Merge "nl80211: Allow SAE Authentication for NL80211_CMD_CONNECT"

 * @ASSOC_REQ_DISABLE_HT:  Disable HT (802.11n)

 * @ASSOC_REQ_DISABLE_VHT:  Disable VHT

 * @ASSOC_REQ_USE_RRM: Declare RRM capability in this association

 * @CONNECT_REQ_EXTERNAL_AUTH_SUPPORT: User space indicates external

 *	authentication capability. Drivers can offload authentication to

 *	userspace if this flag is set. Only applicable for cfg80211_connect()

 *	request (connect callback).

 */

enum cfg80211_assoc_req_flags {

	ASSOC_REQ_DISABLE_HT			= BIT(0),

	ASSOC_REQ_DISABLE_VHT			= BIT(1),

	ASSOC_REQ_USE_RRM			= BIT(2),

	CONNECT_REQ_EXTERNAL_AUTH_SUPPORT	= BIT(3),

};

/**

	const u8 *pmk_r0_name;

};

/**

 * struct cfg80211_external_auth_params - Trigger External authentication.

 *

 * Commonly used across the external auth request and event interfaces.

 *

 * @action: action type / trigger for external authentication. Only significant

 *	for the authentication request event interface (driver to user space).

 * @bssid: BSSID of the peer with which the authentication has

 *	to happen. Used by both the authentication request event and

 *	authentication response command interface.

 * @ssid: SSID of the AP.  Used by both the authentication request event and

 *	authentication response command interface.

 * @key_mgmt_suite: AKM suite of the respective authentication. Used by the

 *	authentication request event interface.

 * @status: status code, %WLAN_STATUS_SUCCESS for successful authentication,

 *	use %WLAN_STATUS_UNSPECIFIED_FAILURE if user space cannot give you

 *	the real status code for failures. Used only for the authentication

 *	response command interface (user space to driver).

 */

struct cfg80211_external_auth_params {

	enum nl80211_external_auth_action action;

	u8 bssid[ETH_ALEN] __aligned(2);

	struct cfg80211_ssid ssid;

	unsigned int key_mgmt_suite;

	u16 status;

};

/**

 * struct cfg80211_ops - backend description for wireless configuration

 *

 *	(invoked with the wireless_dev mutex held)

 * @del_pmk: delete the previously configured PMK for the given authenticator.

 *	(invoked with the wireless_dev mutex held)

 *

 * @external_auth: indicates result of offloaded authentication processing from

 *     user space

 */

struct cfg80211_ops {

	int	(*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);

			   const struct cfg80211_pmk_conf *conf);

	int	(*del_pmk)(struct wiphy *wiphy, struct net_device *dev,

			   const u8 *aa);

	int     (*external_auth)(struct wiphy *wiphy, struct net_device *dev,

				 struct cfg80211_external_auth_params *params);

};

/*

 */

bool cfg80211_is_gratuitous_arp_unsolicited_na(struct sk_buff *skb);

/**

 * cfg80211_external_auth_request - userspace request for authentication

 * @netdev: network device

 * @params: External authentication parameters

 * @gfp: allocation flags

 * Returns: 0 on success, < 0 on error

 */

int cfg80211_external_auth_request(struct net_device *netdev,

				   struct cfg80211_external_auth_params *params,

				   gfp_t gfp);

/* Logging, debugging and troubleshooting/diagnostic helpers. */

/* wiphy_printk helpers, similar to dev_printk */

 * @NL80211_CMD_RELOAD_REGDB: Request that the regdb firmware file is reloaded.

 *

 *

 * @NL80211_CMD_EXTERNAL_AUTH: This interface is exclusively defined for host

 *	drivers that do not define separate commands for authentication and

 *	association, but rely on user space for the authentication to happen.

 *	This interface acts both as the event request (driver to user space)

 *	to trigger the authentication and command response (userspace to

 *	driver) to indicate the authentication status.

 *

 *	User space uses the %NL80211_CMD_CONNECT command to the host driver to

 *	trigger a connection. The host driver selects a BSS and further uses

 *	this interface to offload only the authentication part to the user

 *	space. Authentication frames are passed between the driver and user

 *	space through the %NL80211_CMD_FRAME interface. Host driver proceeds

 *	further with the association after getting successful authentication

 *	status. User space indicates the authentication status through

 *	%NL80211_ATTR_STATUS_CODE attribute in %NL80211_CMD_EXTERNAL_AUTH

 *	command interface.

