[WCNCR00152277] softap: fix AP auth/assoc FSM after AP PMF connection
[Description]
Fix AP PMF test case 4.3.3.4
Change-Id: I410f89cbd776304388df1cd7a9209d5b66ea84ce
Signed-off-by: Bennett Ou <bennett.ou@mediatek.com>
CR-Id: WCNCR00152277
Feature: softap/pmf
diff --git a/mgmt/aaa_fsm.c b/mgmt/aaa_fsm.c
index 3e9b48d..514087f 100644
--- a/mgmt/aaa_fsm.c
+++ b/mgmt/aaa_fsm.c
@@ -304,32 +304,48 @@
prBssInfo = p2pFuncBSSIDFindBssInfo(prAdapter, prAuthFrame->aucBSSID);
/* 4 <1> Check P2P network conditions */
- if (prBssInfo && prAdapter->fgIsP2PRegistered) {
- if (prBssInfo->fgIsNetActive) {
+ /* if (prBssInfo && prAdapter->fgIsP2PRegistered) */
+ /* modify coding sytle to reduce indent */
- /* 4 <1.1> Validate Auth Frame by Auth Algorithm/Transation Seq */
- if (WLAN_STATUS_SUCCESS ==
- authProcessRxAuth1Frame(prAdapter,
- prSwRfb,
- prBssInfo->aucBSSID,
- AUTH_ALGORITHM_NUM_OPEN_SYSTEM,
- AUTH_TRANSACTION_SEQ_1, &u2StatusCode)) {
+ if (!prAdapter->fgIsP2PRegistered)
+ goto bow_proc;
- if (u2StatusCode == STATUS_CODE_SUCCESSFUL) {
- /* 4 <1.2> Validate Auth Frame for Network Specific Conditions */
- fgReplyAuth = p2pFuncValidateAuth(prAdapter,
- prBssInfo,
- prSwRfb, &prStaRec, &u2StatusCode);
- } else {
- fgReplyAuth = TRUE;
+ if (prBssInfo && prBssInfo->fgIsNetActive) {
+
+ /* 4 <1.1> Validate Auth Frame by Auth Algorithm/Transation Seq */
+ if (WLAN_STATUS_SUCCESS ==
+ authProcessRxAuth1Frame(prAdapter,
+ prSwRfb,
+ prBssInfo->aucBSSID,
+ AUTH_ALGORITHM_NUM_OPEN_SYSTEM,
+ AUTH_TRANSACTION_SEQ_1, &u2StatusCode)) {
+
+ if (u2StatusCode == STATUS_CODE_SUCCESSFUL) {
+ DBGLOG(AAA, TRACE, "process RxAuth status success\n");
+ /* 4 <1.2> Validate Auth Frame for Network Specific Conditions */
+ fgReplyAuth = p2pFuncValidateAuth(prAdapter,
+ prBssInfo,
+ prSwRfb, &prStaRec, &u2StatusCode);
+
+#if CFG_SUPPORT_802_11W
+ /* AP PMF, if PMF connection, ignore Rx auth */
+ /* Certification 4.3.3.4 */
+ if (rsnCheckBipKeyInstalled(prAdapter, prStaRec)) {
+ DBGLOG(AAA, INFO, "Drop RxAuth\n");
+ return;
}
- break;
+#endif
+ } else {
+ fgReplyAuth = TRUE;
}
+ break;
}
}
#endif /* CFG_ENABLE_WIFI_DIRECT */
+bow_proc:
+
/* 4 <2> Check BOW network conditions */
#if CFG_ENABLE_BT_OVER_WIFI
{
@@ -466,6 +482,9 @@
if (!IS_CLIENT_STA(prStaRec))
break;
+ DBGLOG(AAA, TRACE, "RxAssoc enter ucStaState:%d, eAuthassocState:%d\n",
+ prStaRec->ucStaState, prStaRec->eAuthAssocState);
+
if (prStaRec->ucStaState == STA_STATE_3) {
/* Do Reassocation */
} else if ((prStaRec->ucStaState == STA_STATE_2) &&
@@ -681,6 +700,9 @@
prBssInfo = GET_BSS_INFO_BY_INDEX(prAdapter, prStaRec->ucBssIndex);
+ DBGLOG(AAA, LOUD, "TxDone ucStaState:%d, eAuthAssocState:%d\n",
+ prStaRec->ucStaState, prStaRec->eAuthAssocState);
+
/* Trigger statistics log if Auth/Assoc Tx failed */
