Jeff Johnson | 295189b | 2012-06-20 16:38:30 -0700 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright (c) 2012, Code Aurora Forum. All rights reserved. |
| 3 | * |
| 4 | * Previously licensed under the ISC license by Qualcomm Atheros, Inc. |
| 5 | * |
| 6 | * |
| 7 | * Permission to use, copy, modify, and/or distribute this software for |
| 8 | * any purpose with or without fee is hereby granted, provided that the |
| 9 | * above copyright notice and this permission notice appear in all |
| 10 | * copies. |
| 11 | * |
| 12 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL |
| 13 | * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED |
| 14 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE |
| 15 | * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL |
| 16 | * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR |
| 17 | * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER |
| 18 | * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR |
| 19 | * PERFORMANCE OF THIS SOFTWARE. |
| 20 | */ |
| 21 | |
| 22 | /* |
| 23 | * Airgo Networks, Inc proprietary. All rights reserved. |
| 24 | * This file limProcessProbeReqFrame.cc contains the code |
| 25 | * for processing Probe Request Frame. |
| 26 | * Author: Chandra Modumudi |
| 27 | * Date: 02/28/02 |
| 28 | * History:- |
| 29 | * Date Modified by Modification Information |
| 30 | * -------------------------------------------------------------------- |
| 31 | * |
| 32 | */ |
| 33 | |
| 34 | #if (WNI_POLARIS_FW_PRODUCT == AP) |
| 35 | #include "wniCfgAp.h" |
| 36 | #else |
| 37 | #include "wniCfgSta.h" |
| 38 | #endif |
| 39 | #include "aniGlobal.h" |
| 40 | #include "cfgApi.h" |
| 41 | |
| 42 | #include "utilsApi.h" |
| 43 | #include "limTypes.h" |
| 44 | #include "limUtils.h" |
| 45 | #include "limAssocUtils.h" |
| 46 | #include "limSerDesUtils.h" |
| 47 | #include "parserApi.h" |
| 48 | #include "limSession.h" |
| 49 | |
| 50 | #ifdef WLAN_FEATURE_P2P_INTERNAL |
| 51 | void limSendP2PProbeResponse(tpAniSirGlobal pMac, tANI_U8 *pBd, |
| 52 | tpPESession psessionEntry); |
| 53 | #endif |
| 54 | #ifdef WLAN_SOFTAP_FEATURE |
| 55 | void |
| 56 | |
| 57 | limSendSmeProbeReqInd(tpAniSirGlobal pMac, |
| 58 | tSirMacAddr peerMacAddr, |
| 59 | tANI_U8 *pProbeReqIE, |
| 60 | tANI_U32 ProbeReqIELen, |
| 61 | tpPESession psessionEntry); |
| 62 | |
| 63 | /** |
| 64 | * limGetWPSPBCSessions |
| 65 | * |
| 66 | *FUNCTION: |
| 67 | * This function is called to query the WPS PBC overlap |
| 68 | * |
| 69 | *LOGIC: |
| 70 | * This function check WPS PBC probe request link list for PBC overlap |
| 71 | * |
| 72 | *ASSUMPTIONS: |
| 73 | * |
| 74 | * |
| 75 | *NOTE: |
| 76 | * |
| 77 | * @param pMac Pointer to Global MAC structure |
| 78 | * @param addr A pointer to probe request source MAC addresss |
| 79 | * @param uuid_e A pointer to UUIDE element of WPS IE in WPS PBC probe request |
| 80 | * @param psessionEntry A pointer to station PE session |
| 81 | * |
| 82 | * @return None |
| 83 | */ |
| 84 | |
| 85 | void limGetWPSPBCSessions(tpAniSirGlobal pMac, tANI_U8 *addr, |
| 86 | tANI_U8 *uuid_e, eWPSPBCOverlap *overlap, |
| 87 | tpPESession psessionEntry) |
| 88 | { |
| 89 | int count = 0; |
| 90 | tSirWPSPBCSession *pbc; |
| 91 | tANI_TIMESTAMP curTime; |
| 92 | |
| 93 | curTime = (tANI_TIMESTAMP)(palGetTickCount(pMac->hHdd) / PAL_TICKS_PER_SECOND); |
| 94 | |
| 95 | palFillMemory( pMac->hHdd, (tANI_U8 *)addr, sizeof(tSirMacAddr), 0); |
| 96 | palFillMemory( pMac->hHdd, (tANI_U8 *)uuid_e, SIR_WPS_UUID_LEN, 0); |
| 97 | |
| 98 | for (pbc = psessionEntry->pAPWPSPBCSession; pbc; pbc = pbc->next) { |
| 99 | |
| 100 | if (curTime > pbc->timestamp + SIR_WPS_PBC_WALK_TIME) |
| 101 | break; |
| 102 | |
| 103 | count++; |
| 104 | if(count > 1) |
| 105 | break; |
| 106 | |
| 107 | palCopyMemory(pMac->hHdd, (tANI_U8 *)addr, (tANI_U8 *)pbc->addr, sizeof(tSirMacAddr)); |
| 108 | palCopyMemory(pMac->hHdd, (tANI_U8 *)uuid_e, (tANI_U8 *)pbc->uuid_e, SIR_WPS_UUID_LEN); |
| 109 | } |
| 110 | |
| 111 | if (count > 1) |
| 112 | { |
