qcacmn: Drop the invalid 6GHz security beacon from scan result

/*

 * Copyright (c) 2017-2020 The Linux Foundation. All rights reserved.

 * Copyright (c) 2017-2021 The Linux Foundation. All rights reserved.

 *

 * Permission to use, copy, modify, and/or distribute this software for

 * any purpose with or without fee is hereby granted, provided that the

 *

 * Return: pointer to RSNXE capability or NULL

 */

uint8_t *

wlan_crypto_parse_rsnxe_ie(uint8_t *rsnxe_ie, uint8_t *cap_len);

const uint8_t *

wlan_crypto_parse_rsnxe_ie(const uint8_t *rsnxe_ie, uint8_t *cap_len);

/**

 * wlan_get_crypto_params_from_wapi_ie - Function to get crypto params

				(_c == WLAN_CRYPTO_CIPHER_WEP_40) || \

				(_c == WLAN_CRYPTO_CIPHER_WEP_104))

#define DEFAULT_KEYMGMT_6G_MASK 0xFFFFFFFF

/* AKM wlan_crypto_key_mgmt 0-8, 12-15 and 24 are not allowed. */

#define ALLOWED_KEYMGMT_6G_MASK 0xFEFF0E00

/*

 * enum fils_erp_cryptosuite: this enum defines the cryptosuites used

 * to calculate auth tag and auth tag length as defined by RFC 6696 5.3.1

/*

 * Copyright (c) 2017-2020 The Linux Foundation. All rights reserved.

 * Copyright (c) 2017-2021 The Linux Foundation. All rights reserved.

 *

 * Permission to use, copy, modify, and/or distribute this software for

 * any purpose with or without fee is hereby granted, provided that the

	params->rsn_caps = 0;

}

uint8_t *

wlan_crypto_parse_rsnxe_ie(uint8_t *rsnxe_ie, uint8_t *cap_len)

const uint8_t *

wlan_crypto_parse_rsnxe_ie(const uint8_t *rsnxe_ie, uint8_t *cap_len)

{

	uint8_t len;

	uint8_t *ie;

	const uint8_t *ie;

	if (!rsnxe_ie)

		return NULL;

				 struct scoring_cfg *score_params,

				 bool *sae_pk_cap_present)

{

	uint8_t *rsnxe_ie, *rsnxe_cap, cap_len;

	uint8_t *rsnxe_ie, cap_len;

	const uint8_t *rsnxe_cap;

	rsnxe_ie = util_scan_entry_rsnxe(entry);

				  entry->rssi_raw,

				  phy_config);

}

#ifdef CONFIG_BAND_6GHZ

static bool cm_check_h2e_support(const uint8_t *rsnxe, uint8_t sae_pwe)

{

	const uint8_t *rsnxe_cap;

	uint8_t cap_len;

	rsnxe_cap = wlan_crypto_parse_rsnxe_ie(rsnxe, &cap_len);

	if (!rsnxe_cap) {

		mlme_debug("RSNXE caps not present");

		return false;

	}

	if (*rsnxe_cap & WLAN_CRYPTO_RSNX_CAP_SAE_H2E)

		return true;

	mlme_debug("RSNXE caps %x dont have H2E support", *rsnxe_cap);

	return false;

}

#endif

#else

static bool

cm_get_pcl_weight_of_channel(uint32_t chan_freq,

{

	return 0;

}

#ifdef CONFIG_BAND_6GHZ

static bool cm_check_h2e_support(const uint8_t *rsnxe, uint8_t sae_pwe)

{

	/* limiting to H2E usage only */

	if (sae_pwe == 1)

		return true;

	mlme_debug("sae_pwe %d is not H2E", sae_pwe);

	return false;

}

#endif

#endif

/**

	}

}

#ifdef CONFIG_BAND_6GHZ

bool wlan_cm_6ghz_allowed_for_akm(struct wlan_objmgr_psoc *psoc,

				  uint32_t key_mgmt, uint16_t rsn_caps,

				  const uint8_t *rsnxe, uint8_t sae_pwe,

				  bool is_wps)

