Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 1 | /* |
Abhishek Singh | 7dcb85b | 2017-12-27 15:15:01 +0530 | [diff] [blame] | 2 | * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 3 | * |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 4 | * Permission to use, copy, modify, and/or distribute this software for |
| 5 | * any purpose with or without fee is hereby granted, provided that the |
| 6 | * above copyright notice and this permission notice appear in all |
| 7 | * copies. |
| 8 | * |
| 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL |
| 10 | * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED |
| 11 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE |
| 12 | * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL |
| 13 | * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR |
| 14 | * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER |
| 15 | * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR |
| 16 | * PERFORMANCE OF THIS SOFTWARE. |
| 17 | */ |
| 18 | |
| 19 | /* |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 20 | * |
| 21 | * This file lim_sme_req_utils.cc contains the utility functions |
| 22 | * for processing SME request messages. |
| 23 | * Author: Chandra Modumudi |
| 24 | * Date: 02/11/02 |
| 25 | * History:- |
| 26 | * Date Modified by Modification Information |
| 27 | * -------------------------------------------------------------------- |
| 28 | * 05/26/10 js WPA handling in (Re)Assoc frames |
| 29 | * |
| 30 | */ |
| 31 | |
| 32 | #include "wni_api.h" |
| 33 | #include "wni_cfg.h" |
| 34 | #include "cfg_api.h" |
| 35 | #include "sir_api.h" |
| 36 | #include "sch_api.h" |
| 37 | #include "utils_api.h" |
| 38 | #include "lim_types.h" |
| 39 | #include "lim_utils.h" |
| 40 | #include "lim_assoc_utils.h" |
| 41 | #include "lim_security_utils.h" |
| 42 | #include "lim_ser_des_utils.h" |
Jeff Johnson | 5fc5176 | 2016-10-07 07:33:42 -0700 | [diff] [blame] | 43 | #include "lim_sme_req_utils.h" |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 44 | |
| 45 | /** |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 46 | * lim_is_rsn_ie_valid_in_sme_req_message() |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 47 | * |
| 48 | * @mac_ctx Pointer to Global MAC structure |
| 49 | * @rsn_ie Pointer to received RSN IE |
| 50 | * |
| 51 | * This function is called to verify if the RSN IE received in various SME_REQ |
| 52 | * messages is valid or not |
| 53 | * |
| 54 | * Return: true when RSN IE is valid, false otherwise |
| 55 | * |
| 56 | */ |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 57 | static uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 58 | lim_is_rsn_ie_valid_in_sme_req_message(struct mac_context *mac_ctx, |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 59 | tpSirRSNie rsn_ie) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 60 | { |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 61 | uint8_t start = 0, privacy; |
| 62 | uint32_t val; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 63 | int len; |
| 64 | |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 65 | privacy = mac_ctx->mlme_cfg->wep_params.is_privacy_enabled; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 66 | |
gaurank kathpalia | e5a17e4 | 2018-09-10 10:05:25 +0530 | [diff] [blame] | 67 | val = mac_ctx->mlme_cfg->feature_flags.enable_rsn; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 68 | if (rsn_ie->length && (!privacy || !val)) { |
| 69 | /* Privacy & RSN not enabled in CFG. |
| 70 | * In order to allow mixed mode for Guest access |
| 71 | * allow BSS creation/join with no Privacy capability |
| 72 | * yet advertising WPA IE |
| 73 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 74 | pe_debug("RSN ie len: %d PRIVACY: %d RSN: %d", |
Nishank Aggarwal | 7f49419 | 2017-03-11 13:46:18 +0530 | [diff] [blame] | 75 | rsn_ie->length, privacy, val); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 76 | } |
| 77 | |
| 78 | if (!rsn_ie->length) |
| 79 | return true; |
| 80 | |
| 81 | if ((rsn_ie->rsnIEdata[0] != DOT11F_EID_RSN) |
| 82 | #ifdef FEATURE_WLAN_WAPI |
| 83 | && (rsn_ie->rsnIEdata[0] != DOT11F_EID_WAPI) |
| 84 | #endif |
| 85 | && (rsn_ie->rsnIEdata[0] != DOT11F_EID_WPA)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 86 | pe_err("RSN/WPA/WAPI EID: %d not [%d || %d]", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 87 | rsn_ie->rsnIEdata[0], DOT11F_EID_RSN, |
| 88 | DOT11F_EID_WPA); |
| 89 | return false; |
| 90 | } |
| 91 | |
| 92 | len = rsn_ie->length; |
| 93 | start = 0; |
| 94 | while (len > 0) { |
| 95 | switch (rsn_ie->rsnIEdata[start]) { |
| 96 | case DOT11F_EID_RSN: |
| 97 | /* Check validity of RSN IE */ |
