qcacld-3.0: Add support for WPA3 LFR2 roaming

On some projects, LFR3 roaming is not supported due to
limitation of FW memory, thus, add support for WPA3 LFR2
roaming.

Change-Id: I80888049a243c0d37e08377d89a6aa44e75a8850
CRs-Fixed: 2973554

components/mlme/core/inc/wlan_mlme_main.h

@@ -1212,4 +1212,14 @@ wlan_mlme_is_pmk_set_deferred(struct wlan_objmgr_psoc *psoc,
 	return false;
 }
 #endif
+
+#ifdef WLAN_FEATURE_SAE
+/**
+ * wlan_vdev_is_sae_auth_type() - is vdev SAE auth type
+ * @vdev: pointer to vdev
+ *
+ * Return: true if vdev is SAE auth type
+ */
+bool wlan_vdev_is_sae_auth_type(struct wlan_objmgr_vdev *vdev);
+#endif /* WLAN_FEATURE_SAE */
 #endif

components/mlme/core/src/wlan_mlme_main.c

@@ -1447,6 +1447,21 @@ static bool is_sae_sap_enabled(struct wlan_objmgr_psoc *psoc)
 {
 	return cfg_get(psoc, CFG_IS_SAP_SAE_ENABLED);
 }
+
+bool wlan_vdev_is_sae_auth_type(struct wlan_objmgr_vdev *vdev)
+{
+	int32_t auth_mode;
+
+	auth_mode = wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_AUTH_MODE);
+
+	if (auth_mode == -1)
+		return false;
+
+	if (QDF_HAS_PARAM(auth_mode, WLAN_CRYPTO_AUTH_SAE))
+		return true;
+
+	return false;
+}
 #else
 static bool is_sae_sap_enabled(struct wlan_objmgr_psoc *psoc)
 {

components/umac/mlme/connection_mgr/dispatcher/inc/wlan_cm_roam_api.h

@@ -575,6 +575,24 @@ static inline bool cm_is_open_mode(struct wlan_objmgr_vdev *vdev)
 	return wlan_vdev_is_open_mode(vdev);
 }
 
+#ifdef WLAN_FEATURE_SAE
+/**
+ * cm_is_auth_type_sae() - is vdev SAE auth type
+ * @vdev: pointer to vdev
+ *
+ * Return: true if vdev is SAE auth type
+ */
+static inline bool cm_is_auth_type_sae(struct wlan_objmgr_vdev *vdev)
+{
+	return wlan_vdev_is_sae_auth_type(vdev);
+}
+#else
+static inline bool cm_is_auth_type_sae(struct wlan_objmgr_vdev *vdev)
+{
+	return false;
+}
+#endif
+
 #ifdef FEATURE_WLAN_ESE
 bool
 cm_ese_open_present(struct wlan_objmgr_vdev *vdev,

core/mac/src/pe/include/lim_ft_defs.h

@@ -1,5 +1,6 @@
 /*
  * Copyright (c) 2013-2021 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
  *
  * Permission to use, copy, modify, and/or distribute this software for
  * any purpose with or without fee is hereby granted, provided that the
@@ -32,7 +33,8 @@
    Preprocessor definitions and constants
    ------------------------------------------------------------------------*/
 /* Time to dwell on preauth channel during roaming, in milliseconds */
-#define LIM_FT_PREAUTH_SCAN_TIME 50
+#define LIM_FT_PREAUTH_ACTIVE_SCAN_TIME 50
+#define LIM_FT_PREAUTH_PASSIVE_SCAN_TIME 150
 
 /*--------------------------------------------------------------------------
    Type declarations

core/mac/src/pe/lim/lim_ft_preauth.c

@@ -255,6 +255,13 @@ void lim_perform_ft_pre_auth(struct mac_context *mac, QDF_STATUS status,
 		pe_err("pe_session is not in STA mode");
 		return;
 	}
+	if (cm_is_auth_type_sae(pe_session->vdev)) {
+		struct qdf_mac_addr *pre_auth_bssid = (struct qdf_mac_addr *)
+			pe_session->ftPEContext.pFTPreAuthReq->preAuthbssId;
+
+		lim_trigger_auth_req_sae(mac, pe_session, pre_auth_bssid);
+		return;
+	}
 	pe_debug("Entered wait auth2 state for FT (old session %pK)",
 			pe_session);
 	if (pe_session->is11Rconnection) {
@@ -731,8 +738,8 @@ QDF_STATUS lim_send_preauth_scan_offload(struct mac_context *mac_ctx,
 	req->scan_req.chan_list.chan[0].freq =
 			ft_preauth_req->pre_auth_channel_freq;
 
-	req->scan_req.dwell_time_active = LIM_FT_PREAUTH_SCAN_TIME;
-	req->scan_req.dwell_time_passive = LIM_FT_PREAUTH_SCAN_TIME;
+	req->scan_req.dwell_time_active = LIM_FT_PREAUTH_ACTIVE_SCAN_TIME;
+	req->scan_req.dwell_time_passive = LIM_FT_PREAUTH_PASSIVE_SCAN_TIME;
 
 	status = wlan_scan_start(req);
 	if (QDF_IS_STATUS_ERROR(status))

core/mac/src/pe/lim/lim_process_auth_frame.c

@@ -1844,6 +1844,40 @@ bool lim_process_sae_preauth_frame(struct mac_context *mac, uint8_t *rx_pkt)
 }
 
