qcacld-3.0: Add check for RMF frames while sending action frames
qcacld-2.0 to qcacld-3.0 propagation
Currently if PMF is enabled, only sa query action frames
received from supplicant are sent protected. None of the other
action frame category are sent protected.
Adds check for robust action frames, to decide if protection is
needed for the action frame category received from supplicant.
Change-Id: Ib1eb589c530ef99b7e2fedfcd106e0f646d78d93
CRs-Fixed: 960298
diff --git a/core/mac/inc/sir_mac_prot_def.h b/core/mac/inc/sir_mac_prot_def.h
index c675af7..2585a4f 100644
--- a/core/mac/inc/sir_mac_prot_def.h
+++ b/core/mac/inc/sir_mac_prot_def.h
@@ -128,6 +128,7 @@
#define SIR_MAC_ACTION_SPECTRUM_MGMT 0
#define SIR_MAC_ACTION_QOS_MGMT 1
#define SIR_MAC_ACTION_DLP 2
+#define SIR_MAC_ACTION_BLKACK 3
#define SIR_MAC_ACTION_PUBLIC_USAGE 4
#define SIR_MAC_ACTION_RRM 5
#define SIR_MAC_ACTION_FAST_BSS_TRNST 6
diff --git a/core/mac/src/pe/lim/lim_p2p.c b/core/mac/src/pe/lim/lim_p2p.c
index 476d9d9..7d12e61 100644
--- a/core/mac/src/pe/lim/lim_p2p.c
+++ b/core/mac/src/pe/lim/lim_p2p.c
@@ -686,59 +686,36 @@
}
#ifdef WLAN_FEATURE_11W
- action_hdr = (tpSirMacActionFrameHdr) (frame + sizeof(tSirMacMgmtHdr));
+ action_hdr = (tpSirMacActionFrameHdr)
+ (frame + sizeof(tSirMacMgmtHdr));
+ mac_hdr = (tpSirMacMgmtHdr) frame;
+ session_entry = pe_find_session_by_bssid(mac_ctx,
+ (uint8_t *) mb_msg->data + BSSID_OFFSET,
+ &session_id);
/*
- * Setting Protected bit for SA_QUERY Action Frame
- * This has to be based on the current Connection with the
- * station lim_set_protected_bit API will set the protected bit
- * if PMF
+ * Check for session corresponding to ADDR2 as supplicant
+ * is filling ADDR2 with BSSID
*/
- if ((SIR_MAC_MGMT_ACTION == fc->subType) &&
- (SIR_MAC_ACTION_SA_QUERY == action_hdr->category)) {
- mac_hdr = (tpSirMacMgmtHdr) frame;
+ if (NULL == session_entry) {
session_entry = pe_find_session_by_bssid(mac_ctx,
- (uint8_t *) mb_msg->data + BSSID_OFFSET,
- &session_id);
-
- /*
- * Check for session corresponding to ADDR2 ss supplicant
- * is filling ADDR2 with BSSID
- */
- if (NULL == session_entry) {
- session_entry = pe_find_session_by_bssid(mac_ctx,
- (uint8_t *) mb_msg->data + ADDR2_OFFSET,
- &session_id);
- }
-
- if (NULL != session_entry) {
- lim_set_protected_bit(mac_ctx, session_entry,
- mac_hdr->da, mac_hdr);
- } else {
- lim_log(mac_ctx, LOGE,
- FL("Dropping SA Query - PE Session not found"));
- lim_send_sme_rsp(mac_ctx,
- eWNI_SME_ACTION_FRAME_SEND_CNF,
- QDF_STATUS_E_FAILURE, mb_msg->sessionId, 0);
- cds_packet_free((void *)packet);
- return;
- }
-
- /*
- * If wep bit is not set in MAC header then we are trying to
- * send SA Query via non PMF connection. Drop the packet.
- */
- if (0 == mac_hdr->fc.wep) {
- lim_log(mac_ctx, LOGE,
- FL("Dropping SA Query due to non PMF conne."));
- lim_send_sme_rsp(mac_ctx,
- eWNI_SME_ACTION_FRAME_SEND_CNF,
- QDF_STATUS_E_FAILURE, mb_msg->sessionId, 0);
- cds_packet_free((void *)packet);
- return;
- }
+ (uint8_t *) mb_msg->data + ADDR2_OFFSET,
+ &session_id);
}
+ /*
+ * Setting Protected bit only for Robust Action Frames
+ * This has to be based on the current Connection with the
+ * station. lim_set_protected_bit API will set the protected
+ * bit if connection is PMF
+ */
+ if (session_entry && (SIR_MAC_MGMT_ACTION == fc->subType) &&
+ session_entry->limRmfEnabled &&
+ (!lim_is_group_addr(mac_hdr->da)) &&
+ lim_is_robust_mgmt_action_frame(action_hdr->category))
+ lim_set_protected_bit(mac_ctx, session_entry,
+ mac_hdr->da, mac_hdr);
#endif
+
lim_tx_action_frame(mac_ctx, mb_msg, msg_len, packet, frame);
return;
}
diff --git a/core/mac/src/pe/lim/lim_process_action_frame.c b/core/mac/src/pe/lim/lim_process_action_frame.c
index bc4ccaf..86ea425 100644
--- a/core/mac/src/pe/lim/lim_process_action_frame.c
+++ b/core/mac/src/pe/lim/lim_process_action_frame.c
@@ -1692,11 +1692,8 @@
rmfConnection = true;
if (rmfConnection && (pHdr->fc.wep == 0)) {
- PELOGE(lim_log
- (pMac, LOGE,
