samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Vork 0
Code Kwesties Pull-aanvragen Actions Packages Projecten Publicaties Wiki Activiteit

qcacld-3.0: Changes to support FILS AKMs

Bladeren bron 
Add changes to support and parse AKM required for FILS support.

Change-Id: I64f692c3e8173b778fcd4ca6ac2391b8de2bc1d2
CRs-Fixed: 2028113
This commit is contained in:
Sridhar Selvaraj
2017-08-21 14:28:10 +05:30
gecommit door Anjaneedevi Kapparapu
bovenliggende a44c19ee19
commit 6cf642fe04
5 gewijzigde bestanden met toevoegingen van 235 en 8 verwijderingen
Download Patch-bestand Download Diff-bestand Expand all files Collapse all files

73
core/hdd/src/wlan_hdd_assoc.c
Bestand weergeven

@@ -114,6 +114,12 @@ uint8_t ccp_rsn_oui09[HDD_RSN_OUI_SIZE] = { 0x00, 0x0F, 0xAC, 0x08 };
/* AES-GCMP-256 */
uint8_t ccp_rsn_oui0a[HDD_RSN_OUI_SIZE] = { 0x00, 0x0F, 0xAC, 0x09 };
#ifdef WLAN_FEATURE_FILS_SK
uint8_t ccp_rsn_oui_0e[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x0E};
uint8_t ccp_rsn_oui_0f[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x0F};
uint8_t ccp_rsn_oui_10[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x10};
uint8_t ccp_rsn_oui_11[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x11};
#endif
/* Offset where the EID-Len-IE, start. */
#define FT_ASSOC_RSP_IES_OFFSET 6 /* Capability(2) + AID(2) + Status Code(2) */
@@ -5264,6 +5270,33 @@ hdd_sme_roam_callback(void *pContext, tCsrRoamInfo *pRoamInfo, uint32_t roamId,
return qdf_ret_status;
}
#ifdef WLAN_FEATURE_FILS_SK
/**
* hdd_translate_fils_rsn_to_csr_auth() - Translate FILS RSN to CSR auth type
* @auth_suite: auth suite
* @auth_type: pointer to eCsrAuthType
*
* Return: None
*/
static void hdd_translate_fils_rsn_to_csr_auth(int8_t auth_suite[4],
eCsrAuthType *auth_type)
{
if (!memcmp(auth_suite, ccp_rsn_oui_0e, 4))
*auth_type = eCSR_AUTH_TYPE_FILS_SHA256;
else if (!memcmp(auth_suite, ccp_rsn_oui_0f, 4))
*auth_type = eCSR_AUTH_TYPE_FILS_SHA384;
else if (!memcmp(auth_suite, ccp_rsn_oui_10, 4))
*auth_type = eCSR_AUTH_TYPE_FT_FILS_SHA256;
else if (!memcmp(auth_suite, ccp_rsn_oui_11, 4))
*auth_type = eCSR_AUTH_TYPE_FT_FILS_SHA384;
}
#else
static inline void hdd_translate_fils_rsn_to_csr_auth(int8_t auth_suite[4],
eCsrAuthType *auth_type)
{
}
#endif
/**
* hdd_translate_rsn_to_csr_auth_type() - Translate RSN to CSR auth type
* @auth_suite: auth suite
@@ -5272,7 +5305,7 @@ hdd_sme_roam_callback(void *pContext, tCsrRoamInfo *pRoamInfo, uint32_t roamId,
*/
eCsrAuthType hdd_translate_rsn_to_csr_auth_type(uint8_t auth_suite[4])
{
eCsrAuthType auth_type;
eCsrAuthType auth_type = eCSR_AUTH_TYPE_UNKNOWN;
/* is the auth type supported? */
if (memcmp(auth_suite, ccp_rsn_oui01, 4) == 0) {
auth_type = eCSR_AUTH_TYPE_RSN;
@@ -5298,8 +5331,9 @@ eCsrAuthType hdd_translate_rsn_to_csr_auth_type(uint8_t auth_suite[4])
} else
#endif
{
auth_type = eCSR_AUTH_TYPE_UNKNOWN;
hdd_translate_fils_rsn_to_csr_auth(auth_suite, &auth_type);
}
hdd_debug("auth_type: %d", auth_type);
return auth_type;
}
@@ -5311,7 +5345,7 @@ eCsrAuthType hdd_translate_rsn_to_csr_auth_type(uint8_t auth_suite[4])
*/
eCsrAuthType hdd_translate_wpa_to_csr_auth_type(uint8_t auth_suite[4])
{
eCsrAuthType auth_type;
eCsrAuthType auth_type = eCSR_AUTH_TYPE_UNKNOWN;
/* is the auth type supported? */
if (memcmp(auth_suite, ccp_wpa_oui01, 4) == 0) {
auth_type = eCSR_AUTH_TYPE_WPA;
@@ -5324,7 +5358,7 @@ eCsrAuthType hdd_translate_wpa_to_csr_auth_type(uint8_t auth_suite[4])
} else
#endif /* FEATURE_WLAN_ESE */
{
auth_type = eCSR_AUTH_TYPE_UNKNOWN;
hdd_translate_fils_rsn_to_csr_auth(auth_suite, &auth_type);
}
hdd_debug("auth_type: %d", auth_type);
return auth_type;
@@ -5617,6 +5651,30 @@ int hdd_set_genie_to_csr(hdd_adapter_t *pAdapter, eCsrAuthType *RSNAuthType)
return 0;
}
#ifdef WLAN_FEATURE_FILS_SK
/**
* hdd_is_rsn_is_fils() - This API checks whether a give auth type is FILS
* @rsn_auth_type: auth type
*
* Return: true if FILS auth else false
*/
static bool hdd_is_rsn_is_fils(eCsrAuthType rsn_auth_type)
{
if ((rsn_auth_type == eCSR_AUTH_TYPE_FILS_SHA256) ||
(rsn_auth_type == eCSR_AUTH_TYPE_FILS_SHA384) ||
(rsn_auth_type == eCSR_AUTH_TYPE_FT_FILS_SHA256) ||
(rsn_auth_type == eCSR_AUTH_TYPE_FT_FILS_SHA384))
return true;
return false;
}
#else
static inline bool hdd_is_rsn_is_fils(eCsrAuthType rsn_auth_type)
{
return false;
}
#endif
/**
* hdd_set_csr_auth_type() - set csr auth type
* @pAdapter: pointer to adapter
@@ -5714,8 +5772,11 @@ int hdd_set_csr_auth_type(hdd_adapter_t *pAdapter, eCsrAuthType RSNAuthType)
eCSR_AUTH_TYPE_RSN_8021X_SHA256;
} else
#endif
if ((pWextState->
if (hdd_is_rsn_is_fils(RSNAuthType)) {
hdd_info("updated fils auth");
pRoamProfile->AuthType.authType[0] =
RSNAuthType;
} else if ((pWextState->
authKeyMgmt & IW_AUTH_KEY_MGMT_802_1X)
== IW_AUTH_KEY_MGMT_802_1X) {
pRoamProfile->AuthType.authType[0] =

