cfg80211: Key management offload support for SHA-256 and FT/8021.X

APs occurs.  It might also happen during after the device handles a

PTK rekeying operation.

This design only supports key managment offload in a station

This design only supports key management offload in a station

(non-AP STA).

There are a couple of possible advantages to offloading key

   association connect time because the 802.1X authentication must

   first take place before the PMK is established.  The PMK will be

   passed to the driver using cfg80211_key_mgmt_set_pmk in this case

   once it is known.  A new cipher suite type is defined to identify

   the value as a PMK when cfg80211_add_key is used in this way.

   once it is known.

Indication

----------

 *

 * @key_mgmt_set_pmk: Used to pass the PMK to the device for key management

 *	offload.  This will be used in the case of key management offload on an

 *	already established PMKSA.

 *	already established PMKSA.  If connection is FT (802.11r) enabled with

 *	802.1X, then the second 256 bits of the MSK is passed instead of the

 *	PMK.

 */

struct cfg80211_ops {

	int	(*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);

				    struct cfg80211_chan_def *chandef);

	int	(*key_mgmt_set_pmk)(struct wiphy *wiphy, struct net_device *dev,

				   u8 *pmk);

				    const u8 *pmk);

};

/*

 *

 * @key_mgmt_offload_support: Bitmap of supported types of key management

 *	that can be offloaded to the device.  See

 *	nl80211_key_mgmt_offload_support.

 *	Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.

 *	nl80211_key_mgmt_offload_support.  Only valid when

 *	WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.

 * @key_derive_offload_support: Bitmap of supported key derivations used as

 *	part of key management offload.  See nl80211_key_derive_offload_support.

 *	Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.

 * @NL80211_CMD_KEY_MGMT_SET_PMK: Used to pass the PMK to the device for

 *	key management offload.  This will be used in the case of key

 *	management offload on an already established PMKSA.  The PMK is passed

 *	in NL80211_ATTR_PMK once it is known by the supplicant.

 *	in NL80211_ATTR_PMK once it is known by the supplicant.  If connection

 *	is FT (802.11r) enabled with 802.1X, then the second 256 bits of the

 *	MSK is passed instead of the PMK.

 *

 * @NL80211_CMD_MAX: highest used command number

 * @__NL80211_CMD_AFTER_LAST: internal use

 * @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA: Key management on already

 *	established PMKSA.  The PMK will be passed using

 *	NL80211_CMD_KEY_MGMT_SET_PMK once it is known.

 * @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_802_1X: 802.11r (FT) with

 *	802.1X.  The second 256 bits of the MSK is passed using

 *	NL80211_CMD_KEY_MGMT_SET_PMK once it is known.

 */

enum nl80211_key_mgmt_offload_support {

	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PSK		= 1 << 0,

	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_PSK		= 1 << 1,

	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA		= 1 << 2,

	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_802_1X	= 1 << 3,

};

/**

 * by default for all supported key management offload types.

 *

 * @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK: IGTK key derivation.

 * @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_SHA256: SHA-256 key derivation.

 */

enum nl80211_key_derive_offload_support {

	NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK		= 1 << 0,

	NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_SHA256	= 1 << 1,

};

/**

			__cfg80211_authorization_event(wdev->netdev,

						       ev->au.auth_status,

						       ev->au.key_replay_ctr);

			break;

		}

		wdev_unlock(wdev);