From 67dd9a73dcb62e5b072244dddd7b19d521e20e67 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Fri, 16 Nov 2007 03:10:56 +0000
Subject: fix up hostapd for mac80211

SVN-Revision: 9554
---
 .../patches/017-nl80211-add-key-mgmt.patch         | 470 +++++++++++++++++++++
 1 file changed, 470 insertions(+)
 create mode 100644 package/mac80211/patches/017-nl80211-add-key-mgmt.patch

(limited to 'package/mac80211/patches/017-nl80211-add-key-mgmt.patch')

diff --git a/package/mac80211/patches/017-nl80211-add-key-mgmt.patch b/package/mac80211/patches/017-nl80211-add-key-mgmt.patch
new file mode 100644
index 0000000000..f5b1d45c15
--- /dev/null
+++ b/package/mac80211/patches/017-nl80211-add-key-mgmt.patch
@@ -0,0 +1,470 @@
+Subject: cfg80211/nl80211: introduce key handling
+
+This introduces key handling to cfg80211/nl80211. Default
+and group keys can be added, changed and removed; sequence
+counters for each key can be retrieved.
+
+Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
+
+---
+ include/linux/nl80211.h |   34 +++++
+ include/net/cfg80211.h  |   44 +++++++
+ net/wireless/core.c     |    3 
+ net/wireless/nl80211.c  |  289 ++++++++++++++++++++++++++++++++++++++++++++++++
+ 4 files changed, 370 insertions(+)
+
+--- everything.orig/include/linux/nl80211.h	2007-10-30 15:33:43.587381346 +0100
++++ everything/include/linux/nl80211.h	2007-11-07 13:19:37.861516599 +0100
+@@ -37,6 +37,16 @@
+  *	userspace to request deletion of a virtual interface, then requires
+  *	attribute %NL80211_ATTR_IFINDEX.
+  *
++ * @NL80211_CMD_GET_KEY: Get sequence counter information for a key specified
++ *	by %NL80211_ATTR_KEY_IDX and/or %NL80211_ATTR_MAC.
++ * @NL80211_CMD_SET_KEY: Set key attributes %NL80211_ATTR_KEY_DEFAULT or
++ *	%NL80211_ATTR_KEY_THRESHOLD.
++ * @NL80211_CMD_NEW_KEY: add a key with given %NL80211_ATTR_KEY_DATA,
++ *	%NL80211_ATTR_KEY_IDX, %NL80211_ATTR_MAC and %NL80211_ATTR_KEY_CIPHER
++ *	attributes.
++ * @NL80211_CMD_DEL_KEY: delete a key identified by %NL80211_ATTR_KEY_IDX
++ *	or %NL80211_ATTR_MAC.
++ *
+  * @NL80211_CMD_MAX: highest used command number
+  * @__NL80211_CMD_AFTER_LAST: internal use
+  */
+@@ -54,6 +64,11 @@ enum nl80211_commands {
+ 	NL80211_CMD_NEW_INTERFACE,
+ 	NL80211_CMD_DEL_INTERFACE,
+ 
++	NL80211_CMD_GET_KEY,
++	NL80211_CMD_SET_KEY,
++	NL80211_CMD_NEW_KEY,
++	NL80211_CMD_DEL_KEY,
++
+ 	/* add commands here */
+ 
+ 	/* used to define NL80211_CMD_MAX below */
+@@ -75,6 +90,17 @@ enum nl80211_commands {
+  * @NL80211_ATTR_IFNAME: network interface name
+  * @NL80211_ATTR_IFTYPE: type of virtual interface, see &enum nl80211_iftype
+  *
++ * @NL80211_ATTR_MAC: MAC address (various uses)
++ *
++ * @NL80211_ATTR_KEY_DATA: (temporal) key data; for TKIP this consists of
++ *	16 bytes encryption key followed by 8 bytes each for TX and RX MIC
++ *	keys
++ * @NL80211_ATTR_KEY_IDX: key ID (u8, 0-3)
++ * @NL80211_ATTR_KEY_CIPHER: key cipher suite (u32, as defined by IEEE 802.11
++ *	section 7.3.2.25.1, e.g. 0x000FAC04)
++ * @NL80211_ATTR_KEY_SEQ: transmit key sequence number (IV/PN) for TKIP and
++ *	CCMP keys, each six bytes in little endian
++ *
+  * @NL80211_ATTR_MAX: highest attribute number currently defined
+  * @__NL80211_ATTR_AFTER_LAST: internal use
+  */
+@@ -89,6 +115,14 @@ enum nl80211_attrs {
+ 	NL80211_ATTR_IFNAME,
+ 	NL80211_ATTR_IFTYPE,
+ 
++	NL80211_ATTR_MAC,
++
++	NL80211_ATTR_KEY_DATA,
++	NL80211_ATTR_KEY_IDX,
++	NL80211_ATTR_KEY_CIPHER,
++	NL80211_ATTR_KEY_SEQ,
