samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Add support for SAE AKM suites

Browse Source 
Add support for SAE AKM suites in CSR and also add support for
SAE in HDD. Also, add CONFIG_WLAN_FEATURE_SAE flag to enable/disable
SAE in Kbuild. When this is enabled, WLAN_FEATURE_SAE is used as a
feature flag for SAE.

Change-Id: I6254991afa0fd048d4f0b6f435ff630f1db04077
CRs-Fixed: 2029357
This commit is contained in:
Padma, Santhosh Kumar
2017-07-05 16:10:06 +05:30
committed by snandini
parent 3badb98068
commit 07eb80bf87
9 changed files with 143 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Kbuild
View File

@@ -182,6 +182,9 @@ ifneq ($(CONFIG_ROME_IF),sdio)
#Flag to enable FIPS #Flag to enable FIPS
CONFIG_WLAN_FEATURE_FIPS := y CONFIG_WLAN_FEATURE_FIPS := y
#Flag to enable SAE
CONFIG_WLAN_FEATURE_SAE := y
#Flag to enable Fast Path feature #Flag to enable Fast Path feature
CONFIG_WLAN_FASTPATH := y CONFIG_WLAN_FASTPATH := y
@@ -1906,6 +1909,10 @@ endif
# Enable object manager reference count debug infrastructure # Enable object manager reference count debug infrastructure
CDEFINES += -DWLAN_OBJMGR_DEBUG CDEFINES += -DWLAN_OBJMGR_DEBUG
ifeq ($(CONFIG_WLAN_FEATURE_SAE),y)
CDEFINES += -DWLAN_FEATURE_SAE
endif
ifeq ($(BUILD_DIAG_VERSION),1) ifeq ($(BUILD_DIAG_VERSION),1)
CDEFINES += -DFEATURE_WLAN_DIAG_SUPPORT CDEFINES += -DFEATURE_WLAN_DIAG_SUPPORT
CDEFINES += -DFEATURE_WLAN_DIAG_SUPPORT_CSR CDEFINES += -DFEATURE_WLAN_DIAG_SUPPORT_CSR

32
core/hdd/src/wlan_hdd_assoc.c
View File

@@ -129,6 +129,11 @@ uint8_t ccp_rsn_oui_0c[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x0C};
/* OWE https://tools.ietf.org/html/rfc8110 */ /* OWE https://tools.ietf.org/html/rfc8110 */
uint8_t ccp_rsn_oui_18[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x12}; uint8_t ccp_rsn_oui_18[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x12};
#ifdef WLAN_FEATURE_SAE
uint8_t ccp_rsn_oui_80[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x08};
uint8_t ccp_rsn_oui_90[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x09};
#endif
/* Offset where the EID-Len-IE, start. */ /* Offset where the EID-Len-IE, start. */
#define FT_ASSOC_RSP_IES_OFFSET 6 /* Capability(2) + AID(2) + Status Code(2) */ #define FT_ASSOC_RSP_IES_OFFSET 6 /* Capability(2) + AID(2) + Status Code(2) */
#define FT_ASSOC_REQ_IES_OFFSET 4 /* Capability(2) + LI(2) */ #define FT_ASSOC_REQ_IES_OFFSET 4 /* Capability(2) + LI(2) */
@@ -4787,6 +4792,27 @@ static inline void hdd_translate_fils_rsn_to_csr_auth(int8_t auth_suite[4],
} }
#endif #endif
#ifdef WLAN_FEATURE_SAE
/**
* hdd_translate_sae_rsn_to_csr_auth() - Translate SAE RSN to CSR auth type
* @auth_suite: auth suite
* @auth_type: pointer to eCsrAuthType
*
* Return: None
*/
static void hdd_translate_sae_rsn_to_csr_auth(int8_t auth_suite[4],
eCsrAuthType *auth_type)
{
if (qdf_mem_cmp(auth_suite, ccp_rsn_oui_80, 4) == 0)
*auth_type = eCSR_AUTH_TYPE_SAE;
}
#else
static inline void hdd_translate_sae_rsn_to_csr_auth(int8_t auth_suite[4],
eCsrAuthType *auth_type)
{
}
#endif
/** /**
* hdd_translate_rsn_to_csr_auth_type() - Translate RSN to CSR auth type * hdd_translate_rsn_to_csr_auth_type() - Translate RSN to CSR auth type
* @auth_suite: auth suite * @auth_suite: auth suite
@@ -4833,6 +4859,7 @@ eCsrAuthType hdd_translate_rsn_to_csr_auth_type(uint8_t auth_suite[4])
} else } else
{ {
hdd_translate_fils_rsn_to_csr_auth(auth_suite, &auth_type); hdd_translate_fils_rsn_to_csr_auth(auth_suite, &auth_type);
hdd_translate_sae_rsn_to_csr_auth(auth_suite, &auth_type);
} }
hdd_debug("auth_type: %d", auth_type); hdd_debug("auth_type: %d", auth_type);
return auth_type; return auth_type;
@@ -5391,6 +5418,11 @@ int hdd_set_csr_auth_type(struct hdd_adapter *adapter,
roam_profile->AuthType.authType[0] = eCSR_AUTH_TYPE_SHARED_KEY; roam_profile->AuthType.authType[0] = eCSR_AUTH_TYPE_SHARED_KEY;
break; break;
case eCSR_AUTH_TYPE_SAE:
roam_profile->AuthType.authType[0] = eCSR_AUTH_TYPE_SAE;
break;
default: default:
#ifdef FEATURE_WLAN_ESE #ifdef FEATURE_WLAN_ESE