 *

 *	Host driver reports this status on an authentication failure to the

 *	user space through the connect result as the user space would have

 *	initiated the connection through the connect request.

 *

 * @NL80211_CMD_MAX: highest used command number

 * @__NL80211_CMD_AFTER_LAST: internal use

 */

	NL80211_CMD_RELOAD_REGDB,

	NL80211_CMD_EXTERNAL_AUTH,

	/* add new commands above here */

	/* used to define NL80211_CMD_MAX below */

 *	the driver or is not needed (because roaming used the Fast Transition

 *	protocol).

 *

 * @NL80211_ATTR_EXTERNAL_AUTH_ACTION: Identify the requested external

 *     authentication operation (u32 attribute with an

 *     &enum nl80211_external_auth_action value). This is used with the

 *     &NL80211_CMD_EXTERNAL_AUTH request event.

 * @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT: Flag attribute indicating that the user

 *     space supports external authentication. This attribute shall be used

 *     only with %NL80211_CMD_CONNECT request. The driver may offload

 *     authentication processing to user space if this capability is indicated

 *     in NL80211_CMD_CONNECT requests from the user space.

 *

 * @NUM_NL80211_ATTR: total number of nl80211_attrs available

 * @NL80211_ATTR_MAX: highest attribute number currently defined

 * @__NL80211_ATTR_AFTER_LAST: internal use

	NL80211_ATTR_PMKR0_NAME,

	NL80211_ATTR_PORT_AUTHORIZED,

	NL80211_ATTR_EXTERNAL_AUTH_ACTION,

	NL80211_ATTR_EXTERNAL_AUTH_SUPPORT,

	/* add attributes here, update the policy in nl80211.c */

	__NL80211_ATTR_AFTER_LAST,

	NL80211_NAN_MATCH_ATTR_MAX = NUM_NL80211_NAN_MATCH_ATTR - 1

};

/**

 * nl80211_external_auth_action - Action to perform with external

 *     authentication request. Used by NL80211_ATTR_EXTERNAL_AUTH_ACTION.

 * @NL80211_EXTERNAL_AUTH_START: Start the authentication.

 * @NL80211_EXTERNAL_AUTH_ABORT: Abort the ongoing authentication.

 */

enum nl80211_external_auth_action {

	NL80211_EXTERNAL_AUTH_START,

	NL80211_EXTERNAL_AUTH_ABORT,

};

#endif /* __LINUX_NL80211_H */

	[NL80211_ATTR_FILS_CACHE_ID] = { .len = 2 },

	[NL80211_ATTR_PMK] = { .type = NLA_BINARY, .len = PMK_MAX_LEN },

	[NL80211_ATTR_SCHED_SCAN_MULTI] = { .type = NLA_FLAG },

	[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT] = { .type = NLA_FLAG },

};

/* policy for the key attributes */

			return false;

		return true;

	case NL80211_CMD_CONNECT:

		/* SAE not supported yet */

		if (auth_type == NL80211_AUTHTYPE_SAE)

		if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&

		    auth_type == NL80211_AUTHTYPE_SAE)

			return false;

		/* FILS with SK PFS or PK not supported yet */

		if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||

		    auth_type == NL80211_AUTHTYPE_FILS_PK)

		return -EINVAL;

	}

	if (nla_get_flag(info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])) {

		if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {

			return -EINVAL;

		}

		connect.flags |= CONNECT_REQ_EXTERNAL_AUTH_SUPPORT;

	}

	wdev_lock(dev->ieee80211_ptr);

	err = cfg80211_connect(rdev, dev, &connect, connkeys,

	return ret;

}

static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)

{

	struct cfg80211_registered_device *rdev = info->user_ptr[0];

	struct net_device *dev = info->user_ptr[1];

	struct cfg80211_external_auth_params params;

	if (rdev->ops->external_auth)

		return -EOPNOTSUPP;

	if (!info->attrs[NL80211_ATTR_SSID])

		return -EINVAL;

	if (!info->attrs[NL80211_ATTR_BSSID])

		return -EINVAL;

	if (!info->attrs[NL80211_ATTR_STATUS_CODE])

		return -EINVAL;

	memset(&params, 0, sizeof(params));

	params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);

	if (params.ssid.ssid_len == 0 ||

	    params.ssid.ssid_len > IEEE80211_MAX_SSID_LEN)

		return -EINVAL;

	memcpy(params.ssid.ssid, nla_data(info->attrs[NL80211_ATTR_SSID]),

	       params.ssid.ssid_len);

	memcpy(params.bssid, nla_data(info->attrs[NL80211_ATTR_BSSID]),

	       ETH_ALEN);

	params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);

	return rdev_external_auth(rdev, dev, &params);

