samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Set length of challenge text sent by SAP to 128

Browse Source 
SIR_MAC_AUTH_CHALLENGE_LENGTH is updated to 253 from
128 as per IEEE spec due to connection fails between
DUT-SAP and old ref-STA. Auth failure occurs as encrypted
data sent by ref-STA is only 128 bytes instead of 253
bytes.

Fix is to set length of challenge text sent by SAP
to 128 bytes.

Change-Id: I81409bb58ad34e469c54e2909f45b8a6826eb06a
CRs-Fixed: 2096512
This commit is contained in:
yeshwanth sriram guntuka
2017-08-24 15:51:19 +05:30
committed by snandini
parent e231f370da
commit 5c71a29b34
4 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/mac/inc/sir_mac_prot_def.h
View File

@@ -562,6 +562,7 @@
#define SIR_MAC_MAX_NUM_OF_DEFAULT_KEYS 4
#define SIR_MAC_KEY_LENGTH 13 /* WEP Maximum key length size */
#define SIR_MAC_AUTH_CHALLENGE_LENGTH 253
#define SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH 128
#define SIR_MAC_WEP_IV_LENGTH 4
#define SIR_MAC_WEP_ICV_LENGTH 4
#define SIR_MAC_CHALLENGE_ID_LEN 2

12
core/mac/src/pe/lim/lim_process_auth_frame.c
View File

@@ -200,7 +200,7 @@ static void lim_process_auth_shared_system_algo(tpAniSirGlobal mac_ctx,
*/
if (!QDF_IS_STATUS_SUCCESS(cds_rand_get_bytes(0,
(uint8_t *) challenge_txt_arr,
SIR_MAC_AUTH_CHALLENGE_LENGTH)))
SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH)))
pe_err("Challenge text preparation failed");
challenge = auth_node->challengeText;
qdf_mem_copy(challenge, (uint8_t *)challenge_txt_arr,
@@ -213,10 +213,10 @@ static void lim_process_auth_shared_system_algo(tpAniSirGlobal mac_ctx,
rx_auth_frm_body->authTransactionSeqNumber + 1;
auth_frame->authStatusCode = eSIR_MAC_SUCCESS_STATUS;
auth_frame->type = SIR_MAC_CHALLENGE_TEXT_EID;
auth_frame->length = SIR_MAC_AUTH_CHALLENGE_LENGTH;
auth_frame->length = SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH;
qdf_mem_copy(auth_frame->challengeText,
auth_node->challengeText,
SIR_MAC_AUTH_CHALLENGE_LENGTH);
SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH);
lim_send_auth_mgmt_frame(mac_ctx, auth_frame,
mac_hdr->sa, LIM_NO_WEP_IN_FC,
pe_session);
@@ -273,7 +273,7 @@ static void lim_process_auth_frame_type1(tpAniSirGlobal mac_ctx,
{
tpDphHashNode sta_ds_ptr = NULL;
struct tLimPreAuthNode *auth_node;
uint8_t challenge_txt_arr[SIR_MAC_AUTH_CHALLENGE_LENGTH];
uint8_t challenge_txt_arr[SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH];
uint32_t maxnum_preauth;
uint16_t associd = 0;
@@ -872,7 +872,7 @@ static void lim_process_auth_frame_type3(tpAniSirGlobal mac_ctx,
*/
if (!qdf_mem_cmp(rx_auth_frm_body->challengeText,
auth_node->challengeText,
SIR_MAC_AUTH_CHALLENGE_LENGTH)) {
SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH)) {
/*
* Challenge match. STA is autheticated
* Delete Authentication response timer if running
@@ -1196,7 +1196,7 @@ lim_process_auth_frame(tpAniSirGlobal mac_ctx, uint8_t *rx_pkt_info,
goto free;
}
if (frame_len < LIM_ENCR_AUTH_BODY_LEN) {
if (frame_len < LIM_ENCR_AUTH_BODY_LEN_SAP) {
/* Log error */
pe_err("Not enough size: %d to decry rx Auth frm",
frame_len);

6
core/mac/src/pe/lim/lim_security_utils.h
View File

@@ -44,6 +44,12 @@
SIR_MAC_WEP_IV_LENGTH + \
SIR_MAC_WEP_ICV_LENGTH)
#define LIM_ENCR_AUTH_BODY_LEN_SAP (SIR_MAC_AUTH_FRAME_INFO_LEN + \
SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH + \
SIR_MAC_CHALLENGE_ID_LEN + \
SIR_MAC_WEP_IV_LENGTH + \
SIR_MAC_WEP_ICV_LENGTH)
#define LIM_ENCR_AUTH_INFO_LEN (SIR_MAC_AUTH_FRAME_INFO_LEN +\
SIR_MAC_WEP_IV_LENGTH + \
SIR_MAC_WEP_ICV_LENGTH + \

10
core/mac/src/pe/lim/lim_send_management_frames.c
View File

@@ -2260,7 +2260,8 @@ lim_send_auth_mgmt_frame(tpAniSirGlobal mac_ctx,
challenge_req = true;
body_len = SIR_MAC_AUTH_FRAME_INFO_LEN +
SIR_MAC_AUTH_CHALLENGE_BODY_LEN;
SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH +
SIR_MAC_CHALLENGE_ID_LEN;
frame_len = sizeof(tSirMacMgmtHdr) + body_len;
}
break;
@@ -2371,10 +2372,11 @@ alloc_packet:
*body = auth_frame->length;
body++;
qdf_mem_copy(body, auth_frame->challengeText,
SIR_MAC_AUTH_CHALLENGE_LENGTH);
body += SIR_MAC_AUTH_CHALLENGE_LENGTH;
SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH);
body += SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH;
body_len -= SIR_MAC_AUTH_CHALLENGE_BODY_LEN;
body_len -= SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH +
SIR_MAC_CHALLENGE_ID_LEN;
}
}