diff options
| author | Padma, Santhosh Kumar <skpadma@codeaurora.org> | 2018-02-14 17:15:19 +0530 |
|---|---|---|
| committer | nshrivas <nshrivas@codeaurora.org> | 2018-03-22 03:51:06 -0700 |
| commit | 0956eb35db4989faedec16fce01753b2fd9469ad (patch) | |
| tree | bd2df9be8772137c2fb610957fc8627c1d9b7148 | |
| parent | ede4fd7b0cfa4b3be9911e61cb46f0b6e80a7b09 (diff) | |
qcacld-3.0: Add support for GMAC cipher suite
Add changes to support GMAC group management cipher suite
Change-Id: Ic4855b77268464a1ed61efcf213f76a2d99ff0c4
CRs-Fixed: 2164828
| -rw-r--r-- | core/hdd/src/wlan_hdd_cfg80211.c | 14 | ||||
| -rw-r--r-- | core/mac/inc/ani_system_defs.h | 4 | ||||
| -rw-r--r-- | core/mac/src/pe/lim/lim_process_mlm_req_messages.c | 2 | ||||
| -rw-r--r-- | core/mac/src/pe/lim/lim_process_sme_req_messages.c | 8 | ||||
| -rw-r--r-- | core/sme/inc/csr_api.h | 8 | ||||
| -rw-r--r-- | core/sme/src/csr/csr_api_roam.c | 35 | ||||
| -rw-r--r-- | core/sme/src/csr/csr_util.c | 114 | ||||
| -rw-r--r-- | core/wma/src/wma_mgmt.c | 10 |
8 files changed, 180 insertions, 15 deletions
diff --git a/core/hdd/src/wlan_hdd_cfg80211.c b/core/hdd/src/wlan_hdd_cfg80211.c index bb13b4019b70..5da3266f0831 100644 --- a/core/hdd/src/wlan_hdd_cfg80211.c +++ b/core/hdd/src/wlan_hdd_cfg80211.c @@ -201,6 +201,11 @@ static const u32 hdd_cipher_suites[] = { #endif #ifdef WLAN_FEATURE_11W WLAN_CIPHER_SUITE_AES_CMAC, +#if defined(WLAN_FEATURE_GMAC) && \ + (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)) + WLAN_CIPHER_SUITE_BIP_GMAC_128, + WLAN_CIPHER_SUITE_BIP_GMAC_256, +#endif #endif }; @@ -15126,6 +15131,15 @@ static int __wlan_hdd_cfg80211_add_key(struct wiphy *wiphy, case WLAN_CIPHER_SUITE_AES_CMAC: setKey.encType = eCSR_ENCRYPT_TYPE_AES_CMAC; break; +#if defined(WLAN_FEATURE_GMAC) && \ + (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)) + case WLAN_CIPHER_SUITE_BIP_GMAC_128: + setKey.encType = eCSR_ENCRYPT_TYPE_AES_GMAC_128; + break; + case WLAN_CIPHER_SUITE_BIP_GMAC_256: + setKey.encType = eCSR_ENCRYPT_TYPE_AES_GMAC_256; + break; +#endif #endif case WLAN_CIPHER_SUITE_GCMP: setKey.encType = eCSR_ENCRYPT_TYPE_AES_GCMP; diff --git a/core/mac/inc/ani_system_defs.h b/core/mac/inc/ani_system_defs.h index 99fd5eeb63d1..68ec04deb093 100644 --- a/core/mac/inc/ani_system_defs.h +++ b/core/mac/inc/ani_system_defs.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Previously licensed under the ISC license by Qualcomm Atheros, Inc. * @@ -95,6 +95,8 @@ typedef enum eAniEdType { /* Firmware uses key length to find GCMP 128 or 256 */ eSIR_ED_GCMP, eSIR_ED_GCMP_256, + eSIR_ED_AES_GMAC_128, + eSIR_ED_AES_GMAC_256, eSIR_ED_NOT_IMPLEMENTED = SIR_MAX_ENUM_SIZE } tAniEdType; diff --git a/core/mac/src/pe/lim/lim_process_mlm_req_messages.c b/core/mac/src/pe/lim/lim_process_mlm_req_messages.c index 4fb9f60679c2..991a35c714f1 100644 --- a/core/mac/src/pe/lim/lim_process_mlm_req_messages.c +++ b/core/mac/src/pe/lim/lim_process_mlm_req_messages.c @@ -2000,6 +2000,8 @@ lim_process_mlm_set_keys_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) case eSIR_ED_GCMP_256: #ifdef WLAN_FEATURE_11W case eSIR_ED_AES_128_CMAC: + case eSIR_ED_AES_GMAC_128: + case eSIR_ED_AES_GMAC_256: #endif sta_idx = session->staId; break; diff --git a/core/mac/src/pe/lim/lim_process_sme_req_messages.c b/core/mac/src/pe/lim/lim_process_sme_req_messages.c index 0c5681dfde23..a1a49cbc1895 100644 --- a/core/mac/src/pe/lim/lim_process_sme_req_messages.c +++ b/core/mac/src/pe/lim/lim_process_sme_req_messages.c @@ -1772,7 +1772,13 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) /* Record if management frames need to be protected */ #ifdef WLAN_FEATURE_11W - if (eSIR_ED_AES_128_CMAC == sme_join_req->MgmtEncryptionType) + if ((eSIR_ED_AES_128_CMAC == + sme_join_req->MgmtEncryptionType) +#ifdef WLAN_FEATURE_GMAC + || (eSIR_ED_AES_GMAC_128 == sme_join_req->MgmtEncryptionType) + || (eSIR_ED_AES_GMAC_256 == sme_join_req->MgmtEncryptionType) +#endif + ) session->limRmfEnabled = 1; else session->limRmfEnabled = 0; diff --git a/core/sme/inc/csr_api.h b/core/sme/inc/csr_api.h index 8cee2b8a14ba..21ec298b5000 100644 --- a/core/sme/inc/csr_api.h +++ b/core/sme/inc/csr_api.h @@ -95,10 +95,9 @@ typedef enum { eCSR_ENCRYPT_TYPE_BTK, #endif #endif /* FEATURE_WLAN_ESE */ -#ifdef WLAN_FEATURE_11W - /* 11w BIP */ eCSR_ENCRYPT_TYPE_AES_CMAC, -#endif + eCSR_ENCRYPT_TYPE_AES_GMAC_128, + eCSR_ENCRYPT_TYPE_AES_GMAC_256, eCSR_ENCRYPT_TYPE_AES_GCMP, eCSR_ENCRYPT_TYPE_AES_GCMP_256, eCSR_ENCRYPT_TYPE_ANY, @@ -228,6 +227,8 @@ typedef enum { #define CSR_AES_KEY_LEN 16 #define CSR_AES_GCMP_KEY_LEN 16 #define CSR_AES_GCMP_256_KEY_LEN 32 +#define CSR_AES_GMAC_128_KEY_LEN 16 +#define CSR_AES_GMAC_256_KEY_LEN 32 #define CSR_MAX_TX_POWER (WNI_CFG_CURRENT_TX_POWER_LEVEL_STAMAX) #define CSR_MAX_RSC_LEN 16 #ifdef FEATURE_WLAN_WAPI @@ -940,6 +941,7 @@ typedef struct tagCsrRoamProfile { uint8_t MFPRequired; uint8_t MFPCapable; #endif + tAniEdType mgmt_encryption_type; tCsrKeys Keys; tCsrChannelInfo ChannelInfo; uint8_t operationChannel; diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c index 7094ed6290f8..c6ba8b324ed4 100644 --- a/core/sme/src/csr/csr_api_roam.c +++ b/core/sme/src/csr/csr_api_roam.c @@ -10674,6 +10674,34 @@ csr_update_key_cmd(tpAniSirGlobal mac_ctx, tCsrRoamSession *session, CSR_AES_KEY_LEN); *enqueue_cmd = true; break; + +#ifdef WLAN_FEATURE_GMAC + case eCSR_ENCRYPT_TYPE_AES_GMAC_128: + if (set_key->keyLength < CSR_AES_GMAC_128_KEY_LEN) { + sme_warn("Invalid AES GMAC 128 keylength [= %d]", + set_key->keyLength); + *enqueue_cmd = false; + return QDF_STATUS_E_INVAL; + } + set_key_cmd->u.setKeyCmd.keyLength = CSR_AES_GMAC_128_KEY_LEN; + qdf_mem_copy(set_key_cmd->u.setKeyCmd.Key, set_key->Key, + CSR_AES_GMAC_128_KEY_LEN); + *enqueue_cmd = true; + break; + + case eCSR_ENCRYPT_TYPE_AES_GMAC_256: + if (set_key->keyLength < CSR_AES_GMAC_256_KEY_LEN) { + sme_warn("Invalid AES GMAC 256 keylength [= %d]", + set_key->keyLength); + *enqueue_cmd = false; + return QDF_STATUS_E_INVAL; + } + set_key_cmd->u.setKeyCmd.keyLength = CSR_AES_GMAC_256_KEY_LEN; + qdf_mem_copy(set_key_cmd->u.setKeyCmd.Key, set_key->Key, + CSR_AES_GMAC_256_KEY_LEN); + *enqueue_cmd = true; + break; +#endif #endif /* WLAN_FEATURE_11W */ default: /* for open security also we want to enqueue command */ @@ -14909,8 +14937,13 @@ bool csr_is_mfpc_capable(struct sDot11fIERSN *rsn) static void csr_set_mgmt_enc_type(tCsrRoamProfile *profile, tDot11fBeaconIEs *ies, tSirSmeJoinReq *csr_join_req) { + sme_debug("mgmt encryption type %d MFPe %d MFPr %d", + profile->mgmt_encryption_type, + profile->MFPEnabled, profile->MFPRequired); + if (profile->MFPEnabled) - csr_join_req->MgmtEncryptionType = eSIR_ED_AES_128_CMAC; + csr_join_req->MgmtEncryptionType = + profile->mgmt_encryption_type; else csr_join_req->MgmtEncryptionType = eSIR_ED_NONE; if (profile->MFPEnabled && diff --git a/core/sme/src/csr/csr_util.c b/core/sme/src/csr/csr_util.c index 678c697dc53b..995f4f8476c0 100644 --- a/core/sme/src/csr/csr_util.c +++ b/core/sme/src/csr/csr_util.c @@ -126,6 +126,16 @@ uint8_t csr_wapi_oui[][CSR_WAPI_OUI_SIZE] = { uint8_t csr_wme_info_oui[CSR_WME_OUI_SIZE] = { 0x00, 0x50, 0xf2, 0x02 }; uint8_t csr_wme_parm_oui[CSR_WME_OUI_SIZE] = { 0x00, 0x50, 0xf2, 0x02 }; +uint8_t csr_group_mgmt_oui[][CSR_RSN_OUI_SIZE] = { +#define ENUM_CMAC 0 + {0x00, 0x0F, 0xAC, 0x06}, +#define ENUM_GMAC_128 1 + {0x00, 0x0F, 0xAC, 0x0B}, +#define ENUM_GMAC_256 2 + {0x00, 0x0F, 0xAC, 0x0C}, +}; + + /* ////////////////////////////////////////////////////////////////////// */ /** @@ -2752,6 +2762,56 @@ static bool csr_is_auth_wpa_psk(tpAniSirGlobal pMac, (pMac, AllSuites, cAllSuites, csr_wpa_oui[02], Oui); } +#ifdef WLAN_FEATURE_GMAC +/* + * csr_is_group_mgmt_gmac_128() - check whether oui is GMAC_128 + * @mac: Global MAC context + * @all_suites: pointer to all supported akm suites + * @suite_count: all supported akm suites count + * @oui: Oui needs to be matched + * + * Return: True if OUI is GMAC_128, false otherwise + */ +static bool csr_is_group_mgmt_gmac_128(tpAniSirGlobal mac, + uint8_t all_suites[][CSR_RSN_OUI_SIZE], + uint8_t suite_count, uint8_t oui[]) +{ + return csr_is_oui_match(mac, all_suites, suite_count, + csr_group_mgmt_oui[ENUM_GMAC_128], oui); +} + +/* + * csr_is_group_mgmt_gmac_256() - check whether oui is GMAC_256 + * @mac: Global MAC context + * @all_suites: pointer to all supported akm suites + * @suite_count: all supported akm suites count + * @oui: Oui needs to be matched + * + * Return: True if OUI is GMAC_256, false otherwise + */ +static bool csr_is_group_mgmt_gmac_256(tpAniSirGlobal mac, + uint8_t all_suites[][CSR_RSN_OUI_SIZE], + uint8_t suite_count, uint8_t oui[]) +{ + return csr_is_oui_match(mac, all_suites, suite_count, + csr_group_mgmt_oui[ENUM_GMAC_256], oui); +} +#else +static bool csr_is_group_mgmt_gmac_128(tpAniSirGlobal mac, + uint8_t all_suites[][CSR_RSN_OUI_SIZE], + uint8_t suite_count, uint8_t oui[]) +{ + return false; +} + +static bool csr_is_group_mgmt_gmac_256(tpAniSirGlobal mac, + uint8_t