mwifiex: fix WPA connection problem
authorchunfan chen <jeffc@marvell.com>
Mon, 14 Dec 2015 12:15:15 +0000 (04:15 -0800)
committerKalle Valo <kvalo@codeaurora.org>
Wed, 30 Dec 2015 14:58:10 +0000 (16:58 +0200)
Device fails to connect to some AP's configured in WPA
security mode. Currently IE buffer parsing logic in driver
expects WPA IE to be present at the beginning of IE buffer.
Otherwise connection is failed with 'incompatible network
setting' error.

This patch fixes the problem by improving IE buffer parsing
logic.

Signed-off-by: chunfan chen <jeffc@marvell.com>
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
drivers/net/wireless/marvell/mwifiex/sta_ioctl.c

index 62b35a31a225f48eb9498648e7b8eebb4fcd832c..439e73fc9c02f078724ce97049cf6f5ab1cdb32e 100644 (file)
@@ -1293,6 +1293,8 @@ mwifiex_set_gen_ie_helper(struct mwifiex_private *priv, u8 *ie_data_ptr,
        struct ieee_types_vendor_header *pvendor_ie;
        const u8 wpa_oui[] = { 0x00, 0x50, 0xf2, 0x01 };
        const u8 wps_oui[] = { 0x00, 0x50, 0xf2, 0x04 };
+       u16 unparsed_len = ie_len;
+       int find_wpa_ie = 0;
 
        /* If the passed length is zero, reset the buffer */
        if (!ie_len) {
@@ -1304,40 +1306,69 @@ mwifiex_set_gen_ie_helper(struct mwifiex_private *priv, u8 *ie_data_ptr,
                return -1;
        }
        pvendor_ie = (struct ieee_types_vendor_header *) ie_data_ptr;
-       /* Test to see if it is a WPA IE, if not, then it is a gen IE */
-       if (((pvendor_ie->element_id == WLAN_EID_VENDOR_SPECIFIC) &&
-            (!memcmp(pvendor_ie->oui, wpa_oui, sizeof(wpa_oui)))) ||
-           (pvendor_ie->element_id == WLAN_EID_RSN)) {
 
-               /* IE is a WPA/WPA2 IE so call set_wpa function */
-               ret = mwifiex_set_wpa_ie_helper(priv, ie_data_ptr, ie_len);
-               priv->wps.session_enable = false;
+       while (pvendor_ie) {
+               if (pvendor_ie->element_id == WLAN_EID_VENDOR_SPECIFIC) {
+                       /* Test to see if it is a WPA IE, if not, then it is a
+                        * gen IE
+                        */
+                       if (!memcmp(pvendor_ie->oui, wpa_oui,
+                                   sizeof(wpa_oui))) {
+                               find_wpa_ie = 1;
+                               break;
+                       }
 
-               return ret;
-       } else if (pvendor_ie->element_id == WLAN_EID_BSS_AC_ACCESS_DELAY) {
+                       /* Test to see if it is a WPS IE, if so, enable
+                        * wps session flag
+                        */
+                       if (!memcmp(pvendor_ie->oui, wps_oui,
+                                   sizeof(wps_oui))) {
+                               priv->wps.session_enable = true;
+                               mwifiex_dbg(priv->adapter, MSG,
+                                           "info: WPS Session Enabled.\n");
+                               ret = mwifiex_set_wps_ie(priv,
+                                                        (u8 *)pvendor_ie,
+                                                        unparsed_len);
+                       }
+               }
+
+               if (pvendor_ie->element_id == WLAN_EID_RSN) {
+                       find_wpa_ie = 1;
+                       break;
+               }
+
+               if (pvendor_ie->element_id == WLAN_EID_BSS_AC_ACCESS_DELAY) {
                /* IE is a WAPI IE so call set_wapi function */
-               ret = mwifiex_set_wapi_ie(priv, ie_data_ptr, ie_len);
+                       ret = mwifiex_set_wapi_ie(priv, (u8 *)pvendor_ie,
+                                                 unparsed_len);
+                       return ret;
+               }
+
+               unparsed_len -= (pvendor_ie->len +
+                                sizeof(struct ieee_types_header));
+
+               if (unparsed_len <= sizeof(struct ieee_types_header))
+                       pvendor_ie = NULL;
+               else
+                       pvendor_ie = (struct ieee_types_vendor_header *)
+                               (((u8 *)pvendor_ie) + pvendor_ie->len +
+                                sizeof(struct ieee_types_header));
+       }
 
+       if (find_wpa_ie) {
+               /* IE is a WPA/WPA2 IE so call set_wpa function */
+               ret = mwifiex_set_wpa_ie_helper(priv, (u8 *)pvendor_ie,
+                                               unparsed_len);
+               priv->wps.session_enable = false;
                return ret;
        }
+
        /*
         * Verify that the passed length is not larger than the
         * available space remaining in the buffer
         */
        if (ie_len < (sizeof(priv->gen_ie_buf) - priv->gen_ie_buf_len)) {
 
-               /* Test to see if it is a WPS IE, if so, enable
-                * wps session flag
-                */
-               pvendor_ie = (struct ieee_types_vendor_header *) ie_data_ptr;
-               if ((pvendor_ie->element_id == WLAN_EID_VENDOR_SPECIFIC) &&
-                   (!memcmp(pvendor_ie->oui, wps_oui, sizeof(wps_oui)))) {
-                       priv->wps.session_enable = true;
-                       mwifiex_dbg(priv->adapter, INFO,
-                                   "info: WPS Session Enabled.\n");
-                       ret = mwifiex_set_wps_ie(priv, ie_data_ptr, ie_len);
-               }
-
                /* Append the passed data to the end of the
                   genIeBuffer */
                memcpy(priv->gen_ie_buf + priv->gen_ie_buf_len, ie_data_ptr,