++	NL80211_ATTR_KEY_DEFAULT,
++
+ 	/* add attributes here, update the policy in nl80211.c */
+ 
+ 	__NL80211_ATTR_AFTER_LAST,
+--- everything.orig/net/wireless/nl80211.c	2007-10-30 15:33:43.637380153 +0100
++++ everything/net/wireless/nl80211.c	2007-11-07 13:19:38.201511066 +0100
+@@ -61,6 +61,14 @@ static struct nla_policy nl80211_policy[
+ 	[NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
+ 	[NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
+ 	[NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
++
++	[NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN },
++
++	[NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
++				    .len = WLAN_MAX_KEY_LEN },
++	[NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
++	[NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
++	[NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
+ };
+ 
+ /* message building helper */
+@@ -335,6 +343,263 @@ static int nl80211_del_interface(struct 
+ 	return err;
+ }
+ 
++struct get_key_cookie {
++	struct sk_buff *msg;
++	int error;
++};
++
++static void get_key_callback(void *c, struct key_params *params)
++{
++	struct get_key_cookie *cookie = c;
++
++	if (params->key)
++		NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA,
++			params->key_len, params->key);
++
++	if (params->seq)
++		NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ,
++			params->seq_len, params->seq);
++
++	if (params->cipher)
++		NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
++			    params->cipher);
++
++	return;
++ nla_put_failure:
++	cookie->error = 1;
++}
++
++static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
++{
++	struct cfg80211_registered_device *drv;
++	int err;
++	struct net_device *dev;
++	u8 key_idx = 0;
++	u8 *mac_addr = NULL;
++	struct get_key_cookie cookie = {
++		.error = 0,
++	};
++	void *hdr;
++	struct sk_buff *msg;
++
++	if (info->attrs[NL80211_ATTR_KEY_IDX])
++		key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
++
++	if (key_idx > 3)
++		return -EINVAL;
++
++	if (info->attrs[NL80211_ATTR_MAC])
++		mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
++
++	err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
++	if (err)
++		return err;
++
++	if (!drv->ops->get_key) {
++		err = -EOPNOTSUPP;
++		goto out;
++	}
++
++	msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
++	if (!msg) {
++		err = -ENOMEM;
++		goto out;
++	}
++
++	hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
++			     NL80211_CMD_NEW_KEY);
++
++	if (IS_ERR(hdr)) {
++		err = PTR_ERR(hdr);
++		goto out;
++	}
++
++	cookie.msg = msg;
++
++	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
++	NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
++	if (mac_addr)
++		NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
++
++	rtnl_lock();
++	err = drv->ops->get_key(&drv->wiphy, dev, key_idx, mac_addr,
++				&cookie, get_key_callback);
++	rtnl_unlock();
++
++	if (err)
++		goto out;
++
++	if (cookie.error)
++		goto nla_put_failure;
++
++	genlmsg_end(msg, hdr);
++	err = genlmsg_unicast(msg, info->snd_pid);
++	goto out;
++
++ nla_put_failure:
++	err = -ENOBUFS;
++	nlmsg_free(msg);
++ out:
++	cfg80211_put_dev(drv);
++	dev_put(dev);
++	return err;
++}
++
++static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
++{
++	struct cfg80211_registered_device *drv;
++	int err;
++	struct net_device *dev;
++	u8 key_idx;
++
++	if (!info->attrs[NL80211_ATTR_KEY_IDX])
++		return -EINVAL;
++