| 113 | *overlap = eSAP_WPSPBC_OVERLAP_IN120S; // Overlap |
| 114 | } |
| 115 | else if(count == 0) |
| 116 | { |
| 117 | *overlap = eSAP_WPSPBC_NO_WPSPBC_PROBE_REQ_IN120S; // no WPS probe request in 120 second |
| 118 | } else |
| 119 | { |
| 120 | *overlap = eSAP_WPSPBC_ONE_WPSPBC_PROBE_REQ_IN120S; // One WPS probe request in 120 second |
| 121 | } |
| 122 | |
| 123 | PELOGE(limLog(pMac, LOGE, FL("overlap = %d\n"), *overlap);) |
| 124 | PELOGE(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOGE, addr, sizeof(tSirMacAddr));) |
| 125 | PELOGE(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOGE, uuid_e, SIR_WPS_UUID_LEN);) |
| 126 | |
| 127 | return; |
| 128 | } |
| 129 | |
| 130 | /** |
| 131 | * limRemoveTimeoutPBCsessions |
| 132 | * |
| 133 | *FUNCTION: |
| 134 | * This function is called to remove the WPS PBC probe request entires from specific entry to end. |
| 135 | * |
| 136 | *LOGIC: |
| 137 | * |
| 138 | * |
| 139 | *ASSUMPTIONS: |
| 140 | * |
| 141 | * |
| 142 | *NOTE: |
| 143 | * |
| 144 | * @param pMac Pointer to Global MAC structure |
| 145 | * @param pbc The beginning entry in WPS PBC probe request link list |
| 146 | * |
| 147 | * @return None |
| 148 | */ |
| 149 | static void limRemoveTimeoutPBCsessions(tpAniSirGlobal pMac, tSirWPSPBCSession *pbc) |
| 150 | { |
| 151 | tSirWPSPBCSession *prev; |
| 152 | |
| 153 | while (pbc) { |
| 154 | prev = pbc; |
| 155 | pbc = pbc->next; |
| 156 | |
| 157 | PELOG4(limLog(pMac, LOG4, FL("WPS PBC sessions remove\n"));) |
| 158 | PELOG4(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG4, prev->addr, sizeof(tSirMacAddr));) |
| 159 | PELOG4(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG4, prev->uuid_e, SIR_WPS_UUID_LEN);) |
| 160 | |
| 161 | palFreeMemory(pMac->hHdd, prev); |
| 162 | } |
| 163 | } |
| 164 | |
| 165 | void limRemovePBCSessions(tpAniSirGlobal pMac, tSirMacAddr pRemoveMac,tpPESession psessionEntry) |
| 166 | { |
| 167 | tSirWPSPBCSession *pbc, *prev = NULL; |
| 168 | prev = pbc = psessionEntry->pAPWPSPBCSession; |
| 169 | |
| 170 | while (pbc) { |
| 171 | if (palEqualMemory(pMac->hHdd, (tANI_U8 *)pbc->addr, |
| 172 | (tANI_U8 *)pRemoveMac, sizeof(tSirMacAddr))) { |
| 173 | prev->next = pbc->next; |
| 174 | if (pbc == psessionEntry->pAPWPSPBCSession) |
| 175 | psessionEntry->pAPWPSPBCSession = pbc->next; |
| 176 | palFreeMemory(pMac->hHdd, pbc); |
| 177 | return; |
| 178 | } |
| 179 | prev = pbc; |
| 180 | pbc = pbc->next; |
| 181 | } |
| 182 | |
| 183 | } |
| 184 | |
| 185 | /** |
| 186 | * limUpdatePBCSessionEntry |
| 187 | * |
| 188 | *FUNCTION: |
| 189 | * This function is called when probe request with WPS PBC IE is received |
| 190 | * |
| 191 | *LOGIC: |
| 192 | * This function add the WPS PBC probe request in the WPS PBC probe request link list |
| 193 | * The link list is in decreased time order of probe request that is received. |
| 194 | * The entry that is more than 120 second is removed. |
| 195 | * |
| 196 | *ASSUMPTIONS: |
| 197 | * |
| 198 | * |
| 199 | *NOTE: |
| 200 | * |
| 201 | * @param pMac Pointer to Global MAC structure |
| 202 | * @param addr A pointer to probe request source MAC addresss |
| 203 | * @param uuid_e A pointer to UUIDE element of WPS IE |
| 204 | * @param psessionEntry A pointer to station PE session |
| 205 | * |
| 206 | * @return None |
| 207 | */ |
| 208 | |
| 209 | static void limUpdatePBCSessionEntry(tpAniSirGlobal pMac, |
| 210 | tANI_U8 *addr, tANI_U8 *uuid_e, |
| 211 | tpPESession psessionEntry) |
| 212 | { |
| 213 | tSirWPSPBCSession *pbc, *prev = NULL; |
| 214 | |
| 215 | tANI_TIMESTAMP curTime; |
| 216 | |
| 217 | curTime = (tANI_TIMESTAMP)(palGetTickCount(pMac->hHdd) / PAL_TICKS_PER_SECOND); |
| 218 | |
| 219 | PELOG4(limLog(pMac, LOG4, FL("Receive WPS probe reques curTime=%d\n"), curTime);) |
| 220 | PELOG4(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG4, addr, sizeof(tSirMacAddr));) |
| 221 | PELOG4(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG4, uuid_e, SIR_WPS_UUID_LEN);) |
| 222 | |
| 223 | pbc = psessionEntry->pAPWPSPBCSession; |
| 224 | |
| 225 | while (pbc) { |
