qcacld-3.0: Cleanup WLAN_CONV_CRYPTO_IE_SUPPORT flag
WLAN_CONV_CRYPTO_IE_SUPPORT is a temporary flag which is used for
converged crypto component transition. The transition has already
been done, so cleanup legacy code related to the flag.
Change-Id: Ide9fa97a9eb0b5c197c762205f386651efc51e33
CRs-fixed: 2592096
diff --git a/Kbuild b/Kbuild
index 960559a..04f0759 100644
--- a/Kbuild
+++ b/Kbuild
@@ -2579,7 +2579,6 @@
#CRYPTO Coverged Component
cppflags-$(CONFIG_CRYPTO_COMPONENT) += -DWLAN_CONV_CRYPTO_SUPPORTED \
-DCRYPTO_SET_KEY_CONVERGED \
- -DWLAN_CONV_CRYPTO_IE_SUPPORT \
-DWLAN_CRYPTO_WEP_OS_DERIVATIVE \
-DWLAN_CRYPTO_TKIP_OS_DERIVATIVE \
-DWLAN_CRYPTO_CCMP_OS_DERIVATIVE \
diff --git a/core/hdd/src/wlan_hdd_cfg80211.c b/core/hdd/src/wlan_hdd_cfg80211.c
index fb69cf2..f15c829 100644
--- a/core/hdd/src/wlan_hdd_cfg80211.c
+++ b/core/hdd/src/wlan_hdd_cfg80211.c
@@ -21727,7 +21727,6 @@
return errno;
}
-#ifdef WLAN_CONV_CRYPTO_IE_SUPPORT
static QDF_STATUS wlan_hdd_set_pmksa_cache(struct hdd_adapter *adapter,
tPmkidCacheInfo *pmk_cache)
{
@@ -21791,34 +21790,6 @@
return result;
}
-#else
-static QDF_STATUS wlan_hdd_set_pmksa_cache(struct hdd_adapter *adapter,
- tPmkidCacheInfo *pmk_cache)
-{
- struct hdd_context *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
-
- return sme_roam_set_pmkid_cache(
- hdd_ctx->mac_handle, adapter->vdev_id, pmk_cache, 1, false);
-}
-
-static QDF_STATUS wlan_hdd_del_pmksa_cache(struct hdd_adapter *adapter,
- tPmkidCacheInfo *pmk_cache)
-{
- struct hdd_context *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
-
- return sme_roam_del_pmkid_from_cache(
- hdd_ctx->mac_handle, adapter->vdev_id, pmk_cache,
- false);
-}
-
-QDF_STATUS wlan_hdd_flush_pmksa_cache(struct hdd_adapter *adapter)
-{
- struct hdd_context *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
-
- return sme_roam_del_pmkid_from_cache(
- hdd_ctx->mac_handle, adapter->vdev_id, NULL, true);
-}
-#endif
#if defined(CFG80211_FILS_SK_OFFLOAD_SUPPORT) || \
(LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0))
diff --git a/core/mac/src/pe/lim/lim_assoc_utils.c b/core/mac/src/pe/lim/lim_assoc_utils.c
index 95baf3b..8fe7efa 100644
--- a/core/mac/src/pe/lim/lim_assoc_utils.c
+++ b/core/mac/src/pe/lim/lim_assoc_utils.c
@@ -301,260 +301,6 @@
#define SECURITY_SUITE_TYPE_GCMP 0x8
#define SECURITY_SUITE_TYPE_GCMP_256 0x9
-#ifndef WLAN_CONV_CRYPTO_IE_SUPPORT
-/**
- * is_non_rsn_cipher()- API to check whether cipher suit is rsn or not
- * @cipher_suite: cipher suit
- *
- * Return: True in case non ht cipher else false
- */
-static inline bool is_non_rsn_cipher(uint8_t cipher_suite)
-{
- uint8_t cipher_mask;
-
- cipher_mask = cipher_suite & SECURITY_SUITE_TYPE_MASK;
- if ((cipher_mask == SECURITY_SUITE_TYPE_CCMP) ||
- (cipher_mask == SECURITY_SUITE_TYPE_GCMP) ||
- (cipher_mask == SECURITY_SUITE_TYPE_GCMP_256))
- return false;
-
- return true;
-}
-
-/**
- * lim_check_rx_rsn_ie_match()- validate received rsn ie with supported cipher
- * suites.
- * @mac_ctx: pointer to global mac structure
- * @rx_rsn_ie: received rsn IE pointer
- * @session_entry: pe session entry
- * @sta_is_ht: peer station HT capability
- * @pmf_connection: set to true if this is pmf connection
- *
- * This function is called during Association/Reassociation
- * frame handling to determine whether received RSN in
- * Assoc/Reassoc request frames include supported cipher suites or not.
- *
- * Return: QDF_STATUS_SUCCESS if ALL supported cipher suites are present in the
- * received rsn IE else failure status.
- */
-
-uint8_t lim_check_rx_rsn_ie_match(struct mac_context *mac_ctx,
- tDot11fIERSN * const rx_rsn_ie,
- struct pe_session *session_entry, uint8_t sta_is_ht,
- bool *pmf_connection)
-{
- tDot11fIERSN *rsn_ie;
- bool match = false;
- uint8_t i, j, only_non_ht_cipher = 1;
-#ifdef WLAN_FEATURE_11W
- bool we_are_pmf_capable;
- bool we_require_pmf;
- bool they_are_pmf_capable;
- bool they_require_pmf;
-#endif
-
- /* RSN IE should be received from PE */
- rsn_ie = &session_entry->gStartBssRSNIe;
-
- if (!rx_rsn_ie) {
- pe_debug("Rx RSN IE is NULL");
- return eSIR_MAC_UNSPEC_FAILURE_STATUS;
- }
-
- /* We should have only one AKM in assoc/reassoc request */
- if (rx_rsn_ie->akm_suite_cnt != 1) {
- pe_debug("Invalid RX akm_suite_cnt %d",
- rx_rsn_ie->akm_suite_cnt);
- return eSIR_MAC_INVALID_AKMP_STATUS;
- }
- /* Check if we support the received AKM */
- for (i = 0; i < rsn_ie->akm_suite_cnt; i++)
- if (!qdf_mem_cmp(&rx_rsn_ie->akm_suite[0],
- &rsn_ie->akm_suite[i],
- sizeof(rsn_ie->akm_suite[i]))) {
- match = true;
- break;
- }
- if (!match) {
- pe_debug("Invalid RX akm_suite");
- return eSIR_MAC_INVALID_AKMP_STATUS;
- }
-
- /* Check groupwise cipher suite */
- for (i = 0; i < sizeof(rx_rsn_ie->gp_cipher_suite); i++)
- if (rsn_ie->gp_cipher_suite[i] !=
- rx_rsn_ie->gp_cipher_suite[i]) {
- pe_debug("Invalid groupwise cipher suite");
- return eSIR_MAC_INVALID_GROUP_CIPHER_STATUS;
- }
-
- /*
- * For each Pairwise cipher suite check whether we support
- * received pairwise
- */
- match = false;
- for (i = 0; i < rx_rsn_ie->pwise_cipher_suite_count; i++) {
- for (j = 0; j < rsn_ie->pwise_cipher_suite_count; j++) {
- if (!qdf_mem_cmp(&rx_rsn_ie->pwise_cipher_suites[i],
- &rsn_ie->pwise_cipher_suites[j],
- sizeof(rsn_ie->pwise_cipher_suites[j]))) {
- match = true;
- break;
- }
- }
-
- if (sta_is_ht)
-#ifdef ANI_LITTLE_BYTE_ENDIAN
- only_non_ht_cipher = is_non_rsn_cipher(
- rx_rsn_ie->pwise_cipher_suites[i][3]);
-#else
- only_non_ht_cipher = is_non_rsn_cipher(
- rx_rsn_ie->pwise_cipher_suites[i][0]);
-#endif
- }
-
- if ((!match) || ((sta_is_ht) && only_non_ht_cipher)) {
- pe_debug("Invalid pairwise cipher suite");
- return eSIR_MAC_INVALID_PAIRWISE_CIPHER_STATUS;
- }
- /*
- * Check RSN capabilities
- * Bit 0 of First Byte - PreAuthentication Capability
- */
- if (((rx_rsn_ie->RSN_Cap[0] >> 0) & 0x1) == true) {
- /* this is supported by AP only */
- pe_debug("Invalid RSN information element capabilities");
- return eSIR_MAC_INVALID_RSN_IE_CAPABILITIES_STATUS;
- }
-
- *pmf_connection = false;
-
-#ifdef WLAN_FEATURE_11W
- we_are_pmf_capable = session_entry->pLimStartBssReq->pmfCapable;
- we_require_pmf = session_entry->pLimStartBssReq->pmfRequired;
- they_are_pmf_capable = (rx_rsn_ie->RSN_Cap[0] >> 7) & 0x1;
- they_require_pmf = (rx_rsn_ie->RSN_Cap[0] >> 6) & 0x1;
-
- if ((they_require_pmf && they_are_pmf_capable && !we_are_pmf_capable) ||
- (we_require_pmf && !they_are_pmf_capable)) {
- pe_debug("Association fail, robust management frames policy"
- " violation they_require_pmf =%d"
- " theyArePMFCapable %d weArePMFCapable %d"
- " weRequirePMF %d theyArePMFCapable %d",
- they_require_pmf, they_are_pmf_capable,
- we_are_pmf_capable, we_require_pmf,
- they_are_pmf_capable);
- return eSIR_MAC_ROBUST_MGMT_FRAMES_POLICY_VIOLATION;
- }
-
- if (they_are_pmf_capable && we_are_pmf_capable)
- *pmf_connection = true;
-
- pe_debug("weAreCapable %d, weRequire %d, theyAreCapable %d,"
- " theyRequire %d, PMFconnection %d",
- we_are_pmf_capable, we_require_pmf, they_are_pmf_capable,
- they_require_pmf, *pmf_connection);
-#endif
-
- return eSIR_MAC_SUCCESS_STATUS;
-}
-
-/**
- * lim_check_rx_wpa_ie_match() - to check supported cipher suites
- *
- * @mac: pointer to global mac structure
- * @rx_wpaie: Received WPA IE in (Re)Assco req
- * @session_entry: pointer to PE session
- * @sta_is_ht: peer station is HT
- *
- * This function is called during Association/Reassociation
- * frame handling to determine whether received RSN in
- * Assoc/Reassoc request frames include supported cipher suites or not.
- *
- * Return: Success if ALL supported cipher suites are present in the
- * received wpa IE else failure status.
