nl80211: add support for SAE authentication offload
Let drivers advertise support for station-mode SAE authentication offload with a new NL80211_EXT_FEATURE_SAE_OFFLOAD flag. Signed-off-by: Chung-Hsien Hsu <stanley.hsu@cypress.com> Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
parent
cc3e14c21a
commit
26f7044e95
|
@ -2612,6 +2612,7 @@ enum ieee80211_key_len {
|
||||||
#define FILS_ERP_MAX_RRK_LEN 64
|
#define FILS_ERP_MAX_RRK_LEN 64
|
||||||
|
|
||||||
#define PMK_MAX_LEN 64
|
#define PMK_MAX_LEN 64
|
||||||
|
#define SAE_PASSWORD_MAX_LEN 128
|
||||||
|
|
||||||
/* Public action codes (IEEE Std 802.11-2016, 9.6.8.1, Table 9-307) */
|
/* Public action codes (IEEE Std 802.11-2016, 9.6.8.1, Table 9-307) */
|
||||||
enum ieee80211_pub_actioncode {
|
enum ieee80211_pub_actioncode {
|
||||||
|
|
|
@ -742,6 +742,9 @@ struct survey_info {
|
||||||
* CFG80211_MAX_WEP_KEYS WEP keys
|
* CFG80211_MAX_WEP_KEYS WEP keys
|
||||||
* @wep_tx_key: key index (0..3) of the default TX static WEP key
|
* @wep_tx_key: key index (0..3) of the default TX static WEP key
|
||||||
* @psk: PSK (for devices supporting 4-way-handshake offload)
|
* @psk: PSK (for devices supporting 4-way-handshake offload)
|
||||||
|
* @sae_pwd: password for SAE authentication (for devices supporting SAE
|
||||||
|
* offload)
|
||||||
|
* @sae_pwd_len: length of SAE password (for devices supporting SAE offload)
|
||||||
*/
|
*/
|
||||||
struct cfg80211_crypto_settings {
|
struct cfg80211_crypto_settings {
|
||||||
u32 wpa_versions;
|
u32 wpa_versions;
|
||||||
|
@ -757,6 +760,8 @@ struct cfg80211_crypto_settings {
|
||||||
struct key_params *wep_keys;
|
struct key_params *wep_keys;
|
||||||
int wep_tx_key;
|
int wep_tx_key;
|
||||||
const u8 *psk;
|
const u8 *psk;
|
||||||
|
const u8 *sae_pwd;
|
||||||
|
u8 sae_pwd_len;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -234,6 +234,15 @@
|
||||||
* use in a FILS shared key connection with PMKSA caching.
|
* use in a FILS shared key connection with PMKSA caching.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* DOC: SAE authentication offload
|
||||||
|
*
|
||||||
|
* By setting @NL80211_EXT_FEATURE_SAE_OFFLOAD flag drivers can indicate they
|
||||||
|
* support offloading SAE authentication for WPA3-Personal networks. In
|
||||||
|
* %NL80211_CMD_CONNECT the password for SAE should be specified using
|
||||||
|
* %NL80211_ATTR_SAE_PASSWORD.
|
||||||
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* enum nl80211_commands - supported nl80211 commands
|
* enum nl80211_commands - supported nl80211 commands
|
||||||
*
|
*
|
||||||
|
@ -2341,6 +2350,10 @@ enum nl80211_commands {
|
||||||
* should be picking up the lowest tx power, either tx power per-interface
|
* should be picking up the lowest tx power, either tx power per-interface
|
||||||
* or per-station.
|
* or per-station.
|
||||||
*
|
*
|
||||||
|
* @NL80211_ATTR_SAE_PASSWORD: attribute for passing SAE password material. It
|
||||||
|
* is used with %NL80211_CMD_CONNECT to provide password for offloading
|
||||||
|
* SAE authentication for WPA3-Personal networks.
