qcacld-3.0: Drop connect if MFPEnabled is set but AP is non-PMF

qcacld-2.0 to qcacld-3.0 propagation

If ieee80211w=2 or pmf=2 is an explicit configuration in the
supplicant configuration MFPEnabled is set and driver assume it
as a PMF required connection, even if AP is in open security
mode.

Now when disconnect is received from supplicant driver sends a
protected deauth and assert is observed as firmware do not have
any valid key.

To fix this if ieee80211w=2 or pmf=2 is an explicit configuration
in the supplicant configuration but peer AP is non-PMF drop the
connection request.

Change-Id: I40faf63df4e95b367d66e9b51ff165759989a1d1
CRs-Fixed: 1011976

core/hdd/src/wlan_hdd_cfg80211.c

@@ -10413,6 +10413,20 @@ static int wlan_hdd_cfg80211_connect_start(hdd_adapter_t *pAdapter,
 			}
 			hdd_select_cbmode(pAdapter, operatingChannel);
 		}
+		/*
+		 * if MFPEnabled is set but the peer AP is non-PMF i.e 80211w=2
+		 * or pmf=2 is an explicit configuration in the supplicant
+		 * configuration, drop the connection request.
+		 */
+		if (pWextState->roamProfile.MFPEnabled &&
+		    !(pWextState->roamProfile.MFPRequired ||
+		    pWextState->roamProfile.MFPCapable)) {
+			hdd_err("Drop connect req as supplicant has indicated PMF req for a non-PMF peer. MFPEnabled %d MFPRequired %d MFPCapable %d",
+					pWextState->roamProfile.MFPEnabled,
+					pWextState->roamProfile.MFPRequired,
+					pWextState->roamProfile.MFPCapable);
+			return -EINVAL;
+		}
 
 		if (true == cds_is_connection_in_progress()) {
 			hdd_err("Connection refused: conn in progress");