 #define WLAN_MIN_AUTH_FRM_ALGO_FIELD_LEN 2
+
+#ifdef WLAN_FEATURE_ROAM_OFFLOAD
+static void lim_process_ft_sae_auth_frame(struct mac_context *mac,
+					  struct pe_session *pe_session,
+					  uint8_t *body, uint16_t frame_len)
+{
+}
+#else
+/**
+ * lim_process_ft_sae_auth_frame() - process SAE pre auth frame for LFR2
+ * @mac: pointer to mac_context
+ * @pe_session: pointer to pe session
+ * @body: auth frame body
+ * @frame_len: auth frame length
+ *
+ * Return: void
+ */
+static void lim_process_ft_sae_auth_frame(struct mac_context *mac,
+					  struct pe_session *pe_session,
+					  uint8_t *body, uint16_t frame_len)
+{
+	tpSirMacAuthFrameBody auth = (tpSirMacAuthFrameBody)body;
+
+	if (!pe_session || !pe_session->ftPEContext.pFTPreAuthReq) {
+		pe_debug("cannot find session or FT in FT pre-auth phase");
+		return;
+	}
+
+	if (auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_2)
+		lim_handle_ft_pre_auth_rsp(mac, QDF_STATUS_SUCCESS, body,
+					   frame_len, pe_session);
+}
+#endif
+
 /**
  *
  * Pass the received Auth frame. This is possibly the pre-auth from the
@@ -1884,18 +1918,6 @@ QDF_STATUS lim_process_auth_frame_no_session(struct mac_context *mac,
 		 (uint)abs((int8_t)WMA_GET_RX_RSSI_NORMALIZED(pBd)),
 		 auth_alg, curr_seq_num);
 
-	sae_auth_frame = lim_process_sae_preauth_frame(mac, pBd);
-	if (sae_auth_frame)
-		return QDF_STATUS_SUCCESS;
-
-	if (auth_alg == eSIR_AUTH_TYPE_PASN) {
-		vdev_id = lim_get_pasn_peer_vdev_id(mac, mac_hdr->bssId);
-		if (vdev_id == WLAN_UMAC_VDEV_ID_MAX)
-			return QDF_STATUS_E_FAILURE;
-
-		return lim_process_pasn_auth_frame(mac, vdev_id, pBd);
-	}
-
 	/* Auth frame has come on a new BSS, however, we need to find the session
 	 * from where the auth-req was sent to the new AP
 	 */
@@ -1911,6 +1933,20 @@ QDF_STATUS lim_process_auth_frame_no_session(struct mac_context *mac,
 		}
 	}
 
+	sae_auth_frame = lim_process_sae_preauth_frame(mac, pBd);
+	if (sae_auth_frame) {
+		lim_process_ft_sae_auth_frame(mac, pe_session, pBody, frameLen);
+		return QDF_STATUS_SUCCESS;
+	}
+
+	if (auth_alg == eSIR_AUTH_TYPE_PASN) {
+		vdev_id = lim_get_pasn_peer_vdev_id(mac, mac_hdr->bssId);
+		if (vdev_id == WLAN_UMAC_VDEV_ID_MAX)
+			return QDF_STATUS_E_FAILURE;
+
+		return lim_process_pasn_auth_frame(mac, vdev_id, pBd);
+	}
+
 	if (!pe_session) {
 		pe_debug("cannot find session id in FT pre-auth phase");
 		return QDF_STATUS_E_FAILURE;

core/mac/src/pe/lim/lim_process_mlm_req_messages.c

@@ -591,18 +591,9 @@ static bool lim_is_preauth_ctx_exists(struct mac_context *mac_ctx,
 }
 
 #ifdef WLAN_FEATURE_SAE
-/**
- * lim_process_mlm_auth_req_sae() - Handle SAE authentication
- * @mac_ctx: global MAC context
- * @session: PE session entry
- *
- * This function is called by lim_process_mlm_auth_req to handle SAE
- * authentication.
- *
- * Return: QDF_STATUS
- */
-static QDF_STATUS lim_process_mlm_auth_req_sae(struct mac_context *mac_ctx,
-		struct pe_session *session)
+QDF_STATUS lim_trigger_auth_req_sae(struct mac_context *mac_ctx,
+				    struct pe_session *session,
+				    struct qdf_mac_addr *peer_bssid)
 {
 	QDF_STATUS qdf_status = QDF_STATUS_SUCCESS;
 	struct sir_sae_info *sae_info;
@@ -616,9 +607,7 @@ static QDF_STATUS lim_process_mlm_auth_req_sae(struct mac_context *mac_ctx,
 	sae_info->msg_len = sizeof(*sae_info);
 	sae_info->vdev_id = session->smeSessionId;
 
