qcacld-3.0: Save RSN auth type for RSN association

Save RSN auth type in related context for RSN assocoation.
Some OWE specific operation need to be done according to
this RSN auth type since we cannot tell if a STA / SAP is OWE,
WPA2 or OPEN by its auth type OPEN.

Change-Id: I17dd72c7adf1c663725ac58ce263f4408d9c967b
CRs-Fixed: 2396885

core/hdd/src/wlan_hdd_hostapd.c

@@ -2661,14 +2661,14 @@ stopbss:
 static int hdd_softap_unpack_ie(mac_handle_t mac_handle,
 				eCsrEncryptionType *pEncryptType,
 				eCsrEncryptionType *mcEncryptType,
-				eCsrAuthType *pAuthType,
+				tCsrAuthList *akm_list,
 				bool *pMFPCapable,
 				bool *pMFPRequired,
 				uint16_t gen_ie_len, uint8_t *gen_ie)
 {
 	uint32_t ret;
 	uint8_t *pRsnIe;
-	uint16_t RSNIeLen;
+	uint16_t RSNIeLen, i;
 	tDot11fIERSN dot11RSNIE = {0};
 	tDot11fIEWPA dot11WPAIE = {0};
 
@@ -2705,13 +2705,13 @@ static int hdd_softap_unpack_ie(mac_handle_t mac_handle,
 		hdd_debug("authentication suite count: %d",
 		       dot11RSNIE.akm_suite_cnt);
 		/*
-		 * Here we have followed the apple base code,
-		 * but probably I suspect we can do something different
-		 * dot11RSNIE.akm_suite_cnt
-		 * Just translate the FIRST one
+		 * Translate akms in akm suite
 		 */
-		*pAuthType =
-		    hdd_translate_rsn_to_csr_auth_type(dot11RSNIE.akm_suite[0]);
+		for (i = 0; i < dot11RSNIE.akm_suite_cnt; i++)
+			akm_list->authType[i] =
+				hdd_translate_rsn_to_csr_auth_type(
+						       dot11RSNIE.akm_suite[i]);
+		akm_list->numEntries = dot11RSNIE.akm_suite_cnt;
 		/* dot11RSNIE.pwise_cipher_suite_count */
 		*pEncryptType =
 			hdd_translate_rsn_to_csr_encryption_type(dot11RSNIE.
@@ -2747,9 +2747,14 @@ static int hdd_softap_unpack_ie(mac_handle_t mac_handle,
 		hdd_debug("WPA authentication suite count: %d",
 		       dot11WPAIE.auth_suite_count);
 		/* dot11WPAIE.auth_suite_count */
-		/* Just translate the FIRST one */
-		*pAuthType =
-			hdd_translate_wpa_to_csr_auth_type(dot11WPAIE.auth_suites[0]);
+		/*
+		 * Translate akms in akm suite
+		 */
+		for (i = 0; i < dot11WPAIE.auth_suite_count; i++)
+			akm_list->authType[i] =
+				hdd_translate_wpa_to_csr_auth_type(
+						     dot11WPAIE.auth_suites[i]);
+		akm_list->numEntries = dot11WPAIE.auth_suite_count;
 		/* dot11WPAIE.unicast_cipher_count */
 		*pEncryptType =
 			hdd_translate_wpa_to_csr_encryption_type(dot11WPAIE.
@@ -4862,7 +4867,6 @@ int wlan_hdd_cfg80211_start_bss(struct hdd_adapter *adapter,
 	struct ieee80211_mgmt mgmt;
 	const uint8_t *pIe = NULL;
 	uint16_t capab_info, ap_prot = cfg_default(CFG_AP_PROTECTION_MODE);
-	eCsrAuthType RSNAuthType;
 	eCsrEncryptionType RSNEncryptType;
 	eCsrEncryptionType mcRSNEncryptType;
 	int status = QDF_STATUS_SUCCESS, ret;
@@ -4871,6 +4875,7 @@ int wlan_hdd_cfg80211_start_bss(struct hdd_adapter *adapter,
 	struct hdd_hostapd_state *hostapd_state;
 	mac_handle_t mac_handle;
 	int32_t i;
+	uint32_t ii;
 	struct hdd_config *iniConfig;
 	struct hdd_context *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
 	uint8_t mcc_to_scc_switch = 0, conc_rule1 = 0;
@@ -5231,7 +5236,8 @@ int wlan_hdd_cfg80211_start_bss(struct hdd_adapter *adapter,
 			hdd_softap_unpack_ie(cds_get_context
 						     (QDF_MODULE_ID_SME),
 					     &RSNEncryptType, &mcRSNEncryptType,
-					     &RSNAuthType, &MFPCapable,
+					     &pConfig->akm_list,
+					     &MFPCapable,
 					     &MFPRequired,
 					     pConfig->RSNWPAReqIE[1] + 2,
 					     pConfig->RSNWPAReqIE);
@@ -5244,8 +5250,14 @@ int wlan_hdd_cfg80211_start_bss(struct hdd_adapter *adapter,
 			pConfig->mcRSNEncryptType = mcRSNEncryptType;
 			(WLAN_HDD_GET_AP_CTX_PTR(adapter))->
 			encryption_type = RSNEncryptType;
-			hdd_debug("CSR AuthType = %d, EncryptionType = %d mcEncryptionType = %d",
-			       RSNAuthType, RSNEncryptType, mcRSNEncryptType);
+			hdd_debug("CSR EncryptionType = %d mcEncryptionType = %d",
+				  RSNEncryptType, mcRSNEncryptType);
+			hdd_debug("CSR AKM Suites %d",
+				  pConfig->akm_list.numEntries);
+			for (ii = 0; ii < pConfig->akm_list.numEntries;
+			     ii++)
+				hdd_debug("CSR AKM Suite [%d] = %d", ii,
+					  pConfig->akm_list.authType[ii]);
 		}
 	}
 