|
||||||
|
*
|
||||||
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
|
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
|
||||||
* @NL80211_ATTR_MAX: highest attribute number currently defined
|
* @NL80211_ATTR_MAX: highest attribute number currently defined
|
||||||
* @__NL80211_ATTR_AFTER_LAST: internal use
|
* @__NL80211_ATTR_AFTER_LAST: internal use
|
||||||
|
@ -2794,6 +2807,8 @@ enum nl80211_attrs {
|
||||||
NL80211_ATTR_STA_TX_POWER_SETTING,
|
NL80211_ATTR_STA_TX_POWER_SETTING,
|
||||||
NL80211_ATTR_STA_TX_POWER,
|
NL80211_ATTR_STA_TX_POWER,
|
||||||
|
|
||||||
|
NL80211_ATTR_SAE_PASSWORD,
|
||||||
|
|
||||||
/* add attributes here, update the policy in nl80211.c */
|
/* add attributes here, update the policy in nl80211.c */
|
||||||
|
|
||||||
__NL80211_ATTR_AFTER_LAST,
|
__NL80211_ATTR_AFTER_LAST,
|
||||||
|
@ -5423,6 +5438,9 @@ enum nl80211_feature_flags {
|
||||||
* @NL80211_EXT_FEATURE_STA_TX_PWR: This driver supports controlling tx power
|
* @NL80211_EXT_FEATURE_STA_TX_PWR: This driver supports controlling tx power
|
||||||
* to a station.
|
* to a station.
|
||||||
*
|
*
|
||||||
|
* @NL80211_EXT_FEATURE_SAE_OFFLOAD: Device wants to do SAE authentication in
|
||||||
|
* station mode (SAE password is passed as part of the connect command).
|
||||||
|
*
|
||||||
* @NUM_NL80211_EXT_FEATURES: number of extended features.
|
* @NUM_NL80211_EXT_FEATURES: number of extended features.
|
||||||
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
|
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
|
||||||
*/
|
*/
|
||||||
|
@ -5467,6 +5485,7 @@ enum nl80211_ext_feature_index {
|
||||||
NL80211_EXT_FEATURE_SCHED_SCAN_BAND_SPECIFIC_RSSI_THOLD,
|
NL80211_EXT_FEATURE_SCHED_SCAN_BAND_SPECIFIC_RSSI_THOLD,
|
||||||
NL80211_EXT_FEATURE_EXT_KEY_ID,
|
NL80211_EXT_FEATURE_EXT_KEY_ID,
|
||||||
NL80211_EXT_FEATURE_STA_TX_PWR,
|
NL80211_EXT_FEATURE_STA_TX_PWR,
|
||||||
|
NL80211_EXT_FEATURE_SAE_OFFLOAD,
|
||||||
|
|
||||||
/* add new features before the definition below */
|
/* add new features before the definition below */
|
||||||
NUM_NL80211_EXT_FEATURES,
|
NUM_NL80211_EXT_FEATURES,
|
||||||
|
|
|
@ -571,6 +571,8 @@ const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
|
||||||
[NL80211_ATTR_PEER_MEASUREMENTS] =
|
[NL80211_ATTR_PEER_MEASUREMENTS] =
|
||||||
NLA_POLICY_NESTED(nl80211_pmsr_attr_policy),
|
NLA_POLICY_NESTED(nl80211_pmsr_attr_policy),
|
||||||
[NL80211_ATTR_AIRTIME_WEIGHT] = NLA_POLICY_MIN(NLA_U16, 1),
|
[NL80211_ATTR_AIRTIME_WEIGHT] = NLA_POLICY_MIN(NLA_U16, 1),
|
||||||
|
[NL80211_ATTR_SAE_PASSWORD] = { .type = NLA_BINARY,
|
||||||
|
.len = SAE_PASSWORD_MAX_LEN },
|
||||||
};
|
};
|
||||||
|
|
||||||
/* policy for the key attributes */
|
/* policy for the key attributes */
|
||||||
|
@ -4434,6 +4436,8 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
|
||||||
return true;
|
return true;
|
||||||
case NL80211_CMD_CONNECT:
|
case NL80211_CMD_CONNECT:
|
||||||
if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
|
if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
|
||||||
|
!wiphy_ext_feature_isset(&rdev->wiphy,
|
||||||
|
NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
|
||||||
auth_type == NL80211_AUTHTYPE_SAE)
|
auth_type == NL80211_AUTHTYPE_SAE)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
@ -8973,6 +8977,16 @@ static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
|
||||||
settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]);
|
settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (info->attrs[NL80211_ATTR_SAE_PASSWORD]) {
|
||||||
|
if (!wiphy_ext_feature_isset(&rdev->wiphy,
|
||||||
|
NL80211_EXT_FEATURE_SAE_OFFLOAD))
|
||||||
|
return -EINVAL;
|
||||||
|
settings->sae_pwd =
|
||||||
|
nla_data(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
|
||||||
|
settings->sae_pwd_len =
|
||||||
|
nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue