The wlan_crypto_reset_vdev_params() stub function, used when the
CRYPTO_SET_KEY_CONVERGED feature is not enabled, is misnamed, so
correct the naming.
Change-Id: Iff7db65f61dbec15529832c9db4430f908442645
CRs-Fixed: 3421947
Fix improper naming convention for store_def_keyix_peer
Avoid qdf_export since the function is defined and called
from the same file
Change-Id: I488267eccf521071038958fe85e9c1be90df27b2
CRs-Fixed: 3384714
The kernel-doc script identified some documentation issues in the
umac/cmn_services/crypto folder, so fix them. In addition there are
multiple instances of both the interface and the implementation being
documented, so remove the duplicates, keeping just the interface
documentation.
Change-Id: Ied5bfcdff185d0b144f8c41affb5adcb3b8a5b88
CRs-Fixed: 3394398
RSNXE bits are modified in the recent draft. Rename
WLAN_RSNX_CAPAB_PROT_RANGE_NEG to WLAN_RSNX_CAPAB_URNM_MFPR
and the bit position is changed to 15 instead of 10.
Change-Id: Iebca652a952b338f0533023581ebe45bc0aae452
CRs-Fixed: 3387173
Per the coding style "functions [...] have the opening brace at the
beginning of the next line."
In umac/cmn_services/crypto there are two files that are not
consistently following this style, so fix them.
That will address the following error flagged by the Linux checkpatch
script:
ERROR:OPEN_BRACE: open brace '{' following function definitions go on
the next line
Change-Id: I774e027c594689b8ab4ff49bab5fc0b536d685f6
CRs-Fixed: 3384735
Rx PN error stats for broadcast management frames is being tracked
as a ucast stats. Fix it to be tracked as part of mcast stats.
Change-Id: If76c512107728b792ed6d92d56036325592f0fd1
CRs-Fixed: 3361840
Currently in function wlan_crypto_set_key_req(), as long as
WLAN_CRYPTO_TX_OPS_SET_KEY() isn't NULL, it always returns
QDF_STATUS_SUCCESS irrespective of the real processing result
of setting key request and causes FW assert in below test:
1. DUT work as SAP role
2. Peer STA repeatedly do connect/deauth with very short
time interval
3. When SAP just finish 4-way handshake and supplicant don't
add key to wlan host yet, peer STA send deauth again. Once
deauth is received, wlan host will free peer STA related info.
Just after this, supplicant key setting is arrived, and wlan
host return QDF_STATUS_SUCCESS and wait for completion event
of key setting, like below log:
target_if_crypto_set_key: key_type 0, mac: 7c:c2:c6:32:cb:90
target_if_crypto_set_key: Invalid peer
4. During the waiting time, peer STA trigger connection again,
due to previous key setting isn't still done, it will block
new key setting. And when completion event timeout happen, it
will still call wma_update_set_key() to notify successful key
setting. So when wlan host send WMI_PEER_SET_PARAM_CMDID to
update authenticate state, FW find key isn't still installed
and trigger assert.
Change-Id: Ice1c5dcfbbde394e1271b900ba783fea98493647
CRs-Fixed: 3364767
In order to support AKM24, the max length of KCK is modified to
24 bytes and KEK max length is modified to 32 bytes for
cmd WMI_GTK_OFFLOAD_CMDID.
Change-Id: Ia504a1ce92c80793fc1302fdf03b8d93471d9322
CRs-Fixed: 3305317
In wlan_crypto_global_api.c there are several functions which use a
misspelled term for "nonce" so replace them with the correct spelling.
Change-Id: Iedc65bbad173c5fc398e25730853bc7b36e86b31
CRs-Fixed: 3313801
For STA MLO connection, the AP can send M1 right after assoc
response on assoc link, which will trigger sending keys to FW
for mlo links, but it can happen that wmi_peer_assoc is not
sent for mlo link until this time.
Current code does not have handling for this case.