++	key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
++
++	if (key_idx > 3)
++		return -EINVAL;
++
++	/* currently only support setting default key */
++	if (!info->attrs[NL80211_ATTR_KEY_DEFAULT])
++		return -EINVAL;
++
++	err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
++	if (err)
++		return err;
++
++	if (!drv->ops->set_default_key) {
++		err = -EOPNOTSUPP;
++		goto out;
++	}
++
++	rtnl_lock();
++	err = drv->ops->set_default_key(&drv->wiphy, dev, key_idx);
++	rtnl_unlock();
++
++ out:
++	cfg80211_put_dev(drv);
++	dev_put(dev);
++	return err;
++}
++
++static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
++{
++	struct cfg80211_registered_device *drv;
++	int err;
++	struct net_device *dev;
++	struct key_params params;
++	u8 key_idx = 0;
++	u8 *mac_addr = NULL;
++
++	memset(&params, 0, sizeof(params));
++
++	if (!info->attrs[NL80211_ATTR_KEY_CIPHER])
++		return -EINVAL;
++
++	if (info->attrs[NL80211_ATTR_KEY_DATA]) {
++		params.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
++		params.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
++	}
++
++	if (info->attrs[NL80211_ATTR_KEY_IDX])
++		key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
++
++	params.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
++
++	if (info->attrs[NL80211_ATTR_MAC])
++		mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
++
++	if (key_idx > 3)
++		return -EINVAL;
++
++	/*
++	 * Disallow pairwise keys with non-zero index unless it's WEP
++	 * (because current deployments use pairwise WEP keys with
++	 * non-zero indizes but 802.11i clearly specifies to use zero)
++	 */
++	if (mac_addr && key_idx &&
++	    params.cipher != WLAN_CIPHER_SUITE_WEP40 &&
++	    params.cipher != WLAN_CIPHER_SUITE_WEP104)
++		return -EINVAL;
++
++	/* TODO: add definitions for the lengths to linux/ieee80211.h */
++	switch (params.cipher) {
++	case WLAN_CIPHER_SUITE_WEP40:
++		if (params.key_len != 5)
++			return -EINVAL;
++		break;
++	case WLAN_CIPHER_SUITE_TKIP:
++		if (params.key_len != 32)
++			return -EINVAL;
++		break;
++	case WLAN_CIPHER_SUITE_CCMP:
++		if (params.key_len != 16)
++			return -EINVAL;
++		break;
++	case WLAN_CIPHER_SUITE_WEP104:
++		if (params.key_len != 13)
++			return -EINVAL;
++		break;
++	default:
++		return -EINVAL;
++	}
++
++	err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
++	if (err)
++		return err;
++
++	if (!drv->ops->add_key) {
++		err = -EOPNOTSUPP;
++		goto out;
++	}
++
++	rtnl_lock();
++	err = drv->ops->add_key(&drv->wiphy, dev, key_idx, mac_addr, &params);
++	rtnl_unlock();
++
++ out:
++	cfg80211_put_dev(drv);
++	dev_put(dev);
++	return err;
++}
++
++static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
++{
++	struct cfg80211_registered_device *drv;
++	int err;
++	struct net_device *dev;
++	u8 key_idx = 0;
++	u8 *mac_addr = NULL;
++
++	if (info->attrs[NL80211_ATTR_KEY_IDX])
++		key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
++
++	if (key_idx > 3)
++		return -EINVAL;
++
++	if (info->attrs[NL80211_ATTR_MAC])
++		mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
++
++	err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
++	if (err)
++		return err;
++
++	if (!drv->ops->del_key) {
++		err = -EOPNOTSUPP;
++		goto out;
++	}
++
++	rtnl_lock();
++	err = drv->ops->del_key(&drv->wiphy, dev, key_idx, mac_addr);
++	rtnl_unlock();
++
++ out:
++	cfg80211_put_dev(drv);
++	dev_put(dev);
++	return err;
++}
++
+ static struct genl_ops nl80211_ops[] = {
