1 /* 2 * Copyright (c) 2017-2020 The Linux Foundation. All rights reserved. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for 5 * any purpose with or without fee is hereby granted, provided that the 6 * above copyright notice and this permission notice appear in all 7 * copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL 10 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED 11 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE 12 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 13 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 14 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 15 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16 * PERFORMANCE OF THIS SOFTWARE. 17 */ 18 /* 19 * DOC: contains scan cache filter logic 20 */ 21 22 #include <wlan_scan_utils_api.h> 23 #include "wlan_scan_main.h" 24 #include "wlan_scan_cache_db_i.h" 25 #include <wlan_dfs_utils_api.h> 26 #include "wlan_crypto_global_def.h" 27 #include "wlan_crypto_global_api.h" 28 29 /** 30 * scm_check_open() - Check if scan entry support open authmode 31 * @filter: scan filter 32 * @db_entry: db entry 33 * @security: matched security. 34 * 35 * Return: true if open security else false 36 */ 37 static bool scm_check_open(struct scan_filter *filter, 38 struct scan_cache_entry *db_entry, 39 struct security_info *security) 40 { 41 if (db_entry->cap_info.wlan_caps.privacy) { 42 scm_debug("%pM : have privacy set", 43 db_entry->bssid.bytes); 44 return false; 45 } 46 47 if (filter->ucastcipherset && 48 !(QDF_HAS_PARAM(filter->ucastcipherset, WLAN_CRYPTO_CIPHER_NONE))) { 49 scm_debug("%pM : Filter doesn't have CIPHER none in uc %x", 50 db_entry->bssid.bytes, filter->ucastcipherset); 51 return false; 52 } 53 54 if (filter->mcastcipherset && 55 !(QDF_HAS_PARAM(filter->mcastcipherset, WLAN_CRYPTO_CIPHER_NONE))) { 56 scm_debug("%pM : Filter doesn't have CIPHER none in mc %x", 57 db_entry->bssid.bytes, filter->mcastcipherset); 58 return false; 59 } 60 61 QDF_SET_PARAM(security->ucastcipherset, WLAN_CRYPTO_CIPHER_NONE); 62 QDF_SET_PARAM(security->mcastcipherset, WLAN_CRYPTO_CIPHER_NONE); 63 64 return true; 65 } 66 67 /** 68 * scm_check_wep() - Check if scan entry support WEP authmode 69 * @filter: scan filter 70 * @db_entry: db entry 71 * @security: matched security. 72 * 73 * Return: true if WEP security else false 74 */ 75 static bool scm_check_wep(struct scan_filter *filter, 76 struct scan_cache_entry *db_entry, 77 struct security_info *security) 78 { 79 /* If privacy bit is not set, consider no match */ 80 if (!db_entry->cap_info.wlan_caps.privacy) { 81 scm_debug("%pM : doesn't have privacy set", 82 db_entry->bssid.bytes); 83 return false; 84 } 85 86 if (!(db_entry->security_type & SCAN_SECURITY_TYPE_WEP)) { 87 scm_debug("%pM : doesn't support WEP", db_entry->bssid.bytes); 88 return false; 89 } 90 91 if (!filter->ucastcipherset || !filter->mcastcipherset) { 92 scm_debug("%pM : Filter uc %x or mc %x cipher are 0", 93 db_entry->bssid.bytes, filter->ucastcipherset, 94 filter->mcastcipherset); 95 return false; 96 } 97 98 if (!(QDF_HAS_PARAM(filter->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP) || 99 QDF_HAS_PARAM(filter->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP_40) || 100 QDF_HAS_PARAM(filter->ucastcipherset, 101 WLAN_CRYPTO_CIPHER_WEP_104))) { 102 scm_debug("%pM : Filter doesn't have WEP cipher in uc %x", 103 db_entry->bssid.bytes, filter->ucastcipherset); 104 return false; 105 } 106 107 if (!