To solve this, store the link vdev keys and send them once
link vdev is connected.
Change-Id: I882da96280711ca9cfa4d6ba852fda4a8b6d7a77
CRs-Fixed: 3293692
During wlan_crypto_setkey, the mem_alloc for key is done and
all keyidx within WLAN_CRYPTO_MAX_VLANKEYIX are to freed in
crypto_free_key.
Change-Id: Ieae0f9f4eecabe1fb23812a9e436037bb4dad128
CRs-Fixed: 3296394
Use def_tx_keyid for Mcast wep key.
Also reset all the key index in wlan_crypto_free_key once igtk,
bigtk and Ucast/Mcast are freed, so that their values are not
carried to next connection.
Change-Id: I9a1e8715c54f47905889511f983b3127b9b5cfcd
CRs-Fixed: 3297270
Currently, RSNXE capability indexes are defined incorrect.
It seems BIT index is misinterpreted. Correct the same as defined
below in spec(IEEE Std 802.11-2020, 9.4.2.241, Table 9-780).
The Extended RSN Capabilities field, except its first 4 bits, is a
bit field indicating the extended RSN capabilities being advertised
by the STA transmitting the element. The length of the Extended
RSN Capabilities field is a variable n, in octets, as indicated by
the first 4 bits in the field.
Also, add a macro to check if the given akm
is WPA/WPA2 i.e. legacy than WPA3.
Change-Id: I3d8eee15f6734b2364628f699b7829a1edb246f0
CRs-Fixed: 3257715
Supplicant compares AKM(s) in RSN IE of Beacon/Probe response and
AKM on third EAPOL frame received by AP. In the case of multi AKM,
previously Host converts all adaptive 11r AKM(s), if any, present
in RSN IE of Beacon/Probe response to corresponding FT AKM but the
AP(s) which support adaptive 11r (ADAPTIVE_11R_OUI: 0x964000) only
converts first AKM to corresponding FT AKM and sends third EAPOL
frame to DUT. This results in failure in a 4-way handshake in
supplicant due to RSN IE miss-match between RSNIE sent by host
and RSNIE present in third EAPOL frame. Now like AP, the host is
converting only the first AKM to corresponding FT AKM to avoid
RSNIE mismatch in supplicant.
Change-Id: I522c6e313df50c1ef2952ec2e464a107ae739dad
CRs-Fixed: 3230622
Assume AP1 and AP2 are SPMK APs. For SPMK AP(s), Host
should add an entry of an AP in PMK cache table like below in
two cases only:
Case 1. When DUT successfully associated with SPMK supported AP
In this case host update “is_spmk_ap” flag in PMK
table by parsing beacon of associated AP after
successful connection.
Case 2. When DUT successfully roamed to SPMK supported AP
In this case host update “is_spmk_ap” flag in PMK
table by parsing roam sync indication event.
In case of connection with SPMK AP, Host selectively deletes PMK
entry for other SPMK supported AP(s) on basis of “is_spmk_ap”
flag and maintains only one entry for all SPMK AP(s). And host
sends the same single PMK in RSO for further roaming to SPMK AP.
Initially, DUT is connected with AP2. Then Disconnection happens with
AP2 due to NUD failure. After disconnection, the upper layer sends
flush PMK requests for AP1 and AP2. Host deletes old PMK entries for
both APs. Now upper layer sends a set PMK request for AP2. Host adds
AP2 entry in PMK cache table but host does not set "is_spmk_ap" flag
in PMK table for this entry as DUT is not connected to AP2. Now host
receives a connect request for AP1 from the upper layer. DUT
successfully associated with AP1 by performing full SAE authentication.
Host adds an entry for AP1 in the PMK cache table and sets "is_spmk_ap"
flag for AP1 but fails to delete the entry for other SPMK AP(s), here
AP2, from PMK cache table. This is because of "is_spmk_ap" flag is not
set for AP2. At this point of time below is the PMK cache table entry
for SPMK AP(s): The Host PMK cache table has two entries for two SPMK
APs.