| 98 | if ((rsn_ie->rsnIEdata[start + 1] > |
| 99 | DOT11F_IE_RSN_MAX_LEN) |
| 100 | || (rsn_ie->rsnIEdata[start + 1] < |
| 101 | DOT11F_IE_RSN_MIN_LEN)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 102 | pe_err("RSN IE len: %d not [%d,%d]", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 103 | rsn_ie->rsnIEdata[start + 1], |
| 104 | DOT11F_IE_RSN_MIN_LEN, |
| 105 | DOT11F_IE_RSN_MAX_LEN); |
| 106 | return false; |
| 107 | } |
| 108 | break; |
| 109 | case DOT11F_EID_WPA: |
| 110 | /* Check validity of WPA IE */ |
| 111 | if (SIR_MAC_MAX_IE_LENGTH <= start) |
| 112 | break; |
| 113 | |
| 114 | if (start <= (SIR_MAC_MAX_IE_LENGTH - sizeof(uint32_t))) |
| 115 | val = sir_read_u32((uint8_t *) & |
| 116 | rsn_ie->rsnIEdata[start + 2]); |
| 117 | |
| 118 | if ((rsn_ie->rsnIEdata[start + 1] < |
| 119 | DOT11F_IE_WPA_MIN_LEN) |
| 120 | || (rsn_ie->rsnIEdata[start + 1] > |
| 121 | DOT11F_IE_WPA_MAX_LEN) |
| 122 | || (SIR_MAC_WPA_OUI != val)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 123 | pe_err("WPA IE len: %d not [%d,%d] OR data 0x%x not 0x%x", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 124 | rsn_ie->rsnIEdata[start + 1], |
| 125 | DOT11F_IE_WPA_MIN_LEN, |
| 126 | DOT11F_IE_WPA_MAX_LEN, |
| 127 | val, SIR_MAC_WPA_OUI); |
| 128 | return false; |
| 129 | } |
| 130 | break; |
| 131 | #ifdef FEATURE_WLAN_WAPI |
| 132 | case DOT11F_EID_WAPI: |
| 133 | if ((rsn_ie->rsnIEdata[start + 1] > |
| 134 | DOT11F_IE_WAPI_MAX_LEN) |
| 135 | || (rsn_ie->rsnIEdata[start + 1] < |
| 136 | DOT11F_IE_WAPI_MIN_LEN)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 137 | pe_err("WAPI IE len: %d not [%d,%d]", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 138 | rsn_ie->rsnIEdata[start + 1], |
| 139 | DOT11F_IE_WAPI_MIN_LEN, |
| 140 | DOT11F_IE_WAPI_MAX_LEN); |
| 141 | return false; |
| 142 | } |
| 143 | break; |
| 144 | #endif |
| 145 | default: |
| 146 | /* we will never be here, simply for completeness */ |
| 147 | return false; |
| 148 | } /* end of switch */ |
| 149 | /* EID + length field + length */ |
| 150 | start += 2 + rsn_ie->rsnIEdata[start + 1]; |
| 151 | len -= start; |
| 152 | } /* end while loop */ |
| 153 | return true; |
| 154 | } /*** end lim_is_rs_nie_valid_in_sme_req_message() ***/ |
| 155 | |
| 156 | /** |
| 157 | * lim_is_addie_valid_in_sme_req_message() |
| 158 | * |
| 159 | ***FUNCTION: |
| 160 | * This function is called to verify if the Add IE |
| 161 | * received in various SME_REQ messages is valid or not |
| 162 | * |
| 163 | ***LOGIC: |
| 164 | * Add IE validity checks are performed on only length |
| 165 | * |
| 166 | ***ASSUMPTIONS: |
| 167 | * |
| 168 | ***NOTE: |
| 169 | * |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 170 | * @param mac Pointer to Global MAC structure |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 171 | * @param pWSCie Pointer to received WSC IE |
| 172 | * @return true when WSC IE is valid, false otherwise |
| 173 | */ |
| 174 | |
| 175 | static uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 176 | lim_is_addie_valid_in_sme_req_message(struct mac_context *mac, tpSirAddie pAddie) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 177 | { |
| 178 | int left = pAddie->length; |
| 179 | uint8_t *ptr = pAddie->addIEdata; |
| 180 | uint8_t elem_id, elem_len; |
| 181 | |
| 182 | if (left == 0) |
| 183 | return true; |
| 184 | |
| 185 | while (left >= 2) { |
| 186 | elem_id = ptr[0]; |
| 187 | elem_len = ptr[1]; |
| 188 | left -= 2; |
| 189 | if (elem_len > left) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 190 | pe_err("Invalid Add IEs eid: %d elem_len: %d left: %d", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 191 | elem_id, elem_len, left); |
| 192 | return false; |
| 193 | } |
| 194 | |
| 195 | left -= elem_len; |
| 196 | ptr += (elem_len + 2); |
| 197 | } |
| 198 | /* there shouldn't be any left byte */ |
| 199 | |
| 200 | return true; |
| 201 | } /*** end lim_is_addie_valid_in_sme_req_message() ***/ |
| 202 | |
| 203 | /** |
| 204 | * lim_set_rs_nie_wp_aiefrom_sme_start_bss_req_message() - to set rsnie/wpaie |
| 205 | * |
| 206 | * @mac_ctx : Pointer to Global MAC structure |
| 207 | * @rsn_ie : Pointer to received RSN IE |
| 208 | * @session : Pointer to pe session |
| 209 | * |
| 210 | * This function is called to verify if the RSN IE received in various |
| 211 | * SME_REQ messages is valid or not. RSN IE validity checks are performed in |
| 212 | * this function |
| 213 | * |
| 214 | * Return: true when RSN IE is valid, false otherwise |
| 215 | */ |
| 216 | uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 217 | lim_set_rs_nie_wp_aiefrom_sme_start_bss_req_message(struct mac_context *mac_ctx, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 218 | tpSirRSNie rsn_ie, |