(QDF_HAS_PARAM(filter->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP) || 108 QDF_HAS_PARAM(filter->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP_40) || 109 QDF_HAS_PARAM(filter->mcastcipherset, 110 WLAN_CRYPTO_CIPHER_WEP_104))) { 111 scm_debug("%pM : Filter doesn't have WEP cipher in mc %x", 112 db_entry->bssid.bytes, filter->mcastcipherset); 113 return false; 114 } 115 116 if (QDF_HAS_PARAM(filter->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP)) 117 QDF_SET_PARAM(security->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP); 118 119 if (QDF_HAS_PARAM(filter->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP_40)) 120 QDF_SET_PARAM(security->ucastcipherset, 121 WLAN_CRYPTO_CIPHER_WEP_40); 122 123 if (QDF_HAS_PARAM(filter->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP_104)) 124 QDF_SET_PARAM(security->ucastcipherset, 125 WLAN_CRYPTO_CIPHER_WEP_104); 126 127 if (QDF_HAS_PARAM(filter->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP)) 128 QDF_SET_PARAM(security->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP); 129 130 if (QDF_HAS_PARAM(filter->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP_40)) 131 QDF_SET_PARAM(security->mcastcipherset, 132 WLAN_CRYPTO_CIPHER_WEP_40); 133 134 if (QDF_HAS_PARAM(filter->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP_104)) 135 QDF_SET_PARAM(security->mcastcipherset, 136 WLAN_CRYPTO_CIPHER_WEP_104); 137 138 return true; 139 } 140 141 /** 142 * scm_chk_if_cipher_n_akm_match() - Check if akm and ciphers match 143 * @filter: scan filter 144 * @ap_crypto: aps crypto params 145 * 146 * Return: true if matches 147 */ 148 static bool scm_chk_if_cipher_n_akm_match(struct scan_filter *filter, 149 struct wlan_crypto_params *ap_crypto) 150 { 151 /* Check AP's pairwise ciphers.*/ 152 if (!(filter->ucastcipherset & ap_crypto->ucastcipherset)) 153 return false; 154 155 /* Check AP's group cipher match.*/ 156 if (!(filter->mcastcipherset & ap_crypto->mcastcipherset)) 157 return false; 158 159 /* Check AP's AKM match with filter's AKM.*/ 160 if (!(filter->key_mgmt & ap_crypto->key_mgmt)) 161 return false; 162 163 /* Check AP's mgmt cipher match if present.*/ 164 if ((filter->mgmtcipherset && ap_crypto->mgmtcipherset) && 165 !(filter->mgmtcipherset & ap_crypto->mgmtcipherset)) 166 return false; 167 168 if (filter->ignore_pmf_cap) 169 return true; 170 171 if (filter->pmf_cap == WLAN_PMF_REQUIRED && 172 !(ap_crypto->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED)) 173 return false; 174 175 if (filter->pmf_cap == WLAN_PMF_DISABLED && 176 (ap_crypto->rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)) 177 return false; 178 179 return true; 180 } 181 182 static bool scm_chk_crypto_params(struct scan_filter *filter, 183 struct wlan_crypto_params *ap_crypto, 184 bool is_adaptive_11r, 185 struct scan_cache_entry *db_entry, 186 struct security_info *security) 187 { 188 if (!scm_chk_if_cipher_n_akm_match(filter, ap_crypto)) { 189 scm_debug("%pM: fail. adaptive 11r %d Self: AKM %x CIPHER: mc %x uc %x mgmt %x pmf %d AP: AKM %x CIPHER: mc %x uc %x mgmt %x, RSN caps %x", 190 db_entry->bssid.bytes, is_adaptive_11r, 191 filter->key_mgmt, filter->mcastcipherset, 192 filter->ucastcipherset, filter->mgmtcipherset, 193 filter->pmf_cap, ap_crypto->key_mgmt, 194 ap_crypto->mcastcipherset, ap_crypto->ucastcipherset, 195 ap_crypto->mgmtcipherset, ap_crypto->rsn_caps); 196 return false; 197 } 198 199 security->mcastcipherset = 200 ap_crypto->mcastcipherset & filter->mcastcipherset; 201 security->ucastcipherset = 202 ap_crypto->ucastcipherset & filter->ucastcipherset; 203 security->key_mgmt = ap_crypto->key_mgmt & filter->key_mgmt; 204 205 return true; 206 } 207 208 /** 209 * scm_check_rsn() - Check if scan entry support RSN security 210 * @filter: scan filter 211 * @db_entry: db entry 212 * @security: matched security. 