BSSID PMK is_spmk_ap flag
AP2 PMK2 0
AP1 PMK1 1
Now FW roams to AP2 using PMK1. Host process roam sync indication for
AP2 and updates "is_spmk_ap" flag for AP2 in the PMK cache table. As
Host has a stale entry for AP2 in the PMK cache table, Host sends AP2’s
PMK (here PMK2) in RSO command which firmware will use for further
roaming but roaming fails due to invalid PMK, as target SPMK AP expects
PMK1 in reassociation request.
To handle these scenarios, FW should send PMK info of roamed AP and
host override stale entry for roamed AP (if any) with roamed AP's PMK
in PMK cache table.
Change-Id: I3c6a49be065e4744e438c2762c103eb3095a2253
CRs-Fixed: 3168078
For IGTK/BIGTK keyix, cipher table is not populated. Retrieve
cipher_type from key structure.
Change-Id: Ic61e66854f91317194ee90f64187fd2b787827b0
CRs-Fixed: 3163335
CLEAR_PARAM failed to clear bit at bit position of "val". This change
correct to ((__param) &= (~(1 << (__val)))).
Change-Id: I20a9203592c0f48c3d2999985edd8ff81f55eb9d
CRs-Fixed: 3137825
Add support to update key management with higher security
after BSS create response.
Also, Currenlty if there are multiple AKM and ucast cipher.
Host overwrites AKM and ucast cipher value with the new one.
Instead of overwrite, add support to do ORing to keep all values.
Change-Id: I679a86debef649efbce1a08b60512d127f7fbbee
CRs-Fixed: 3113222
When validating MMIE, if PN error is found, track it using relevant
statistics. Defined WMI_HOST_RXERR_PN to flag such PN errors.
Change-Id: Icb1fe9a653f67611539b5cb463adfceadedae38e
Issue: On receiving robust bcast mgmt frames, for mmie
mic validation, mic of length 8 could be allocated.
The encrypt function however, always writes mic of length
16 resulting in memory corruption issue.
Fix: Allocate mic of size 16 for wlan_crypto_is_mmie_valid().
This is also corresponding to mic buffer size of 16 in
wlan_crypto_add_mmie().
Change-Id: I870251c0ed4224a7a974dad86f2808af7148be95
CRs-Fixed: 3091165
Move basic IEEE 802.11 field definitions that are not specific to
cryptographic functionality, from a cryptography related header file
to a common header file for IEEE 802.11 definitions so that these can
be used by other 802.11 protocol processing modules. The crypto header
file already includes the common header file, so there is no effective
change in code visibility of the definitions for crypto code.
Change-Id: I439fe818a457cc7694fdb431f5d2c1a7552f2caa
CRs-Fixed: 3059572
For SAE SAP, after full SAE authentication, only pmkid
will be sent down to driver, PMK len is zero.
Driver should accept the set pmksa without PMK.
Add check pmk length checking and if pmk len is zero,
driver allow the set pmksa.
Change-Id: Ic05dee4cce31233dbe6dfced05df54fe8972dd1f
CRs-Fixed: 3042899
Validate the SSID & cache ID if SSID length is present in the
pmksa entry, as in FILS case only SSID and cache id are filled
and BSSID is not filled.
So validate the BSSID only if the SSID is not present.
Change-Id: Ia0a31f953869f00495fad597bb564ec706425312
CRs-Fixed: 3051530
The 11r roaming is not happening when PMF disabled STA is trying to
roam from PMF disabled AP to PMF optinally configured(ieee80211w=1)
AP which is due to candidate_list is not found because of mgmt
ciphers mismatch (the PMF disabled mgmt cipher is None(1<<17) and PMF
optional AP's mgmt cipher is CMAC(1<<6)) happening while comparing
security params and is due to mgmt cipher value is reset to None(17)
after STA connected to AP.