9
core/hdd/src/wlan_hdd_cfg80211.c
Bestand weergeven

@@ -15039,7 +15039,14 @@ static int wlan_hdd_set_akm_suite(hdd_adapter_t *pAdapter, u32 key_mgmt)
hdd_debug("setting key mgmt type to OSEN");
pWextState->authKeyMgmt |= IW_AUTH_KEY_MGMT_802_1X;
break;
#ifdef WLAN_FEATURE_FILS_SK
case WLAN_AKM_SUITE_FILS_SHA256:
case WLAN_AKM_SUITE_FILS_SHA384:
case WLAN_AKM_SUITE_FT_FILS_SHA256:
case WLAN_AKM_SUITE_FT_FILS_SHA384:
pWextState->authKeyMgmt |= IW_AUTH_KEY_MGMT_802_1X;
break;
#endif
default:
hdd_err("Unsupported key mgmt type: %d", key_mgmt);
return -EINVAL;

4
core/sme/inc/csr_api.h
Bestand weergeven

@@ -65,6 +65,10 @@ typedef enum {
eCSR_AUTH_TYPE_CCKM_RSN,
eCSR_AUTH_TYPE_RSN_PSK_SHA256,
eCSR_AUTH_TYPE_RSN_8021X_SHA256,
eCSR_AUTH_TYPE_FILS_SHA256,
eCSR_AUTH_TYPE_FILS_SHA384,
eCSR_AUTH_TYPE_FT_FILS_SHA256,
eCSR_AUTH_TYPE_FT_FILS_SHA384,
eCSR_NUM_OF_SUPPORT_AUTH_TYPE,
eCSR_AUTH_TYPE_FAILED = 0xff,
eCSR_AUTH_TYPE_UNKNOWN = eCSR_AUTH_TYPE_FAILED,

