qcacld-3.0: Add support of FT-SAE roaming

Introduce new CSR auth type eCSR_AUTH_TYPE_FT_SAE to support the
akm suite selector 00:0F:AC-09(FT-SAE) and 00:0F:AC(FT-Suite-B).
Based on the sta_ctx authType, rsn auth type and hdd key
management type, set the auth type eCSR_AUTH_TYPE_FT_SAE to the
roam_profile during initial connection.

csr_scan_get_result() pushes the scan filter to scm module.
Translate the legacy eCsrAuthType to wlan_auth_type and push it
to the filter->auth_type.

Change-Id: I3ab91799ac280b85cdd67ad26b0eb7519d3b8b14
CRs-Fixed: 2400679

core/hdd/src/wlan_hdd_assoc.c

@@ -124,12 +124,16 @@ uint8_t ccp_rsn_oui_11[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x11};
 uint8_t ccp_rsn_oui_12[HDD_RSN_OUI_SIZE] = {0x50, 0x6F, 0x9A, 0x02};
 uint8_t ccp_rsn_oui_0b[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x0B};
 uint8_t ccp_rsn_oui_0c[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x0C};
+/* FT-SUITE-B AKM */
+uint8_t ccp_rsn_oui_0d[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x0D};
 
 /* OWE https://tools.ietf.org/html/rfc8110 */
 uint8_t ccp_rsn_oui_18[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x12};
 
 #ifdef WLAN_FEATURE_SAE
+/* SAE AKM */
 uint8_t ccp_rsn_oui_80[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x08};
+/* FT SAE AKM */
 uint8_t ccp_rsn_oui_90[HDD_RSN_OUI_SIZE] = {0x00, 0x0F, 0xAC, 0x09};
 #endif
 static const
@@ -1387,6 +1391,10 @@ static void hdd_send_association_event(struct net_device *dev,
 		     eCSR_AUTH_TYPE_FT_RSN_PSK)
 		    || (roam_profile->AuthType.authType[0] ==
 			eCSR_AUTH_TYPE_FT_RSN)
+		    || (roam_profile->AuthType.authType[0] ==
+			eCSR_AUTH_TYPE_FT_SAE)
+		    || (roam_profile->AuthType.authType[0] ==
+			eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384)
 #ifdef FEATURE_WLAN_ESE
 		    || (roam_profile->AuthType.authType[0] ==
 			eCSR_AUTH_TYPE_CCKM_RSN)
@@ -3051,10 +3059,14 @@ hdd_association_completion_handler(struct hdd_adapter *adapter,
 				assocReqlen = 0;
 			}
 
