cfg80211/nl80211: add API for MAC address ACLs
Add API to enable drivers to implement MAC address based access control in AP/P2P GO mode. Capable drivers advertise this capability by setting the maximum number of MAC addresses in such a list in wiphy->max_acl_mac_addrs. An initial ACL may be given to the NL80211_CMD_START_AP command and/or changed later with NL80211_CMD_SET_MAC_ACL. Black- and whitelists are supported, but not simultaneously. Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com> [rewrite commit log, many cleanups] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
Vasanthakumar Thiagarajan
committed by
Johannes Berg
Johannes Berg
parent
6d45a74b1f
commit
77765eaf5c
@@ -531,6 +531,22 @@ struct mac_address {
|
||||
u8 addr[ETH_ALEN];
|
||||
};
|
||||
|
||||
/**
|
||||
* struct cfg80211_acl_data - Access control list data
|
||||
*
|
||||
* @acl_policy: ACL policy to be applied on the station's
|
||||
entry specified by mac_addr
|
||||
* @n_acl_entries: Number of MAC address entries passed
|
||||
* @mac_addrs: List of MAC addresses of stations to be used for ACL
|
||||
*/
|
||||
struct cfg80211_acl_data {
|
||||
enum nl80211_acl_policy acl_policy;
|
||||
int n_acl_entries;
|
||||
|
||||
/* Keep it last */
|
||||
struct mac_address mac_addrs[];
|
||||
};
|
||||
|
||||
/**
|
||||
* struct cfg80211_ap_settings - AP configuration
|
||||
*
|
||||
@@ -550,6 +566,8 @@ struct mac_address {
|
||||
* @inactivity_timeout: time in seconds to determine station's inactivity.
|
||||
* @p2p_ctwindow: P2P CT Window
|
||||
* @p2p_opp_ps: P2P opportunistic PS
|
||||
* @acl: ACL configuration used by the drivers which has support for
|
||||
* MAC address based access control
|
||||
*/
|
||||
struct cfg80211_ap_settings {
|
||||
struct cfg80211_chan_def chandef;
|
||||
@@ -566,6 +584,7 @@ struct cfg80211_ap_settings {
|
||||
int inactivity_timeout;
|
||||
u8 p2p_ctwindow;
|
||||
bool p2p_opp_ps;
|
||||
const struct cfg80211_acl_data *acl;
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -1800,6 +1819,13 @@ struct cfg80211_gtk_rekey_data {
|
||||
*
|
||||
* @start_p2p_device: Start the given P2P device.
|
||||
* @stop_p2p_device: Stop the given P2P device.
|
||||
*
|
||||
* @set_mac_acl: Sets MAC address control list in AP and P2P GO mode.
|
||||
* Parameters include ACL policy, an array of MAC address of stations
|
||||
* and the number of MAC addresses. If there is already a list in driver
|
||||
* this new list replaces the existing one. Driver has to clear its ACL
|
||||
* when number of MAC addresses entries is passed as 0. Drivers which
|
||||
* advertise the support for MAC based ACL have to implement this callback.
|
||||
*/
|
||||
struct cfg80211_ops {
|
||||
int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
|
||||
@@ -2020,6 +2046,9 @@ struct cfg80211_ops {
|
||||
struct wireless_dev *wdev);
|
||||
void (*stop_p2p_device)(struct wiphy *wiphy,
|
||||
struct wireless_dev *wdev);
|
||||
|
||||
int (*set_mac_acl)(struct wiphy *wiphy, struct net_device *dev,
|
||||
const struct cfg80211_acl_data *params);
|
||||
};
|
||||
|
||||
/*
|
||||
@@ -2325,6 +2354,9 @@ struct wiphy_wowlan_support {
|
||||
* @ap_sme_capa: AP SME capabilities, flags from &enum nl80211_ap_sme_features.
|
||||
* @ht_capa_mod_mask: Specify what ht_cap values can be over-ridden.
|
||||
* If null, then none can be over-ridden.
|
||||
*
|
||||
* @max_acl_mac_addrs: Maximum number of MAC addresses that the device
|
||||
* supports for ACL.
|
||||
*/
|
||||
struct wiphy {
|
||||
/* assign these fields before you register the wiphy */
|
||||
@@ -2346,6 +2378,8 @@ struct wiphy {
|
||||
/* Supported interface modes, OR together BIT(NL80211_IFTYPE_...) */
|
||||
u16 interface_modes;
|
||||
|
||||
u16 max_acl_mac_addrs;
|
||||
|
||||
u32 flags, features;
|
||||
|
||||
u32 ap_sme_capa;
|
||||
|
||||
Reference in New Issue
Block a user