all_suites[][CSR_RSN_OUI_SIZE], + uint8_t suite_count, uint8_t oui[]) +{ + return false; +} +#endif + static uint8_t csr_get_oui_index_from_cipher(eCsrEncryptionType enType) { uint8_t OUIIndex; @@ -2902,6 +2962,8 @@ static void csr_check_n_set_owe_auth(tpAniSirGlobal mac_ctx, * @capabilities: RSN capabilities * @negotiated_authtype: Negotiated auth type * @negotiated_mccipher: negotiated multicast cipher + * @gp_mgmt_cipher: group management cipher + * @mgmt_encryption_type: group management encryption type * * This routine will get all RSN information * @@ -2914,18 +2976,24 @@ static bool csr_get_rsn_information(tHalHandle hal, tCsrAuthList *auth_type, uint8_t *mcast_cipher, uint8_t *auth_suite, tCsrRSNCapabilities *capabilities, eCsrAuthType *negotiated_authtype, - eCsrEncryptionType *negotiated_mccipher) + eCsrEncryptionType *negotiated_mccipher, + uint8_t *gp_mgmt_cipher, + tAniEdType *mgmt_encryption_type) { tpAniSirGlobal mac_ctx = PMAC_STRUCT(hal); bool acceptable_cipher = false; + bool group_mgmt_acceptable_cipher = false; uint8_t c_ucast_cipher = 0; uint8_t c_mcast_cipher = 0; + uint8_t c_group_mgmt_cipher = 0; uint8_t c_auth_suites = 0, i; uint8_t unicast[CSR_RSN_OUI_SIZE]; uint8_t multicast[CSR_RSN_OUI_SIZE]; + uint8_t group_mgmt[CSR_RSN_OUI_SIZE]; uint8_t authsuites[CSR_RSN_MAX_AUTH_SUITES][CSR_RSN_OUI_SIZE]; uint8_t authentication[CSR_RSN_OUI_SIZE]; uint8_t mccipher_arr[CSR_RSN_MAX_MULTICAST_CYPHERS][CSR_RSN_OUI_SIZE]; + uint8_t group_mgmt_arr[CSR_RSN_MAX_MULTICAST_CYPHERS][CSR_RSN_OUI_SIZE]; eCsrAuthType neg_authtype = eCSR_AUTH_TYPE_UNKNOWN; if (!rsn_ie->present) @@ -2967,6 +3035,28 @@ static bool csr_get_rsn_information(tHalHandle hal, tCsrAuthList *auth_type, if (negotiated_mccipher) *negotiated_mccipher = mc_encryption->encryptionType[i]; + /* Group Management Cipher only for 11w */ + if (mgmt_encryption_type) { + c_group_mgmt_cipher++; + qdf_mem_copy(group_mgmt_arr, rsn_ie->gp_mgmt_cipher_suite, + CSR_RSN_OUI_SIZE); + if (csr_is_group_mgmt_gmac_128(mac_ctx, group_mgmt_arr, + c_group_mgmt_cipher, group_mgmt)) { + group_mgmt_acceptable_cipher = true; + *mgmt_encryption_type = eSIR_ED_AES_GMAC_128; + } else if (csr_is_group_mgmt_gmac_256(mac_ctx, group_mgmt_arr, + c_group_mgmt_cipher, group_mgmt)) { + group_mgmt_acceptable_cipher = true; + *mgmt_encryption_type = eSIR_ED_AES_GMAC_256; + } else { + /* Default is CMAC */ + group_mgmt_acceptable_cipher = true; + *mgmt_encryption_type = eSIR_ED_AES_128_CMAC; + qdf_mem_copy(group_mgmt, csr_group_mgmt_oui[ENUM_CMAC], + CSR_RSN_OUI_SIZE); + } + } + /* Initializing with false as it has true value already */ acceptable_cipher = false; for (i = 0; i < auth_type->numEntries; i++) { @@ -3051,6 +3141,10 @@ end: if (ucast_cipher) qdf_mem_copy(ucast_cipher, unicast, CSR_RSN_OUI_SIZE); + if (gp_mgmt_cipher && group_mgmt_acceptable_cipher) + qdf_mem_copy(gp_mgmt_cipher, group_mgmt, + CSR_RSN_OUI_SIZE); + if (auth_suite) qdf_mem_copy(auth_suite, authentication, CSR_RSN_OUI_SIZE); @@ -3179,7 +3273,7 @@ static bool