if (rTxDoneStatus != TX_RESULT_SUCCESS)
wlanTriggerStatsLog(prAdapter, prAdapter->rWifiVar.u4StatsLogDuration);
@@ -791,6 +813,9 @@
break; /* Ignore other cases */
}
+ DBGLOG(AAA, LOUD, "TxDone end ucStaState:%d, eAuthAssocState:%d\n",
+ prStaRec->ucStaState, prStaRec->eAuthAssocState);
+
return WLAN_STATUS_SUCCESS;
} /* end of aaaFsmRunEventTxDone() */
diff --git a/mgmt/p2p_func.c b/mgmt/p2p_func.c
index a9f2df7..f851d59 100644
--- a/mgmt/p2p_func.c
+++ b/mgmt/p2p_func.c
@@ -2070,6 +2070,7 @@
IN P_SW_RFB_T prSwRfb, IN PP_STA_RECORD_T pprStaRec, OUT PUINT_16 pu2StatusCode)
{
BOOLEAN fgReplyAuth = TRUE;
+ BOOLEAN fgPmfConn = FALSE;
P_STA_RECORD_T prStaRec = (P_STA_RECORD_T) NULL;
P_WLAN_AUTH_FRAME_T prAuthFrame = (P_WLAN_AUTH_FRAME_T) NULL;
@@ -2119,6 +2120,15 @@
/* NOTE(Kevin): Better to change state here, not at TX Done */
cnmStaRecChangeState(prAdapter, prStaRec, STA_STATE_1);
} else {
+#if CFG_SUPPORT_802_11W
+ /* AP PMF. if PMF connection, do not reset state & FSM */
+ fgPmfConn = rsnCheckBipKeyInstalled(prAdapter, prStaRec);
+ if (fgPmfConn) {
+ DBGLOG(P2P, WARN, "PMF Connction, return false\n");
+ return FALSE;
+ }
+#endif
+
prSwRfb->ucStaRecIdx = prStaRec->ucIndex;
if ((prStaRec->ucStaState > STA_STATE_1) && (IS_STA_IN_P2P(prStaRec))) {
@@ -2636,6 +2646,7 @@
prP2pBssInfo->u4RsnSelectedPairwiseCipher = RSN_CIPHER_SUITE_CCMP;
prP2pBssInfo->u4RsnSelectedAKMSuite = RSN_AKM_SUITE_PSK;
prP2pBssInfo->u2RsnSelectedCapInfo = rRsnIe.u2RsnCap;
+ DBGLOG(RSN, TRACE, "RsnIe CAP:0x%x\n", rRsnIe.u2RsnCap);
}
#if CFG_SUPPORT_802_11W
diff --git a/mgmt/rsn.c b/mgmt/rsn.c
index 101fc52..14972b4 100644
--- a/mgmt/rsn.c
+++ b/mgmt/rsn.c
@@ -1311,15 +1311,7 @@
(GET_BSS_INFO_BY_INDEX(prAdapter, ucBssIndex)->eCurrentOPMode ==
(UINT_8) OP_MODE_ACCESS_POINT)) {
/* AP PMF */
- if (prBssInfo->rApPmfCfg.fgMfpr) {
- WLAN_SET_FIELD_16(cp, ELEM_WPA_CAP_MFPC | ELEM_WPA_CAP_MFPR); /* Capabilities */
- DBGLOG(RSN, TRACE, "AP RSN_AUTH_MFP - MFPC & MFPR\n");
- } else if (prBssInfo->rApPmfCfg.fgMfpc) {
- WLAN_SET_FIELD_16(cp, ELEM_WPA_CAP_MFPC); /* Capabilities */
- DBGLOG(RSN, TRACE, "AP RSN_AUTH_MFP - MFPC\n");
- } else {
- DBGLOG(RSN, TRACE, "!AP RSN_AUTH_MFP - No MFPC!\n");
- }
+ /* for AP mode, keep origin RSN IE content w/o update */
}
#else
/* Capabilities */
@@ -2532,6 +2524,7 @@
if ((rsnCheckBipKeyInstalled(prAdapter, prStaRec) == TRUE) &&
(prStaRec->u2StatusCode == STATUS_CODE_ASSOC_REJECTED_TEMPORARILY)) {
+ DBGLOG(RSN, INFO, "rsnPmfGenerateTimeoutIE TRUE\n");
prTimeout->ucId = ELEM_ID_TIMEOUT_INTERVAL;
prTimeout->ucLength = ELEM_MAX_LEN_TIMEOUT_IE;
prTimeout->ucType = IE_TIMEOUT_INTERVAL_TYPE_ASSOC_COMEBACK;
@@ -2609,7 +2602,7 @@
ASSERT(prStaRec);
- DBGLOG(RSN, INFO, "MFP: AP Start Sa Query\n");
+ DBGLOG(RSN, INFO, "MFP: AP Start Sa Query timer\n");
