mirror of
https://github.com/joel16/android_kernel_sony_msm8994.git
synced 2024-11-30 07:31:23 +00:00
cfg80211: Key management offload support for SHA-256 and FT/8021.X
Changes to add key management offload support for SHA-256 key derivation. Also changes to support connections that are both FT (802.11r) and 802.1X. The changes allow the device to advertise support for these features. Supplicant changes are also needed for full support. CRs-Fixed: 707166 Change-Id: Idd5c79288c5dd85198dddacdd4b64684b5d565e5 Signed-off-by: Chet Lanctot <clanctot@codeaurora.org>
This commit is contained in:
parent
e92aa60f73
commit
3bb41fde01
@ -6,7 +6,7 @@ Security Network during initial connection or after a roam between
|
|||||||
APs occurs. It might also happen during after the device handles a
|
APs occurs. It might also happen during after the device handles a
|
||||||
PTK rekeying operation.
|
PTK rekeying operation.
|
||||||
|
|
||||||
This design only supports key managment offload in a station
|
This design only supports key management offload in a station
|
||||||
(non-AP STA).
|
(non-AP STA).
|
||||||
|
|
||||||
There are a couple of possible advantages to offloading key
|
There are a couple of possible advantages to offloading key
|
||||||
@ -83,8 +83,7 @@ NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA
|
|||||||
association connect time because the 802.1X authentication must
|
association connect time because the 802.1X authentication must
|
||||||
first take place before the PMK is established. The PMK will be
|
first take place before the PMK is established. The PMK will be
|
||||||
passed to the driver using cfg80211_key_mgmt_set_pmk in this case
|
passed to the driver using cfg80211_key_mgmt_set_pmk in this case
|
||||||
once it is known. A new cipher suite type is defined to identify
|
once it is known.
|
||||||
the value as a PMK when cfg80211_add_key is used in this way.
|
|
||||||
|
|
||||||
Indication
|
Indication
|
||||||
----------
|
----------
|
||||||
|
@ -2090,7 +2090,9 @@ struct cfg80211_qos_map {
|
|||||||
*
|
*
|
||||||
* @key_mgmt_set_pmk: Used to pass the PMK to the device for key management
|
* @key_mgmt_set_pmk: Used to pass the PMK to the device for key management
|
||||||
* offload. This will be used in the case of key management offload on an
|
* offload. This will be used in the case of key management offload on an
|
||||||
* already established PMKSA.
|
* already established PMKSA. If connection is FT (802.11r) enabled with
|
||||||
|
* 802.1X, then the second 256 bits of the MSK is passed instead of the
|
||||||
|
* PMK.
|
||||||
*/
|
*/
|
||||||
struct cfg80211_ops {
|
struct cfg80211_ops {
|
||||||
int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
|
int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
|
||||||
@ -2336,7 +2338,7 @@ struct cfg80211_ops {
|
|||||||
struct cfg80211_chan_def *chandef);
|
struct cfg80211_chan_def *chandef);
|
||||||
|
|
||||||
int (*key_mgmt_set_pmk)(struct wiphy *wiphy, struct net_device *dev,
|
int (*key_mgmt_set_pmk)(struct wiphy *wiphy, struct net_device *dev,
|
||||||
u8 *pmk);
|
const u8 *pmk);
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -2726,8 +2728,8 @@ struct wiphy_vendor_command {
|
|||||||
*
|
*
|
||||||
* @key_mgmt_offload_support: Bitmap of supported types of key management
|
* @key_mgmt_offload_support: Bitmap of supported types of key management
|
||||||
* that can be offloaded to the device. See
|
* that can be offloaded to the device. See
|
||||||
* nl80211_key_mgmt_offload_support.
|
* nl80211_key_mgmt_offload_support. Only valid when
|
||||||
* Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
|
* WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
|
||||||
* @key_derive_offload_support: Bitmap of supported key derivations used as
|
* @key_derive_offload_support: Bitmap of supported key derivations used as
|
||||||
* part of key management offload. See nl80211_key_derive_offload_support.
|
* part of key management offload. See nl80211_key_derive_offload_support.