@@ -5276,7 +5288,8 @@ int wlan_hdd_cfg80211_start_bss(struct hdd_adapter *adapter,
 			status = hdd_softap_unpack_ie
 					(cds_get_context(QDF_MODULE_ID_SME),
 					 &RSNEncryptType,
-					 &mcRSNEncryptType, &RSNAuthType,
+					 &mcRSNEncryptType,
+					 &pConfig->akm_list,
 					 &MFPCapable, &MFPRequired,
 					 pConfig->RSNWPAReqIE[1] + 2,
 					 pConfig->RSNWPAReqIE);
@@ -5290,9 +5303,15 @@ int wlan_hdd_cfg80211_start_bss(struct hdd_adapter *adapter,
 				pConfig->mcRSNEncryptType = mcRSNEncryptType;
 				(WLAN_HDD_GET_AP_CTX_PTR(adapter))->
 				encryption_type = RSNEncryptType;
-				hdd_debug("CSR AuthType = %d, EncryptionType = %d mcEncryptionType = %d",
-				       RSNAuthType, RSNEncryptType,
-				       mcRSNEncryptType);
+				hdd_debug("CSR EncryptionType = %d mcEncryptionType = %d",
+					  RSNEncryptType, mcRSNEncryptType);
+				hdd_debug("CSR AKM Suites %d",
+					  pConfig->akm_list.numEntries);
+				for (ii = 0; ii < pConfig->akm_list.numEntries;
+				     ii++)
+					hdd_debug("CSR AKM Suite [%d] = %d", ii,
+						  pConfig->akm_list.
+						  authType[ii]);
 			}
 		}
 	}

core/mac/inc/ani_system_defs.h

@@ -67,6 +67,37 @@ typedef enum eAniAuthType {
 	eSIR_DONOT_USE_AUTH_TYPE = SIR_MAX_ENUM_SIZE
 } tAniAuthType;
 
+enum ani_akm_type {
+	ANI_AKM_TYPE_NONE,
+	ANI_AKM_TYPE_RSN,
+	ANI_AKM_TYPE_RSN_PSK,
+	ANI_AKM_TYPE_FT_RSN,
+	ANI_AKM_TYPE_FT_RSN_PSK,
+	ANI_AKM_TYPE_RSN_PSK_SHA256,
+	ANI_AKM_TYPE_RSN_8021X_SHA256,
+#ifdef WLAN_FEATURE_SAE
+	ANI_AKM_TYPE_SAE,
+	ANI_AKM_TYPE_FT_SAE,
+#endif
+	ANI_AKM_TYPE_SUITEB_EAP_SHA256,
+	ANI_AKM_TYPE_SUITEB_EAP_SHA384,
+	ANI_AKM_TYPE_FT_SUITEB_EAP_SHA384,
+	ANI_AKM_TYPE_FILS_SHA256,
+	ANI_AKM_TYPE_FILS_SHA384,
+	ANI_AKM_TYPE_FT_FILS_SHA256,
+	ANI_AKM_TYPE_FT_FILS_SHA384,
+	ANI_AKM_TYPE_OWE,
+#ifdef FEATURE_WLAN_ESE
+	ANI_AKM_TYPE_CCKM,
+#endif
+	ANI_AKM_TYPE_OSEN,
+	ANI_AKM_TYPE_DPP_RSN,
+	ANI_AKM_TYPE_WPA,
+	ANI_AKM_TYPE_WPA_PSK,
+	ANI_NUM_OF_SUPPORT_AKM_TYPE,
+	ANI_AKM_TYPE_UNKNOWN = 0xff,
+};
+
 /* / Encryption type enum used with peer */
 typedef enum eAniEdType {
 	eSIR_ED_NONE,

