Sākums Izpētīt Palīdzība
Pierakstīties
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Pārlūkot izejas kodu

qcacld-3.0: Set length of challenge text sent by SAP to 128

SIR_MAC_AUTH_CHALLENGE_LENGTH is updated to 253 from
128 as per IEEE spec due to connection fails between
DUT-SAP and old ref-STA. Auth failure occurs as encrypted
data sent by ref-STA is only 128 bytes instead of 253
bytes.

Fix is to set length of challenge text sent by SAP
to 128 bytes.

Change-Id: I81409bb58ad34e469c54e2909f45b8a6826eb06a
CRs-Fixed: 2096512
yeshwanth sriram guntuka 7 gadi atpakaļ
vecāks
e231f370da
revīzija
5c71a29b34
4 mainītis faili ar 19 papildinājumiem un 10 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 1 0
      core/mac/inc/sir_mac_prot_def.h
  2. 6 6
      core/mac/src/pe/lim/lim_process_auth_frame.c
  3. 6 0
      core/mac/src/pe/lim/lim_security_utils.h
  4. 6 4
      core/mac/src/pe/lim/lim_send_management_frames.c

+ 1 - 0
core/mac/inc/sir_mac_prot_def.h
Parādīt failu 

@@ -562,6 +562,7 @@
 
 #define SIR_MAC_MAX_NUM_OF_DEFAULT_KEYS      4
 
 #define SIR_MAC_KEY_LENGTH                   13 /* WEP Maximum key length size */
 
 #define SIR_MAC_AUTH_CHALLENGE_LENGTH        253
 
+#define SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH    128
 
 #define SIR_MAC_WEP_IV_LENGTH                4
 
 #define SIR_MAC_WEP_ICV_LENGTH               4
 
 #define SIR_MAC_CHALLENGE_ID_LEN             2

+ 6 - 6
core/mac/src/pe/lim/lim_process_auth_frame.c
Parādīt failu 

@@ -200,7 +200,7 @@ static void lim_process_auth_shared_system_algo(tpAniSirGlobal mac_ctx,
 
 		 */
 
 		if (!QDF_IS_STATUS_SUCCESS(cds_rand_get_bytes(0,
 
 				(uint8_t *) challenge_txt_arr,
 
-				SIR_MAC_AUTH_CHALLENGE_LENGTH)))
 
+				SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH)))
 
 			pe_err("Challenge text preparation failed");
 
 		challenge = auth_node->challengeText;
 
 		qdf_mem_copy(challenge, (uint8_t *)challenge_txt_arr,
 
@@ -213,10 +213,10 @@ static void lim_process_auth_shared_system_algo(tpAniSirGlobal mac_ctx,
 
 			rx_auth_frm_body->authTransactionSeqNumber + 1;
 
 		auth_frame->authStatusCode = eSIR_MAC_SUCCESS_STATUS;
 
 		auth_frame->type = SIR_MAC_CHALLENGE_TEXT_EID;
 
-		auth_frame->length = SIR_MAC_AUTH_CHALLENGE_LENGTH;
 
+		auth_frame->length = SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH;
 
 		qdf_mem_copy(auth_frame->challengeText,
 
 				auth_node->challengeText,
 
-				SIR_MAC_AUTH_CHALLENGE_LENGTH);
 
+				SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH);
 
 		lim_send_auth_mgmt_frame(mac_ctx, auth_frame,
 
 				mac_hdr->sa, LIM_NO_WEP_IN_FC,
 
 				pe_session);
 
@@ -273,7 +273,7 @@ static void lim_process_auth_frame_type1(tpAniSirGlobal mac_ctx,
 
 {
 
 	tpDphHashNode sta_ds_ptr = NULL;
 
 	struct tLimPreAuthNode *auth_node;
 
-	uint8_t challenge_txt_arr[SIR_MAC_AUTH_CHALLENGE_LENGTH];
 
+	uint8_t challenge_txt_arr[SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH];
 
 	uint32_t maxnum_preauth;
 
 	uint16_t associd = 0;
 
 
@@ -872,7 +872,7 @@ static void lim_process_auth_frame_type3(tpAniSirGlobal mac_ctx,
 
 		 */
 
 		if (!qdf_mem_cmp(rx_auth_frm_body->challengeText,
 
 					auth_node->challengeText,
 
-					SIR_MAC_AUTH_CHALLENGE_LENGTH)) {
 
+					SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH)) {
 
 			/*
 
 			 * Challenge match. STA is autheticated
 
 			 * Delete Authentication response timer if running
 
@@ -1196,7 +1196,7 @@ lim_process_auth_frame(tpAniSirGlobal mac_ctx, uint8_t *rx_pkt_info,
 
 			goto free;
 
 		}
 
 
-		if (frame_len < LIM_ENCR_AUTH_BODY_LEN) {
 
+		if (frame_len < LIM_ENCR_AUTH_BODY_LEN_SAP) {
 
 			/* Log error */
 
 			pe_err("Not enough size: %d to decry rx Auth frm",
 
 				frame_len);

+ 6 - 0
core/mac/src/pe/lim/lim_security_utils.h
Parādīt failu 

@@ -44,6 +44,12 @@
 
 				 SIR_MAC_WEP_IV_LENGTH + \
 
 				 SIR_MAC_WEP_ICV_LENGTH)
 
 
+#define LIM_ENCR_AUTH_BODY_LEN_SAP  (SIR_MAC_AUTH_FRAME_INFO_LEN + \
 
+					 SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH + \
 
+					 SIR_MAC_CHALLENGE_ID_LEN + \
 
+					 SIR_MAC_WEP_IV_LENGTH + \
 
+					 SIR_MAC_WEP_ICV_LENGTH)
 
+
 
 #define LIM_ENCR_AUTH_INFO_LEN	(SIR_MAC_AUTH_FRAME_INFO_LEN +\
 
 				 SIR_MAC_WEP_IV_LENGTH + \
 
 				 SIR_MAC_WEP_ICV_LENGTH + \

+ 6 - 4
core/mac/src/pe/lim/lim_send_management_frames.c
Parādīt failu 

@@ -2260,7 +2260,8 @@ lim_send_auth_mgmt_frame(tpAniSirGlobal mac_ctx,
 
 
 			challenge_req = true;
 
 			body_len = SIR_MAC_AUTH_FRAME_INFO_LEN +
 
-					SIR_MAC_AUTH_CHALLENGE_BODY_LEN;
 
+				   SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH +
 
+				   SIR_MAC_CHALLENGE_ID_LEN;
 
 			frame_len = sizeof(tSirMacMgmtHdr) + body_len;
 
 		}
 
 		break;
 
@@ -2371,10 +2372,11 @@ alloc_packet:
 
 				*body = auth_frame->length;
 
 				body++;
 
 				qdf_mem_copy(body, auth_frame->challengeText,
 
-					     SIR_MAC_AUTH_CHALLENGE_LENGTH);
 
-				body += SIR_MAC_AUTH_CHALLENGE_LENGTH;
 
+					     SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH);
 
+				body += SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH;
 
 
-				body_len -= SIR_MAC_AUTH_CHALLENGE_BODY_LEN;
 
+				body_len -= SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH +
 
+							SIR_MAC_CHALLENGE_ID_LEN;
 
 			}
 
 		}