16
core/sme/src/csr/csr_api_scan.c
Bestand weergeven

@@ -5338,6 +5338,14 @@ static enum wlan_auth_type csr_covert_auth_type_new(eCsrAuthType auth)
return WLAN_AUTH_TYPE_RSN_PSK_SHA256;
case eCSR_AUTH_TYPE_RSN_8021X_SHA256:
return WLAN_AUTH_TYPE_RSN_8021X_SHA256;
case eCSR_AUTH_TYPE_FILS_SHA256:
return WLAN_AUTH_TYPE_FILS_SHA256;
case eCSR_AUTH_TYPE_FILS_SHA384:
return WLAN_AUTH_TYPE_FILS_SHA384;
case eCSR_AUTH_TYPE_FT_FILS_SHA256:
return WLAN_AUTH_TYPE_FT_FILS_SHA256;
case eCSR_AUTH_TYPE_FT_FILS_SHA384:
return WLAN_AUTH_TYPE_FT_FILS_SHA384;
case eCSR_NUM_OF_SUPPORT_AUTH_TYPE:
default:
return WLAN_AUTH_TYPE_OPEN_SYSTEM;
@@ -5379,6 +5387,14 @@ static eCsrAuthType csr_covert_auth_type_old(enum wlan_auth_type auth)
return eCSR_AUTH_TYPE_RSN_PSK_SHA256;
case WLAN_AUTH_TYPE_RSN_8021X_SHA256:
return eCSR_AUTH_TYPE_RSN_8021X_SHA256;
case WLAN_AUTH_TYPE_FILS_SHA256:
return eCSR_AUTH_TYPE_FILS_SHA256;
case WLAN_AUTH_TYPE_FILS_SHA384:
return eCSR_AUTH_TYPE_FILS_SHA384;
case WLAN_AUTH_TYPE_FT_FILS_SHA256:
return eCSR_AUTH_TYPE_FT_FILS_SHA256;
case WLAN_AUTH_TYPE_FT_FILS_SHA384:
return eCSR_AUTH_TYPE_FT_FILS_SHA384;
case WLAN_NUM_OF_SUPPORT_AUTH_TYPE:
default:
return eCSR_AUTH_TYPE_OPEN_SYSTEM;