213 * 214 * Return: true if RSN security else false 215 */ 216 static bool scm_check_rsn(struct scan_filter *filter, 217 struct scan_cache_entry *db_entry, 218 struct security_info *security) 219 { 220 bool is_adaptive_11r; 221 QDF_STATUS status; 222 struct wlan_crypto_params *ap_crypto; 223 bool match; 224 225 if (!util_scan_entry_rsn(db_entry)) { 226 scm_debug("%pM : doesn't have RSN IE", db_entry->bssid.bytes); 227 return false; 228 } 229 230 ap_crypto = qdf_mem_malloc(sizeof(*ap_crypto)); 231 if (!ap_crypto) 232 return false; 233 status = wlan_crypto_rsnie_check(ap_crypto, 234 util_scan_entry_rsn(db_entry)); 235 if (QDF_IS_STATUS_ERROR(status)) { 236 scm_err("%pM: failed to parse RSN IE, status %d", 237 db_entry->bssid.bytes, status); 238 qdf_mem_free(ap_crypto); 239 return false; 240 } 241 242 is_adaptive_11r = db_entry->adaptive_11r_ap && 243 filter->enable_adaptive_11r; 244 245 /* If adaptive 11r is enabled set the FT AKM for AP */ 246 if (is_adaptive_11r) { 247 if (QDF_HAS_PARAM(ap_crypto->key_mgmt, 248 WLAN_CRYPTO_KEY_MGMT_IEEE8021X)) { 249 QDF_SET_PARAM(ap_crypto->key_mgmt, 250 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X); 251 } 252 if (QDF_HAS_PARAM(ap_crypto->key_mgmt, 253 WLAN_CRYPTO_KEY_MGMT_PSK)) { 254 QDF_SET_PARAM(ap_crypto->key_mgmt, 255 WLAN_CRYPTO_KEY_MGMT_FT_PSK); 256 } 257 if (QDF_HAS_PARAM(ap_crypto->key_mgmt, 258 WLAN_CRYPTO_KEY_MGMT_PSK_SHA256)) { 259 QDF_SET_PARAM(ap_crypto->key_mgmt, 260 WLAN_CRYPTO_KEY_MGMT_FT_PSK); 261 } 262 if (QDF_HAS_PARAM(ap_crypto->key_mgmt, 263 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256)) { 264 QDF_SET_PARAM(ap_crypto->key_mgmt, 265 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X); 266 } 267 } 268 269 match = scm_chk_crypto_params(filter, ap_crypto, is_adaptive_11r, 270 db_entry, security); 271 qdf_mem_free(ap_crypto); 272 273 return match; 274 } 275 276 /** 277 * scm_check_wpa() - Check if scan entry support WPA security 278 * @filter: scan filter 279 * @db_entry: db entry 280 * @security: matched security. 281 * 282 * Return: true if WPA security else false 283 */ 284 static bool scm_check_wpa(struct scan_filter *filter, 285 struct scan_cache_entry *db_entry, 286 struct security_info *security) 287 { 288 QDF_STATUS status; 289 struct wlan_crypto_params *ap_crypto; 290 bool match; 291 292 if (!util_scan_entry_wpa(db_entry)) { 293 scm_debug("%pM : doesn't have WPA IE", 294 db_entry->bssid.bytes); 295 return false; 296 } 297 298 ap_crypto = qdf_mem_malloc(sizeof(*ap_crypto)); 299 if (!ap_crypto) 300 return false; 301 302 status = wlan_crypto_wpaie_check(ap_crypto, 303 util_scan_entry_wpa(db_entry)); 304 if (QDF_IS_STATUS_ERROR(status)) { 305 scm_err("%pM: failed to parse WPA IE, status %d", 306 db_entry->bssid.bytes, status); 307 qdf_mem_free(ap_crypto); 308 return false; 309 } 310 311 match = scm_chk_crypto_params(filter, ap_crypto, false, 312 db_entry, security); 313 qdf_mem_free(ap_crypto); 314 315 return match; 316 } 317 318 /** 319 * scm_check_wapi() - Check if scan entry support WAPI security 320 * @filter: scan filter 321 * @db_entry: db entry 322 * @security: matched security. 