Jeff Johnson | 80a93f9 | 2018-11-18 22:12:35 -0800 | [diff] [blame] | 219 | struct pe_session *session) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 220 | { |
Naveen Rawat | 72475db | 2017-12-13 18:07:35 -0800 | [diff] [blame] | 221 | uint32_t ret; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 222 | uint8_t wpa_idx = 0; |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 223 | uint32_t val; |
| 224 | bool privacy; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 225 | |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 226 | privacy = mac_ctx->mlme_cfg->wep_params.is_privacy_enabled; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 227 | |
gaurank kathpalia | e5a17e4 | 2018-09-10 10:05:25 +0530 | [diff] [blame] | 228 | val = mac_ctx->mlme_cfg->feature_flags.enable_rsn; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 229 | if (rsn_ie->length && (!privacy || !val)) { |
| 230 | /* |
| 231 | * Privacy & RSN not enabled in CFG. |
| 232 | * In order to allow mixed mode for Guest access |
| 233 | * allow BSS creation/join with no Privacy capability |
| 234 | * yet advertising WPA IE |
| 235 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 236 | pe_debug("RSN ie len: %d but PRIVACY: %d RSN: %d", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 237 | rsn_ie->length, privacy, val); |
| 238 | } |
| 239 | |
| 240 | if (!rsn_ie->length) |
| 241 | return true; |
| 242 | |
| 243 | if ((rsn_ie->rsnIEdata[0] != SIR_MAC_RSN_EID) && |
| 244 | (rsn_ie->rsnIEdata[0] != SIR_MAC_WPA_EID)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 245 | pe_err("RSN/WPA EID: %d not [%d || %d]", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 246 | rsn_ie->rsnIEdata[0], SIR_MAC_RSN_EID, |
| 247 | SIR_MAC_WPA_EID); |
| 248 | return false; |
| 249 | } |
| 250 | /* Check validity of RSN IE */ |
| 251 | if ((rsn_ie->rsnIEdata[0] == SIR_MAC_RSN_EID) && |
| 252 | (rsn_ie->rsnIEdata[1] < SIR_MAC_RSN_IE_MIN_LENGTH)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 253 | pe_err("RSN IE len: %d not [%d,%d]", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 254 | rsn_ie->rsnIEdata[1], SIR_MAC_RSN_IE_MIN_LENGTH, |
| 255 | SIR_MAC_RSN_IE_MAX_LENGTH); |
| 256 | return false; |
| 257 | } |
| 258 | |
| 259 | if (rsn_ie->length > rsn_ie->rsnIEdata[1] + 2) { |
| 260 | if (rsn_ie->rsnIEdata[0] != SIR_MAC_RSN_EID) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 261 | pe_err("First byte: %d in rsnIEdata isn't RSN_EID", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 262 | rsn_ie->rsnIEdata[1]); |
| 263 | return false; |
| 264 | } |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 265 | pe_debug("WPA IE is present along with WPA2 IE"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 266 | wpa_idx = 2 + rsn_ie->rsnIEdata[1]; |
| 267 | } else if ((rsn_ie->length == rsn_ie->rsnIEdata[1] + 2) && |
| 268 | (rsn_ie->rsnIEdata[0] == SIR_MAC_RSN_EID)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 269 | pe_debug("Only RSN IE is present"); |
Naveen Rawat | 72475db | 2017-12-13 18:07:35 -0800 | [diff] [blame] | 270 | ret = dot11f_unpack_ie_rsn(mac_ctx, &rsn_ie->rsnIEdata[2], |
| 271 | rsn_ie->rsnIEdata[1], |
| 272 | &session->gStartBssRSNIe, false); |
| 273 | if (!DOT11F_SUCCEEDED(ret)) { |
| 274 | pe_err("unpack failed, ret: %d", ret); |
| 275 | return false; |
| 276 | } |
Abhinav Kumar | 9449269 | 2018-02-16 18:18:09 +0530 | [diff] [blame] | 277 | return true; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 278 | } else if ((rsn_ie->length == rsn_ie->rsnIEdata[1] + 2) |
| 279 | && (rsn_ie->rsnIEdata[0] == SIR_MAC_WPA_EID)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 280 | pe_debug("Only WPA IE is present"); |
Naveen Rawat | 72475db | 2017-12-13 18:07:35 -0800 | [diff] [blame] | 281 | ret = dot11f_unpack_ie_wpa(mac_ctx, &rsn_ie->rsnIEdata[6], |
Abhinav Kumar | 3ef787b | 2018-04-03 16:39:33 +0530 | [diff] [blame] | 282 | rsn_ie->rsnIEdata[1] - 4, |
Naveen Rawat | 72475db | 2017-12-13 18:07:35 -0800 | [diff] [blame] | 283 | &session->gStartBssWPAIe, false); |
| 284 | if (!DOT11F_SUCCEEDED(ret)) { |
| 285 | pe_err("unpack failed, ret: %d", ret); |
| 286 | return false; |
| 287 | } |
Abhinav Kumar | 9449269 | 2018-02-16 18:18:09 +0530 | [diff] [blame] | 288 | return true; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 289 | } |
| 290 | /* Check validity of WPA IE */ |
| 291 | if (wpa_idx + 6 >= SIR_MAC_MAX_IE_LENGTH) |
| 292 | return false; |
| 293 | |
| 294 | val = sir_read_u32((uint8_t *)&rsn_ie->rsnIEdata[wpa_idx + 2]); |
| 295 | if ((rsn_ie->rsnIEdata[wpa_idx] == SIR_MAC_WPA_EID) |
| 296 | && ((rsn_ie->rsnIEdata[wpa_idx + 1] < SIR_MAC_WPA_IE_MIN_LENGTH) |