- FL("Dropping unprotected Action category %d frame "
- "since RMF is enabled."), category);
- )
+ lim_log(pMac, LOGE,
+ FL("Dropping unprotected Action category %d frame since RMF is enabled."), category);
return true;
} else
return false;
@@ -1730,15 +1727,17 @@
tpSirMacVendorSpecificPublicActionFrameHdr pub_action;
uint8_t p2p_oui[] = { 0x50, 0x6F, 0x9A, 0x09 };
+#ifdef WLAN_FEATURE_11W
+ if (lim_is_robust_mgmt_action_frame(action_hdr->category) &&
+ lim_drop_unprotected_action_frame(mac_ctx, session,
+ mac_hdr_11w, action_hdr->category))
+ return;
+#endif
+
frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info);
switch (action_hdr->category) {
case SIR_MAC_ACTION_QOS_MGMT:
-#ifdef WLAN_FEATURE_11W
- if (lim_drop_unprotected_action_frame(mac_ctx, session,
- mac_hdr_11w, action_hdr->category))
- break;
-#endif
if ((session->limQosEnabled) ||
(action_hdr->actionID == SIR_MAC_QOS_MAP_CONFIGURE)) {
switch (action_hdr->actionID) {
@@ -1776,11 +1775,6 @@
break;
case SIR_MAC_ACTION_SPECTRUM_MGMT:
-#ifdef WLAN_FEATURE_11W
- if (lim_drop_unprotected_action_frame(mac_ctx, session,
- mac_hdr_11w, action_hdr->category))
- break;
-#endif
switch (action_hdr->actionID) {
#ifdef ANI_SUPPORT_11H
case SIR_MAC_ACTION_MEASURE_REQUEST_ID:
@@ -1864,14 +1858,6 @@
break;
case SIR_MAC_ACTION_WNM:
-#ifdef WLAN_FEATURE_11W
- if ((session->limRmfEnabled) && (mac_hdr_11w->fc.wep == 0)) {
- lim_log(mac_ctx, LOG1,
- FL("Dropping unprot action %d frm (PMF on)"),
- action_hdr->category);
- break;
- }
-#endif
lim_log(mac_ctx, LOG1,
FL("WNM Action category %d action %d."),
action_hdr->category, action_hdr->actionID);
@@ -1901,11 +1887,6 @@
break;
case SIR_MAC_ACTION_RRM:
-#ifdef WLAN_FEATURE_11W
- if (lim_drop_unprotected_action_frame(mac_ctx, session,
- mac_hdr_11w, action_hdr->category))
- break;
-#endif
if (mac_ctx->rrm.rrmPEContext.rrmEnable) {
switch (action_hdr->actionID) {
case SIR_MAC_RRM_RADIO_MEASURE_REQ:
@@ -2064,9 +2045,6 @@
lim_log(mac_ctx, LOG1,
FL("SA Query Action category %d action %d."),
action_hdr->category, action_hdr->actionID);
- if (lim_drop_unprotected_action_frame(mac_ctx, session,
- mac_hdr_11w, action_hdr->category))
- break;
switch (action_hdr->actionID) {
case SIR_MAC_SA_QUERY_REQ:
/**11w SA query request action frame received**/
diff --git a/core/mac/src/pe/lim/lim_utils.c b/core/mac/src/pe/lim/lim_utils.c
index 0ae1b16..252c695 100644
--- a/core/mac/src/pe/lim/lim_utils.c
+++ b/core/mac/src/pe/lim/lim_utils.c
@@ -7236,3 +7236,45 @@
scan_params->obssScanActivityThreshold;
return;
}
+
+/**
+ * lim_is_robust_mgmt_action_frame() - Check if action category is
+ * robust action frame
+ * @action_category: Action frame category.
+ *
+ * This function is used to check if given action category is robust
+ * action frame.
+ *
+ * Return: bool
+ */
+bool lim_is_robust_mgmt_action_frame(uint8_t action_category)
+{
+ switch (action_category) {
+ /*
+ * NOTE: This function doesn't take care of the DMG
+ * (Directional Multi-Gigatbit) BSS case as 8011ad
+ * support is not yet added. In future, if the support
+ * is required then this function need few more arguments
+ * and little change in logic.
+ */
+ case SIR_MAC_ACTION_SPECTRUM_MGMT:
+ case SIR_MAC_ACTION_QOS_MGMT:
+ case SIR_MAC_ACTION_DLP:
+ case SIR_MAC_ACTION_BLKACK:
+ case SIR_MAC_ACTION_RRM:
+ case SIR_MAC_ACTION_FAST_BSS_TRNST:
+ case SIR_MAC_ACTION_SA_QUERY:
+ case SIR_MAC_ACTION_PROT_DUAL_PUB:
+ case SIR_MAC_ACTION_WNM:
+ case SIR_MAC_ACITON_MESH:
+ case SIR_MAC_ACTION_MHF:
+ case SIR_MAC_ACTION_FST:
+ return true;
+ default:
+ QDF_TRACE(QDF_MODULE_ID_PE, QDF_TRACE_LEVEL_INFO,
+ FL("non-PMF action category[%d] "),
+ action_category);
+ break;
+ }
+ return false;
+}
diff --git a/core/mac/src/pe/lim/lim_utils.h b/core/mac/src/pe/lim/lim_utils.h
index b96e9b8..411bb7c 100644
--- a/core/mac/src/pe/lim/lim_utils.h
+++ b/core/mac/src/pe/lim/lim_utils.h
@@ -602,4 +602,5 @@
{}
#endif
+bool lim_is_robust_mgmt_action_frame(uint8_t action_category);
#endif /* __LIM_UTILS_H */