141
core/sme/src/csr/csr_util.c
Bestand weergeven

@@ -2402,6 +2402,11 @@ bool csr_is_profile_rsn(tCsrRoamProfile *pProfile)
case eCSR_AUTH_TYPE_RSN_PSK_SHA256:
case eCSR_AUTH_TYPE_RSN_8021X_SHA256:
#endif
/* fallthrough */
case eCSR_AUTH_TYPE_FILS_SHA256:
case eCSR_AUTH_TYPE_FILS_SHA384:
case eCSR_AUTH_TYPE_FT_FILS_SHA256:
case eCSR_AUTH_TYPE_FT_FILS_SHA384:
fRSNProfile = true;
break;
@@ -3097,6 +3102,76 @@ static bool csr_is_auth_rsn8021x_sha256(tpAniSirGlobal pMac,
}
#endif
#ifdef WLAN_FEATURE_FILS_SK
/*
* csr_is_auth_fils_sha256() - check whether oui is fils sha256
* @mac: Global MAC context
* @all_suites: pointer to all supported akm suites
* @suite_count: all supported akm suites count
* @oui: Oui needs to be matched
*
* Return: True if OUI is FILS SHA256, false otherwise
*/
static bool csr_is_auth_fils_sha256(tpAniSirGlobal mac,
uint8_t all_suites[][CSR_RSN_OUI_SIZE],
uint8_t suite_count, uint8_t oui[])
{
return csr_is_oui_match(mac, all_suites, suite_count,
csr_rsn_oui[ENUM_FILS_SHA256], oui);
}
/*
* csr_is_auth_fils_sha384() - check whether oui is fils sha384
* @mac: Global MAC context
* @all_suites: pointer to all supported akm suites
* @suite_count: all supported akm suites count
* @oui: Oui needs to be matched
*
* Return: True if OUI is FILS SHA384, false otherwise
*/
static bool csr_is_auth_fils_sha384(tpAniSirGlobal mac,
uint8_t all_suites[][CSR_RSN_OUI_SIZE],
uint8_t suite_count, uint8_t oui[])
{
return csr_is_oui_match(mac, all_suites, suite_count,
csr_rsn_oui[ENUM_FILS_SHA384], oui);
}
/*
* csr_is_auth_fils_ft_sha256() - check whether oui is fils ft sha256
* @mac: Global MAC context
* @all_suites: pointer to all supported akm suites
* @suite_count: all supported akm suites count
* @oui: Oui needs to be matched
*
* Return: True if OUI is FT FILS SHA256, false otherwise
*/
static bool csr_is_auth_fils_ft_sha256(tpAniSirGlobal mac,
uint8_t all_suites[][CSR_RSN_OUI_SIZE],
uint8_t suite_count, uint8_t oui[])
{
return csr_is_oui_match(mac, all_suites, suite_count,
csr_rsn_oui[ENUM_FT_FILS_SHA256], oui);
}
/*
* csr_is_auth_fils_ft_sha384() - check whether oui is fils ft sha384
* @mac: Global MAC context
* @all_suites: pointer to all supported akm suites
* @suite_count: all supported akm suites count
* @oui: Oui needs to be matched
*
* Return: True if OUI is FT FILS SHA384, false otherwise
*/
static bool csr_is_auth_fils_ft_sha384(tpAniSirGlobal mac,
uint8_t all_suites[][CSR_RSN_OUI_SIZE],
uint8_t suite_count, uint8_t oui[])
{
return csr_is_oui_match(mac, all_suites, suite_count,
csr_rsn_oui[ENUM_FT_FILS_SHA384], oui);
}
#endif
static bool csr_is_auth_wpa(tpAniSirGlobal pMac,
uint8_t AllSuites[][CSR_WPA_OUI_SIZE],
uint8_t cAllSuites, uint8_t Oui[])
@@ -3153,6 +3228,66 @@ static uint8_t csr_get_oui_index_from_cipher(eCsrEncryptionType enType)
return OUIIndex;
}
#ifdef WLAN_FEATURE_FILS_SK
/**
* csr_is_fils_auth() - update negotiated auth if matches to FILS auth type
* @mac_ctx: pointer to mac context
* @authsuites: auth suites
* @c_auth_suites: auth suites count
* @authentication: authentication
* @auth_type: authentication type list
* @index: current counter
* @neg_authtype: pointer to negotiated auth
*
* Return: None
*/
static void csr_is_fils_auth(tpAniSirGlobal mac_ctx,
uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
uint8_t authentication[], tCsrAuthList *auth_type,
uint8_t index, eCsrAuthType *neg_authtype)
{
/*
* TODO Always try with highest security
* move this down once sha384 is validated
*/
if (csr_is_auth_fils_sha256(mac_ctx, authsuites,
c_auth_suites, authentication)) {
if (eCSR_AUTH_TYPE_FILS_SHA256 ==
auth_type->authType[index])
*neg_authtype = eCSR_AUTH_TYPE_FILS_SHA256;
}
if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
csr_is_auth_fils_sha384(mac_ctx, authsuites,
c_auth_suites, authentication)) {
if (eCSR_AUTH_TYPE_FILS_SHA384 ==
auth_type->authType[index])
*neg_authtype = eCSR_AUTH_TYPE_FILS_SHA384;
}
if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
csr_is_auth_fils_ft_sha256(mac_ctx, authsuites,
c_auth_suites, authentication)) {
if (eCSR_AUTH_TYPE_FT_FILS_SHA256 ==
auth_type->authType[index])
*neg_authtype = eCSR_AUTH_TYPE_FT_FILS_SHA256;
}
if ((*neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
csr_is_auth_fils_ft_sha384(mac_ctx, authsuites,
c_auth_suites, authentication)) {
if (eCSR_AUTH_TYPE_FT_FILS_SHA384 ==
auth_type->authType[index])
*neg_authtype = eCSR_AUTH_TYPE_FT_FILS_SHA384;
}
sme_debug("negotiated auth type is %d", *neg_authtype);
}
#else
static void csr_is_fils_auth(tpAniSirGlobal mac_ctx,
uint8_t authsuites[][CSR_RSN_OUI_SIZE], uint8_t c_auth_suites,
uint8_t authentication[], tCsrAuthList *auth_type,
uint8_t index, eCsrAuthType *neg_authtype)
{
}
#endif
/**
* csr_get_rsn_information() - to get RSN infomation
* @hal: pointer to HAL
@@ -3237,8 +3372,12 @@ static bool csr_get_rsn_information(tHalHandle hal, tCsrAuthList *auth_type,
* Ciphers are supported, Match authentication algorithm and
* pick first matching authtype.
*/
/* Set FILS as first preference */
csr_is_fils_auth(mac_ctx, authsuites, c_auth_suites,
authentication, auth_type, i, &neg_authtype);
/* Changed the AKM suites according to order of preference */
if (csr_is_ft_auth_rsn(mac_ctx, authsuites,
if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
csr_is_ft_auth_rsn(mac_ctx, authsuites,
c_auth_suites, authentication)) {
if (eCSR_AUTH_TYPE_FT_RSN == auth_type->authType[i])
neg_authtype = eCSR_AUTH_TYPE_FT_RSN;