Message ID | 1631092866-4530-1-git-send-email-subratm@codeaurora.org (mailing list archive) |
---|---|
State | Changes Requested |
Delegated to: | Johannes Berg |
Headers | show |
Series | [v2] cfg80211: AP mode driver offload for FILS association crypto | expand |
Hi, Please ignore v2 Patch set. I will be uploading v3 patch by addressing the issue reported by kernel test robot. Regards, Subrat Mishra On 2021-09-08 14:51, Subrat Mishra wrote: > Add a driver FILS crypto offload extended capability flag to indicate > that the driver running in AP mode is capable of handling encryption > and decryption of (Re)Association request and response frames. > Add a command to set FILS AAD data to driver. > > This feature is supported on drivers running in AP mode only. > This extended capability is exchanged with hostapd during cfg80211 > init. If the driver indicates this capability, then before sending the > Authentication response frame, hostapd sets FILS AAD data to the > driver. This allows the driver to decrypt (Re)Association Request > frame and encrypt (Re)Association Response frame. FILS Key derivation > will still be done in hostapd. > > Signed-off-by: Subrat Mishra <subratm@codeaurora.org> > > v2: > - NL80211_FLAG_NEED_RTNL flag removed from internal_flags of command > NL80211_FLAG_NEED_RTNL > - Fixed alignment in include/net/cfg80211.h set_fils_aad() comments > - Fixed alignment in net/wireless/trace.h rdev_set_fils_aad Trace event > > diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h > index 62dd842..621e3b2 100644 > --- a/include/net/cfg80211.h > +++ b/include/net/cfg80211.h > @@ -740,6 +740,22 @@ struct cfg80211_tid_config { > }; > > /** > + * struct cfg80211_fils_aad - FILS AAD data > + * @macaddr: STA MAC address > + * @kek: FILS KEK > + * @kek_len: FILS KEK length > + * @snonce: STA Nonce > + * @anonce: AP Nonce > + */ > +struct cfg80211_fils_aad { > + const u8 *macaddr; > + const u8 *kek; > + u8 kek_len; > + const u8 *snonce; > + const u8 *anonce; > +} > + > +/** > * cfg80211_get_chandef_type - return old channel type from chandef > * @chandef: the channel definition > * > @@ -4018,6 +4034,10 @@ struct mgmt_frame_regs { > * @set_sar_specs: Update the SAR (TX power) settings. > * > * @color_change: Initiate a color change. > + * > + * @set_fils_aad: Set FILS AAD data to the AP driver so that the > driver can use > + * those to decrypt (Re)Association Request and encrypt > (Re)Association > + * Response frame. > */ > struct cfg80211_ops { > int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow); > @@ -4348,6 +4368,8 @@ struct cfg80211_ops { > int (*color_change)(struct wiphy *wiphy, > struct net_device *dev, > struct cfg80211_color_change_settings *params); > + int (*set_fils_aad)(struct wiphy *wiphy, struct net_device *dev, > + struct cfg80211_fils_aad *fils_aad); > }; > > /* > diff --git a/include/uapi/linux/nl80211.h > b/include/uapi/linux/nl80211.h > index c2efea9..e89bbf8 100644 > --- a/include/uapi/linux/nl80211.h > +++ b/include/uapi/linux/nl80211.h > @@ -301,6 +301,29 @@ > */ > > /** > + * DOC: FILS shared key crypto offload > + * > + * This feature is applicable to drivers running in AP mode. > + * > + * FILS shared key crypto offload can be advertised by drivers by > setting > + * @NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD flag. The drivers that > support > + * FILS shared key crypto offload should be able to encrypt and > decrypt > + * association frames for FILS shared key authentication as per IEEE > 802.11ai. > + * With this capability, for FILS key derivation, drivers depend on > userspace. > + * > + * After FILS key derivation, userspace shares the FILS AAD details > with the > + * driver and the driver stores the same to use in decryption of > association > + * request and in encryption of association response. The below > parameters > + * should be given to the driver in %NL80211_CMD_SET_FILS_AAD. > + * %NL80211_ATTR_MAC - STA MAC address, used for storing FILS AAD per > STA > + * %NL80211_ATTR_FILS_KEK - Used for encryption or decryption > + * %NL80211_ATTR_FILS_NONCES - Used for encryption or decryption > + * (STA Nonce 16 bytes followed by AP Nonce 16 bytes) > + * > + * Once the association is done, the driver cleans the FILS AAD data. > + */ > + > +/** > * enum