| 226 | if (palEqualMemory(pMac->hHdd, (tANI_U8 *)pbc->addr, (tANI_U8 *)addr, sizeof(tSirMacAddr)) && |
| 227 | palEqualMemory(pMac->hHdd, (tANI_U8 *)pbc->uuid_e, (tANI_U8 *)uuid_e, SIR_WPS_UUID_LEN)) { |
| 228 | if (prev) |
| 229 | prev->next = pbc->next; |
| 230 | else |
| 231 | psessionEntry->pAPWPSPBCSession = pbc->next; |
| 232 | break; |
| 233 | } |
| 234 | prev = pbc; |
| 235 | pbc = pbc->next; |
| 236 | } |
| 237 | |
| 238 | if (!pbc) { |
| 239 | if (eHAL_STATUS_SUCCESS != palAllocateMemory(pMac->hHdd, |
| 240 | (void **) &pbc, sizeof(tSirWPSPBCSession))) |
| 241 | { |
| 242 | PELOGE(limLog(pMac, LOGE, FL("memory allocate failed!\n"));) |
| 243 | return; |
| 244 | } |
| 245 | palCopyMemory(pMac->hHdd, (tANI_U8 *)pbc->addr, (tANI_U8 *)addr, sizeof(tSirMacAddr)); |
| 246 | |
| 247 | if (uuid_e) |
| 248 | palCopyMemory(pMac->hHdd, (tANI_U8 *)pbc->uuid_e, (tANI_U8 *)uuid_e, SIR_WPS_UUID_LEN); |
| 249 | } |
| 250 | |
| 251 | pbc->next = psessionEntry->pAPWPSPBCSession; |
| 252 | psessionEntry->pAPWPSPBCSession = pbc; |
| 253 | pbc->timestamp = curTime; |
| 254 | |
| 255 | /* remove entries that have timed out */ |
| 256 | prev = pbc; |
| 257 | pbc = pbc->next; |
| 258 | |
| 259 | while (pbc) { |
| 260 | if (curTime > pbc->timestamp + SIR_WPS_PBC_WALK_TIME) { |
| 261 | prev->next = NULL; |
| 262 | limRemoveTimeoutPBCsessions(pMac, pbc); |
| 263 | break; |
| 264 | } |
| 265 | prev = pbc; |
| 266 | pbc = pbc->next; |
| 267 | } |
| 268 | } |
| 269 | #if 0 |
| 270 | /** |
| 271 | * limWPSPBCTimeout |
| 272 | * |
| 273 | *FUNCTION: |
| 274 | * This function is called when WPS PBC enrtries clean up timer is expired |
| 275 | * |
| 276 | *LOGIC: |
| 277 | * This function remove all the entryies that more than 120 second old |
| 278 | * |
| 279 | *ASSUMPTIONS: |
| 280 | * |
| 281 | * |
| 282 | *NOTE: |
| 283 | * |
| 284 | * @param pMac Pointer to Global MAC structure |
| 285 | * @param psessionEntry A pointer to station PE session |
| 286 | * |
| 287 | * @return None |
| 288 | */ |
| 289 | |
| 290 | void limWPSPBCTimeout(tpAniSirGlobal pMac, tpPESession psessionEntry) |
| 291 | { |
| 292 | tANI_TIMESTAMP curTime; |
| 293 | tSirWPSPBCSession *pbc, *prev = NULL; |
| 294 | |
| 295 | curTime = (tANI_TIMESTAMP)(palGetTickCount(pMac->hHdd) / PAL_TICKS_PER_SECOND); |
| 296 | |
| 297 | PELOG3(limLog(pMac, LOG3, FL("WPS PBC cleanup timeout curTime=%d\n"), curTime);) |
| 298 | |
| 299 | prev = psessionEntry->pAPWPSPBCSession; |
| 300 | if(prev) |
| 301 | pbc = prev->next; |
| 302 | else |
| 303 | return; |
| 304 | |
| 305 | while (pbc) { |
| 306 | if (curTime > pbc->timestamp + SIR_WPS_PBC_WALK_TIME) { |
| 307 | prev->next = NULL; |
| 308 | limRemoveTimeoutPBCsessions(pMac, pbc); |
| 309 | break; |
| 310 | } |
| 311 | prev = pbc; |
| 312 | pbc = pbc->next; |
| 313 | } |
| 314 | |
| 315 | if(prev) |
| 316 | { |
| 317 | if (curTime > prev->timestamp + SIR_WPS_PBC_WALK_TIME) { |
| 318 | psessionEntry->pAPWPSPBCSession = NULL; |
| 319 | limRemoveTimeoutPBCsessions(pMac, prev); |
| 320 | } |
| 321 | } |
| 322 | |
| 323 | } |
| 324 | #endif |
| 325 | /** |
| 326 | * limWPSPBCClose |
| 327 | * |
| 328 | *FUNCTION: |
| 329 | * This function is called when BSS is closed |
| 330 | * |
| 331 | *LOGIC: |
| 332 | * This function remove all the WPS PBC entries |
| 333 | * |
| 334 | *ASSUMPTIONS: |
| 335 | * |
| 336 | * |
| 337 | *NOTE: |
| 338 | * |
| 339 | * @param pMac Pointer to Global MAC structure |
| 340 | * @param psessionEntry A pointer to station PE session |
| 341 | * |
| 342 | * @return None |
| 343 | */ |
| 344 | |
| 345 | void limWPSPBCClose(tpAniSirGlobal pMac, tpPESession psessionEntry) |
| 346 | { |
| 347 | |
| 348 | limRemoveTimeoutPBCsessions(pMac, psessionEntry->pAPWPSPBCSession); |
| 349 | |
| 350 | } |
| 351 | #endif |
| 352 | |
| 353 | /** |
| 354 | * limCheck11bRates |
| 355 | * |
| 356 | *FUNCTION: |
| 357 | * This function is called by limProcessProbeReqFrame() upon |
| 358 | * Probe Request frame reception. |
| 359 | * |
| 360 | *LOGIC: |
| 361 | * This function check 11b rates in supportedRates and extendedRates rates |