- */
-
-uint8_t
-lim_check_rx_wpa_ie_match(struct mac_context *mac, tDot11fIEWPA *rx_wpaie,
- struct pe_session *session_entry, uint8_t sta_is_ht)
-{
- tDot11fIEWPA *wpa_ie;
- bool match = false;
- uint8_t i, j, only_non_ht_cipher = 1;
-
- /* WPA IE should be received from PE */
- wpa_ie = &session_entry->gStartBssWPAIe;
-
- /* We should have only one AKM in assoc/reassoc request */
- if (rx_wpaie->auth_suite_count != 1) {
- pe_debug("Invalid RX auth_suite_count %d",
- rx_wpaie->auth_suite_count);
- return eSIR_MAC_INVALID_AKMP_STATUS;
- }
- /* Check if we support the received AKM */
- for (i = 0; i < wpa_ie->auth_suite_count; i++)
- if (!qdf_mem_cmp(&rx_wpaie->auth_suites[0],
- &wpa_ie->auth_suites[i],
- sizeof(wpa_ie->auth_suites[i]))) {
- match = true;
- break;
- }
- if (!match) {
- pe_debug("Invalid RX auth_suites");
- return eSIR_MAC_INVALID_AKMP_STATUS;
- }
-
- /* Check groupwise cipher suite */
- for (i = 0; i < 4; i++) {
- if (wpa_ie->multicast_cipher[i] !=
- rx_wpaie->multicast_cipher[i]) {
- pe_debug("Invalid groupwise cipher suite");
- return eSIR_MAC_INVALID_GROUP_CIPHER_STATUS;
- }
- }
-
- /*
- * For each Pairwise cipher suite check whether we support
- * received pairwise
- */
- match = false;
- for (i = 0; i < rx_wpaie->unicast_cipher_count; i++) {
- for (j = 0; j < wpa_ie->unicast_cipher_count; j++) {
- if (!qdf_mem_cmp(rx_wpaie->unicast_ciphers[i],
- wpa_ie->unicast_ciphers[j], 4)) {
- match = true;
- break;
- }
- }
-
- if ((sta_is_ht)
-#ifdef ANI_LITTLE_BYTE_ENDIAN
- &&
- ((rx_wpaie->
- unicast_ciphers[i][3] & SECURITY_SUITE_TYPE_MASK) ==
- SECURITY_SUITE_TYPE_CCMP))
-#else
- &&
- ((rx_wpaie->
- unicast_ciphers[i][0] & SECURITY_SUITE_TYPE_MASK) ==
- SECURITY_SUITE_TYPE_CCMP))
-#endif
- {
- only_non_ht_cipher = 0;
- }
-
- }
-
- if ((!match) || ((sta_is_ht) && only_non_ht_cipher)) {
- pe_debug("Invalid pairwise cipher suite");
- return eSIR_MAC_CIPHER_SUITE_REJECTED_STATUS;
- }
-
- return eSIR_MAC_SUCCESS_STATUS;
-}
-#endif
-
/**
* lim_cleanup_rx_path()
*
diff --git a/core/mac/src/pe/lim/lim_assoc_utils.h b/core/mac/src/pe/lim/lim_assoc_utils.h
index 5e4e9c6..793d0d0 100644
--- a/core/mac/src/pe/lim/lim_assoc_utils.h
+++ b/core/mac/src/pe/lim/lim_assoc_utils.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011-2019 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2011-2020 The Linux Foundation. All rights reserved.
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that the
@@ -43,12 +43,6 @@
tSirAssocReq *,
tSirMacCapabilityInfo *, struct pe_session *);
uint8_t lim_check_rx_basic_rates(struct mac_context *, tSirMacRateSet, struct pe_session *);
-uint8_t lim_check_rx_rsn_ie_match(struct mac_context *mac_ctx,
- tDot11fIERSN * const rx_rsn_ie,
- struct pe_session *session_entry, uint8_t sta_is_ht,
- bool *pmf_connection);
-uint8_t lim_check_rx_wpa_ie_match(struct mac_context *, tDot11fIEWPA *, struct pe_session *,
- uint8_t);
uint8_t lim_check_mcs_set(struct mac_context *mac, uint8_t *supportedMCSSet);
QDF_STATUS lim_cleanup_rx_path(struct mac_context *, tpDphHashNode,
struct pe_session *);
diff --git a/core/mac/src/pe/lim/lim_process_assoc_req_frame.c b/core/mac/src/pe/lim/lim_process_assoc_req_frame.c
index 11eb868..1225c37 100644
--- a/core/mac/src/pe/lim/lim_process_assoc_req_frame.c
+++ b/core/mac/src/pe/lim/lim_process_assoc_req_frame.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012-2019 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2012-2020 The Linux Foundation. All rights reserved.
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that the
@@ -829,7 +829,6 @@
}
}
-#ifdef WLAN_CONV_CRYPTO_IE_SUPPORT
static
enum mac_status_code lim_check_rsn_ie(struct pe_session *session,
struct mac_context *mac_ctx,
@@ -895,27 +894,6 @@
return eSIR_MAC_INVALID_IE_STATUS;
}
-#else
-static enum mac_status_code lim_check_rsn_ie(struct pe_session *session,
- struct mac_context *mac_ctx,
- tpSirAssocReq assoc_req,
- tDot11fIERSN *rsn,
- bool *pmf_connection)
-{
- return lim_check_rx_rsn_ie_match(mac_ctx, rsn, session,
- assoc_req->HTCaps.present,
- pmf_connection);
-}
-
-static enum mac_status_code lim_check_wpa_ie(struct pe_session *session,
- struct mac_context *mac_ctx,
- tpSirAssocReq assoc_req,
- tDot11fIEWPA *wpa)
-{
- return lim_check_rx_wpa_ie_match(mac_ctx, wpa, session,
- assoc_req->HTCaps.present);
-}
-#endif
/**
* lim_check_sae_pmf_cap() - check pmf capability for SAE STA
diff --git a/core/mac/src/pe/lim/lim_process_sme_req_messages.c b/core/mac/src/pe/lim/lim_process_sme_req_messages.c
index 80d931c..4684456 100644
--- a/core/mac/src/pe/lim/lim_process_sme_req_messages.c
+++ b/core/mac/src/pe/lim/lim_process_sme_req_messages.c
@@ -1165,7 +1165,6 @@
}
#ifdef WLAN_FEATURE_11W
-#ifdef WLAN_CONV_CRYPTO_IE_SUPPORT
/**
* lim_set_rmf_enabled() - set rmf enabled
* @mac: mac context
@@ -1214,30 +1213,6 @@
*
* Return: void
*/
-static void lim_set_rmf_enabled(struct mac_context *mac,
- struct pe_session *session,
- struct join_req *csr_join_req)
-{
- if ((eSIR_ED_AES_128_CMAC == csr_join_req->MgmtEncryptionType) ||
- (eSIR_ED_AES_GMAC_128 == csr_join_req->MgmtEncryptionType) ||
- (eSIR_ED_AES_GMAC_256 == csr_join_req->MgmtEncryptionType))
- session->limRmfEnabled = 1;
- else
- session->limRmfEnabled = 0;
-
- pe_debug("mgmt encryption type %d limRmfEnabled %d",
- csr_join_req->MgmtEncryptionType, session->limRmfEnabled);
-}
-#endif
-#else
-/**
- * lim_set_rmf_enabled() - set rmf enabled
- * @mac: mac context
- * @session: pe session
- * @csr_join_req: csr join req
- *
- * Return: void
- */
static inline void lim_set_rmf_enabled(struct mac_context *mac,
struct pe_session *session,
struct join_req *csr_join_req)
diff --git a/core/sme/inc/sme_api.h b/core/sme/inc/sme_api.h
index 63f5894..4d6489c 100644
--- a/core/sme/inc/sme_api.h
+++ b/core/sme/inc/sme_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012-2019 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2012-2020 The Linux Foundation. All rights reserved.
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that the
@@ -549,10 +549,6 @@
uint8_t sessionId,
tCsrRoamConnectedProfile *pProfile);
void sme_roam_free_connect_profile(tCsrRoamConnectedProfile *profile);
-QDF_STATUS sme_roam_set_pmkid_cache(mac_handle_t mac_handle, uint8_t sessionId,
- tPmkidCacheInfo *pPMKIDCache,
- uint32_t numItems,
- bool update_entire_cache);
#ifdef WLAN_FEATURE_ROAM_OFFLOAD
/**
diff --git a/core/sme/src/common/sme_api.c b/core/sme/src/common/sme_api.c
index 9844b76..af17a9e 100644
--- a/core/sme/src/common/sme_api.c
+++ b/core/sme/src/common/sme_api.c
@@ -3056,49 +3056,6 @@
csr_roam_free_connect_profile(profile);
}
-/*
- * sme_roam_set_pmkid_cache() -
- * A wrapper function to request CSR to return the PMKID candidate list
- * This is a synchronous call.
-
- * pPMKIDCache - caller allocated buffer point to an array of
- * tPmkidCacheInfo
- * numItems - a variable that has the number of tPmkidCacheInfo
- * allocated when retruning, this is either the number needed
- * or number of items put into pPMKIDCache
- * update_entire_cache - this bool value specifies if the entire pmkid
- * cache should be overwritten or should it be
- * updated entry by entry.
- * Return QDF_STATUS - when fail, it usually means the buffer allocated is not
- * big enough and pNumItems has the number of
- * tPmkidCacheInfo.
- * \Note: pNumItems is a number of tPmkidCacheInfo,
- * not sizeof(tPmkidCacheInfo) * something
- */
-QDF_STATUS sme_roam_set_pmkid_cache(mac_handle_t mac_handle, uint8_t sessionId,
- tPmkidCacheInfo *pPMKIDCache,
- uint32_t numItems, bool update_entire_cache)
-{
- QDF_STATUS status = QDF_STATUS_E_FAILURE;
- struct mac_context *mac = MAC_CONTEXT(mac_handle);
-
- MTRACE(qdf_trace(QDF_MODULE_ID_SME,
- TRACE_CODE_SME_RX_HDD_ROAM_SET_PMKIDCACHE, sessionId,
- numItems));
- status = sme_acquire_global_lock(&mac->sme);
- if (QDF_IS_STATUS_SUCCESS(status)) {
- if (CSR_IS_SESSION_VALID(mac, sessionId))
- status = csr_roam_set_pmkid_cache(mac, sessionId,
- pPMKIDCache,
- numItems, update_entire_cache);
- else
- status = QDF_STATUS_E_INVAL;
- sme_release_global_lock(&mac->sme);
- }
-
- return status;
-}
-
QDF_STATUS sme_roam_del_pmkid_from_cache(mac_handle_t mac_handle,
uint8_t sessionId,
tPmkidCacheInfo *pmksa,
diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c
index 8d2a7e6..7276f45 100644
--- a/core/sme/src/csr/csr_api_roam.c
+++ b/core/sme/src/csr/csr_api_roam.c
@@ -14962,164 +14962,6 @@
}
#endif /* WLAN_FEATURE_ROAM_OFFLOAD */
-#ifdef FEATURE_WLAN_DIAG_SUPPORT_CSR
-static void
-csr_roam_diag_set_pmkid(struct csr_roam_session *pSession)
-{
- WLAN_HOST_DIAG_EVENT_DEF(secEvent,
- host_event_wlan_security_payload_type);
- qdf_mem_zero(&secEvent,
- sizeof(host_event_wlan_security_payload_type));
- secEvent.eventId = WLAN_SECURITY_EVENT_PMKID_UPDATE;
- secEvent.encryptionModeMulticast =
- (uint8_t) diag_enc_type_from_csr_type(
- pSession->connectedProfile.mcEncryptionType);
- secEvent.encryptionModeUnicast =
- (uint8_t) diag_enc_type_from_csr_type(
- pSession->connectedProfile.EncryptionType);
- qdf_mem_copy(secEvent.bssid,
- pSession->connectedProfile.bssid.bytes,
- QDF_MAC_ADDR_SIZE);
- secEvent.authMode = (uint8_t) diag_auth_type_from_csr_type(
- pSession->connectedProfile.AuthType);
- WLAN_HOST_DIAG_EVENT_REPORT(&secEvent, EVENT_WLAN_SECURITY);
-}
-#endif /* FEATURE_WLAN_DIAG_SUPPORT_CSR */
-
-#ifdef WLAN_FEATURE_ROAM_OFFLOAD
-/**
- * csr_update_session_psk_pmk - API to update PMK in csr session
- * @pSession: pointer to session
- * @pmksa: pointer to PMKSA struct
- *
- * Return : None
- */
-static void
-csr_update_session_psk_pmk(struct csr_roam_session *session,
- tPmkidCacheInfo *pmksa)
-{
- /* For SAE authentication, pmk will be sent over the
- * set PMKSA vendor command. The set PMKSA command is sent
- * after SAE authentication is complete, before association
- * completion itself. So csr_roam_session will not be having
- * any parameters at this point. This pmk received is not
- * updated to csr session and when RSO update command is sent,
- * empty pmk will be sent, resulting in SAE roming failure. So
- * copy the pmk into csr session so that correct pmk will be
- * sent in RSO command.