-			if (roam_info->u.pConnectedProfile->AuthType ==
-			    eCSR_AUTH_TYPE_FT_RSN
-			    || roam_info->u.pConnectedProfile->AuthType ==
-			    eCSR_AUTH_TYPE_FT_RSN_PSK) {
+			if ((roam_info->u.pConnectedProfile->AuthType ==
+			     eCSR_AUTH_TYPE_FT_RSN) ||
+			    (roam_info->u.pConnectedProfile->AuthType ==
+			     eCSR_AUTH_TYPE_FT_RSN_PSK) ||
+			    (roam_info->u.pConnectedProfile->AuthType ==
+			     eCSR_AUTH_TYPE_FT_SAE) ||
+			    (roam_info->u.pConnectedProfile->AuthType ==
+			     eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384)) {
 				if (ft_carrier_on) {
 					if (!hddDisconInProgress &&
 						roam_info->pBssDesc) {
@@ -5029,6 +5041,9 @@ static void hdd_translate_sae_rsn_to_csr_auth(int8_t auth_suite[4],
 {
 	if (qdf_mem_cmp(auth_suite, ccp_rsn_oui_80, 4) == 0)
 		*auth_type = eCSR_AUTH_TYPE_SAE;
+	else if (qdf_mem_cmp(auth_suite, ccp_rsn_oui_90, 4) == 0)
+		*auth_type = eCSR_AUTH_TYPE_FT_SAE;
+
 }
 #else
 static inline void hdd_translate_sae_rsn_to_csr_auth(int8_t auth_suite[4],
@@ -5080,6 +5095,9 @@ eCsrAuthType hdd_translate_rsn_to_csr_auth_type(uint8_t auth_suite[4])
 	} else if (memcmp(auth_suite, ccp_rsn_oui_0c, 4) == 0) {
 		/* Check for Suite B EAP 384 */
 		auth_type = eCSR_AUTH_TYPE_SUITEB_EAP_SHA384;
+	} else if (memcmp(auth_suite, ccp_rsn_oui_0d, 4) == 0) {
+		/* Check for FT Suite B EAP 384 */
+		auth_type = eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
 	} else if (memcmp(auth_suite, ccp_rsn_oui_13, 4) == 0) {
 		auth_type = eCSR_AUTH_TYPE_OSEN;
 	} else {
@@ -5648,8 +5666,21 @@ int hdd_set_csr_auth_type(struct hdd_adapter *adapter,
 				/* Suite B EAP SHA 384 */
 				roam_profile->AuthType.authType[0] =
 					eCSR_AUTH_TYPE_SUITEB_EAP_SHA384;
+			} else if ((RSNAuthType == eCSR_AUTH_TYPE_FT_SAE) &&
+				   ((key_mgmt & HDD_AUTH_KEY_MGMT_802_1X) ==
+				    HDD_AUTH_KEY_MGMT_802_1X)) {
+				roam_profile->AuthType.authType[0] =
+						eCSR_AUTH_TYPE_FT_SAE;
+			} else if ((RSNAuthType ==
+				  eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384) &&
+				  ((key_mgmt & HDD_AUTH_KEY_MGMT_802_1X)
+				  == HDD_AUTH_KEY_MGMT_802_1X)) {
+				/* FT Suite-B EAP SHA 384 */
+				roam_profile->AuthType.authType[0] =
+					eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
+
 			} else if ((key_mgmt & HDD_AUTH_KEY_MGMT_802_1X)
-			    == HDD_AUTH_KEY_MGMT_802_1X) {
+				    == HDD_AUTH_KEY_MGMT_802_1X) {
 				roam_profile->AuthType.authType[0] =
 					eCSR_AUTH_TYPE_RSN;
 			} else
@@ -5670,7 +5701,12 @@ int hdd_set_csr_auth_type(struct hdd_adapter *adapter,
 		break;
 
 	case eCSR_AUTH_TYPE_SAE:
-		roam_profile->AuthType.authType[0] = eCSR_AUTH_TYPE_SAE;
+
+		if (RSNAuthType == eCSR_AUTH_TYPE_FT_SAE)
+			roam_profile->AuthType.authType[0] =
+						eCSR_AUTH_TYPE_FT_SAE;
+		else
+			roam_profile->AuthType.authType[0] = eCSR_AUTH_TYPE_SAE;
 		break;
 
 	default:

core/hdd/src/wlan_hdd_cfg80211.c

@@ -5123,6 +5123,8 @@ int wlan_hdd_send_roam_auth_event(struct hdd_adapter *adapter, uint8_t *bssid,
 		/* if FT or CCKM connection: dont send replay counter */
 		if (auth_type != eCSR_AUTH_TYPE_FT_RSN &&
 		    auth_type != eCSR_AUTH_TYPE_FT_RSN_PSK &&
+		    auth_type != eCSR_AUTH_TYPE_FT_SAE &&
+		    auth_type != eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384 &&
 		    auth_type != eCSR_AUTH_TYPE_CCKM_WPA &&
 		    auth_type != eCSR_AUTH_TYPE_CCKM_RSN &&
 		    nla_put(skb,