csr_is_rsn_match(tHalHandle hHal, tCsrAuthList *pAuthType, pEnMcType, &pIes->RSN, NULL, NULL, NULL, NULL, pNegotiatedAuthType, - pNegotiatedMCCipher); + pNegotiatedMCCipher, NULL, NULL); #ifdef WLAN_FEATURE_11W /* If all the filter matches then finally checks for PMF capabilities */ if (fRSNMatch) @@ -3398,6 +3492,7 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, uint8_t cbRSNIe = 0; uint8_t UnicastCypher[CSR_RSN_OUI_SIZE]; uint8_t MulticastCypher[CSR_RSN_OUI_SIZE]; + uint8_t gp_mgmt_cipher_suite[CSR_RSN_OUI_SIZE]; uint8_t AuthSuite[CSR_RSN_OUI_SIZE]; tCsrRSNAuthIe *pAuthSuite; tCsrRSNCapabilities RSNCapabilities; @@ -3449,7 +3544,9 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, &pProfile->mcEncryptionType, &pIesLocal->RSN, UnicastCypher, MulticastCypher, AuthSuite, - &RSNCapabilities, &negAuthType, NULL); + &RSNCapabilities, &negAuthType, NULL, + gp_mgmt_cipher_suite, + &pProfile->mgmt_encryption_type); if (!fRSNMatch) break; @@ -3526,8 +3623,8 @@ uint8_t csr_construct_rsn_ie(tHalHandle hHal, uint32_t sessionId, pGroupMgmtCipherSuite = (uint8_t *) pPMK + sizeof(uint16_t) + (pPMK->cPMKIDs * CSR_RSN_PMKID_SIZE); - qdf_mem_copy(pGroupMgmtCipherSuite, csr_rsn_oui[07], - CSR_WPA_OUI_SIZE); + qdf_mem_copy(pGroupMgmtCipherSuite, + gp_mgmt_cipher_suite, CSR_RSN_OUI_SIZE); } #endif @@ -4331,7 +4428,12 @@ tAniEdType csr_translate_encrypt_type_to_ed_type(eCsrEncryptionType EncryptType) case eCSR_ENCRYPT_TYPE_AES_GCMP_256: edType = eSIR_ED_GCMP_256; break; - + case eCSR_ENCRYPT_TYPE_AES_GMAC_128: + edType = eSIR_ED_AES_GMAC_128; + break; + case eCSR_ENCRYPT_TYPE_AES_GMAC_256: + edType = eSIR_ED_AES_GMAC_256; + break; #endif } diff --git a/core/wma/src/wma_mgmt.c b/core/wma/src/wma_mgmt.c index aa1672a16a76..29340cc90abd 100644 --- a/core/wma/src/wma_mgmt.c +++ b/core/wma/src/wma_mgmt.c @@ -1567,9 +1567,7 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, { struct set_key_params params; QDF_STATUS status = QDF_STATUS_SUCCESS; -#ifdef WLAN_FEATURE_11W struct wma_txrx_node *iface = NULL; -#endif /* WLAN_FEATURE_11W */ if ((key_params->key_type == eSIR_ED_NONE && key_params->key_len) || (key_params->key_type != eSIR_ED_NONE && !key_params->key_len)) { @@ -1671,6 +1669,10 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, case eSIR_ED_AES_128_CMAC: params.key_cipher = WMI_CIPHER_AES_CMAC; break; + case eSIR_ED_AES_GMAC_128: + case eSIR_ED_AES_GMAC_256: + params.key_cipher = WMI_CIPHER_AES_GMAC; + break; #endif /* WLAN_FEATURE_11W */ /* Firmware uses length to detect GCMP 128/256*/ case eSIR_ED_GCMP: @@ -1712,7 +1714,9 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, params.key_len = key_params->key_len; #ifdef WLAN_FEATURE_11W - if (key_params->key_type == eSIR_ED_AES_128_CMAC) { + if ((key_params->key_type == eSIR_ED_AES_128_CMAC) || + (key_params->key_type == eSIR_ED_AES_GMAC_128) || + (key_params->key_type == eSIR_ED_AES_GMAC_256)) { iface = &wma_handle->interfaces[key_params->vdev_id]; if (iface) { iface->key.key_length = key_params->key_len; |