- */
- qdf_mem_copy(session->psk_pmk, pmksa->pmk, pmksa->pmk_len);
- session->pmk_len = pmksa->pmk_len;
-}
-#else
-static inline void
-csr_update_session_psk_pmk(struct csr_roam_session *session,
- tPmkidCacheInfo *pmksa)
-{}
-#endif
-
-/**
- * csr_update_pmk_cache - API to update PMK cache
- * @pSession: pointer to session
- * @pmksa: pointer to PMKSA struct
- *
- * Return : None
- */
-static void csr_update_pmk_cache(struct csr_roam_session *session,
- tPmkidCacheInfo *pmksa)
-{
- uint16_t cache_idx = session->curr_cache_idx;
-
- /* Add entry to the cache */
- if (!pmksa->ssid_len) {
- qdf_copy_macaddr(
- &session->PmkidCacheInfo[cache_idx].BSSID,
- &pmksa->BSSID);
- session->PmkidCacheInfo[cache_idx].ssid_len = 0;
- } else {
- qdf_mem_copy(session->PmkidCacheInfo[cache_idx].ssid,
- pmksa->ssid, pmksa->ssid_len);
- session->PmkidCacheInfo[cache_idx].ssid_len =
- pmksa->ssid_len;
- qdf_mem_copy(session->PmkidCacheInfo[cache_idx].cache_id,
- pmksa->cache_id, CACHE_ID_LEN);
-
- }
- qdf_mem_copy(
- session->PmkidCacheInfo[cache_idx].PMKID,
- pmksa->PMKID, PMKID_LEN);
-
- if (pmksa->pmk_len) {
- qdf_mem_copy(session->PmkidCacheInfo[cache_idx].pmk,
- pmksa->pmk, pmksa->pmk_len);
-
- csr_update_session_psk_pmk(session, pmksa);
- }
-
- session->PmkidCacheInfo[cache_idx].pmk_len = pmksa->pmk_len;
-
- /* Increment the CSR local cache index */
- if (cache_idx < (CSR_MAX_PMKID_ALLOWED - 1))
- session->curr_cache_idx++;
- else {
- sme_debug("max value reached, setting current index as 0");
- session->curr_cache_idx = 0;
- }
-
- session->NumPmkidCache++;
- if (session->NumPmkidCache > CSR_MAX_PMKID_ALLOWED) {
- sme_debug("setting num pmkid cache to %d",
- CSR_MAX_PMKID_ALLOWED);
- session->NumPmkidCache = CSR_MAX_PMKID_ALLOWED;
- }
-}
-
-QDF_STATUS
-csr_roam_set_pmkid_cache(struct mac_context *mac, uint32_t sessionId,
- tPmkidCacheInfo *pPMKIDCache, uint32_t numItems,
- bool update_entire_cache)
-{
- struct csr_roam_session *pSession = CSR_GET_SESSION(mac, sessionId);
- uint32_t i = 0;
- tPmkidCacheInfo *pmksa;
-
- if (!pSession) {
- sme_err("session %d not found", sessionId);
- return QDF_STATUS_E_FAILURE;
- }
-
- sme_debug("numItems = %d", numItems);
-
- if (numItems > CSR_MAX_PMKID_ALLOWED)
- return QDF_STATUS_E_INVAL;
-
-#ifdef FEATURE_WLAN_DIAG_SUPPORT_CSR
- csr_roam_diag_set_pmkid(pSession);
-#endif /* FEATURE_WLAN_DIAG_SUPPORT_CSR */
-
- if (update_entire_cache) {
- if (numItems && pPMKIDCache) {
- pSession->NumPmkidCache = (uint16_t) numItems;
- qdf_mem_copy(pSession->PmkidCacheInfo, pPMKIDCache,
- sizeof(tPmkidCacheInfo) * numItems);
- pSession->curr_cache_idx = (uint16_t)numItems;
- }
- return QDF_STATUS_SUCCESS;
- }
-
- for (i = 0; i < numItems; i++) {
- pmksa = &pPMKIDCache[i];
-
- /* Delete the entry if present */
- csr_roam_del_pmkid_from_cache(mac, sessionId,
- pmksa, false);
- /* Update new entry */
- csr_update_pmk_cache(pSession, pmksa);
-
- }
- return QDF_STATUS_SUCCESS;
-}
-
#ifdef WLAN_FEATURE_ROAM_OFFLOAD
static void csr_mem_zero_psk_pmk(struct csr_roam_session *session)
{
diff --git a/core/sme/src/csr/csr_inside_api.h b/core/sme/src/csr/csr_inside_api.h
index b63ecc0..cd529f9 100644
--- a/core/sme/src/csr/csr_inside_api.h
+++ b/core/sme/src/csr/csr_inside_api.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011-2019 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2011-2020 The Linux Foundation. All rights reserved.
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that the
@@ -729,23 +729,6 @@
tCsrRoamModifyProfileFields modProfileFields,
uint32_t *pRoamId);
-/*
- * csr_roam_set_pmkid_cache() -
- * return the PMKID candidate list
- *
- * pPMKIDCache - caller allocated buffer point to an array of tPmkidCacheInfo
- * numItems - a variable that has the number of tPmkidCacheInfo allocated
- * when retruning, this is either the number needed or number of items put
- * into pPMKIDCache
- * Return QDF_STATUS - when fail, it usually means the buffer allocated is not
- * big enough and pNumItems has the number of tPmkidCacheInfo.
- * \Note: pNumItems is a number of tPmkidCacheInfo, not
- * sizeof(tPmkidCacheInfo) * something
- */
-QDF_STATUS csr_roam_set_pmkid_cache(struct mac_context *mac, uint32_t sessionId,
- tPmkidCacheInfo *pPMKIDCache,
- uint32_t numItems, bool update_entire_cache);
-
#ifdef WLAN_FEATURE_ROAM_OFFLOAD
/*
* csr_get_pmk_info(): store PMK in pmk_cache
diff --git a/core/sme/src/csr/csr_util.c b/core/sme/src/csr/csr_util.c
index f6b5b5a..a294837 100644
--- a/core/sme/src/csr/csr_util.c
+++ b/core/sme/src/csr/csr_util.c
@@ -2714,7 +2714,6 @@
return false;
}
-#ifdef WLAN_CONV_CRYPTO_IE_SUPPORT
bool csr_lookup_pmkid_using_bssid(struct mac_context *mac,
struct csr_roam_session *session,
tPmkidCacheInfo *pmk_cache,
@@ -2848,1801 +2847,6 @@
}
#endif
-#else
-
-static bool csr_match_rsnoui_index(struct mac_context *mac,
- uint8_t AllCyphers[][CSR_RSN_OUI_SIZE],
- uint8_t cAllCyphers, uint8_t ouiIndex,
- uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllCyphers, cAllCyphers, csr_rsn_oui[ouiIndex], Oui);
-
-}
-
-#ifdef FEATURE_WLAN_WAPI
-static bool csr_is_wapi_oui_equal(struct mac_context *mac, uint8_t *Oui1,
- uint8_t *Oui2)
-{
- return !qdf_mem_cmp(Oui1, Oui2, CSR_WAPI_OUI_SIZE);
-}
-
-static bool csr_is_wapi_oui_match(struct mac_context *mac,
- uint8_t AllCyphers[][CSR_WAPI_OUI_SIZE],
- uint8_t cAllCyphers, uint8_t Cypher[],
- uint8_t Oui[])
-{
- bool fYes = false;
- uint8_t idx;
-
- for (idx = 0; idx < cAllCyphers; idx++) {
- if (csr_is_wapi_oui_equal(mac, AllCyphers[idx], Cypher)) {
- fYes = true;
- break;
- }
- }
-
- if (fYes && Oui)
- qdf_mem_copy(Oui, AllCyphers[idx], CSR_WAPI_OUI_SIZE);
-
- return fYes;
-}
-
-static bool csr_match_wapi_oui_index(struct mac_context *mac,
- uint8_t AllCyphers[][CSR_WAPI_OUI_SIZE],
- uint8_t cAllCyphers, uint8_t ouiIndex,
- uint8_t Oui[])
-{
- return csr_is_wapi_oui_match
- (mac, AllCyphers, cAllCyphers, csr_wapi_oui[ouiIndex], Oui);
-
-}
-#endif /* FEATURE_WLAN_WAPI */
-
-static bool csr_match_wpaoui_index(struct mac_context *mac,
- uint8_t AllCyphers[][CSR_RSN_OUI_SIZE],
- uint8_t cAllCyphers, uint8_t ouiIndex,
- uint8_t Oui[])
-{
- if (ouiIndex < QDF_ARRAY_SIZE(csr_wpa_oui))
- return csr_is_oui_match
- (mac, AllCyphers, cAllCyphers,
- csr_wpa_oui[ouiIndex], Oui);
- else
- return false;
-}
-
-#ifdef FEATURE_WLAN_WAPI
-static bool csr_is_auth_wapi_cert(struct mac_context *mac,
- uint8_t AllSuites[][CSR_WAPI_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_wapi_oui_match
- (mac, AllSuites, cAllSuites, csr_wapi_oui[1], Oui);
-}
-
-static bool csr_is_auth_wapi_psk(struct mac_context *mac,
- uint8_t AllSuites[][CSR_WAPI_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_wapi_oui_match
- (mac, AllSuites, cAllSuites, csr_wapi_oui[2], Oui);
-}
-#endif /* FEATURE_WLAN_WAPI */
-
-
-/*
- * Function for 11R FT Authentication. We match the FT Authentication Cipher
- * suite here. This matches for FT Auth with the 802.1X exchange.
- */
-static bool csr_is_ft_auth_rsn(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[03], Oui);
-}
-
-/*
- * Function for 11R FT Authentication. We match the FT Authentication Cipher
- * suite here. This matches for FT Auth with the PSK.
- */
-static bool csr_is_ft_auth_rsn_psk(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[04], Oui);
-}
-
-
-#ifdef FEATURE_WLAN_ESE
-
-/*
- * Function for ESE CCKM AKM Authentication. We match the CCKM AKM
- * Authentication Key Management suite here. This matches for CCKM AKM Auth
- * with the 802.1X exchange.
