Subject: [PATCH 0/3] brcmfmac: Support DPP feature series

Support DPP feature and related fix.

Kurt Lee (3):
brcmfmac: Support DPP feature
brcmfmac: Fix interoperating DPP and other encryption network access
brcmfmac: Fix connecting enterprise AP failure

.../broadcom/brcm80211/brcmfmac/cfg80211.c | 152 ++++++++++--------
.../broadcom/brcm80211/brcmfmac/p2p.c | 77 +++++++--
.../broadcom/brcm80211/brcmfmac/p2p.h | 4 +-
.../broadcom/brcm80211/include/brcmu_wifi.h | 5 +
4 files changed, 158 insertions(+), 80 deletions(-)

--
2.25.0


Subject: [PATCH 2/3] brcmfmac: Fix interoperating DPP and other encryption network access

From: Kurt Lee <[email protected]>

1. If firmware supports 4-way handshake offload but not supports DPP
4-way offload, when user first connects encryption network, driver will
set "sup_wpa 1" to firmware, but it will further result in DPP
connection failure since firmware won't send EAPOL frame to host.

2. Fix DPP AP mode handling action frames.

3. For some firmware without fwsup support, the join procedure will be
skipped due to "sup_wpa" iovar returning not-support. Check the fwsup
feature before do such iovar.

Signed-off-by: Kurt Lee <[email protected]>
Signed-off-by: Double Lo <[email protected]>
Signed-off-by: Chi-hsien Lin <ch[email protected]>
Signed-off-by: Ian Lin <[email protected]>
---
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 68 ++++++++++---------
.../broadcom/brcm80211/brcmfmac/p2p.c | 5 ++
2 files changed, 42 insertions(+), 31 deletions(-)

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 4a8aceda8fe8..c0e184db0e5d 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -2128,44 +2128,50 @@ brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
goto done;
}

- if (sme->crypto.psk &&
- profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
- if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
- err = -EINVAL;
- goto done;
+ if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
+ if (sme->crypto.psk) {
+ if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
+ if (WARN_ON(profile->use_fwsup !=
+ BRCMF_PROFILE_FWSUP_NONE)) {
+ err = -EINVAL;
+ goto done;
+ }
+ brcmf_dbg(INFO, "using PSK offload\n");
+ profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
+ }
+ } else {
+ profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
}
- brcmf_dbg(INFO, "using PSK offload\n");
- profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
- }

- if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
- /* enable firmware supplicant for this interface */
- err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
- if (err < 0) {
- bphy_err(drvr, "failed to enable fw supplicant\n");
- goto done;
+ if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
+ /* enable firmware supplicant for this interface */
+ err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
+ if (err < 0) {
+ bphy_err(drvr, "failed to enable fw supplicant\n");
+ goto done;
+ }
+ } else {
+ err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 0);
}
- }

- if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
- err = brcmf_set_pmk(ifp, sme->crypto.psk,
- BRCMF_WSEC_MAX_PSK_LEN);
- else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
- /* clean up user-space RSNE */
- err = brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0);
- if (err) {
- bphy_err(drvr, "failed to clean up user-space RSNE\n");
- goto done;
- }
- err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
- sme->crypto.sae_pwd_len);
- if (!err && sme->crypto.psk)
+ if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
err = brcmf_set_pmk(ifp, sme->crypto.psk,
BRCMF_WSEC_MAX_PSK_LEN);
+ else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
+ /* clean up user-space RSNE */
+ if (brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0)) {
+ bphy_err(drvr, "failed to clean up user-space RSNE\n");
+ goto done;
+ }
+ err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
+ sme->crypto.sae_pwd_len);
+ if (!err && sme->crypto.psk)
+ err = brcmf_set_pmk(ifp, sme->crypto.psk,
+ BRCMF_WSEC_MAX_PSK_LEN);
+ }
+ if (err)
+ goto done;
}
- if (err)
- goto done;
-
/* Join with specific BSSID and cached SSID
* If SSID is zero join based on BSSID only
*/
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
index 4636fc27e915..3d96ad872593 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
@@ -1318,6 +1318,10 @@ static s32 brcmf_p2p_abort_action_frame(struct brcmf_cfg80211_info *cfg)
brcmf_dbg(TRACE, "Enter\n");

vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
+
+ if (!vif)
+ vif = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
+
err = brcmf_fil_bsscfg_data_set(vif->ifp, "actframe_abort", &int_val,
sizeof(s32));
if (err)
@@ -1867,6 +1871,7 @@ bool brcmf_p2p_send_action_frame(struct brcmf_cfg80211_info *cfg,
/* validate channel and p2p ies */
if (config_af_params.search_channel &&
IS_P2P_SOCIAL_CHANNEL(le32_to_cpu(af_params->channel)) &&
+ p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif &&
p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif->saved_ie.probe_req_ie_len) {
afx_hdl = &p2p->afx_hdl;
afx_hdl->peer_listen_chan = le32_to_cpu(af_params->channel);
--
2.25.0

Subject: [PATCH 3/3] brcmfmac: Fix connecting enterprise AP failure

From: Kurt Lee <[email protected]>

Use alternative to check AKM-DPP enabled thus this change won't let
status un-sync on use_fwsup between driver and firmware

