 915 - QOS_CAPABILITY_PARM QosCapability; 916 916 - ULONG RalinkIe; 917 917 - // New for WPA security suites 918 918 - UCHAR VarIE[MAX_VIE_LEN]; // Total VIE length = MAX_VIE_LEN - -5 919 919 - NDIS_802_11_VARIABLE_IEs *pVIE = NULL; 920 920 - HT_CAPABILITY_IE HtCapability; 921 921 - ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE 922 922 - UCHAR HtCapabilityLen, PreNHtCapabilityLen; 923 923 - UCHAR AddHtInfoLen; 924 924 - UCHAR NewExtChannelOffset = 0xff; 925 925 - 926 926 - if (!(INFRA_ON(pAd) || ADHOC_ON(pAd) 927 927 - )) 928 928 - return; 929 929 - 930 930 - // Init Variable IE structure 931 931 - pVIE = (PNDIS_802_11_VARIABLE_IEs) VarIE; 932 932 - pVIE->Length = 0; 933 933 - RTMPZeroMemory(&HtCapability, sizeof(HtCapability)); 934 934 - RTMPZeroMemory(&AddHtInfo, sizeof(ADD_HT_INFO_IE)); 935 935 - 936 936 - if (PeerBeaconAndProbeRspSanity(pAd, 937 937 - Elem->Msg, 938 938 - Elem->MsgLen, 939 939 - Elem->Channel, 940 940 - Addr2, 941 941 - Bssid, 942 942 - Ssid, 943 943 - &SsidLen, 944 944 - &BssType, 945 945 - &BeaconPeriod, 946 946 - &Channel, 947 947 - &NewChannel, 948 948 - &TimeStamp, 949 949 - &CfParm, 950 950 - &AtimWin, 951 951 - &CapabilityInfo, 952 952 - &Erp, 953 953 - &DtimCount, 954 954 - &DtimPeriod, 955 955 - &BcastFlag, 956 956 - &MessageToMe, 957 957 - SupRate, 958 958 - &SupRateLen, 959 959 - ExtRate, 960 960 - &ExtRateLen, 961 961 - &CkipFlag, 962 962 - &AironetCellPowerLimit, 963 963 - &EdcaParm, 964 964 - &QbssLoad, 965 965 - &QosCapability, 966 966 - &RalinkIe, 967 967 - &HtCapabilityLen, 968 968 - &PreNHtCapabilityLen, 969 969 - &HtCapability, 970 970 - &AddHtInfoLen, 971 971 - &AddHtInfo, 972 972 - &NewExtChannelOffset, 973 973 - &LenVIE, 974 974 - pVIE)) 975 975 - { 976 976 - BOOLEAN is_my_bssid, is_my_ssid; 977 977 - ULONG Bssidx, Now; 978 978 - BSS_ENTRY *pBss; 979 979 - CHAR RealRssi = RTMPMaxRssi(pAd, ConvertToRssi(pAd, Elem->Rssi0, RSSI_0), ConvertToRssi(pAd, Elem->Rssi1, RSSI_1), ConvertToRssi(pAd, Elem->Rssi2, RSSI_2)); 980 980 - 981 981 - is_my_bssid = MAC_ADDR_EQUAL(Bssid, pAd->CommonCfg.Bssid)? TRUE : FALSE; 982 982 - is_my_ssid = SSID_EQUAL(Ssid, SsidLen, pAd->CommonCfg.Ssid, pAd->CommonCfg.SsidLen)? TRUE:FALSE; 983 983 - 984 984 - 985 985 - // ignore BEACON not for my SSID 986 986 - if ((! is_my_ssid) && (! is_my_bssid)) 987 987 - return; 988 988 - 989 989 - // It means STA waits disassoc completely from this AP, ignores this beacon. 990 990 - if (pAd->Mlme.CntlMachine.CurrState == CNTL_WAIT_DISASSOC) 991 991 - return; 992 992 - 993 993 - // Copy Control channel for this BSSID. 994 994 - if (AddHtInfoLen != 0) 995 995 - Channel = AddHtInfo.ControlChan; 996 996 - 997 997 - if ((HtCapabilityLen > 0) || (PreNHtCapabilityLen > 0)) 998 998 - HtCapabilityLen = SIZE_HT_CAP_IE; 999 999 - 1000 1000 - // 1001 1001 - // Housekeeping "SsidBssTab" table for later-on ROAMing usage. 1002 1002 - // 1003 1003 - Bssidx = BssTableSearch(&pAd->ScanTab, Bssid, Channel); 1004 1004 - if (Bssidx == BSS_NOT_FOUND) 1005 1005 - { 1006 1006 - // discover new AP of this network, create BSS entry 1007 1007 - Bssidx = BssTableSetEntry(pAd, &pAd->ScanTab, Bssid, Ssid, SsidLen, BssType, BeaconPeriod, 1008 1008 - &CfParm, AtimWin, CapabilityInfo, SupRate, SupRateLen, ExtRate, ExtRateLen, 1009 1009 - &HtCapability, &AddHtInfo,HtCapabilityLen,AddHtInfoLen,NewExtChannelOffset, Channel, 1010 1010 - RealRssi, TimeStamp, CkipFlag, &EdcaParm, &QosCapability, 1011 1011 - &QbssLoad, LenVIE, pVIE); 1012 1012 - if (Bssidx == BSS_NOT_FOUND) // return if BSS table full 1013 1013 - return; 1014 1014 - 1015 1015 - NdisMoveMemory(pAd->ScanTab.BssEntry[Bssidx].PTSF, &Elem->Msg[24], 4); 1016 1016 - NdisMoveMemory(&pAd->ScanTab.BssEntry[Bssidx].TTSF[0], &Elem->TimeStamp.u.LowPart, 4); 1017 1017 - NdisMoveMemory(&pAd->ScanTab.BssEntry[Bssidx].TTSF[4], &Elem->TimeStamp.u.LowPart, 4); 1018 1018 - 1019 1019 - 1020 1020 - 1021 1021 - } 1022 1022 - 1023 1023 - if ((pAd->CommonCfg.bIEEE80211H == 1) && (NewChannel != 0) && (Channel != NewChannel)) 1024 1024 - { 1025 1025 - // Switching to channel 1 can prevent from rescanning the current channel immediately (by auto reconnection). 1026 1026 - // In addition, clear the MLME queue and the scan table to discard the RX packets and previous scanning results. 1027 1027 - AsicSwitchChannel(pAd, 1, FALSE); 1028 1028 - AsicLockChannel(pAd, 1); 1029 1029 - LinkDown(pAd, FALSE); 1030 1030 - MlmeQueueInit(&pAd->Mlme.Queue); 1031 1031 - BssTableInit(&pAd->ScanTab); 1032 1032 - RTMPusecDelay(1000000); // use delay to prevent STA do reassoc 1033 1033 - 1034 1034 - // channel sanity check 1035 1035 - for (index = 0 ; index < pAd->ChannelListNum; index++) 1036 1036 - { 1037 1037 - if (pAd->ChannelList[index].Channel == NewChannel) 1038 1038 - { 1039 1039 - pAd->ScanTab.BssEntry[Bssidx].Channel = NewChannel; 1040 1040 - pAd->CommonCfg.Channel = NewChannel; 1041 1041 - AsicSwitchChannel(pAd, pAd->CommonCfg.Channel, FALSE); 1042 1042 - AsicLockChannel(pAd, pAd->CommonCfg.Channel); 1043 1043 - DBGPRINT(RT_DEBUG_TRACE, ("PeerBeacon - STA receive channel switch announcement IE (New Channel =%d)\n", NewChannel)); 1044 1044 - break; 1045 1045 - } 1046 1046 - } 1047 1047 - 1048 1048 - if (index >= pAd->ChannelListNum) 1049 1049 - { 1050 1050 - DBGPRINT_ERR(("PeerBeacon(can not find New Channel=%d in ChannelList[%d]\n", pAd->CommonCfg.Channel, pAd->ChannelListNum)); 1051 1051 - } 1052 1052 - } 1053 1053 - 1054 1054 - // if the ssid matched & bssid unmatched, we should select the bssid with large value. 1055 1055 - // This might happened when two STA start at the same time 1056 1056 - if ((! is_my_bssid) && ADHOC_ON(pAd)) 1057 1057 - { 1058 1058 - INT i; 1059 1059 - 1060 1060 - // Add the safeguard against the mismatch of adhoc wep status 1061 1061 - if (pAd->StaCfg.WepStatus != pAd->ScanTab.BssEntry[Bssidx].WepStatus) 1062 1062 - { 1063 1063 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - Not matched wep status %d %d\n", pAd->StaCfg.WepStatus, pAd->ScanTab.BssEntry[Bssidx].WepStatus)); 1064 1064 - DBGPRINT(RT_DEBUG_TRACE, ("bssid=%s\n", pAd->ScanTab.BssEntry[Bssidx].Bssid)); 1065 1065 - return; 1066 1066 - } 1067 1067 - 1068 1068 - // collapse into the ADHOC network which has bigger BSSID value. 1069 1069 - for (i = 0; i < 6; i++) 1070 1070 - { 1071 1071 - if (Bssid[i] > pAd->CommonCfg.Bssid[i]) 1072 1072 - { 1073 1073 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - merge to the IBSS with bigger BSSID=%02x:%02x:%02x:%02x:%02x:%02x\n", 1074 1074 - Bssid[0], Bssid[1], Bssid[2], Bssid[3], Bssid[4], Bssid[5])); 1075 1075 - AsicDisableSync(pAd); 1076 1076 - COPY_MAC_ADDR(pAd->CommonCfg.Bssid, Bssid); 1077 1077 - AsicSetBssid(pAd, pAd->CommonCfg.Bssid); 1078 1078 - MakeIbssBeacon(pAd); // re-build BEACON frame 1079 1079 - AsicEnableIbssSync(pAd); // copy BEACON frame to on-chip memory 1080 1080 - is_my_bssid = TRUE; 1081 1081 - break; 1082 1082 - } 1083 1083 - else if (Bssid[i] < pAd->CommonCfg.Bssid[i]) 1084 1084 - break; 1085 1085 - } 1086 1086 - } 1087 1087 - 1088 1088 - 1089 1089 - NdisGetSystemUpTime(&Now); 1090 1090 - pBss = &pAd->ScanTab.BssEntry[Bssidx]; 1091 1091 - pBss->Rssi = RealRssi; // lastest RSSI 1092 1092 - pBss->LastBeaconRxTime = Now; // last RX timestamp 1093 1093 - 1094 1094 - // 1095 1095 - // BEACON from my BSSID - either IBSS or INFRA network 1096 1096 - // 1097 1097 - if (is_my_bssid) 1098 1098 - { 1099 1099 - RXWI_STRUC RxWI; 1100 1100 - 1101 1101 - pAd->StaCfg.DtimCount = DtimCount; 1102 1102 - pAd->StaCfg.DtimPeriod = DtimPeriod; 1103 1103 - pAd->StaCfg.LastBeaconRxTime = Now; 1104 1104 - 1105 1105 - 1106 1106 - RxWI.RSSI0 = Elem->Rssi0; 1107 1107 - RxWI.RSSI1 = Elem->Rssi1; 1108 1108 - RxWI.RSSI2 = Elem->Rssi2; 1109 1109 - 1110 1110 - Update_Rssi_Sample(pAd, &pAd->StaCfg.RssiSample, &RxWI); 1111 1111 - if (AironetCellPowerLimit != 0xFF) 1112 1112 - { 1113 1113 - // 1114 1114 - // We get the Cisco (ccx) "TxPower Limit" required 1115 1115 - // Changed to appropriate TxPower Limit for Ciso Compatible Extensions 1116 1116 - // 1117 1117 - ChangeToCellPowerLimit(pAd, AironetCellPowerLimit); 1118 1118 - } 1119 1119 - else 1120 1120 - { 1121 1121 - // 1122 1122 - // AironetCellPowerLimit equal to 0xFF means the Cisco (ccx) "TxPower Limit" not exist. 1123 1123 - // Used the default TX Power Percentage, that set from UI. 1124 1124 - // 1125 1125 - pAd->CommonCfg.TxPowerPercentage = pAd->CommonCfg.TxPowerDefault; 1126 1126 - } 1127 1127 - 1128 1128 - if (ADHOC_ON(pAd) && (CAP_IS_IBSS_ON(CapabilityInfo))) 1129 1129 - { 1130 1130 - UCHAR MaxSupportedRateIn500Kbps = 0; 1131 1131 - UCHAR idx; 1132 1132 - MAC_TABLE_ENTRY *pEntry; 1133 1133 - 1134 1134 - // supported rates array may not be sorted. sort it and find the maximum rate 1135 1135 - for (idx=0; idx<SupRateLen; idx++) 1136 1136 - { 1137 1137 - if (MaxSupportedRateIn500Kbps < (SupRate[idx] & 0x7f)) 1138 1138 - MaxSupportedRateIn500Kbps = SupRate[idx] & 0x7f; 1139 1139 - } 1140 1140 - 1141 1141 - for (idx=0; idx<ExtRateLen; idx++) 1142 1142 - { 1143 1143 - if (MaxSupportedRateIn500Kbps < (ExtRate[idx] & 0x7f)) 1144 1144 - MaxSupportedRateIn500Kbps = ExtRate[idx] & 0x7f; 1145 1145 - } 1146 1146 - 1147 1147 - // look up the existing table 1148 1148 - pEntry = MacTableLookup(pAd, Addr2); 1149 1149 - 1150 1150 - // Ad-hoc mode is using MAC address as BA session. So we need to continuously find newly joined adhoc station by receiving beacon. 1151 1151 - // To prevent always check this, we use wcid == RESERVED_WCID to recognize it as newly joined adhoc station. 1152 1152 - if ((ADHOC_ON(pAd) && (Elem->Wcid == RESERVED_WCID)) || 1153 1153 - (pEntry && ((pEntry->LastBeaconRxTime + ADHOC_ENTRY_BEACON_LOST_TIME) < Now))) 1154 1154 - { 1155 1155 - if (pEntry == NULL) 1156 1156 - // Another adhoc joining, add to our MAC table. 1157 1157 - pEntry = MacTableInsertEntry(pAd, Addr2, BSS0, FALSE); 1158 1158 - 1159 1159 - if (StaAddMacTableEntry(pAd, pEntry, MaxSupportedRateIn500Kbps, &HtCapability, HtCapabilityLen, CapabilityInfo) == FALSE) 1160 1160 - { 1161 1161 - DBGPRINT(RT_DEBUG_TRACE, ("ADHOC - Add Entry failed.\n")); 1162 1162 - return; 1163 1163 - } 1164 1164 - 1165 1165 - if (pEntry && 1166 1166 - (Elem->Wcid == RESERVED_WCID)) 1167 1167 - { 1168 1168 - idx = pAd->StaCfg.DefaultKeyId; 1169 1169 - RT28XX_STA_SECURITY_INFO_ADD(pAd, BSS0, idx, pEntry); 1170 1170 - } 1171 1171 - } 1172 1172 - 1173 1173 - if (pEntry && pEntry->ValidAsCLI) 1174 1174 - pEntry->LastBeaconRxTime = Now; 1175 1175 - 1176 1176 - // At least another peer in this IBSS, declare MediaState as CONNECTED 1177 1177 - if (!OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED)) 1178 1178 - { 1179 1179 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED); 1180 1180 - 1181 1181 - pAd->IndicateMediaState = NdisMediaStateConnected; 1182 1182 - RTMP_IndicateMediaState(pAd); 1183 1183 - pAd->ExtraInfo = GENERAL_LINK_UP; 1184 1184 - AsicSetBssid(pAd, pAd->CommonCfg.Bssid); 1185 1185 - 1186 1186 - // 2003/03/12 - john 1187 1187 - // Make sure this entry in "ScanTab" table, thus complies to Microsoft's policy that 1188 1188 - // "site survey" result should always include the current connected network. 1189 1189 - // 1190 1190 - Bssidx = BssTableSearch(&pAd->ScanTab, Bssid, Channel); 1191 1191 - if (Bssidx == BSS_NOT_FOUND) 1192 1192 - { 1193 1193 - Bssidx = BssTableSetEntry(pAd, &pAd->ScanTab, Bssid, Ssid, SsidLen, BssType, BeaconPeriod, 1194 1194 - &CfParm, AtimWin, CapabilityInfo, SupRate, SupRateLen, ExtRate, ExtRateLen, &HtCapability, 1195 1195 - &AddHtInfo, HtCapabilityLen, AddHtInfoLen, NewExtChannelOffset, Channel, RealRssi, TimeStamp, 0, 1196 1196 - &EdcaParm, &QosCapability, &QbssLoad, LenVIE, pVIE); 1197 1197 - } 1198 1198 - DBGPRINT(RT_DEBUG_TRACE, ("ADHOC fOP_STATUS_MEDIA_STATE_CONNECTED.