core/mac/inc/sir_api.h

@@ -1084,6 +1084,7 @@ struct assoc_ind {
 	tSirMacAddr bssId;      /* Self BSSID */
 	uint16_t staId;         /* Station ID for peer */
 	tAniAuthType authType;
+	enum ani_akm_type akm_type;
 	tAniSSID ssId;          /* SSID used by STA to associate */
 	tSirWAPIie wapiIE;      /* WAPI IE received from peer */
 	tSirRSNie rsnIE;        /* RSN IE received from peer */

core/mac/src/pe/include/lim_api.h

@@ -390,5 +390,13 @@ QDF_STATUS lim_update_ext_cap_ie(struct mac_context *mac_ctx,
 void lim_handle_sap_beacon(struct wlan_objmgr_pdev *pdev,
 					struct scan_cache_entry *scan_entry);
 
+/**
+ * lim_translate_rsn_oui_to_akm_type() - translate RSN OUI to AKM type
+ * @auth_suite: auth suite
+ *
+ * Return: AKM type
+ */
+enum ani_akm_type lim_translate_rsn_oui_to_akm_type(uint8_t auth_suite[4]);
+
 /************************************************************/
 #endif /* __LIM_API_H */

core/mac/src/pe/include/lim_global.h

@@ -241,7 +241,8 @@ typedef struct tLimPreAuthTable {
 /* / Per STA context structure definition */
 typedef struct sLimMlmStaContext {
 	tLimMlmStates mlmState;
-	tAniAuthType authType;
+	tAniAuthType authType;		/* auth algo in auth frame */
+	enum ani_akm_type akm_type;	/* akm in rsn/wpa ie */
 	uint16_t listenInterval;
 	tSirMacCapabilityInfo capabilityInfo;
 	tSirMacReasonCodes disassocReason;

core/mac/src/pe/lim/lim_api.c

@@ -2658,3 +2658,59 @@ QDF_STATUS lim_update_ext_cap_ie(struct mac_context *mac_ctx,
 	(*local_ie_len) += driver_ext_cap.num_bytes;
 	return QDF_STATUS_SUCCESS;
 }
+
+#define LIM_RSN_OUI_SIZE 4
+
+struct rsn_oui_akm_type_map {
+	enum ani_akm_type akm_type;
+	uint8_t rsn_oui[LIM_RSN_OUI_SIZE];
+};
+
+static const struct rsn_oui_akm_type_map rsn_oui_akm_type_mapping_table[] = {
+	{ANI_AKM_TYPE_RSN,                  {0x00, 0x0F, 0xAC, 0x01} },
+	{ANI_AKM_TYPE_RSN_PSK,              {0x00, 0x0F, 0xAC, 0x02} },
+	{ANI_AKM_TYPE_FT_RSN,               {0x00, 0x0F, 0xAC, 0x03} },
+	{ANI_AKM_TYPE_FT_RSN_PSK,           {0x00, 0x0F, 0xAC, 0x04} },
+	{ANI_AKM_TYPE_RSN_8021X_SHA256,     {0x00, 0x0F, 0xAC, 0x05} },
+	{ANI_AKM_TYPE_RSN_PSK_SHA256,       {0x00, 0x0F, 0xAC, 0x06} },
+#ifdef WLAN_FEATURE_SAE
+	{ANI_AKM_TYPE_SAE,                  {0x00, 0x0F, 0xAC, 0x08} },
+	{ANI_AKM_TYPE_FT_SAE,               {0x00, 0x0F, 0xAC, 0x09} },
+#endif
+	{ANI_AKM_TYPE_SUITEB_EAP_SHA256,    {0x00, 0x0F, 0xAC, 0x0B} },
+	{ANI_AKM_TYPE_SUITEB_EAP_SHA384,    {0x00, 0x0F, 0xAC, 0x0C} },
+	{ANI_AKM_TYPE_FT_SUITEB_EAP_SHA384, {0x00, 0x0F, 0xAC, 0x0D} },
+	{ANI_AKM_TYPE_FILS_SHA256,          {0x00, 0x0F, 0xAC, 0x0E} },
+	{ANI_AKM_TYPE_FILS_SHA384,          {0x00, 0x0F, 0xAC, 0x0F} },
+	{ANI_AKM_TYPE_FT_FILS_SHA256,       {0x00, 0x0F, 0xAC, 0x10} },
+	{ANI_AKM_TYPE_FT_FILS_SHA384,       {0x00, 0x0F, 0xAC, 0x11} },
+	{ANI_AKM_TYPE_OWE,                  {0x00, 0x0F, 0xAC, 0x12} },
+#ifdef FEATURE_WLAN_ESE
+	{ANI_AKM_TYPE_CCKM,                 {0x00, 0x40, 0x96, 0x00} },
+#endif
+	{ANI_AKM_TYPE_OSEN,                 {0x50, 0x6F, 0x9A, 0x01} },
+	{ANI_AKM_TYPE_DPP_RSN,              {0x50, 0x6F, 0x9A, 0x02} },
+	{ANI_AKM_TYPE_WPA,                  {0x00, 0x50, 0xF2, 0x01} },
+	{ANI_AKM_TYPE_WPA_PSK,              {0x00, 0x50, 0xF2, 0x02} },
+	/* Add akm type above here */
+	{ANI_AKM_TYPE_UNKNOWN, {0} },
+};
+
+enum ani_akm_type lim_translate_rsn_oui_to_akm_type(uint8_t auth_suite[4])
+{
+	const struct rsn_oui_akm_type_map *map;
+	enum ani_akm_type akm_type;
+
+	map = rsn_oui_akm_type_mapping_table;
+	while (true) {
+		akm_type = map->akm_type;
+		if ((akm_type == ANI_AKM_TYPE_UNKNOWN) ||
+		    (qdf_mem_cmp(auth_suite, map->rsn_oui, 4) == 0))
+			break;
+		map++;
+	}
+
+	pe_debug("akm_type: %d", akm_type);
+
+	return akm_type;
+}