| 297 | || (SIR_MAC_WPA_OUI != val))) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 298 | pe_err("WPA IE len: %d not [%d,%d] OR data 0x%x not 0x%x", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 299 | rsn_ie->rsnIEdata[1], |
| 300 | SIR_MAC_RSN_IE_MIN_LENGTH, |
| 301 | SIR_MAC_RSN_IE_MAX_LENGTH, val, |
| 302 | SIR_MAC_WPA_OUI); |
| 303 | return false; |
| 304 | } else { |
| 305 | /* Both RSN and WPA IEs are present */ |
Naveen Rawat | 72475db | 2017-12-13 18:07:35 -0800 | [diff] [blame] | 306 | ret = dot11f_unpack_ie_rsn(mac_ctx, &rsn_ie->rsnIEdata[2], |
| 307 | rsn_ie->rsnIEdata[1], |
| 308 | &session->gStartBssRSNIe, false); |
| 309 | if (!DOT11F_SUCCEEDED(ret)) { |
| 310 | pe_err("unpack failed, ret: %d", ret); |
| 311 | return false; |
| 312 | } |
| 313 | ret = dot11f_unpack_ie_wpa(mac_ctx, |
| 314 | &rsn_ie->rsnIEdata[wpa_idx + 6], |
| 315 | rsn_ie->rsnIEdata[wpa_idx + 1] - 4, |
| 316 | &session->gStartBssWPAIe, false); |
| 317 | if (!DOT11F_SUCCEEDED(ret)) { |
| 318 | pe_err("unpack failed, ret: %d", ret); |
| 319 | return false; |
| 320 | } |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 321 | } |
| 322 | return true; |
| 323 | } |
| 324 | |
| 325 | /** |
| 326 | * lim_is_bss_descr_valid_in_sme_req_message() |
| 327 | * |
| 328 | ***FUNCTION: |
| 329 | * This function is called to verify if the BSS Descr |
| 330 | * received in various SME_REQ messages is valid or not |
| 331 | * |
| 332 | ***LOGIC: |
| 333 | * BSS Descritipion validity checks are performed in this function |
| 334 | * |
| 335 | ***ASSUMPTIONS: |
| 336 | * |
| 337 | ***NOTE: |
| 338 | * |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 339 | * @param mac Pointer to Global MAC structure |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 340 | * @param pBssDescr Pointer to received Bss Descritipion |
| 341 | * @return true when BSS description is valid, false otherwise |
| 342 | */ |
| 343 | |
| 344 | static uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 345 | lim_is_bss_descr_valid_in_sme_req_message(struct mac_context *mac, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 346 | tpSirBssDescription pBssDescr) |
| 347 | { |
| 348 | uint8_t valid = true; |
| 349 | |
| 350 | if (lim_is_addr_bc(pBssDescr->bssId) || !pBssDescr->channelId) { |
| 351 | valid = false; |
| 352 | goto end; |
| 353 | } |
| 354 | |
| 355 | end: |
| 356 | return valid; |
| 357 | } /*** end lim_is_bss_descr_valid_in_sme_req_message() ***/ |
| 358 | |
| 359 | /** |
| 360 | * lim_is_sme_start_bss_req_valid() - To validate sme start bss request |
| 361 | * |
| 362 | * @mac_ctx: Pointer to Global MAC structure |
| 363 | * @start_bss_req: Pointer to received SME_START_BSS_REQ message |
| 364 | * |
| 365 | * This function is called by lim_process_sme_req_messages() upon |
| 366 | * receiving SME_START_BSS_REQ message from application. |
| 367 | * |
| 368 | * Return: true when received SME_START_BSS_REQ is formatted correctly false |
| 369 | * otherwise |
| 370 | */ |
| 371 | |
| 372 | uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 373 | lim_is_sme_start_bss_req_valid(struct mac_context *mac_ctx, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 374 | tpSirSmeStartBssReq start_bss_req) |
| 375 | { |
| 376 | uint8_t i = 0; |
| 377 | tSirMacRateSet *opr_rates = &start_bss_req->operationalRateSet; |
| 378 | |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 379 | pe_debug("Parsed START_BSS_REQ fields are bssType: %s (%d) channelId: %d SSID len: %d rsnIE len: %d nwType: %d rateset len: %d", |
Sreelakshmi Konamki | 39acb13 | 2015-12-16 13:06:22 +0530 | [diff] [blame] | 380 | lim_bss_type_to_string(start_bss_req->bssType), |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 381 | start_bss_req->bssType, start_bss_req->channelId, |
| 382 | start_bss_req->ssId.length, start_bss_req->rsnIE.length, |
Nishank Aggarwal | 7f49419 | 2017-03-11 13:46:18 +0530 | [diff] [blame] | 383 | start_bss_req->nwType, opr_rates->numRates); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 384 | |
| 385 | switch (start_bss_req->bssType) { |
| 386 | case eSIR_INFRASTRUCTURE_MODE: |
| 387 | /** |
| 388 | * Should not have received start BSS req with bssType |
| 389 | * Infrastructure on STA. |
| 390 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 391 | pe_warn("Invalid bssType: %d in eWNI_SME_START_BSS_REQ", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 392 | start_bss_req->bssType); |
| 393 | return false; |
| 394 | break; |
| 395 | case eSIR_IBSS_MODE: |
| 396 | break; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 397 | case eSIR_INFRA_AP_MODE: |
| 398 | break; |
Deepak Dhamdhere | e2dd544 | 2016-05-27 15:05:51 -0700 | [diff] [blame] | 399 | case eSIR_NDI_MODE: |