- */
-static bool csr_is_ese_cckm_auth_rsn(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[06], Oui);
-}
-
-static bool csr_is_ese_cckm_auth_wpa(struct mac_context *mac,
- uint8_t AllSuites[][CSR_WPA_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_wpa_oui[06], Oui);
-}
-#endif
-
-static bool csr_is_auth_rsn(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[01], Oui);
-}
-
-static bool csr_is_auth_rsn_psk(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[02], Oui);
-}
-
-#ifdef WLAN_FEATURE_11W
-static bool csr_is_auth_rsn_psk_sha256(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[07], Oui);
-}
-static bool csr_is_auth_rsn8021x_sha256(struct mac_context *mac,
- uint8_t AllSuites[][CSR_RSN_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_rsn_oui[8], Oui);
-}
-#endif
-
-#ifdef WLAN_FEATURE_FILS_SK
-/*
- * csr_is_auth_fils_sha256() - check whether oui is fils sha256
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is FILS SHA256, false otherwise
- */
-static bool csr_is_auth_fils_sha256(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_FILS_SHA256], oui);
-}
-
-/*
- * csr_is_auth_fils_sha384() - check whether oui is fils sha384
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is FILS SHA384, false otherwise
- */
-static bool csr_is_auth_fils_sha384(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_FILS_SHA384], oui);
-}
-
-/*
- * csr_is_auth_fils_ft_sha256() - check whether oui is fils ft sha256
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is FT FILS SHA256, false otherwise
- */
-static bool csr_is_auth_fils_ft_sha256(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_FT_FILS_SHA256], oui);
-}
-
-/*
- * csr_is_auth_fils_ft_sha384() - check whether oui is fils ft sha384
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is FT FILS SHA384, false otherwise
- */
-static bool csr_is_auth_fils_ft_sha384(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_FT_FILS_SHA384], oui);
-}
-#endif
-
-/*
- * csr_is_auth_dpp_rsn() - check whether oui is dpp rsn
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is dpp rsn, false otherwise
- */
-static bool csr_is_auth_dpp_rsn(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_DPP_RSN], oui);
-}
-
-/*
- * csr_is_auth_wpa_owe() - check whether oui is OWE
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is OWE, false otherwise
- */
-static bool csr_is_auth_wpa_owe(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match
- (mac, all_suites, suite_count, csr_rsn_oui[ENUM_OWE], oui);
-}
-
-/*
- * csr_is_auth_suiteb_eap_256() - check whether oui is SuiteB EAP256
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is SuiteB EAP256, false otherwise
- */
-static bool csr_is_auth_suiteb_eap_256(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_SUITEB_EAP256], oui);
-}
-
-/*
- * csr_is_auth_suiteb_eap_384() - check whether oui is SuiteB EAP384
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is SuiteB EAP384, false otherwise
- */
-static bool csr_is_auth_suiteb_eap_384(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_SUITEB_EAP384], oui);
-}
-
-/*
- * csr_is_auth_ft_suiteb_eap_384() - check whether oui is SuiteB EAP384
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is FT SuiteB EAP384, false otherwise
- */
-static
-bool csr_is_auth_ft_suiteb_eap_384(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_FT_SUITEB_SHA384], oui);
-}
-
-#ifdef WLAN_FEATURE_SAE
-/*
- * csr_is_auth_wpa_sae() - check whether oui is SAE
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is SAE, false otherwise
- */
-static bool csr_is_auth_wpa_sae(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- bool is_sae_auth;
-
- is_sae_auth = (csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_SAE], oui));
- return is_sae_auth;
-}
-
-/*
- * csr_is_auth_ft_sae() - check whether oui is SAE
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is FT-SAE, false otherwise
- */
-static bool csr_is_auth_ft_sae(struct mac_context *mac,
- uint8_t all_suites[][CSR_RSN_OUI_SIZE],
- uint8_t suite_count, uint8_t oui[])
-{
- bool is_ft_sae_auth;
-
- is_ft_sae_auth = csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_FT_SAE], oui);
- return is_ft_sae_auth;
-}
-#endif
-
-/*
- * csr_is_auth_osen() - check whether oui is osen rsn
- * @mac: Global MAC context
- * @all_suites: pointer to all supported akm suites
- * @suite_count: all supported akm suites count
- * @oui: Oui needs to be matched
- *
- * Return: True if OUI is OSEN, false otherwise
- */
-static bool csr_is_auth_osen(struct mac_context *mac,
- u8 all_suites[][CSR_RSN_OUI_SIZE],
- u8 suite_count, u8 oui[])
-{
- return csr_is_oui_match(mac, all_suites, suite_count,
- csr_rsn_oui[ENUM_OSEN], oui);
-}
-
-static bool csr_is_auth_wpa(struct mac_context *mac,
- uint8_t AllSuites[][CSR_WPA_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_wpa_oui[01], Oui);
-}
-
-static bool csr_is_auth_wpa_psk(struct mac_context *mac,
- uint8_t AllSuites[][CSR_WPA_OUI_SIZE],
- uint8_t cAllSuites, uint8_t Oui[])
-{
- return csr_is_oui_match
- (mac, AllSuites, cAllSuites, csr_wpa_oui[02], Oui);
-}
-
-static uint8_t csr_get_oui_index_from_cipher(eCsrEncryptionType enType)
-{
- uint8_t OUIIndex;
-
- switch (enType) {
- case eCSR_ENCRYPT_TYPE_WEP40:
- case eCSR_ENCRYPT_TYPE_WEP40_STATICKEY:
- OUIIndex = CSR_OUI_WEP40_OR_1X_INDEX;
- break;
- case eCSR_ENCRYPT_TYPE_WEP104:
- case eCSR_ENCRYPT_TYPE_WEP104_STATICKEY:
- OUIIndex = CSR_OUI_WEP104_INDEX;
- break;
- case eCSR_ENCRYPT_TYPE_TKIP:
- OUIIndex = CSR_OUI_TKIP_OR_PSK_INDEX;
- break;
- case eCSR_ENCRYPT_TYPE_AES:
- OUIIndex = CSR_OUI_AES_INDEX;
- break;
- case eCSR_ENCRYPT_TYPE_AES_GCMP:
- OUIIndex = CSR_OUI_AES_GCMP_INDEX;
- break;
- case eCSR_ENCRYPT_TYPE_AES_GCMP_256:
- OUIIndex = CSR_OUI_AES_GCMP_256_INDEX;
- break;
- case eCSR_ENCRYPT_TYPE_NONE:
- OUIIndex = CSR_OUI_USE_GROUP_CIPHER_INDEX;
- break;
-#ifdef FEATURE_WLAN_WAPI
- case eCSR_ENCRYPT_TYPE_WPI:
- OUIIndex = CSR_OUI_WAPI_WAI_CERT_OR_SMS4_INDEX;
- break;
-#endif /* FEATURE_WLAN_WAPI */
- default: /* HOWTO handle this? */
- OUIIndex = CSR_OUI_RESERVED_INDEX;
- break;
- } /* switch */
-
- return OUIIndex;
-}
-
-#ifdef WLAN_FEATURE_FILS_SK
-/**
- * csr_is_fils_auth() - update negotiated auth if matches to FILS auth type
- * @mac_ctx: pointer to mac context
- * @authsuites: auth suites
- * @c_auth_suites: auth suites count
- * @authentication: authentication
- * @auth_type: authentication type list
- * @index: current counter
- * @neg_authtype: pointer to negotiated auth
- *
- * Return: None
- */
-static void csr_is_fils_auth(struct mac_context *mac_ctx,
- uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
- uint8_t authentication[], tCsrAuthList *auth_type,
- uint8_t index, enum csr_akm_type *neg_authtype)
-{
- /*
- * TODO Always try with highest security
- * move this down once sha384 is validated
- */
- if (csr_is_auth_fils_sha256(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_FILS_SHA256 ==
- auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_FILS_SHA256;
- }
- if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_fils_sha384(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_FILS_SHA384 ==
- auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_FILS_SHA384;
- }
- if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_fils_ft_sha256(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_FT_FILS_SHA256 ==
- auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_FT_FILS_SHA256;
- }
- if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_fils_ft_sha384(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_FT_FILS_SHA384 ==
- auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_FT_FILS_SHA384;
- }
- sme_debug("negotiated auth type is %d", *neg_authtype);
-}
-#else
-static void csr_is_fils_auth(struct mac_context *mac_ctx,
- uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
- uint8_t authentication[], tCsrAuthList *auth_type,
- uint8_t index, enum csr_akm_type *neg_authtype)
-{
-}
-#endif
-
-#ifdef WLAN_FEATURE_SAE
-/**
- * csr_check_sae_auth() - update negotiated auth and oui if matches to SAE auth
- * type
- * @mac_ctx: pointer to mac context
- * @authsuites: auth suites
- * @c_auth_suites: auth suites count
- * @authentication: authentication
- * @auth_type: authentication type list
- * @index: current counter
- * @neg_authtype: pointer to negotiated auth
- *
- * Return: None
- */
-static void
-csr_check_sae_auth(struct mac_context *mac_ctx,
- uint8_t authsuites[][CSR_RSN_OUI_SIZE],
- uint8_t c_auth_suites,
- uint8_t authentication[], tCsrAuthList *auth_type,
- uint8_t index, enum csr_akm_type *neg_authtype)
-{
- if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_ft_sae(mac_ctx, authsuites, c_auth_suites,
- authentication)) {
- if (eCSR_AUTH_TYPE_FT_SAE == auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_FT_SAE;
- if (eCSR_AUTH_TYPE_OPEN_SYSTEM == auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_OPEN_SYSTEM;
- }
-
- if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_wpa_sae(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_SAE == auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_SAE;
- if (eCSR_AUTH_TYPE_OPEN_SYSTEM == auth_type->authType[index])
- *neg_authtype = eCSR_AUTH_TYPE_OPEN_SYSTEM;
- }
- sme_debug("negotiated auth type is %d", *neg_authtype);
-}
-#else
-static void csr_check_sae_auth(struct mac_context *mac_ctx,
- uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
- uint8_t authentication[], tCsrAuthList *auth_type,
- uint8_t index, enum csr_akm_type *neg_authtype)
-{
-}
-#endif
-
-/**
- * csr_get_rsn_information() - to get RSN information
- * @mac_ctx: pointer to global MAC context
- * @auth_type: auth type
- * @encr_type: encryption type
- * @mc_encryption: multicast encryption type
- * @rsn_ie: pointer to RSN IE
- * @ucast_cipher: Unicast cipher
- * @mcast_cipher: Multicast cipher
- * @auth_suite: Authentication suite
- * @capabilities: RSN capabilities
- * @negotiated_authtype: Negotiated auth type
- * @negotiated_mccipher: negotiated multicast cipher
- * @gp_mgmt_cipher: group management cipher
- * @mgmt_encryption_type: group management encryption type
- * @adaptive_11r: is adaptive 11r connection
- *
- * This routine will get all RSN information
- *
- * Return: bool
- */
-static bool csr_get_rsn_information(struct mac_context *mac_ctx,
- tCsrAuthList *auth_type,
- eCsrEncryptionType encr_type,
- tCsrEncryptionList *mc_encryption,
- tDot11fIERSN *rsn_ie, uint8_t *ucast_cipher,
- uint8_t *mcast_cipher, uint8_t *auth_suite,
- struct rsn_caps *capabilities,
- enum csr_akm_type *negotiated_authtype,
- eCsrEncryptionType *negotiated_mccipher,
- uint8_t *gp_mgmt_cipher,
- tAniEdType *mgmt_encryption_type,
- bool adaptive_11r)
-{
- bool acceptable_cipher = false;
- bool group_mgmt_acceptable_cipher = false;
- uint8_t c_ucast_cipher = 0;
- uint8_t c_mcast_cipher = 0;
- uint8_t c_group_mgmt_cipher = 0;
- uint8_t c_auth_suites = 0, i;
- uint8_t unicast[CSR_RSN_OUI_SIZE];
- uint8_t multicast[CSR_RSN_OUI_SIZE];
- uint8_t group_mgmt[CSR_RSN_OUI_SIZE];
- uint8_t authsuites[CSR_RSN_MAX_AUTH_SUITES][CSR_RSN_OUI_SIZE];
- uint8_t authentication[CSR_RSN_OUI_SIZE];
- uint8_t mccipher_arr[CSR_RSN_MAX_MULTICAST_CYPHERS][CSR_RSN_OUI_SIZE];
- uint8_t group_mgmt_arr[CSR_RSN_MAX_MULTICAST_CYPHERS][CSR_RSN_OUI_SIZE];
- enum csr_akm_type neg_authtype = eCSR_AUTH_TYPE_UNKNOWN;
-
- if (!rsn_ie->present)
- goto end;
- c_mcast_cipher++;
- qdf_mem_copy(mccipher_arr, rsn_ie->gp_cipher_suite,
- CSR_RSN_OUI_SIZE);
- c_ucast_cipher =
- (uint8_t) (rsn_ie->pwise_cipher_suite_count);
-
- c_auth_suites = (uint8_t) (rsn_ie->akm_suite_cnt);
- for (i = 0; i < c_auth_suites && i < CSR_RSN_MAX_AUTH_SUITES; i++) {
- qdf_mem_copy((void *)&authsuites[i],
- (void *)&rsn_ie->akm_suite[i], CSR_RSN_OUI_SIZE);
- }
-
- /* Check - Is requested unicast Cipher supported by the BSS. */
- acceptable_cipher = csr_match_rsnoui_index(mac_ctx,
- rsn_ie->pwise_cipher_suites, c_ucast_cipher,
- csr_get_oui_index_from_cipher(encr_type),
- unicast);
-
- if (!acceptable_cipher)
- goto end;
-
- /* unicast is supported. Pick the first matching Group cipher, if any */
- for (i = 0; i < mc_encryption->numEntries; i++) {
- acceptable_cipher = csr_match_rsnoui_index(mac_ctx,
- mccipher_arr, c_mcast_cipher,
- csr_get_oui_index_from_cipher(
- mc_encryption->encryptionType[i]),
- multicast);
- if (acceptable_cipher)
- break;
- }
- if (!acceptable_cipher)
- goto end;
-
- if (negotiated_mccipher)
- *negotiated_mccipher = mc_encryption->encryptionType[i];
-
- /* Group Management Cipher only for 11w */
- if (mgmt_encryption_type) {
- c_group_mgmt_cipher++;
- qdf_mem_copy(group_mgmt_arr, rsn_ie->gp_mgmt_cipher_suite,
- CSR_RSN_OUI_SIZE);
- if (csr_is_group_mgmt_gmac_128(mac_ctx, group_mgmt_arr,
- c_group_mgmt_cipher, group_mgmt)) {
- group_mgmt_acceptable_cipher = true;
- *mgmt_encryption_type = eSIR_ED_AES_GMAC_128;
- } else if (csr_is_group_mgmt_gmac_256(mac_ctx, group_mgmt_arr,
- c_group_mgmt_cipher, group_mgmt)) {
- group_mgmt_acceptable_cipher = true;
- *mgmt_encryption_type = eSIR_ED_AES_GMAC_256;
- } else {
- /* Default is CMAC */
- group_mgmt_acceptable_cipher = true;
- *mgmt_encryption_type = eSIR_ED_AES_128_CMAC;
- qdf_mem_copy(group_mgmt, csr_group_mgmt_oui[ENUM_CMAC],
- CSR_RSN_OUI_SIZE);
- }
- }
-
- /* Initializing with false as it has true value already */
- acceptable_cipher = false;
- for (i = 0; i < auth_type->numEntries; i++) {
- /*
- * Ciphers are supported, Match authentication algorithm and
- * pick first matching authtype.