323 * 324 * Return: true if WAPI security else false 325 */ 326 static bool scm_check_wapi(struct scan_filter *filter, 327 struct scan_cache_entry *db_entry, 328 struct security_info *security) 329 { 330 QDF_STATUS status; 331 struct wlan_crypto_params *ap_crypto; 332 333 if (!util_scan_entry_wapi(db_entry)) { 334 scm_debug("%pM : doesn't have WAPI IE", 335 db_entry->bssid.bytes); 336 return false; 337 } 338 339 ap_crypto = qdf_mem_malloc(sizeof(*ap_crypto)); 340 if (!ap_crypto) 341 return false; 342 343 status = wlan_crypto_wapiie_check(ap_crypto, 344 util_scan_entry_wapi(db_entry)); 345 if (QDF_IS_STATUS_ERROR(status)) { 346 scm_err("%pM: failed to parse WAPI IE, status %d", 347 db_entry->bssid.bytes, status); 348 qdf_mem_free(ap_crypto); 349 return false; 350 } 351 352 if (!scm_chk_if_cipher_n_akm_match(filter, ap_crypto)) { 353 scm_debug("%pM: fail. Self: AKM %x CIPHER: mc %x uc %x mgmt %x pmf %d AP: AKM %x CIPHER: mc %x uc %x mgmt %x, RSN caps %x", 354 db_entry->bssid.bytes, filter->key_mgmt, 355 filter->mcastcipherset, filter->ucastcipherset, 356 filter->mgmtcipherset, filter->pmf_cap, 357 ap_crypto->key_mgmt, ap_crypto->mcastcipherset, 358 ap_crypto->ucastcipherset, ap_crypto->mgmtcipherset, 359 ap_crypto->rsn_caps); 360 qdf_mem_free(ap_crypto); 361 362 return false; 363 } 364 365 security->mcastcipherset = 366 ap_crypto->mcastcipherset & filter->mcastcipherset; 367 security->ucastcipherset = 368 ap_crypto->ucastcipherset & filter->ucastcipherset; 369 security->key_mgmt = ap_crypto->key_mgmt & filter->key_mgmt; 370 qdf_mem_free(ap_crypto); 371 372 return true; 373 } 374 375 /** 376 * scm_match_any_security() - Check if any security in filter match 377 * @filter: scan filter 378 * @db_entry: db entry 379 * @security: matched security. 380 * 381 * Return: true if any security else false 382 */ 383 static bool scm_match_any_security(struct scan_filter *filter, 384 struct scan_cache_entry *db_entry, 385 struct security_info *security) 386 { 387 struct wlan_crypto_params *ap_crypto = {0}; 388 QDF_STATUS status; 389 bool match = false; 390 391 ap_crypto = qdf_mem_malloc(sizeof(*ap_crypto)); 392 if (!ap_crypto) 393 return match; 394 395 if (util_scan_entry_rsn(db_entry)) { 396 status = wlan_crypto_rsnie_check(ap_crypto, 397 util_scan_entry_rsn(db_entry)); 398 if (QDF_IS_STATUS_ERROR(status)) { 399 scm_err("%pM: failed to parse RSN IE, status %d", 400 db_entry->bssid.bytes, status); 401 goto free; 402 } 403 security->mcastcipherset = ap_crypto->mcastcipherset; 404 security->ucastcipherset = ap_crypto->ucastcipherset; 405 security->key_mgmt = ap_crypto->key_mgmt; 406 QDF_SET_PARAM(security->authmodeset, WLAN_CRYPTO_AUTH_RSNA); 407 match = true; 408 goto free; 409 } 410 411 if (util_scan_entry_wpa(db_entry)) { 412 status = wlan_crypto_wpaie_check(ap_crypto, 413 util_scan_entry_wpa(db_entry)); 414 if (QDF_IS_STATUS_ERROR(status)) { 415 scm_err("%pM: failed to parse WPA IE, status %d", 416 db_entry->bssid.bytes, status); 417 goto free; 418 } 419 security->mcastcipherset = ap_crypto->mcastcipherset; 420 security->ucastcipherset = ap_crypto->ucastcipherset; 421 security->key_mgmt = ap_crypto->key_mgmt; 422 QDF_SET_PARAM(security->authmodeset, WLAN_CRYPTO_AUTH_WPA); 423 match = true; 424 goto free; 425 } 426 427 if (util_scan_entry_wapi(db_entry)) { 428 status = wlan_crypto_wapiie_check(ap_crypto, 429 util_scan_entry_wapi(db_entry)); 430 if (QDF_IS_STATUS_ERROR(status)) { 431 scm_err("%pM: failed to parse WPA IE, status %d", 432 db_entry->bssid.bytes, status); 433 goto free; 434 } 435 