core/hdd/src/wlan_hdd_debugfs_connect.c

@@ -226,6 +226,10 @@ uint8_t *hdd_auth_type_str(uint32_t auth_type)
 		return "RSN PSK SHA256";
 	case eCSR_AUTH_TYPE_RSN_8021X_SHA256:
 		return "RSN 8021X SHA256";
+	case eCSR_AUTH_TYPE_FT_SAE:
+		return "FT SAE";
+	case eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384:
+		return "FT Suite B SHA384";
 	case eCSR_NUM_OF_SUPPORT_AUTH_TYPE:
 		return "NUM OF SUPPORT AUTH TYPE";
 	case eCSR_AUTH_TYPE_FAILED:

core/hdd/src/wlan_hdd_station_info.c

@@ -246,6 +246,12 @@ static int hdd_convert_auth_type(uint32_t auth_type)
 	case eCSR_AUTH_TYPE_RSN_8021X_SHA256:
 		ret_val = QCA_WLAN_AUTH_TYPE_SHA256;
 		break;
+	case eCSR_AUTH_TYPE_FT_SAE:
+		ret_val = QCA_WLAN_AUTH_TYPE_FT_SAE;
+		break;
+	case eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384:
+		ret_val = QCA_WLAN_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
+		break;
 	case eCSR_NUM_OF_SUPPORT_AUTH_TYPE:
 	case eCSR_AUTH_TYPE_FAILED:
 	case eCSR_AUTH_TYPE_NONE:

core/sme/inc/csr_api.h

@@ -67,6 +67,8 @@ typedef enum {
 	eCSR_AUTH_TYPE_SUITEB_EAP_SHA256,
 	eCSR_AUTH_TYPE_SUITEB_EAP_SHA384,
 	eCSR_AUTH_TYPE_OSEN,
+	eCSR_AUTH_TYPE_FT_SAE,
+	eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384,
 	eCSR_NUM_OF_SUPPORT_AUTH_TYPE,
 	eCSR_AUTH_TYPE_FAILED = 0xff,
 	eCSR_AUTH_TYPE_UNKNOWN = eCSR_AUTH_TYPE_FAILED,

core/sme/src/csr/csr_api_roam.c

@@ -3896,6 +3896,7 @@ QDF_STATUS csr_roam_prepare_bss_config(struct mac_context *mac,
 		pBssConfig->authType = eSIR_AUTO_SWITCH;
 		break;
 	case eCSR_AUTH_TYPE_SAE:
+	case eCSR_AUTH_TYPE_FT_SAE:
 		pBssConfig->authType = eSIR_AUTH_TYPE_SAE;
 		break;
 	}
@@ -4037,6 +4038,7 @@ QDF_STATUS csr_roam_prepare_bss_config_from_profile(
 		pBssConfig->authType = eSIR_AUTO_SWITCH;
 		break;
 	case eCSR_AUTH_TYPE_SAE:
+	case eCSR_AUTH_TYPE_FT_SAE:
 		pBssConfig->authType = eSIR_AUTH_TYPE_SAE;
 		break;
 	}
@@ -4962,6 +4964,7 @@ static void csr_roam_assign_default_param(struct mac_context *mac,
 		break;
 
 	case eCSR_AUTH_TYPE_SAE:
+	case eCSR_AUTH_TYPE_FT_SAE:
 		pCommand->u.roamCmd.roamProfile.negotiatedAuthType =
 			eCSR_AUTH_TYPE_SAE;
 		break;
@@ -5775,13 +5778,15 @@ static QDF_STATUS csr_roam_save_params(struct mac_context *mac_ctx,
 	uint8_t *pIeBuf;
 