\n")); 1199 1199 - } 1200 1200 - } 1201 1201 - 1202 1202 - if (INFRA_ON(pAd)) 1203 1203 - { 1204 1204 - BOOLEAN bUseShortSlot, bUseBGProtection; 1205 1205 - 1206 1206 - // decide to use/change to - 1207 1207 - // 1. long slot (20 us) or short slot (9 us) time 1208 1208 - // 2. turn on/off RTS/CTS and/or CTS-to-self protection 1209 1209 - // 3. short preamble 1210 1210 - 1211 1211 - //bUseShortSlot = pAd->CommonCfg.bUseShortSlotTime && CAP_IS_SHORT_SLOT(CapabilityInfo); 1212 1212 - bUseShortSlot = CAP_IS_SHORT_SLOT(CapabilityInfo); 1213 1213 - if (bUseShortSlot != OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_SHORT_SLOT_INUSED)) 1214 1214 - AsicSetSlotTime(pAd, bUseShortSlot); 1215 1215 - 1216 1216 - bUseBGProtection = (pAd->CommonCfg.UseBGProtection == 1) || // always use 1217 1217 - ((pAd->CommonCfg.UseBGProtection == 0) && ERP_IS_USE_PROTECTION(Erp)); 1218 1218 - 1219 1219 - if (pAd->CommonCfg.Channel > 14) // always no BG protection in A-band. falsely happened when switching A/G band to a dual-band AP 1220 1220 - bUseBGProtection = FALSE; 1221 1221 - 1222 1222 - if (bUseBGProtection != OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_BG_PROTECTION_INUSED)) 1223 1223 - { 1224 1224 - if (bUseBGProtection) 1225 1225 - { 1226 1226 - OPSTATUS_SET_FLAG(pAd, fOP_STATUS_BG_PROTECTION_INUSED); 1227 1227 - AsicUpdateProtect(pAd, pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode, (OFDMSETPROTECT|CCKSETPROTECT|ALLN_SETPROTECT),FALSE,(pAd->MlmeAux.AddHtInfo.AddHtInfo2.NonGfPresent == 1)); 1228 1228 - } 1229 1229 - else 1230 1230 - { 1231 1231 - OPSTATUS_CLEAR_FLAG(pAd, fOP_STATUS_BG_PROTECTION_INUSED); 1232 1232 - AsicUpdateProtect(pAd, pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode, (OFDMSETPROTECT|CCKSETPROTECT|ALLN_SETPROTECT),TRUE,(pAd->MlmeAux.AddHtInfo.AddHtInfo2.NonGfPresent == 1)); 1233 1233 - } 1234 1234 - 1235 1235 - DBGPRINT(RT_DEBUG_WARN, ("SYNC - AP changed B/G protection to %d\n", bUseBGProtection)); 1236 1236 - } 1237 1237 - 1238 1238 - // check Ht protection mode. and adhere to the Non-GF device indication by AP. 1239 1239 - if ((AddHtInfoLen != 0) && 1240 1240 - ((AddHtInfo.AddHtInfo2.OperaionMode != pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode) || 1241 1241 - (AddHtInfo.AddHtInfo2.NonGfPresent != pAd->MlmeAux.AddHtInfo.AddHtInfo2.NonGfPresent))) 1242 1242 - { 1243 1243 - pAd->MlmeAux.AddHtInfo.AddHtInfo2.NonGfPresent = AddHtInfo.AddHtInfo2.NonGfPresent; 1244 1244 - pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode = AddHtInfo.AddHtInfo2.OperaionMode; 1245 1245 - if (pAd->MlmeAux.AddHtInfo.AddHtInfo2.NonGfPresent == 1) 1246 1246 - { 1247 1247 - AsicUpdateProtect(pAd, pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode, ALLN_SETPROTECT, FALSE, TRUE); 1248 1248 - } 1249 1249 - else 1250 1250 - AsicUpdateProtect(pAd, pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode, ALLN_SETPROTECT, FALSE, FALSE); 1251 1251 - 1252 1252 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - AP changed N OperaionMode to %d\n", pAd->MlmeAux.AddHtInfo.AddHtInfo2.OperaionMode)); 1253 1253 - } 1254 1254 - 1255 1255 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_SHORT_PREAMBLE_INUSED) && 1256 1256 - ERP_IS_USE_BARKER_PREAMBLE(Erp)) 1257 1257 - { 1258 1258 - MlmeSetTxPreamble(pAd, Rt802_11PreambleLong); 1259 1259 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - AP forced to use LONG preamble\n")); 1260 1260 - } 1261 1261 - 1262 1262 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_WMM_INUSED) && 1263 1263 - (EdcaParm.bValid == TRUE) && 1264 1264 - (EdcaParm.EdcaUpdateCount != pAd->CommonCfg.APEdcaParm.EdcaUpdateCount)) 1265 1265 - { 1266 1266 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - AP change EDCA parameters(from %d to %d)\n", 1267 1267 - pAd->CommonCfg.APEdcaParm.EdcaUpdateCount, 1268 1268 - EdcaParm.EdcaUpdateCount)); 1269 1269 - AsicSetEdcaParm(pAd, &EdcaParm); 1270 1270 - } 1271 1271 - 1272 1272 - // copy QOS related information 1273 1273 - NdisMoveMemory(&pAd->CommonCfg.APQbssLoad, &QbssLoad, sizeof(QBSS_LOAD_PARM)); 1274 1274 - NdisMoveMemory(&pAd->CommonCfg.APQosCapability, &QosCapability, sizeof(QOS_CAPABILITY_PARM)); 1275 1275 - } 1276 1276 - 1277 1277 - // only INFRASTRUCTURE mode support power-saving feature 1278 1278 - if ((INFRA_ON(pAd) && (pAd->StaCfg.Psm == PWR_SAVE)) || (pAd->CommonCfg.bAPSDForcePowerSave)) 1279 1279 - { 1280 1280 - UCHAR FreeNumber; 1281 1281 - // 1. AP has backlogged unicast-to-me frame, stay AWAKE, send PSPOLL 1282 1282 - // 2. AP has backlogged broadcast/multicast frame and we want those frames, stay AWAKE 1283 1283 - // 3. we have outgoing frames in TxRing or MgmtRing, better stay AWAKE 1284 1284 - // 4. Psm change to PWR_SAVE, but AP not been informed yet, we better stay AWAKE 1285 1285 - // 5. otherwise, put PHY back to sleep to save battery. 1286 1286 - if (MessageToMe) 1287 1287 - { 1288 1288 - if (pAd->CommonCfg.bAPSDCapable && pAd->CommonCfg.APEdcaParm.bAPSDCapable && 1289 1289 - pAd->CommonCfg.bAPSDAC_BE && pAd->CommonCfg.bAPSDAC_BK && pAd->CommonCfg.bAPSDAC_VI && pAd->CommonCfg.bAPSDAC_VO) 1290 1290 - { 1291 1291 - pAd->CommonCfg.bNeedSendTriggerFrame = TRUE; 1292 1292 - } 1293 1293 - else 1294 1294 - RT28XX_PS_POLL_ENQUEUE(pAd); 1295 1295 - } 1296 1296 - else if (BcastFlag && (DtimCount == 0) && OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_RECEIVE_DTIM)) 1297 1297 - { 1298 1298 - } 1299 1299 - else if ((pAd->TxSwQueue[QID_AC_BK].Number != 0) || 1300 1300 - (pAd->TxSwQueue[QID_AC_BE].Number != 0) || 1301 1301 - (pAd->TxSwQueue[QID_AC_VI].Number != 0) || 1302 1302 - (pAd->TxSwQueue[QID_AC_VO].Number != 0) || 1303 1303 - (RTMPFreeTXDRequest(pAd, QID_AC_BK, TX_RING_SIZE - 1, &FreeNumber) != NDIS_STATUS_SUCCESS) || 1304 1304 - (RTMPFreeTXDRequest(pAd, QID_AC_BE, TX_RING_SIZE - 1, &FreeNumber) != NDIS_STATUS_SUCCESS) || 1305 1305 - (RTMPFreeTXDRequest(pAd, QID_AC_VI, TX_RING_SIZE - 1, &FreeNumber) != NDIS_STATUS_SUCCESS) || 1306 1306 - (RTMPFreeTXDRequest(pAd, QID_AC_VO, TX_RING_SIZE - 1, &FreeNumber) != NDIS_STATUS_SUCCESS) || 1307 1307 - (RTMPFreeTXDRequest(pAd, QID_MGMT, MGMT_RING_SIZE - 1, &FreeNumber) != NDIS_STATUS_SUCCESS)) 1308 1308 - { 1309 1309 - // TODO: consider scheduled HCCA. might not be proper to use traditional DTIM-based power-saving scheme 1310 1310 - // can we cheat here (i.e. just check MGMT & AC_BE) for better performance? 1311 1311 - } 1312 1312 - else 1313 1313 - { 1314 1314 - USHORT NextDtim = DtimCount; 1315 1315 - 1316 1316 - if (NextDtim == 0) 1317 1317 - NextDtim = DtimPeriod; 1318 1318 - 1319 1319 - TbttNumToNextWakeUp = pAd->StaCfg.DefaultListenCount; 1320 1320 - if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_RECEIVE_DTIM) && (TbttNumToNextWakeUp > NextDtim)) 1321 1321 - TbttNumToNextWakeUp = NextDtim; 1322 1322 - 1323 1323 - if (!OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_DOZE)) 1324 1324 - { 1325 1325 - AsicSleepThenAutoWakeup(pAd, TbttNumToNextWakeUp); 1326 1326 - } 1327 1327 - } 1328 1328 - } 1329 1329 - } 1330 1330 - // not my BSSID, ignore it 1331 1331 - } 1332 1332 - // sanity check fail, ignore this frame 1333 1333 - } 1334 1334 - 1335 1335 - /* 1336 1336 - ========================================================================== 1337 1337 - Description: 1338 1338 - Receive PROBE REQ from remote peer when operating in IBSS mode 1339 1339 - ========================================================================== 1340 1340 - */ 1341 1341 - VOID PeerProbeReqAction( 1342 1342 - IN PRTMP_ADAPTER pAd, 1343 1343 - IN MLME_QUEUE_ELEM *Elem) 1344 1344 - { 1345 1345 - UCHAR Addr2[MAC_ADDR_LEN]; 1346 1346 - CHAR Ssid[MAX_LEN_OF_SSID]; 1347 1347 - UCHAR SsidLen; 1348 1348 - UCHAR HtLen, AddHtLen, NewExtLen; 1349 1349 - HEADER_802_11 ProbeRspHdr; 1350 1350 - NDIS_STATUS NStatus; 1351 1351 - PUCHAR pOutBuffer = NULL; 1352 1352 - ULONG FrameLen = 0; 1353 1353 - LARGE_INTEGER FakeTimestamp; 1354 1354 - UCHAR DsLen = 1, IbssLen = 2; 1355 1355 - UCHAR LocalErpIe[3] = {IE_ERP, 1, 0}; 1356 1356 - BOOLEAN Privacy; 1357 1357 - USHORT CapabilityInfo; 1358 1358 - UCHAR RSNIe = IE_WPA; 1359 1359 - 1360 1360 - if (! ADHOC_ON(pAd)) 1361 1361 - return; 1362 1362 - 1363 1363 - if (PeerProbeReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, Ssid, &SsidLen)) 1364 1364 - { 1365 1365 - if ((SsidLen == 0) || SSID_EQUAL(Ssid, SsidLen, pAd->CommonCfg.Ssid, pAd->CommonCfg.SsidLen)) 1366 1366 - { 1367 1367 - // allocate and send out ProbeRsp frame 1368 1368 - NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 1369 1369 - if (NStatus != NDIS_STATUS_SUCCESS) 1370 1370 - return; 1371 1371 - 1372 1372 - //pAd->StaCfg.AtimWin = 0; // ?????? 1373 1373 - 1374 1374 - Privacy = (pAd->StaCfg.WepStatus == Ndis802_11Encryption1Enabled) || 1375 1375 - (pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled) || 1376 1376 - (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled); 1377 1377 - CapabilityInfo = CAP_GENERATE(0, 1, Privacy, (pAd->CommonCfg.TxPreamble == Rt802_11PreambleShort), 0, 0); 1378 1378 - 1379 1379 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1380 1380 - sizeof(HEADER_802_11), &ProbeRspHdr, 1381 1381 - TIMESTAMP_LEN, &FakeTimestamp, 1382 1382 - 2, &pAd->CommonCfg.BeaconPeriod, 1383 1383 - 2, &CapabilityInfo, 1384 1384 - 1, &SsidIe, 1385 1385 - 1, &pAd->CommonCfg.SsidLen, 1386 1386 - pAd->CommonCfg.SsidLen, pAd->CommonCfg.Ssid, 1387 1387 - 1, &SupRateIe, 1388 1388 - 1, &pAd->StaActive.SupRateLen, 1389 1389 - pAd->StaActive.SupRateLen, pAd->StaActive.SupRate, 1390 1390 - 1, &DsIe, 1391 1391 - 1, &DsLen, 1392 1392 - 1, &pAd->CommonCfg.Channel, 1393 1393 - 1, &IbssIe, 1394 1394 - 1, &IbssLen, 1395 1395 - 2, &pAd->StaActive.AtimWin, 1396 1396 - END_OF_ARGS); 1397 1397 - 1398 1398 - if (pAd->StaActive.ExtRateLen) 1399 1399 - { 1400 1400 - ULONG tmp; 1401 1401 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 1402 1402 - 3, LocalErpIe, 1403 1403 - 1, &ExtRateIe, 1404 1404 - 1, &pAd->StaActive.ExtRateLen, 1405 1405 - pAd->StaActive.ExtRateLen, &pAd->StaActive.ExtRate, 1406 1406 - END_OF_ARGS); 1407 1407 - FrameLen += tmp; 1408 1408 - } 1409 1409 - 1410 1410 - // If adhoc secruity is set for WPA-None, append the cipher suite IE 1411 1411 - if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPANone) 1412 1412 - { 1413 1413 - ULONG tmp; 1414 1414 - MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp, 1415 1415 - 1, &RSNIe, 1416 1416 - 1, &pAd->StaCfg.RSNIE_Len, 1417 1417 - pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE, 1418 1418 - END_OF_ARGS); 1419 1419 - FrameLen += tmp; 1420 1420 - } 1421 1421 - 1422 1422 - if (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED) 1423 1423 - { 1424 1424 - ULONG TmpLen; 1425 1425 - UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33}; 1426 1426 - HtLen = sizeof(pAd->CommonCfg.HtCapability); 1427 1427 - AddHtLen = sizeof(pAd->CommonCfg.AddHTInfo); 1428 1428 - NewExtLen = 1; 1429 1429 - //New extension channel offset IE is included in Beacon, Probe Rsp or channel Switch Announcement Frame 1430 1430 - if (pAd->bBroadComHT == TRUE) 1431 1431 - { 1432 1432 - MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen, 1433 1433 - 1, &WpaIe, 1434 1434 - 4, &BROADCOM[0], 1435 1435 - pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability, 1436 1436 - END_OF_ARGS); 1437 1437 - } 1438 1438 - else 1439 1439 - { 1440 1440 - MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen, 1441 1441 - 1, &HtCapIe, 1442 1442 - 1, &HtLen, 1443 1443 - sizeof(HT_CAPABILITY_IE), &pAd->CommonCfg.HtCapability, 1444 1444 - 1, &AddHtInfoIe, 1445 1445 - 1, &AddHtLen, 1446 1446 - sizeof(ADD_HT_INFO_IE), &pAd->CommonCfg.AddHTInfo, 1447 1447 - 1, &NewExtChanIe, 1448 1448 - 1, &NewExtLen, 1449 1449 - sizeof(NEW_EXT_CHAN_IE), &pAd->CommonCfg.NewExtChanOffset, 1450 1450 - END_OF_ARGS); 1451 1451 - } 1452 1452 - FrameLen += TmpLen; 1453 1453 - } 1454 1454 - 1455 1455 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 1456 1456 - MlmeFreeMemory(pAd, pOutBuffer); 1457 1457 - } 1458 1458 - } 1459 1459 - } 1460 1460 - 1461 1461 - VOID BeaconTimeoutAtJoinAction( 1462 1462 - IN PRTMP_ADAPTER pAd, 1463 1463 - IN MLME_QUEUE_ELEM *Elem) 1464 1464 - { 1465 1465 - USHORT Status; 1466 1466 - DBGPRINT(RT_DEBUG_TRACE, ("SYNC - BeaconTimeoutAtJoinAction\n")); 1467 1467 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 1468 1468 - Status = MLME_REJ_TIMEOUT; 1469 1469 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_JOIN_CONF, 2, &Status); 1470 1470 - } 1471 1471 - 1472 1472 - /* 1473 1473 - ========================================================================== 1474 1474 - Description: 1475 1475 - Scan timeout procedure. basically add channel index by 1 and rescan 1476 1476 - ========================================================================== 1477 1477 - */ 1478 1478 - VOID ScanTimeoutAction( 1479 1479 - IN PRTMP_ADAPTER pAd, 1480 1480 - IN MLME_QUEUE_ELEM *Elem) 1481 1481 - { 1482 1482 - pAd->MlmeAux.Channel = NextChannel(pAd, pAd->MlmeAux.Channel); 1483 1483 - 1484 1484 - // Only one channel scanned for CISCO beacon request 1485 1485 - if ((pAd->MlmeAux.ScanType == SCAN_CISCO_ACTIVE) || 1486 1486 - (pAd->MlmeAux.ScanType == SCAN_CISCO_PASSIVE) || 1487 1487 - (pAd->MlmeAux.ScanType == SCAN_CISCO_NOISE) || 1488 1488 - (pAd->MlmeAux.ScanType == SCAN_CISCO_CHANNEL_LOAD)) 1489 1489 - pAd->MlmeAux.Channel = 0; 1490 1490 - 1491 1491 - // this routine will stop if pAd->MlmeAux.Channel == 0 1492 1492 - ScanNextChannel(pAd); 1493 1493 - } 1494 1494 - 1495 1495 - /* 1496 1496 - ========================================================================== 1497 1497 - Description: 1498 1498 - ========================================================================== 1499 1499 - */ 1500 1500 - VOID InvalidStateWhenScan( 1501 1501 - IN PRTMP_ADAPTER pAd, 1502 1502 - IN MLME_QUEUE_ELEM *Elem) 1503 1503 - { 1504 1504 - USHORT Status; 1505 1505 - DBGPRINT(RT_DEBUG_TRACE, ("AYNC - InvalidStateWhenScan(state=%ld). Reset SYNC machine\n", pAd->Mlme.SyncMachine.CurrState)); 1506 1506 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 1507 1507 - Status = MLME_STATE_MACHINE_REJECT; 1508 1508 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_SCAN_CONF, 2, &Status); 1509 1509 - } 1510 1510 - 1511 1511 - /* 1512 1512 - ========================================================================== 1513 1513 - Description: 1514 1514 - ========================================================================== 1515 1515 - */ 1516 1516 - VOID InvalidStateWhenJoin( 1517 1517 - IN PRTMP_ADAPTER pAd, 1518 1518 - IN MLME_QUEUE_ELEM *Elem) 1519 1519 - { 1520 1520 - USHORT Status; 1521 1521 - DBGPRINT(RT_DEBUG_TRACE, ("InvalidStateWhenJoin(state=%ld). Reset SYNC machine\n", pAd->Mlme.SyncMachine.CurrState)); 1522 1522 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 1523 1523 - Status = MLME_STATE_MACHINE_REJECT; 1524 1524 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_JOIN_CONF, 2, &Status); 1525 1525 - } 1526 1526 - 1527 1527 - /* 1528 1528 - ========================================================================== 1529 1529 - Description: 1530 1530 - ========================================================================== 1531 1531 - */ 1532 1532 - VOID InvalidStateWhenStart( 1533 1533 - IN PRTMP_ADAPTER pAd, 1534 1534 - IN MLME_QUEUE_ELEM *Elem) 1535 1535 - { 1536 1536 - USHORT Status; 1537 1537 - DBGPRINT(RT_DEBUG_TRACE, ("InvalidStateWhenStart(state=%ld). Reset SYNC machine\n", pAd->Mlme.SyncMachine.CurrState)); 1538 1538 - pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE; 1539 1539 - Status = MLME_STATE_MACHINE_REJECT; 1540 1540 - MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_START_CONF, 2, &Status); 1541 1541 - } 1542 1542 - 1543 1543 - /* 1544 1544 - ========================================================================== 1545 1545 - Description: 1546 1546 - 1547 1547 - IRQL = DISPATCH_LEVEL 1548 1548 - 1549 1549 - ========================================================================== 1550 1550 - */ 1551 1551 - VOID EnqueuePsPoll( 1552 1552 - IN PRTMP_ADAPTER pAd) 1553 1553 - { 1554 1554 - if (pAd->StaCfg.WindowsPowerMode == Ndis802_11PowerModeLegacy_PSP) 1555 1555 - pAd->PsPollFrame.FC.PwrMgmt = PWR_SAVE; 1556 1556 - MiniportMMRequest(pAd, 0, (PUCHAR)&pAd->PsPollFrame, sizeof(PSPOLL_FRAME)); 1557 1557 - } 1558 1558 - 1559 1559 - 1560 1560 - /* 1561 1561 - ========================================================================== 1562 1562 - Description: 1563 1563 - ========================================================================== 1564 1564 - */ 1565 1565 - VOID EnqueueProbeRequest( 1566 1566 - IN PRTMP_ADAPTER pAd) 1567 1567 - { 1568 1568 - NDIS_STATUS NState; 1569 1569 - PUCHAR pOutBuffer; 1570 1570 - ULONG FrameLen = 0; 1571 1571 - HEADER_802_11 Hdr80211; 1572 1572 - 1573 1573 - DBGPRINT(RT_DEBUG_TRACE, ("force out a ProbeRequest ...