security->mcastcipherset = ap_crypto->mcastcipherset; 436 security->ucastcipherset = ap_crypto->ucastcipherset; 437 security->key_mgmt = ap_crypto->key_mgmt; 438 QDF_SET_PARAM(security->authmodeset, WLAN_CRYPTO_AUTH_WAPI); 439 match = true; 440 goto free; 441 } 442 443 if (db_entry->cap_info.wlan_caps.privacy) { 444 QDF_SET_PARAM(security->ucastcipherset, WLAN_CRYPTO_CIPHER_WEP); 445 QDF_SET_PARAM(security->mcastcipherset, WLAN_CRYPTO_CIPHER_WEP); 446 QDF_SET_PARAM(security->authmodeset, WLAN_CRYPTO_AUTH_SHARED); 447 match = true; 448 goto free; 449 } 450 451 QDF_SET_PARAM(security->ucastcipherset, WLAN_CRYPTO_CIPHER_NONE); 452 QDF_SET_PARAM(security->mcastcipherset, WLAN_CRYPTO_CIPHER_NONE); 453 QDF_SET_PARAM(security->authmodeset, WLAN_CRYPTO_AUTH_OPEN); 454 match = true; 455 456 free: 457 qdf_mem_free(ap_crypto); 458 459 return match; 460 } 461 462 /** 463 * scm_is_security_match() - Check if security in filter match 464 * @filter: scan filter 465 * @db_entry: db entry 466 * @security: matched security. 467 * 468 * Return: true if security match else false 469 */ 470 static bool scm_is_security_match(struct scan_filter *filter, 471 struct scan_cache_entry *db_entry, 472 struct security_info *security) 473 { 474 int i; 475 bool match = false; 476 477 if (!filter->authmodeset) 478 return scm_match_any_security(filter, db_entry, security); 479 480 for (i = 0; i <= WLAN_CRYPTO_AUTH_MAX && !match; i++) { 481 if (!QDF_HAS_PARAM(filter->authmodeset, i)) 482 continue; 483 484 security->authmodeset = 0; 485 QDF_SET_PARAM(security->authmodeset, i); 486 487 switch (i) { 488 case WLAN_CRYPTO_AUTH_NONE: 489 case WLAN_CRYPTO_AUTH_OPEN: 490 case WLAN_CRYPTO_AUTH_AUTO: 491 match = scm_check_open(filter, db_entry, security); 492 if (match) 493 break; 494 /* If not OPEN, then check WEP match so fall through */ 495 case WLAN_CRYPTO_AUTH_SHARED: 496 match = scm_check_wep(filter, db_entry, security); 497 break; 498 case WLAN_CRYPTO_AUTH_8021X: 499 case WLAN_CRYPTO_AUTH_RSNA: 500 case WLAN_CRYPTO_AUTH_CCKM: 501 case WLAN_CRYPTO_AUTH_SAE: 502 case WLAN_CRYPTO_AUTH_FILS_SK: 503 /* First check if there is a RSN match */ 504 match = scm_check_rsn(filter, db_entry, security); 505 break; 506 case WLAN_CRYPTO_AUTH_WPA: 507 match = scm_check_wpa(filter, db_entry, security); 508 break; 509 case WLAN_CRYPTO_AUTH_WAPI:/* WAPI */ 510 match = scm_check_wapi(filter, db_entry, security); 511 break; 512 default: 513 break; 514 } 515 } 516 517 return match; 518 } 519 520 static bool scm_ignore_ssid_check_for_owe(struct scan_filter *filter, 521 struct scan_cache_entry *db_entry) 522 { 523 if (util_scan_entry_is_hidden_ap(db_entry) && 524 QDF_HAS_PARAM(filter->key_mgmt, WLAN_CRYPTO_KEY_MGMT_OWE) && 525 util_is_bssid_match(&filter->bssid_hint, &db_entry->bssid)) 526 return true; 527 528 return false; 529 } 530 531 #ifdef WLAN_FEATURE_FILS_SK 532 /** 533 * scm_is_fils_config_match() - Check if FILS config matches 534 * @filter: scan filter 535 * @db_entry: db entry 536 * 537 * Return: true if FILS config matches else false 538 */ 539 static bool scm_is_fils_config_match(struct scan_filter *filter, 540 struct scan_cache_entry *db_entry) 541 { 542 int i; 543 struct fils_indication_ie *indication_ie; 544 uint8_t *data; 545 546 if (!filter->fils_scan_filter.realm_check) 547 return true; 548 549 if (!db_entry->ie_list.fils_indication) 550 return false; 551 552 indication_ie = 553 (struct fils_indication_ie *)db_entry->ie_list.fils_indication; 554 555 data = indication_ie->variable_data; 