9
core/hdd/src/wlan_hdd_cfg80211.c
View File

@@ -16871,6 +16871,10 @@ static int wlan_hdd_cfg80211_set_auth_type(struct hdd_adapter *adapter,
sta_ctx->conn_info.authType = eCSR_AUTH_TYPE_OPEN_SYSTEM; sta_ctx->conn_info.authType = eCSR_AUTH_TYPE_OPEN_SYSTEM;
break; break;
#endif #endif
case NL80211_AUTHTYPE_SAE:
hdd_debug("set authentication type to SAE");
sta_ctx->conn_info.authType = eCSR_AUTH_TYPE_SAE;
break;
default: default:
hdd_err("Unsupported authentication type: %d", auth_type); hdd_err("Unsupported authentication type: %d", auth_type);
sta_ctx->conn_info.authType = eCSR_AUTH_TYPE_UNKNOWN; sta_ctx->conn_info.authType = eCSR_AUTH_TYPE_UNKNOWN;
@@ -17209,6 +17213,11 @@ static int wlan_hdd_set_akm_suite(struct hdd_adapter *adapter, u32 key_mgmt)
pWextState->authKeyMgmt |= IW_AUTH_KEY_MGMT_802_1X; pWextState->authKeyMgmt |= IW_AUTH_KEY_MGMT_802_1X;
break; break;
case WLAN_AKM_SUITE_SAE:
hdd_debug("setting key mgmt type to SAE");
pWextState->authKeyMgmt |= IW_AUTH_KEY_MGMT_802_1X;
break;
default: default:
hdd_err("Unsupported key mgmt type: %d", key_mgmt); hdd_err("Unsupported key mgmt type: %d", key_mgmt);
return -EINVAL; return -EINVAL;

4
core/hdd/src/wlan_hdd_cfg80211.h
View File

@@ -119,6 +119,10 @@ struct hdd_context;
#define WLAN_AKM_SUITE_EAP_SHA384 0x000FAC0C #define WLAN_AKM_SUITE_EAP_SHA384 0x000FAC0C
#ifndef WLAN_AKM_SUITE_SAE
#define WLAN_AKM_SUITE_SAE 0x000FAC08
#endif
#ifdef FEATURE_WLAN_TDLS #ifdef FEATURE_WLAN_TDLS
#define WLAN_IS_TDLS_SETUP_ACTION(action) \ #define WLAN_IS_TDLS_SETUP_ACTION(action) \
((SIR_MAC_TDLS_SETUP_REQ <= action) && \ ((SIR_MAC_TDLS_SETUP_REQ <= action) && \