core/mac/src/pe/lim/lim_assoc_utils.c

@@ -359,6 +359,25 @@ uint8_t lim_check_rx_rsn_ie_match(struct mac_context *mac_ctx,
 		return eSIR_MAC_UNSPEC_FAILURE_STATUS;
 	}
 
+	/* We should have only one AKM in assoc/reassoc request */
+	if (rx_rsn_ie->akm_suite_cnt != 1) {
+		pe_debug("Invalid RX akm_suite_cnt %d",
+			 rx_rsn_ie->akm_suite_cnt);
+		return eSIR_MAC_INVALID_AKMP_STATUS;
+	}
+	/* Check if we support the received AKM */
+	for (i = 0; i < rsn_ie->akm_suite_cnt; i++)
+		if (!qdf_mem_cmp(&rx_rsn_ie->akm_suite[0],
+				 &rsn_ie->akm_suite[i],
+				 sizeof(rsn_ie->akm_suite[i]))) {
+			match = 1;
+			break;
+		}
+	if (!match) {
+		pe_debug("Invalid RX akm_suite");
+		return eSIR_MAC_INVALID_AKMP_STATUS;
+	}
+
 	/* Check groupwise cipher suite */
 	for (i = 0; i < sizeof(rx_rsn_ie->gp_cipher_suite); i++)
 		if (rsn_ie->gp_cipher_suite[i] !=
@@ -464,6 +483,25 @@ lim_check_rx_wpa_ie_match(struct mac_context *mac, tDot11fIEWPA *rx_wpaie,
 	/* WPA IE should be received from PE */
 	wpa_ie = &session_entry->gStartBssWPAIe;
 
+	/* We should have only one AKM in assoc/reassoc request */
+	if (rx_wpaie->auth_suite_count != 1) {
+		pe_debug("Invalid RX auth_suite_count %d",
+			 rx_wpaie->auth_suite_count);
+		return eSIR_MAC_INVALID_AKMP_STATUS;
+	}
+	/* Check if we support the received AKM */
+	for (i = 0; i < wpa_ie->auth_suite_count; i++)
+		if (!qdf_mem_cmp(&rx_wpaie->auth_suites[0],
+				 &wpa_ie->auth_suites[i],
+				 sizeof(wpa_ie->auth_suites[i]))) {
+			match = 1;
+			break;
+		}
+	if (!match) {
+		pe_debug("Invalid RX auth_suites");
+		return eSIR_MAC_INVALID_AKMP_STATUS;
+	}
+
 	/* Check groupwise cipher suite */
 	for (i = 0; i < 4; i++) {
 		if (wpa_ie->multicast_cipher[i] !=