| 362 | * |
| 363 | *NOTE: |
| 364 | * |
| 365 | * @param rate |
| 366 | * |
| 367 | * @return BOOLEAN |
| 368 | */ |
| 369 | |
| 370 | tANI_BOOLEAN limCheck11bRates(tANI_U8 rate) |
| 371 | { |
| 372 | if ( ( 0x02 == (rate)) |
| 373 | || ( 0x04 == (rate)) |
| 374 | || ( 0x0b == (rate)) |
| 375 | || ( 0x16 == (rate)) |
| 376 | ) |
| 377 | { |
| 378 | return TRUE; |
| 379 | } |
| 380 | return FALSE; |
| 381 | } |
| 382 | |
| 383 | /** |
| 384 | * limProcessProbeReqFrame |
| 385 | * |
| 386 | *FUNCTION: |
| 387 | * This function is called by limProcessMessageQueue() upon |
| 388 | * Probe Request frame reception. |
| 389 | * |
| 390 | *LOGIC: |
| 391 | * This function processes received Probe Request frame and responds |
| 392 | * with Probe Response. |
| 393 | * Only AP or STA in IBSS mode that sent last Beacon will respond to |
| 394 | * Probe Request. |
| 395 | * |
| 396 | *ASSUMPTIONS: |
| 397 | * 1. AP or STA in IBSS mode that sent last Beacon will always respond |
| 398 | * to Probe Request received with broadcast SSID. |
| 399 | * |
| 400 | *NOTE: |
| 401 | * 1. Dunno what to do with Rates received in Probe Request frame |
| 402 | * 2. Frames with out-of-order fields/IEs are dropped. |
| 403 | * |
| 404 | * @param pMac Pointer to Global MAC structure |
| 405 | * @param *pRxPacketInfo A pointer to Buffer descriptor + associated PDUs |
| 406 | * |
| 407 | * @return None |
| 408 | */ |
| 409 | |
| 410 | void |
| 411 | limProcessProbeReqFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession psessionEntry) |
| 412 | { |
| 413 | tANI_U8 *pBody; |
| 414 | tpSirMacMgmtHdr pHdr; |
| 415 | tANI_U32 frameLen; |
| 416 | tSirProbeReq probeReq; |
| 417 | tAniSSID ssId; |
| 418 | tSirMsgQ msgQ; |
| 419 | tSirSmeProbeReq *pSirSmeProbeReq; |
| 420 | tANI_U32 wpsApEnable=0, tmp; |
| 421 | |
| 422 | do{ |
| 423 | // Don't send probe responses if disabled |
| 424 | if (pMac->lim.gLimProbeRespDisableFlag) |
| 425 | break; |
| 426 | |
| 427 | pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo); |
| 428 | |
| 429 | if ( (psessionEntry->limSystemRole == eLIM_AP_ROLE) || |
| 430 | (psessionEntry->limSystemRole == eLIM_BT_AMP_AP_ROLE)|| |
| 431 | (psessionEntry->limSystemRole == eLIM_BT_AMP_STA_ROLE)|| |
| 432 | ( (psessionEntry->limSystemRole == eLIM_STA_IN_IBSS_ROLE) && |
| 433 | (WDA_GET_RX_BEACON_SENT(pRxPacketInfo)) ) ) |
| 434 | { |
| 435 | frameLen = WDA_GET_RX_PAYLOAD_LEN(pRxPacketInfo); |
| 436 | |
| 437 | PELOG3(limLog(pMac, LOG3, FL("Received Probe Request %d bytes from "), frameLen); |
| 438 | limPrintMacAddr(pMac, pHdr->sa, LOG3);) |
| 439 | |
| 440 | // Get pointer to Probe Request frame body |
| 441 | pBody = WDA_GET_RX_MPDU_DATA(pRxPacketInfo); |
| 442 | |
| 443 | // Parse Probe Request frame |
| 444 | if (sirConvertProbeReqFrame2Struct(pMac, pBody, frameLen, &probeReq)==eSIR_FAILURE) |
| 445 | { |
| 446 | PELOGW(limLog(pMac, LOGW, FL("Parse error ProbeRequest, length=%d, SA is:"), frameLen);) |
| 447 | limPrintMacAddr(pMac, pHdr->sa, LOGW); |
| 448 | pMac->sys.probeError++; |
| 449 | break; |
| 450 | } |
| 451 | else |
| 452 | { |
| 453 | #ifdef WLAN_FEATURE_P2P |
| 454 | if (psessionEntry->pePersona == VOS_P2P_GO_MODE) |
| 455 | { |
| 456 | tANI_U8 i = 0, rate_11b = 0, other_rates = 0; |
| 457 | // Check 11b rates in supported rates |
| 458 | for ( i = 0 ; i < probeReq.supportedRates.numRates; |
| 459 | i++ ) |
| 460 | { |
| 461 | if (limCheck11bRates(probeReq.supportedRates.rate[i] & 0x7f)) |
| 462 | { |
| 463 | rate_11b++; |
| 464 | } |
| 465 | else |
| 466 | { |
| 467 | other_rates++; |
| 468 | } |
| 469 | } |
| 470 | |
| 471 | // Check 11b rates in extended rates |
| 472 | for ( i = 0 ; i < probeReq.extendedRates.numRates; i++ ) |
| 473 | { |
| 474 | if (limCheck11bRates(probeReq.extendedRates.rate[i] & 0x7f)) |
| 475 | { |
| 476 | rate_11b++; |
| 477 | } |
| 478 | else |
| 479 | { |
| 480 | other_rates++; |
| 481 | } |
| 482 | } |
| 483 | |
| 484 | if ( (rate_11b > 0) && (other_rates == 0) ) |
| 485 | { |
| 486 | PELOG3(limLog(pMac, LOG3, |