\n")); 1574 1574 - 1575 1575 - NState = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory 1576 1576 - if (NState == NDIS_STATUS_SUCCESS) 1577 1577 - { 1578 1578 - MgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0, BROADCAST_ADDR, BROADCAST_ADDR); 1579 1579 - 1580 1580 - // this ProbeRequest explicitly specify SSID to reduce unwanted ProbeResponse 1581 1581 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1582 1582 - sizeof(HEADER_802_11), &Hdr80211, 1583 1583 - 1, &SsidIe, 1584 1584 - 1, &pAd->CommonCfg.SsidLen, 1585 1585 - pAd->CommonCfg.SsidLen, pAd->CommonCfg.Ssid, 1586 1586 - 1, &SupRateIe, 1587 1587 - 1, &pAd->StaActive.SupRateLen, 1588 1588 - pAd->StaActive.SupRateLen, pAd->StaActive.SupRate, 1589 1589 - END_OF_ARGS); 1590 1590 - MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen); 1591 1591 - MlmeFreeMemory(pAd, pOutBuffer); 1592 1592 - } 1593 1593 - 1594 1594 - } 1595 1595 - 1596 1596 - BOOLEAN ScanRunning( 1597 1597 - IN PRTMP_ADAPTER pAd) 1598 1598 - { 1599 1599 - return (pAd->Mlme.SyncMachine.CurrState == SCAN_LISTEN) ? TRUE : FALSE; 1600 1600 - } 1601 1601 - 1 1 + #include "../../rt2870/sta/sync.c"

+1 -2083

drivers/staging/rt3070/sta/wpa.c

reviewed

··· 1 1 - /* 2 2 - ************************************************************************* 3 3 - * Ralink Tech Inc. 4 4 - * 5F., No.36, Taiyuan St., Jhubei City, 5 5 - * Hsinchu County 302, 6 6 - * Taiwan, R.O.C. 7 7 - * 8 8 - * (c) Copyright 2002-2007, Ralink Technology, Inc. 9 9 - * 10 10 - * This program is free software; you can redistribute it and/or modify * 11 11 - * it under the terms of the GNU General Public License as published by * 12 12 - * the Free Software Foundation; either version 2 of the License, or * 13 13 - * (at your option) any later version. * 14 14 - * * 15 15 - * This program is distributed in the hope that it will be useful, * 16 16 - * but WITHOUT ANY WARRANTY; without even the implied warranty of * 17 17 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * 18 18 - * GNU General Public License for more details. * 19 19 - * * 20 20 - * You should have received a copy of the GNU General Public License * 21 21 - * along with this program; if not, write to the * 22 22 - * Free Software Foundation, Inc., * 23 23 - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * 24 24 - * * 25 25 - ************************************************************************* 26 26 - 27 27 - Module Name: 28 28 - wpa.c 29 29 - 30 30 - Abstract: 31 31 - 32 32 - Revision History: 33 33 - Who When What 34 34 - -------- ---------- ---------------------------------------------- 35 35 - Jan Lee 03-07-22 Initial 36 36 - Paul Lin 03-11-28 Modify for supplicant 37 37 - */ 38 38 - #include "../rt_config.h" 39 39 - 40 40 - #define WPARSNIE 0xdd 41 41 - #define WPA2RSNIE 0x30 42 42 - 43 43 - //extern UCHAR BIT8[]; 44 44 - UCHAR CipherWpaPskTkip[] = { 45 45 - 0xDD, 0x16, // RSN IE 46 46 - 0x00, 0x50, 0xf2, 0x01, // oui 47 47 - 0x01, 0x00, // Version 48 48 - 0x00, 0x50, 0xf2, 0x02, // Multicast 49 49 - 0x01, 0x00, // Number of unicast 50 50 - 0x00, 0x50, 0xf2, 0x02, // unicast 51 51 - 0x01, 0x00, // number of authentication method 52 52 - 0x00, 0x50, 0xf2, 0x02 // authentication 53 53 - }; 54 54 - UCHAR CipherWpaPskTkipLen = (sizeof(CipherWpaPskTkip) / sizeof(UCHAR)); 55 55 - 56 56 - UCHAR CipherWpaPskAes[] = { 57 57 - 0xDD, 0x16, // RSN IE 58 58 - 0x00, 0x50, 0xf2, 0x01, // oui 59 59 - 0x01, 0x00, // Version 60 60 - 0x00, 0x50, 0xf2, 0x04, // Multicast 61 61 - 0x01, 0x00, // Number of unicast 62 62 - 0x00, 0x50, 0xf2, 0x04, // unicast 63 63 - 0x01, 0x00, // number of authentication method 64 64 - 0x00, 0x50, 0xf2, 0x02 // authentication 65 65 - }; 66 66 - UCHAR CipherWpaPskAesLen = (sizeof(CipherWpaPskAes) / sizeof(UCHAR)); 67 67 - 68 68 - UCHAR CipherSuiteCiscoCCKM[] = { 69 69 - 0xDD, 0x16, // RSN IE 70 70 - 0x00, 0x50, 0xf2, 0x01, // oui 71 71 - 0x01, 0x00, // Version 72 72 - 0x00, 0x40, 0x96, 0x01, // Multicast 73 73 - 0x01, 0x00, // Number of uicast 74 74 - 0x00, 0x40, 0x96, 0x01, // unicast 75 75 - 0x01, 0x00, // number of authentication method 76 76 - 0x00, 0x40, 0x96, 0x00 // Authentication 77 77 - }; 78 78 - UCHAR CipherSuiteCiscoCCKMLen = (sizeof(CipherSuiteCiscoCCKM) / sizeof(UCHAR)); 79 79 - 80 80 - UCHAR CipherSuiteCiscoCCKM24[] = { 81 81 - 0xDD, 0x18, // RSN IE 82 82 - 0x00, 0x50, 0xf2, 0x01, // oui 83 83 - 0x01, 0x00, // Version 84 84 - 0x00, 0x40, 0x96, 0x01, // Multicast 85 85 - 0x01, 0x00, // Number of uicast 86 86 - 0x00, 0x40, 0x96, 0x01, // unicast 87 87 - 0x01, 0x00, // number of authentication method 88 88 - 0x00, 0x40, 0x96, 0x00, 89 89 - 0x28, 0x00// Authentication 90 90 - }; 91 91 - 92 92 - UCHAR CipherSuiteCiscoCCKM24Len = (sizeof(CipherSuiteCiscoCCKM24) / sizeof(UCHAR)); 93 93 - 94 94 - UCHAR CipherSuiteCCXTkip[] = { 95 95 - 0xDD, 0x16, // RSN IE 96 96 - 0x00, 0x50, 0xf2, 0x01, // oui 97 97 - 0x01, 0x00, // Version 98 98 - 0x00, 0x50, 0xf2, 0x02, // Multicast 99 99 - 0x01, 0x00, // Number of unicast 100 100 - 0x00, 0x50, 0xf2, 0x02, // unicast 101 101 - 0x01, 0x00, // number of authentication method 102 102 - 0x00, 0x50, 0xf2, 0x01 // authentication 103 103 - }; 104 104 - UCHAR CipherSuiteCCXTkipLen = (sizeof(CipherSuiteCCXTkip) / sizeof(UCHAR)); 105 105 - 106 106 - UCHAR CCX_LLC_HDR[] = {0xAA, 0xAA, 0x03, 0x00, 0x40, 0x96, 0x00, 0x02}; 107 107 - UCHAR LLC_NORMAL[] = {0xAA, 0xAA, 0x03, 0x00, 0x00, 0x00}; 108 108 - 109 109 - UCHAR EAPOL_FRAME[] = {0x88, 0x8E}; 110 110 - 111 111 - BOOLEAN CheckRSNIE( 112 112 - IN PRTMP_ADAPTER pAd, 113 113 - IN PUCHAR pData, 114 114 - IN UCHAR DataLen, 115 115 - OUT UCHAR *Offset); 116 116 - 117 117 - void inc_byte_array(UCHAR *counter, int len); 118 118 - 119 119 - /* 120 120 - ======================================================================== 121 121 - 122 122 - Routine Description: 123 123 - Classify WPA EAP message type 124 124 - 125 125 - Arguments: 126 126 - EAPType Value of EAP message type 127 127 - MsgType Internal Message definition for MLME state machine 128 128 - 129 129 - Return Value: 130 130 - TRUE Found appropriate message type 131 131 - FALSE No appropriate message type 132 132 - 133 133 - IRQL = DISPATCH_LEVEL 134 134 - 135 135 - Note: 136 136 - All these constants are defined in wpa.h 137 137 - For supplicant, there is only EAPOL Key message avaliable 138 138 - 139 139 - ======================================================================== 140 140 - */ 141 141 - BOOLEAN WpaMsgTypeSubst( 142 142 - IN UCHAR EAPType, 143 143 - OUT INT *MsgType) 144 144 - { 145 145 - switch (EAPType) 146 146 - { 147 147 - case EAPPacket: 148 148 - *MsgType = MT2_EAPPacket; 149 149 - break; 150 150 - case EAPOLStart: 151 151 - *MsgType = MT2_EAPOLStart; 152 152 - break; 153 153 - case EAPOLLogoff: 154 154 - *MsgType = MT2_EAPOLLogoff; 155 155 - break; 156 156 - case EAPOLKey: 157 157 - *MsgType = MT2_EAPOLKey; 158 158 - break; 159 159 - case EAPOLASFAlert: 160 160 - *MsgType = MT2_EAPOLASFAlert; 161 161 - break; 162 162 - default: 163 163 - return FALSE; 164 164 - } 165 165 - return TRUE; 166 166 - } 167 167 - 168 168 - /* 169 169 - ========================================================================== 170 170 - Description: 171 171 - association state machine init, including state transition and timer init 172 172 - Parameters: 173 173 - S - pointer to the association state machine 174 174 - ========================================================================== 175 175 - */ 176 176 - VOID WpaPskStateMachineInit( 177 177 - IN PRTMP_ADAPTER pAd, 178 178 - IN STATE_MACHINE *S, 179 179 - OUT STATE_MACHINE_FUNC Trans[]) 180 180 - { 181 181 - StateMachineInit(S, Trans, MAX_WPA_PSK_STATE, MAX_WPA_PSK_MSG, (STATE_MACHINE_FUNC)Drop, WPA_PSK_IDLE, WPA_MACHINE_BASE); 182 182 - StateMachineSetAction(S, WPA_PSK_IDLE, MT2_EAPOLKey, (STATE_MACHINE_FUNC)WpaEAPOLKeyAction); 183 183 - } 184 184 - 185 185 - /* 186 186 - ========================================================================== 187 187 - Description: 188 188 - This is state machine function. 189 189 - When receiving EAPOL packets which is for 802.1x key management. 190 190 - Use both in WPA, and WPAPSK case. 191 191 - In this function, further dispatch to different functions according to the received packet. 3 categories are : 192 192 - 1. normal 4-way pairwisekey and 2-way groupkey handshake 193 193 - 2. MIC error (Countermeasures attack) report packet from STA. 194 194 - 3. Request for pairwise/group key update from STA 195 195 - Return: 196 196 - ========================================================================== 197 197 - */ 198 198 - VOID WpaEAPOLKeyAction( 199 199 - IN PRTMP_ADAPTER pAd, 200 200 - IN MLME_QUEUE_ELEM *Elem) 201 201 - 202 202 - { 203 203 - INT MsgType = EAPOL_MSG_INVALID; 204 204 - PKEY_DESCRIPTER pKeyDesc; 205 205 - PHEADER_802_11 pHeader; //red 206 206 - UCHAR ZeroReplay[LEN_KEY_DESC_REPLAY]; 207 207 - UCHAR EapolVr; 208 208 - KEY_INFO peerKeyInfo; 209 209 - 210 210 - DBGPRINT(RT_DEBUG_TRACE, ("-----> WpaEAPOLKeyAction\n")); 211 211 - 212 212 - // Get 802.11 header first 213 213 - pHeader = (PHEADER_802_11) Elem->Msg; 214 214 - 215 215 - // Get EAPoL-Key Descriptor 216 216 - pKeyDesc = (PKEY_DESCRIPTER) &Elem->Msg[(LENGTH_802_11 + LENGTH_802_1_H + LENGTH_EAPOL_H)]; 217 217 - 218 218 - NdisZeroMemory((PUCHAR)&peerKeyInfo, sizeof(peerKeyInfo)); 219 219 - NdisMoveMemory((PUCHAR)&peerKeyInfo, (PUCHAR)&pKeyDesc->KeyInfo, sizeof(KEY_INFO)); 220 220 - 221 221 - *((USHORT *)&peerKeyInfo) = cpu2le16(*((USHORT *)&peerKeyInfo)); 222 222 - 223 223 - 224 224 - // 1. Check EAPOL frame version and type 225 225 - EapolVr = (UCHAR) Elem->Msg[LENGTH_802_11+LENGTH_802_1_H]; 226 226 - 227 227 - if (((EapolVr != EAPOL_VER) && (EapolVr != EAPOL_VER2)) || ((pKeyDesc->Type != WPA1_KEY_DESC) && (pKeyDesc->Type != WPA2_KEY_DESC))) 228 228 - { 229 229 - DBGPRINT(RT_DEBUG_ERROR, ("Key descripter does not match with WPA rule\n")); 230 230 - return; 231 231 - } 232 232 - 233 233 - // First validate replay counter, only accept message with larger replay counter 234 234 - // Let equal pass, some AP start with all zero replay counter 235 235 - NdisZeroMemory(ZeroReplay, LEN_KEY_DESC_REPLAY); 236 236 - 237 237 - if((RTMPCompareMemory(pKeyDesc->ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY) != 1) && 238 238 - (RTMPCompareMemory(pKeyDesc->ReplayCounter, ZeroReplay, LEN_KEY_DESC_REPLAY) != 0)) 239 239 - { 240 240 - DBGPRINT(RT_DEBUG_ERROR, (" ReplayCounter not match \n")); 241 241 - return; 242 242 - } 243 243 - 244 244 - // Process WPA2PSK frame 245 245 - if(pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) 246 246 - { 247 247 - if((peerKeyInfo.KeyType == PAIRWISEKEY) && 248 248 - (peerKeyInfo.EKD_DL == 0) && 249 249 - (peerKeyInfo.KeyAck == 1) && 250 250 - (peerKeyInfo.KeyMic == 0) && 251 251 - (peerKeyInfo.Secure == 0) && 252 252 - (peerKeyInfo.Error == 0) && 253 253 - (peerKeyInfo.Request == 0)) 254 254 - { 255 255 - MsgType = EAPOL_PAIR_MSG_1; 256 256 - DBGPRINT(RT_DEBUG_TRACE, ("Receive EAPOL Key Pairwise Message 1\n")); 257 257 - } else if((peerKeyInfo.KeyType == PAIRWISEKEY) && 258 258 - (peerKeyInfo.EKD_DL == 1) && 259 259 - (peerKeyInfo.KeyAck == 1) && 260 260 - (peerKeyInfo.KeyMic == 1) && 261 261 - (peerKeyInfo.Secure == 1) && 262 262 - (peerKeyInfo.Error == 0) && 263 263 - (peerKeyInfo.Request == 0)) 264 264 - { 265 265 - MsgType = EAPOL_PAIR_MSG_3; 266 266 - DBGPRINT(RT_DEBUG_TRACE, ("Receive EAPOL Key Pairwise Message 3\n")); 267 267 - } else if((peerKeyInfo.KeyType == GROUPKEY) && 268 268 - (peerKeyInfo.EKD_DL == 1) && 269 269 - (peerKeyInfo.KeyAck == 1) && 270 270 - (peerKeyInfo.KeyMic == 1) && 271 271 - (peerKeyInfo.Secure == 1) && 272 272 - (peerKeyInfo.Error == 0) && 273 273 - (peerKeyInfo.Request == 0)) 274 274 - { 275 275 - MsgType = EAPOL_GROUP_MSG_1; 276 276 - DBGPRINT(RT_DEBUG_TRACE, ("Receive EAPOL Key Group Message 1\n")); 277 277 - } 278 278 - 279 279 - // We will assume link is up (assoc suceess and port not secured). 