qcacmn: Add support for AKM 24
Add support for AKM 24 Change-Id: I7bd483afbe1659c56b6708085f0bfd1e1d5dd261 CRs-Fixed: 3299891
This commit is contained in:
Surya Prakash Sivaraj
committed by
Madan Koyyalamudi
Madan Koyyalamudi
parent
2be3e823e2
commit
dda3f7844b
@@ -197,6 +197,13 @@ static const struct osif_akm_type_crypto_mapping
|
|||||||
.akm_suite = WLAN_AKM_SUITE_DPP,
|
.akm_suite = WLAN_AKM_SUITE_DPP,
|
||||||
.akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_DPP,
|
.akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_DPP,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
#ifndef WLAN_AKM_SUITE_SAE_EXT_KEY
|
||||||
|
#define WLAN_AKM_SUITE_SAE_EXT_KEY 0x000FAC18
|
||||||
|
#endif
|
||||||
|
.akm_suite = WLAN_AKM_SUITE_SAE_EXT_KEY,
|
||||||
|
.akm_type_crypto = WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
/* mapping table for cipher type received from NL and crypto cipher type */
|
/* mapping table for cipher type received from NL and crypto cipher type */
|
||||||
|
|||||||
@@ -258,6 +258,7 @@ typedef enum wlan_crypto_key_mgmt {
|
|||||||
WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384 = 24,
|
WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384 = 24,
|
||||||
WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384 = 25,
|
WLAN_CRYPTO_KEY_MGMT_FT_PSK_SHA384 = 25,
|
||||||
WLAN_CRYPTO_KEY_MGMT_PSK_SHA384 = 26,
|
WLAN_CRYPTO_KEY_MGMT_PSK_SHA384 = 26,
|
||||||
|
WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY = 27,
|
||||||
/** Keep WLAN_CRYPTO_KEY_MGMT_MAX at the end. */
|
/** Keep WLAN_CRYPTO_KEY_MGMT_MAX at the end. */
|
||||||
WLAN_CRYPTO_KEY_MGMT_MAX,
|
WLAN_CRYPTO_KEY_MGMT_MAX,
|
||||||
} wlan_crypto_key_mgmt;
|
} wlan_crypto_key_mgmt;
|
||||||
@@ -274,7 +275,7 @@ enum wlan_crypto_key_type {
|
|||||||
#define DEFAULT_KEYMGMT_6G_MASK 0xFFFFFFFF
|
#define DEFAULT_KEYMGMT_6G_MASK 0xFFFFFFFF
|
||||||
|
|
||||||
/* AKM wlan_crypto_key_mgmt 1, 6, 8, 25 and 26 are not allowed. */
|
/* AKM wlan_crypto_key_mgmt 1, 6, 8, 25 and 26 are not allowed. */
|
||||||
#define ALLOWED_KEYMGMT_6G_MASK 0x01FFFEBD
|
#define ALLOWED_KEYMGMT_6G_MASK 0x09FFFEBD
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* enum fils_erp_cryptosuite: this enum defines the cryptosuites used
|
* enum fils_erp_cryptosuite: this enum defines the cryptosuites used
|
||||||
|
|||||||
@@ -209,6 +209,7 @@ static inline void wlan_crypto_put_be64(u8 *a, u64 val)
|
|||||||
#define RSN_AUTH_KEY_MGMT_OWE WLAN_RSN_SEL(18)
|
#define RSN_AUTH_KEY_MGMT_OWE WLAN_RSN_SEL(18)
|
||||||
#define RSN_AUTH_KEY_MGMT_FT_PSK_SHA384 WLAN_RSN_SEL(19)
|
#define RSN_AUTH_KEY_MGMT_FT_PSK_SHA384 WLAN_RSN_SEL(19)
|
||||||
#define RSN_AUTH_KEY_MGMT_PSK_SHA384 WLAN_RSN_SEL(20)
|
#define RSN_AUTH_KEY_MGMT_PSK_SHA384 WLAN_RSN_SEL(20)
|
||||||
|
#define RSN_AUTH_KEY_MGMT_SAE_EXT_KEY WLAN_RSN_SEL(24)
|
||||||
|
|
||||||
#define RSN_AUTH_KEY_MGMT_CCKM (WLAN_RSN_CCKM_AKM)
|
#define RSN_AUTH_KEY_MGMT_CCKM (WLAN_RSN_CCKM_AKM)
|
||||||
#define RSN_AUTH_KEY_MGMT_OSEN (0x019a6f50)
|
#define RSN_AUTH_KEY_MGMT_OSEN (0x019a6f50)
|
||||||
|
|||||||
@@ -2598,6 +2598,8 @@ wlan_crypto_rsn_keymgmt_to_suite(uint32_t keymgmt)
|
|||||||
return RSN_AUTH_KEY_MGMT_DPP;
|
return RSN_AUTH_KEY_MGMT_DPP;
|
||||||
case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384:
|
case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384:
|
||||||
return RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384;
|
return RSN_AUTH_KEY_MGMT_FT_802_1X_SUITE_B_384;
|
||||||
|
case WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY:
|
||||||
|
return RSN_AUTH_KEY_MGMT_SAE_EXT_KEY;
|
||||||
}
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
@@ -3252,6 +3254,10 @@ uint8_t *wlan_crypto_build_rsnie_with_pmksa(struct wlan_objmgr_vdev *vdev,
|
|||||||
selcnt[0]++;
|
selcnt[0]++;
|
||||||
RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_OSEN);
|
RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_OSEN);
|
||||||
}
|
}
|
||||||
|
if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) {
|