| 487 | FL("Received a probe request frame with only 11b rates, SA is: ")); |
| 488 | limPrintMacAddr(pMac, pHdr->sa, LOG3);) |
| 489 | return; |
| 490 | } |
| 491 | } |
| 492 | #endif |
| 493 | #ifdef WLAN_SOFTAP_FEATURE |
| 494 | if ((psessionEntry->limSystemRole == eLIM_AP_ROLE)) |
| 495 | { |
| 496 | |
| 497 | if ( (psessionEntry->APWPSIEs.SirWPSProbeRspIE.FieldPresent & |
| 498 | SIR_WPS_PROBRSP_VER_PRESENT) && |
| 499 | (probeReq.wscIePresent == 1) && |
| 500 | (probeReq.probeReqWscIeInfo.DevicePasswordID.id == |
| 501 | WSC_PASSWD_ID_PUSH_BUTTON) && |
| 502 | (probeReq.probeReqWscIeInfo.UUID_E.present == 1)) |
| 503 | { |
| 504 | if(psessionEntry->fwdWPSPBCProbeReq) |
| 505 | { |
| 506 | PELOG4(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG4, |
| 507 | pHdr->sa, sizeof(tSirMacAddr));) |
| 508 | PELOG4(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG4, pBody, frameLen);) |
| 509 | limSendSmeProbeReqInd(pMac, pHdr->sa, pBody, frameLen, psessionEntry); |
| 510 | } |
| 511 | else |
| 512 | { |
| 513 | limUpdatePBCSessionEntry(pMac, |
| 514 | pHdr->sa, probeReq.probeReqWscIeInfo.UUID_E.uuid, psessionEntry); |
| 515 | } |
| 516 | } |
| 517 | } |
| 518 | else |
| 519 | { |
| 520 | #endif |
| 521 | if (wlan_cfgGetInt(pMac, (tANI_U16) WNI_CFG_WPS_ENABLE, &tmp) != eSIR_SUCCESS) |
| 522 | limLog(pMac, LOGP,"Failed to cfg get id %d\n", WNI_CFG_WPS_ENABLE ); |
| 523 | |
| 524 | wpsApEnable = tmp & WNI_CFG_WPS_ENABLE_AP; |
| 525 | if ((wpsApEnable) && |
| 526 | (probeReq.wscIePresent == 1) && |
| 527 | (probeReq.probeReqWscIeInfo.DevicePasswordID.id == WSC_PASSWD_ID_PUSH_BUTTON)) |
| 528 | { |
| 529 | // send the probe req to WSM when it is from a PBC station |
| 530 | if( eHAL_STATUS_SUCCESS != palAllocateMemory( pMac->hHdd, |
| 531 | (void **)&pSirSmeProbeReq, sizeof(tSirSmeProbeReq))) |
| 532 | { |
| 533 | // Log error |
| 534 | limLog(pMac, LOGP, |
| 535 | FL("call to palAllocateMemory failed for eWNI_SME_PROBE_REQ\n")); |
| 536 | return; |
| 537 | } |
| 538 | msgQ.type = eWNI_SME_PROBE_REQ; |
| 539 | msgQ.bodyval = 0; |
| 540 | msgQ.bodyptr = pSirSmeProbeReq; |
| 541 | #if defined(ANI_PRODUCT_TYPE_AP) && defined(ANI_LITTLE_BYTE_ENDIAN) |
| 542 | sirStoreU16N((tANI_U8*)&pSirSmeProbeReq->messageType, eWNI_SME_PROBE_REQ); |
| 543 | sirStoreU16N((tANI_U8*)&pSirSmeProbeReq->length, sizeof(tSirSmeProbeReq)); |
| 544 | #else |
| 545 | |
| 546 | pSirSmeProbeReq->messageType = eWNI_SME_PROBE_REQ; |
| 547 | pSirSmeProbeReq->length = sizeof(tSirSmeProbeReq); |
| 548 | #endif |
| 549 | pSirSmeProbeReq->sessionId = psessionEntry->smeSessionId; |
| 550 | palCopyMemory( pMac->hHdd, pSirSmeProbeReq->peerMacAddr, pHdr->sa, sizeof(tSirMacAddr)); |
| 551 | pSirSmeProbeReq->devicePasswdId = probeReq.probeReqWscIeInfo.DevicePasswordID.id; |
| 552 | MTRACE(macTraceMsgTx(pMac, 0, msgQ.type)); |
| 553 | if (limSysProcessMmhMsgApi(pMac, &msgQ, ePROT) != eSIR_SUCCESS){ |
| 554 | PELOG3(limLog(pMac, LOG3, FL("couldnt send the probe req to wsm "));) |
| 555 | } |
| 556 | } |
| 557 | #ifdef WLAN_SOFTAP_FEATURE |
| 558 | } |
| 559 | #endif |
| 560 | } |
| 561 | |
| 562 | ssId.length = psessionEntry->ssId.length; |
| 563 | /* Copy the SSID from sessio entry to local variable */ |
| 564 | palCopyMemory( pMac->hHdd, ssId.ssId, |
| 565 | psessionEntry->ssId.ssId, |
| 566 | psessionEntry->ssId.length); |
| 567 | |
| 568 | // Compare received SSID with current SSID. If they |
| 569 | // match, reply with Probe Response. |
| 570 | if (probeReq.ssId.length) |
| 571 | { |
| 572 | if (!ssId.length) |
| 573 | goto multipleSSIDcheck; |
| 574 | |
| 575 | if (palEqualMemory( pMac->hHdd,(tANI_U8 *) &ssId, |
| 576 | (tANI_U8 *) &(probeReq.ssId), (tANI_U8) (ssId.length + 1)) ) |
| 577 | { |
| 578 | limSendProbeRspMgmtFrame(pMac, pHdr->sa, &ssId, DPH_USE_MGMT_STAID, |
| 579 | DPH_NON_KEEPALIVE_FRAME, psessionEntry, |
| 580 | probeReq.p2pIePresent); |
| 581 | break; |
| 582 | } |
| 583 | #ifdef WLAN_FEATURE_P2P |
| 584 | else if (psessionEntry->pePersona == VOS_P2P_GO_MODE) |
| 585 | { |
| 586 | tANI_U8 direct_ssid[7] = "DIRECT-"; |
| 587 | tANI_U8 direct_ssid_len = 7; |