| 400 | break; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 401 | default: |
| 402 | /** |
| 403 | * Should not have received start BSS req with bssType |
| 404 | * other than Infrastructure/IBSS. |
| 405 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 406 | pe_warn("Invalid bssType: %d in eWNI_SME_START_BSS_REQ", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 407 | start_bss_req->bssType); |
| 408 | return false; |
| 409 | } |
| 410 | |
| 411 | if (start_bss_req->bssType == eSIR_IBSS_MODE |
| 412 | && (!start_bss_req->ssId.length |
| 413 | || start_bss_req->ssId.length > SIR_MAC_MAX_SSID_LENGTH)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 414 | pe_warn("Invalid SSID length in eWNI_SME_START_BSS_REQ"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 415 | return false; |
| 416 | } |
| 417 | |
| 418 | if (!lim_is_rsn_ie_valid_in_sme_req_message(mac_ctx, |
| 419 | &start_bss_req->rsnIE)) |
| 420 | return false; |
| 421 | |
| 422 | if (start_bss_req->nwType != eSIR_11A_NW_TYPE |
| 423 | && start_bss_req->nwType != eSIR_11B_NW_TYPE |
| 424 | && start_bss_req->nwType != eSIR_11G_NW_TYPE) |
| 425 | return false; |
| 426 | |
| 427 | if (start_bss_req->nwType == eSIR_11A_NW_TYPE) { |
| 428 | for (i = 0; i < opr_rates->numRates; i++) { |
| 429 | if (sirIsArate(opr_rates->rate[i] & 0x7F)) |
| 430 | continue; |
| 431 | |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 432 | pe_warn("Invalid operational 11A rates"); |
Srinivas Girigowda | b896a56 | 2017-03-16 17:41:26 -0700 | [diff] [blame] | 433 | QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_PE, |
| 434 | QDF_TRACE_LEVEL_WARN, |
| 435 | opr_rates->rate, |
| 436 | opr_rates->numRates); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 437 | return false; |
| 438 | } |
| 439 | return true; |
| 440 | } |
| 441 | /* check if all the rates in the opr rate set are legal 11G rates */ |
| 442 | if (start_bss_req->nwType == eSIR_11G_NW_TYPE) { |
| 443 | for (i = 0; i < opr_rates->numRates; i++) { |
| 444 | if (sirIsGrate(opr_rates->rate[i] & 0x7F)) |
| 445 | continue; |
| 446 | |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 447 | pe_warn("Invalid operational 11G rates"); |
Srinivas Girigowda | b896a56 | 2017-03-16 17:41:26 -0700 | [diff] [blame] | 448 | QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_PE, |
| 449 | QDF_TRACE_LEVEL_WARN, |
| 450 | opr_rates->rate, |
| 451 | opr_rates->numRates); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 452 | return false; |
| 453 | } |
| 454 | return true; |
| 455 | } |
| 456 | |
| 457 | for (i = 0; i < opr_rates->numRates; i++) { |
| 458 | if (sirIsBrate(opr_rates->rate[i] & 0x7F)) |
| 459 | continue; |
| 460 | |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 461 | pe_warn("Invalid operational 11B rates"); |
Srinivas Girigowda | b896a56 | 2017-03-16 17:41:26 -0700 | [diff] [blame] | 462 | QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_PE, |
| 463 | QDF_TRACE_LEVEL_WARN, |
| 464 | opr_rates->rate, |
| 465 | opr_rates->numRates); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 466 | return false; |
| 467 | } |
| 468 | return true; |
| 469 | } |
| 470 | |
| 471 | /** |
| 472 | * lim_is_sme_join_req_valid() |
| 473 | * |
| 474 | ***FUNCTION: |
| 475 | * This function is called by lim_process_sme_req_messages() upon |
| 476 | * receiving SME_JOIN_REQ message from application. |
| 477 | * |
| 478 | ***LOGIC: |
| 479 | * Message validity checks are performed in this function |
| 480 | * |
| 481 | ***ASSUMPTIONS: |
| 482 | * |
| 483 | ***NOTE: |
| 484 | * |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 485 | * @param mac Pointer to Global MAC structure |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 486 | * @param pJoinReq Pointer to received SME_JOIN_REQ message |
| 487 | * @return true when received SME_JOIN_REQ is formatted correctly |
| 488 | * false otherwise |
| 489 | */ |
| 490 | |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 491 | uint8_t lim_is_sme_join_req_valid(struct mac_context *mac, tpSirSmeJoinReq pJoinReq) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 492 | { |
| 493 | uint8_t valid = true; |
| 494 | |
Abhishek Singh | 6454ad3 | 2017-12-20 10:42:21 +0530 | [diff] [blame] | 495 | /* |
| 496 | * If force_rsne_override is enabled that mean User has provided the |
| 497 | * test RSNIE which need to be send as it is in assoc req and thus RSNIE |
| 498 | * validity is not required. |
| 499 | */ |
| 500 | if (!pJoinReq->force_rsne_override && |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 501 | !lim_is_rsn_ie_valid_in_sme_req_message(mac, &pJoinReq->rsnIE)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 502 | pe_err("received SME_JOIN_REQ with invalid RSNIE"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 503 | valid = false; |
