cfg80211: Add Fast Initial Link Setup (FILS) auth algs (16793068) · Commits · e / devices / android_kernel_sony_msm8998

include/linux/ieee80211.h

+3 −0

Original line number	Diff line number	Diff line
		@@ -1535,6 +1535,9 @@ struct ieee80211_vht_operation {
		#define WLAN_AUTH_SHARED_KEY 1
		#define WLAN_AUTH_FT 2
		#define WLAN_AUTH_SAE 3
		#define WLAN_AUTH_FILS_SK 4
		#define WLAN_AUTH_FILS_SK_PFS 5
		#define WLAN_AUTH_FILS_PK 6
		#define WLAN_AUTH_LEAP 128

		#define WLAN_AUTH_CHALLENGE_LEN 128

include/uapi/linux/nl80211.h

+6 −0

Original line number	Diff line number	Diff line
		@@ -3675,6 +3675,9 @@ enum nl80211_bss_status {
		* @NL80211_AUTHTYPE_FT: Fast BSS Transition (IEEE 802.11r)
		* @NL80211_AUTHTYPE_NETWORK_EAP: Network EAP (some Cisco APs and mainly LEAP)
		* @NL80211_AUTHTYPE_SAE: Simultaneous authentication of equals
		* @NL80211_AUTHTYPE_FILS_SK: Fast Initial Link Setup shared key
		* @NL80211_AUTHTYPE_FILS_SK_PFS: Fast Initial Link Setup shared key with PFS
		* @NL80211_AUTHTYPE_FILS_PK: Fast Initial Link Setup public key
		* @__NL80211_AUTHTYPE_NUM: internal
		* @NL80211_AUTHTYPE_MAX: maximum valid auth algorithm
		* @NL80211_AUTHTYPE_AUTOMATIC: determine automatically (if necessary by
		@@ -3687,6 +3690,9 @@ enum nl80211_auth_type {
		NL80211_AUTHTYPE_FT,
		NL80211_AUTHTYPE_NETWORK_EAP,
		NL80211_AUTHTYPE_SAE,
		NL80211_AUTHTYPE_FILS_SK,
		NL80211_AUTHTYPE_FILS_SK_PFS,
		NL80211_AUTHTYPE_FILS_PK,

		/* keep last */
		__NL80211_AUTHTYPE_NUM,

net/wireless/nl80211.c

+19 −2

Original line number	Diff line number	Diff line
		@@ -3661,12 +3661,23 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
		if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
		auth_type == NL80211_AUTHTYPE_SAE)
		return false;
		if (!wiphy_ext_feature_isset(&rdev->wiphy,
		NL80211_EXT_FEATURE_FILS_STA) &&
		(auth_type == NL80211_AUTHTYPE_FILS_SK \|\|
		auth_type == NL80211_AUTHTYPE_FILS_SK_PFS \|\|
		auth_type == NL80211_AUTHTYPE_FILS_PK))
		return false;
		return true;
		case NL80211_CMD_CONNECT:
		case NL80211_CMD_START_AP:
		/* SAE not supported yet */
		if (auth_type == NL80211_AUTHTYPE_SAE)
		return false;
		/* FILS not supported yet */
		if (auth_type == NL80211_AUTHTYPE_FILS_SK \|\|
		auth_type == NL80211_AUTHTYPE_FILS_SK_PFS \|\|
		auth_type == NL80211_AUTHTYPE_FILS_PK)
		return false;
		return true;
		default:
		return false;
		@@ -7569,12 +7580,18 @@ static int nl80211_authenticate(struct sk_buff skb, struct genl_info info)
		if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
		return -EINVAL;

		if (auth_type == NL80211_AUTHTYPE_SAE &&
		if ((auth_type == NL80211_AUTHTYPE_SAE \|\|
		auth_type == NL80211_AUTHTYPE_FILS_SK \|\|
		auth_type == NL80211_AUTHTYPE_FILS_SK_PFS \|\|
		auth_type == NL80211_AUTHTYPE_FILS_PK) &&
		!info->attrs[NL80211_ATTR_AUTH_DATA])
		return -EINVAL;

		if (info->attrs[NL80211_ATTR_AUTH_DATA]) {
		if (auth_type != NL80211_AUTHTYPE_SAE)
		if (auth_type != NL80211_AUTHTYPE_SAE &&
		auth_type != NL80211_AUTHTYPE_FILS_SK &&
		auth_type != NL80211_AUTHTYPE_FILS_SK_PFS &&
		auth_type != NL80211_AUTHTYPE_FILS_PK)
		return -EINVAL;
		auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]);
		auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]);