| 588 | if (palEqualMemory( pMac->hHdd, (tANI_U8 *) &direct_ssid, |
| 589 | (tANI_U8 *) &(probeReq.ssId.ssId), (tANI_U8) (direct_ssid_len)) ) |
| 590 | { |
| 591 | limSendProbeRspMgmtFrame(pMac, pHdr->sa, &ssId, DPH_USE_MGMT_STAID, |
| 592 | DPH_NON_KEEPALIVE_FRAME, psessionEntry, |
| 593 | probeReq.p2pIePresent); |
| 594 | break; |
| 595 | } |
| 596 | } |
| 597 | #endif |
| 598 | else |
| 599 | { |
| 600 | PELOG3(limLog(pMac, LOG3, |
| 601 | FL("Ignoring ProbeReq frame with unmatched SSID received from ")); |
| 602 | limPrintMacAddr(pMac, pHdr->sa, LOG3);) |
| 603 | pMac->sys.probeBadSsid++; |
| 604 | } |
| 605 | } |
| 606 | else |
| 607 | { |
| 608 | #if (WNI_POLARIS_FW_PRODUCT == AP) && (WNI_POLARIS_FW_PACKAGE == ADVANCED) |
| 609 | tANI_U32 cfg; |
| 610 | |
| 611 | if (wlan_cfgGetInt(pMac, WNI_CFG_SEND_SINGLE_SSID_ALWAYS, &cfg) |
| 612 | != eSIR_SUCCESS) |
| 613 | limLog(pMac, LOGP, FL("could not retrieve SEND_SSID_IN_PR\n")); |
| 614 | |
| 615 | if (!ssId.length && |
| 616 | (psessionEntry->pLimStartBssReq->numSSID == 1) && |
| 617 | cfg) |
| 618 | { |
| 619 | PELOG2(limLog(pMac, LOG2, FL("Sending ProbeRsp with suppressed SSID to")); |
| 620 | limPrintMacAddr(pMac, pHdr->sa, LOG2);) |
| 621 | |
| 622 | limSendProbeRspMgmtFrame( pMac, pHdr->sa, |
| 623 | (tAniSSID *) psessionEntry->pLimStartBssReq->ssIdList, |
| 624 | DPH_USE_MGMT_STAID, DPH_NON_KEEPALIVE_FRAME, psessionEntry, |
| 625 | probeReq.p2pIePresent); |
| 626 | } |
| 627 | else |
| 628 | #endif |
| 629 | { |
| 630 | // Broadcast SSID in the Probe Request. |
| 631 | // Reply with SSID we're configured with. |
| 632 | #ifdef WLAN_SOFTAP_FEATURE |
| 633 | //Turn off the SSID length to 0 if hidden SSID feature is present |
| 634 | if(psessionEntry->ssidHidden) |
| 635 | /*We are returning from here as probe request contains the broadcast SSID. |
| 636 | So no need to send the probe resp*/ |
| 637 | //ssId.length = 0; |
| 638 | return; |
| 639 | #endif |
| 640 | limSendProbeRspMgmtFrame(pMac, pHdr->sa, &ssId, DPH_USE_MGMT_STAID, |
| 641 | DPH_NON_KEEPALIVE_FRAME, psessionEntry, |
| 642 | probeReq.p2pIePresent); |
| 643 | } |
| 644 | break; |
| 645 | } |
| 646 | multipleSSIDcheck: |
| 647 | #if (WNI_POLARIS_FW_PRODUCT == AP) && (WNI_POLARIS_FW_PACKAGE == ADVANCED) |
| 648 | if (!psessionEntry->pLimStartBssReq->ssId.length) |
| 649 | { |
| 650 | tANI_U8 i; |
| 651 | |
| 652 | // Multiple SSIDs/Suppressed SSID is enabled. |
| 653 | for (i = 0; i < psessionEntry->pLimStartBssReq->numSSID; i++) |
| 654 | { |
| 655 | if (palEqualMemory( pMac->hHdd, |
| 656 | (tANI_U8 *) &psessionEntry->pLimStartBssReq->ssIdList[i], |
| 657 | (tANI_U8 *) &probeReq.ssId, |
| 658 | (tANI_U8) psessionEntry->pLimStartBssReq->ssIdList[i].length + 1)) |
| 659 | { |
| 660 | limSendProbeRspMgmtFrame( pMac, pHdr->sa, |
| 661 | (tAniSSID *) &psessionEntry->pLimStartBssReq->ssIdList[i], |
| 662 | DPH_USE_MGMT_STAID, DPH_NON_KEEPALIVE_FRAME, psessionEntry, |
| 663 | probeReq.p2pIePresent); |
| 664 | break; |
| 665 | } |
| 666 | } |
| 667 | |
| 668 | if (i == psessionEntry->pLimStartBssReq->numSSID) |
| 669 | { |
| 670 | // Local SSID does not match with received one |
| 671 | // Ignore received Probe Request frame |
| 672 | PELOG3(limLog(pMac, LOG3, |
| 673 | FL("Ignoring ProbeReq frame with unmatched SSID received from ")); |
| 674 | limPrintMacAddr(pMac, pHdr->sa, LOG3);) |
| 675 | pMac->sys.probeBadSsid++; |
| 676 | } |
| 677 | } |
| 678 | else |
| 679 | #endif |
| 680 | { |
| 681 | PELOG3(limLog(pMac, LOG3, |
| 682 | FL("Ignoring ProbeReq frame with unmatched SSID received from ")); |
| 683 | limPrintMacAddr(pMac, pHdr->sa, LOG3);) |
| 684 | pMac->sys.probeBadSsid++; |
| 685 | } |
| 686 | } |
| 687 | else |
| 688 | { |
| 689 | // Ignore received Probe Request frame |
| 690 | PELOG3(limLog(pMac, LOG3, FL("Ignoring Probe Request frame received from ")); |
| 691 | limPrintMacAddr(pMac, pHdr->sa, LOG3);) |
| 692 | pMac->sys.probeIgnore++; |
| 693 | break; |
| 694 | } |
| 695 | }while(0); |
| 696 | |
| 697 | return; |
| 698 | } /*** end limProcessProbeReqFrame() ***/ |