| 504 | goto end; |
| 505 | } |
| 506 | |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 507 | if (!lim_is_addie_valid_in_sme_req_message(mac, &pJoinReq->addIEScan)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 508 | pe_err("received SME_JOIN_REQ with invalid additional IE for scan"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 509 | valid = false; |
| 510 | goto end; |
| 511 | } |
| 512 | |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 513 | if (!lim_is_addie_valid_in_sme_req_message(mac, &pJoinReq->addIEAssoc)) { |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 514 | pe_err("received SME_JOIN_REQ with invalid additional IE for assoc"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 515 | valid = false; |
| 516 | goto end; |
| 517 | } |
| 518 | |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 519 | if (!lim_is_bss_descr_valid_in_sme_req_message(mac, &pJoinReq->bssDescription)) { |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 520 | /* / Received eWNI_SME_JOIN_REQ with invalid BSS Info */ |
| 521 | /* Log the event */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 522 | pe_err("received SME_JOIN_REQ with invalid bssInfo"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 523 | |
| 524 | valid = false; |
| 525 | goto end; |
| 526 | } |
| 527 | |
| 528 | /* |
| 529 | Reject Join Req if the Self Mac Address and |
| 530 | the Ap's Mac Address is same |
| 531 | */ |
Anurag Chouhan | 600c3a0 | 2016-03-01 10:33:54 +0530 | [diff] [blame] | 532 | if (!qdf_mem_cmp((uint8_t *) pJoinReq->selfMacAddr, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 533 | (uint8_t *) pJoinReq->bssDescription.bssId, |
| 534 | (uint8_t) (sizeof(tSirMacAddr)))) { |
| 535 | /* Log the event */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 536 | pe_err("received SME_JOIN_REQ with Self Mac and BSSID Same"); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 537 | |
| 538 | valid = false; |
| 539 | goto end; |
| 540 | } |
| 541 | |
| 542 | end: |
| 543 | return valid; |
| 544 | } /*** end lim_is_sme_join_req_valid() ***/ |
| 545 | |
| 546 | /** |
| 547 | * lim_is_sme_disassoc_req_valid() |
| 548 | * |
| 549 | ***FUNCTION: |
| 550 | * This function is called by lim_process_sme_req_messages() upon |
| 551 | * receiving SME_DISASSOC_REQ message from application. |
| 552 | * |
| 553 | ***LOGIC: |
| 554 | * Message validity checks are performed in this function |
| 555 | * |
| 556 | ***ASSUMPTIONS: |
| 557 | * |
| 558 | ***NOTE: |
| 559 | * |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 560 | * @param mac Pointer to Global MAC structure |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 561 | * @param pDisassocReq Pointer to received SME_DISASSOC_REQ message |
| 562 | * @return true When received SME_DISASSOC_REQ is formatted |
| 563 | * correctly |
| 564 | * false otherwise |
| 565 | */ |
| 566 | |
| 567 | uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 568 | lim_is_sme_disassoc_req_valid(struct mac_context *mac, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 569 | tpSirSmeDisassocReq pDisassocReq, |
Jeff Johnson | b5c1333 | 2018-12-03 09:54:51 -0800 | [diff] [blame] | 570 | struct pe_session *pe_session) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 571 | { |
Anurag Chouhan | c554842 | 2016-02-24 18:33:27 +0530 | [diff] [blame] | 572 | if (qdf_is_macaddr_group(&pDisassocReq->peer_macaddr) && |
| 573 | !qdf_is_macaddr_broadcast(&pDisassocReq->peer_macaddr)) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 574 | return false; |
| 575 | |
| 576 | return true; |
| 577 | } /*** end lim_is_sme_disassoc_req_valid() ***/ |
| 578 | |
| 579 | /** |
| 580 | * lim_is_sme_disassoc_cnf_valid() |
| 581 | * |
| 582 | ***FUNCTION: |
| 583 | * This function is called by lim_process_sme_req_messages() upon |
| 584 | * receiving SME_DISASSOC_CNF message from application. |
| 585 | * |
| 586 | ***LOGIC: |
| 587 | * Message validity checks are performed in this function |
| 588 | * |
| 589 | ***ASSUMPTIONS: |
| 590 | * |
| 591 | ***NOTE: |
| 592 | * |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 593 | * @param mac Pointer to Global MAC structure |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 594 | * @param pDisassocCnf Pointer to received SME_DISASSOC_REQ message |
| 595 | * @return true When received SME_DISASSOC_CNF is formatted |
| 596 | * correctly |
| 597 | * false otherwise |
| 598 | */ |
| 599 | |
| 600 | uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 601 | lim_is_sme_disassoc_cnf_valid(struct mac_context *mac, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 602 | tpSirSmeDisassocCnf pDisassocCnf, |