core/mac/src/pe/lim/lim_process_assoc_req_frame.c

@@ -916,15 +916,18 @@ static tSirMacStatusCodes lim_check_wpa_ie(struct pe_session *session,
   * @hdr: pointer to the MAC head
   * @assoc_req: pointer to ASSOC/REASSOC Request frame
   * @pmf_connection: flag indicating pmf connection
+  * @akm_type: AKM type
   *
   * This function checks if wpa/rsn IE is present and validates
   * ie version, length and mismatch.
   *
   * Return: true if no error, false otherwise
   */
-static bool lim_check_wpa_rsn_ie(struct pe_session *session, struct mac_context *mac_ctx,
+static bool lim_check_wpa_rsn_ie(struct pe_session *session,
+				 struct mac_context *mac_ctx,
 				 uint8_t sub_type, tpSirMacMgmtHdr hdr,
-				 tpSirAssocReq assoc_req, bool *pmf_connection)
+				 tpSirAssocReq assoc_req, bool *pmf_connection,
+				 enum ani_akm_type *akm_type)
 {
 	uint32_t ret;
 	tDot11fIEWPA dot11f_ie_wpa = {0};
@@ -996,6 +999,8 @@ static bool lim_check_wpa_rsn_ie(struct pe_session *session, struct mac_context
 				1, hdr->sa, sub_type, 0, session);
 			return false;
 		}
+		*akm_type = lim_translate_rsn_oui_to_akm_type(
+						    dot11f_ie_rsn.akm_suite[0]);
 	} else if (assoc_req->wpaPresent) {
 		if (!(assoc_req->wpa.length)) {
 			pe_warn("Re/Assoc rejected from: "
@@ -1036,7 +1041,8 @@ static bool lim_check_wpa_rsn_ie(struct pe_session *session, struct mac_context
 					hdr->sa, sub_type, 0, session);
 			return false;
 		}
-
+		*akm_type = lim_translate_rsn_oui_to_akm_type(
+						  dot11f_ie_wpa.auth_suites[0]);
 	}
 
 	return true;
@@ -1050,6 +1056,7 @@ static bool lim_check_wpa_rsn_ie(struct pe_session *session, struct mac_context
  * @assoc_req: pointer to ASSOC/REASSOC Request frame
  * @sub_type: Assoc(=0) or Reassoc(=1) Requestframe
  * @pmf_connection: flag indicating pmf connection
+ * @akm_type: AKM type
  *
  * wpa ie related checks
  *
@@ -1059,7 +1066,9 @@ static bool lim_chk_n_process_wpa_rsn_ie(struct mac_context *mac_ctx,
 					 tpSirMacMgmtHdr hdr,
 					 struct pe_session *session,
 					 tpSirAssocReq assoc_req,
-					 uint8_t sub_type, bool *pmf_connection)
+					 uint8_t sub_type,
+					 bool *pmf_connection,
+					 enum ani_akm_type *akm_type)
 {
 	const uint8_t *wps_ie = NULL;
 
@@ -1078,7 +1087,8 @@ static bool lim_chk_n_process_wpa_rsn_ie(struct mac_context *mac_ctx,
 		    session->pLimStartBssReq->privacy &&
 		    session->pLimStartBssReq->rsnIE.length)
 			return lim_check_wpa_rsn_ie(session, mac_ctx, sub_type,
-						hdr, assoc_req, pmf_connection);
+						 hdr, assoc_req, pmf_connection,
+						 akm_type);
 	} else {
 		pe_debug("Assoc req WSE IE is present");
 	}
@@ -1362,6 +1372,7 @@ static bool lim_chk_wmm(struct mac_context *mac_ctx, tpSirMacMgmtHdr hdr,
  * @sub_type: Assoc(=0) or Reassoc(=1) Requestframe
  * @sta_ds: station dph entry
  * @auth_type: indicates security type
+ * @akm_type: indicates security type in akm
  * @assoc_req_copied: boolean to indicate if assoc req was copied to tmp above
  * @peer_idx: peer index
  * @qos_mode: qos mode
@@ -1372,9 +1383,11 @@ static bool lim_chk_wmm(struct mac_context *mac_ctx, tpSirMacMgmtHdr hdr,
  * Return: true of no error, false otherwise
  */
 static bool lim_update_sta_ds(struct mac_context *mac_ctx, tpSirMacMgmtHdr hdr,
-			      struct pe_session *session, tpSirAssocReq assoc_req,
+			      struct pe_session *session,
+			      tpSirAssocReq assoc_req,
 			      uint8_t sub_type, tpDphHashNode sta_ds,
 			      tAniAuthType auth_type,
+			      enum ani_akm_type akm_type,
 			      bool *assoc_req_copied, uint16_t peer_idx,
 			      tHalBitVal qos_mode, bool pmf_connection)
 {
@@ -1436,8 +1449,11 @@ static bool lim_update_sta_ds(struct mac_context *mac_ctx, tpSirMacMgmtHdr hdr,
 
 	sta_ds->valid = 0;
 	sta_ds->mlmStaContext.authType = auth_type;
+	sta_ds->mlmStaContext.akm_type = akm_type;
 	sta_ds->staType = STA_ENTRY_PEER;
 