280 280 - // All state has to be able to process message from previous state 281 281 - switch(pAd->StaCfg.WpaState) 282 282 - { 283 283 - case SS_START: 284 284 - if(MsgType == EAPOL_PAIR_MSG_1) 285 285 - { 286 286 - Wpa2PairMsg1Action(pAd, Elem); 287 287 - pAd->StaCfg.WpaState = SS_WAIT_MSG_3; 288 288 - } 289 289 - break; 290 290 - 291 291 - case SS_WAIT_MSG_3: 292 292 - if(MsgType == EAPOL_PAIR_MSG_1) 293 293 - { 294 294 - Wpa2PairMsg1Action(pAd, Elem); 295 295 - pAd->StaCfg.WpaState = SS_WAIT_MSG_3; 296 296 - } 297 297 - else if(MsgType == EAPOL_PAIR_MSG_3) 298 298 - { 299 299 - Wpa2PairMsg3Action(pAd, Elem); 300 300 - pAd->StaCfg.WpaState = SS_WAIT_GROUP; 301 301 - } 302 302 - break; 303 303 - 304 304 - case SS_WAIT_GROUP: // When doing group key exchange 305 305 - case SS_FINISH: // This happened when update group key 306 306 - if(MsgType == EAPOL_PAIR_MSG_1) 307 307 - { 308 308 - // Reset port secured variable 309 309 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_NOT_SECURED; 310 310 - Wpa2PairMsg1Action(pAd, Elem); 311 311 - pAd->StaCfg.WpaState = SS_WAIT_MSG_3; 312 312 - } 313 313 - else if(MsgType == EAPOL_PAIR_MSG_3) 314 314 - { 315 315 - // Reset port secured variable 316 316 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_NOT_SECURED; 317 317 - Wpa2PairMsg3Action(pAd, Elem); 318 318 - pAd->StaCfg.WpaState = SS_WAIT_GROUP; 319 319 - } 320 320 - else if(MsgType == EAPOL_GROUP_MSG_1) 321 321 - { 322 322 - WpaGroupMsg1Action(pAd, Elem); 323 323 - pAd->StaCfg.WpaState = SS_FINISH; 324 324 - } 325 325 - break; 326 326 - 327 327 - default: 328 328 - break; 329 329 - } 330 330 - } 331 331 - // Process WPAPSK Frame 332 332 - // Classify message Type, either pairwise message 1, 3, or group message 1 for supplicant 333 333 - else if(pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) 334 334 - { 335 335 - if((peerKeyInfo.KeyType == PAIRWISEKEY) && 336 336 - (peerKeyInfo.KeyIndex == 0) && 337 337 - (peerKeyInfo.KeyAck == 1) && 338 338 - (peerKeyInfo.KeyMic == 0) && 339 339 - (peerKeyInfo.Secure == 0) && 340 340 - (peerKeyInfo.Error == 0) && 341 341 - (peerKeyInfo.Request == 0)) 342 342 - { 343 343 - MsgType = EAPOL_PAIR_MSG_1; 344 344 - DBGPRINT(RT_DEBUG_TRACE, ("Receive EAPOL Key Pairwise Message 1\n")); 345 345 - } 346 346 - else if((peerKeyInfo.KeyType == PAIRWISEKEY) && 347 347 - (peerKeyInfo.KeyIndex == 0) && 348 348 - (peerKeyInfo.KeyAck == 1) && 349 349 - (peerKeyInfo.KeyMic == 1) && 350 350 - (peerKeyInfo.Secure == 0) && 351 351 - (peerKeyInfo.Error == 0) && 352 352 - (peerKeyInfo.Request == 0)) 353 353 - { 354 354 - MsgType = EAPOL_PAIR_MSG_3; 355 355 - DBGPRINT(RT_DEBUG_TRACE, ("Receive EAPOL Key Pairwise Message 3\n")); 356 356 - } 357 357 - else if((peerKeyInfo.KeyType == GROUPKEY) && 358 358 - (peerKeyInfo.KeyIndex != 0) && 359 359 - (peerKeyInfo.KeyAck == 1) && 360 360 - (peerKeyInfo.KeyMic == 1) && 361 361 - (peerKeyInfo.Secure == 1) && 362 362 - (peerKeyInfo.Error == 0) && 363 363 - (peerKeyInfo.Request == 0)) 364 364 - { 365 365 - MsgType = EAPOL_GROUP_MSG_1; 366 366 - DBGPRINT(RT_DEBUG_TRACE, ("Receive EAPOL Key Group Message 1\n")); 367 367 - } 368 368 - 369 369 - // We will assume link is up (assoc suceess and port not secured). 370 370 - // All state has to be able to process message from previous state 371 371 - switch(pAd->StaCfg.WpaState) 372 372 - { 373 373 - case SS_START: 374 374 - if(MsgType == EAPOL_PAIR_MSG_1) 375 375 - { 376 376 - WpaPairMsg1Action(pAd, Elem); 377 377 - pAd->StaCfg.WpaState = SS_WAIT_MSG_3; 378 378 - } 379 379 - break; 380 380 - 381 381 - case SS_WAIT_MSG_3: 382 382 - if(MsgType == EAPOL_PAIR_MSG_1) 383 383 - { 384 384 - WpaPairMsg1Action(pAd, Elem); 385 385 - pAd->StaCfg.WpaState = SS_WAIT_MSG_3; 386 386 - } 387 387 - else if(MsgType == EAPOL_PAIR_MSG_3) 388 388 - { 389 389 - WpaPairMsg3Action(pAd, Elem); 390 390 - pAd->StaCfg.WpaState = SS_WAIT_GROUP; 391 391 - } 392 392 - break; 393 393 - 394 394 - case SS_WAIT_GROUP: // When doing group key exchange 395 395 - case SS_FINISH: // This happened when update group key 396 396 - if(MsgType == EAPOL_PAIR_MSG_1) 397 397 - { 398 398 - WpaPairMsg1Action(pAd, Elem); 399 399 - pAd->StaCfg.WpaState = SS_WAIT_MSG_3; 400 400 - // Reset port secured variable 401 401 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_NOT_SECURED; 402 402 - } 403 403 - else if(MsgType == EAPOL_PAIR_MSG_3) 404 404 - { 405 405 - WpaPairMsg3Action(pAd, Elem); 406 406 - pAd->StaCfg.WpaState = SS_WAIT_GROUP; 407 407 - // Reset port secured variable 408 408 - pAd->StaCfg.PortSecured = WPA_802_1X_PORT_NOT_SECURED; 409 409 - } 410 410 - else if(MsgType == EAPOL_GROUP_MSG_1) 411 411 - { 412 412 - WpaGroupMsg1Action(pAd, Elem); 413 413 - pAd->StaCfg.WpaState = SS_FINISH; 414 414 - } 415 415 - break; 416 416 - 417 417 - default: 418 418 - break; 419 419 - } 420 420 - } 421 421 - 422 422 - DBGPRINT(RT_DEBUG_TRACE, ("<----- WpaEAPOLKeyAction\n")); 423 423 - } 424 424 - 425 425 - /* 426 426 - ======================================================================== 427 427 - 428 428 - Routine Description: 429 429 - Process Pairwise key 4-way handshaking 430 430 - 431 431 - Arguments: 432 432 - pAd Pointer to our adapter 433 433 - Elem Message body 434 434 - 435 435 - Return Value: 436 436 - None 437 437 - 438 438 - Note: 439 439 - 440 440 - ======================================================================== 441 441 - */ 442 442 - VOID WpaPairMsg1Action( 443 443 - IN PRTMP_ADAPTER pAd, 444 444 - IN MLME_QUEUE_ELEM *Elem) 445 445 - { 446 446 - PHEADER_802_11 pHeader; 447 447 - UCHAR *mpool, *PTK, *digest; 448 448 - PUCHAR pOutBuffer = NULL; 449 449 - UCHAR Header802_3[14]; 450 450 - ULONG FrameLen = 0; 451 451 - PEAPOL_PACKET pMsg1; 452 452 - EAPOL_PACKET Packet; 453 453 - UCHAR Mic[16]; 454 454 - 455 455 - DBGPRINT(RT_DEBUG_TRACE, ("WpaPairMsg1Action ----->\n")); 456 456 - 457 457 - // allocate memory pool 458 458 - os_alloc_mem(pAd, (PUCHAR *)&mpool, 256); 459 459 - 460 460 - if (mpool == NULL) 461 461 - return; 462 462 - 463 463 - // PTK Len = 80. 464 464 - PTK = (UCHAR *) ROUND_UP(mpool, 4); 465 465 - // digest Len = 80. 466 466 - digest = (UCHAR *) ROUND_UP(PTK + 80, 4); 467 467 - 468 468 - pHeader = (PHEADER_802_11) Elem->Msg; 469 469 - 470 470 - // Process message 1 from authenticator 471 471 - pMsg1 = (PEAPOL_PACKET) &Elem->Msg[LENGTH_802_11 + LENGTH_802_1_H]; 472 472 - 473 473 - // 1. Save Replay counter, it will use to verify message 3 and construct message 2 474 474 - NdisMoveMemory(pAd->StaCfg.ReplayCounter, pMsg1->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 475 475 - 476 476 - // 2. Save ANonce 477 477 - NdisMoveMemory(pAd->StaCfg.ANonce, pMsg1->KeyDesc.KeyNonce, LEN_KEY_DESC_NONCE); 478 478 - 479 479 - // Generate random SNonce 480 480 - GenRandom(pAd, pAd->CurrentAddress, pAd->StaCfg.SNonce); 481 481 - 482 482 - // Calc PTK(ANonce, SNonce) 483 483 - WpaCountPTK(pAd, 484 484 - pAd->StaCfg.PMK, 485 485 - pAd->StaCfg.ANonce, 486 486 - pAd->CommonCfg.Bssid, 487 487 - pAd->StaCfg.SNonce, 488 488 - pAd->CurrentAddress, 489 489 - PTK, 490 490 - LEN_PTK); 491 491 - 492 492 - // Save key to PTK entry 493 493 - NdisMoveMemory(pAd->StaCfg.PTK, PTK, LEN_PTK); 494 494 - 495 495 - // init 802.3 header and Fill Packet 496 496 - MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); 497 497 - 498 498 - // Zero Message 2 body 499 499 - NdisZeroMemory(&Packet, sizeof(Packet)); 500 500 - Packet.ProVer = EAPOL_VER; 501 501 - Packet.ProType = EAPOLKey; 502 502 - // 503 503 - // Message 2 as EAPOL-Key(0,1,0,0,0,P,0,SNonce,MIC,RSN IE) 504 504 - // 505 505 - Packet.KeyDesc.Type = WPA1_KEY_DESC; 506 506 - // 1. Key descriptor version and appropriate RSN IE 507 507 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 508 508 - { 509 509 - Packet.KeyDesc.KeyInfo.KeyDescVer = 2; 510 510 - } 511 511 - else // TKIP 512 512 - { 513 513 - Packet.KeyDesc.KeyInfo.KeyDescVer = 1; 514 514 - } 515 515 - 516 516 - // fill in Data Material and its length 517 517 - Packet.KeyDesc.KeyData[0] = IE_WPA; 518 518 - Packet.KeyDesc.KeyData[1] = pAd->StaCfg.RSNIE_Len; 519 519 - Packet.KeyDesc.KeyDataLen[1] = pAd->StaCfg.RSNIE_Len + 2; 520 520 - NdisMoveMemory(&Packet.KeyDesc.KeyData[2], pAd->StaCfg.RSN_IE, pAd->StaCfg.RSNIE_Len); 521 521 - 522 522 - // Update packet length after decide Key data payload 523 523 - Packet.Body_Len[1] = sizeof(KEY_DESCRIPTER) - MAX_LEN_OF_RSNIE + Packet.KeyDesc.KeyDataLen[1]; 524 524 - 525 525 - // Update Key length 526 526 - Packet.KeyDesc.KeyLength[0] = pMsg1->KeyDesc.KeyLength[0]; 527 527 - Packet.KeyDesc.KeyLength[1] = pMsg1->KeyDesc.KeyLength[1]; 528 528 - // 2. Key Type PeerKey 529 529 - Packet.KeyDesc.KeyInfo.KeyType = PAIRWISEKEY; 530 530 - 531 531 - // 3. KeyMic field presented 532 532 - Packet.KeyDesc.KeyInfo.KeyMic = 1; 533 533 - 534 534 - //Convert to little-endian format. 535 535 - *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); 536 536 - 537 537 - 538 538 - // 4. Fill SNonce 539 539 - NdisMoveMemory(Packet.KeyDesc.KeyNonce, pAd->StaCfg.SNonce, LEN_KEY_DESC_NONCE); 540 540 - 541 541 - // 5. Key Replay Count 542 542 - NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY); 543 543 - 544 544 - // Send EAPOL(0, 1, 0, 0, 0, P, 0, SNonce, MIC, RSN_IE) 545 545 - // Out buffer for transmitting message 2 546 546 - MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory 547 547 - if(pOutBuffer == NULL) 548 548 - { 549 549 - os_free_mem(pAd, mpool); 550 550 - return; 551 551 - } 552 552 - // Prepare EAPOL frame for MIC calculation 553 553 - // Be careful, only EAPOL frame is counted for MIC calculation 554 554 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 555 555 - Packet.Body_Len[1] + 4, &Packet, 556 556 - END_OF_ARGS); 557 557 - 558 558 - // 6. Prepare and Fill MIC value 559 559 - NdisZeroMemory(Mic, sizeof(Mic)); 560 560 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 561 561 - { // AES 562 562 - 563 563 - HMAC_SHA1(pOutBuffer, FrameLen, PTK, LEN_EAP_MICK, digest); 564 564 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 565 565 - } 566 566 - else 567 567 - { // TKIP 568 568 - hmac_md5(PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic); 569 569 - } 570 570 - NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); 571 571 - 572 572 - //hex_dump("MIC", Mic, LEN_KEY_DESC_MIC); 573 573 - 574 574 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 575 575 - LENGTH_802_3, &Header802_3, 576 576 - Packet.Body_Len[1] + 4, &Packet, 577 577 - END_OF_ARGS); 578 578 - 579 579 - 580 580 - // 5. Copy frame to Tx ring and send Msg 2 to authenticator 581 581 - RTMPToWirelessSta(pAd, Header802_3, LENGTH_802_3, (PUCHAR)&Packet, Packet.Body_Len[1] + 4, TRUE); 582 582 - 583 583 - MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer); 584 584 - os_free_mem(pAd, (PUCHAR)mpool); 585 585 - 586 586 - DBGPRINT(RT_DEBUG_TRACE, ("WpaPairMsg1Action <-----\n")); 587 587 - } 588 588 - 589 589 - VOID Wpa2PairMsg1Action( 590 590 - IN PRTMP_ADAPTER pAd, 591 591 - IN MLME_QUEUE_ELEM *Elem) 592 592 - { 593 593 - PHEADER_802_11 pHeader; 594 594 - UCHAR *mpool, *PTK, *digest; 595 595 - PUCHAR pOutBuffer = NULL; 596 596 - UCHAR Header802_3[14]; 597 597 - ULONG FrameLen = 0; 598 598 - PEAPOL_PACKET pMsg1; 599 599 - EAPOL_PACKET Packet; 600 600 - UCHAR Mic[16]; 601 601 - 602 602 - DBGPRINT(RT_DEBUG_TRACE, ("Wpa2PairMsg1Action ----->\n")); 603 603 - 604 604 - // allocate memory pool 605 605 - os_alloc_mem(pAd, (PUCHAR *)&mpool, 256); 606 606 - 607 607 - if (mpool == NULL) 608 608 - return; 609 609 - 610 610 - // PTK Len = 80. 611 611 - PTK = (UCHAR *) ROUND_UP(mpool, 4); 612 612 - // digest Len = 80. 613 613 - digest = (UCHAR *) ROUND_UP(PTK + 80, 4); 614 614 - 615 615 - pHeader = (PHEADER_802_11) Elem->Msg; 616 616 - 617 617 - // Process message 1 from authenticator 618 618 - pMsg1 = (PEAPOL_PACKET) &Elem->Msg[LENGTH_802_11 + LENGTH_802_1_H]; 619 619 - 620 620 - // 1. Save Replay counter, it will use to verify message 3 and construct message 2 621 621 - NdisMoveMemory(pAd->StaCfg.ReplayCounter, pMsg1->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 622 622 - 623 623 - // 2. Save ANonce 624 624 - NdisMoveMemory(pAd->StaCfg.ANonce, pMsg1->KeyDesc.KeyNonce, LEN_KEY_DESC_NONCE); 625 625 - 626 626 - // Generate random SNonce 627 627 - GenRandom(pAd, pAd->CurrentAddress, pAd->StaCfg.SNonce); 628 628 - 629 629 - if(pMsg1->KeyDesc.KeyDataLen[1] > 0 ) 630 630 - { 631 631 - // cached PMKID 632 632 - } 633 633 - 634 634 - // Calc PTK(ANonce, SNonce) 635 635 - WpaCountPTK(pAd, 636 636 - pAd->StaCfg.PMK, 637 637 - pAd->StaCfg.ANonce, 638 638 - pAd->CommonCfg.Bssid, 639 639 - pAd->StaCfg.SNonce, 640 640 - pAd->CurrentAddress, 641 641 - PTK, 642 642 - LEN_PTK); 643 643 - 644 644 - // Save key to PTK entry 645 645 - NdisMoveMemory(pAd->StaCfg.PTK, PTK, LEN_PTK); 646 646 - 647 647 - // init 802.3 header and Fill Packet 648 648 - MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); 649 649 - 650 650 - // Zero message 2 body 651 651 - NdisZeroMemory(&Packet, sizeof(Packet)); 652 652 - Packet.ProVer = EAPOL_VER; 653 653 - Packet.ProType = EAPOLKey; 654 654 - // 655 655 - // Message 2 as EAPOL-Key(0,1,0,0,0,P,0,SNonce,MIC,RSN IE) 656 656 - // 657 657 - Packet.KeyDesc.Type = WPA2_KEY_DESC; 658 658 - 659 659 - // 1. Key descriptor version and appropriate RSN IE 660 660 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 661 661 - { 662 662 - Packet.KeyDesc.KeyInfo.KeyDescVer = 2; 663 663 - } 664 664 - else // TKIP 665 665 - { 666 666 - Packet.KeyDesc.KeyInfo.KeyDescVer = 1; 667 667 - } 668 668 - 669 669 - // fill in Data Material and its length 670 670 - Packet.KeyDesc.KeyData[0] = IE_WPA2; 671 671 - Packet.KeyDesc.KeyData[1] = pAd->StaCfg.RSNIE_Len; 672 672 - Packet.KeyDesc.KeyDataLen[1] = pAd->StaCfg.RSNIE_Len + 2; 673 673 - NdisMoveMemory(&Packet.KeyDesc.KeyData[2], pAd->StaCfg.RSN_IE, pAd->StaCfg.RSNIE_Len); 674 674 - 675 675 - // Update packet length after decide Key data payload 676 676 - Packet.Body_Len[1] = sizeof(KEY_DESCRIPTER) - MAX_LEN_OF_RSNIE + Packet.KeyDesc.KeyDataLen[1]; 677 677 - 678 678 - // 2. Key Type PeerKey 679 679 - Packet.KeyDesc.KeyInfo.KeyType = PAIRWISEKEY; 680 680 - 681 681 - // 3. KeyMic field presented 682 682 - Packet.KeyDesc.KeyInfo.KeyMic = 1; 683 683 - 684 684 - // Update Key Length 685 685 - Packet.KeyDesc.KeyLength[0] = 0; 686 686 - Packet.KeyDesc.KeyLength[1] = pMsg1->KeyDesc.KeyLength[1]; 687 687 - 688 688 - // 4. Fill SNonce 689 689 - NdisMoveMemory(Packet.KeyDesc.KeyNonce, pAd->StaCfg.SNonce, LEN_KEY_DESC_NONCE); 690 690 - 691 691 - // 5. Key Replay Count 692 692 - NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY); 693 693 - 694 694 - // Convert to little-endian format. 