qcacld-3.0: Disallow TKIP/WEP with HT supported client

As softap, send assoc failure if HT supported client try to associate as WEP/TKIP pairwise key. Change-Id: Ifcf13eaf3d0d8a48f7e32b675bd53a98611af964 CRs-Fixed: 2616083
2020-02-17 19:38:35 +05:30 · 2020-02-17 19:38:35 +05:30 · 80338b1553
commit 80338b1553
parent 9916bd2bbc
1 changed files with 27 additions and 3 deletions
--- a/core/mac/src/pe/lim/lim_process_assoc_req_frame.c
+++ b/core/mac/src/pe/lim/lim_process_assoc_req_frame.c
@ -829,6 +829,23 @@ static void lim_print_ht_cap(struct mac_context *mac_ctx, struct pe_session *ses
 	}
 }

+static enum mac_status_code
+lim_check_crypto_param(tpSirAssocReq assoc_req,
+		       struct wlan_crypto_params *peer_crypto_params)
+{
+	/* TKIP/WEP is not allowed in HT/VHT mode*/
+	if (assoc_req->HTCaps.present) {
+		if ((peer_crypto_params->ucastcipherset &
+			(1 << WLAN_CRYPTO_CIPHER_TKIP)) ||
+		    (peer_crypto_params->ucastcipherset &
+			(1 << WLAN_CRYPTO_CIPHER_WEP))) {
+			pe_info("TKIP/WEP cipher with HT supported client, reject assoc");
+			return eSIR_MAC_INVALID_IE_STATUS;
+		}
+	}
+	return eSIR_MAC_SUCCESS_STATUS;
+}
+
 static
 enum mac_status_code lim_check_rsn_ie(struct pe_session *session,
 				      struct mac_context *mac_ctx,
@ -841,6 +858,7 @@ enum mac_status_code lim_check_rsn_ie(struct pe_session *session,
 	uint8_t buffer[WLAN_MAX_IE_LEN];
 	uint32_t dot11f_status, written = 0, nbuffer = WLAN_MAX_IE_LEN;
 	tSirMacRsnInfo rsn_ie;
+	struct wlan_crypto_params peer_crypto_params;

 	dot11f_status = dot11f_pack_ie_rsn(mac_ctx, rsn, buffer,
 					   nbuffer, &written);
@ -852,7 +870,8 @@ enum mac_status_code lim_check_rsn_ie(struct pe_session *session,
 	rsn_ie.length = (uint8_t) written;
 	qdf_mem_copy(&rsn_ie.info[0], buffer, rsn_ie.length);
 	if (wlan_crypto_check_rsn_match(mac_ctx->psoc, session->smeSessionId,
-					&rsn_ie.info[0], rsn_ie.length)) {
+					&rsn_ie.info[0], rsn_ie.length,
+					&peer_crypto_params)) {
 		vdev = wlan_objmgr_get_vdev_by_id_from_psoc(mac_ctx->psoc,
 							session->smeSessionId,
 							WLAN_LEGACY_MAC_ID);
@ -863,6 +882,8 @@ enum mac_status_code lim_check_rsn_ie(struct pe_session *session,

 		*pmf_connection = wlan_crypto_vdev_is_pmf_enabled(vdev);
 		wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
+		return lim_check_crypto_param(assoc_req, &peer_crypto_params);
+
 	} else {
 		return eSIR_MAC_INVALID_IE_STATUS;
 	}
@ -878,6 +899,7 @@ static enum mac_status_code lim_check_wpa_ie(struct pe_session *session,
 	uint8_t buffer[WLAN_MAX_IE_LEN];
 	uint32_t dot11f_status, written = 0, nbuffer = WLAN_MAX_IE_LEN;
 	tSirMacRsnInfo wpa_ie = {0};
+	struct wlan_crypto_params peer_crypto_params;

 	dot11f_status = dot11f_pack_ie_wpa(mac_ctx, wpa, buffer,
 					   nbuffer, &written);
@ -889,8 +911,10 @@ static enum mac_status_code lim_check_wpa_ie(struct pe_session *session,
 	wpa_ie.length = (uint8_t) written;
 	qdf_mem_copy(&wpa_ie.info[0], buffer, wpa_ie.length);
 	if (wlan_crypto_check_wpa_match(mac_ctx->psoc, session->smeSessionId,
-					&wpa_ie.info[0], wpa_ie.length))
-		return eSIR_MAC_SUCCESS_STATUS;
+					&wpa_ie.info[0], wpa_ie.length,
+					&peer_crypto_params)) {
+		return lim_check_crypto_param(assoc_req, &peer_crypto_params);
+	}

 	return eSIR_MAC_INVALID_IE_STATUS;
 }