Update PSK after cross AKM roaming to WPA-PSK when driver's SME in use

4-way handshake was failing after the driver roam from SAE to WPA-PSK
due to wpa_sm having an old PMK which was generated during previous SAE
connection.

To fix this update PSK to wpa_sm when AKM changes from SAE to WPA-PSK
for the target AP to have a correct PMK for 4-way handshake. Also,
update PSK to the driver when key management offload is enabled.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index ec56cfdc0529d4863c420e60affced24aae1f8e8..5ddee6717bc25a410ddf5ce51d8b97d0dc2e15e2 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2796,6 +2796,28 @@ static int wpa_supplicant_use_own_rsne_params(struct wpa_supplicant *wpa_s,
                return -1;
        }
 
+       /*
+        * Update PMK in wpa_sm and the driver if roamed to WPA/WPA2 PSK from a
+        * different AKM.
+        */
+       if (wpa_s->key_mgmt != ie.key_mgmt &&
+           wpa_key_mgmt_wpa_psk_no_sae(ie.key_mgmt)) {
+               if (!ssid->psk_set) {
+                       wpa_dbg(wpa_s, MSG_INFO,
+                               "No PSK available for association");
+                       wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
+                       return -1;
+               }
+
+               wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, NULL);
+               if (wpa_s->conf->key_mgmt_offload &&
+                   (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD) &&
+                   wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, NULL, 0, ssid->psk,
+                                   PMK_LEN, KEY_FLAG_PMK))
+                       wpa_dbg(wpa_s, MSG_ERROR,
+                               "WPA: Cannot set PMK for key management offload");
+       }
+
        wpa_s->key_mgmt = ie.key_mgmt;
        wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
        wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT %s and proto %d",