Added changes to handle Legacy FT test cases.
1. Current checks included only SAE_FT AKM for state machine
handling.Added additional checks for legacy FT AKM's.
2. As part of GTK rekey, the keys generated in the DHD
post FT roam should be updated to the supplicant.
Added support for private command to fetch these keys
Bug: 187705876
Test: Validated on Android S slider
Signed-off-by: Mir Ali <mir-khizer.ali@broadcom.com>
Change-Id: I84499c1692538593b50b15cd53a7a9fd770f4f0c
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 64a6ccb..ede782c 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -32,7 +32,8 @@
#include "pmksa_cache.h"
#include "wpa_i.h"
#include "wpa_ie.h"
-
+#include "wpa_supplicant_i.h"
+#include "driver_i.h"
static const u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
@@ -3877,6 +3878,32 @@
"WPA: Failed to set PMK to the driver");
}
}
+
+void wpa_sm_notify_brcm_ft_reassoc(struct wpa_sm *sm, const u8 *bssid)
+{
+ u8 buf[256];
+ struct wpa_supplicant *wpa_s = sm->ctx->ctx;
+
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: BRCM FT Reassociation event - clear replay counter");
+ os_memcpy(sm->bssid, bssid, ETH_ALEN);
+ os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN);
+ sm->rx_replay_counter_set = 0;
+
+ if (wpa_drv_driver_cmd(wpa_s, "GET_FTKEY", (char *)buf, sizeof(buf)) < 0) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_ERROR,
+ "WPA: Failed to get FT KEY information");
+ wpa_supplicant_deauthenticate(
+ wpa_s, WLAN_REASON_DEAUTH_LEAVING);
+
+ } else {
+ /* update kck and kek */
+ os_memcpy(sm->ptk.kck, buf, 16);
+ os_memcpy(sm->ptk.kek, buf + 16, 16);
+ wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
+ "WPA: Updated KCK and KEK after FT reassoc");
+ }
+}
#endif /* CONFIG_DRIVER_NL80211_BRCM */
#ifdef CONFIG_WNM
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 541ef5a..95c58f6 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -208,6 +208,7 @@
#ifdef CONFIG_DRIVER_NL80211_BRCM
void wpa_sm_install_pmk(struct wpa_sm *sm);
+void wpa_sm_notify_brcm_ft_reassoc(struct wpa_sm *sm, const u8 *bssid);
#endif /* CONFIG_DRIVER_NL80211_BRCM */
void wpa_sm_set_rx_replay_ctr(struct wpa_sm *sm, const u8 *rx_replay_counter);
@@ -434,7 +435,9 @@
size_t ies_len, const u8 *src_addr);
int wpa_ft_start_over_ds(struct wpa_sm *sm, const u8 *target_ap,
const u8 *mdie);
-
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+int wpa_ft_is_ft_protocol(struct wpa_sm *sm);
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
#ifdef CONFIG_PASN
int wpa_pasn_ft_derive_pmk_r1(struct wpa_sm *sm, int akmp, const u8 *r1kh_id,
@@ -474,6 +477,13 @@
return 0;
}
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+static inline int wpa_ft_is_ft_protocol(struct wpa_sm *sm)
+{
+ return 0;
+}
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
+
static inline void wpa_reset_ft_completed(struct wpa_sm *sm)
{
}
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index c517c41..caad760 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -743,6 +743,18 @@
return sm->ft_completed;
}
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+int wpa_ft_is_ft_protocol(struct wpa_sm *sm)
+{
+ if (sm == NULL)
+ return 0;
+
+ if (!wpa_key_mgmt_ft(sm->key_mgmt))
+ return 0;
+
+ return sm->ft_protocol;
+}
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
void wpa_reset_ft_completed(struct wpa_sm *sm)
{