||||||
|
selcnt[0]++;
|
||||||
|
RSN_ADD_KEYMGMT_TO_SUITE(frm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
|
||||||
|
}
|
||||||
if (HAS_KEY_MGMT(crypto_params,
|
if (HAS_KEY_MGMT(crypto_params,
|
||||||
WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) {
|
WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) {
|
||||||
uint32_t kmgmt = WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384;
|
uint32_t kmgmt = WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384;
|
||||||
|
|||||||
@@ -528,7 +528,8 @@ static int32_t cm_calculate_security_score(struct scoring_cfg *score_config,
|
|||||||
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_OWE) ||
|
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_OWE) ||
|
||||||
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_DPP) ||
|
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_DPP) ||
|
||||||
QDF_HAS_PARAM(key_mgmt,
|
QDF_HAS_PARAM(key_mgmt,
|
||||||
WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384)) {
|
WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X_SHA384) ||
|
||||||
|
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)) {
|
||||||
/*If security is WPA3, consider score_pct = 100%*/
|
/*If security is WPA3, consider score_pct = 100%*/
|
||||||
score_pct = CM_GET_SCORE_PERCENTAGE(
|
score_pct = CM_GET_SCORE_PERCENTAGE(
|
||||||
score_config->security_weight_per_index,
|
score_config->security_weight_per_index,
|
||||||
@@ -2488,7 +2489,8 @@ bool wlan_cm_6ghz_allowed_for_akm(struct wlan_objmgr_psoc *psoc,
|
|||||||
|
|
||||||
/* for SAE we need to check H2E support */
|
/* for SAE we need to check H2E support */
|
||||||
if (!(QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE) ||
|
if (!(QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE) ||
|
||||||
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE)))
|
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE) ||
|
||||||
|
QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY)))
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
return (cm_check_h2e_support(rsnxe) ||
|
return (cm_check_h2e_support(rsnxe) ||
|
||||||
|
|||||||
@@ -891,7 +891,8 @@ static bool cm_is_retry_with_same_candidate(struct cnx_mgr *cm_ctx,
|
|||||||
* AP has reconnect on assoc timeout OUI.
|
* AP has reconnect on assoc timeout OUI.
|
||||||
*/
|
*/
|
||||||
sae_connection = key_mgmt & (1 << WLAN_CRYPTO_KEY_MGMT_SAE |
|
sae_connection = key_mgmt & (1 << WLAN_CRYPTO_KEY_MGMT_SAE |
|
||||||
1 << WLAN_CRYPTO_KEY_MGMT_FT_SAE);
|
1 << WLAN_CRYPTO_KEY_MGMT_FT_SAE |
|
||||||
|
1 << WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
|
||||||
if (resp->reason == CM_ASSOC_TIMEOUT && (sae_connection ||
|
if (resp->reason == CM_ASSOC_TIMEOUT && (sae_connection ||
|
||||||
(mlme_get_reconn_after_assoc_timeout_flag(psoc, resp->vdev_id)))) {
|
(mlme_get_reconn_after_assoc_timeout_flag(psoc, resp->vdev_id)))) {
|
||||||
/* For SAE use max retry count from INI */
|
/* For SAE use max retry count from INI */
|
||||||
@@ -1940,6 +1941,8 @@ void cm_update_per_peer_key_mgmt_crypto_params(struct wlan_objmgr_vdev *vdev,
|
|||||||
*/
|
*/
|
||||||
if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_FT_SAE))
|
if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_FT_SAE))
|
||||||
QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE);
|
QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE);
|
||||||
|
else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY))
|
||||||
|
QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE_EXT_KEY);
|
||||||
else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE))
|
else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_SAE))
|
||||||
QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE);
|
QDF_SET_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE);
|
||||||
else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B))
|
else if (QDF_HAS_PARAM(neg_akm, WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B))
|
||||||
|
|||||||
Reference in New Issue
Block a user