| 699 | |
| 700 | /** |
| 701 | * limIndicateProbeReqToHDD |
| 702 | * |
| 703 | *FUNCTION: |
| 704 | * This function is called by limProcessProbeReqFrame_multiple_BSS() upon |
| 705 | * Probe Request frame reception. |
| 706 | * |
| 707 | *LOGIC: |
| 708 | * This function processes received Probe Request frame and Pass |
| 709 | * Probe Request Frame to HDD. |
| 710 | * |
| 711 | * @param pMac Pointer to Global MAC structure |
| 712 | * @param *pBd A pointer to Buffer descriptor + associated PDUs |
| 713 | * @param psessionEntry A pointer to PE session |
| 714 | * |
| 715 | * @return None |
| 716 | */ |
| 717 | |
| 718 | #if defined WLAN_FEATURE_P2P |
| 719 | static void |
| 720 | limIndicateProbeReqToHDD(tpAniSirGlobal pMac, tANI_U8 *pBd, |
| 721 | tpPESession psessionEntry) |
| 722 | { |
| 723 | tpSirMacMgmtHdr pHdr; |
| 724 | tANI_U32 frameLen; |
| 725 | |
| 726 | limLog( pMac, LOG1, "Received a probe request frame"); |
| 727 | |
| 728 | pHdr = WDA_GET_RX_MAC_HEADER(pBd); |
| 729 | frameLen = WDA_GET_RX_PAYLOAD_LEN(pBd); |
| 730 | |
| 731 | //send the probe req to SME. |
| 732 | limSendSmeMgmtFrameInd( pMac, pHdr->fc.subType, |
| 733 | (tANI_U8*)pHdr, (frameLen + sizeof(tSirMacMgmtHdr)), |
| 734 | psessionEntry->smeSessionId, WDA_GET_RX_CH(pBd) ); |
| 735 | #ifdef WLAN_FEATURE_P2P_INTERNAL |
| 736 | limSendP2PProbeResponse(pMac, pBd, psessionEntry); |
| 737 | #endif |
| 738 | } /*** end limIndicateProbeReqToHDD() ***/ |
| 739 | #endif |
| 740 | |
| 741 | /** |
| 742 | * limProcessProbeReqFrame_multiple_BSS |
| 743 | * |
| 744 | *FUNCTION: |
| 745 | * This function is called by limProcessMessageQueue() upon |
| 746 | * Probe Request frame reception. |
| 747 | * |
| 748 | *LOGIC: |
| 749 | * This function call limIndicateProbeReqToHDD function to indicate |
| 750 | * Probe Request frame to HDD. It also call limProcessProbeReqFrame |
| 751 | * function which process received Probe Request frame and responds |
| 752 | * with Probe Response. |
| 753 | * |
| 754 | * @param pMac Pointer to Global MAC structure |
| 755 | * @param *pBd A pointer to Buffer descriptor + associated PDUs |
| 756 | * @param psessionEntry A pointer to PE session |
| 757 | * |
| 758 | * @return None |
| 759 | */ |
| 760 | |
| 761 | void |
| 762 | limProcessProbeReqFrame_multiple_BSS(tpAniSirGlobal pMac, tANI_U8 *pBd, tpPESession psessionEntry) |
| 763 | { |
| 764 | tANI_U8 i; |
| 765 | |
| 766 | if (psessionEntry != NULL) |
| 767 | { |
| 768 | #ifdef WLAN_FEATURE_P2P |
| 769 | if ((eLIM_AP_ROLE == psessionEntry->limSystemRole) |
| 770 | #ifdef WLAN_FEATURE_P2P_INTERNAL |
| 771 | || (psessionEntry->limSystemRole == eLIM_P2P_DEVICE_ROLE) |
| 772 | #endif |
| 773 | ) |
| 774 | { |
| 775 | limIndicateProbeReqToHDD(pMac, pBd, psessionEntry); |
| 776 | } |
| 777 | #endif |
| 778 | limProcessProbeReqFrame(pMac,pBd,psessionEntry); |
| 779 | return; |
| 780 | } |
| 781 | |
| 782 | for(i =0; i < pMac->lim.maxBssId;i++) |
| 783 | { |
| 784 | psessionEntry = peFindSessionBySessionId(pMac,i); |
| 785 | if ( (psessionEntry != NULL) ) |
| 786 | { |
| 787 | #ifdef WLAN_FEATURE_P2P |
| 788 | if ((eLIM_AP_ROLE == psessionEntry->limSystemRole) |
| 789 | #ifdef WLAN_FEATURE_P2P_INTERNAL |
| 790 | || (psessionEntry->limSystemRole == eLIM_P2P_DEVICE_ROLE) |
| 791 | #endif |
| 792 | ) |
| 793 | { |
| 794 | limIndicateProbeReqToHDD(pMac, pBd, psessionEntry); |
| 795 | } |
| 796 | #endif |
| 797 | if ( (eLIM_AP_ROLE == psessionEntry->limSystemRole) || |
| 798 | (eLIM_STA_IN_IBSS_ROLE == psessionEntry->limSystemRole) || |
| 799 | (eLIM_BT_AMP_AP_ROLE == psessionEntry->limSystemRole) || |
| 800 | (eLIM_BT_AMP_STA_ROLE == psessionEntry->limSystemRole) |
| 801 | ) |
| 802 | { |
| 803 | limProcessProbeReqFrame(pMac,pBd,psessionEntry); |
| 804 | } |
| 805 | } |
| 806 | } |
| 807 | |
| 808 | } /*** end limProcessProbeReqFrame_multiple_BSS() ***/ |
| 809 | |
| 810 | #ifdef WLAN_SOFTAP_FEATURE |
| 811 | /** |
| 812 | * limSendSmeProbeReqInd() |
| 813 | * |
| 814 | *FUNCTION: |
| 815 | * This function is to send |
| 816 | * eWNI_SME_WPS_PBC_PROBE_REQ_IND message to host |
