2 سال پیش · dda3f7844b
--- a/os_if/linux/crypto/src/wlan_nl_to_crypto_params.c
+++ b/os_if/linux/crypto/src/wlan_nl_to_crypto_params.c
@@ -197,6 +197,13 @@ static const struct osif_akm_type_crypto_mapping
 
				 		.akm_suite = WLAN_AKM_SUITE_DPP,
			
 
				 		.akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_DPP,
			
 
				 	},
			
 
				+	{
			
 
				+#ifndef WLAN_AKM_SUITE_SAE_EXT_KEY
			
 
				+#define WLAN_AKM_SUITE_SAE_EXT_KEY 0x000FAC18
			
 
				+#endif
			
 
				+		.akm_suite = WLAN_AKM_SUITE_SAE_EXT_KEY,
			
 
				+		.akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY,
			
 
				+	},
			
 
				 };
			
 
				 
			
 
				 /* mapping table for cipher type received from NL and crypto cipher type */
			
--- a/umac/cmn_services/crypto/inc/wlan_crypto_global_def.h
+++ b/umac/cmn_services/crypto/inc/wlan_crypto_global_def.h
@@ -258,6 +258,7 @@ typedef enum wlan_crypto_key_mgmt {
 
				 	WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384   = 24,
			
 
				 	WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384         = 25,
			
 
				 	WLAN_CRYPTO_KEY_MGMT_PSK_SHA384            = 26,
			
 
				+	WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY           = 27,
			
 
				 	/** Keep WLAN_CRYPTO_KEY_MGMT_MAX at the end. */
			
 
				 	WLAN_CRYPTO_KEY_MGMT_MAX,
			
 
				 } wlan_crypto_key_mgmt;
			
@@ -274,7 +275,7 @@ enum wlan_crypto_key_type {
 
				 #define DEFAULT_KEYMGMT_6G_MASK 0xFFFFFFFF
			
 
				 
			
 
				 /* AKM wlan_crypto_key_mgmt 1, 6, 8, 25 and 26 are not allowed. */
			
 
				-#define ALLOWED_KEYMGMT_6G_MASK 0x01FFFEBD
			
 
				+#define ALLOWED_KEYMGMT_6G_MASK 0x09FFFEBD
			
 
				 
			
 
				 /*
			
 
				  * enum fils_erp_cryptosuite: this enum defines the cryptosuites used
			
--- a/umac/cmn_services/crypto/src/wlan_crypto_def_i.h
+++ b/umac/cmn_services/crypto/src/wlan_crypto_def_i.h
@@ -209,6 +209,7 @@ static inline void wlan_crypto_put_be64(u8 *a, u64 val)
 
				 #define RSN_AUTH_KEY_MGMT_OWE           WLAN_RSN_SEL(18)
			
 
				 #define RSN_AUTH_KEY_MGMT_FT_PSK_SHA384 WLAN_RSN_SEL(19)
			
 
				 #define RSN_AUTH_KEY_MGMT_PSK_SHA384    WLAN_RSN_SEL(20)
			
 
				+#define RSN_AUTH_KEY_MGMT_SAE_EXT_KEY   WLAN_RSN_SEL(24)
			
 
				 
			
 
				 #define RSN_AUTH_KEY_MGMT_CCKM          (WLAN_RSN_CCKM_AKM)
			
 
				 #define RSN_AUTH_KEY_MGMT_OSEN          (0x019a6f50)
			
--- a/umac/cmn_services/crypto/src/wlan_crypto_global_api.c
+++ b/umac/cmn_services/crypto/src/wlan_crypto_global_api.c
@@ -2598,6 +2598,8 @@ wlan_crypto_rsn_keymgmt_to_suite(uint32_t keymgmt)
 
				 		return RSN_AUTH_KEY_MGMT_DPP;
			
 
				 	case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384:
			
 
				 		return RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384;
			
 
				+	case WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY:
			
 
				+		return RSN_AUTH_KEY_MGMT_SAE_EXT_KEY;
			
 
				 	}
			
 
				 
			
 
				 	return status;
			
@@ -3252,6 +3254,10 @@ uint8_t *wlan_crypto_build_rsnie_with_pmksa(struct wlan_objmgr_vdev *vdev,
 
				 		selcnt[0]++;
			
 
				 		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_OSEN);
			
 
				 	}
			
 
				+	if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) {
			
 
				+		selcnt[0]++;
			
 
				+		RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
			
 
				+	}
			
 
				 	if (HAS_KEY_MGMT(crypto_params,
			
 
				 			 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) {
			
 
				 		uint32_t kmgmt = WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384;
			
--- a/umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c
+++ b/umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c
@@ -528,7 +528,8 @@ static int32_t cm_calculate_security_score(struct scoring_cfg *score_config,
 
				 		    QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_OWE) ||
			
 
				 		    QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_DPP) ||
			
 
				 		    QDF_HAS_PARAM(key_mgmt,
			
 
				-				  WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) {
			
 
				+				  WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384) ||
			
 
				+		    QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) {
			
 
				 			/*If security is WPA3, consider score_pct = 100%*/
			
 
				 			score_pct = CM_GET_SCORE_PERCENTAGE(
			
 
				 					score_config->security_weight_per_index,
			
@@ -2488,7 +2489,8 @@ bool wlan_cm_6ghz_allowed_for_akm(struct wlan_objmgr_psoc *psoc,
 
				 
			
 
				 	/* for SAE we need to check H2E support */
			
 
				 	if (!(QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE) ||
			
 
				-	    QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE)))
			
 
				+	    QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE) ||
			
 
				+	    QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)))
			
 
				 		return true;
			
 
				 
			
 
				 	return (cm_check_h2e_support(rsnxe) ||
			
--- a/umac/mlme/connection_mgr/core/src/wlan_cm_connect.c
+++ b/umac/mlme/connection_mgr/core/src/wlan_cm_connect.c
@@ -891,7 +891,8 @@ static bool cm_is_retry_with_same_candidate(struct cnx_mgr *cm_ctx,
 
				 	 * AP has reconnect on assoc timeout OUI.
			
 
				 	 */
			
 
				 	sae_connection = key_mgmt & (1 << WLAN_CRYPTO_KEY_MGMT_SAE |
			
 
				-				     1 << WLAN_CRYPTO_KEY_MGMT_FT_SAE);
			
 
				+				     1 << WLAN_CRYPTO_KEY_MGMT_FT_SAE |
			
 
				+				     1 << WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
			
 
				 	if (resp->reason == CM_ASSOC_TIMEOUT && (sae_connection ||
			
 
				 	    (mlme_get_reconn_after_assoc_timeout_flag(psoc, resp->vdev_id)))) {
			
 
				 		/* For SAE use max retry count from INI */
			
@@ -1940,6 +1941,8 @@ void cm_update_per_peer_key_mgmt_crypto_params(struct wlan_objmgr_vdev *vdev,
 
				 	 */
			
 
				 	if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_FT_SAE))
			
 
				 		QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE);
			
 
				+	else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY))
			
 
				+		QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
			
 
				 	else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE))
			
 
				 		QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE);
			
 
				 	else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B))