diff options
| author | Srinivas Dasari <dasaris@codeaurora.org> | 2020-11-13 19:55:10 +0530 |
|---|---|---|
| committer | Isaac Chiou <isaacchiou@google.com> | 2020-11-25 09:26:25 +0000 |
| commit | 914e8959850aa4d449ae73ec74984a98ae544e9d (patch) | |
| tree | 63fc34b2e44aba033c5a44702c50c375be39b3e6 | |
| parent | 315e03a100d39db541b68e0923ea904f0310ab90 (diff) | |
| download | qcacld-914e8959850aa4d449ae73ec74984a98ae544e9d.tar.gz | |
qcacld-3.0: Consider peer mac addr also for duplicate frame detection
Currently, sequence number of the authentication frame is cached
to detect if the same frame is received again. But in SAP case,
it's possible to get authentication frame from two different
clients with the same sequence number. Host driver drops auth
frame from the second station as it is considered as a
duplicate frame. Though the driver drops the frame only if it's
a retry, it's possible to get auth frame from second client with
same sequence number and retry bit set.
Cache the client mac address along with sequence number to
avoid this.
Bug: 172309980
Change-Id: I194adc9e0f90d074aef50340d2cd6c7b138cc9b5
CRs-Fixed: 2815784
| -rw-r--r-- | core/mac/src/pe/include/lim_session.h | 1 | ||||
| -rw-r--r-- | core/mac/src/pe/lim/lim_process_auth_frame.c | 5 |
2 files changed, 5 insertions, 1 deletions
diff --git a/core/mac/src/pe/include/lim_session.h b/core/mac/src/pe/include/lim_session.h index 121acfecb3..89afa0f5b0 100644 --- a/core/mac/src/pe/include/lim_session.h +++ b/core/mac/src/pe/include/lim_session.h @@ -509,6 +509,7 @@ typedef struct sPESession /* Added to Support BT-AMP */ bool ch_switch_in_progress; /* previous auth frame's sequence number */ uint16_t prev_auth_seq_num; + tSirMacAddr prev_auth_mac_addr; bool fw_roaming_started; bool recvd_deauth_while_roaming; bool recvd_disassoc_while_roaming; diff --git a/core/mac/src/pe/lim/lim_process_auth_frame.c b/core/mac/src/pe/lim/lim_process_auth_frame.c index 53585671f5..6ea9bf8055 100644 --- a/core/mac/src/pe/lim/lim_process_auth_frame.c +++ b/core/mac/src/pe/lim/lim_process_auth_frame.c @@ -1170,14 +1170,17 @@ lim_process_auth_frame(tpAniSirGlobal mac_ctx, uint8_t *rx_pkt_info, * auth frame from AP which results in authentication failure. */ if (pe_session->prev_auth_seq_num == curr_seq_num && + !qdf_mem_cmp(pe_session->prev_auth_mac_addr, &mac_hdr->sa, + ETH_ALEN) && mac_hdr->fc.retry) { pe_err("auth frame, seq num: %d is already processed, drop it", curr_seq_num); return; } - /* save seq number in pe_session */ + /* save seq number and mac_addr in pe_session */ pe_session->prev_auth_seq_num = curr_seq_num; + qdf_mem_copy(pe_session->prev_auth_mac_addr, mac_hdr->sa, ETH_ALEN); body_ptr = WMA_GET_RX_MPDU_DATA(rx_pkt_info); |