Jeff Johnson | b5c1333 | 2018-12-03 09:54:51 -0800 | [diff] [blame] | 603 | struct pe_session *pe_session) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 604 | { |
Anurag Chouhan | c554842 | 2016-02-24 18:33:27 +0530 | [diff] [blame] | 605 | if (qdf_is_macaddr_group(&pDisassocCnf->peer_macaddr)) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 606 | return false; |
| 607 | |
| 608 | return true; |
| 609 | } /*** end lim_is_sme_disassoc_cnf_valid() ***/ |
| 610 | |
| 611 | /** |
| 612 | * lim_is_sme_deauth_req_valid() |
| 613 | * |
| 614 | ***FUNCTION: |
| 615 | * This function is called by lim_process_sme_req_messages() upon |
| 616 | * receiving SME_DEAUTH_REQ message from application. |
| 617 | * |
| 618 | ***LOGIC: |
| 619 | * Message validity checks are performed in this function |
| 620 | * |
| 621 | ***ASSUMPTIONS: |
| 622 | * |
| 623 | ***NOTE: |
| 624 | * |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 625 | * @param mac Pointer to Global MAC structure |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 626 | * @param pDeauthReq Pointer to received SME_DEAUTH_REQ message |
| 627 | * @return true When received SME_DEAUTH_REQ is formatted correctly |
| 628 | * false otherwise |
| 629 | */ |
| 630 | |
| 631 | uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 632 | lim_is_sme_deauth_req_valid(struct mac_context *mac, tpSirSmeDeauthReq pDeauthReq, |
Jeff Johnson | b5c1333 | 2018-12-03 09:54:51 -0800 | [diff] [blame] | 633 | struct pe_session *pe_session) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 634 | { |
Anurag Chouhan | c554842 | 2016-02-24 18:33:27 +0530 | [diff] [blame] | 635 | if (qdf_is_macaddr_group(&pDeauthReq->peer_macaddr) && |
| 636 | !qdf_is_macaddr_broadcast(&pDeauthReq->peer_macaddr)) |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 637 | return false; |
| 638 | |
| 639 | return true; |
| 640 | } /*** end lim_is_sme_deauth_req_valid() ***/ |
| 641 | |
| 642 | /** |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 643 | * lim_is_sme_set_context_req_valid() |
| 644 | * |
| 645 | ***FUNCTION: |
| 646 | * This function is called by lim_process_sme_req_messages() upon |
| 647 | * receiving SME_SET_CONTEXT_REQ message from application. |
| 648 | * |
| 649 | ***LOGIC: |
| 650 | * Message validity checks are performed in this function |
| 651 | * |
| 652 | ***ASSUMPTIONS: |
| 653 | * |
| 654 | ***NOTE: |
| 655 | * |
| 656 | * @param pMsg - Pointer to received SME_SET_CONTEXT_REQ message |
| 657 | * @return true when received SME_SET_CONTEXT_REQ is formatted correctly |
| 658 | * false otherwise |
| 659 | */ |
| 660 | |
| 661 | uint8_t |
Jeff Johnson | 9320c1e | 2018-12-02 13:09:20 -0800 | [diff] [blame] | 662 | lim_is_sme_set_context_req_valid(struct mac_context *mac, |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 663 | tpSirSmeSetContextReq pSetContextReq) |
| 664 | { |
| 665 | uint8_t i = 0; |
| 666 | uint8_t valid = true; |
| 667 | tpSirKeys pKey = pSetContextReq->keyMaterial.key; |
| 668 | |
| 669 | if ((pSetContextReq->keyMaterial.edType != eSIR_ED_WEP40) && |
| 670 | (pSetContextReq->keyMaterial.edType != eSIR_ED_WEP104) && |
| 671 | (pSetContextReq->keyMaterial.edType != eSIR_ED_NONE) && |
| 672 | #ifdef FEATURE_WLAN_WAPI |
| 673 | (pSetContextReq->keyMaterial.edType != eSIR_ED_WPI) && |
| 674 | #endif |
| 675 | !pSetContextReq->keyMaterial.numKeys) { |
| 676 | /** |
| 677 | * No keys present in case of TKIP or CCMP |
| 678 | * Log error. |
| 679 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 680 | pe_warn("No keys present in SME_SETCONTEXT_REQ for edType: %d", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 681 | pSetContextReq->keyMaterial.edType); |
| 682 | |
| 683 | valid = false; |
| 684 | goto end; |
| 685 | } |
| 686 | |
| 687 | if (pSetContextReq->keyMaterial.numKeys && |
| 688 | (pSetContextReq->keyMaterial.edType == eSIR_ED_NONE)) { |
| 689 | /** |
| 690 | * Keys present in case of no ED policy |
| 691 | * Log error. |
| 692 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 693 | pe_warn("Keys present in SME_SETCONTEXT_REQ for edType: %d", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 694 | pSetContextReq->keyMaterial.edType); |
| 695 | |
| 696 | valid = false; |
| 697 | goto end; |
| 698 | } |
| 699 | |
| 700 | if (pSetContextReq->keyMaterial.edType >= eSIR_ED_NOT_IMPLEMENTED) { |
| 701 | /** |
| 702 | * Invalid edType in the message |
| 703 | * Log error. |
| 704 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 705 | pe_warn("Invalid edType: %d in SME_SETCONTEXT_REQ", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 706 | pSetContextReq->keyMaterial.edType); |
| 707 | |
| 708 | valid = false; |