+	pe_debug("auth_type = %d, akm_type = %d", auth_type, akm_type);
+
 	/*
 	 * TODO: If listen interval is more than certain limit, reject the
 	 * association. Need to check customer requirements and then implement.
@@ -1916,6 +1932,7 @@ bool lim_send_assoc_ind_to_sme(struct mac_context *mac_ctx,
 			       uint8_t sub_type,
 			       tpSirMacMgmtHdr hdr,
 			       tpSirAssocReq assoc_req,
+			       enum ani_akm_type akm_type,
 			       bool pmf_connection,
 			       bool *assoc_req_copied,
 			       bool dup_entry)
@@ -2001,7 +2018,7 @@ bool lim_send_assoc_ind_to_sme(struct mac_context *mac_ctx,
 
 send_ind_to_sme:
 	if (!lim_update_sta_ds(mac_ctx, hdr, session, assoc_req,
-			       sub_type, sta_ds, auth_type,
+			       sub_type, sta_ds, auth_type, akm_type,
 			       assoc_req_copied, peer_idx, qos_mode,
 			       pmf_connection))
 		return false;
@@ -2056,6 +2073,7 @@ void lim_process_assoc_req_frame(struct mac_context *mac_ctx, uint8_t *rx_pkt_in
 	tHalBitVal qos_mode;
 	tpSirMacMgmtHdr hdr;
 	struct tLimPreAuthNode *sta_pre_auth_ctx;
+	enum ani_akm_type akm_type = ANI_AKM_TYPE_NONE;
 	tSirMacCapabilityInfo local_cap;
 	tpDphHashNode sta_ds = NULL;
 	tpSirAssocReq assoc_req;
@@ -2274,7 +2292,9 @@ void lim_process_assoc_req_frame(struct mac_context *mac_ctx, uint8_t *rx_pkt_in
 	lim_print_ht_cap(mac_ctx, session, assoc_req);
 
 	if (false == lim_chk_n_process_wpa_rsn_ie(mac_ctx, hdr, session,
-				assoc_req, sub_type, &pmf_connection))
+						  assoc_req, sub_type,
+						  &pmf_connection,
+						  &akm_type))
 		goto error;
 
 	/* Extract pre-auth context for the STA, if any. */
@@ -2301,7 +2321,7 @@ void lim_process_assoc_req_frame(struct mac_context *mac_ctx, uint8_t *rx_pkt_in
 
 	/* Send assoc indication to SME */
 	if (!lim_send_assoc_ind_to_sme(mac_ctx, session, sub_type, hdr,
-				       assoc_req, pmf_connection,
+				       assoc_req, akm_type, pmf_connection,
 				       &assoc_req_copied, dup_entry))
 		goto error;
 
@@ -2545,6 +2565,7 @@ void lim_send_mlm_assoc_ind(struct mac_context *mac_ctx,
 			assoc_req->ssId.length + 1);
 		assoc_ind->sessionId = session_entry->peSessionId;
 		assoc_ind->authType = sta_ds->mlmStaContext.authType;
+		assoc_ind->akm_type = sta_ds->mlmStaContext.akm_type;
 		assoc_ind->capabilityInfo = assoc_req->capabilityInfo;
 
 		/* Fill in RSN IE information */

core/mac/src/pe/lim/lim_process_message_queue.c

@@ -165,6 +165,7 @@ static void lim_process_sae_msg_ap(struct mac_context *mac,
 					      assoc_req->sub_type,
 					      &assoc_req->hdr,
 					      assoc_req->assoc_req,
+					      ANI_AKM_TYPE_SAE,
 					      assoc_req->pmf_connection,
 					      &assoc_req_copied,
 					      assoc_req->dup_entry) == false)

core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c

@@ -699,6 +699,8 @@ lim_fill_assoc_ind_params(struct mac_context *mac_ctx,
 		sizeof(tSirMacAddr));
 	/* Fill in authType */
 	sme_assoc_ind->authType = assoc_ind->authType;
+	/* Fill in rsn_akm_type */
+	sme_assoc_ind->akm_type = assoc_ind->akm_type;
 	/* Fill in ssId */
 	qdf_mem_copy((uint8_t *) &sme_assoc_ind->ssId,
 		(uint8_t *) &(assoc_ind->ssId), assoc_ind->ssId.length + 1);

core/mac/src/pe/lim/lim_types.h

@@ -210,6 +210,7 @@ typedef struct sLimMlmAssocInd {
 	tSirMacAddr peerMacAddr;
 	uint16_t aid;
 	tAniAuthType authType;
+	enum ani_akm_type akm_type;
 	tAniSSID ssId;
 	tSirRSNie rsnIE;
 	tSirWAPIie wapiIE;
@@ -1130,6 +1131,7 @@ void lim_process_assoc_cleanup(struct mac_context *mac_ctx,
  *            Request(=1) frame
  * @hdr: A pointer to the MAC header
  * @assoc_req: pointer to ASSOC/REASSOC Request frame
+ * @akm_type: AKM type
  * @pmf_connection: flag indicating pmf connection
  * @assoc_req_copied: boolean to indicate if assoc req was copied to tmp above
  * @dup_entry: flag indicating if duplicate entry found
@@ -1141,6 +1143,7 @@ bool lim_send_assoc_ind_to_sme(struct mac_context *mac_ctx,
 			       uint8_t sub_type,
 			       tpSirMacMgmtHdr hdr,
 			       tpSirAssocReq assoc_req,
+			       enum ani_akm_type akm_type,
 			       bool pmf_connection,
 			       bool *assoc_req_copied,
 			       bool dup_entry);