| 817 | * |
| 818 | *PARAMS: |
| 819 | * |
| 820 | *LOGIC: |
| 821 | * |
| 822 | *ASSUMPTIONS: |
| 823 | * NA |
| 824 | * |
| 825 | *NOTE: |
| 826 | * This function is used for sending eWNI_SME_WPS_PBC_PROBE_REQ_IND |
| 827 | * to host. |
| 828 | * |
| 829 | * @param peerMacAddr Indicates the peer MAC addr that the probe request |
| 830 | * is generated. |
| 831 | * @param pProbeReqIE pointer to RAW probe request IE |
| 832 | * @param ProbeReqIELen The length of probe request IE. |
| 833 | * @param psessionEntry A pointer to PE session |
| 834 | * |
| 835 | * @return None |
| 836 | */ |
| 837 | void |
| 838 | limSendSmeProbeReqInd(tpAniSirGlobal pMac, |
| 839 | tSirMacAddr peerMacAddr, |
| 840 | tANI_U8 *pProbeReqIE, |
| 841 | tANI_U32 ProbeReqIELen, |
| 842 | tpPESession psessionEntry) |
| 843 | { |
| 844 | tSirSmeProbeReqInd *pSirSmeProbeReqInd; |
| 845 | tSirMsgQ msgQ; |
| 846 | |
| 847 | if( eHAL_STATUS_SUCCESS != palAllocateMemory( pMac->hHdd, (void **)&pSirSmeProbeReqInd, sizeof(tSirSmeProbeReqInd))) |
| 848 | { |
| 849 | // Log error |
| 850 | limLog(pMac, LOGP, |
| 851 | FL("call to palAllocateMemory failed for eWNI_SME_PROBE_REQ\n")); |
| 852 | return; |
| 853 | } |
| 854 | |
| 855 | msgQ.type = eWNI_SME_WPS_PBC_PROBE_REQ_IND; |
| 856 | msgQ.bodyval = 0; |
| 857 | msgQ.bodyptr = pSirSmeProbeReqInd; |
| 858 | |
| 859 | pSirSmeProbeReqInd->messageType = eWNI_SME_WPS_PBC_PROBE_REQ_IND; |
| 860 | pSirSmeProbeReqInd->length = sizeof(tSirSmeProbeReq); |
| 861 | pSirSmeProbeReqInd->sessionId = psessionEntry->smeSessionId; |
| 862 | |
| 863 | palCopyMemory( pMac->hHdd, pSirSmeProbeReqInd->bssId, psessionEntry->bssId, sizeof(tSirMacAddr)); |
| 864 | palCopyMemory( pMac->hHdd, pSirSmeProbeReqInd->WPSPBCProbeReq.peerMacAddr, peerMacAddr, sizeof(tSirMacAddr)); |
| 865 | |
| 866 | MTRACE(macTraceMsgTx(pMac, 0, msgQ.type)); |
| 867 | pSirSmeProbeReqInd->WPSPBCProbeReq.probeReqIELen = (tANI_U16)ProbeReqIELen; |
| 868 | palCopyMemory( pMac->hHdd, pSirSmeProbeReqInd->WPSPBCProbeReq.probeReqIE, pProbeReqIE, ProbeReqIELen); |
| 869 | |
| 870 | if (limSysProcessMmhMsgApi(pMac, &msgQ, ePROT) != eSIR_SUCCESS){ |
| 871 | PELOGE(limLog(pMac, LOGE, FL("couldnt send the probe req to hdd"));) |
| 872 | } |
| 873 | |
| 874 | } /*** end limSendSmeProbeReqInd() ***/ |
| 875 | #endif |
| 876 | #ifdef WLAN_FEATURE_P2P_INTERNAL |
| 877 | void limSendP2PProbeResponse(tpAniSirGlobal pMac, tANI_U8 *pBd, |
| 878 | tpPESession psessionEntry) |
| 879 | { |
| 880 | tAniSSID ssId = { P2P_WILDCARD_SSID_LEN, P2P_WILDCARD_SSID }; |
| 881 | tANI_U8 *pBody; |
| 882 | tpSirMacMgmtHdr pHdr; |
| 883 | tANI_U32 frameLen; |
| 884 | tSirProbeReq probeReq; |
| 885 | |
| 886 | pHdr = WDA_GET_RX_MAC_HEADER(pBd); |
| 887 | // Get pointer to Probe Request frame body |
| 888 | pBody = WDA_GET_RX_MPDU_DATA(pBd); |
| 889 | |
| 890 | if( (pBody[0] == 0) && (pBody[1] == ssId.length) && |
| 891 | (palEqualMemory( pMac->hHdd, ssId.ssId, pBody + 2, |
| 892 | ssId.length))) |
| 893 | { |
| 894 | // Parse Probe Request frame |
| 895 | frameLen = WDA_GET_RX_PAYLOAD_LEN(pBd); |
| 896 | if (eSIR_FAILURE == sirConvertProbeReqFrame2Struct(pMac, pBody, frameLen, &probeReq)) |
| 897 | { |
| 898 | PELOGW(limLog(pMac, LOGW, FL("Parse error ProbeRequest, length=%d, SA is:"), frameLen);) |
| 899 | limPrintMacAddr(pMac, pHdr->sa, LOGW); |
| 900 | pMac->sys.probeError++; |
| 901 | return; |
| 902 | } |
| 903 | |
| 904 | if (psessionEntry->pePersona == VOS_P2P_GO_MODE) |
| 905 | { |
| 906 | ssId.length = psessionEntry->ssId.length; |
| 907 | palCopyMemory(pMac->hHdd, ssId.ssId, psessionEntry->ssId.ssId,psessionEntry->ssId.length); |
| 908 | limSendProbeRspMgmtFrame(pMac, pHdr->sa, &ssId, DPH_USE_MGMT_STAID, DPH_NON_KEEPALIVE_FRAME, |
| 909 | psessionEntry, probeReq.p2pIePresent ); |
| 910 | } |
| 911 | else |
| 912 | { |
| 913 | limSendProbeRspMgmtFrame(pMac, pHdr->sa, &ssId, DPH_USE_MGMT_STAID, DPH_NON_KEEPALIVE_FRAME, |
| 914 | psessionEntry, probeReq.p2pIePresent ); |
| 915 | } |
| 916 | } |
| 917 | } |
| 918 | #endif //#ifdef WLAN_FEATURE_P2P_INTERNAL |