 	if ((eCSR_AUTH_TYPE_RSN == auth_type) ||
-		(eCSR_AUTH_TYPE_FT_RSN == auth_type) ||
-		(eCSR_AUTH_TYPE_FT_RSN_PSK == auth_type) ||
+	    (eCSR_AUTH_TYPE_FT_RSN == auth_type) ||
+	    (eCSR_AUTH_TYPE_FT_RSN_PSK == auth_type) ||
+	    (eCSR_AUTH_TYPE_FT_SAE == auth_type) ||
+	    (eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384 == auth_type) ||
 #if defined WLAN_FEATURE_11W
-		(eCSR_AUTH_TYPE_RSN_PSK_SHA256 == auth_type) ||
-		(eCSR_AUTH_TYPE_RSN_8021X_SHA256 == auth_type) ||
+	    (eCSR_AUTH_TYPE_RSN_PSK_SHA256 == auth_type) ||
+	    (eCSR_AUTH_TYPE_RSN_8021X_SHA256 == auth_type) ||
 #endif
-		(eCSR_AUTH_TYPE_RSN_PSK == auth_type)) {
+	    (eCSR_AUTH_TYPE_RSN_PSK == auth_type)) {
 		if (ie_local->RSN.present) {
 			tDot11fIERSN *rsnie = &ie_local->RSN;
 			/*
@@ -5958,6 +5963,8 @@ static QDF_STATUS csr_roam_save_security_rsp_ie(struct mac_context *mac,
 		(eCSR_AUTH_TYPE_RSN_PSK == authType)
 		|| (eCSR_AUTH_TYPE_FT_RSN == authType) ||
 		(eCSR_AUTH_TYPE_FT_RSN_PSK == authType)
+		|| (eCSR_AUTH_TYPE_FT_SAE == authType)
+		|| (eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384 == authType)
 #ifdef FEATURE_WLAN_WAPI
 		|| (eCSR_AUTH_TYPE_WAPI_WAI_PSK == authType) ||
 		(eCSR_AUTH_TYPE_WAPI_WAI_CERTIFICATE == authType)

core/sme/src/csr/csr_api_scan.c

@@ -2140,6 +2140,10 @@ static enum wlan_auth_type csr_covert_auth_type_new(eCsrAuthType auth)
 		return WLAN_AUTH_TYPE_SAE;
 	case eCSR_AUTH_TYPE_OSEN:
 		return WLAN_AUTH_TYPE_OSEN;
+	case eCSR_AUTH_TYPE_FT_SAE:
+		return WLAN_AUTH_TYPE_FT_SAE;
+	case eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384:
+		return WLAN_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
 	case eCSR_NUM_OF_SUPPORT_AUTH_TYPE:
 	default:
 		return WLAN_AUTH_TYPE_OPEN_SYSTEM;
@@ -2201,6 +2205,10 @@ static eCsrAuthType csr_covert_auth_type_old(enum wlan_auth_type auth)
 		return eCSR_AUTH_TYPE_SAE;
 	case WLAN_AUTH_TYPE_OSEN:
 		return eCSR_AUTH_TYPE_OSEN;
+	case WLAN_AUTH_TYPE_FT_SAE:
+		return eCSR_AUTH_TYPE_FT_SAE;
+	case WLAN_AUTH_TYPE_FT_SUITEB_EAP_SHA384:
+		return eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
 	case WLAN_NUM_OF_SUPPORT_AUTH_TYPE:
 	default:
 		return eCSR_AUTH_TYPE_OPEN_SYSTEM;

core/sme/src/csr/csr_util.c

@@ -130,6 +130,9 @@ uint8_t csr_rsn_oui[][CSR_RSN_OUI_SIZE] = {
 #define ENUM_OSEN 21
 	/* OSEN RSN */
 	{0x50, 0x6F, 0x9A, 0x01},
+#define ENUM_FT_SUITEB_SHA384 22
+	/* FT Suite-B SHA384 */
+	{0x00, 0x0F, 0xAC, 0x0D},
 
 	/* define new oui here, update #define CSR_OUI_***_INDEX  */
 };
@@ -2118,9 +2121,11 @@ bool csr_is_profile_rsn(struct csr_roam_profile *pProfile)
 	case eCSR_AUTH_TYPE_OWE:
 	case eCSR_AUTH_TYPE_SUITEB_EAP_SHA256:
 	case eCSR_AUTH_TYPE_SUITEB_EAP_SHA384:
+	case eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384:
 		fRSNProfile = true;
 		break;
 	case eCSR_AUTH_TYPE_SAE:
+	case eCSR_AUTH_TYPE_FT_SAE:
 		fRSNProfile = true;
 		break;
 