- */
- /* Set FILS as first preference */
- csr_is_fils_auth(mac_ctx, authsuites, c_auth_suites,
- authentication, auth_type, i, &neg_authtype);
- /* Changed the AKM suites according to order of preference */
- csr_check_sae_auth(mac_ctx, authsuites, c_auth_suites,
- authentication, auth_type, i, &neg_authtype);
-
- if (neg_authtype == eCSR_AUTH_TYPE_UNKNOWN &&
- csr_is_auth_osen(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_OSEN == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_OSEN;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_dpp_rsn(mac_ctx, authsuites,
- c_auth_suites,
- authentication)) {
- if (eCSR_AUTH_TYPE_DPP_RSN == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_DPP_RSN;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_ft_auth_rsn(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_FT_RSN == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_FT_RSN;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN)
- && csr_is_ft_auth_rsn_psk(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_FT_RSN_PSK ==
- auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_FT_RSN_PSK;
- }
-#ifdef FEATURE_WLAN_ESE
- /* ESE only supports 802.1X. No PSK. */
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_ese_cckm_auth_rsn(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_CCKM_RSN == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_CCKM_RSN;
- }
-#endif
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_rsn(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- /*
- * For adaptive 11r connection send FT-802.1X akm in
- * association request
- */
- if (adaptive_11r &&
- eCSR_AUTH_TYPE_FT_RSN == auth_type->authType[i]) {
- neg_authtype = eCSR_AUTH_TYPE_FT_RSN;
- qdf_mem_copy(authentication,
- csr_rsn_oui[FT_8021X_IDX],
- CSR_WPA_OUI_SIZE);
- }
-
- if (eCSR_AUTH_TYPE_RSN == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_RSN;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_rsn_psk(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- /*
- * For adaptive 11r connection send FT-PSK akm in
- * association request
- */
- if (adaptive_11r &&
- eCSR_AUTH_TYPE_FT_RSN_PSK == auth_type->authType[i]) {
- neg_authtype = eCSR_AUTH_TYPE_FT_RSN_PSK;
- qdf_mem_copy(authentication,
- csr_rsn_oui[FT_PSK_IDX],
- CSR_WPA_OUI_SIZE);
- }
-
- if (eCSR_AUTH_TYPE_RSN_PSK == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_RSN_PSK;
- }
-#ifdef WLAN_FEATURE_11W
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_rsn_psk_sha256(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- /*
- * For adaptive 11r connection send AP advertises only
- * PSK AKM. STA can choose FT-PSK akm in association
- * request if FT capable.
- */
- if (adaptive_11r &&
- eCSR_AUTH_TYPE_FT_RSN_PSK == auth_type->authType[i]) {
- neg_authtype = eCSR_AUTH_TYPE_FT_RSN_PSK;
- qdf_mem_copy(authentication,
- csr_rsn_oui[FT_PSK_IDX],
- CSR_WPA_OUI_SIZE);
- }
-
- if (eCSR_AUTH_TYPE_RSN_PSK_SHA256 ==
- auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_RSN_PSK_SHA256;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_rsn8021x_sha256(mac_ctx,
- authsuites, c_auth_suites,
- authentication)) {
- /*
- * For adaptive 11r connection send FT-802.1x akm in
- * association request
- */
- if (adaptive_11r &&
- eCSR_AUTH_TYPE_FT_RSN == auth_type->authType[i]) {
- neg_authtype = eCSR_AUTH_TYPE_FT_RSN;
- qdf_mem_copy(authentication,
- csr_rsn_oui[FT_8021X_IDX],
- CSR_WPA_OUI_SIZE);
- }
- if (eCSR_AUTH_TYPE_RSN_8021X_SHA256 ==
- auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_RSN_8021X_SHA256;
- }
-#endif
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_wpa_owe(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_OWE == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_OWE;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_suiteb_eap_256(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_SUITEB_EAP_SHA256 ==
- auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_SUITEB_EAP_SHA256;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_suiteb_eap_384(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- if (eCSR_AUTH_TYPE_SUITEB_EAP_SHA384 ==
- auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_SUITEB_EAP_SHA384;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_ft_suiteb_eap_384(mac_ctx, authsuites,
- c_auth_suites,
- authentication)) {
- if (eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384 ==
- auth_type->authType[i])
- neg_authtype =
- eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
- }
-
- /*
- * The 1st auth type in the APs RSN IE, to match stations
- * connecting profiles auth type will cause us to exit this
- * loop. This is added as some APs advertise multiple akms in
- * the RSN IE
- */
- if (eCSR_AUTH_TYPE_UNKNOWN != neg_authtype) {
- acceptable_cipher = true;
- break;
- }
- } /* for */
-end:
- if (acceptable_cipher) {
- if (mcast_cipher)
- qdf_mem_copy(mcast_cipher, multicast,
- CSR_RSN_OUI_SIZE);
-
- if (ucast_cipher)
- qdf_mem_copy(ucast_cipher, unicast, CSR_RSN_OUI_SIZE);
-
- if (gp_mgmt_cipher && group_mgmt_acceptable_cipher)
- qdf_mem_copy(gp_mgmt_cipher, group_mgmt,
- CSR_RSN_OUI_SIZE);
-
- if (auth_suite)
- qdf_mem_copy(auth_suite, authentication,
- CSR_RSN_OUI_SIZE);
-
- if (negotiated_authtype)
- *negotiated_authtype = neg_authtype;
-
- if (capabilities) {
- /* Bit 0 Preauthentication */
- capabilities->PreAuthSupported =
- (rsn_ie->RSN_Cap[0] >> 0) & 0x1;
- /* Bit 1 No Pairwise */
- capabilities->NoPairwise =
- (rsn_ie->RSN_Cap[0] >> 1) & 0x1;
- /* Bit 2, 3 PTKSA Replay Counter */
- capabilities->PTKSAReplayCounter =
- (rsn_ie->RSN_Cap[0] >> 2) & 0x3;
- /* Bit 4, 5 GTKSA Replay Counter */
- capabilities->GTKSAReplayCounter =
- (rsn_ie->RSN_Cap[0] >> 4) & 0x3;
-#ifdef WLAN_FEATURE_11W
- /* Bit 6 MFPR */
- capabilities->MFPRequired =
- (rsn_ie->RSN_Cap[0] >> 6) & 0x1;
- /* Bit 7 MFPC */
- capabilities->MFPCapable =
- (rsn_ie->RSN_Cap[0] >> 7) & 0x1;
-#else
- /* Bit 6 MFPR */
- capabilities->MFPRequired = 0;
- /* Bit 7 MFPC */
- capabilities->MFPCapable = 0;
-#endif
- /* remaining reserved */
- capabilities->Reserved = rsn_ie->RSN_Cap[1] & 0xff;
- }
- }
- return acceptable_cipher;
-}
-
-/**
- * csr_lookup_pmkid_using_ssid() - lookup pmkid using ssid and cache_id
- * @mac: pointer to mac
- * @session: sme session pointer
- * @pmk_cache: pointer to pmk cache
- * @index: index value needs to be seached
- *
- * Return: true if pmkid is found else false
- */
-static bool csr_lookup_pmkid_using_ssid(struct mac_context *mac,
- struct csr_roam_session *session,
- tPmkidCacheInfo *pmk_cache,
- uint32_t *index)
-{
- uint32_t i;
- tPmkidCacheInfo *session_pmk;
-
- for (i = 0; i < session->NumPmkidCache; i++) {
- session_pmk = &session->PmkidCacheInfo[i];
- sme_debug("match PMKID ssid %*.*s cache id %x %x ssid_len %d to ssid %s cache_id %x %x",
- pmk_cache->ssid_len, pmk_cache->ssid_len,
- pmk_cache->ssid, pmk_cache->cache_id[0],
- pmk_cache->cache_id[1], pmk_cache->ssid_len,
- session_pmk->ssid,
- session_pmk->cache_id[0], session_pmk->cache_id[1]);
-
- if ((!qdf_mem_cmp(pmk_cache->ssid, session_pmk->ssid,
- pmk_cache->ssid_len)) &&
- (!qdf_mem_cmp(session_pmk->cache_id,
- pmk_cache->cache_id, CACHE_ID_LEN))) {
- /* match found */
- *index = i;
- sme_debug("PMKID found at index %d", i);
- return true;
- }
- }
-
- return false;
-}
-
-bool csr_lookup_pmkid_using_bssid(struct mac_context *mac,
- struct csr_roam_session *session,
- tPmkidCacheInfo *pmk_cache,
- uint32_t *index)
-{
- uint32_t i;
- tPmkidCacheInfo *session_pmk;
-
- for (i = 0; i < session->NumPmkidCache; i++) {
- session_pmk = &session->PmkidCacheInfo[i];
- sme_debug("Matching BSSID: " QDF_MAC_ADDR_STR " to cached BSSID:"
- QDF_MAC_ADDR_STR, QDF_MAC_ADDR_ARRAY(pmk_cache->BSSID.bytes),
- QDF_MAC_ADDR_ARRAY(session_pmk->BSSID.bytes));
- if (qdf_is_macaddr_equal(&pmk_cache->BSSID,
- &session_pmk->BSSID)) {
- /* match found */
- *index = i;
- sme_debug("PMKID found at index %d", i);
- qdf_mem_copy(pmk_cache, session_pmk,
