cfg80211: support 4-way handshake offloading for 802.1X
Add API for setting the PMK to the driver. For FT support, allow setting also the PMK-R0 Name. This can be used by drivers that support 4-Way handshake offload while IEEE802.1X authentication is managed by upper layers. Signed-off-by: Avraham Stern <avraham.stern@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> [arend.vanspriel@broadcom.com: add WANT_1X_4WAY_HS attribute] Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com> [reword NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X docs a bit to say that the device may require it] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
Avraham Stern
committed by
Johannes Berg
Johannes Berg
parent
91b5ab6289
commit
3a00df5707
@@ -182,6 +182,17 @@
|
||||
* this offload may reject the %NL80211_CMD_CONNECT when no preshared
|
||||
* key material is provided, for example when that driver does not
|
||||
* support setting the temporal keys through %CMD_NEW_KEY.
|
||||
*
|
||||
* Similarly @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X flag can be
|
||||
* set by drivers indicating offload support of the PTK/GTK EAPOL
|
||||
* handshakes during 802.1X authentication. In order to use the offload
|
||||
* the %NL80211_CMD_CONNECT should have %NL80211_ATTR_WANT_1X_4WAY_HS
|
||||
* attribute flag. Drivers supporting this offload may reject the
|
||||
* %NL80211_CMD_CONNECT when the attribute flag is not present.
|
||||
*
|
||||
* For 802.1X the PMK or PMK-R0 are set by providing %NL80211_ATTR_PMK
|
||||
* using %NL80211_CMD_SET_PMK. For offloaded FT support also
|
||||
* %NL80211_ATTR_PMKR0_NAME must be provided.
|
||||
*/
|
||||
|
||||
/**
|
||||
@@ -959,6 +970,14 @@
|
||||
* does not result in a change for the current association. Currently,
|
||||
* only the %NL80211_ATTR_IE data is used and updated with this command.
|
||||
*
|
||||
* @NL80211_CMD_SET_PMK: For offloaded 4-Way handshake, set the PMK or PMK-R0
|
||||
* for the given authenticator address (specified with &NL80211_ATTR_MAC).
|
||||
* When &NL80211_ATTR_PMKR0_NAME is set, &NL80211_ATTR_PMK specifies the
|
||||
* PMK-R0, otherwise it specifies the PMK.
|
||||
* @NL80211_CMD_DEL_PMK: For offloaded 4-Way handshake, delete the previously
|
||||
* configured PMK for the authenticator address identified by
|
||||
* &NL80211_ATTR_MAC.
|
||||
*
|
||||
* @NL80211_CMD_MAX: highest used command number
|
||||
* @__NL80211_CMD_AFTER_LAST: internal use
|
||||
*/
|
||||
@@ -1158,6 +1177,9 @@ enum nl80211_commands {
|
||||
|
||||
NL80211_CMD_UPDATE_CONNECT_PARAMS,
|
||||
|
||||
NL80211_CMD_SET_PMK,
|
||||
NL80211_CMD_DEL_PMK,
|
||||
|
||||
/* add new commands above here */
|
||||
|
||||
/* used to define NL80211_CMD_MAX below */
|
||||
@@ -2095,13 +2117,20 @@ enum nl80211_commands {
|
||||
* @NL80211_ATTR_PMK: attribute for passing PMK key material. Used with
|
||||
* %NL80211_CMD_SET_PMKSA for the PMKSA identified by %NL80211_ATTR_PMKID.
|
||||
* For %NL80211_CMD_CONNECT it is used to provide PSK for offloading 4-way
|
||||
* handshake for WPA/WPA2-PSK networks.
|
||||
* handshake for WPA/WPA2-PSK networks. For 802.1X authentication it is
|
||||
* used with %NL80211_CMD_SET_PMK. For offloaded FT support this attribute
|
||||
* specifies the PMK-R0 if NL80211_ATTR_PMKR0_NAME is included as well.
|
||||
*
|
||||
* @NL80211_ATTR_SCHED_SCAN_MULTI: flag attribute which user-space shall use to
|
||||
* indicate that it supports multiple active scheduled scan requests.
|
||||
* @NL80211_ATTR_SCHED_SCAN_MAX_REQS: indicates maximum number of scheduled
|
||||
* scan request that may be active for the device (u32).
|
||||
*
|
||||
* @NL80211_ATTR_WANT_1X_4WAY_HS: flag attribute which user-space can include
|
||||
* in %NL80211_CMD_CONNECT to indicate that for 802.1X authentication it
|
||||
* wants to use the supported offload of the 4-way handshake.
|
||||
* @NL80211_ATTR_PMKR0_NAME: PMK-R0 Name for offloaded FT.
|
||||
*
|
||||
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
|
||||
* @NL80211_ATTR_MAX: highest attribute number currently defined
|
||||
* @__NL80211_ATTR_AFTER_LAST: internal use
|
||||
@@ -2524,6 +2553,9 @@ enum nl80211_attrs {
|
||||
NL80211_ATTR_SCHED_SCAN_MULTI,
|
||||
NL80211_ATTR_SCHED_SCAN_MAX_REQS,
|
||||
|
||||
NL80211_ATTR_WANT_1X_4WAY_HS,
|
||||
NL80211_ATTR_PMKR0_NAME,
|
||||
|
||||
/* add attributes here, update the policy in nl80211.c */
|
||||
|
||||
__NL80211_ATTR_AFTER_LAST,
|
||||
@@ -4869,6 +4901,10 @@ enum nl80211_feature_flags {
|
||||
* @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK: Device wants to do 4-way
|
||||
* handshake with PSK in station mode (PSK is passed as part of the connect
|
||||
* and associate commands), doing it in the host might not be supported.
|
||||
* @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X: Device wants to do doing 4-way
|
||||
* handshake with 802.1X in station mode (will pass EAP frames to the host
|
||||
* and accept the set_pmk/del_pmk commands), doing it in the host might not
|
||||
* be supported.
|
||||
*
|
||||
* @NUM_NL80211_EXT_FEATURES: number of extended features.
|
||||
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
|
||||
@@ -4890,6 +4926,7 @@ enum nl80211_ext_feature_index {
|
||||
NL80211_EXT_FEATURE_CQM_RSSI_LIST,
|
||||
NL80211_EXT_FEATURE_FILS_SK_OFFLOAD,
|
||||
NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK,
|
||||
NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X,
|
||||
|
||||
/* add new features before the definition below */
|
||||
NUM_NL80211_EXT_FEATURES,
|
||||
|
||||
Reference in New Issue
Block a user