695 695 - *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); 696 696 - 697 697 - // Send EAPOL-Key(0,1,0,0,0,P,0,SNonce,MIC,RSN IE) 698 698 - // Out buffer for transmitting message 2 699 699 - MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory 700 700 - if(pOutBuffer == NULL) 701 701 - { 702 702 - os_free_mem(pAd, mpool); 703 703 - return; 704 704 - } 705 705 - 706 706 - // Prepare EAPOL frame for MIC calculation 707 707 - // Be careful, only EAPOL frame is counted for MIC calculation 708 708 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 709 709 - Packet.Body_Len[1] + 4, &Packet, 710 710 - END_OF_ARGS); 711 711 - 712 712 - // 6. Prepare and Fill MIC value 713 713 - NdisZeroMemory(Mic, sizeof(Mic)); 714 714 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 715 715 - { 716 716 - // AES 717 717 - HMAC_SHA1(pOutBuffer, FrameLen, PTK, LEN_EAP_MICK, digest); 718 718 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 719 719 - } 720 720 - else 721 721 - { 722 722 - hmac_md5(PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic); 723 723 - } 724 724 - NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); 725 725 - 726 726 - 727 727 - // Make Transmitting frame 728 728 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 729 729 - LENGTH_802_3, &Header802_3, 730 730 - Packet.Body_Len[1] + 4, &Packet, 731 731 - END_OF_ARGS); 732 732 - 733 733 - 734 734 - // 5. Copy frame to Tx ring 735 735 - RTMPToWirelessSta(pAd, Header802_3, LENGTH_802_3, (PUCHAR)&Packet, Packet.Body_Len[1] + 4, TRUE); 736 736 - 737 737 - MlmeFreeMemory(pAd, pOutBuffer); 738 738 - os_free_mem(pAd, mpool); 739 739 - 740 740 - DBGPRINT(RT_DEBUG_TRACE, ("Wpa2PairMsg1Action <-----\n")); 741 741 - 742 742 - } 743 743 - 744 744 - /* 745 745 - ======================================================================== 746 746 - 747 747 - Routine Description: 748 748 - Process Pairwise key 4-way handshaking 749 749 - 750 750 - Arguments: 751 751 - pAd Pointer to our adapter 752 752 - Elem Message body 753 753 - 754 754 - Return Value: 755 755 - None 756 756 - 757 757 - Note: 758 758 - 759 759 - ======================================================================== 760 760 - */ 761 761 - VOID WpaPairMsg3Action( 762 762 - IN PRTMP_ADAPTER pAd, 763 763 - IN MLME_QUEUE_ELEM *Elem) 764 764 - 765 765 - { 766 766 - PHEADER_802_11 pHeader; 767 767 - PUCHAR pOutBuffer = NULL; 768 768 - UCHAR Header802_3[14]; 769 769 - ULONG FrameLen = 0; 770 770 - EAPOL_PACKET Packet; 771 771 - PEAPOL_PACKET pMsg3; 772 772 - UCHAR Mic[16], OldMic[16]; 773 773 - MAC_TABLE_ENTRY *pEntry = NULL; 774 774 - UCHAR skip_offset; 775 775 - KEY_INFO peerKeyInfo; 776 776 - 777 777 - DBGPRINT(RT_DEBUG_TRACE, ("WpaPairMsg3Action ----->\n")); 778 778 - 779 779 - // Record 802.11 header & the received EAPOL packet Msg3 780 780 - pHeader = (PHEADER_802_11) Elem->Msg; 781 781 - pMsg3 = (PEAPOL_PACKET) &Elem->Msg[LENGTH_802_11 + LENGTH_802_1_H]; 782 782 - 783 783 - NdisZeroMemory((PUCHAR)&peerKeyInfo, sizeof(peerKeyInfo)); 784 784 - NdisMoveMemory((PUCHAR)&peerKeyInfo, (PUCHAR)&pMsg3->KeyDesc.KeyInfo, sizeof(KEY_INFO)); 785 785 - 786 786 - *((USHORT*)&peerKeyInfo) = cpu2le16(*((USHORT*)&peerKeyInfo)); 787 787 - 788 788 - 789 789 - // 1. Verify cipher type match 790 790 - if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled && (peerKeyInfo.KeyDescVer != 2)) 791 791 - { 792 792 - return; 793 793 - } 794 794 - else if(pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled && (peerKeyInfo.KeyDescVer != 1)) 795 795 - { 796 796 - return; 797 797 - } 798 798 - 799 799 - // Verify RSN IE 800 800 - //if (!RTMPEqualMemory(pMsg3->KeyDesc.KeyData, pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len)) 801 801 - if (!CheckRSNIE(pAd, pMsg3->KeyDesc.KeyData, pMsg3->KeyDesc.KeyDataLen[1], &skip_offset)) 802 802 - { 803 803 - DBGPRINT(RT_DEBUG_ERROR, ("RSN_IE Different in Msg 3 of WPA1 4-way handshake!! \n")); 804 804 - hex_dump("The original RSN_IE", pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len); 805 805 - hex_dump("The received RSN_IE", pMsg3->KeyDesc.KeyData, pMsg3->KeyDesc.KeyDataLen[1]); 806 806 - return; 807 807 - } 808 808 - else 809 809 - DBGPRINT(RT_DEBUG_TRACE, ("RSN_IE VALID in Msg 3 of WPA1 4-way handshake!! \n")); 810 810 - 811 811 - 812 812 - // 2. Check MIC value 813 813 - // Save the MIC and replace with zero 814 814 - NdisMoveMemory(OldMic, pMsg3->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); 815 815 - NdisZeroMemory(pMsg3->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); 816 816 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 817 817 - { 818 818 - // AES 819 819 - UCHAR digest[80]; 820 820 - 821 821 - HMAC_SHA1((PUCHAR) pMsg3, pMsg3->Body_Len[1] + 4, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 822 822 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 823 823 - } 824 824 - else // TKIP 825 825 - { 826 826 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, (PUCHAR) pMsg3, pMsg3->Body_Len[1] + 4, Mic); 827 827 - } 828 828 - 829 829 - if(!NdisEqualMemory(OldMic, Mic, LEN_KEY_DESC_MIC)) 830 830 - { 831 831 - DBGPRINT(RT_DEBUG_ERROR, (" MIC Different in msg 3 of 4-way handshake!!!!!!!!!! \n")); 832 832 - return; 833 833 - } 834 834 - else 835 835 - DBGPRINT(RT_DEBUG_TRACE, (" MIC VALID in msg 3 of 4-way handshake!!!!!!!!!! \n")); 836 836 - 837 837 - // 3. Check Replay Counter, it has to be larger than last one. No need to be exact one larger 838 838 - if(RTMPCompareMemory(pMsg3->KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY) != 1) 839 839 - return; 840 840 - 841 841 - // Update new replay counter 842 842 - NdisMoveMemory(pAd->StaCfg.ReplayCounter, pMsg3->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 843 843 - 844 844 - // 4. Double check ANonce 845 845 - if(!NdisEqualMemory(pAd->StaCfg.ANonce, pMsg3->KeyDesc.KeyNonce, LEN_KEY_DESC_NONCE)) 846 846 - return; 847 847 - 848 848 - // init 802.3 header and Fill Packet 849 849 - MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); 850 850 - 851 851 - // Zero Message 4 body 852 852 - NdisZeroMemory(&Packet, sizeof(Packet)); 853 853 - Packet.ProVer = EAPOL_VER; 854 854 - Packet.ProType = EAPOLKey; 855 855 - Packet.Body_Len[1] = sizeof(KEY_DESCRIPTER) - MAX_LEN_OF_RSNIE; // No data field 856 856 - 857 857 - // 858 858 - // Message 4 as EAPOL-Key(0,1,0,0,0,P,0,0,MIC,0) 859 859 - // 860 860 - Packet.KeyDesc.Type = WPA1_KEY_DESC; 861 861 - 862 862 - // Key descriptor version and appropriate RSN IE 863 863 - Packet.KeyDesc.KeyInfo.KeyDescVer = peerKeyInfo.KeyDescVer; 864 864 - 865 865 - // Update Key Length 866 866 - Packet.KeyDesc.KeyLength[0] = pMsg3->KeyDesc.KeyLength[0]; 867 867 - Packet.KeyDesc.KeyLength[1] = pMsg3->KeyDesc.KeyLength[1]; 868 868 - 869 869 - // Key Type PeerKey 870 870 - Packet.KeyDesc.KeyInfo.KeyType = PAIRWISEKEY; 871 871 - 872 872 - // KeyMic field presented 873 873 - Packet.KeyDesc.KeyInfo.KeyMic = 1; 874 874 - 875 875 - // In Msg3, KeyInfo.secure =0 if Group Key HS to come. 1 if no group key HS 876 876 - // Station sends Msg4 KeyInfo.secure should be the same as that in Msg.3 877 877 - Packet.KeyDesc.KeyInfo.Secure= peerKeyInfo.Secure; 878 878 - 879 879 - // Convert to little-endian format. 880 880 - *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); 881 881 - 882 882 - // Key Replay count 883 883 - NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pMsg3->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 884 884 - 885 885 - // Out buffer for transmitting message 4 886 886 - MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory 887 887 - if(pOutBuffer == NULL) 888 888 - return; 889 889 - 890 890 - // Prepare EAPOL frame for MIC calculation 891 891 - // Be careful, only EAPOL frame is counted for MIC calculation 892 892 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 893 893 - Packet.Body_Len[1] + 4, &Packet, 894 894 - END_OF_ARGS); 895 895 - 896 896 - // Prepare and Fill MIC value 897 897 - NdisZeroMemory(Mic, sizeof(Mic)); 898 898 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 899 899 - { 900 900 - // AES 901 901 - UCHAR digest[80]; 902 902 - 903 903 - HMAC_SHA1(pOutBuffer, FrameLen, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 904 904 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 905 905 - } 906 906 - else 907 907 - { 908 908 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic); 909 909 - } 910 910 - NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); 911 911 - 912 912 - // Update PTK 913 913 - // Prepare pair-wise key information into shared key table 914 914 - NdisZeroMemory(&pAd->SharedKey[BSS0][0], sizeof(CIPHER_KEY)); 915 915 - pAd->SharedKey[BSS0][0].KeyLen = LEN_TKIP_EK; 916 916 - NdisMoveMemory(pAd->SharedKey[BSS0][0].Key, &pAd->StaCfg.PTK[32], LEN_TKIP_EK); 917 917 - NdisMoveMemory(pAd->SharedKey[BSS0][0].RxMic, &pAd->StaCfg.PTK[48], LEN_TKIP_RXMICK); 918 918 - NdisMoveMemory(pAd->SharedKey[BSS0][0].TxMic, &pAd->StaCfg.PTK[48+LEN_TKIP_RXMICK], LEN_TKIP_TXMICK); 919 919 - 920 920 - // Decide its ChiperAlg 921 921 - if (pAd->StaCfg.PairCipher == Ndis802_11Encryption2Enabled) 922 922 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_TKIP; 923 923 - else if (pAd->StaCfg.PairCipher == Ndis802_11Encryption3Enabled) 924 924 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_AES; 925 925 - else 926 926 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_NONE; 927 927 - 928 928 - // Update these related information to MAC_TABLE_ENTRY 929 929 - pEntry = &pAd->MacTab.Content[BSSID_WCID]; 930 930 - NdisMoveMemory(pEntry->PairwiseKey.Key, &pAd->StaCfg.PTK[32], LEN_TKIP_EK); 931 931 - NdisMoveMemory(pEntry->PairwiseKey.RxMic, &pAd->StaCfg.PTK[48], LEN_TKIP_RXMICK); 932 932 - NdisMoveMemory(pEntry->PairwiseKey.TxMic, &pAd->StaCfg.PTK[48+LEN_TKIP_RXMICK], LEN_TKIP_TXMICK); 933 933 - pEntry->PairwiseKey.CipherAlg = pAd->SharedKey[BSS0][0].CipherAlg; 934 934 - 935 935 - // Update pairwise key information to ASIC Shared Key Table 936 936 - AsicAddSharedKeyEntry(pAd, 937 937 - BSS0, 938 938 - 0, 939 939 - pAd->SharedKey[BSS0][0].CipherAlg, 940 940 - pAd->SharedKey[BSS0][0].Key, 941 941 - pAd->SharedKey[BSS0][0].TxMic, 942 942 - pAd->SharedKey[BSS0][0].RxMic); 943 943 - 944 944 - // Update ASIC WCID attribute table and IVEIV table 945 945 - RTMPAddWcidAttributeEntry(pAd, 946 946 - BSS0, 947 947 - 0, 948 948 - pAd->SharedKey[BSS0][0].CipherAlg, 949 949 - pEntry); 950 950 - 951 951 - // Make transmitting frame 952 952 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 953 953 - LENGTH_802_3, &Header802_3, 954 954 - Packet.Body_Len[1] + 4, &Packet, 955 955 - END_OF_ARGS); 956 956 - 957 957 - 958 958 - // Copy frame to Tx ring and Send Message 4 to authenticator 959 959 - RTMPToWirelessSta(pAd, Header802_3, LENGTH_802_3, (PUCHAR)&Packet, Packet.Body_Len[1] + 4, TRUE); 960 960 - 961 961 - MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer); 962 962 - 963 963 - DBGPRINT(RT_DEBUG_TRACE, ("WpaPairMsg3Action <-----\n")); 964 964 - } 965 965 - 966 966 - VOID Wpa2PairMsg3Action( 967 967 - IN PRTMP_ADAPTER pAd, 968 968 - IN MLME_QUEUE_ELEM *Elem) 969 969 - 970 970 - { 971 971 - PHEADER_802_11 pHeader; 972 972 - PUCHAR pOutBuffer = NULL; 973 973 - UCHAR Header802_3[14]; 974 974 - ULONG FrameLen = 0; 975 975 - EAPOL_PACKET Packet; 976 976 - PEAPOL_PACKET pMsg3; 977 977 - UCHAR Mic[16], OldMic[16]; 978 978 - UCHAR *mpool, *KEYDATA, *digest; 979 979 - UCHAR Key[32]; 980 980 - MAC_TABLE_ENTRY *pEntry = NULL; 981 981 - KEY_INFO peerKeyInfo; 982 982 - 983 983 - // allocate memory 984 984 - os_alloc_mem(pAd, (PUCHAR *)&mpool, 1024); 985 985 - 986 986 - if(mpool == NULL) 987 987 - return; 988 988 - 989 989 - // KEYDATA Len = 512. 990 990 - KEYDATA = (UCHAR *) ROUND_UP(mpool, 4); 991 991 - // digest Len = 80. 992 992 - digest = (UCHAR *) ROUND_UP(KEYDATA + 512, 4); 993 993 - 994 994 - DBGPRINT(RT_DEBUG_TRACE, ("Wpa2PairMsg3Action ----->\n")); 995 995 - 996 996 - pHeader = (PHEADER_802_11) Elem->Msg; 997 997 - 998 998 - // Process message 3 frame. 999 999 - pMsg3 = (PEAPOL_PACKET) &Elem->Msg[LENGTH_802_11 + LENGTH_802_1_H]; 1000 1000 - 1001 1001 - NdisZeroMemory((PUCHAR)&peerKeyInfo, sizeof(peerKeyInfo)); 1002 1002 - NdisMoveMemory((PUCHAR)&peerKeyInfo, (PUCHAR)&pMsg3->KeyDesc.KeyInfo, sizeof(KEY_INFO)); 1003 1003 - 1004 1004 - *((USHORT*)&peerKeyInfo) = cpu2le16(*((USHORT*)&peerKeyInfo)); 1005 1005 - 1006 1006 - // 1. Verify cipher type match 1007 1007 - if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled && (peerKeyInfo.KeyDescVer!