Signed-off-by: Kurt Lee <[email protected]>
Signed-off-by: Chung-Hsien Hsu <[email protected]>
Signed-off-by: Chi-hsien Lin <[email protected]>
Signed-off-by: Ian Lin <[email protected]>
---
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index c0e184db0e5d..98b42925887e 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -1821,6 +1821,7 @@ brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
break;
case WLAN_AKM_SUITE_DPP:
val = WFA_AUTH_DPP;
+ profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
break;
default:
bphy_err(drvr, "invalid akm suite (%d)\n",
@@ -2139,8 +2140,6 @@ brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
brcmf_dbg(INFO, "using PSK offload\n");
profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
}
- } else {
- profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
}

if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
--
2.25.0

2022-09-21 17:37:59

by Franky Lin

[permalink] [raw]
Subject: Re: [PATCH 2/3] brcmfmac: Fix interoperating DPP and other encryption network access

On Tue, Sep 20, 2022 at 7:04 PM Ian Lin <[email protected]> wrote:
>
> From: Kurt Lee <[email protected]>
>
> 1. If firmware supports 4-way handshake offload but not supports DPP
> 4-way offload, when user first connects encryption network, driver will
> set "sup_wpa 1" to firmware, but it will further result in DPP
> connection failure since firmware won't send EAPOL frame to host.
>
> 2. Fix DPP AP mode handling action frames.
>
> 3. For some firmware without fwsup support, the join procedure will be
> skipped due to "sup_wpa" iovar returning not-support. Check the fwsup
> feature before do such iovar.

It is not a good practice to fix multiple issues in one patch. Please
break this up.

>
> Signed-off-by: Kurt Lee <[email protected]>
> Signed-off-by: Double Lo <[email protected]>
> Signed-off-by: Chi-hsien Lin <[email protected]>
> Signed-off-by: Ian Lin <[email protected]>
> ---
> .../broadcom/brcm80211/brcmfmac/cfg80211.c | 68 ++++++++++---------
> .../broadcom/brcm80211/brcmfmac/p2p.c | 5 ++
> 2 files changed, 42 insertions(+), 31 deletions(-)
>
> diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> index 4a8aceda8fe8..c0e184db0e5d 100644
> --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> @@ -2128,44 +2128,50 @@ brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
> goto done;
> }
>
> - if (sme->crypto.psk &&
> - profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
> - if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
> - err = -EINVAL;
> - goto done;
> + if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
> + if (sme->crypto.psk) {
> + if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
> + if (WARN_ON(profile->use_fwsup !=
> + BRCMF_PROFILE_FWSUP_NONE)) {
> + err = -EINVAL;
> + goto done;
> + }
> + brcmf_dbg(INFO, "using PSK offload\n");
> + profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
> + }
> + } else {
> + profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
> }
> - brcmf_dbg(INFO, "using PSK offload\n");
> - profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
> - }
>
> - if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
> - /* enable firmware supplicant for this interface */
> - err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
> - if (err < 0) {
> - bphy_err(drvr, "failed to enable fw supplicant\n");
> - goto done;
> + if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
> + /* enable firmware supplicant for this interface */
> + err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
> + if (err < 0) {
> + bphy_err(drvr, "failed to enable fw supplicant\n");
> + goto done;
> + }
> + } else {
> + err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 0);
> }
> - }
>
> - if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
> - err = brcmf_set_pmk(ifp, sme->crypto.psk,
> - BRCMF_WSEC_MAX_PSK_LEN);
> - else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
> - /* clean up user-space RSNE */
> - err = brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0);
> - if (err) {
> - bphy_err(drvr, "failed to clean up user-space RSNE\n");
> - goto done;
> - }
> - err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
> - sme->crypto.sae_pwd_len);
> - if (!err && sme->crypto.psk)
> + if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
> err = brcmf_set_pmk(ifp, sme->crypto.psk,
> BRCMF_WSEC_MAX_PSK_LEN);
> + else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
> + /* clean up user-space RSNE */
> + if (brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0)) {
> + bphy_err(drvr, "failed to clean up user-space RSNE\n");
> + goto done;
> + }
> + err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
> + sme->crypto.sae_pwd_len);
> + if (!err && sme->crypto.psk)
> + err = brcmf_set_pmk(ifp, sme->crypto.psk,
> + BRCMF_WSEC_MAX_PSK_LEN);
> + }
> + if (err)
> + goto done;
> }
> - if (err)
> - goto done;
> -
> /* Join with specific BSSID and cached SSID
> * If SSID is zero join based on BSSID only
> */
> diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
> index 4636fc27e915..3d96ad872593 100644
> --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
> +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
> @@ -1318,6 +1318,10 @@ static s32 brcmf_p2p_abort_action_frame(struct brcmf_cfg80211_info *cfg)
> brcmf_dbg(TRACE, "Enter\n");
>
> vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
> +
> + if (!vif)
> + vif = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
> +
> err = brcmf_fil_bsscfg_data_set(vif->ifp, "actframe_abort", &int_val,
> sizeof(s32));
> if (err)
> @@ -1867,6 +1871,7 @@ bool brcmf_p2p_send_action_frame(struct brcmf_cfg80211_info *cfg,
> /* validate channel and p2p ies */
> if (config_af_params.search_channel &&
> IS_P2P_SOCIAL_CHANNEL(le32_to_cpu(af_params->channel)) &&
> + p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif &&
> p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif->saved_ie.probe_req_ie_len) {
> afx_hdl = &p2p->afx_hdl;
> afx_hdl->peer_listen_chan = le32_to_cpu(af_params->channel);
> --
> 2.25.0
>

--
This electronic communication and the information and any files transmitted
with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain
information that is confidential, legally privileged, protected by privacy
laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use,
copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.


Attachments:
smime.p7s (4.10 kB)
S/MIME Cryptographic Signature