+ 	{
+ 		.cmd = NL80211_CMD_GET_WIPHY,
+@@ -374,6 +639,30 @@ static struct genl_ops nl80211_ops[] = {
+ 		.policy = nl80211_policy,
+ 		.flags = GENL_ADMIN_PERM,
+ 	},
++	{
++		.cmd = NL80211_CMD_GET_KEY,
++		.doit = nl80211_get_key,
++		.policy = nl80211_policy,
++		.flags = GENL_ADMIN_PERM,
++	},
++	{
++		.cmd = NL80211_CMD_SET_KEY,
++		.doit = nl80211_set_key,
++		.policy = nl80211_policy,
++		.flags = GENL_ADMIN_PERM,
++	},
++	{
++		.cmd = NL80211_CMD_NEW_KEY,
++		.doit = nl80211_new_key,
++		.policy = nl80211_policy,
++		.flags = GENL_ADMIN_PERM,
++	},
++	{
++		.cmd = NL80211_CMD_DEL_KEY,
++		.doit = nl80211_del_key,
++		.policy = nl80211_policy,
++		.flags = GENL_ADMIN_PERM,
++	},
+ };
+ 
+ /* multicast groups */
+--- everything.orig/net/wireless/core.c	2007-10-30 15:33:43.677380478 +0100
++++ everything/net/wireless/core.c	2007-11-07 13:19:38.221513833 +0100
+@@ -184,6 +184,9 @@ struct wiphy *wiphy_new(struct cfg80211_
+ 	struct cfg80211_registered_device *drv;
+ 	int alloc_size;
+ 
++	WARN_ON(!ops->add_key && ops->del_key);
++	WARN_ON(ops->add_key && !ops->del_key);
++
+ 	alloc_size = sizeof(*drv) + sizeof_priv;
+ 
+ 	drv = kzalloc(alloc_size, GFP_KERNEL);
+--- everything.orig/include/net/cfg80211.h	2007-10-30 15:33:43.617381780 +0100
++++ everything/include/net/cfg80211.h	2007-11-07 13:19:38.231512748 +0100
+@@ -49,6 +49,26 @@ extern int ieee80211_radiotap_iterator_n
+    struct ieee80211_radiotap_iterator *iterator);
+ 
+ 
++ /**
++ * struct key_params - key information
++ *
++ * Information about a key
++ *
++ * @key: key material
++ * @key_len: length of key material
++ * @cipher: cipher suite selector
++ * @seq: sequence counter (IV/PN) for TKIP and CCMP keys, only used
++ *	with the get_key() callback, must be in little endian,
++ *	length given by @seq_len.
++ */
++struct key_params {
++	u8 *key;
++	u8 *seq;
++	int key_len;
++	int seq_len;
++	u32 cipher;
++};
++
+ /* from net/wireless.h */
+ struct wiphy;
+ 
+@@ -71,6 +91,18 @@ struct wiphy;
+  *
+  * @change_virtual_intf: change type of virtual interface
+  *
++ * @add_key: add a key with the given parameters. @mac_addr will be %NULL
++ *	when adding a group key.
++ *
++ * @get_key: get information about the key with the given parameters.
++ *	@mac_addr will be %NULL when requesting information for a group
++ *	key. All pointers given to the @callback function need not be valid
++ *	after it returns.
++ *
++ * @del_key: remove a key given the @mac_addr (%NULL for a group key)
++ *	and @key_index
++ *
++ * @set_default_key: set the default key on an interface
+  */
+ struct cfg80211_ops {
+ 	int	(*add_virtual_intf)(struct wiphy *wiphy, char *name,
+@@ -78,6 +110,18 @@ struct cfg80211_ops {
+ 	int	(*del_virtual_intf)(struct wiphy *wiphy, int ifindex);
+ 	int	(*change_virtual_intf)(struct wiphy *wiphy, int ifindex,
+ 				       enum nl80211_iftype type);
++
++	int	(*add_key)(struct wiphy *wiphy, struct net_device *netdev,
++			   u8 key_index, u8 *mac_addr,
++			   struct key_params *params);
++	int	(*get_key)(struct wiphy *wiphy, struct net_device *netdev,
++			   u8 key_index, u8 *mac_addr, void *cookie,
++			   void (*callback)(void *cookie, struct key_params*));
++	int	(*del_key)(struct wiphy *wiphy, struct net_device *netdev,
++			   u8 key_index, u8 *mac_addr);
++	int	(*set_default_key)(struct wiphy *wiphy,
++				   struct net_device *netdev,
++				   u8 key_index);
+ };
+ 
+ #endif /* __NET_CFG80211_H */
-- 
cgit v1.2.3