- sizeof(tPmkidCacheInfo));
- return true;
- }
- }
-
- return false;
-}
-
-/**
- * csr_lookup_pmkid() - lookup pmkid using bssid or ssid + cache_id
- * @mac: pointer to mac
- * @session: sme session pointer
- * @pmk_cache: pointer to pmk cache
- * @index: index value needs to be seached
- *
- * Return: true if pmkid is found else false
- */
-static bool csr_lookup_pmkid(struct mac_context *mac, uint32_t sessionId,
- tPmkidCacheInfo *pmk_cache)
-{
- bool fRC = false, fMatchFound = false;
- uint32_t Index;
- struct csr_roam_session *pSession = CSR_GET_SESSION(mac, sessionId);
-
- if (!pSession) {
- sme_err("session %d not found", sessionId);
- return false;
- }
-
- if (pmk_cache->ssid_len) {
- /* Try to find based on cache_id and ssid first */
- fMatchFound = csr_lookup_pmkid_using_ssid(mac, pSession,
- pmk_cache, &Index);
- }
-
- /* If not able to find using cache id or ssid_len is not present */
- if (!fMatchFound)
- fMatchFound = csr_lookup_pmkid_using_bssid(mac,
- pSession, pmk_cache, &Index);
-
- if (!fMatchFound) {
- sme_debug("no pmkid match found NumPmkidCache = %d",
- pSession->NumPmkidCache);
- return false;
- }
-
- qdf_mem_copy(pmk_cache->PMKID,
- pSession->PmkidCacheInfo[Index].PMKID,
- PMKID_LEN);
-
- qdf_mem_copy(pmk_cache->pmk,
- pSession->PmkidCacheInfo[Index].pmk,
- pSession->PmkidCacheInfo[Index].pmk_len);
- pmk_cache->pmk_len = pSession->PmkidCacheInfo[Index].pmk_len;
-
- fRC = true;
- sme_debug("match = %d NumPmkidCache = %d",
- fRC, pSession->NumPmkidCache);
-
- return fRC;
-}
-
-#ifdef WLAN_FEATURE_FILS_SK
-/*
- * csr_update_pmksa_for_cache_id: update tPmkidCacheInfo to lookup using
- * ssid and cache id
- * @bss_desc: bss description
- * @profile: csr roam profile
- * @pmkid_cache: pmksa cache
- *
- * Return: true if cache identifier present else false
- */
-static bool csr_update_pmksa_for_cache_id(struct bss_description *bss_desc,
- struct csr_roam_profile *profile,
- tPmkidCacheInfo *pmkid_cache)
-{
- if (!bss_desc->fils_info_element.is_cache_id_present)
- return false;
-
- pmkid_cache->ssid_len =
- profile->SSIDs.SSIDList[0].SSID.length;
- qdf_mem_copy(pmkid_cache->ssid,
- profile->SSIDs.SSIDList[0].SSID.ssId,
- profile->SSIDs.SSIDList[0].SSID.length);
- qdf_mem_copy(pmkid_cache->cache_id,
- bss_desc->fils_info_element.cache_id,
- CACHE_ID_LEN);
- qdf_mem_copy(pmkid_cache->BSSID.bytes,
- bss_desc->bssId, QDF_MAC_ADDR_SIZE);
-
- return true;
-
-}
-
-/*
- * csr_update_pmksa_to_profile: update pmk and pmkid to profile which will be
- * used in case of fils session
- * @profile: profile
- * @pmkid_cache: pmksa cache
- *
- * Return: None
- */
-static inline void csr_update_pmksa_to_profile(struct csr_roam_profile *profile,
- tPmkidCacheInfo *pmkid_cache)
-{
- if (!profile->fils_con_info)
- return;
-
- profile->fils_con_info->pmk_len = pmkid_cache->pmk_len;
- qdf_mem_copy(profile->fils_con_info->pmk,
- pmkid_cache->pmk, pmkid_cache->pmk_len);
- qdf_mem_copy(profile->fils_con_info->pmkid,
- pmkid_cache->PMKID, PMKID_LEN);
-
-}
-#else
-static inline
-bool csr_update_pmksa_for_cache_id(struct bss_description *bss_desc,
- struct csr_roam_profile *profile,
- tPmkidCacheInfo *pmkid_cache)
-{
- return false;
-}
-
-static inline void csr_update_pmksa_to_profile(struct csr_roam_profile *profile,
- tPmkidCacheInfo *pmkid_cache)
-{
-}
-#endif
-
-/**
- * csr_update_session_pmk() - Update the pmk len and pmk in the roam session
- * @session: pointer to the CSR Roam session
- * @pmkid_cache: pointer to the pmkid cache
- *
- * Return: None
- */
-#ifdef WLAN_FEATURE_ROAM_OFFLOAD
-static void csr_update_session_pmk(struct csr_roam_session *session,
- tPmkidCacheInfo *pmkid_cache)
-{
- session->pmk_len = pmkid_cache->pmk_len;
- qdf_mem_zero(session->psk_pmk, sizeof(session->psk_pmk));
- qdf_mem_copy(session->psk_pmk, pmkid_cache->pmk, session->pmk_len);
-}
-#else
-static inline void csr_update_session_pmk(struct csr_roam_session *session,
- tPmkidCacheInfo *pmkid_cache)
-{
-}
-#endif
-
-uint8_t csr_construct_rsn_ie(struct mac_context *mac, uint32_t sessionId,
- struct csr_roam_profile *pProfile,
- struct bss_description *pSirBssDesc,
- tDot11fBeaconIEs *pIes, tCsrRSNIe *pRSNIe)
-{
- uint32_t ret;
- bool fRSNMatch;
- uint8_t cbRSNIe = 0;
- uint8_t UnicastCypher[CSR_RSN_OUI_SIZE];
- uint8_t MulticastCypher[CSR_RSN_OUI_SIZE];
- uint8_t gp_mgmt_cipher_suite[CSR_RSN_OUI_SIZE];
- uint8_t AuthSuite[CSR_RSN_OUI_SIZE];
- tCsrRSNAuthIe *pAuthSuite;
- struct rsn_caps RSNCapabilities;
- tCsrRSNPMKIe *pPMK;
- tPmkidCacheInfo pmkid_cache;
-#ifdef WLAN_FEATURE_11W
- uint8_t *pGroupMgmtCipherSuite;
-#endif
- tDot11fBeaconIEs *pIesLocal = pIes;
- enum csr_akm_type negAuthType = eCSR_AUTH_TYPE_UNKNOWN;
- tDot11fIERSN rsn_ie = {0};
- struct csr_roam_session *session = CSR_GET_SESSION(mac, sessionId);
-
- if (!CSR_IS_SESSION_VALID(mac, sessionId) || !session)
- return 0;
- qdf_mem_zero(&pmkid_cache, sizeof(pmkid_cache));
- qdf_mem_zero(&rsn_ie, sizeof(rsn_ie));
-
- do {
- if (!csr_is_profile_rsn(pProfile))
- break;
-
- if (!pIesLocal
- &&
- (!QDF_IS_STATUS_SUCCESS
- (csr_get_parsed_bss_description_ies
- (mac, pSirBssDesc, &pIesLocal)))) {
- break;
- }
-
- /*
- * Use intersection of the RSN cap sent by user space and
- * the AP, so that only common capability are enabled.
- */
- if (pProfile->pRSNReqIE && pProfile->nRSNReqIELength) {
- ret = dot11f_unpack_ie_rsn(mac,
- pProfile->pRSNReqIE + 2,
- pProfile->nRSNReqIELength -2, &rsn_ie, false);
- if (!DOT11F_FAILED(ret)) {
- pIesLocal->RSN.RSN_Cap[0] =
- pIesLocal->RSN.RSN_Cap[0] &
- rsn_ie.RSN_Cap[0];
- pIesLocal->RSN.RSN_Cap[1] =
- pIesLocal->RSN.RSN_Cap[1] &
- rsn_ie.RSN_Cap[1];
- }
- }
- /* See if the cyphers in the Bss description match with the
- * settings in the profile.
- */
- fRSNMatch = csr_get_rsn_information(mac, &pProfile->AuthType,
- pProfile->negotiatedUCEncryptionType,
- &pProfile->mcEncryptionType,
- &pIesLocal->RSN, UnicastCypher,
- MulticastCypher, AuthSuite,
- &RSNCapabilities, &negAuthType, NULL,
- gp_mgmt_cipher_suite,
- &pProfile->mgmt_encryption_type,
- session->is_adaptive_11r_connection);
- if (!fRSNMatch)
- break;
-
- pRSNIe->IeHeader.ElementID = WLAN_ELEMID_RSN;
-
- pRSNIe->Version = CSR_RSN_VERSION_SUPPORTED;
-
- qdf_mem_copy(pRSNIe->MulticastOui, MulticastCypher,
- sizeof(MulticastCypher));
-
- pRSNIe->cUnicastCyphers = 1;
-
- qdf_mem_copy(&pRSNIe->UnicastOui[0], UnicastCypher,
- sizeof(UnicastCypher));
-
- pAuthSuite =
- (tCsrRSNAuthIe *) (&pRSNIe->
- UnicastOui[pRSNIe->cUnicastCyphers]);
-
- pAuthSuite->cAuthenticationSuites = 1;
- qdf_mem_copy(&pAuthSuite->AuthOui[0], AuthSuite,
- sizeof(AuthSuite));
-
- /* PreAuthSupported is an AP only capability */
- RSNCapabilities.PreAuthSupported = 0;
- /*
- * Use the Management Frame Protection values given by the
- * supplicant, if AP and STA both are MFP capable.
- */
-#ifdef WLAN_FEATURE_11W
- if (RSNCapabilities.MFPCapable && pProfile->MFPCapable) {
- RSNCapabilities.MFPCapable = pProfile->MFPCapable;
- RSNCapabilities.MFPRequired = pProfile->MFPRequired;
- } else {
- RSNCapabilities.MFPCapable = 0;
- RSNCapabilities.MFPRequired = 0;
- }
-#endif
- *(uint16_t *) (&pAuthSuite->AuthOui[1]) =
- *((uint16_t *) (&RSNCapabilities));
-
- pPMK = (tCsrRSNPMKIe *) (((uint8_t *) (&pAuthSuite->AuthOui[1]))
- + sizeof(uint16_t));
-
- if (!csr_update_pmksa_for_cache_id(pSirBssDesc,
- pProfile, &pmkid_cache))
- qdf_mem_copy(pmkid_cache.BSSID.bytes,
- pSirBssDesc->bssId, QDF_MAC_ADDR_SIZE);
- /* Don't include the PMK SA IDs for CCKM associations. */
- if (
-#ifdef FEATURE_WLAN_ESE
- (eCSR_AUTH_TYPE_CCKM_RSN != negAuthType) &&
-#endif
- csr_lookup_pmkid(mac, sessionId, &pmkid_cache)) {
- pPMK->cPMKIDs = 1;
-
- qdf_trace_hex_dump(QDF_MODULE_ID_PE,
- QDF_TRACE_LEVEL_INFO,
- pmkid_cache.pmk, pmkid_cache.pmk_len);
- qdf_mem_copy(pPMK->PMKIDList[0].PMKID,
- pmkid_cache.PMKID,
- PMKID_LEN);
-
- /*
- * If a PMK cache is found for the BSSID, then
- * update the PMK in CSR session also as this
- * will be sent to the FW during RSO.