{

	struct psoc_mlme_obj *mlme_psoc_obj;

	struct scoring_cfg *config;

	/* Allow connection for WPS security */

	if (is_wps)

		return true;

	mlme_psoc_obj = wlan_psoc_mlme_get_cmpt_obj(psoc);

	if (!mlme_psoc_obj)

		return false;

	config = &mlme_psoc_obj->psoc_cfg.score_config;

	/*

	 * if check_6ghz_security is not set check if key_mgmt_mask_6ghz is set

	 * if key_mgmt_mask_6ghz is set check if AKM matches the user configured

	 * 6Ghz security

	 */

	if (!config->check_6ghz_security) {

		if (!config->key_mgmt_mask_6ghz)

			return true;

		/* Check if AKM is allowed as per user 6Ghz allowed AKM mask */

		if ((config->key_mgmt_mask_6ghz & key_mgmt) != key_mgmt) {

			mlme_debug("usr configured mask %x didn't match AKM %x",

				   config->key_mgmt_mask_6ghz, key_mgmt);

			return false;

		}

		return true;

	}

	/* Check if the AKM is allowed as per the 6Ghz allowed AKM mask */

	if ((key_mgmt & ALLOWED_KEYMGMT_6G_MASK) != key_mgmt)

		return false;

	/* if check_6ghz_security is set validate all checks for 6Ghz */

	if (!(rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED))

		return false;

	/* for SAE we need to check H2E support */

	if (!(QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_SAE) ||

	      QDF_HAS_PARAM(key_mgmt, WLAN_CRYPTO_KEY_MGMT_FT_SAE)))

		return true;

	return cm_check_h2e_support(rsnxe, sae_pwe);

}

void wlan_cm_set_check_6ghz_security(struct wlan_objmgr_psoc *psoc,

				     bool value)

{

	struct psoc_mlme_obj *mlme_psoc_obj;

	mlme_psoc_obj = wlan_psoc_mlme_get_cmpt_obj(psoc);

	if (!mlme_psoc_obj)

		return;

	mlme_debug("6ghz security check val %x", value);

	mlme_psoc_obj->psoc_cfg.score_config.check_6ghz_security = value;

}

void wlan_cm_reset_check_6ghz_security(struct wlan_objmgr_psoc *psoc)

{

	struct psoc_mlme_obj *mlme_psoc_obj;

	mlme_psoc_obj = wlan_psoc_mlme_get_cmpt_obj(psoc);

	if (!mlme_psoc_obj)

		return;

	mlme_psoc_obj->psoc_cfg.score_config.check_6ghz_security =

					cfg_get(psoc, CFG_CHECK_6GHZ_SECURITY);

}

bool wlan_cm_get_check_6ghz_security(struct wlan_objmgr_psoc *psoc)

{

	struct psoc_mlme_obj *mlme_psoc_obj;

	mlme_psoc_obj = wlan_psoc_mlme_get_cmpt_obj(psoc);

	if (!mlme_psoc_obj)

		return false;

	return mlme_psoc_obj->psoc_cfg.score_config.check_6ghz_security;

}

void wlan_cm_set_6ghz_key_mgmt_mask(struct wlan_objmgr_psoc *psoc,

				    uint32_t value)

{

	struct psoc_mlme_obj *mlme_psoc_obj;

	mlme_psoc_obj = wlan_psoc_mlme_get_cmpt_obj(psoc);

	if (!mlme_psoc_obj)

		return;

	mlme_debug("key_mgmt_mask_6ghz %x", value);

	mlme_psoc_obj->psoc_cfg.score_config.key_mgmt_mask_6ghz = value;

}

uint32_t wlan_cm_get_6ghz_key_mgmt_mask(struct wlan_objmgr_psoc *psoc)

{

	struct psoc_mlme_obj *mlme_psoc_obj;

	mlme_psoc_obj = wlan_psoc_mlme_get_cmpt_obj(psoc);

	if (!mlme_psoc_obj)

		return DEFAULT_KEYMGMT_6G_MASK;

	return mlme_psoc_obj->psoc_cfg.score_config.key_mgmt_mask_6ghz;

