From dda3f7844bf408360b3a8cee4e94afad7fb62451 Mon Sep 17 00:00:00 2001 From: Surya Prakash Sivaraj Date: Tue, 6 Dec 2022 12:26:06 +0530 Subject: [PATCH] qcacmn: Add support for AKM 24 Add support for AKM 24 Change-Id: I7bd483afbe1659c56b6708085f0bfd1e1d5dd261 CRs-Fixed: 3299891 --- os_if/linux/crypto/src/wlan_nl_to_crypto_params.c | 7 +++++++ umac/cmn_services/crypto/inc/wlan_crypto_global_def.h | 3 ++- umac/cmn_services/crypto/src/wlan_crypto_def_i.h | 1 + umac/cmn_services/crypto/src/wlan_crypto_global_api.c | 6 ++++++ umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c | 6 ++++-- umac/mlme/connection_mgr/core/src/wlan_cm_connect.c | 5 ++++- 6 files changed, 24 insertions(+), 4 deletions(-) diff --git a/os_if/linux/crypto/src/wlan_nl_to_crypto_params.c b/os_if/linux/crypto/src/wlan_nl_to_crypto_params.c index 3135fa2b15..9618ab16b2 100644 --- a/os_if/linux/crypto/src/wlan_nl_to_crypto_params.c +++ b/os_if/linux/crypto/src/wlan_nl_to_crypto_params.c @@ -197,6 +197,13 @@ static const struct osif_akm_type_crypto_mapping .akm_suite = WLAN_AKM_SUITE_DPP, .akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_DPP, }, + { +#ifndef WLAN_AKM_SUITE_SAE_EXT_KEY +#define WLAN_AKM_SUITE_SAE_EXT_KEY 0x000FAC18 +#endif + .akm_suite = WLAN_AKM_SUITE_SAE_EXT_KEY, + .akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY, + }, }; /* mapping table for cipher type received from NL and crypto cipher type */ diff --git a/umac/cmn_services/crypto/inc/wlan_crypto_global_def.h b/umac/cmn_services/crypto/inc/wlan_crypto_global_def.h index 219f9f9843..98ee8d4e83 100644 --- a/umac/cmn_services/crypto/inc/wlan_crypto_global_def.h +++ b/umac/cmn_services/crypto/inc/wlan_crypto_global_def.h @@ -258,6 +258,7 @@ typedef enum wlan_crypto_key_mgmt { WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384 = 24, WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384 = 25, WLAN_CRYPTO_KEY_MGMT_PSK_SHA384 = 26, + WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY = 27, /** Keep WLAN_CRYPTO_KEY_MGMT_MAX at the end. */ WLAN_CRYPTO_KEY_MGMT_MAX, } wlan_crypto_key_mgmt; @@ -274,7 +275,7 @@ enum wlan_crypto_key_type { #define DEFAULT_KEYMGMT_6G_MASK 0xFFFFFFFF /* AKM wlan_crypto_key_mgmt 1, 6, 8, 25 and 26 are not allowed. */ -#define ALLOWED_KEYMGMT_6G_MASK 0x01FFFEBD +#define ALLOWED_KEYMGMT_6G_MASK 0x09FFFEBD /* * enum fils_erp_cryptosuite: this enum defines the cryptosuites used diff --git a/umac/cmn_services/crypto/src/wlan_crypto_def_i.h b/umac/cmn_services/crypto/src/wlan_crypto_def_i.h index e68921e897..f41ae58a10 100644 --- a/umac/cmn_services/crypto/src/wlan_crypto_def_i.h +++ b/umac/cmn_services/crypto/src/wlan_crypto_def_i.h @@ -209,6 +209,7 @@ static inline void wlan_crypto_put_be64(u8 *a, u64 val) #define RSN_AUTH_KEY_MGMT_OWE WLAN_RSN_SEL(18) #define RSN_AUTH_KEY_MGMT_FT_PSK_SHA384 WLAN_RSN_SEL(19) #define RSN_AUTH_KEY_MGMT_PSK_SHA384 WLAN_RSN_SEL(20) +#define RSN_AUTH_KEY_MGMT_SAE_EXT_KEY WLAN_RSN_SEL(24) #define RSN_AUTH_KEY_MGMT_CCKM (WLAN_RSN_CCKM_AKM) #define RSN_AUTH_KEY_MGMT_OSEN (0x019a6f50) diff --git a/umac/cmn_services/crypto/src/wlan_crypto_global_api.c b/umac/cmn_services/crypto/src/wlan_crypto_global_api.c index c1284abb8d..6aea0d78d4 100644 --- a/umac/cmn_services/crypto/src/wlan_crypto_global_api.c +++ b/umac/cmn_services/crypto/src/wlan_crypto_global_api.c @@ -2598,6 +2598,8 @@ wlan_crypto_rsn_keymgmt_to_suite(uint32_t keymgmt) return RSN_AUTH_KEY_MGMT_DPP; case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384: return RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384; + case WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY: + return RSN_AUTH_KEY_MGMT_SAE_EXT_KEY; } return status; @@ -3252,6 +3254,10 @@ uint8_t *wlan_crypto_build_rsnie_with_pmksa(struct wlan_objmgr_vdev *vdev, selcnt[0]++; RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_OSEN); } + if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) { + selcnt[0]++; + RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY); + } if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) { uint32_t kmgmt = WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384; diff --git a/umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c b/umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c index ddd3870fb6..5f00fbdad7 100644 --- a/umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c +++ b/umac/mlme/connection_mgr/core/src/wlan_cm_bss_scoring.c @@ -528,7 +528,8 @@ static int32_t cm_calculate_security_score(struct scoring_cfg *score_config, QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_OWE) || QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_DPP) || QDF_HAS_PARAM(key_mgmt, - WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) { + WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384) || + QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) { /*If security is WPA3, consider score_pct = 100%*/ score_pct = CM_GET_SCORE_PERCENTAGE( score_config->security_weight_per_index, @@ -2488,7 +2489,8 @@ bool wlan_cm_6ghz_allowed_for_akm(struct wlan_objmgr_psoc *psoc, /* for SAE we need to check H2E support */ if (!(QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE) || - QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE))) + QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE) || + QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY))) return true; return (cm_check_h2e_support(rsnxe) || diff --git a/umac/mlme/connection_mgr/core/src/wlan_cm_connect.c b/umac/mlme/connection_mgr/core/src/wlan_cm_connect.c index 6c53092bc6..ccd94b46eb 100644 --- a/umac/mlme/connection_mgr/core/src/wlan_cm_connect.c +++ b/umac/mlme/connection_mgr/core/src/wlan_cm_connect.c @@ -891,7 +891,8 @@ static bool cm_is_retry_with_same_candidate(struct cnx_mgr *cm_ctx, * AP has reconnect on assoc timeout OUI. */ sae_connection = key_mgmt & (1 << WLAN_CRYPTO_KEY_MGMT_SAE | - 1 << WLAN_CRYPTO_KEY_MGMT_FT_SAE); + 1 << WLAN_CRYPTO_KEY_MGMT_FT_SAE | + 1 << WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY); if (resp->reason == CM_ASSOC_TIMEOUT && (sae_connection || (mlme_get_reconn_after_assoc_timeout_flag(psoc, resp->vdev_id)))) { /* For SAE use max retry count from INI */ @@ -1940,6 +1941,8 @@ void cm_update_per_peer_key_mgmt_crypto_params(struct wlan_objmgr_vdev *vdev, */ if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_FT_SAE)) QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE); + else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) + QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY); else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE)) QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE); else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B))