-	qdf_mem_copy(sae_info->peer_mac_addr.bytes,
-		session->bssId,
-		QDF_MAC_ADDR_SIZE);
+	qdf_copy_macaddr(&sae_info->peer_mac_addr, peer_bssid);
 
 	sae_info->ssid.length = session->ssId.length;
 	qdf_mem_copy(sae_info->ssid.ssId,
@@ -641,6 +630,31 @@ static QDF_STATUS lim_process_mlm_auth_req_sae(struct mac_context *mac_ctx,
 		qdf_mem_free(sae_info);
 		return qdf_status;
 	}
+
+	return qdf_status;
+}
+
+/**
+ * lim_process_mlm_auth_req_sae() - Handle SAE authentication
+ * @mac_ctx: global MAC context
+ * @session: PE session entry
+ *
+ * This function is called by lim_process_mlm_auth_req to handle SAE
+ * authentication.
+ *
+ * Return: QDF_STATUS
+ */
+static QDF_STATUS lim_process_mlm_auth_req_sae(struct mac_context *mac_ctx,
+					       struct pe_session *session)
+{
+	QDF_STATUS qdf_status;
+
+	qdf_status = lim_trigger_auth_req_sae(
+					mac_ctx, session,
+					(struct qdf_mac_addr *)session->bssId);
+	if (QDF_IS_STATUS_ERROR(qdf_status))
+		return qdf_status;
+
 	session->limMlmState = eLIM_MLM_WT_SAE_AUTH_STATE;
 
 	MTRACE(mac_trace(mac_ctx, TRACE_CODE_MLM_STATE, session->peSessionId,

core/mac/src/pe/lim/lim_send_management_frames.c

@@ -6386,6 +6386,7 @@ static void lim_tx_mgmt_frame(struct mac_context *mac_ctx, uint8_t vdev_id,
 	enum rateid min_rid = RATEID_DEFAULT;
 	enum QDF_OPMODE opmode;
 	uint16_t session_id;
+	uint16_t channel_freq = 0;
 
 	opmode = wlan_get_opmode_from_vdev_id(mac_ctx->pdev, vdev_id);
 	if (opmode != QDF_NAN_DISC_MODE) {
@@ -6407,13 +6408,26 @@ static void lim_tx_mgmt_frame(struct mac_context *mac_ctx, uint8_t vdev_id,
 	if (opmode != QDF_NAN_DISC_MODE) {
 		min_rid = lim_get_min_session_txrate(session);
 	}
+	if (fc->subType == SIR_MAC_MGMT_AUTH) {
+		tpSirFTPreAuthReq pre_auth_req;
+		uint16_t auth_algo = *(uint16_t *)(frame +
+						   sizeof(tSirMacMgmtHdr));
+
+		if ((auth_algo == eSIR_AUTH_TYPE_SAE) &&
+		    (session->ftPEContext.pFTPreAuthReq)) {
+			pre_auth_req = session->ftPEContext.pFTPreAuthReq;
+			channel_freq = pre_auth_req->pre_auth_channel_freq;
+		}
+		pe_debug("TX SAE pre-auth frame on freq %d", channel_freq);
+	}
 
 	qdf_status = wma_tx_frameWithTxComplete(mac_ctx, packet,
 					 (uint16_t)msg_len,
 					 TXRX_FRM_802_11_MGMT, ANI_TXDIR_TODS,
 					 7, lim_tx_complete, frame,
 					 lim_auth_tx_complete_cnf,
-					 0, vdev_id, false, 0, min_rid, 0);
+					 0, vdev_id, false, channel_freq,
+					 min_rid, 0);
 	MTRACE(qdf_trace(QDF_MODULE_ID_PE, TRACE_CODE_TX_COMPLETE,
 		session_id, qdf_status));
 	if (!QDF_IS_STATUS_SUCCESS(qdf_status)) {

core/mac/src/pe/lim/lim_utils.h

@@ -2925,8 +2925,26 @@ lim_fill_oci_params(struct mac_context *mac, struct pe_session *session,
  * Return: None
  */
 void lim_process_sae_msg(struct mac_context *mac, struct sir_sae_msg *body);
+
+/**
+ * lim_trigger_auth_req_sae() - sends SAE auth request to sme
+ * @mac_ctx: Global MAC pointer
+ * @session: pointer to pe session
+ * @peer_bssid: bssid to do SAE auth
+ *
+ * Return: QDF_STATUS
+ */
+QDF_STATUS lim_trigger_auth_req_sae(struct mac_context *mac_ctx,
+				    struct pe_session *session,
+				    struct qdf_mac_addr *peer_bssid);
 #else
-static inline void lim_process_sae_msg(struct mac_context *mac, void *body);
+static inline void lim_process_sae_msg(struct mac_context *mac, void *body)
+{}
+
+static inline QDF_STATUS lim_trigger_auth_req_sae(
+					struct mac_context *mac_ctx,
+					struct pe_session *session,
+					struct qdf_mac_addr *peer_bssid)
 {}
 #endif