}

static void cm_fill_6ghz_params(struct wlan_objmgr_psoc *psoc,

				struct scoring_cfg *score_cfg)

{

	/* Allow all security in 6Ghz by default */

	score_cfg->check_6ghz_security = cfg_get(psoc, CFG_CHECK_6GHZ_SECURITY);

	score_cfg->key_mgmt_mask_6ghz =

				cfg_get(psoc, CFG_6GHZ_ALLOWED_AKM_MASK);

}

#else

static inline void cm_fill_6ghz_params(struct wlan_objmgr_psoc *psoc,

				       struct scoring_cfg *score_cfg)

{

}

#endif

static uint32_t

cm_limit_max_per_index_score(uint32_t per_index_score)

{

	score_cfg->vendor_roam_score_algorithm =

			cfg_get(psoc, CFG_VENDOR_ROAM_SCORE_ALGORITHM);

	score_cfg->check_assoc_disallowed = true;

	cm_fill_6ghz_params(psoc, score_cfg);

}

/*

 * Copyright (c) 2012-2020, The Linux Foundation. All rights reserved.

 * Copyright (c) 2012-2021, The Linux Foundation. All rights reserved.

 *

 * Permission to use, copy, modify, and/or distribute this software for any

 * purpose with or without fee is hereby granted, provided that the above

	CFG_INI_BOOL("vendor_roam_score_algorithm", false, \

	"Roam candidate selection score algorithm")

#ifdef CONFIG_BAND_6GHZ

/*

 * <ini>

 * check_6ghz_security - Enable check for 6Ghz allowed security

 * BSSID.

 * @Min: 0

 * @Max: 1

 * @Default: 0

 *

 * This ini is used to Enable check for 6Ghz allowed security. If enabled

 * only WPA3 and other allowed security will be allowed for 6Ghz connection

 *

 * Related: None

 *

 * Supported Feature: STA

 *

 * Usage: External

 *

 * </ini>

 */

#define CFG_CHECK_6GHZ_SECURITY CFG_INI_BOOL(\

				"check_6ghz_security", 0, \

				"Enable check for 6Ghz allowed security")

/*

 * <ini>

 * key_mgmt_mask_6ghz - AKM bit mask (@wlan_crypto_key_mgmt) allowed in 6Ghz

 * channel

 * @Min: 0

 * @Max: 0xffffffff

 * @Default: 0xffffffff

 *

 * This ini is used to set allowed AKM check for 6Ghz. If enabled

 * only only AKM bits allowed will be used to connect to candidate.

 * valid only if check_6ghz_security is 0. By default all AKM are allowed

 *

 * Related: check_6Ghz_security

 *

 * Supported Feature: STA

 *

 * Usage: External

 *

 * </ini>

 */

#define CFG_6GHZ_ALLOWED_AKM_MASK CFG_INI_UINT(\

			"key_mgmt_mask_6ghz",\

			0, DEFAULT_KEYMGMT_6G_MASK, DEFAULT_KEYMGMT_6G_MASK,\

			CFG_VALUE_OR_DEFAULT, \

			"Set priority for connection with bssid_hint")

#define CFG_6GHZ_CONFIG \

	CFG(CFG_CHECK_6GHZ_SECURITY) \

	CFG(CFG_6GHZ_ALLOWED_AKM_MASK)

#else

#define CFG_6GHZ_CONFIG

#endif

#define CFG_MLME_SCORE_ALL \

	CFG(CFG_SCORING_RSSI_WEIGHTAGE) \

	CFG(CFG_SCORING_HT_CAPS_WEIGHTAGE) \

	CFG(CFG_SCORING_OCE_WAN_SCORE_IDX_11_TO_8) \

	CFG(CFG_SCORING_OCE_WAN_SCORE_IDX_15_TO_12) \

	CFG(CFG_IS_BSSID_HINT_PRIORITY) \

	CFG(CFG_VENDOR_ROAM_SCORE_ALGORITHM)

	CFG(CFG_VENDOR_ROAM_SCORE_ALGORITHM) \

	CFG_6GHZ_CONFIG

#endif /* __CFG_MLME_SCORE_PARAMS_H */