= 2)) 1008 1008 - { 1009 1009 - os_free_mem(pAd, (PUCHAR)mpool); 1010 1010 - return; 1011 1011 - } 1012 1012 - else if(pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled && (peerKeyInfo.KeyDescVer != 1)) 1013 1013 - { 1014 1014 - os_free_mem(pAd, (PUCHAR)mpool); 1015 1015 - return; 1016 1016 - } 1017 1017 - 1018 1018 - // 2. Check MIC value 1019 1019 - // Save the MIC and replace with zero 1020 1020 - NdisMoveMemory(OldMic, pMsg3->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); 1021 1021 - NdisZeroMemory(pMsg3->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); 1022 1022 - if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1023 1023 - { 1024 1024 - // AES 1025 1025 - HMAC_SHA1((PUCHAR) pMsg3, pMsg3->Body_Len[1] + 4, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 1026 1026 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 1027 1027 - } 1028 1028 - else 1029 1029 - { 1030 1030 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, (PUCHAR) pMsg3, pMsg3->Body_Len[1] + 4, Mic); 1031 1031 - } 1032 1032 - 1033 1033 - if(!NdisEqualMemory(OldMic, Mic, LEN_KEY_DESC_MIC)) 1034 1034 - { 1035 1035 - DBGPRINT(RT_DEBUG_ERROR, (" MIC Different in msg 3 of 4-way handshake!!!!!!!!!! \n")); 1036 1036 - os_free_mem(pAd, (PUCHAR)mpool); 1037 1037 - return; 1038 1038 - } 1039 1039 - else 1040 1040 - DBGPRINT(RT_DEBUG_TRACE, (" MIC VALID in msg 3 of 4-way handshake!!!!!!!!!! \n")); 1041 1041 - 1042 1042 - // 3. Check Replay Counter, it has to be larger than last one. No need to be exact one larger 1043 1043 - if(RTMPCompareMemory(pMsg3->KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY) != 1) 1044 1044 - { 1045 1045 - os_free_mem(pAd, (PUCHAR)mpool); 1046 1046 - return; 1047 1047 - } 1048 1048 - 1049 1049 - // Update new replay counter 1050 1050 - NdisMoveMemory(pAd->StaCfg.ReplayCounter, pMsg3->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 1051 1051 - 1052 1052 - // 4. Double check ANonce 1053 1053 - if(!NdisEqualMemory(pAd->StaCfg.ANonce, pMsg3->KeyDesc.KeyNonce, LEN_KEY_DESC_NONCE)) 1054 1054 - { 1055 1055 - os_free_mem(pAd, (PUCHAR)mpool); 1056 1056 - return; 1057 1057 - } 1058 1058 - 1059 1059 - // Obtain GTK 1060 1060 - // 5. Decrypt GTK from Key Data 1061 1061 - DBGPRINT_RAW(RT_DEBUG_TRACE, ("EKD = %d\n", peerKeyInfo.EKD_DL)); 1062 1062 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1063 1063 - { 1064 1064 - // Decrypt AES GTK 1065 1065 - AES_GTK_KEY_UNWRAP(&pAd->StaCfg.PTK[16], KEYDATA, pMsg3->KeyDesc.KeyDataLen[1],pMsg3->KeyDesc.KeyData); 1066 1066 - } 1067 1067 - else // TKIP 1068 1068 - { 1069 1069 - INT i; 1070 1070 - // Decrypt TKIP GTK 1071 1071 - // Construct 32 bytes RC4 Key 1072 1072 - NdisMoveMemory(Key, pMsg3->KeyDesc.KeyIv, 16); 1073 1073 - NdisMoveMemory(&Key[16], &pAd->StaCfg.PTK[16], 16); 1074 1074 - ARCFOUR_INIT(&pAd->PrivateInfo.WEPCONTEXT, Key, 32); 1075 1075 - //discard first 256 bytes 1076 1076 - for(i = 0; i < 256; i++) 1077 1077 - ARCFOUR_BYTE(&pAd->PrivateInfo.WEPCONTEXT); 1078 1078 - // Decrypt GTK. Becareful, there is no ICV to check the result is correct or not 1079 1079 - ARCFOUR_DECRYPT(&pAd->PrivateInfo.WEPCONTEXT, KEYDATA, pMsg3->KeyDesc.KeyData, pMsg3->KeyDesc.KeyDataLen[1]); 1080 1080 - } 1081 1081 - 1082 1082 - if (!ParseKeyData(pAd, KEYDATA, pMsg3->KeyDesc.KeyDataLen[1], 1)) 1083 1083 - { 1084 1084 - os_free_mem(pAd, (PUCHAR)mpool); 1085 1085 - return; 1086 1086 - } 1087 1087 - 1088 1088 - // Update GTK to ASIC 1089 1089 - // Update group key information to ASIC Shared Key Table 1090 1090 - AsicAddSharedKeyEntry(pAd, 1091 1091 - BSS0, 1092 1092 - pAd->StaCfg.DefaultKeyId, 1093 1093 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, 1094 1094 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key, 1095 1095 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].TxMic, 1096 1096 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].RxMic); 1097 1097 - 1098 1098 - // Update ASIC WCID attribute table and IVEIV table 1099 1099 - RTMPAddWcidAttributeEntry(pAd, 1100 1100 - BSS0, 1101 1101 - pAd->StaCfg.DefaultKeyId, 1102 1102 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, 1103 1103 - NULL); 1104 1104 - 1105 1105 - // init 802.3 header and Fill Packet 1106 1106 - MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); 1107 1107 - 1108 1108 - // Zero message 4 body 1109 1109 - NdisZeroMemory(&Packet, sizeof(Packet)); 1110 1110 - Packet.ProVer = EAPOL_VER; 1111 1111 - Packet.ProType = EAPOLKey; 1112 1112 - Packet.Body_Len[1] = sizeof(KEY_DESCRIPTER) - MAX_LEN_OF_RSNIE; // No data field 1113 1113 - 1114 1114 - // 1115 1115 - // Message 4 as EAPOL-Key(0,1,0,0,0,P,0,0,MIC,0) 1116 1116 - // 1117 1117 - Packet.KeyDesc.Type = WPA2_KEY_DESC; 1118 1118 - 1119 1119 - // Key descriptor version and appropriate RSN IE 1120 1120 - Packet.KeyDesc.KeyInfo.KeyDescVer = peerKeyInfo.KeyDescVer; 1121 1121 - 1122 1122 - // Update Key Length 1123 1123 - Packet.KeyDesc.KeyLength[0] = pMsg3->KeyDesc.KeyLength[0]; 1124 1124 - Packet.KeyDesc.KeyLength[1] = pMsg3->KeyDesc.KeyLength[1]; 1125 1125 - 1126 1126 - // Key Type PeerKey 1127 1127 - Packet.KeyDesc.KeyInfo.KeyType = PAIRWISEKEY; 1128 1128 - 1129 1129 - // KeyMic field presented 1130 1130 - Packet.KeyDesc.KeyInfo.KeyMic = 1; 1131 1131 - Packet.KeyDesc.KeyInfo.Secure = 1; 1132 1132 - 1133 1133 - // Convert to little-endian format. 1134 1134 - *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); 1135 1135 - 1136 1136 - // Key Replay count 1137 1137 - NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pMsg3->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 1138 1138 - 1139 1139 - // Out buffer for transmitting message 4 1140 1140 - MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory 1141 1141 - if(pOutBuffer == NULL) 1142 1142 - { 1143 1143 - os_free_mem(pAd, (PUCHAR)mpool); 1144 1144 - return; 1145 1145 - } 1146 1146 - 1147 1147 - // Prepare EAPOL frame for MIC calculation 1148 1148 - // Be careful, only EAPOL frame is counted for MIC calculation 1149 1149 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1150 1150 - Packet.Body_Len[1] + 4, &Packet, 1151 1151 - END_OF_ARGS); 1152 1152 - 1153 1153 - // Prepare and Fill MIC value 1154 1154 - NdisZeroMemory(Mic, sizeof(Mic)); 1155 1155 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1156 1156 - { 1157 1157 - // AES 1158 1158 - HMAC_SHA1(pOutBuffer, FrameLen, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 1159 1159 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 1160 1160 - } 1161 1161 - else 1162 1162 - { 1163 1163 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic); 1164 1164 - } 1165 1165 - NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); 1166 1166 - 1167 1167 - // Update PTK 1168 1168 - // Prepare pair-wise key information into shared key table 1169 1169 - NdisZeroMemory(&pAd->SharedKey[BSS0][0], sizeof(CIPHER_KEY)); 1170 1170 - pAd->SharedKey[BSS0][0].KeyLen = LEN_TKIP_EK; 1171 1171 - NdisMoveMemory(pAd->SharedKey[BSS0][0].Key, &pAd->StaCfg.PTK[32], LEN_TKIP_EK); 1172 1172 - NdisMoveMemory(pAd->SharedKey[BSS0][0].RxMic, &pAd->StaCfg.PTK[48], LEN_TKIP_RXMICK); 1173 1173 - NdisMoveMemory(pAd->SharedKey[BSS0][0].TxMic, &pAd->StaCfg.PTK[48+LEN_TKIP_RXMICK], LEN_TKIP_TXMICK); 1174 1174 - 1175 1175 - // Decide its ChiperAlg 1176 1176 - if (pAd->StaCfg.PairCipher == Ndis802_11Encryption2Enabled) 1177 1177 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_TKIP; 1178 1178 - else if (pAd->StaCfg.PairCipher == Ndis802_11Encryption3Enabled) 1179 1179 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_AES; 1180 1180 - else 1181 1181 - pAd->SharedKey[BSS0][0].CipherAlg = CIPHER_NONE; 1182 1182 - 1183 1183 - // Update these related information to MAC_TABLE_ENTRY 1184 1184 - pEntry = &pAd->MacTab.Content[BSSID_WCID]; 1185 1185 - NdisMoveMemory(&pEntry->PairwiseKey.Key, &pAd->StaCfg.PTK[32], LEN_TKIP_EK); 1186 1186 - NdisMoveMemory(&pEntry->PairwiseKey.RxMic, &pAd->StaCfg.PTK[48], LEN_TKIP_RXMICK); 1187 1187 - NdisMoveMemory(&pEntry->PairwiseKey.TxMic, &pAd->StaCfg.PTK[48+LEN_TKIP_RXMICK], LEN_TKIP_TXMICK); 1188 1188 - pEntry->PairwiseKey.CipherAlg = pAd->SharedKey[BSS0][0].CipherAlg; 1189 1189 - 1190 1190 - // Update pairwise key information to ASIC Shared Key Table 1191 1191 - AsicAddSharedKeyEntry(pAd, 1192 1192 - BSS0, 1193 1193 - 0, 1194 1194 - pAd->SharedKey[BSS0][0].CipherAlg, 1195 1195 - pAd->SharedKey[BSS0][0].Key, 1196 1196 - pAd->SharedKey[BSS0][0].TxMic, 1197 1197 - pAd->SharedKey[BSS0][0].RxMic); 1198 1198 - 1199 1199 - // Update ASIC WCID attribute table and IVEIV table 1200 1200 - RTMPAddWcidAttributeEntry(pAd, 1201 1201 - BSS0, 1202 1202 - 0, 1203 1203 - pAd->SharedKey[BSS0][0].CipherAlg, 1204 1204 - pEntry); 1205 1205 - 1206 1206 - // Make Transmitting frame 1207 1207 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1208 1208 - LENGTH_802_3, &Header802_3, 1209 1209 - Packet.Body_Len[1] + 4, &Packet, 1210 1210 - END_OF_ARGS); 1211 1211 - 1212 1212 - 1213 1213 - // Copy frame to Tx ring and Send Message 4 to authenticator 1214 1214 - RTMPToWirelessSta(pAd, Header802_3, LENGTH_802_3, (PUCHAR)&Packet, Packet.Body_Len[1] + 4, TRUE); 1215 1215 - 1216 1216 - // set 802.1x port control 1217 1217 - STA_PORT_SECURED(pAd); 1218 1218 - 1219 1219 - // Indicate Connected for GUI 1220 1220 - pAd->IndicateMediaState = NdisMediaStateConnected; 1221 1221 - 1222 1222 - MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer); 1223 1223 - os_free_mem(pAd, (PUCHAR)mpool); 1224 1224 - 1225 1225 - 1226 1226 - // send wireless event - for set key done WPA2 1227 1227 - if (pAd->CommonCfg.bWirelessEvent) 1228 1228 - RTMPSendWirelessEvent(pAd, IW_SET_KEY_DONE_WPA2_EVENT_FLAG, pEntry->Addr, BSS0, 0); 1229 1229 - 1230 1230 - DBGPRINT(RT_DEBUG_ERROR, ("Wpa2PairMsg3Action <-----\n")); 1231 1231 - 1232 1232 - } 1233 1233 - 1234 1234 - /* 1235 1235 - ======================================================================== 1236 1236 - 1237 1237 - Routine Description: 1238 1238 - Process Group key 2-way handshaking 1239 1239 - 1240 1240 - Arguments: 1241 1241 - pAd Pointer to our adapter 1242 1242 - Elem Message body 1243 1243 - 1244 1244 - Return Value: 1245 1245 - None 1246 1246 - 1247 1247 - Note: 1248 1248 - 1249 1249 - ======================================================================== 1250 1250 - */ 1251 1251 - VOID WpaGroupMsg1Action( 1252 1252 - IN PRTMP_ADAPTER pAd, 1253 1253 - IN MLME_QUEUE_ELEM *Elem) 1254 1254 - 1255 1255 - { 1256 1256 - PUCHAR pOutBuffer = NULL; 1257 1257 - UCHAR Header802_3[14]; 1258 1258 - ULONG FrameLen = 0; 1259 1259 - EAPOL_PACKET Packet; 1260 1260 - PEAPOL_PACKET pGroup; 1261 1261 - UCHAR *mpool, *digest, *KEYDATA; 1262 1262 - UCHAR Mic[16], OldMic[16]; 1263 1263 - UCHAR GTK[32], Key[32]; 1264 1264 - KEY_INFO peerKeyInfo; 1265 1265 - 1266 1266 - // allocate memory 1267 1267 - os_alloc_mem(pAd, (PUCHAR *)&mpool, 1024); 1268 1268 - 1269 1269 - if(mpool == NULL) 1270 1270 - return; 1271 1271 - 1272 1272 - // digest Len = 80. 1273 1273 - digest = (UCHAR *) ROUND_UP(mpool, 4); 1274 1274 - // KEYDATA Len = 512. 1275 1275 - KEYDATA = (UCHAR *) ROUND_UP(digest + 80, 4); 1276 1276 - 1277 1277 - DBGPRINT(RT_DEBUG_TRACE, ("WpaGroupMsg1Action ----->\n")); 1278 1278 - 1279 1279 - // Process Group Message 1 frame. skip 802.11 header(24) & LLC_SNAP header(8) 1280 1280 - pGroup = (PEAPOL_PACKET) &Elem->Msg[LENGTH_802_11 + LENGTH_802_1_H]; 1281 1281 - 1282 1282 - NdisZeroMemory((PUCHAR)&peerKeyInfo, sizeof(peerKeyInfo)); 1283 1283 - NdisMoveMemory((PUCHAR)&peerKeyInfo, (PUCHAR)&pGroup->KeyDesc.KeyInfo, sizeof(KEY_INFO)); 1284 1284 - 1285 1285 - *((USHORT*)&peerKeyInfo) = cpu2le16(*((USHORT*)&peerKeyInfo)); 1286 1286 - 1287 1287 - // 0. Check cipher type match 1288 1288 - if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled && (peerKeyInfo.KeyDescVer != 2)) 1289 1289 - { 1290 1290 - os_free_mem(pAd, (PUCHAR)mpool); 1291 1291 - return; 1292 1292 - } 1293 1293 - else if (pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled && (peerKeyInfo.KeyDescVer != 1)) 1294 1294 - { 1295 1295 - os_free_mem(pAd, (PUCHAR)mpool); 1296 1296 - return; 1297 1297 - } 1298 1298 - 1299 1299 - // 1. Verify Replay counter 1300 1300 - // Check Replay Counter, it has to be larger than last one. No need to be exact one larger 1301 1301 - if(RTMPCompareMemory(pGroup->KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY) != 1) 1302 1302 - { 1303 1303 - os_free_mem(pAd, (PUCHAR)mpool); 1304 1304 - return; 1305 1305 - } 1306 1306 - 1307 1307 - // Update new replay counter 1308 1308 - NdisMoveMemory(pAd->StaCfg.ReplayCounter, pGroup->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 1309 1309 - 1310 1310 - // 2. Verify MIC is valid 1311 1311 - // Save the MIC and replace with zero 1312 1312 - NdisMoveMemory(OldMic, pGroup->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); 1313 1313 - NdisZeroMemory(pGroup->KeyDesc.KeyMic, LEN_KEY_DESC_MIC); 1314 1314 - 1315 1315 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1316 1316 - { // AES 1317 1317 - HMAC_SHA1((PUCHAR) pGroup, pGroup->Body_Len[1] + 4, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 1318 1318 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 1319 1319 - } 1320 1320 - else 1321 1321 - { // TKIP 1322 1322 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, (PUCHAR) pGroup, pGroup->Body_Len[1] + 4, Mic); 1323 1323 - } 1324 1324 - 1325 1325 - if(!NdisEqualMemory(OldMic, Mic, LEN_KEY_DESC_MIC)) 1326 1326 - { 1327 1327 - DBGPRINT(RT_DEBUG_ERROR, (" MIC Different in group msg 1 of 2-way handshake!!!!!!!!!! \n")); 1328 1328 - MlmeFreeMemory(pAd, (PUCHAR)mpool); 1329 1329 - return; 1330 1330 - } 1331 1331 - else 1332 1332 - DBGPRINT(RT_DEBUG_TRACE, (" MIC VALID in group msg 1 of 2-way handshake!!!!!!!!!! \n")); 1333 1333 - 1334 1334 - 1335 1335 - // 3. Decrypt GTK from Key Data 1336 1336 - if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1337 1337 - { 1338 1338 - // Decrypt AES GTK 1339 1339 - AES_GTK_KEY_UNWRAP(&pAd->StaCfg.PTK[16], KEYDATA, pGroup->KeyDesc.KeyDataLen[1], pGroup->KeyDesc.KeyData); 1340 1340 - } 1341 1341 - else // TKIP 1342 1342 - { 1343 1343 - INT i; 1344 1344 - 1345 1345 - // Decrypt TKIP GTK 1346 1346 - // Construct 32 bytes RC4 Key 1347 1347 - NdisMoveMemory(Key, pGroup->KeyDesc.KeyIv, 16); 1348 1348 - NdisMoveMemory(&Key[16], &pAd->StaCfg.PTK[16], 16); 1349 1349 - ARCFOUR_INIT(&pAd->PrivateInfo.WEPCONTEXT, Key, 32); 1350 1350 - //discard first 256 bytes 1351 1351 - for(i = 0; i < 256; i++) 1352 1352 - ARCFOUR_BYTE(&pAd->PrivateInfo.WEPCONTEXT); 1353 1353 - // Decrypt GTK. Becareful, there is no ICV to check the result is correct or not 1354 1354 - ARCFOUR_DECRYPT(&pAd->PrivateInfo.WEPCONTEXT, KEYDATA, pGroup->KeyDesc.KeyData, pGroup->KeyDesc.KeyDataLen[1]); 1355 1355 - } 1356 1356 - 1357 1357 - // Process decrypted key data material 1358 1358 - // Parse keyData to handle KDE format for WPA2PSK 1359 1359 - if (peerKeyInfo.EKD_DL) 1360 1360 - { 1361 1361 - if (!ParseKeyData(pAd, KEYDATA, pGroup->KeyDesc.KeyDataLen[1], 0)) 1362 1362 - { 1363 1363 - os_free_mem(pAd, (PUCHAR)mpool); 1364 1364 - return; 1365 1365 - } 1366 1366 - } 1367 1367 - else // WPAPSK 1368 1368 - { 1369 1369 - // set key material, TxMic and RxMic for WPAPSK 1370 1370 - NdisMoveMemory(GTK, KEYDATA, 32); 1371 1371 - NdisMoveMemory(pAd->StaCfg.GTK, GTK, 32); 1372 1372 - pAd->StaCfg.DefaultKeyId = peerKeyInfo.KeyIndex; 1373 1373 - 1374 1374 - // Prepare pair-wise key information into shared key table 1375 1375 - NdisZeroMemory(&pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId], sizeof(CIPHER_KEY)); 1376 1376 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].KeyLen = LEN_TKIP_EK; 1377 1377 - NdisMoveMemory(pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key, GTK, LEN_TKIP_EK); 1378 1378 - NdisMoveMemory(pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].RxMic, &GTK[16], LEN_TKIP_RXMICK); 1379 1379 - NdisMoveMemory(pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].TxMic, &GTK[24], LEN_TKIP_TXMICK); 1380 1380 - 1381 1381 - // Update Shared Key CipherAlg 1382 1382 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg = CIPHER_NONE; 1383 1383 - if (pAd->StaCfg.GroupCipher == Ndis802_11Encryption2Enabled) 1384 1384 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg = CIPHER_TKIP; 1385 1385 - else if (pAd->StaCfg.GroupCipher == Ndis802_11Encryption3Enabled) 1386 1386 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg = CIPHER_AES; 1387 1387 - 1388 1388 - //hex_dump("Group Key :", pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key, LEN_TKIP_EK); 1389 1389 - } 1390 1390 - 1391 1391 - // Update group key information to ASIC Shared Key Table 1392 1392 - AsicAddSharedKeyEntry(pAd, 1393 1393 - BSS0, 1394 1394 - pAd->StaCfg.DefaultKeyId, 1395 1395 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, 1396 1396 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key, 1397 1397 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].TxMic, 1398 1398 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].RxMic); 1399 1399 - 1400 1400 - // Update ASIC WCID attribute table and IVEIV table 1401 1401 - RTMPAddWcidAttributeEntry(pAd, 1402 1402 - BSS0, 1403 1403 - pAd->StaCfg.DefaultKeyId, 1404 1404 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg, 1405 1405 - NULL); 1406 1406 - 1407 1407 - // set 802.1x port control 1408 1408 - STA_PORT_SECURED(pAd); 1409 1409 - 1410 1410 - // Indicate Connected for GUI 1411 1411 - pAd->IndicateMediaState = NdisMediaStateConnected; 1412 1412 - 1413 1413 - // init header and Fill Packet 1414 1414 - MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); 1415 1415 - 1416 1416 - // Zero Group message 1 body 1417 1417 - NdisZeroMemory(&Packet, sizeof(Packet)); 1418 1418 - Packet.ProVer = EAPOL_VER; 1419 1419 - Packet.ProType = EAPOLKey; 1420 1420 - Packet.Body_Len[1] = sizeof(KEY_DESCRIPTER) - MAX_LEN_OF_RSNIE; // No data field 1421 1421 - 1422 1422 - // 1423 1423 - // Group Message 2 as EAPOL-Key(1,0,0,0,G,0,0,MIC,0) 1424 1424 - // 1425 1425 - if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) 1426 1426 - { 1427 1427 - Packet.KeyDesc.Type = WPA2_KEY_DESC; 1428 1428 - } 1429 1429 - else 1430 1430 - { 1431 1431 - Packet.KeyDesc.Type = WPA1_KEY_DESC; 1432 1432 - } 1433 1433 - 1434 1434 - // Key descriptor version and appropriate RSN IE 1435 1435 - Packet.KeyDesc.KeyInfo.KeyDescVer = peerKeyInfo.KeyDescVer; 1436 1436 - 1437 1437 - // Update Key Length 1438 1438 - Packet.KeyDesc.KeyLength[0] = pGroup->KeyDesc.KeyLength[0]; 1439 1439 - Packet.KeyDesc.KeyLength[1] = pGroup->KeyDesc.KeyLength[1]; 1440 1440 - 1441 1441 - // Key Index as G-Msg 1 1442 1442 - if(pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) 1443 1443 - Packet.KeyDesc.KeyInfo.KeyIndex = peerKeyInfo.KeyIndex; 1444 1444 - 1445 1445 - // Key Type Group key 1446 1446 - Packet.KeyDesc.KeyInfo.KeyType = GROUPKEY; 1447 1447 - 1448 1448 - // KeyMic field presented 1449 1449 - Packet.KeyDesc.KeyInfo.KeyMic = 1; 1450 1450 - 1451 1451 - // Secure bit 1452 1452 - Packet.KeyDesc.KeyInfo.Secure = 1; 1453 1453 - 1454 1454 - // Convert to little-endian format. 1455 1455 - *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); 1456 1456 - 1457 1457 - // Key Replay count 1458 1458 - NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pGroup->KeyDesc.ReplayCounter, LEN_KEY_DESC_REPLAY); 1459 1459 - 1460 1460 - // Out buffer for transmitting group message 2 1461 1461 - MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory 1462 1462 - if(pOutBuffer == NULL) 1463 1463 - { 1464 1464 - MlmeFreeMemory(pAd, (PUCHAR)mpool); 1465 1465 - return; 1466 1466 - } 1467 1467 - 1468 1468 - // Prepare EAPOL frame for MIC calculation 1469 1469 - // Be careful, only EAPOL frame is counted for MIC calculation 1470 1470 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1471 1471 - Packet.Body_Len[1] + 4, &Packet, 1472 1472 - END_OF_ARGS); 1473 1473 - 1474 1474 - // Prepare and Fill MIC value 1475 1475 - NdisZeroMemory(Mic, sizeof(Mic)); 1476 1476 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1477 1477 - { 1478 1478 - // AES 1479 1479 - HMAC_SHA1(pOutBuffer, FrameLen, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 1480 1480 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 1481 1481 - } 1482 1482 - else 1483 1483 - { 1484 1484 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic); 1485 1485 - } 1486 1486 - NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); 1487 1487 - 1488 1488 - 1489 1489 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 1490 1490 - LENGTH_802_3, &Header802_3, 1491 1491 - Packet.Body_Len[1] + 4, &Packet, 1492 1492 - END_OF_ARGS); 1493 1493 - 1494 1494 - 1495 1495 - // 5. Copy frame to Tx ring and prepare for encryption 1496 1496 - RTMPToWirelessSta(pAd, Header802_3, LENGTH_802_3, (PUCHAR)&Packet, Packet.Body_Len[1] + 4, FALSE); 1497 1497 - 1498 1498 - // 6 Free allocated memory 1499 1499 - MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer); 1500 1500 - os_free_mem(pAd, (PUCHAR)mpool); 1501 1501 - 1502 1502 - // send wireless event - for set key done WPA2 1503 1503 - if (pAd->CommonCfg.bWirelessEvent) 1504 1504 - RTMPSendWirelessEvent(pAd, IW_SET_KEY_DONE_WPA2_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 1505 1505 - 1506 1506 - DBGPRINT(RT_DEBUG_TRACE, ("WpaGroupMsg1Action <-----\n")); 1507 1507 - } 1508 1508 - 1509 1509 - /* 1510 1510 - ======================================================================== 1511 1511 - 1512 1512 - Routine Description: 1513 1513 - Init WPA MAC header 1514 1514 - 1515 1515 - Arguments: 1516 1516 - pAd Pointer to our adapter 1517 1517 - 1518 1518 - Return Value: 1519 1519 - None 1520 1520 - 1521 1521 - Note: 1522 1522 - 1523 1523 - ======================================================================== 1524 1524 - */ 1525 1525 - VOID WpaMacHeaderInit( 1526 1526 - IN PRTMP_ADAPTER pAd, 1527 1527 - IN OUT PHEADER_802_11 pHdr80211, 1528 1528 - IN UCHAR wep, 1529 1529 - IN PUCHAR pAddr1) 1530 1530 - { 1531 1531 - NdisZeroMemory(pHdr80211, sizeof(HEADER_802_11)); 1532 1532 - pHdr80211->FC.Type = BTYPE_DATA; 1533 1533 - pHdr80211->FC.ToDs = 1; 1534 1534 - if (wep == 1) 1535 1535 - pHdr80211->FC.Wep = 1; 1536 1536 - 1537 1537 - // Addr1: BSSID, Addr2: SA, Addr3: DA 1538 1538 - COPY_MAC_ADDR(pHdr80211->Addr1, pAddr1); 1539 1539 - COPY_MAC_ADDR(pHdr80211->Addr2, pAd->CurrentAddress); 1540 1540 - COPY_MAC_ADDR(pHdr80211->Addr3, pAd->CommonCfg.Bssid); 1541 1541 - pHdr80211->Sequence = pAd->Sequence; 1542 1542 - } 1543 1543 - 1544 1544 - /* 1545 1545 - ======================================================================== 1546 1546 - 1547 1547 - Routine Description: 1548 1548 - Copy frame from waiting queue into relative ring buffer and set 1549 1549 - appropriate ASIC register to kick hardware encryption before really 1550 1550 - sent out to air. 1551 1551 - 1552 1552 - Arguments: 1553 1553 - pAd Pointer to our adapter 1554 1554 - PNDIS_PACKET Pointer to outgoing Ndis frame 1555 1555 - NumberOfFrag Number of fragment required 1556 1556 - 1557 1557 - Return Value: 1558 1558 - None 1559 1559 - 1560 1560 - Note: 1561 1561 - 1562 1562 - ======================================================================== 1563 1563 - */ 1564 1564 - VOID RTMPToWirelessSta( 1565 1565 - IN PRTMP_ADAPTER pAd, 1566 1566 - IN PUCHAR pHeader802_3, 1567 1567 - IN UINT HdrLen, 1568 1568 - IN PUCHAR pData, 1569 1569 - IN UINT DataLen, 1570 1570 - IN BOOLEAN is4wayFrame) 1571 1571 - 1572 1572 - { 1573 1573 - NDIS_STATUS Status; 1574 1574 - PNDIS_PACKET pPacket; 1575 1575 - UCHAR Index; 1576 1576 - 1577 1577 - do 1578 1578 - { 1579 1579 - // 1. build a NDIS packet and call RTMPSendPacket(); 1580 1580 - // be careful about how/when to release this internal allocated NDIS PACKET buffer 1581 1581 - Status = RTMPAllocateNdisPacket(pAd, &pPacket, pHeader802_3, HdrLen, pData, DataLen); 1582 1582 - if (Status != NDIS_STATUS_SUCCESS) 1583 1583 - break; 1584 1584 - 1585 1585 - if (is4wayFrame) 1586 1586 - RTMP_SET_PACKET_CLEAR_EAP_FRAME(pPacket, 1); 1587 1587 - else 1588 1588 - RTMP_SET_PACKET_CLEAR_EAP_FRAME(pPacket, 0); 1589 1589 - 1590 1590 - // 2. send out the packet 1591 1591 - Status = STASendPacket(pAd, pPacket); 1592 1592 - if(Status == NDIS_STATUS_SUCCESS) 1593 1593 - { 1594 1594 - // Dequeue one frame from TxSwQueue0..3 queue and process it 1595 1595 - // There are three place calling dequeue for TX ring. 1596 1596 - // 1. Here, right after queueing the frame. 1597 1597 - // 2. At the end of TxRingTxDone service routine. 1598 1598 - // 3. Upon NDIS call RTMPSendPackets 1599 1599 - if((!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_BSS_SCAN_IN_PROGRESS)) && 1600 1600 - (!RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_RESET_IN_PROGRESS))) 1601 1601 - { 1602 1602 - for(Index = 0; Index < 5; Index ++) 1603 1603 - if(pAd->TxSwQueue[Index].Number > 0) 1604 1604 - RTMPDeQueuePacket(pAd, FALSE, Index, MAX_TX_PROCESS); 1605 1605 - } 1606 1606 - } 1607 1607 - } while(FALSE); 1608 1608 - 1609 1609 - } 1610 1610 - 1611 1611 - /* 1612 1612 - ======================================================================== 1613 1613 - 1614 1614 - Routine Description: 1615 1615 - Check Sanity RSN IE form AP 1616 1616 - 1617 1617 - Arguments: 1618 1618 - 1619 1619 - Return Value: 1620 1620 - 1621 1621 - 1622 1622 - ======================================================================== 1623 1623 - */ 1624 1624 - BOOLEAN CheckRSNIE( 1625 1625 - IN PRTMP_ADAPTER pAd, 1626 1626 - IN PUCHAR pData, 1627 1627 - IN UCHAR DataLen, 1628 1628 - OUT UCHAR *Offset) 1629 1629 - { 1630 1630 - PUCHAR pVIE; 1631 1631 - UCHAR len; 1632 1632 - PEID_STRUCT pEid; 1633 1633 - BOOLEAN result = FALSE; 1634 1634 - 1635 1635 - pVIE = pData; 1636 1636 - len = DataLen; 1637 1637 - *Offset = 0; 1638 1638 - 1639 1639 - while (len > sizeof(RSNIE2)) 1640 1640 - { 1641 1641 - pEid = (PEID_STRUCT) pVIE; 1642 1642 - // WPA RSN IE 1643 1643 - if ((pEid->Eid == IE_WPA) && (NdisEqualMemory(pEid->Octet, WPA_OUI, 4))) 1644 1644 - { 1645 1645 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) && 1646 1646 - (NdisEqualMemory(pVIE, pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len)) && 1647 1647 - (pAd->MacTab.Content[BSSID_WCID].RSNIE_Len == (pEid->Len + 2))) 1648 1648 - { 1649 1649 - DBGPRINT(RT_DEBUG_TRACE, ("CheckRSNIE ==> WPA/WPAPSK RSN IE matched in Msg 3, Length(%d) \n", (pEid->Len + 2))); 1650 1650 - result = TRUE; 1651 1651 - } 1652 1652 - 1653 1653 - *Offset += (pEid->Len + 2); 1654 1654 - } 1655 1655 - // WPA2 RSN IE 1656 1656 - else if ((pEid->Eid == IE_RSN) && (NdisEqualMemory(pEid->Octet + 2, RSN_OUI, 3))) 1657 1657 - { 1658 1658 - if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2 || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) && 1659 1659 - (NdisEqualMemory(pVIE, pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len)) && 1660 1660 - (pAd->MacTab.Content[BSSID_WCID].RSNIE_Len == (pEid->Len + 2))) 1661 1661 - { 1662 1662 - DBGPRINT(RT_DEBUG_TRACE, ("CheckRSNIE ==> WPA2/WPA2PSK RSN IE matched in Msg 3, Length(%d) \n", (pEid->Len + 2))); 1663 1663 - result = TRUE; 1664 1664 - } 1665 1665 - 1666 1666 - *Offset += (pEid->Len + 2); 1667 1667 - } 1668 1668 - else 1669 1669 - { 1670 1670 - break; 1671 1671 - } 1672 1672 - 1673 1673 - pVIE += (pEid->Len + 2); 1674 1674 - len -= (pEid->Len + 2); 1675 1675 - } 1676 1676 - 1677 1677 - DBGPRINT(RT_DEBUG_TRACE, ("CheckRSNIE ==> skip_offset(%d) \n", *Offset)); 1678 1678 - 1679 1679 - return result; 1680 1680 - 1681 1681 - } 1682 1682 - 1683 1683 - 1684 1684 - /* 1685 1685 - ======================================================================== 1686 1686 - 1687 1687 - Routine Description: 1688 1688 - Parse KEYDATA field. KEYDATA[] May contain 2 RSN IE and optionally GTK. 1689 1689 - GTK is encaptulated in KDE format at p.83 802.11i D10 1690 1690 - 1691 1691 - Arguments: 1692 1692 - 1693 1693 - Return Value: 1694 1694 - 1695 1695 - Note: 1696 1696 - 802.11i D10 1697 1697 - 1698 1698 - ======================================================================== 1699 1699 - */ 1700 1700 - BOOLEAN ParseKeyData( 1701 1701 - IN PRTMP_ADAPTER pAd, 1702 1702 - IN PUCHAR pKeyData, 1703 1703 - IN UCHAR KeyDataLen, 1704 1704 - IN UCHAR bPairewise) 1705 1705 - { 1706 1706 - PKDE_ENCAP pKDE = NULL; 1707 1707 - PUCHAR pMyKeyData = pKeyData; 1708 1708 - UCHAR KeyDataLength = KeyDataLen; 1709 1709 - UCHAR GTKLEN; 1710 1710 - UCHAR skip_offset; 1711 1711 - 1712 1712 - // Verify The RSN IE contained in Pairewise-Msg 3 and skip it 1713 1713 - if (bPairewise) 