[17/24] cfg80211: Include the PMK and PMKID in NL80211_CMD_EXTERNAL_AUTH

Commit Message

Luca Coelho Dec. 15, 2018, 9:03 a.m. UTC

From: Andrei Otcheretianski <andrei.otcheretianski@intel.com>

This is needed for the devices that manage PMKSA caching internally and
don't implement SET/DEL PMKSA commands.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 include/net/cfg80211.h       |  6 ++++++
 include/uapi/linux/nl80211.h |  4 +++-
 net/wireless/nl80211.c       | 12 ++++++++++++
 3 files changed, 21 insertions(+), 1 deletion(-)

Comments

Johannes Berg Jan. 25, 2019, 12:41 p.m. UTC | #1

On Sat, 2018-12-15 at 11:03 +0200, Luca Coelho wrote:
> From: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
> 
> This is needed for the devices that manage PMKSA caching internally and
> don't implement SET/DEL PMKSA commands.

It'd be nice to have more explanation here. Is this for station side? or
AP side? I would've guessed AP side based on the fact that I also have 
https://patchwork.kernel.org/patch/10777175/ which also adds the PMKID,
but since you talk about PMKSA caching and that's only added for AP side
in https://patchwork.kernel.org/patch/10769745/ I'm confused.

--> changes requested

I've asked Jouni to take a look at the two above-mentioned patches and
will likely accept them (it seems mostly reasonable to me) so in that
case please also rebase this patch to deal with the overlapping changes.

johannes

Patch

diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index ede7fcd68348..30618afab657 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -2813,6 +2813,9 @@  struct cfg80211_pmk_conf {
  *	use %WLAN_STATUS_UNSPECIFIED_FAILURE if user space cannot give you
  *	the real status code for failures. Used only for the authentication
  *	response command interface (user space to driver).
+ * @pmk_len: Length of PMK if present.
+ * @pmk: Derived PMK
+ * @pmkid: PMKID of the derived PMK
  */
 struct cfg80211_external_auth_params {
 	enum nl80211_external_auth_action action;
@@ -2820,6 +2823,9 @@  struct cfg80211_external_auth_params {
 	struct cfg80211_ssid ssid;
 	unsigned int key_mgmt_suite;
 	u16 status;
+	int pmk_len;
+	const u8 *pmk;
+	const u8 *pmkid;
 };
 
 /**
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index 2b53c0e949c7..3843214ec7ee 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -1022,7 +1022,9 @@ 
  *	further with the association after getting successful authentication
  *	status. User space indicates the authentication status through
  *	%NL80211_ATTR_STATUS_CODE attribute in %NL80211_CMD_EXTERNAL_AUTH
- *	command interface.
+ *	command interface. In case of success, user space also includes the
+ *	derived PMK and PMKID through %NL80211_ATTR_PMK and
+ *	%NL80211_ATTR_PMKID.
  *
  *	Host driver reports this status on an authentication failure to the
  *	user space through the connect result as the user space would have
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index e20329b34840..323cd91cf1e4 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -12990,6 +12990,12 @@  static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)
 	if (!info->attrs[NL80211_ATTR_STATUS_CODE])
 		return -EINVAL;
 
+	if ((info->attrs[NL80211_ATTR_PMK] &&
+	     !info->attrs[NL80211_ATTR_PMKID]) ||
+	    (info->attrs[NL80211_ATTR_PMKID] &&
+	     !info->attrs[NL80211_ATTR_PMK]))
+		return -EINVAL;
+
 	memset(&params, 0, sizeof(params));
 
 	params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
@@ -13004,6 +13010,12 @@  static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)
 
 	params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
 
+	if (info->attrs[NL80211_ATTR_PMK] && info->attrs[NL80211_ATTR_PMKID]) {
+		params.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
+		params.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
+		params.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
+	}
+
 	return rdev_external_auth(rdev, dev, &params);
 }