core/sap/inc/sap_api.h

@@ -490,6 +490,7 @@ typedef struct sap_config {
 	uint8_t RSNEncryptType;
 	uint8_t mcRSNEncryptType;
 	eSapAuthType authType;
+	tCsrAuthList akm_list;
 	bool privacy;
 	bool UapsdEnable;
 	bool fwdWPSPBCProbeReq;

core/sap/src/sap_fsm.c

@@ -2851,6 +2851,8 @@ sapconvert_to_csr_profile(tsap_config_t *pconfig_params, eCsrRoamBssType bssType
 	profile->AuthType.numEntries = 1;
 	profile->AuthType.authType[0] = eCSR_AUTH_TYPE_OPEN_SYSTEM;
 
+	profile->akm_list = pconfig_params->akm_list;
+
 	/* Always set the Encryption Type */
 	profile->EncryptionType.numEntries = 1;
 	profile->EncryptionType.encryptionType[0] =

core/sme/inc/csr_api.h

@@ -749,6 +749,7 @@ struct csr_roam_profile {
 	eCsrRoamBssType BSSType;
 	tCsrAuthList AuthType;
 	eCsrAuthType negotiatedAuthType;
+	tCsrAuthList akm_list;
 	tCsrEncryptionList EncryptionType;
 	/* This field is for output only, not for input */
 	eCsrEncryptionType negotiatedUCEncryptionType;
@@ -858,6 +859,7 @@ typedef struct tagCsrRoamConnectedProfile {
 	eCsrRoamBssType BSSType;
 	eCsrAuthType AuthType;
 	tCsrAuthList AuthInfo;
+	tCsrAuthList akm_list;
 	eCsrEncryptionType EncryptionType;
 	tCsrEncryptionList EncryptionInfo;
 	eCsrEncryptionType mcEncryptionType;

core/sme/src/csr/csr_api_roam.c

@@ -1467,6 +1467,7 @@ QDF_STATUS csr_roam_copy_connect_profile(struct mac_context *mac,
 		}
 		connected_prof = &(pSession->connectedProfile);
 		pProfile->AuthType = connected_prof->AuthType;
+		pProfile->akm_list = connected_prof->akm_list;
 		pProfile->EncryptionType = connected_prof->EncryptionType;
 		pProfile->mcEncryptionType = connected_prof->mcEncryptionType;
 		pProfile->BSSType = connected_prof->BSSType;
@@ -7491,6 +7492,7 @@ QDF_STATUS csr_roam_copy_profile(struct mac_context *mac,
 			pSrcProfile->ChannelInfo.numOfChannels);
 	}
 	pDstProfile->AuthType = pSrcProfile->AuthType;
+	pDstProfile->akm_list = pSrcProfile->akm_list;
 	pDstProfile->EncryptionType = pSrcProfile->EncryptionType;
 	pDstProfile->mcEncryptionType = pSrcProfile->mcEncryptionType;
 	pDstProfile->negotiatedUCEncryptionType =
@@ -7635,6 +7637,7 @@ QDF_STATUS csr_roam_copy_connected_profile(struct mac_context *mac,
 	pDstProfile->AuthType.numEntries = 1;
 	pDstProfile->AuthType.authType[0] = pSrcProfile->AuthType;
 	pDstProfile->negotiatedAuthType = pSrcProfile->AuthType;
+	pDstProfile->akm_list = pSrcProfile->akm_list;
 	pDstProfile->EncryptionType.numEntries = 1;
 	pDstProfile->EncryptionType.encryptionType[0] =
 		pSrcProfile->EncryptionType;
@@ -8445,6 +8448,7 @@ QDF_STATUS csr_roam_save_connected_information(struct mac_context *mac,
 				sizeof(tCsrRoamConnectedProfile));
 		pConnectProfile->AuthType = pProfile->negotiatedAuthType;
 		pConnectProfile->AuthInfo = pProfile->AuthType;
+		pConnectProfile->akm_list = pProfile->akm_list;
 		pConnectProfile->EncryptionType =
 			pProfile->negotiatedUCEncryptionType;
 		pConnectProfile->EncryptionInfo = pProfile->EncryptionType;
@@ -10590,6 +10594,83 @@ static QDF_STATUS csr_send_reset_ap_caps_changed(struct mac_context *mac,
 	return status;
 }
 