3
core/mac/inc/ani_system_defs.h
View File

@@ -68,14 +68,15 @@ typedef enum eAniAuthType {
eSIR_OPEN_SYSTEM, eSIR_OPEN_SYSTEM,
eSIR_SHARED_KEY, eSIR_SHARED_KEY,
eSIR_FT_AUTH, eSIR_FT_AUTH,
eSIR_AUTH_TYPE_SAE = 3,
#if defined FEATURE_WLAN_ESE #if defined FEATURE_WLAN_ESE
eSIR_LEAP_AUTH = 0x80, eSIR_LEAP_AUTH = 0x80,
#endif #endif
eSIR_AUTO_SWITCH,
SIR_FILS_SK_WITHOUT_PFS = 4, SIR_FILS_SK_WITHOUT_PFS = 4,
SIR_FILS_SK_WITH_PFS = 5, SIR_FILS_SK_WITH_PFS = 5,
SIR_FILS_PK_AUTH = 6, SIR_FILS_PK_AUTH = 6,
eSIR_AUTH_TYPE_OWE, eSIR_AUTH_TYPE_OWE,
eSIR_AUTO_SWITCH,
eSIR_DONOT_USE_AUTH_TYPE = SIR_MAX_ENUM_SIZE eSIR_DONOT_USE_AUTH_TYPE = SIR_MAX_ENUM_SIZE
} tAniAuthType; } tAniAuthType;

1
core/sme/inc/csr_api.h
View File

@@ -47,6 +47,7 @@ typedef enum {
/* MAC layer authentication types */ /* MAC layer authentication types */
eCSR_AUTH_TYPE_OPEN_SYSTEM, eCSR_AUTH_TYPE_OPEN_SYSTEM,
eCSR_AUTH_TYPE_SHARED_KEY, eCSR_AUTH_TYPE_SHARED_KEY,
eCSR_AUTH_TYPE_SAE,
eCSR_AUTH_TYPE_AUTOSWITCH, eCSR_AUTH_TYPE_AUTOSWITCH,
/* Upper layer authentication types */ /* Upper layer authentication types */

13
core/sme/src/csr/csr_api_roam.c
View File

@@ -4387,6 +4387,9 @@ QDF_STATUS csr_roam_prepare_bss_config(tpAniSirGlobal pMac,
case eCSR_AUTH_TYPE_AUTOSWITCH: case eCSR_AUTH_TYPE_AUTOSWITCH:
pBssConfig->authType = eSIR_AUTO_SWITCH; pBssConfig->authType = eSIR_AUTO_SWITCH;
break; break;
case eCSR_AUTH_TYPE_SAE:
pBssConfig->authType = eSIR_AUTH_TYPE_SAE;
break;
} }
/* short slot time */ /* short slot time */
if (eCSR_CFG_DOT11_MODE_11B != cfgDot11Mode) if (eCSR_CFG_DOT11_MODE_11B != cfgDot11Mode)
@@ -4528,6 +4531,9 @@ QDF_STATUS csr_roam_prepare_bss_config_from_profile(
case eCSR_AUTH_TYPE_AUTOSWITCH: case eCSR_AUTH_TYPE_AUTOSWITCH:
pBssConfig->authType = eSIR_AUTO_SWITCH; pBssConfig->authType = eSIR_AUTO_SWITCH;
break; break;
case eCSR_AUTH_TYPE_SAE:
pBssConfig->authType = eSIR_AUTH_TYPE_SAE;
break;
} }
/* short slot time */ /* short slot time */
if (WNI_CFG_PHY_MODE_11B != pBssConfig->uCfgDot11Mode) { if (WNI_CFG_PHY_MODE_11B != pBssConfig->uCfgDot11Mode) {
@@ -5484,6 +5490,11 @@ static void csr_roam_assign_default_param(tpAniSirGlobal pMac,
pCommand->u.roamCmd.roamProfile.negotiatedAuthType = pCommand->u.roamCmd.roamProfile.negotiatedAuthType =
eCSR_AUTH_TYPE_AUTOSWITCH; eCSR_AUTH_TYPE_AUTOSWITCH;
break; break;
case eCSR_AUTH_TYPE_SAE:
pCommand->u.roamCmd.roamProfile.negotiatedAuthType =
eCSR_AUTH_TYPE_SAE;
break;
} }
pCommand->u.roamCmd.roamProfile.negotiatedUCEncryptionType = pCommand->u.roamCmd.roamProfile.negotiatedUCEncryptionType =
pCommand->u.roamCmd.roamProfile.EncryptionType. pCommand->u.roamCmd.roamProfile.EncryptionType.
@@ -6477,7 +6488,7 @@ static QDF_STATUS csr_roam_save_security_rsp_ie(tpAniSirGlobal pMac,
|| (eCSR_AUTH_TYPE_RSN_PSK_SHA256 == authType) || || (eCSR_AUTH_TYPE_RSN_PSK_SHA256 == authType) ||
(eCSR_AUTH_TYPE_RSN_8021X_SHA256 == authType) (eCSR_AUTH_TYPE_RSN_8021X_SHA256 == authType)
#endif /* FEATURE_WLAN_WAPI */ #endif /* FEATURE_WLAN_WAPI */
) { || (eCSR_AUTH_TYPE_SAE == authType)) {
if (!pIesLocal && !QDF_IS_STATUS_SUCCESS if (!pIesLocal && !QDF_IS_STATUS_SUCCESS
(csr_get_parsed_bss_description_ies(pMac, (csr_get_parsed_bss_description_ies(pMac,
pSirBssDesc, &pIesLocal))) pSirBssDesc, &pIesLocal)))