}

#define NL80211_FLAG_NEED_WIPHY		0x01

#define NL80211_FLAG_NEED_NETDEV	0x02

#define NL80211_FLAG_NEED_RTNL		0x04

		.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |

				  NL80211_FLAG_NEED_RTNL,

	},

	{

		.cmd = NL80211_CMD_EXTERNAL_AUTH,

		.doit = nl80211_external_auth,

		.policy = nl80211_policy,

		.flags = GENL_ADMIN_PERM,

		.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |

				  NL80211_FLAG_NEED_RTNL,

	},

};

	nlmsg_free(msg);

}

int cfg80211_external_auth_request(struct net_device *dev,

				   struct cfg80211_external_auth_params *params,

				   gfp_t gfp)

{

	struct wireless_dev *wdev = dev->ieee80211_ptr;

	struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);

	struct sk_buff *msg;

	void *hdr;

	if (!wdev->conn_owner_nlportid)

		return -EINVAL;

	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);

	if (!msg)

		return -ENOMEM;

	hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EXTERNAL_AUTH);

	if (!hdr)

		goto nla_put_failure;

	if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||

	    nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||

	    nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, params->key_mgmt_suite) ||

	    nla_put_u32(msg, NL80211_ATTR_EXTERNAL_AUTH_ACTION,

			params->action) ||

	    nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid) ||

	    nla_put(msg, NL80211_ATTR_SSID, params->ssid.ssid_len,

		    params->ssid.ssid))

		goto nla_put_failure;

	genlmsg_end(msg, hdr);

	genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,

			wdev->conn_owner_nlportid);

	return 0;

 nla_put_failure:

	nlmsg_free(msg);

	return -ENOBUFS;

}

EXPORT_SYMBOL(cfg80211_external_auth_request);

/* initialisation/exit functions */

int __init nl80211_init(void)

	trace_rdev_return_int(&rdev->wiphy, ret);

	return ret;

}

static inline int

rdev_external_auth(struct cfg80211_registered_device *rdev,

		   struct net_device *dev,

		   struct cfg80211_external_auth_params *params)

{

	int ret = -EOPNOTSUPP;

	trace_rdev_external_auth(&rdev->wiphy, dev, params);

	if (rdev->ops->external_auth)

		ret = rdev->ops->external_auth(&rdev->wiphy, dev, params);

	trace_rdev_return_int(&rdev->wiphy, ret);

	return ret;

}

#endif /* __CFG80211_RDEV_OPS */

		  WIPHY_PR_ARG, NETDEV_PR_ARG, MAC_PR_ARG(aa))

);

TRACE_EVENT(rdev_external_auth,

	    TP_PROTO(struct wiphy *wiphy, struct net_device *netdev,

		     struct cfg80211_external_auth_params *params),

	    TP_ARGS(wiphy, netdev, params),

	    TP_STRUCT__entry(WIPHY_ENTRY

			     NETDEV_ENTRY

			     MAC_ENTRY(bssid)

			     __array(u8, ssid, IEEE80211_MAX_SSID_LEN + 1)

			     __field(u16, status)

	    ),

	    TP_fast_assign(WIPHY_ASSIGN;

			   NETDEV_ASSIGN;

			   MAC_ASSIGN(bssid, params->bssid);

			   memset(__entry->ssid, 0, IEEE80211_MAX_SSID_LEN + 1);

			   memcpy(__entry->ssid, params->ssid.ssid,

				  params->ssid.ssid_len);

			   __entry->status = params->status;

	    ),

	    TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", bssid: " MAC_PR_FMT

		      ", ssid: %s, status: %u", WIPHY_PR_ARG, NETDEV_PR_ARG,

		      __entry->bssid, __entry->ssid, __entry->status)

);

/*************************************************************

 *	     cfg80211 exported functions traces		     *

 *************************************************************/