+static eCsrAuthType csr_translate_akm_type(enum ani_akm_type akm_type)
+{
+	eCsrAuthType csr_akm_type;
+
+	switch (akm_type)
+	{
+	case ANI_AKM_TYPE_NONE:
+		csr_akm_type = eCSR_AUTH_TYPE_NONE;
+		break;
+#ifdef WLAN_FEATURE_SAE
+	case ANI_AKM_TYPE_SAE:
+		csr_akm_type = eCSR_AUTH_TYPE_SAE;
+		break;
+#endif
+	case ANI_AKM_TYPE_WPA:
+		csr_akm_type = eCSR_AUTH_TYPE_WPA;
+		break;
+	case ANI_AKM_TYPE_WPA_PSK:
+		csr_akm_type = eCSR_AUTH_TYPE_WPA_PSK;
+		break;
+	case ANI_AKM_TYPE_RSN:
+		csr_akm_type = eCSR_AUTH_TYPE_RSN;
+		break;
+	case ANI_AKM_TYPE_RSN_PSK:
+		csr_akm_type = eCSR_AUTH_TYPE_RSN_PSK;
+		break;
+	case ANI_AKM_TYPE_FT_RSN:
+		csr_akm_type = eCSR_AUTH_TYPE_FT_RSN;
+		break;
+	case ANI_AKM_TYPE_FT_RSN_PSK:
+		csr_akm_type = eCSR_AUTH_TYPE_FT_RSN_PSK;
+		break;
+#ifdef FEATURE_WLAN_ESE
+	case ANI_AKM_TYPE_CCKM:
+		csr_akm_type = eCSR_AUTH_TYPE_CCKM_RSN;
+		break;
+#endif
+	case ANI_AKM_TYPE_RSN_PSK_SHA256:
+		csr_akm_type = eCSR_AUTH_TYPE_RSN_PSK_SHA256;
+		break;
+	case ANI_AKM_TYPE_RSN_8021X_SHA256:
+		csr_akm_type = eCSR_AUTH_TYPE_RSN_8021X_SHA256;
+		break;
+	case ANI_AKM_TYPE_FILS_SHA256:
+		csr_akm_type = eCSR_AUTH_TYPE_FILS_SHA256;
+		break;
+	case ANI_AKM_TYPE_FILS_SHA384:
+		csr_akm_type = eCSR_AUTH_TYPE_FILS_SHA384;
+		break;
+	case ANI_AKM_TYPE_FT_FILS_SHA256:
+		csr_akm_type = eCSR_AUTH_TYPE_FT_FILS_SHA256;
+		break;
+	case ANI_AKM_TYPE_FT_FILS_SHA384:
+		csr_akm_type = eCSR_AUTH_TYPE_FT_FILS_SHA384;
+		break;
+	case ANI_AKM_TYPE_DPP_RSN:
+		csr_akm_type = eCSR_AUTH_TYPE_DPP_RSN;
+		break;
+	case ANI_AKM_TYPE_OWE:
+		csr_akm_type = eCSR_AUTH_TYPE_OWE;
+		break;
+	case ANI_AKM_TYPE_SUITEB_EAP_SHA256:
+		csr_akm_type = eCSR_AUTH_TYPE_SUITEB_EAP_SHA256;
+		break;
+	case ANI_AKM_TYPE_SUITEB_EAP_SHA384:
+		csr_akm_type = eCSR_AUTH_TYPE_SUITEB_EAP_SHA384;
+		break;
+	case ANI_AKM_TYPE_OSEN:
+		csr_akm_type = eCSR_AUTH_TYPE_OSEN;
+		break;
+	default:
+		csr_akm_type = eCSR_AUTH_TYPE_UNKNOWN;
+	}
+
+	return csr_akm_type;
+}
+
 static bool csr_is_sae_akm_present(tDot11fIERSN * const rsn_ie)
 {
 	uint16_t i;
@@ -10647,6 +10728,7 @@ csr_roam_chk_lnk_assoc_ind(struct mac_context *mac_ctx, tSirSmeRsp *msg_ptr)
 	struct csr_roam_info *roam_info;
 	struct assoc_ind *pAssocInd;
 	tSirMacStatusCodes mac_status_code = eSIR_MAC_SUCCESS_STATUS;
+	eCsrAuthType csr_akm_type;
 
 	sme_debug("Receive WNI_SME_ASSOC_IND from SME");
 	pAssocInd = (struct assoc_ind *) msg_ptr;
@@ -10662,6 +10744,8 @@ csr_roam_chk_lnk_assoc_ind(struct mac_context *mac_ctx, tSirSmeRsp *msg_ptr)
 		sme_err("session %d not found", sessionId);
 		return;
 	}
+	csr_akm_type = csr_translate_akm_type(pAssocInd->akm_type);
+
 	roam_info = qdf_mem_malloc(sizeof(*roam_info));
 	if (!roam_info)
 		return;