diff options
Diffstat (limited to 'package/kernel/mac80211/patches/subsys/302-cfg80211-Add-support-to-configure-SAE-PWE-value-to-d.patch')
| -rw-r--r-- | package/kernel/mac80211/patches/subsys/302-cfg80211-Add-support-to-configure-SAE-PWE-value-to-d.patch | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/package/kernel/mac80211/patches/subsys/302-cfg80211-Add-support-to-configure-SAE-PWE-value-to-d.patch b/package/kernel/mac80211/patches/subsys/302-cfg80211-Add-support-to-configure-SAE-PWE-value-to-d.patch new file mode 100644 index 0000000000..acfdae0f5b --- /dev/null +++ b/package/kernel/mac80211/patches/subsys/302-cfg80211-Add-support-to-configure-SAE-PWE-value-to-d.patch @@ -0,0 +1,74 @@ +From: Rohan Dutta <drohan@codeaurora.org> +Date: Tue, 27 Oct 2020 12:09:10 +0200 +Subject: [PATCH] cfg80211: Add support to configure SAE PWE value to drivers + +Add support to configure SAE PWE preference from userspace to drivers in +both AP and STA modes. This is needed for cases where the driver takes +care of Authentication frame processing (SME in the driver) so that +correct enforcement of the acceptable PWE derivation mechanism can be +performed. + +The userspace applications can pass the sae_pwe value using the +NL80211_ATTR_SAE_PWE attribute in the NL80211_CMD_CONNECT and +NL80211_CMD_START_AP commands to the driver. This allows selection +between the hunting-and-pecking loop and hash-to-element options for PWE +derivation. For backwards compatibility, this new attribute is optional +and if not included, the driver is notified of the value being +unspecified. + +Signed-off-by: Rohan Dutta <drohan@codeaurora.org> +Signed-off-by: Jouni Malinen <jouni@codeaurora.org> +Link: https://lore.kernel.org/r/20201027100910.22283-1-jouni@codeaurora.org +Signed-off-by: Johannes Berg <johannes.berg@intel.com> +--- + +--- a/include/net/cfg80211.h ++++ b/include/net/cfg80211.h +@@ -1009,6 +1009,14 @@ struct survey_info { + * @sae_pwd: password for SAE authentication (for devices supporting SAE + * offload) + * @sae_pwd_len: length of SAE password (for devices supporting SAE offload) ++ * @sae_pwe: The mechanisms allowed for SAE PWE derivation ++ * NL80211_SAE_PWE_UNSPECIFIED: Not-specified, used to indicate userspace ++ * did not specify any preference. The driver should follow its ++ * internal policy in such a scenario. ++ * NL80211_SAE_PWE_HUNT_AND_PECK: Allow hunting-and-pecking loop only ++ * NL80211_SAE_PWE_HASH_TO_ELEMENT: Allow hash-to-element only ++ * NL80211_SAE_PWE_BOTH: Allow either hunting-and-pecking loop ++ * or hash-to-element + */ + struct cfg80211_crypto_settings { + u32 wpa_versions; +@@ -1027,6 +1035,7 @@ struct cfg80211_crypto_settings { + const u8 *psk; + const u8 *sae_pwd; + u8 sae_pwd_len; ++ enum nl80211_sae_pwe_mechanism sae_pwe; + }; + + /** +--- a/net/wireless/nl80211.c ++++ b/net/wireless/nl80211.c +@@ -736,6 +736,9 @@ static const struct nla_policy nl80211_p + NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN), + [NL80211_ATTR_S1G_CAPABILITY_MASK] = + NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN), ++ [NL80211_ATTR_SAE_PWE] = ++ NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK, ++ NL80211_SAE_PWE_BOTH), + [NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT }, + }; + +@@ -9764,6 +9767,12 @@ static int nl80211_crypto_settings(struc + nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]); + } + ++ if (info->attrs[NL80211_ATTR_SAE_PWE]) ++ settings->sae_pwe = ++ nla_get_u8(info->attrs[NL80211_ATTR_SAE_PWE]); ++ else ++ settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED; ++ + return 0; + } + |