Halaman utama Jelajahi Bantuan
Masuk
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Jelajahi Sumber

qcacld-3.0: Drop duplicate auth/assoc frames

Currently duplicate authentication frames are dropped if the
sequence number is same previously processed auth frame and retry
bit is set. To stop the flooding of auth frames with same sequence
number, check the previous seq number stored on the preauth node
and drop if the frame is a duplicate.

Currently, for PMF-capable peers the duplicate assoc request
frames are getting processed before the key is plumbed because
the is_key_installed flag is not reset properly before assigning
the dp hash node to a new sta. Therefore, reset the is_key_installed
flag for every new dp hash node addition.

Change-Id: Id035a5ba5ffe9b745361956d05496f9905bf2526
CRs-Fixed: 3155517
Surya Prakash Sivaraj 3 tahun lalu
induk
e7954e4083
melakukan
d3334169ee
2 mengubah file dengan 10 tambahan dan 1 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 2 0
      core/mac/src/dph/dph_hash_table.c
  2. 8 1
      core/mac/src/pe/lim/lim_process_auth_frame.c

+ 2 - 0
core/mac/src/dph/dph_hash_table.c
Tampilan Berkas 

@@ -1,5 +1,6 @@
 
 /*
 
  * Copyright (c) 2012-2020 The Linux Foundation. All rights reserved.
 
+ * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
 
  *
 
  * Permission to use, copy, modify, and/or distribute this software for
 
  * any purpose with or without fee is hereby granted, provided that the
 
@@ -198,6 +199,7 @@ tpDphHashNode dph_init_sta_state(struct mac_context *mac, tSirMacAddr staAddr,
 
 	sta->is_disassoc_deauth_in_progress = 0;
 
 	sta->sta_deletion_in_progress = false;
 
 	sta->valid = 1;
 
+	sta->is_key_installed = 0;
 
 	return sta;
 
 }

+ 8 - 1
core/mac/src/pe/lim/lim_process_auth_frame.c
Tampilan Berkas 

@@ -1396,6 +1396,14 @@ lim_process_auth_frame(struct mac_context *mac_ctx, uint8_t *rx_pkt_info,
 
 		return;
 
 	}
 
 
+	/* Duplicate Auth frame from peer */
 
+	auth_node = lim_search_pre_auth_list(mac_ctx, mac_hdr->sa);
 
+	if (auth_node && (auth_node->seq_num == curr_seq_num)) {
 
+		pe_err("Received an already processed auth frame with seq_num : %d",
 
+		       curr_seq_num);
 
+		return;
 
+	}
 
+
 
 	/* save seq number and mac_addr in pe_session */
 
 	pe_session->prev_auth_seq_num = curr_seq_num;
 
 	qdf_mem_copy(pe_session->prev_auth_mac_addr, mac_hdr->sa, ETH_ALEN);
 
@@ -1527,7 +1535,6 @@ lim_process_auth_frame(struct mac_context *mac_ctx, uint8_t *rx_pkt_info,
 
 		 * Authentication frame3 and there is a context for requesting
 
 		 * STA. If not, reject with unspecified failure status code
 
 		 */
 
-		auth_node = lim_search_pre_auth_list(mac_ctx, mac_hdr->sa);
 
 		if (!auth_node) {
 
 			pe_err("rx Auth frame with no preauth ctx with WEP bit set "
 
 				QDF_MAC_ADDR_FMT,