2019-01-18 11:27:24

by Srinivas Dasari

[permalink] [raw]
Subject: [PATCH] nl80211: Allow set/del pmksa operations for AP

From: Liangwei Dong <[email protected]>

Host drivers may offload authentication to the user space
through the commit ("cfg80211: Authentication offload to
user space in AP mode").

This interface can be used to implement SAE by having the
userspace do authentication/PMKID key derivation and driver
handle the association.

A step ahead, this interface can get further optimized if the
PMKID is passed to the host driver and also have it respond to
the association request by the STA on a valid PMKID.

This commit enables the userspace to pass the PMKID to the host
drivers through the set/del pmksa operations in AP mode.

Set/Del pmksa is now restricted to STA/P2P client mode only and
thus the drivers might not expect them in any other(AP) mode.

This commit also introduces a feature flag
NL80211_EXT_FEATURE_SET_DEL_PMKSA_AP to maintain the backward
compatibility of such an expectation by the host drivers.
These operations are allowed in AP mode only when the drivers
advertize the capability through this flag.

Signed-off-by: Liangwei Dong <[email protected]>
Signed-off-by: Srinivas Dasari <[email protected]>
---
include/uapi/linux/nl80211.h | 6 ++++++
net/wireless/nl80211.c | 5 ++++-
2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index 30e1bb6..5553ae6 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -5318,6 +5318,11 @@ enum nl80211_feature_flags {
* if this flag is not set. Ignoring this can leak clear text packets and/or
* freeze the connection.
*
+ * @NL80211_EXT_FEATURE_SET_DEL_PMKSA_AP: Driver/device support set/del pmksa in
+ * AP mode. Initial implementation of nl80211_setdel_pmksa does not allow
+ * pmksa configuration in AP mode. This flag allows the set/del pmksa to
+ * the drivers only when set, thus ensuring the backward compatibility.
+ *
* @NUM_NL80211_EXT_FEATURES: number of extended features.
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
*/
@@ -5357,6 +5362,7 @@ enum nl80211_ext_feature_index {
NL80211_EXT_FEATURE_SCAN_MIN_PREQ_CONTENT,
NL80211_EXT_FEATURE_CAN_REPLACE_PTK0,
NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER,
+ NL80211_EXT_FEATURE_SET_DEL_PMKSA_AP,

/* add new features before the definition below */
NUM_NL80211_EXT_FEATURES,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 0af5db3..686da9f 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -9858,7 +9858,10 @@ static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
}

if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
- dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
+ dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
+ !(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_AP &&
+ wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_SET_DEL_PMKSA_AP)))
return -EOPNOTSUPP;

switch (info->genlhdr->cmd) {
--
1.9.1