diff options
| author | wadesong <wadesong@codeaurora.org> | 2020-05-27 16:57:43 +0800 |
|---|---|---|
| committer | wadesong <wadesong@codeaurora.org> | 2020-06-05 14:49:41 +0800 |
| commit | d6d24d672937b2845266df03c18f22b7f8dc9010 (patch) | |
| tree | c9b0bec852514bb56e3159d0c294312011311c3c | |
| parent | 43f91918ba7e2029d5b948314cc2fac132ec5ae3 (diff) | |
qcacld-3.0: Add preauth node when SAE auth frame is received
Add preauth node and mark state as eLIM_MLM_WT_SAE_AUTH_STATE
(waiting for SAE authentication) when SAE auth frame is received
from peer. State can be moved to authenticated when hostapd sends
SAE authentication status as success.
Change-Id: I7e1c326d54465d2bae86a9b0de5152196a9ce359
CRs-Fixed: 2695745
| -rw-r--r-- | core/mac/src/pe/lim/lim_process_auth_frame.c | 67 |
1 files changed, 62 insertions, 5 deletions
diff --git a/core/mac/src/pe/lim/lim_process_auth_frame.c b/core/mac/src/pe/lim/lim_process_auth_frame.c index 10771dfd4be8..de5408411de7 100644 --- a/core/mac/src/pe/lim/lim_process_auth_frame.c +++ b/core/mac/src/pe/lim/lim_process_auth_frame.c @@ -303,7 +303,43 @@ static void lim_process_auth_open_system_algo(tpAniSirGlobal mac_ctx, #ifdef WLAN_FEATURE_SAE /** - * lim_process_sae_auth_frame()-Process SAE authentication frame + * lim_external_auth_add_pre_auth_node() - Add preauth node for the peer + * performing external authentication + * @mac_ctx: MAC context + * @mac_hdr: Mac header of the packet + * @mlm_state: MLM state to be marked to track SAE authentication + * + * Return: None + */ +static void lim_external_auth_add_pre_auth_node(tpAniSirGlobal mac_ctx, + tpSirMacMgmtHdr mac_hdr, + tLimMlmStates mlm_state) +{ + struct tLimPreAuthNode *auth_node; + tpLimPreAuthTable preauth_table = &mac_ctx->lim.gLimPreAuthTimerTable; + + pe_debug("=======> eSIR_AUTH_TYPE_SAE"); + /* Create entry for this STA in pre-auth list */ + auth_node = lim_acquire_free_pre_auth_node(mac_ctx, preauth_table); + if (!auth_node) { + pe_debug("Max pre-auth nodes reached " MAC_ADDRESS_STR, + MAC_ADDR_ARRAY(mac_hdr->sa)); + return; + } + pe_debug("Creating preauth node for SAE peer " MAC_ADDRESS_STR, + MAC_ADDR_ARRAY(mac_hdr->sa)); + qdf_mem_copy((uint8_t *)auth_node->peerMacAddr, + mac_hdr->sa, sizeof(tSirMacAddr)); + auth_node->mlmState = mlm_state; + auth_node->authType = eSIR_AUTH_TYPE_SAE; + auth_node->timestamp = qdf_mc_timer_get_system_ticks(); + auth_node->seq_num = ((mac_hdr->seqControl.seqNumHi << 4) | + (mac_hdr->seqControl.seqNumLo)); + lim_add_pre_auth_node(mac_ctx, auth_node); +} + +/** + * lim_process_sae_auth_frame() - Process SAE authentication frame * @mac_ctx: MAC context * @rx_pkt_info: Rx packet * @pe_session: PE session @@ -311,7 +347,8 @@ static void lim_process_auth_open_system_algo(tpAniSirGlobal mac_ctx, * Return: None */ static void lim_process_sae_auth_frame(tpAniSirGlobal mac_ctx, - uint8_t *rx_pkt_info, tpPESession pe_session) + uint8_t *rx_pkt_info, + tpPESession pe_session) { tpSirMacMgmtHdr mac_hdr; uint32_t frame_len; @@ -330,8 +367,27 @@ static void lim_process_sae_auth_frame(tpAniSirGlobal mac_ctx, pe_err("received SAE auth response for STA in unexpected state %x", pe_session->limMlmState); - if (LIM_IS_AP_ROLE(pe_session)) + if (LIM_IS_AP_ROLE(pe_session)) { + struct tLimPreAuthNode *sta_pre_auth_ctx; + rx_flags = RXMGMT_FLAG_EXTERNAL_AUTH; + /* Add preauth node when the first SAE authentication frame + * is received and mark state as authenticating. + * It's not good to track SAE authentication frames with + * authTransactionSeqNumber as it's subjected to + * SAE protocol optimizations. + */ + /* Extract pre-auth context for the STA, if any. */ + sta_pre_auth_ctx = lim_search_pre_auth_list(mac_ctx, + mac_hdr->sa); + if (!sta_pre_auth_ctx || + (sta_pre_auth_ctx->mlmState != eLIM_MLM_WT_SAE_AUTH_STATE && + sta_pre_auth_ctx->mlmState != + eLIM_MLM_AUTHENTICATED_STATE)) { + lim_external_auth_add_pre_auth_node( + mac_ctx, mac_hdr, eLIM_MLM_WT_SAE_AUTH_STATE); + } + } lim_send_sme_mgmt_frame_ind(mac_ctx, mac_hdr->fc.subType, (uint8_t *)mac_hdr, @@ -341,8 +397,9 @@ static void lim_process_sae_auth_frame(tpAniSirGlobal mac_ctx, rx_flags); } #else -static inline void lim_process_sae_auth_frame(tpAniSirGlobal mac_ctx, - uint8_t *rx_pkt_info, tpPESession pe_session) +static inline void lim_process_sae_auth_frame(tpAniSirGlobal mac_ctx, + uint8_t *rx_pkt_info, + tpPESession pe_session) {} #endif |