prBssInfo = GET_BSS_INFO_BY_INDEX(prAdapter, prStaRec->ucBssIndex);
@@ -2631,8 +2624,8 @@
if (rsnCheckBipKeyInstalled(prAdapter, prStaRec))
prTxFrame->u2FrameCtrl |= MASK_FC_PROTECTED_FRAME;
COPY_MAC_ADDR(prTxFrame->aucDestAddr, prStaRec->aucMacAddr);
- COPY_MAC_ADDR(prTxFrame->aucSrcAddr, prBssInfo->aucOwnMacAddr);
- COPY_MAC_ADDR(prTxFrame->aucBSSID, prBssInfo->aucOwnMacAddr);
+ COPY_MAC_ADDR(prTxFrame->aucSrcAddr, prBssInfo->aucBSSID);
+ COPY_MAC_ADDR(prTxFrame->aucBSSID, prBssInfo->aucBSSID);
prTxFrame->ucCategory = CATEGORY_SA_QUERY_ACTION;
prTxFrame->ucAction = ACTION_SA_QUERY_REQUEST;
@@ -2648,6 +2641,8 @@
prStaRec->rPmfCfg.u2TransactionID = (UINT_16) (kalRandomNumber() & 0xFFFF);
}
+ DBGLOG(RSN, INFO, "SAQ transaction id:%d\n", prStaRec->rPmfCfg.u2TransactionID);
+
/* trnsform U16 to U8 array */
prTxFrame->ucTransId[0] = ((prStaRec->rPmfCfg.u2TransactionID & 0xff00) >> 8);
prTxFrame->ucTransId[1] = ((prStaRec->rPmfCfg.u2TransactionID & 0x00ff) >> 0);
@@ -2741,26 +2736,26 @@
P_STA_RECORD_T prStaRec;
P_ACTION_SA_QUERY_FRAME prTxFrame;
- prBssInfo = prAdapter->prAisBssInfo;
- ASSERT(prBssInfo);
-
if (!prSwRfb)
return;
- prRxFrame = (P_ACTION_SA_QUERY_FRAME) prSwRfb->pvHeader;
- if (!prRxFrame)
- return;
-
prStaRec = cnmGetStaRecByIndex(prAdapter, prSwRfb->ucStaRecIdx);
if (!prStaRec) /* Todo:: for not AIS check */
return;
- DBGLOG(RSN, INFO, "IEEE 802.11: Received SA Query Request from " MACSTR "\n", MAC2STR(prStaRec->aucMacAddr));
+ prBssInfo = GET_BSS_INFO_BY_INDEX(prAdapter, prStaRec->ucBssIndex);
+ ASSERT(prBssInfo);
+
+ prRxFrame = (P_ACTION_SA_QUERY_FRAME) prSwRfb->pvHeader;
+ if (!prRxFrame)
+ return;
+
+ DBGLOG(RSN, INFO, "IEEE 802.11: AP Received SA Query Request from " MACSTR "\n", MAC2STR(prStaRec->aucMacAddr));
DBGLOG_MEM8(RSN, INFO, prRxFrame->ucTransId, ACTION_SA_QUERY_TR_ID_LEN);
if (!rsnCheckBipKeyInstalled(prAdapter, prStaRec)) {
- DBGLOG(RSN, INFO, "IEEE 802.11: Ignore SA Query Request non-PMF STA "
+ DBGLOG(RSN, INFO, "IEEE 802.11: AP Ignore SA Query Request non-PMF STA "
MACSTR "\n", MAC2STR(prStaRec->aucMacAddr));
return;
}
@@ -2772,12 +2767,24 @@
if (!prMsduInfo)
return;
+ /* drop cipher mismatch */
+ if (rsnCheckBipKeyInstalled(prAdapter, prStaRec)) {
+ if (HAL_RX_STATUS_IS_CIPHER_MISMATCH(prSwRfb->prRxStatus) ||
+ HAL_RX_STATUS_IS_CLM_ERROR(prSwRfb->prRxStatus)) {
+ /* if cipher mismatch, or incorrect encrypt, just drop */
+ DBGLOG(RSN, ERROR, "drop SAQ req CM/CLM=1\n");
+ return;
+ }
+ }
+
prTxFrame = (P_ACTION_SA_QUERY_FRAME)
((ULONG) (prMsduInfo->prPacket) + MAC_TX_RESERVED_FIELD);
prTxFrame->u2FrameCtrl = MAC_FRAME_ACTION;
- if (rsnCheckBipKeyInstalled(prAdapter, prStaRec))
+ if (rsnCheckBipKeyInstalled(prAdapter, prStaRec)) {
prTxFrame->u2FrameCtrl |= MASK_FC_PROTECTED_FRAME;
+ DBGLOG(RSN, INFO, "AP SAQ resp set FC PF bit\n");
