diff --git a/components/tdls/core/src/wlan_tdls_cmds_process.c b/components/tdls/core/src/wlan_tdls_cmds_process.c index e6de135428..23f9563042 100644 --- a/components/tdls/core/src/wlan_tdls_cmds_process.c +++ b/components/tdls/core/src/wlan_tdls_cmds_process.c @@ -307,6 +307,7 @@ static QDF_STATUS tdls_pe_update_peer(struct tdls_update_peer_request *req) &update_peer->vht_cap, sizeof(update_peer->vht_cap)); addstareq->supported_rates_length = update_peer->supported_rates_len; + addstareq->is_pmf = update_peer->is_pmf; qdf_mem_copy(&addstareq->supported_rates, update_peer->supported_rates, update_peer->supported_rates_len); diff --git a/components/tdls/dispatcher/inc/wlan_tdls_public_structs.h b/components/tdls/dispatcher/inc/wlan_tdls_public_structs.h index f158dfb0d5..478ff2c1a8 100644 --- a/components/tdls/dispatcher/inc/wlan_tdls_public_structs.h +++ b/components/tdls/dispatcher/inc/wlan_tdls_public_structs.h @@ -769,6 +769,7 @@ struct tdls_update_peer_params { uint8_t supported_oper_classes_len; uint8_t supported_oper_classes[WLAN_MAX_SUPP_OPER_CLASSES]; bool is_qos_wmm_sta; + bool is_pmf; }; struct tdls_update_peer_request { @@ -1302,6 +1303,7 @@ struct tdls_add_sta_req { struct vhtcap vht_cap; uint8_t uapsd_queues; uint8_t max_sp; + bool is_pmf; }; /** diff --git a/core/mac/src/pe/lim/lim_api.c b/core/mac/src/pe/lim/lim_api.c index 0c569be526..d28a4e15e3 100644 --- a/core/mac/src/pe/lim/lim_api.c +++ b/core/mac/src/pe/lim/lim_api.c @@ -636,24 +636,18 @@ static bool is_mgmt_protected(uint32_t vdev_id, return false; } - if (LIM_IS_AP_ROLE(session)) { - sta_ds = dph_lookup_hash_entry(mac_ctx, - (uint8_t *)peer_mac_addr, &aid, - &session->dph.dphHashTable); - if (sta_ds) { - /* rmfenabled will be set at the time of addbss. - * but sometimes EAP auth fails and keys are not - * installed then if we send any management frame - * like deauth/disassoc with this bit set then - * firmware crashes. so check for keys are - * installed or not also before setting the bit - */ - if (sta_ds->rmfEnabled && sta_ds->is_key_installed) - protected = true; - } - } else if (session->limRmfEnabled && - session->is_key_installed) { - protected = true; + sta_ds = dph_lookup_hash_entry(mac_ctx, (uint8_t *)peer_mac_addr, &aid, + &session->dph.dphHashTable); + if (sta_ds) { + /* rmfenabled will be set at the time of addbss. + * but sometimes EAP auth fails and keys are not + * installed then if we send any management frame + * like deauth/disassoc with this bit set then + * firmware crashes. so check for keys are + * installed or not also before setting the bit + */ + if (sta_ds->rmfEnabled && sta_ds->is_key_installed) + protected = true; } return protected; diff --git a/core/mac/src/pe/lim/lim_process_action_frame.c b/core/mac/src/pe/lim/lim_process_action_frame.c index 6d2bacadbb..3e8224b37f 100644 --- a/core/mac/src/pe/lim/lim_process_action_frame.c +++ b/core/mac/src/pe/lim/lim_process_action_frame.c @@ -1591,22 +1591,18 @@ lim_drop_unprotected_action_frame(struct mac_context *mac, struct pe_session *pe tpDphHashNode sta; bool rmfConnection = false; - if (LIM_IS_AP_ROLE(pe_session)) { - sta = - dph_lookup_hash_entry(mac, pHdr->sa, &aid, - &pe_session->dph.dphHashTable); - if (sta) - if (sta->rmfEnabled) - rmfConnection = true; - } else if (pe_session->limRmfEnabled) + sta = dph_lookup_hash_entry(mac, pHdr->sa, &aid, + &pe_session->dph.dphHashTable); + if (sta && sta->rmfEnabled) rmfConnection = true; if (rmfConnection && (pHdr->fc.wep == 0)) { pe_err("Dropping unprotected Action category: %d frame since RMF is enabled", category); return true; - } else - return false; + } + + return false; } #endif diff --git a/core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c b/core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c index 32386b32eb..aceff93b60 100644 --- a/core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c +++ b/core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c @@ -1171,13 +1171,11 @@ void lim_process_mlm_set_keys_cnf(struct mac_context *mac, uint32_t *msg_buf) if (eSIR_SME_SUCCESS == pMlmSetKeysCnf->resultCode) { if (pMlmSetKeysCnf->key_len_nonzero) pe_session->is_key_installed = 1; - if (LIM_IS_AP_ROLE(pe_session)) { - sta_ds = dph_lookup_hash_entry(mac, + sta_ds = dph_lookup_hash_entry(mac, pMlmSetKeysCnf->peer_macaddr.bytes, &aid, &pe_session->dph.dphHashTable); - if (sta_ds && pMlmSetKeysCnf->key_len_nonzero) - sta_ds->is_key_installed = 1; - } + if (sta_ds && pMlmSetKeysCnf->key_len_nonzero) + sta_ds->is_key_installed = 1; } pe_debug("is_key_installed = %d", pe_session->is_key_installed); diff --git a/core/mac/src/pe/lim/lim_process_tdls.c b/core/mac/src/pe/lim/lim_process_tdls.c index 5822870e47..620e0468cc 100644 --- a/core/mac/src/pe/lim/lim_process_tdls.c +++ b/core/mac/src/pe/lim/lim_process_tdls.c @@ -2431,6 +2431,7 @@ static void lim_tdls_update_hash_node_info(struct mac_context *mac, } else if (add_sta_req->tdls_oper == TDLS_OPER_UPDATE) { lim_tdls_populate_dot11f_ht_caps(mac, NULL, add_sta_req, &htCap); + sta->rmfEnabled = add_sta_req->is_pmf; } htCaps = &htCap; if (htCaps->present) { diff --git a/core/mac/src/pe/lim/lim_utils.c b/core/mac/src/pe/lim/lim_utils.c index 73c3c77b70..b45b1c4575 100644 --- a/core/mac/src/pe/lim/lim_utils.c +++ b/core/mac/src/pe/lim/lim_utils.c @@ -5293,24 +5293,18 @@ lim_set_protected_bit(struct mac_context *mac, uint16_t aid; tpDphHashNode sta; - if (LIM_IS_AP_ROLE(pe_session)) { - - sta = dph_lookup_hash_entry(mac, peer, &aid, - &pe_session->dph.dphHashTable); - if (sta) { - /* rmfenabled will be set at the time of addbss. - * but sometimes EAP auth fails and keys are not - * installed then if we send any management frame - * like deauth/disassoc with this bit set then - * firmware crashes. so check for keys are - * installed or not also before setting the bit - */ - if (sta->rmfEnabled && sta->is_key_installed) - pMacHdr->fc.wep = 1; - } - } else if (pe_session->limRmfEnabled && - pe_session->is_key_installed) { - pMacHdr->fc.wep = 1; + sta = dph_lookup_hash_entry(mac, peer, &aid, + &pe_session->dph.dphHashTable); + if (sta) { + /* rmfenabled will be set at the time of addbss. + * but sometimes EAP auth fails and keys are not + * installed then if we send any management frame + * like deauth/disassoc with this bit set then + * firmware crashes. so check for keys are + * installed or not also before setting the bit + */ + if (sta->rmfEnabled && sta->is_key_installed) + pMacHdr->fc.wep = 1; } } /*** end lim_set_protected_bit() ***/ #endif diff --git a/core/wma/src/wma_dev_if.c b/core/wma/src/wma_dev_if.c index 8c9640ffa3..925b8017c1 100644 --- a/core/wma/src/wma_dev_if.c +++ b/core/wma/src/wma_dev_if.c @@ -4242,6 +4242,8 @@ static void wma_add_tdls_sta(tp_wma_handle wma, tpAddStaParams add_sta) WMA_LOGD("%s: changeSta, calling wma_send_peer_assoc", __func__); + if (add_sta->rmfEnabled) + wma_set_peer_pmf_status(wma, add_sta->staMac, true); ret = wma_send_peer_assoc(wma, add_sta->nwType, add_sta); @@ -4445,6 +4447,7 @@ static void wma_add_sta_req_sta_mode(tp_wma_handle wma, tpAddStaParams params) params->supportedRates.supportedMCSSet, SIR_MAC_MAX_SUPPORTED_MCS_SET); + ret = wma_send_peer_assoc(wma, iface->nwType, (tAddStaParams *) iface->addBssStaContext); @@ -4455,8 +4458,10 @@ static void wma_add_sta_req_sta_mode(tp_wma_handle wma, tpAddStaParams params) goto out; } - if (params->rmfEnabled) + if (params->rmfEnabled) { wma_set_mgmt_frame_protection(wma); + wma_set_peer_pmf_status(wma, params->bssId, true); + } /* * Set the PTK in 11r mode because we already have it. diff --git a/os_if/tdls/src/wlan_cfg80211_tdls.c b/os_if/tdls/src/wlan_cfg80211_tdls.c index 6ce4976a86..6b270591bb 100644 --- a/os_if/tdls/src/wlan_cfg80211_tdls.c +++ b/os_if/tdls/src/wlan_cfg80211_tdls.c @@ -418,6 +418,10 @@ wlan_cfg80211_tdls_extract_params(struct tdls_update_peer_params *req_info, if (params->ht_capa || params->vht_capa || (params->sta_flags_set & BIT(NL80211_STA_FLAG_WME))) req_info->is_qos_wmm_sta = true; + if (params->sta_flags_set & BIT(NL80211_STA_FLAG_MFP)) { + osif_debug("TDLS peer pmf capable"); + req_info->is_pmf = 1; + } } int wlan_cfg80211_tdls_update_peer(struct wlan_objmgr_vdev *vdev,