| 709 | goto end; |
| 710 | } else if (pSetContextReq->keyMaterial.edType > eSIR_ED_NONE) { |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 711 | bool privacy; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 712 | |
Jeff Johnson | 348973e | 2018-11-22 16:51:12 -0800 | [diff] [blame] | 713 | privacy = mac->mlme_cfg->wep_params.is_privacy_enabled; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 714 | |
Pragaspathi Thilagaraj | da3b5e2 | 2018-09-23 01:55:57 +0530 | [diff] [blame] | 715 | if (!privacy) { |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 716 | /** |
| 717 | * Privacy is not enabled |
| 718 | * In order to allow mixed mode for Guest access |
| 719 | * allow BSS creation/join with no Privacy capability |
| 720 | * yet advertising WPA IE |
| 721 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 722 | pe_debug("Privacy is not enabled, yet non-None EDtype: %d in SME_SETCONTEXT_REQ", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 723 | pSetContextReq->keyMaterial.edType); |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 724 | } |
| 725 | } |
| 726 | |
| 727 | for (i = 0; i < pSetContextReq->keyMaterial.numKeys; i++) { |
| 728 | if (((pSetContextReq->keyMaterial.edType == eSIR_ED_WEP40) && |
| 729 | (pKey->keyLength != 5)) || |
| 730 | ((pSetContextReq->keyMaterial.edType == eSIR_ED_WEP104) && |
| 731 | (pKey->keyLength != 13)) || |
| 732 | ((pSetContextReq->keyMaterial.edType == eSIR_ED_TKIP) && |
| 733 | (pKey->keyLength != 32)) || |
| 734 | #ifdef FEATURE_WLAN_WAPI |
| 735 | ((pSetContextReq->keyMaterial.edType == eSIR_ED_WPI) && |
| 736 | (pKey->keyLength != 32)) || |
| 737 | #endif |
Mukul Sharma | 05504ac | 2017-06-08 12:35:53 +0530 | [diff] [blame] | 738 | ((pSetContextReq->keyMaterial.edType == eSIR_ED_GCMP) && |
| 739 | (pKey->keyLength != 16)) || |
| 740 | ((pSetContextReq->keyMaterial.edType == eSIR_ED_GCMP_256) && |
| 741 | (pKey->keyLength != 32)) || |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 742 | ((pSetContextReq->keyMaterial.edType == eSIR_ED_CCMP) && |
| 743 | (pKey->keyLength != 16))) { |
| 744 | /** |
| 745 | * Invalid key length for a given ED type |
| 746 | * Log error. |
| 747 | */ |
Nishank Aggarwal | e6aa210 | 2017-03-23 14:19:43 +0530 | [diff] [blame] | 748 | pe_warn("Invalid keyLength: %d for edType: %d in SME_SETCONTEXT_REQ", |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 749 | pKey->keyLength, |
| 750 | pSetContextReq->keyMaterial.edType); |
| 751 | |
| 752 | valid = false; |
| 753 | goto end; |
| 754 | } |
| 755 | pKey++; |
| 756 | } |
| 757 | |
| 758 | end: |
| 759 | return valid; |
| 760 | } /*** end lim_is_sme_set_context_req_valid() ***/ |
| 761 | |
| 762 | /** |
| 763 | * lim_is_sme_stop_bss_req_valid() |
| 764 | * |
| 765 | ***FUNCTION: |
| 766 | * This function is called by lim_process_sme_req_messages() upon |
| 767 | * receiving SME_STOP_BSS_REQ message from application. |
| 768 | * |
| 769 | ***LOGIC: |
| 770 | * Message validity checks are performed in this function |
| 771 | * |
| 772 | ***ASSUMPTIONS: |
| 773 | * |
| 774 | ***NOTE: |
| 775 | * |
| 776 | * @param pMsg - Pointer to received SME_STOP_BSS_REQ message |
| 777 | * @return true when received SME_STOP_BSS_REQ is formatted correctly |
| 778 | * false otherwise |
| 779 | */ |
| 780 | |
| 781 | uint8_t lim_is_sme_stop_bss_req_valid(uint32_t *pMsg) |
| 782 | { |
| 783 | uint8_t valid = true; |
| 784 | |
| 785 | return valid; |
| 786 | } /*** end lim_is_sme_stop_bss_req_valid() ***/ |
| 787 | |
| 788 | /** |
| 789 | * lim_get_bss_id_from_sme_join_req_msg() |
| 790 | * |
| 791 | ***FUNCTION: |
| 792 | * This function is called in various places to get BSSID |
| 793 | * from BSS description/Neighbor BSS Info in the SME_JOIN_REQ/ |
| 794 | * SME_REASSOC_REQ message. |
| 795 | * |
| 796 | ***PARAMS: |
| 797 | * |
| 798 | ***LOGIC: |
| 799 | * |
| 800 | ***ASSUMPTIONS: |
| 801 | * NA |
| 802 | * |
| 803 | ***NOTE: |
| 804 | * NA |
| 805 | * |
| 806 | * @param pBuf - Pointer to received SME_JOIN/SME_REASSOC_REQ |
| 807 | * message |
| 808 | * @return pBssId - Pointer to BSSID |
| 809 | */ |
| 810 | |
| 811 | uint8_t *lim_get_bss_id_from_sme_join_req_msg(uint8_t *pBuf) |
| 812 | { |
| 813 | if (!pBuf) |
| 814 | return NULL; |
| 815 | |
| 816 | pBuf += sizeof(uint32_t); /* skip message header */ |
| 817 | |
| 818 | pBuf += lim_get_u16(pBuf) + sizeof(uint16_t); /* skip RSN IE */ |
| 819 | |
| 820 | pBuf += sizeof(uint16_t); /* skip length of BSS description */ |
| 821 | |
Anurag Chouhan | c554842 | 2016-02-24 18:33:27 +0530 | [diff] [blame] | 822 | return pBuf; |
Prakash Dhavali | 7090c5f | 2015-11-02 17:55:19 -0800 | [diff] [blame] | 823 | } /*** end lim_get_bss_id_from_sme_join_req_msg() ***/ |