- */
- csr_update_session_pmk(session, &pmkid_cache);
-
- csr_update_pmksa_to_profile(pProfile, &pmkid_cache);
- } else {
- pPMK->cPMKIDs = 0;
- }
- session->rsn_caps = RSNCapabilities;
-
- qdf_mem_zero(&pmkid_cache, sizeof(pmkid_cache));
-
-#ifdef WLAN_FEATURE_11W
- /* Advertise BIP in group cipher key management only if PMF is
- * enabled and AP is capable.
- */
- if (pProfile->MFPEnabled &&
- (RSNCapabilities.MFPCapable && pProfile->MFPCapable)) {
- pGroupMgmtCipherSuite =
- (uint8_t *) pPMK + sizeof(uint16_t) +
- (pPMK->cPMKIDs * PMKID_LEN);
- qdf_mem_copy(pGroupMgmtCipherSuite,
- gp_mgmt_cipher_suite, CSR_RSN_OUI_SIZE);
- }
-#endif
- host_log_rsn_info(UnicastCypher, MulticastCypher,
- AuthSuite, gp_mgmt_cipher_suite);
-
- /* Add in the fixed fields plus 1 Unicast cypher, less the
- * IE Header length Add in the size of the Auth suite (count
- * plus a single OUI) Add in the RSN caps field.
- * Add PMKID count and PMKID (if any)
- * Add group management cipher suite
- */
- pRSNIe->IeHeader.Length =
- (uint8_t) (sizeof(*pRSNIe) - sizeof(pRSNIe->IeHeader) +
- sizeof(*pAuthSuite) +
- sizeof(struct rsn_caps));
- if (pPMK->cPMKIDs)
- pRSNIe->IeHeader.Length += (uint8_t) (sizeof(uint16_t) +
- (pPMK->cPMKIDs *
- PMKID_LEN));
-#ifdef WLAN_FEATURE_11W
- if (pProfile->MFPEnabled &&
- (RSNCapabilities.MFPCapable && pProfile->MFPCapable)) {
- if (0 == pPMK->cPMKIDs)
- pRSNIe->IeHeader.Length += sizeof(uint16_t);
- pRSNIe->IeHeader.Length += CSR_WPA_OUI_SIZE;
- }
-#endif
-
- /* return the size of the IE header (total) constructed... */
- cbRSNIe = pRSNIe->IeHeader.Length + sizeof(pRSNIe->IeHeader);
-
- } while (0);
-
- if (!pIes && pIesLocal)
- /* locally allocated */
- qdf_mem_free(pIesLocal);
-
- return cbRSNIe;
-}
-
-#ifdef FEATURE_WLAN_WAPI
-/**
- * csr_get_wapi_information() - to get WAPI information
- * @mac_ctx: pointer to global MAC context
- * @auth_type: auth type
- * @encr_type: encryption type
- * @mc_encryption: multicast encryption type
- * @wapi_ie: pointer to WAPI IE
- * @ucast_cipher: Unicast cipher
- * @mcast_cipher: Multicast cipher
- * @auth_suite: Authentication suite
- * @negotiated_authtype: Negotiated auth type
- * @negotiated_mccipher: negotiated multicast cipher
- *
- * This routine will get all WAPI information
- *
- * Return: bool
- */
-static bool csr_get_wapi_information(struct mac_context *mac_ctx,
- tCsrAuthList *auth_type,
- eCsrEncryptionType encr_type,
- tCsrEncryptionList *mc_encryption,
- tDot11fIEWAPI *wapi_ie,
- uint8_t *ucast_cipher,
- uint8_t *mcast_cipher, uint8_t *auth_suite,
- enum csr_akm_type *negotiated_authtype,
- eCsrEncryptionType *negotiated_mccipher)
-{
- bool acceptable_cipher = false;
- uint8_t c_ucast_cipher = 0;
- uint8_t c_mcast_cipher = 0;
- uint8_t c_auth_suites = 0, i;
- uint8_t unicast[CSR_WAPI_OUI_SIZE];
- uint8_t multicast[CSR_WAPI_OUI_SIZE];
- uint8_t authsuites[CSR_WAPI_MAX_AUTH_SUITES][CSR_WAPI_OUI_SIZE];
- uint8_t authentication[CSR_WAPI_OUI_SIZE];
- uint8_t mccipher_arr[CSR_WAPI_MAX_MULTICAST_CYPHERS][CSR_WAPI_OUI_SIZE];
- enum csr_akm_type neg_authtype = eCSR_AUTH_TYPE_UNKNOWN;
- uint8_t wapioui_idx = 0;
-
- if (!wapi_ie->present)
- goto end;
-
- c_mcast_cipher++;
- qdf_mem_copy(mccipher_arr, wapi_ie->multicast_cipher_suite,
- CSR_WAPI_OUI_SIZE);
- c_ucast_cipher = (uint8_t) (wapi_ie->unicast_cipher_suite_count);
- c_auth_suites = (uint8_t) (wapi_ie->akm_suite_count);
- for (i = 0; i < c_auth_suites && i < CSR_WAPI_MAX_AUTH_SUITES; i++)
- qdf_mem_copy((void *)&authsuites[i],
- (void *)&wapi_ie->akm_suites[i], CSR_WAPI_OUI_SIZE);
-
- wapioui_idx = csr_get_oui_index_from_cipher(encr_type);
- if (wapioui_idx >= CSR_OUI_WAPI_WAI_MAX_INDEX) {
- sme_err("Wapi OUI index = %d out of limit",
- wapioui_idx);
- acceptable_cipher = false;
- goto end;
- }
- /* Check - Is requested unicast Cipher supported by the BSS. */
- acceptable_cipher = csr_match_wapi_oui_index(mac_ctx,
- wapi_ie->unicast_cipher_suites,
- c_ucast_cipher, wapioui_idx, unicast);
- if (!acceptable_cipher)
- goto end;
-
- /* unicast is supported. Pick the first matching Group cipher, if any */
- for (i = 0; i < mc_encryption->numEntries; i++) {
- wapioui_idx = csr_get_oui_index_from_cipher(
- mc_encryption->encryptionType[i]);
- if (wapioui_idx >= CSR_OUI_WAPI_WAI_MAX_INDEX) {
- sme_err("Wapi OUI index = %d out of limit",
- wapioui_idx);
- acceptable_cipher = false;
- break;
- }
- acceptable_cipher = csr_match_wapi_oui_index(mac_ctx,
- mccipher_arr, c_mcast_cipher,
- wapioui_idx, multicast);
- if (acceptable_cipher)
- break;
- }
- if (!acceptable_cipher)
- goto end;
-
- if (negotiated_mccipher)
- *negotiated_mccipher =
- mc_encryption->encryptionType[i];
-
- /*
- * Ciphers are supported, Match authentication algorithm and
- * pick first matching authtype
- */
- if (csr_is_auth_wapi_cert
- (mac_ctx, authsuites, c_auth_suites, authentication)) {
- neg_authtype =
- eCSR_AUTH_TYPE_WAPI_WAI_CERTIFICATE;
- } else if (csr_is_auth_wapi_psk(mac_ctx, authsuites,
- c_auth_suites, authentication)) {
- neg_authtype = eCSR_AUTH_TYPE_WAPI_WAI_PSK;
- } else {
- acceptable_cipher = false;
- neg_authtype = eCSR_AUTH_TYPE_UNKNOWN;
- }
-
- /* Caller doesn't care about auth type, or BSS doesn't match */
- if ((0 == auth_type->numEntries) || (false == acceptable_cipher))
- goto end;
-
- acceptable_cipher = false;
- for (i = 0; i < auth_type->numEntries; i++) {
- if (auth_type->authType[i] == neg_authtype) {
- acceptable_cipher = true;
- break;
- }
- }
-
-end:
- if (acceptable_cipher) {
- if (mcast_cipher)
- qdf_mem_copy(mcast_cipher, multicast,
- CSR_WAPI_OUI_SIZE);
- if (ucast_cipher)
- qdf_mem_copy(ucast_cipher, unicast, CSR_WAPI_OUI_SIZE);
- if (auth_suite)
- qdf_mem_copy(auth_suite, authentication,
- CSR_WAPI_OUI_SIZE);
- if (negotiated_authtype)
- *negotiated_authtype = neg_authtype;
- }
- return acceptable_cipher;
-}
-
-static bool csr_lookup_bkid(struct mac_context *mac, uint32_t sessionId,
- uint8_t *pBSSId, uint8_t *pBKId)
-{
- bool fRC = false, fMatchFound = false;
- uint32_t Index;
- struct csr_roam_session *pSession = CSR_GET_SESSION(mac, sessionId);
-
- if (!pSession) {
- sme_err("session %d not found", sessionId);
- return false;
- }
-
- do {
- for (Index = 0; Index < pSession->NumBkidCache; Index++) {
- sme_debug("match BKID " QDF_MAC_ADDR_STR " to ",
- QDF_MAC_ADDR_ARRAY(pBSSId));
- if (!qdf_mem_cmp
- (pBSSId, pSession->BkidCacheInfo[Index].BSSID.bytes,
- sizeof(struct qdf_mac_addr))) {
- /* match found */
- fMatchFound = true;
- break;
- }
- }
-
- if (!fMatchFound)
- break;
-
- qdf_mem_copy(pBKId, pSession->BkidCacheInfo[Index].BKID,
- CSR_WAPI_BKID_SIZE);
-
- fRC = true;
- } while (0);
- sme_debug(
- "return match = %d mac->roam.NumBkidCache = %d",
- fRC, pSession->NumBkidCache);
-
- return fRC;
-}
-
-uint8_t csr_construct_wapi_ie(struct mac_context *mac, uint32_t sessionId,
- struct csr_roam_profile *pProfile,
- struct bss_description *pSirBssDesc,
- tDot11fBeaconIEs *pIes, tCsrWapiIe *pWapiIe)
-{
- bool fWapiMatch = false;
- uint8_t cbWapiIe = 0;
- uint8_t UnicastCypher[CSR_WAPI_OUI_SIZE];
- uint8_t MulticastCypher[CSR_WAPI_OUI_SIZE];
- uint8_t AuthSuite[CSR_WAPI_OUI_SIZE];
- uint8_t BKId[CSR_WAPI_BKID_SIZE];
- uint8_t *pWapi = NULL;
- bool fBKIDFound = false;
- tDot11fBeaconIEs *pIesLocal = pIes;
-
- do {
- if (!csr_is_profile_wapi(pProfile))
- break;
-
- if (!pIesLocal
- &&
- (!QDF_IS_STATUS_SUCCESS
- (csr_get_parsed_bss_description_ies
- (mac, pSirBssDesc, &pIesLocal)))) {
- break;
- }
- /* See if the cyphers in the Bss description match with the
- * settings in the profile.