|
||||||
* Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
|
* Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
|
||||||
|
@ -700,7 +700,9 @@
|
|||||||
* @NL80211_CMD_KEY_MGMT_SET_PMK: Used to pass the PMK to the device for
|
* @NL80211_CMD_KEY_MGMT_SET_PMK: Used to pass the PMK to the device for
|
||||||
* key management offload. This will be used in the case of key
|
* key management offload. This will be used in the case of key
|
||||||
* management offload on an already established PMKSA. The PMK is passed
|
* management offload on an already established PMKSA. The PMK is passed
|
||||||
* in NL80211_ATTR_PMK once it is known by the supplicant.
|
* in NL80211_ATTR_PMK once it is known by the supplicant. If connection
|
||||||
|
* is FT (802.11r) enabled with 802.1X, then the second 256 bits of the
|
||||||
|
* MSK is passed instead of the PMK.
|
||||||
*
|
*
|
||||||
* @NL80211_CMD_MAX: highest used command number
|
* @NL80211_CMD_MAX: highest used command number
|
||||||
* @__NL80211_CMD_AFTER_LAST: internal use
|
* @__NL80211_CMD_AFTER_LAST: internal use
|
||||||
@ -4000,11 +4002,15 @@ enum nl80211_tdls_peer_capability {
|
|||||||
* @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA: Key management on already
|
* @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA: Key management on already
|
||||||
* established PMKSA. The PMK will be passed using
|
* established PMKSA. The PMK will be passed using
|
||||||
* NL80211_CMD_KEY_MGMT_SET_PMK once it is known.
|
* NL80211_CMD_KEY_MGMT_SET_PMK once it is known.
|
||||||
|
* @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_802_1X: 802.11r (FT) with
|
||||||
|
* 802.1X. The second 256 bits of the MSK is passed using
|
||||||
|
* NL80211_CMD_KEY_MGMT_SET_PMK once it is known.
|
||||||
*/
|
*/
|
||||||
enum nl80211_key_mgmt_offload_support {
|
enum nl80211_key_mgmt_offload_support {
|
||||||
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PSK = 1 << 0,
|
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PSK = 1 << 0,
|
||||||
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_PSK = 1 << 1,
|
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_PSK = 1 << 1,
|
||||||
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA = 1 << 2,
|
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA = 1 << 2,
|
||||||
|
NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_802_1X = 1 << 3,
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -4015,9 +4021,11 @@ enum nl80211_key_mgmt_offload_support {
|
|||||||
* by default for all supported key management offload types.
|
* by default for all supported key management offload types.
|
||||||
*
|
*
|
||||||
* @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK: IGTK key derivation.
|
* @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK: IGTK key derivation.
|
||||||
|
* @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_SHA256: SHA-256 key derivation.
|
||||||
*/
|
*/
|
||||||
enum nl80211_key_derive_offload_support {
|
enum nl80211_key_derive_offload_support {
|
||||||
NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK = 1 << 0,
|
NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK = 1 << 0,
|
||||||
|
NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_SHA256 = 1 << 1,
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -9436,7 +9436,7 @@ static struct genl_ops nl80211_ops[] = {
|
|||||||
NL80211_FLAG_NEED_RTNL,
|
NL80211_FLAG_NEED_RTNL,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.cmd = NL80211_CMD_KEY_MGMT_SET_PMK,
|
.cmd = NL80211_CMD_KEY_MGMT_SET_PMK,
|
||||||
.doit = nl80211_key_mgmt_set_pmk,
|
.doit = nl80211_key_mgmt_set_pmk,
|
||||||
.policy = nl80211_policy,
|
.policy = nl80211_policy,
|
||||||
.flags = GENL_ADMIN_PERM,
|
.flags = GENL_ADMIN_PERM,
|
||||||
|
@ -794,6 +794,7 @@ void cfg80211_process_wdev_events(struct wireless_dev *wdev)
|
|||||||
__cfg80211_authorization_event(wdev->netdev,
|
__cfg80211_authorization_event(wdev->netdev,
|
||||||
ev->au.auth_status,
|
ev->au.auth_status,
|
||||||
ev->au.key_replay_ctr);
|
ev->au.key_replay_ctr);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
wdev_unlock(wdev);
|
wdev_unlock(wdev);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user