+ }
COPY_MAC_ADDR(prTxFrame->aucDestAddr, prStaRec->aucMacAddr);
COPY_MAC_ADDR(prTxFrame->aucSrcAddr, prBssInfo->aucBSSID);
COPY_MAC_ADDR(prTxFrame->aucBSSID, prBssInfo->aucBSSID);
@@ -2797,7 +2804,7 @@
WLAN_MAC_MGMT_HEADER_LEN, WLAN_MAC_MGMT_HEADER_LEN + u2PayloadLen, NULL, MSDU_RATE_MODE_AUTO);
if (rsnCheckBipKeyInstalled(prAdapter, prStaRec)) {
- DBGLOG(RSN, INFO, "SAQ Set MSDU_OPT_PROTECTED_FRAME\n");
+ DBGLOG(RSN, INFO, "AP SAQ resp set MSDU_OPT_PROTECTED_FRAME\n");
nicTxConfigPktOption(prMsduInfo, MSDU_OPT_PROTECTED_FRAME, TRUE);
}
@@ -2825,6 +2832,7 @@
prRxFrame = (P_ACTION_SA_QUERY_FRAME) prSwRfb->pvHeader;
prStaRec = cnmGetStaRecByIndex(prAdapter, prSwRfb->ucStaRecIdx);
+ DBGLOG(RSN, TRACE, "AP PMF SAQ action enter from " MACSTR "\n", MAC2STR(prStaRec->aucMacAddr));
if (prSwRfb->u2PacketLen < ACTION_SA_QUERY_TR_ID_LEN) {
DBGLOG(RSN, INFO, "IEEE 802.11: Too short SA Query Action frame (len=%lu)\n",
(unsigned long)prSwRfb->u2PacketLen);
@@ -2832,7 +2840,7 @@
}
if (prRxFrame->ucAction == ACTION_SA_QUERY_REQUEST) {
- rsnSaQueryRequest(prAdapter, prSwRfb);
+ rsnApSaQueryRequest(prAdapter, prSwRfb);
return;
}
@@ -2849,10 +2857,10 @@
/* transform to network byte order */
u2SwapTrID = htons(prStaRec->rPmfCfg.u2TransactionID);
if (kalMemCmp((UINT_8 *)&u2SwapTrID, prRxFrame->ucTransId, ACTION_SA_QUERY_TR_ID_LEN) == 0) {
- DBGLOG(RSN, INFO, "Reply to SA Query received\n");
+ DBGLOG(RSN, INFO, "AP Reply to SA Query received\n");
rsnApStopSaQuery(prAdapter, prStaRec);
} else {
- DBGLOG(RSN, INFO, "IEEE 802.11: No matching SA Query transaction identifier found\n");
+ DBGLOG(RSN, INFO, "IEEE 802.11: AP No matching SA Query transaction identifier found\n");
}
}
diff --git a/nic/nic_rx.c b/nic/nic_rx.c
index 914f272..d372f40 100644
--- a/nic/nic_rx.c
+++ b/nic/nic_rx.c
@@ -3216,7 +3216,7 @@
return WLAN_STATUS_INVALID_PACKET;
prActFrame = (P_WLAN_ACTION_FRAME) prSwRfb->pvHeader;
- /* DBGLOG(RSN, TRACE, ("[Rx] nicRxProcessActionFrame\n")); */
+ DBGLOG(RSN, INFO, "Action frame category=%d\n", prActFrame->ucCategory);
#if CFG_SUPPORT_802_11W
if ((prActFrame->ucCategory <= CATEGORY_PROTECTED_DUAL_OF_PUBLIC_ACTION &&
@@ -3242,7 +3242,7 @@
return WLAN_STATUS_INVALID_PACKET;
}
}
- /* DBGLOG(RSN, TRACE, ("[Rx] pre check done, handle cateory %d\n", prActFrame->ucCategory)); */
+ /* DBGLOG(RSN, INFO, "[Rx] pre check done, handle cateory %d\n", prActFrame->ucCategory); */
#endif
if (prSwRfb->prStaRec)
@@ -3311,6 +3311,7 @@
} else if ((prBssInfo->eNetworkType == NETWORK_TYPE_P2P) &&
(prBssInfo->eCurrentOPMode == OP_MODE_ACCESS_POINT)) {
/* AP PMF */
+ DBGLOG(RSN, INFO, "[Rx] nicRx AP PMF SAQ action\n");
if (rsnCheckBipKeyInstalled(prAdapter, prSwRfb->prStaRec)) {
/* MFP test plan 4.3.3.4 */
rsnApSaQueryAction(prAdapter, prSwRfb);