- */
- fWapiMatch =
- csr_get_wapi_information(mac, &pProfile->AuthType,
- pProfile->negotiatedUCEncryptionType,
- &pProfile->mcEncryptionType,
- &pIesLocal->WAPI, UnicastCypher,
- MulticastCypher, AuthSuite, NULL,
- NULL);
- if (!fWapiMatch)
- break;
-
- qdf_mem_zero(pWapiIe, sizeof(tCsrWapiIe));
-
- pWapiIe->IeHeader.ElementID = DOT11F_EID_WAPI;
-
- pWapiIe->Version = CSR_WAPI_VERSION_SUPPORTED;
-
- pWapiIe->cAuthenticationSuites = 1;
- qdf_mem_copy(&pWapiIe->AuthOui[0], AuthSuite,
- sizeof(AuthSuite));
-
- pWapi = (uint8_t *) (&pWapiIe->AuthOui[1]);
-
- *pWapi = (uint16_t) 1; /* cUnicastCyphers */
- pWapi += 2;
- qdf_mem_copy(pWapi, UnicastCypher, sizeof(UnicastCypher));
- pWapi += sizeof(UnicastCypher);
-
- qdf_mem_copy(pWapi, MulticastCypher, sizeof(MulticastCypher));
- pWapi += sizeof(MulticastCypher);
-
- /* WAPI capabilities follows the Auth Suite (two octects)
- * we shouldn't EVER be sending out "pre-auth supported".
- * It is an AP only capability & since we already did a memset
- * pWapiIe to 0, skip these fields
- */
- pWapi += 2;
-
- fBKIDFound =
- csr_lookup_bkid(mac, sessionId, pSirBssDesc->bssId,
- &(BKId[0]));
-
- if (fBKIDFound) {
- /* Do we need to change the endianness here */
- *pWapi = (uint16_t) 1; /* cBKIDs */
- pWapi += 2;
- qdf_mem_copy(pWapi, BKId, CSR_WAPI_BKID_SIZE);
- } else {
- *pWapi = 0;
- pWapi += 1;
- *pWapi = 0;
- pWapi += 1;
- }
-
- /* Add in the IE fields except the IE header */
- /* Add BKID count and BKID (if any) */
- pWapiIe->IeHeader.Length =
- (uint8_t) (sizeof(*pWapiIe) -
- sizeof(pWapiIe->IeHeader));
-
- /*2 bytes for BKID Count field */
- pWapiIe->IeHeader.Length += sizeof(uint16_t);
-
- if (fBKIDFound)
- pWapiIe->IeHeader.Length += CSR_WAPI_BKID_SIZE;
-
- /* return the size of the IE header (total) constructed... */
- cbWapiIe = pWapiIe->IeHeader.Length + sizeof(pWapiIe->IeHeader);
-
- } while (0);
-
- if (!pIes && pIesLocal)
- /* locally allocated */
- qdf_mem_free(pIesLocal);
-
- return cbWapiIe;
-}
-#endif /* FEATURE_WLAN_WAPI */
-/**
- * csr_get_wpa_cyphers() - to get WPA cipher info
- * @mac_ctx: pointer to mac context
- * @auth_type: auth type
- * @encr_type: encryption type
- * @mc_encryption: multicast encryption type
- * @wpa_ie: pointer to WPA IE
- * @ucast_cipher: Unicast cipher
- * @mcast_cipher: Multicast cipher
- * @auth_suite: Authentication suite
- * @negotiated_authtype: Negotiated auth type
- * @negotiated_mccipher: negotiated multicast cipher
- *
- * This routine will get all WPA information
- *
- * Return: bool
- */
-static bool csr_get_wpa_cyphers(struct mac_context *mac_ctx, tCsrAuthList *auth_type,
- eCsrEncryptionType encr_type,
- tCsrEncryptionList *mc_encryption,
- tDot11fIEWPA *wpa_ie, uint8_t *ucast_cipher,
- uint8_t *mcast_cipher, uint8_t *auth_suite,
- enum csr_akm_type *negotiated_authtype,
- eCsrEncryptionType *negotiated_mccipher)
-{
- bool acceptable_cipher = false;
- uint8_t c_ucast_cipher = 0;
- uint8_t c_mcast_cipher = 0;
- uint8_t c_auth_suites = 0;
- uint8_t unicast[CSR_WPA_OUI_SIZE];
- uint8_t multicast[CSR_WPA_OUI_SIZE];
- uint8_t authentication[CSR_WPA_OUI_SIZE];
- uint8_t mccipher_arr[1][CSR_WPA_OUI_SIZE];
- uint8_t i;
- uint8_t index;
- enum csr_akm_type neg_authtype = eCSR_AUTH_TYPE_UNKNOWN;
-
- if (!wpa_ie->present)
- goto end;
- c_mcast_cipher = 1;
- qdf_mem_copy(mccipher_arr, wpa_ie->multicast_cipher, CSR_WPA_OUI_SIZE);
- c_ucast_cipher = (uint8_t) (wpa_ie->unicast_cipher_count);
- c_auth_suites = (uint8_t) (wpa_ie->auth_suite_count);
-
- /*
- * csr_match_wpaoui_index will provide the index of the
- * array csr_wpa_oui to be read and determine if it is
- * accepatable cipher or not. Below check ensures that
- * the index will not be out of range of the array size.
- */
- index = csr_get_oui_index_from_cipher(encr_type);
- if (!(index < (sizeof(csr_wpa_oui)/CSR_WPA_OUI_SIZE))) {
- sme_debug("Unacceptable index: %d", index);
- goto end;
- }
-
- sme_debug("kw_dbg: index: %d", index);
- /* Check - Is requested unicast Cipher supported by the BSS. */
- acceptable_cipher = csr_match_wpaoui_index(mac_ctx,
- wpa_ie->unicast_ciphers, c_ucast_cipher,
- index, unicast);
- if (!acceptable_cipher)
- goto end;
- /* unicast is supported. Pick the first matching Group cipher, if any */
- for (i = 0; i < mc_encryption->numEntries; i++) {
- index = csr_get_oui_index_from_cipher(
- mc_encryption->encryptionType[i]);
- sme_debug("kw_dbg: index: %d", index);
- if (!(index < (sizeof(csr_wpa_oui)/CSR_WPA_OUI_SIZE))) {
- sme_debug("Unacceptable MC index: %d", index);
- acceptable_cipher = false;
- continue;
- }
- acceptable_cipher = csr_match_wpaoui_index(mac_ctx,
- mccipher_arr, c_mcast_cipher,
- index, multicast);
- if (acceptable_cipher)
- break;
- }
- if (!acceptable_cipher)
- goto end;
-
- if (negotiated_mccipher)
- *negotiated_mccipher = mc_encryption->encryptionType[i];
-
- /* Initializing with false as it has true value already */
- acceptable_cipher = false;
- for (i = 0; i < auth_type->numEntries; i++) {
- /*
- * Ciphers are supported, Match authentication algorithm and
- * pick first matching authtype
- */
- if (csr_is_auth_wpa(mac_ctx, wpa_ie->auth_suites, c_auth_suites,
- authentication)) {
- if (eCSR_AUTH_TYPE_WPA == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_WPA;
- }
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
- csr_is_auth_wpa_psk(mac_ctx,
- wpa_ie->auth_suites, c_auth_suites,
- authentication)) {
- if (eCSR_AUTH_TYPE_WPA_PSK == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_WPA_PSK;
- }
-#ifdef FEATURE_WLAN_ESE
- if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN)
- && csr_is_ese_cckm_auth_wpa(mac_ctx,
- wpa_ie->auth_suites, c_auth_suites,
- authentication)) {
- if (eCSR_AUTH_TYPE_CCKM_WPA == auth_type->authType[i])
- neg_authtype = eCSR_AUTH_TYPE_CCKM_WPA;
- }
-#endif /* FEATURE_WLAN_ESE */
-
- /*
- * The 1st auth type in the APs WPA IE, to match stations
- * connecting profiles auth type will cause us to exit this
- * loop. This is added as some APs advertise multiple akms in
- * the WPA IE
- */
- if (eCSR_AUTH_TYPE_UNKNOWN != neg_authtype) {
- acceptable_cipher = true;
- break;
- }
- }
-
-end:
- if (acceptable_cipher) {
- if (mcast_cipher)
- qdf_mem_copy((uint8_t **) mcast_cipher, multicast,
- CSR_WPA_OUI_SIZE);
-
- if (ucast_cipher)
- qdf_mem_copy((uint8_t **) ucast_cipher, unicast,
- CSR_WPA_OUI_SIZE);
-
- if (auth_suite)
- qdf_mem_copy((uint8_t **) auth_suite, authentication,
- CSR_WPA_OUI_SIZE);
-
- if (negotiated_authtype)
- *negotiated_authtype = neg_authtype;
- }
-
- return acceptable_cipher;
-}
-
-uint8_t csr_construct_wpa_ie(struct mac_context *mac, uint8_t session_id,
- struct csr_roam_profile *pProfile,
- struct bss_description *pSirBssDesc,
- tDot11fBeaconIEs *pIes, tCsrWpaIe *pWpaIe)
-{
- bool fWpaMatch;
- uint8_t cbWpaIe = 0;
- uint8_t UnicastCypher[CSR_WPA_OUI_SIZE];
- uint8_t MulticastCypher[CSR_WPA_OUI_SIZE];
- uint8_t AuthSuite[CSR_WPA_OUI_SIZE];
- tCsrWpaAuthIe *pAuthSuite;
- tDot11fBeaconIEs *pIesLocal = pIes;
-
- do {
- if (!csr_is_profile_wpa(pProfile))
- break;
-
- if (!pIesLocal
- &&
- (!QDF_IS_STATUS_SUCCESS
- (csr_get_parsed_bss_description_ies
- (mac, pSirBssDesc, &pIesLocal))))
- break;
- /* See if the cyphers in the Bss description match with the
- * settings in the profile.
- */
- fWpaMatch =
- csr_get_wpa_cyphers(mac, &pProfile->AuthType,
- pProfile->negotiatedUCEncryptionType,
- &pProfile->mcEncryptionType,
- &pIesLocal->WPA, UnicastCypher,
- MulticastCypher, AuthSuite, NULL, NULL);
- if (!fWpaMatch)
- break;
-
- pWpaIe->IeHeader.ElementID = SIR_MAC_WPA_EID;
-
- qdf_mem_copy(pWpaIe->Oui, csr_wpa_oui[01], sizeof(pWpaIe->Oui));
-
- pWpaIe->Version = CSR_WPA_VERSION_SUPPORTED;
-
- qdf_mem_copy(pWpaIe->MulticastOui, MulticastCypher,
- sizeof(MulticastCypher));
-
- pWpaIe->cUnicastCyphers = 1;
-
- qdf_mem_copy(&pWpaIe->UnicastOui[0], UnicastCypher,
- sizeof(UnicastCypher));
-
- pAuthSuite =
- (tCsrWpaAuthIe *) (&pWpaIe->
- UnicastOui[pWpaIe->cUnicastCyphers]);
-
- pAuthSuite->cAuthenticationSuites = 1;
- qdf_mem_copy(&pAuthSuite->AuthOui[0], AuthSuite,
- sizeof(AuthSuite));
-
- /* The WPA capabilities follows the Auth Suite (two octects)-
- * this field is optional, and we always "send" zero, so just
- * remove it. This is consistent with our assumptions in the
- * frames compiler; c.f. bug 15234:
- * http://gold.woodsidenet.com/bugzilla/show_bug.cgi?id=15234
- * Add in the fixed fields plus 1 Unicast cypher, less the IE
- * Header length Add in the size of the Auth suite (count plus
- * a single OUI)
- */
- pWpaIe->IeHeader.Length =
- sizeof(*pWpaIe) - sizeof(pWpaIe->IeHeader) +
- sizeof(*pAuthSuite);
-
- /* return the size of the IE header (total) constructed... */
- cbWpaIe = pWpaIe->IeHeader.Length + sizeof(pWpaIe->IeHeader);
-
- } while (0);
-
- if (!pIes && pIesLocal)
- /* locally allocated */
- qdf_mem_free(pIesLocal);
-
- return cbWpaIe;
-}
-#endif
-
/* If a WPAIE exists in the profile, just use it. Or else construct
* one from the BSS Caller allocated memory for pWpaIe and guarrantee
* it can contain a max length WPA IE