1714 1714 - { 1715 1715 - // Check RSN IE whether it is WPA2/WPA2PSK 1716 1716 - if (!CheckRSNIE(pAd, pKeyData, KeyDataLen, &skip_offset)) 1717 1717 - { 1718 1718 - DBGPRINT(RT_DEBUG_ERROR, ("ParseKeyData ==> WPA2/WPA2PSK RSN IE mismatched \n")); 1719 1719 - hex_dump("Get KEYDATA :", pKeyData, KeyDataLen); 1720 1720 - return FALSE; 1721 1721 - } 1722 1722 - else 1723 1723 - { 1724 1724 - // skip RSN IE 1725 1725 - pMyKeyData += skip_offset; 1726 1726 - KeyDataLength -= skip_offset; 1727 1727 - 1728 1728 - //DBGPRINT(RT_DEBUG_TRACE, ("ParseKeyData ==> WPA2/WPA2PSK RSN IE matched in Msg 3, Length(%d) \n", skip_offset)); 1729 1729 - } 1730 1730 - } 1731 1731 - 1732 1732 - DBGPRINT(RT_DEBUG_TRACE,("ParseKeyData ==> KeyDataLength %d without RSN_IE \n", KeyDataLength)); 1733 1733 - 1734 1734 - // Parse EKD format 1735 1735 - if (KeyDataLength >= 8) 1736 1736 - { 1737 1737 - pKDE = (PKDE_ENCAP) pMyKeyData; 1738 1738 - } 1739 1739 - else 1740 1740 - { 1741 1741 - DBGPRINT(RT_DEBUG_ERROR, ("ERROR: KeyDataLength is too short \n")); 1742 1742 - return FALSE; 1743 1743 - } 1744 1744 - 1745 1745 - 1746 1746 - // Sanity check - shared key index should not be 0 1747 1747 - if (pKDE->GTKEncap.Kid == 0) 1748 1748 - { 1749 1749 - DBGPRINT(RT_DEBUG_ERROR, ("ERROR: GTK Key index zero \n")); 1750 1750 - return FALSE; 1751 1751 - } 1752 1752 - 1753 1753 - // Sanity check - KED length 1754 1754 - if (KeyDataLength < (pKDE->Len + 2)) 1755 1755 - { 1756 1756 - DBGPRINT(RT_DEBUG_ERROR, ("ERROR: The len from KDE is too short \n")); 1757 1757 - return FALSE; 1758 1758 - } 1759 1759 - 1760 1760 - // Get GTK length - refer to IEEE 802.11i-2004 p.82 1761 1761 - GTKLEN = pKDE->Len -6; 1762 1762 - 1763 1763 - if (GTKLEN < LEN_AES_KEY) 1764 1764 - { 1765 1765 - DBGPRINT(RT_DEBUG_ERROR, ("ERROR: GTK Key length is too short (%d) \n", GTKLEN)); 1766 1766 - return FALSE; 1767 1767 - } 1768 1768 - else 1769 1769 - DBGPRINT(RT_DEBUG_TRACE, ("GTK Key with KDE formet got index=%d, len=%d \n", pKDE->GTKEncap.Kid, GTKLEN)); 1770 1770 - 1771 1771 - // Update GTK 1772 1772 - // set key material, TxMic and RxMic for WPAPSK 1773 1773 - NdisMoveMemory(pAd->StaCfg.GTK, pKDE->GTKEncap.GTK, 32); 1774 1774 - pAd->StaCfg.DefaultKeyId = pKDE->GTKEncap.Kid; 1775 1775 - 1776 1776 - // Update shared key table 1777 1777 - NdisZeroMemory(&pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId], sizeof(CIPHER_KEY)); 1778 1778 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].KeyLen = LEN_TKIP_EK; 1779 1779 - NdisMoveMemory(pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key, pKDE->GTKEncap.GTK, LEN_TKIP_EK); 1780 1780 - NdisMoveMemory(pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].RxMic, &pKDE->GTKEncap.GTK[16], LEN_TKIP_RXMICK); 1781 1781 - NdisMoveMemory(pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].TxMic, &pKDE->GTKEncap.GTK[24], LEN_TKIP_TXMICK); 1782 1782 - 1783 1783 - // Update Shared Key CipherAlg 1784 1784 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg = CIPHER_NONE; 1785 1785 - if (pAd->StaCfg.GroupCipher == Ndis802_11Encryption2Enabled) 1786 1786 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg = CIPHER_TKIP; 1787 1787 - else if (pAd->StaCfg.GroupCipher == Ndis802_11Encryption3Enabled) 1788 1788 - pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].CipherAlg = CIPHER_AES; 1789 1789 - 1790 1790 - return TRUE; 1791 1791 - 1792 1792 - } 1793 1793 - 1794 1794 - /* 1795 1795 - ======================================================================== 1796 1796 - 1797 1797 - Routine Description: 1798 1798 - Cisco CCKM PRF function 1799 1799 - 1800 1800 - Arguments: 1801 1801 - key Cisco Base Transient Key (BTK) 1802 1802 - key_len The key length of the BTK 1803 1803 - data Ruquest Number(RN) + BSSID 1804 1804 - data_len The length of the data 1805 1805 - output Store for PTK(Pairwise transient keys) 1806 1806 - len The length of the output 1807 1807 - Return Value: 1808 1808 - None 1809 1809 - 1810 1810 - Note: 1811 1811 - 802.1i Annex F.9 1812 1812 - 1813 1813 - ======================================================================== 1814 1814 - */ 1815 1815 - VOID CCKMPRF( 1816 1816 - IN UCHAR *key, 1817 1817 - IN INT key_len, 1818 1818 - IN UCHAR *data, 1819 1819 - IN INT data_len, 1820 1820 - OUT UCHAR *output, 1821 1821 - IN INT len) 1822 1822 - { 1823 1823 - INT i; 1824 1824 - UCHAR input[1024]; 1825 1825 - INT currentindex = 0; 1826 1826 - INT total_len; 1827 1827 - 1828 1828 - NdisMoveMemory(input, data, data_len); 1829 1829 - total_len = data_len; 1830 1830 - input[total_len] = 0; 1831 1831 - total_len++; 1832 1832 - for (i = 0; i < (len + 19) / 20; i++) 1833 1833 - { 1834 1834 - HMAC_SHA1(input, total_len, key, key_len, &output[currentindex]); 1835 1835 - currentindex += 20; 1836 1836 - input[total_len - 1]++; 1837 1837 - } 1838 1838 - } 1839 1839 - 1840 1840 - /* 1841 1841 - ======================================================================== 1842 1842 - 1843 1843 - Routine Description: 1844 1844 - Process MIC error indication and record MIC error timer. 1845 1845 - 1846 1846 - Arguments: 1847 1847 - pAd Pointer to our adapter 1848 1848 - pWpaKey Pointer to the WPA key structure 1849 1849 - 1850 1850 - Return Value: 1851 1851 - None 1852 1852 - 1853 1853 - IRQL = DISPATCH_LEVEL 1854 1854 - 1855 1855 - Note: 1856 1856 - 1857 1857 - ======================================================================== 1858 1858 - */ 1859 1859 - VOID RTMPReportMicError( 1860 1860 - IN PRTMP_ADAPTER pAd, 1861 1861 - IN PCIPHER_KEY pWpaKey) 1862 1862 - { 1863 1863 - ULONG Now; 1864 1864 - UCHAR unicastKey = (pWpaKey->Type == PAIRWISE_KEY ? 1:0); 1865 1865 - 1866 1866 - // Record Last MIC error time and count 1867 1867 - Now = jiffies; 1868 1868 - if (pAd->StaCfg.MicErrCnt == 0) 1869 1869 - { 1870 1870 - pAd->StaCfg.MicErrCnt++; 1871 1871 - pAd->StaCfg.LastMicErrorTime = Now; 1872 1872 - NdisZeroMemory(pAd->StaCfg.ReplayCounter, 8); 1873 1873 - } 1874 1874 - else if (pAd->StaCfg.MicErrCnt == 1) 1875 1875 - { 1876 1876 - if ((pAd->StaCfg.LastMicErrorTime + (60 * OS_HZ)) < Now) 1877 1877 - { 1878 1878 - // Update Last MIC error time, this did not violate two MIC errors within 60 seconds 1879 1879 - pAd->StaCfg.LastMicErrorTime = Now; 1880 1880 - } 1881 1881 - else 1882 1882 - { 1883 1883 - 1884 1884 - if (pAd->CommonCfg.bWirelessEvent) 1885 1885 - RTMPSendWirelessEvent(pAd, IW_COUNTER_MEASURES_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0); 1886 1886 - 1887 1887 - pAd->StaCfg.LastMicErrorTime = Now; 1888 1888 - // Violate MIC error counts, MIC countermeasures kicks in 1889 1889 - pAd->StaCfg.MicErrCnt++; 1890 1890 - } 1891 1891 - } 1892 1892 - else 1893 1893 - { 1894 1894 - // MIC error count >= 2 1895 1895 - // This should not happen 1896 1896 - ; 1897 1897 - } 1898 1898 - MlmeEnqueue(pAd, 1899 1899 - MLME_CNTL_STATE_MACHINE, 1900 1900 - OID_802_11_MIC_FAILURE_REPORT_FRAME, 1901 1901 - 1, 1902 1902 - &unicastKey); 1903 1903 - 1904 1904 - if (pAd->StaCfg.MicErrCnt == 2) 1905 1905 - { 1906 1906 - RTMPSetTimer(&pAd->StaCfg.WpaDisassocAndBlockAssocTimer, 100); 1907 1907 - } 1908 1908 - } 1909 1909 - 1910 1910 - #define LENGTH_EAP_H 4 1911 1911 - // If the received frame is EAP-Packet ,find out its EAP-Code (Request(0x01), Response(0x02), Success(0x03), Failure(0x04)). 1912 1912 - INT WpaCheckEapCode( 1913 1913 - IN PRTMP_ADAPTER pAd, 1914 1914 - IN PUCHAR pFrame, 1915 1915 - IN USHORT FrameLen, 1916 1916 - IN USHORT OffSet) 1917 1917 - { 1918 1918 - 1919 1919 - PUCHAR pData; 1920 1920 - INT result = 0; 1921 1921 - 1922 1922 - if( FrameLen < OffSet + LENGTH_EAPOL_H + LENGTH_EAP_H ) 1923 1923 - return result; 1924 1924 - 1925 1925 - pData = pFrame + OffSet; // skip offset bytes 1926 1926 - 1927 1927 - if(*(pData+1) == EAPPacket) // 802.1x header - Packet Type 1928 1928 - { 1929 1929 - result = *(pData+4); // EAP header - Code 1930 1930 - } 1931 1931 - 1932 1932 - return result; 1933 1933 - } 1934 1934 - 1935 1935 - VOID WpaSendMicFailureToWpaSupplicant( 1936 1936 - IN PRTMP_ADAPTER pAd, 1937 1937 - IN BOOLEAN bUnicast) 1938 1938 - { 1939 1939 - union iwreq_data wrqu; 1940 1940 - char custom[IW_CUSTOM_MAX] = {0}; 1941 1941 - 1942 1942 - sprintf(custom, "MLME-MICHAELMICFAILURE.indication"); 1943 1943 - if (bUnicast) 1944 1944 - sprintf(custom, "%s unicast", custom); 1945 1945 - wrqu.data.length = strlen(custom); 1946 1946 - wireless_send_event(pAd->net_dev, IWEVCUSTOM, &wrqu, custom); 1947 1947 - 1948 1948 - return; 1949 1949 - } 1950 1950 - 1951 1951 - VOID WpaMicFailureReportFrame( 1952 1952 - IN PRTMP_ADAPTER pAd, 1953 1953 - IN MLME_QUEUE_ELEM *Elem) 1954 1954 - { 1955 1955 - PUCHAR pOutBuffer = NULL; 1956 1956 - UCHAR Header802_3[14]; 1957 1957 - ULONG FrameLen = 0; 1958 1958 - EAPOL_PACKET Packet; 1959 1959 - UCHAR Mic[16]; 1960 1960 - BOOLEAN bUnicast; 1961 1961 - 1962 1962 - DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame ----->\n")); 1963 1963 - 1964 1964 - bUnicast = (Elem->Msg[0] == 1 ? TRUE:FALSE); 1965 1965 - pAd->Sequence = ((pAd->Sequence) + 1) & (MAX_SEQ_NUMBER); 1966 1966 - 1967 1967 - // init 802.3 header and Fill Packet 1968 1968 - MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); 1969 1969 - 1970 1970 - NdisZeroMemory(&Packet, sizeof(Packet)); 1971 1971 - Packet.ProVer = EAPOL_VER; 1972 1972 - Packet.ProType = EAPOLKey; 1973 1973 - 1974 1974 - Packet.KeyDesc.Type = WPA1_KEY_DESC; 1975 1975 - 1976 1976 - // Request field presented 1977 1977 - Packet.KeyDesc.KeyInfo.Request = 1; 1978 1978 - 1979 1979 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 1980 1980 - { 1981 1981 - Packet.KeyDesc.KeyInfo.KeyDescVer = 2; 1982 1982 - } 1983 1983 - else // TKIP 1984 1984 - { 1985 1985 - Packet.KeyDesc.KeyInfo.KeyDescVer = 1; 1986 1986 - } 1987 1987 - 1988 1988 - Packet.KeyDesc.KeyInfo.KeyType = (bUnicast ? PAIRWISEKEY : GROUPKEY); 1989 1989 - 1990 1990 - // KeyMic field presented 1991 1991 - Packet.KeyDesc.KeyInfo.KeyMic = 1; 1992 1992 - 1993 1993 - // Error field presented 1994 1994 - Packet.KeyDesc.KeyInfo.Error = 1; 1995 1995 - 1996 1996 - // Update packet length after decide Key data payload 1997 1997 - Packet.Body_Len[1] = sizeof(KEY_DESCRIPTER) - MAX_LEN_OF_RSNIE; 1998 1998 - 1999 1999 - // Key Replay Count 2000 2000 - NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY); 2001 2001 - inc_byte_array(pAd->StaCfg.ReplayCounter, 8); 2002 2002 - 2003 2003 - // Convert to little-endian format. 2004 2004 - *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); 2005 2005 - 2006 2006 - 2007 2007 - MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory 2008 2008 - if(pOutBuffer == NULL) 2009 2009 - { 2010 2010 - return; 2011 2011 - } 2012 2012 - 2013 2013 - // Prepare EAPOL frame for MIC calculation 2014 2014 - // Be careful, only EAPOL frame is counted for MIC calculation 2015 2015 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 2016 2016 - Packet.Body_Len[1] + 4, &Packet, 2017 2017 - END_OF_ARGS); 2018 2018 - 2019 2019 - // Prepare and Fill MIC value 2020 2020 - NdisZeroMemory(Mic, sizeof(Mic)); 2021 2021 - if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) 2022 2022 - { // AES 2023 2023 - UCHAR digest[20] = {0}; 2024 2024 - HMAC_SHA1(pOutBuffer, FrameLen, pAd->StaCfg.PTK, LEN_EAP_MICK, digest); 2025 2025 - NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); 2026 2026 - } 2027 2027 - else 2028 2028 - { // TKIP 2029 2029 - hmac_md5(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic); 2030 2030 - } 2031 2031 - NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); 2032 2032 - 2033 2033 - MakeOutgoingFrame(pOutBuffer, &FrameLen, 2034 2034 - LENGTH_802_3, &Header802_3, 2035 2035 - Packet.Body_Len[1] + 4, &Packet, 2036 2036 - END_OF_ARGS); 2037 2037 - 2038 2038 - // opy frame to Tx ring and send MIC failure report frame to authenticator 2039 2039 - RTMPToWirelessSta(pAd, Header802_3, LENGTH_802_3, (PUCHAR)&Packet, Packet.Body_Len[1] + 4, FALSE); 2040 2040 - 2041 2041 - MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer); 2042 2042 - 2043 2043 - DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame <-----\n")); 2044 2044 - } 2045 2045 - 2046 2046 - /** from wpa_supplicant 2047 2047 - * inc_byte_array - Increment arbitrary length byte array by one 2048 2048 - * @counter: Pointer to byte array 2049 2049 - * @len: Length of the counter in bytes 2050 2050 - * 2051 2051 - * This function increments the last byte of the counter by one and continues 2052 2052 - * rolling over to more significant bytes if the byte was incremented from 2053 2053 - * 0xff to 0x00. 2054 2054 - */ 2055 2055 - void inc_byte_array(UCHAR *counter, int len) 2056 2056 - { 2057 2057 - int pos = len - 1; 2058 2058 - while (pos >= 0) { 2059 2059 - counter[pos]++; 2060 2060 - if (counter[pos] != 0) 2061 2061 - break; 2062 2062 - pos--; 2063 2063 - } 2064 2064 - } 2065 2065 - 2066 2066 - VOID WpaDisassocApAndBlockAssoc( 2067 2067 - IN PVOID SystemSpecific1, 2068 2068 - IN PVOID FunctionContext, 2069 2069 - IN PVOID SystemSpecific2, 2070 2070 - IN PVOID SystemSpecific3) 2071 2071 - { 2072 2072 - RTMP_ADAPTER *pAd = (PRTMP_ADAPTER)FunctionContext; 2073 2073 - MLME_DISASSOC_REQ_STRUCT DisassocReq; 2074 2074 - 2075 2075 - // disassoc from current AP first 2076 2076 - DBGPRINT(RT_DEBUG_TRACE, ("RTMPReportMicError - disassociate with current AP after sending second continuous EAPOL frame\n")); 2077 2077 - DisassocParmFill(pAd, &DisassocReq, pAd->CommonCfg.Bssid, REASON_MIC_FAILURE); 2078 2078 - MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_MLME_DISASSOC_REQ, sizeof(MLME_DISASSOC_REQ_STRUCT), &DisassocReq); 2079 2079 - 2080 2080 - pAd->Mlme.CntlMachine.CurrState = CNTL_WAIT_DISASSOC; 2081 2081 - pAd->StaCfg.bBlockAssoc = TRUE; 2082 2082 - } 2083 2083 - 1 1 + #include "../../rt2870/sta/wpa.c"