So, Added changes to reset the mgmt cipher value to zero. Also, added
changes to reset the keymgmt to 0 instead of None since this is
missing in earlier implementation.
Change-Id: I9f24a215011b4984937e98225bcb3975bc3f685f
Ideally, the validation of keys have to be done before
ol_getpn() is called to make sure the correct keys are
fetched and to avoid default key values being set.
Earlier, the key validation was done after ol_getpn()
function was called. This change reorders the ol_getpn()
to be called after the key validation.
Change-Id: I5be95b66b19228e2e9d1bca808b294a6b9b01935
Add parameter 'bool sync' for wlan_cfg80211_crypto_add_key()
to indicate whether or not to add key synchronously.
If it's set to true, wait until install key complete event
is received.
Change-Id: I9a69d486665fb3f65a5720ccfbfb638c09329418
CRs-Fixed: 2865832
In SAP case, external authentication(offloaded SAE authentication
to userspace) status event carries only PMKID to allow/disallow
peers to do PMKID+open auth based connection once the peers are
already SAE authenticated.
A check is added on the PMK length with the below change,
change: Ic41c2044e70f8d375130ef9e0af9fe4b83027c26. It rejects the
PMKID update to the pmk cache if the PMK length is 0. It's not
allowing to cache PMKID derived as part of SAE authentication.
There is no need to cache the PMK in SAE case as it won't be
used internally by driver or won't even be sent to firmware.
So, don't add any check and allow PMKID only entries also to
facilitate PMK caching mechanism in SAE SAP.
Change-Id: Ibd72975e91d93af9665c392b4e7a708a5f9c336a
CRs-Fixed: 2967752
Removed unused API for open and WEP check, as the logic, to check
open and WEP mode is not valid. If required proper API can
be added later.
Change-Id: Ia57bc28d40a70c8bd3b908400126c9741080a5fd
CRs-Fixed: 2949965
The value of req->crypto.mgmt_ciphers is bit mask
of wlan_crypto_cipher_type, but the API
wlan_crypto_set_mgmtcipher expects the enum value of
wlan_crypto_cipher_type at present.
Fix by change wlan_crypto_set_mgmtcipher to use bit
mask of mgmt cipher type.
Change-Id: I2d262bbe3f47e41635097ef8ce5722a2baa38001
CRs-Fixed: 2946164
AP sets multiple AKM suites in RSN information of beacon
or unicast probe response. In case if the invalid or
unsupported AKM/unicast cipher suite present in the AKM
suite list, the driver detects it as wrong RSN IE and
drops it. This results Device driver doesn't send
authentication to initiate a connection to that AP even
one or more than one valid AKM suites present in RSN IE.
Ideally, the driver should able to initiate connection if
at least one AKM/unicast cipher is valid and supported in
AKM suite list.
Change-Id: I8ed525e3945e4e437d15b496c80b1ad2aef4cb65
CRs-Fixed: 2948248
Access wlan_crypto_cipher structure if the key and cipher_table's
are valid. Also, added changes to avoid dangling pointer accessing
after deleting key.
Change-Id: Ia9a5942c9597f03eb1707d149797f33760eeac21
Currently the PMKSA entries are deleted only if the BSSID matches
and will delete all the matching PMK cache entries even though
the new PMK is same as the existing PMK for the matched BSSID.
This results in unnecessary deletion/updation of PMKSA entries.
This change allows to check PMK as well along with BSSID. And if
the PMK doesn't match with existing matched BSSID entry then only
we delete the PMKSA entries.
This change fixes the below OKC scenario and avoids Full EAP:
Connect to AP1 -> Roam to AP2 -> Disconnect and Reconnect AP2 ->
Disconnect and Reconnect AP1.
Change-Id: Ic41c2044e70f8d375130ef9e0af9fe4b83027c26
CRs-Fixed: 2913686
