diff options
author | PixelBot AutoMerger <android-nexus-securitybot@system.gserviceaccount.com> | 2021-01-22 14:10:41 -0800 |
---|---|---|
committer | SecurityBot <android-nexus-securitybot@system.gserviceaccount.com> | 2021-01-22 14:10:41 -0800 |
commit | 975c69ccdd476f3aec539d96135f42bd05fa7d39 (patch) | |
tree | 32997689714c0a08736e1fe2a4a3d6be9a9e06e6 | |
parent | 3aacb454c72545f386c01e790b61f430d96438aa (diff) | |
parent | de3765aae4c9b73631bb882d49e034e49e8fe383 (diff) | |
download | qcacld-android-msm-bonito-4.9-s-preview-3.tar.gz |
Merge android-msm-pixel-4.9-rvc-qpr3 into android-msm-pixel-4.9android-s-preview-3_r0.2android-s-preview-3_r0.1android-s-preview-2_r0.2android-s-preview-2_r0.1android-s-beta-1_r0.1android-msm-crosshatch-4.9-s-preview-3android-msm-crosshatch-4.9-s-preview-2android-msm-crosshatch-4.9-s-beta-1android-msm-bonito-4.9-s-preview-3android-msm-bonito-4.9-s-preview-2
SBMerger: 351186807
Change-Id: Ib84257df086eeb97b636391aae01f7f2aa3b4538
Signed-off-by: SecurityBot <android-nexus-securitybot@system.gserviceaccount.com>
-rw-r--r-- | core/mac/inc/sir_api.h | 13 | ||||
-rw-r--r-- | core/mac/src/pe/lim/lim_api.c | 63 | ||||
-rw-r--r-- | core/sme/inc/csr_internal.h | 1 | ||||
-rw-r--r-- | core/sme/inc/csr_support.h | 10 | ||||
-rw-r--r-- | core/sme/src/csr/csr_api_roam.c | 1 | ||||
-rw-r--r-- | core/sme/src/csr/csr_util.c | 12 | ||||
-rw-r--r-- | core/wma/src/wma_scan_roam.c | 14 |
7 files changed, 99 insertions, 15 deletions
diff --git a/core/mac/inc/sir_api.h b/core/mac/inc/sir_api.h index 37c11874bd..3634f4288a 100644 --- a/core/mac/inc/sir_api.h +++ b/core/mac/inc/sir_api.h @@ -220,6 +220,18 @@ typedef enum { #endif +/* RSN capabilities structure */ + +struct rsn_caps { + uint16_t PreAuthSupported:1; + uint16_t NoPairwise:1; + uint16_t PTKSAReplayCounter:2; + uint16_t GTKSAReplayCounter:2; + uint16_t MFPRequired:1; + uint16_t MFPCapable:1; + uint16_t Reserved:8; +}; + /** * enum sir_roam_op_code - Operation to be done by the callback. * @SIR_ROAM_SYNCH_PROPAGATION: Propagate the new BSS info after roaming. @@ -3702,6 +3714,7 @@ typedef struct sSirRoamOffloadScanReq { struct roam_fils_params roam_fils_params; #endif struct scoring_param score_params; + struct rsn_caps rsn_caps; struct wmi_11k_offload_params offload_11k_params; } tSirRoamOffloadScanReq, *tpSirRoamOffloadScanReq; diff --git a/core/mac/src/pe/lim/lim_api.c b/core/mac/src/pe/lim/lim_api.c index 5a7f43ce60..2939f1561c 100644 --- a/core/mac/src/pe/lim/lim_api.c +++ b/core/mac/src/pe/lim/lim_api.c @@ -1801,6 +1801,68 @@ void lim_fill_join_rsp_ht_caps(tpPESession session, tpSirSmeJoinRsp join_rsp) #endif #ifdef WLAN_FEATURE_ROAM_OFFLOAD +#ifdef WLAN_FEATURE_11W +static void pe_set_rmf_caps(tpAniSirGlobal mac_ctx, + tpPESession ft_session, + roam_offload_synch_ind *roam_synch) +{ + uint8_t *assoc_body; + uint16_t len, ret; + tDot11fReAssocRequest *assoc_req; + uint32_t status; + tSirMacRsnInfo rsn_ie; + tDot11fIERSN parse_rsn = {0}; + + assoc_body = (uint8_t *)roam_synch + roam_synch->reassoc_req_offset + + sizeof(tSirMacMgmtHdr); + len = roam_synch->reassoc_req_length - sizeof(tSirMacMgmtHdr); + + assoc_req = qdf_mem_malloc(sizeof(*assoc_req)); + if (!assoc_req) + return; + + /* delegate to the framesc-generated code, */ + status = dot11f_unpack_re_assoc_request(mac_ctx, assoc_body, len, + assoc_req, false); + if (DOT11F_FAILED(status)) { + pe_err("Failed to parse a Re-association Request (0x%08x, %d bytes):", + status, len); + QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_PE, QDF_TRACE_LEVEL_INFO, + assoc_body, len); + qdf_mem_free(assoc_req); + return; + } else if (DOT11F_WARNED(status)) { + pe_debug("There were warnings while unpacking a Re-association Request (0x%08x, %d bytes):", + status, len); + } + ft_session->limRmfEnabled = false; + if (!assoc_req->RSNOpaque.present) { + qdf_mem_free(assoc_req); + return; + } + rsn_ie.info[0] = 48; + rsn_ie.info[1] = assoc_req->RSNOpaque.num_data; + + rsn_ie.length = assoc_req->RSNOpaque.num_data + 2; + qdf_mem_copy(&rsn_ie.info[2], assoc_req->RSNOpaque.data, + assoc_req->RSNOpaque.num_data); + qdf_mem_free(assoc_req); + + ret = dot11f_unpack_ie_rsn(mac_ctx, &rsn_ie.info[2], + rsn_ie.length - 2, &parse_rsn, false); + if (DOT11F_FAILED(ret)) + return; + + ft_session->limRmfEnabled = parse_rsn.RSN_Cap[0] & 0x80; +} +#else +static inline void pe_set_rmf_caps(tpAniSirGlobal mac_ctx, + tpPESession ft_session, + roam_offload_synch_ind *roam_synch) +{ +} +#endif + /** * sir_parse_bcn_fixed_fields() - Parse fixed fields in Beacon IE's * @@ -2147,6 +2209,7 @@ QDF_STATUS pe_roam_synch_callback(tpAniSirGlobal mac_ctx, /* Next routine will update nss and vdev_nss with AP's capabilities */ lim_fill_ft_session(mac_ctx, bss_desc, ft_session_ptr, session_ptr); + pe_set_rmf_caps(mac_ctx, ft_session_ptr, roam_sync_ind_ptr); /* Next routine may update nss based on dot11Mode */ lim_ft_prepare_add_bss_req(mac_ctx, false, ft_session_ptr, bss_desc); roam_sync_ind_ptr->add_bss_params = diff --git a/core/sme/inc/csr_internal.h b/core/sme/inc/csr_internal.h index ec16f7b2ca..63dabe328a 100644 --- a/core/sme/inc/csr_internal.h +++ b/core/sme/inc/csr_internal.h @@ -1045,6 +1045,7 @@ typedef struct tagCsrRoamSession { bool ignore_assoc_disallowed; bool discon_in_progress; struct csr_disconnect_stats disconnect_stats; + struct rsn_caps rsn_caps; } tCsrRoamSession; typedef struct tagCsrRoamStruct { diff --git a/core/sme/inc/csr_support.h b/core/sme/inc/csr_support.h index 532fe5aa22..a9a0fd5c14 100644 --- a/core/sme/inc/csr_support.h +++ b/core/sme/inc/csr_support.h @@ -175,16 +175,6 @@ typedef struct tagCsrRSNAuthIe { } qdf_packed AuthOui[1]; } qdf_packed tCsrRSNAuthIe; -typedef struct tagCsrRSNCapabilities { - uint16_t PreAuthSupported:1; - uint16_t NoPairwise:1; - uint16_t PTKSAReplayCounter:2; - uint16_t GTKSAReplayCounter:2; - uint16_t MFPRequired:1; - uint16_t MFPCapable:1; - uint16_t Reserved:8; -} qdf_packed tCsrRSNCapabilities; - typedef struct tagCsrRSNPMKIe { uint16_t cPMKIDs; struct { diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c index 2719d629d9..51ff2f868b 100644 --- a/core/sme/src/csr/csr_api_roam.c +++ b/core/sme/src/csr/csr_api_roam.c @@ -18878,6 +18878,7 @@ csr_create_roam_scan_offload_request(tpAniSirGlobal mac_ctx, roam_info->cfgParams.nRoamBmissFinalBcnt; req_buf->RoamBeaconRssiWeight = roam_info->cfgParams.nRoamBeaconRssiWeight; + req_buf->rsn_caps = session->rsn_caps; qdf_mem_copy(&req_buf->mawc_roam_params, &mac_ctx->roam.configParam.csr_mawc_config, sizeof(req_buf->mawc_roam_params)); diff --git a/core/sme/src/csr/csr_util.c b/core/sme/src/csr/csr_util.c index 411bcf9b96..226c8b9791 100644 --- a/core/sme/src/csr/csr_util.c +++ b/core/sme/src/csr/csr_util.c @@ -3104,7 +3104,7 @@ static bool csr_get_rsn_information(tHalHandle hal, tCsrAuthList *auth_type, tCsrEncryptionList *mc_encryption, tDot11fIERSN *rsn_ie, uint8_t *ucast_cipher, uint8_t *mcast_cipher, uint8_t *auth_suite, - tCsrRSNCapabilities *capabilities, + struct rsn_caps *capabilities, eCsrAuthType *negotiated_authtype, eCsrEncryptionType *negotiated_mccipher, uint8_t *gp_mgmt_cipher, @@ -3633,6 +3633,7 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, { uint32_t ret; tpAniSirGlobal pMac = PMAC_STRUCT(hHal); + tCsrRoamSession *session = CSR_GET_SESSION(pMac, sessionId); bool fRSNMatch; uint8_t cbRSNIe = 0; uint8_t UnicastCypher[CSR_RSN_OUI_SIZE]; @@ -3640,7 +3641,7 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, uint8_t gp_mgmt_cipher_suite[CSR_RSN_OUI_SIZE]; uint8_t AuthSuite[CSR_RSN_OUI_SIZE]; tCsrRSNAuthIe *pAuthSuite; - tCsrRSNCapabilities RSNCapabilities; + struct rsn_caps RSNCapabilities; tCsrRSNPMKIe *pPMK; tPmkidCacheInfo pmkid_cache; #ifdef WLAN_FEATURE_11W @@ -3650,6 +3651,8 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, eCsrAuthType negAuthType = eCSR_AUTH_TYPE_UNKNOWN; tDot11fIERSN rsn_ie = {0}; + if (!CSR_IS_SESSION_VALID(pMac, sessionId) || !session) + return 0; qdf_mem_zero(&pmkid_cache, sizeof(pmkid_cache)); do { if (!csr_is_profile_rsn(pProfile)) @@ -3735,7 +3738,8 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, pPMK = (tCsrRSNPMKIe *) (((uint8_t *) (&pAuthSuite->AuthOui[1])) + sizeof(uint16_t)); - + /* Store RSN capabilities in session */ + session->rsn_caps = RSNCapabilities; if (!csr_update_pmksa_for_cache_id(pSirBssDesc, pProfile, &pmkid_cache)) qdf_mem_copy(pmkid_cache.BSSID.bytes, @@ -3783,7 +3787,7 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, pRSNIe->IeHeader.Length = (uint8_t) (sizeof(*pRSNIe) - sizeof(pRSNIe->IeHeader) + sizeof(*pAuthSuite) + - sizeof(tCsrRSNCapabilities)); + sizeof(struct rsn_caps)); if (pPMK->cPMKIDs) pRSNIe->IeHeader.Length += (uint8_t) (sizeof(uint16_t) + (pPMK->cPMKIDs * diff --git a/core/wma/src/wma_scan_roam.c b/core/wma/src/wma_scan_roam.c index 2a3bf4b0a9..49910cab6e 100644 --- a/core/wma/src/wma_scan_roam.c +++ b/core/wma/src/wma_scan_roam.c @@ -3277,6 +3277,7 @@ cleanup_label: return status; } +#define RSN_CAPS_SHIFT 16 /** * wma_roam_scan_fill_self_caps() - fill capabilities * @wma_handle: wma handle @@ -3381,7 +3382,18 @@ QDF_STATUS wma_roam_scan_fill_self_caps(tp_wma_handle wma_handle, selfCaps.immediateBA = (uint16_t) ((val >> WNI_CFG_BLOCK_ACK_ENABLED_IMMEDIATE) & 1); pCfgValue16 = (uint16_t *) &selfCaps; - roam_offload_params->capability = (*pCfgValue16) & 0xFFFF; + /* + * RSN caps arent been sent to firmware, so in case of PMF required, + * the firmware connects to a non PMF AP advertising PMF not required + * in the re-assoc request which violates protocol. + * So send this to firmware in the roam SCAN offload command to + * let it configure the params in the re-assoc request too. + * Instead of making another infra, send the RSN-CAPS in MSB of + * beacon Caps. + */ + roam_offload_params->capability = *((uint32_t *)(&roam_req->rsn_caps)); + roam_offload_params->capability <<= RSN_CAPS_SHIFT; + roam_offload_params->capability |= ((*pCfgValue16) & 0xFFFF); if (wlan_cfg_get_int(pMac, WNI_CFG_HT_CAP_INFO, &nCfgValue) != eSIR_SUCCESS) { |