@@ -2548,6 +2553,8 @@ bool csr_is_auth_type11r(struct mac_context *mac, eCsrAuthType auth_type,
 		break;
 	case eCSR_AUTH_TYPE_FT_RSN_PSK:
 	case eCSR_AUTH_TYPE_FT_RSN:
+	case eCSR_AUTH_TYPE_FT_SAE:
+	case eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384:
 		return true;
 	default:
 		break;
@@ -2948,6 +2955,24 @@ static bool csr_is_auth_suiteb_eap_384(struct mac_context *mac,
 				csr_rsn_oui[ENUM_SUITEB_EAP384], oui);
 }
 
+/*
+ * csr_is_auth_ft_suiteb_eap_384() - check whether oui is SuiteB EAP384
+ * @mac: Global MAC context
+ * @all_suites: pointer to all supported akm suites
+ * @suite_count: all supported akm suites count
+ * @oui: Oui needs to be matched
+ *
+ * Return: True if OUI is FT SuiteB EAP384, false otherwise
+ */
+static
+bool csr_is_auth_ft_suiteb_eap_384(struct mac_context *mac,
+				   uint8_t all_suites[][CSR_RSN_OUI_SIZE],
+				   uint8_t suite_count, uint8_t oui[])
+{
+	return csr_is_oui_match(mac, all_suites, suite_count,
+				csr_rsn_oui[ENUM_FT_SUITEB_SHA384], oui);
+}
+
 #ifdef WLAN_FEATURE_SAE
 /*
  * csr_is_auth_wpa_sae() - check whether oui is SAE
@@ -2962,8 +2987,13 @@ static bool csr_is_auth_wpa_sae(struct mac_context *mac,
 			       uint8_t all_suites[][CSR_RSN_OUI_SIZE],
 			       uint8_t suite_count, uint8_t oui[])
 {
-	return csr_is_oui_match
-		(mac, all_suites, suite_count, csr_rsn_oui[ENUM_SAE], oui);
+	bool is_sae_auth;
+
+	is_sae_auth = (csr_is_oui_match(mac, all_suites, suite_count,
+					csr_rsn_oui[ENUM_SAE], oui) ||
+		       csr_is_oui_match(mac, all_suites, suite_count,
+					csr_rsn_oui[ENUM_FT_SAE], oui));
+	return is_sae_auth;
 }
 #endif
 
@@ -3160,6 +3190,8 @@ static void csr_check_sae_auth(struct mac_context *mac_ctx,
 	   c_auth_suites, authentication)) {
 		if (eCSR_AUTH_TYPE_SAE == auth_type->authType[index])
 			*neg_authtype = eCSR_AUTH_TYPE_SAE;
+		else if (eCSR_AUTH_TYPE_FT_SAE == auth_type->authType[index])
+			*neg_authtype = eCSR_AUTH_TYPE_FT_SAE;
 	}
 	sme_debug("negotiated auth type is %d", *neg_authtype);
 }
@@ -3404,6 +3436,15 @@ static bool csr_get_rsn_information(struct mac_context *mac_ctx,
 						auth_type->authType[i])
 				neg_authtype = eCSR_AUTH_TYPE_SUITEB_EAP_SHA384;
 		}
+		if ((neg_authtype == eCSR_AUTH_TYPE_UNKNOWN) &&
+		    csr_is_auth_ft_suiteb_eap_384(mac_ctx, authsuites,
+						  c_auth_suites,
+						  authentication)) {
+			if (eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384 ==
+						auth_type->authType[i])
+				neg_authtype =
+					eCSR_AUTH_TYPE_FT_SUITEB_EAP_SHA384;
+		}
 
 		/*
 		 * The 1st auth type in the APs RSN IE, to match stations