| b.liu | e958203 | 2025-04-17 19:18:16 +0800 | [diff] [blame] | 1 | From: Rohan Dutta <drohan@codeaurora.org> |
| 2 | Date: Tue, 27 Oct 2020 12:09:10 +0200 |
| 3 | Subject: [PATCH] cfg80211: Add support to configure SAE PWE value to drivers |
| 4 | |
| 5 | Add support to configure SAE PWE preference from userspace to drivers in |
| 6 | both AP and STA modes. This is needed for cases where the driver takes |
| 7 | care of Authentication frame processing (SME in the driver) so that |
| 8 | correct enforcement of the acceptable PWE derivation mechanism can be |
| 9 | performed. |
| 10 | |
| 11 | The userspace applications can pass the sae_pwe value using the |
| 12 | NL80211_ATTR_SAE_PWE attribute in the NL80211_CMD_CONNECT and |
| 13 | NL80211_CMD_START_AP commands to the driver. This allows selection |
| 14 | between the hunting-and-pecking loop and hash-to-element options for PWE |
| 15 | derivation. For backwards compatibility, this new attribute is optional |
| 16 | and if not included, the driver is notified of the value being |
| 17 | unspecified. |
| 18 | |
| 19 | Signed-off-by: Rohan Dutta <drohan@codeaurora.org> |
| 20 | Signed-off-by: Jouni Malinen <jouni@codeaurora.org> |
| 21 | Link: https://lore.kernel.org/r/20201027100910.22283-1-jouni@codeaurora.org |
| 22 | Signed-off-by: Johannes Berg <johannes.berg@intel.com> |
| 23 | --- |
| 24 | |
| 25 | --- a/include/net/cfg80211.h |
| 26 | +++ b/include/net/cfg80211.h |
| 27 | @@ -1009,6 +1009,14 @@ struct survey_info { |
| 28 | * @sae_pwd: password for SAE authentication (for devices supporting SAE |
| 29 | * offload) |
| 30 | * @sae_pwd_len: length of SAE password (for devices supporting SAE offload) |
| 31 | + * @sae_pwe: The mechanisms allowed for SAE PWE derivation |
| 32 | + * NL80211_SAE_PWE_UNSPECIFIED: Not-specified, used to indicate userspace |
| 33 | + * did not specify any preference. The driver should follow its |
| 34 | + * internal policy in such a scenario. |
| 35 | + * NL80211_SAE_PWE_HUNT_AND_PECK: Allow hunting-and-pecking loop only |
| 36 | + * NL80211_SAE_PWE_HASH_TO_ELEMENT: Allow hash-to-element only |
| 37 | + * NL80211_SAE_PWE_BOTH: Allow either hunting-and-pecking loop |
| 38 | + * or hash-to-element |
| 39 | */ |
| 40 | struct cfg80211_crypto_settings { |
| 41 | u32 wpa_versions; |
| 42 | @@ -1027,6 +1035,7 @@ struct cfg80211_crypto_settings { |
| 43 | const u8 *psk; |
| 44 | const u8 *sae_pwd; |
| 45 | u8 sae_pwd_len; |
| 46 | + enum nl80211_sae_pwe_mechanism sae_pwe; |
| 47 | }; |
| 48 | |
| 49 | /** |
| 50 | --- a/net/wireless/nl80211.c |
| 51 | +++ b/net/wireless/nl80211.c |
| 52 | @@ -741,6 +741,9 @@ static const struct nla_policy nl80211_p |
| 53 | NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN), |
| 54 | [NL80211_ATTR_S1G_CAPABILITY_MASK] = |
| 55 | NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN), |
| 56 | + [NL80211_ATTR_SAE_PWE] = |
| 57 | + NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK, |
| 58 | + NL80211_SAE_PWE_BOTH), |
| 59 | [NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT }, |
| 60 | }; |
| 61 | |
| 62 | @@ -9778,6 +9781,12 @@ static int nl80211_crypto_settings(struc |
| 63 | nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]); |
| 64 | } |
| 65 | |
| 66 | + if (info->attrs[NL80211_ATTR_SAE_PWE]) |
| 67 | + settings->sae_pwe = |
| 68 | + nla_get_u8(info->attrs[NL80211_ATTR_SAE_PWE]); |
| 69 | + else |
| 70 | + settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED; |
| 71 | + |
| 72 | return 0; |
| 73 | } |
| 74 | |