hace 4 años · 37a91751be
--- a/dp/inc/cdp_txrx_cmn_struct.h
+++ b/dp/inc/cdp_txrx_cmn_struct.h
@@ -1105,6 +1105,7 @@ enum cdp_pdev_param_type {
 
				  * @cdp_vdev_param_safe_mode: set safe mode
			
 
				  * @cdp_vdev_param_drop_unenc: set drop unencrypted flag
			
 
				  * @cdp_vdev_param_hlos_tid_override: set hlos tid override
			
 
				+ * @cdp_vdev_param_peer_authorize: set peer authorize
			
 
				  *
			
 
				  * @cdp_pdev_param_dbg_snf: Enable debug sniffer feature
			
 
				  * @cdp_pdev_param_bpr_enable: Enable bcast probe feature
			
@@ -1171,6 +1172,7 @@ typedef union cdp_config_param_t {
 
				 	uint32_t cdp_vdev_param_drop_unenc;
			
 
				 	uint8_t cdp_vdev_param_hlos_tid_override;
			
 
				 	bool cdp_vdev_param_wds_ext;
			
 
				+	uint8_t cdp_vdev_param_peer_authorize;
			
 
				 
			
 
				 	/* pdev params */
			
 
				 	bool cdp_pdev_param_cptr_latcy;
			
@@ -1282,6 +1284,7 @@ enum cdp_pdev_bpr_param {
 
				  * @CDP_ENABLE_IGMP_MCAST_EN: enable/disable igmp multicast enhancement
			
 
				  * @CDP_ENABLE_HLOS_TID_OVERRIDE: set hlos tid override flag
			
 
				  * @CDP_CFG_WDS_EXT: enable/disable wds ext feature
			
 
				+ * @CDP_ENABLE_PEER_AUTHORIZE: enable peer authorize flag
			
 
				  */
			
 
				 enum cdp_vdev_param_type {
			
 
				 	CDP_ENABLE_NAWDS,
			
@@ -1312,6 +1315,7 @@ enum cdp_vdev_param_type {
 
				 #ifdef QCA_SUPPORT_WDS_EXTENDED
			
 
				 	CDP_CFG_WDS_EXT,
			
 
				 #endif /* QCA_SUPPORT_WDS_EXTENDED */
			
 
				+	CDP_ENABLE_PEER_AUTHORIZE,
			
 
				 };
			
 
				 
			
 
				 /*
			
--- a/dp/wifi3.0/dp_main.c
+++ b/dp/wifi3.0/dp_main.c
@@ -9113,6 +9113,10 @@ static QDF_STATUS dp_get_vdev_param(struct cdp_soc_t *cdp_soc, uint8_t vdev_id,
 
				 		val->cdp_vdev_param_hlos_tid_override =
			
 
				 			    dp_vdev_get_hlos_tid_override((struct cdp_vdev *)vdev);
			
 
				 		break;
			
 
				+	case CDP_ENABLE_PEER_AUTHORIZE:
			
 
				+		val->cdp_vdev_param_peer_authorize =
			
 
				+			    vdev->peer_authorize;
			
 
				+		break;
			
 
				 	default:
			
 
				 		dp_cdp_err("%pk: param value %d is wrong\n",
			
 
				 			   soc, param);
			
@@ -9240,6 +9244,9 @@ dp_set_vdev_param(struct cdp_soc_t *cdp_soc, uint8_t vdev_id,
 
				 		vdev->wds_ext_enabled = val.cdp_vdev_param_wds_ext;
			
 
				 		break;
			
 
				 #endif
			
 
				+	case CDP_ENABLE_PEER_AUTHORIZE:
			
 
				+		vdev->peer_authorize = val.cdp_vdev_param_peer_authorize;
			
 
				+		break;
			
 
				 	default:
			
 
				 		break;
			
 
				 	}
			
--- a/dp/wifi3.0/dp_rx.c
+++ b/dp/wifi3.0/dp_rx.c
@@ -2630,6 +2630,28 @@ done:
 
				 
			
 
				 		if (qdf_likely(peer)) {
			
 
				 			vdev = peer->vdev;
			
 
				+
			
 
				+			/*
			
 
				+			 * In encryption mode, all data packets except
			
 
				+			 * EAPOL frames should be dropped when peer is not
			
 
				+			 * authenticated. Thie feature is enabled for all peers
			
 
				+			 * under this vdev when peer_authorize flag is set.
			
 
				+			 */
			
 
				+			if (qdf_unlikely(vdev->peer_authorize)) {
			
 
				+				if (qdf_unlikely(vdev->sec_type != cdp_sec_type_none)) {
			
 
				+					/*
			
 
				+					 * Allow only EAPOL frames
			
 
				+					 */
			
 
				+					if (qdf_unlikely(!peer->authorize &&
			
 
				+								!qdf_nbuf_is_ipv4_eapol_pkt(nbuf))) {
			
 
				+						qdf_nbuf_free(nbuf);
			
 
				+						nbuf = next;
			
 
				+						DP_STATS_INC(soc, rx.err.peer_unauth_rx_pkt_drop, 1);
			
 
				+						continue;
			
 
				+					}
			
 
				+				}
			
 
				+			}
			
 
				+
			
 
				 		} else {
			
 
				 			nbuf->next = NULL;
			
 
				 			dp_rx_deliver_to_stack_no_peer(soc, nbuf);
			
--- a/dp/wifi3.0/dp_stats.c
+++ b/dp/wifi3.0/dp_stats.c
@@ -6542,6 +6542,8 @@ dp_print_soc_rx_stats(struct dp_soc *soc)
 
				 		       soc->stats.rx.err.defrag_peer_uninit);
			
 
				 	DP_PRINT_STATS("Pkts delivered no peer = %d",
			
 
				 		       soc->stats.rx.err.pkt_delivered_no_peer);
			
 
				+	DP_PRINT_STATS("Pkts drop due to no peer auth :%d",
			
 
				+		       soc->stats.rx.err.peer_unauth_rx_pkt_drop);
			
 
				 	DP_PRINT_STATS("Invalid Pdev = %d",
			
 
				 		       soc->stats.rx.err.invalid_pdev);
			
 
				 	DP_PRINT_STATS("Invalid Peer = %d",
			
--- a/dp/wifi3.0/dp_types.h
+++ b/dp/wifi3.0/dp_types.h
@@ -995,6 +995,8 @@ struct dp_soc_stats {
 
				 			uint32_t msdu_continuation_err;
			
 
				 			/* REO OOR eapol drop count */
			
 
				 			uint32_t reo_err_oor_eapol_drop;
			
 
				+			/* Non Eapol packet drop count due to peer not authorized  */
			
 
				+			uint32_t peer_unauth_rx_pkt_drop;
			
 
				 		} err;
			
 
				 
			
 
				 		/* packet count per core - per ring */
			
@@ -2405,6 +2407,9 @@ struct dp_vdev {
 
				 	 */
			
 
				 	uint8_t skip_sw_tid_classification;
			
 
				 
			
 
				+	/* Flag to enable peer authorization */
			
 
				+	uint8_t peer_authorize;
			
 
				+
			
 
				 	/* AST hash value for BSS peer in HW valid for STA VAP*/
			
 
				 	uint16_t bss_ast_hash;