556 if (indication_ie->is_cache_id_present) 557 data += CACHE_IDENTIFIER_LEN; 558 559 if (indication_ie->is_hessid_present) 560 data += HESSID_LEN; 561 562 for (i = 1; i <= indication_ie->realm_identifiers_cnt; i++) { 563 if (!qdf_mem_cmp(filter->fils_scan_filter.fils_realm, 564 data, REAM_HASH_LEN)) 565 return true; 566 /* Max realm count reached */ 567 if (indication_ie->realm_identifiers_cnt == i) 568 break; 569 570 data = data + REAM_HASH_LEN; 571 } 572 573 return false; 574 } 575 576 #else 577 578 static inline bool scm_is_fils_config_match(struct scan_filter *filter, 579 struct scan_cache_entry *db_entry) 580 { 581 return true; 582 } 583 #endif 584 585 bool scm_filter_match(struct wlan_objmgr_psoc *psoc, 586 struct scan_cache_entry *db_entry, 587 struct scan_filter *filter, 588 struct security_info *security) 589 { 590 int i; 591 bool match = false; 592 struct scan_default_params *def_param; 593 struct wlan_objmgr_pdev *pdev; 594 595 def_param = wlan_scan_psoc_get_def_params(psoc); 596 if (!def_param) 597 return false; 598 599 if (filter->age_threshold && filter->age_threshold < 600 util_scan_entry_age(db_entry)) 601 return false; 602 603 if (db_entry->ssid.length) { 604 for (i = 0; i < filter->num_of_ssid; i++) { 605 if (util_is_ssid_match(&filter->ssid_list[i], 606 &db_entry->ssid)) { 607 match = true; 608 break; 609 } 610 } 611 } 612 /* 613 * In OWE transition mode, ssid is hidden. And supplicant does not issue 614 * scan with specific ssid prior to connect as in other hidden ssid 615 * cases. Add explicit check to allow OWE when ssid is hidden. 616 */ 617 if (!match) 618 match = scm_ignore_ssid_check_for_owe(filter, db_entry); 619 620 if (!match && filter->num_of_ssid) 621 return false; 622 623 match = false; 624 /* TO do Fill p2p MAC*/ 625 for (i = 0; i < filter->num_of_bssid; i++) { 626 if (util_is_bssid_match(&filter->bssid_list[i], 627 &db_entry->bssid)) { 628 match = true; 629 break; 630 } 631 /* TODO match p2p mac */ 632 } 633 if (!match && filter->num_of_bssid) 634 return false; 635 636 pdev = wlan_objmgr_get_pdev_by_id(psoc, db_entry->pdev_id, 637 WLAN_SCAN_ID); 638 if (!pdev) { 639 scm_err("Invalid pdev"); 640 return false; 641 } 642 643 if (filter->ignore_nol_chan && 644 utils_dfs_is_freq_in_nol(pdev, db_entry->channel.chan_freq)) { 645 wlan_objmgr_pdev_release_ref(pdev, WLAN_SCAN_ID); 646 scm_debug("%pM : Ignore as chan in NOL list", 647 db_entry->bssid.bytes); 648 return false; 649 } 650 wlan_objmgr_pdev_release_ref(pdev, WLAN_SCAN_ID); 651 652 match = false; 653 for (i = 0; i < filter->num_of_channels; i++) { 654 if (!filter->chan_freq_list[i] || 655 filter->chan_freq_list[i] == 656 db_entry->channel.chan_freq) { 657 match = true; 658 break; 659 } 660 } 661 662 if (!match && filter->num_of_channels) 663 return false; 664 665 if (filter->rrm_measurement_filter) 666 return true; 667 668 if (!filter->ignore_auth_enc_type && 669 !scm_is_security_match(filter, db_entry, security)) { 670 scm_debug("%pM : Ignore as security profile didn't match", 671 db_entry->bssid.bytes); 672 return false; 673 } 674 675 /* Match realm */ 676 if (!scm_is_fils_config_match(filter, db_entry)) { 677 scm_debug("%pM :Ignore as fils config didn't match", 678 db_entry->bssid.bytes); 679 return false; 680 } 681 682 if (!util_mdie_match(filter->mobility_domain, 683 (struct rsn_mdie *)db_entry->ie_list.mdie)) { 684 scm_debug("%pM : Ignore as mdie didn't match", 685 db_entry->bssid.bytes); 686 return false; 687 } 688 return true; 689 } 690