4
core/sme/src/csr/csr_api_scan.c
View File

@@ -5113,6 +5113,8 @@ static enum wlan_auth_type csr_covert_auth_type_new(eCsrAuthType auth)
return WLAN_AUTH_TYPE_SUITEB_EAP_SHA256; return WLAN_AUTH_TYPE_SUITEB_EAP_SHA256;
case eCSR_AUTH_TYPE_SUITEB_EAP_SHA384: case eCSR_AUTH_TYPE_SUITEB_EAP_SHA384:
return WLAN_AUTH_TYPE_SUITEB_EAP_SHA384; return WLAN_AUTH_TYPE_SUITEB_EAP_SHA384;
case eCSR_AUTH_TYPE_SAE:
return WLAN_AUTH_TYPE_SAE;
case eCSR_NUM_OF_SUPPORT_AUTH_TYPE: case eCSR_NUM_OF_SUPPORT_AUTH_TYPE:
default: default:
return WLAN_AUTH_TYPE_OPEN_SYSTEM; return WLAN_AUTH_TYPE_OPEN_SYSTEM;
@@ -5170,6 +5172,8 @@ static eCsrAuthType csr_covert_auth_type_old(enum wlan_auth_type auth)
return eCSR_AUTH_TYPE_SUITEB_EAP_SHA256; return eCSR_AUTH_TYPE_SUITEB_EAP_SHA256;
case WLAN_AUTH_TYPE_SUITEB_EAP_SHA384: case WLAN_AUTH_TYPE_SUITEB_EAP_SHA384:
return eCSR_AUTH_TYPE_SUITEB_EAP_SHA384; return eCSR_AUTH_TYPE_SUITEB_EAP_SHA384;
case WLAN_AUTH_TYPE_SAE:
return eCSR_AUTH_TYPE_SAE;
case WLAN_NUM_OF_SUPPORT_AUTH_TYPE: case WLAN_NUM_OF_SUPPORT_AUTH_TYPE:
default: default:
return eCSR_AUTH_TYPE_OPEN_SYSTEM; return eCSR_AUTH_TYPE_OPEN_SYSTEM;

72
core/sme/src/csr/csr_util.c
View File

@@ -124,6 +124,18 @@ uint8_t csr_rsn_oui[][CSR_RSN_OUI_SIZE] = {
#define ENUM_SUITEB_EAP384 18 #define ENUM_SUITEB_EAP384 18
{0x00, 0x0F, 0xAC, 0x0C}, {0x00, 0x0F, 0xAC, 0x0C},
#ifdef WLAN_FEATURE_SAE
#define ENUM_SAE 19
/* SAE */
{0x00, 0x0F, 0xAC, 0x08},
#define ENUM_FT_SAE 20
/* FT SAE */
{0x00, 0x0F, 0xAC, 0x09},
#else
{0x00, 0x00, 0x00, 0x00},
{0x00, 0x00, 0x00, 0x00},
#endif
/* define new oui here, update #define CSR_OUI_***_INDEX */ /* define new oui here, update #define CSR_OUI_***_INDEX */
}; };
@@ -2465,6 +2477,9 @@ bool csr_is_profile_rsn(tCsrRoamProfile *pProfile)
case eCSR_AUTH_TYPE_SUITEB_EAP_SHA384: case eCSR_AUTH_TYPE_SUITEB_EAP_SHA384:
fRSNProfile = true; fRSNProfile = true;
break; break;
case eCSR_AUTH_TYPE_SAE:
fRSNProfile = true;
break;
default: default:
fRSNProfile = false; fRSNProfile = false;
@@ -3294,6 +3309,24 @@ static bool csr_is_auth_suiteb_eap_384(tpAniSirGlobal mac,
csr_rsn_oui[ENUM_SUITEB_EAP384], oui); csr_rsn_oui[ENUM_SUITEB_EAP384], oui);
} }
#ifdef WLAN_FEATURE_SAE
/*
* csr_is_auth_wpa_sae() - check whether oui is SAE
* @mac: Global MAC context
* @all_suites: pointer to all supported akm suites
* @suite_count: all supported akm suites count
* @oui: Oui needs to be matched
*
* Return: True if OUI is SAE, false otherwise
*/
static bool csr_is_auth_wpa_sae(tpAniSirGlobal mac,
uint8_t all_suites[][CSR_RSN_OUI_SIZE],
uint8_t suite_count, uint8_t oui[])
{
return csr_is_oui_match
(mac, all_suites, suite_count, csr_rsn_oui[ENUM_SAE], oui);
}
#endif
static bool csr_is_auth_wpa(tpAniSirGlobal pMac, static bool csr_is_auth_wpa(tpAniSirGlobal pMac,
uint8_t AllSuites[][CSR_WPA_OUI_SIZE], uint8_t AllSuites[][CSR_WPA_OUI_SIZE],
@@ -3445,6 +3478,42 @@ static void csr_is_fils_auth(tpAniSirGlobal mac_ctx,
{ {
} }
#endif #endif
#ifdef WLAN_FEATURE_SAE
/**
* csr_check_sae_auth() - update negotiated auth if matches to SAE auth type
* @mac_ctx: pointer to mac context
* @authsuites: auth suites
* @c_auth_suites: auth suites count
* @authentication: authentication
* @auth_type: authentication type list
* @index: current counter
* @neg_authtype: pointer to negotiated auth
*
* Return: None
*/
static void csr_check_sae_auth(tpAniSirGlobal mac_ctx,
uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
uint8_t authentication[], tCsrAuthList *auth_type,
uint8_t index, eCsrAuthType *neg_authtype)
{
if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
csr_is_auth_wpa_sae(mac_ctx, authsuites,
c_auth_suites, authentication)) {
if (eCSR_AUTH_TYPE_SAE == auth_type->authType[index])
*neg_authtype = eCSR_AUTH_TYPE_SAE;
}
sme_debug("negotiated auth type is %d", *neg_authtype);
}
#else
static void csr_check_sae_auth(tpAniSirGlobal mac_ctx,
uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
uint8_t authentication[], tCsrAuthList *auth_type,
uint8_t index, eCsrAuthType *neg_authtype)
{
}
#endif
/** /**
* csr_get_rsn_information() - to get RSN infomation * csr_get_rsn_information() - to get RSN infomation
* @hal: pointer to HAL * @hal: pointer to HAL
@@ -3564,6 +3633,9 @@ static bool csr_get_rsn_information(tHalHandle hal, tCsrAuthList *auth_type,
csr_is_fils_auth(mac_ctx, authsuites, c_auth_suites, csr_is_fils_auth(mac_ctx, authsuites, c_auth_suites,
authentication, auth_type, i, &neg_authtype); authentication, auth_type, i, &neg_authtype);
/* Changed the AKM suites according to order of preference */ /* Changed the AKM suites according to order of preference */
csr_check_sae_auth(mac_ctx, authsuites, c_auth_suites,
authentication, auth_type, i, &neg_authtype);
if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) && if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
csr_is_auth_dpp_rsn(mac_ctx, authsuites, csr_is_auth_dpp_rsn(mac_ctx, authsuites,
c_auth_suites, authentication)) { c_auth_suites, authentication)) {