nl80211_commands - supported nl80211 commands > * > * @NL80211_CMD_UNSPEC: unspecified command to catch errors > @@ -1200,6 +1223,12 @@ > * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color > change > * has completed > * > + * @NL80211_CMD_SET_FILS_AAD: Set FILS AAD data to the driver using - > + * &NL80211_ATTR_MAC - for STA MAC address > + * &NL80211_ATTR_FILS_KEK - for KEK > + * &NL80211_ATTR_FILS_NONCES - for FILS Nonces > + * (STA Nonce 16 bytes followed by AP Nonce 16 bytes) > + * > * @NL80211_CMD_MAX: highest used command number > * @__NL80211_CMD_AFTER_LAST: internal use > */ > @@ -1440,6 +1469,8 @@ enum nl80211_commands { > NL80211_CMD_COLOR_CHANGE_ABORTED, > NL80211_CMD_COLOR_CHANGE_COMPLETED, > > + NL80211_CMD_SET_FILS_AAD, > + > /* add new commands above here */ > > /* used to define NL80211_CMD_MAX below */ > @@ -5995,6 +6026,11 @@ enum nl80211_feature_flags { > * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color > collision > * detection and change announcemnts. > * > + * @NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD: Driver running in AP mode > supports > + * FILS encryption and decryption for (Re)Association Request and > Response > + * frames. Userspace has to share FILS AAD details to the driver by > using > + * @NL80211_CMD_SET_FILS_AAD. > + * > * @NUM_NL80211_EXT_FEATURES: number of extended features. > * @MAX_NL80211_EXT_FEATURES: highest extended feature index. > */ > @@ -6060,6 +6096,7 @@ enum nl80211_ext_feature_index { > NL80211_EXT_FEATURE_SECURE_RTT, > NL80211_EXT_FEATURE_PROT_RANGE_NEGO_AND_MEASURE, > NL80211_EXT_FEATURE_BSS_COLOR, > + NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD, > > /* add new features before the definition below */ > NUM_NL80211_EXT_FEATURES, > diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c > index bf7cd47..761760a 100644 > --- a/net/wireless/nl80211.c > +++ b/net/wireless/nl80211.c > @@ -14904,6 +14904,29 @@ static int nl80211_color_change(struct > sk_buff *skb, struct genl_info *info) > return err; > } > > +static int nl80211_set_fils_aad(struct sk_buff *skb, > + struct genl_info *info) > +{ > + struct cfg80211_registered_device *rdev = info->user_ptr[0]; > + struct net_device *dev = info->user_ptr[1]; > + struct cfg80211_fils_aad fils_aad = {}; > + u8 *nonces; > + > + if (!info->attrs[NL80211_ATTR_MAC] || > + !info->attrs[NL80211_ATTR_FILS_KEK] || > + !info->attrs[NL80211_ATTR_FILS_NONCES]) > + return -EINVAL; > + > + fils_aad.macaddr = nla_data(info->attrs[NL80211_ATTR_MAC]); > + fils_aad.kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]); > + fils_aad.kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]); > + nonces = nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]); > + fils_aad.snonce = nonces; > + fils_aad.anonce = nonces + FILS_NONCE_LEN; > + > + return rdev_set_fils_aad(rdev, dev, &fils_aad); > +} > + > #define NL80211_FLAG_NEED_WIPHY 0x01 > #define NL80211_FLAG_NEED_NETDEV 0x02 > #define NL80211_FLAG_NEED_RTNL 0x04 > @@ -15907,6 +15930,13 @@ static const struct genl_small_ops > nl80211_small_ops[] = { > .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | > NL80211_FLAG_NEED_RTNL, > }, > + { > + .cmd = NL80211_CMD_SET_FILS_AAD, > + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, > + .doit = nl80211_set_fils_aad, > + .flags = GENL_UNS_ADMIN_PERM, > + .internal_flags = NL80211_FLAG_NEED_NETDEV_UP, > + }, > }; > > static struct genl_family nl80211_fam __ro_after_init = { > diff --git a/net/wireless/rdev-ops.h b/net/wireless/rdev-ops.h > index ce6bf21..cc1efec 100644 > --- a/net/wireless/rdev-ops.h > +++ b/net/wireless/rdev-ops.h > @@ -1381,4 +1381,18 @@ static inline int rdev_color_change(struct > cfg80211_registered_device *rdev, > return ret; > } > > +static inline int > +rdev_set_fils_aad(struct cfg80211_registered_device *rdev, > + struct net_device *dev, struct cfg80211_fils_aad *fils_aad) > +{ > + int ret = -EOPNOTSUPP; > + > + trace_rdev_set_fils_aad(&rdev->wiphy, dev, fils_aad); > + if (rdev->ops->set_fils_aad) > + ret = rdev->ops->set_fils_aad(&rdev->wiphy, dev, fils_aad); > + trace_rdev_return_int(&rdev->wiphy, ret); > + > + return ret; > +} > + > #endif /* __CFG80211_RDEV_OPS */ > diff --git a/net/wireless/trace.h b/net/wireless/trace.h > index 19b78d4..88cd694 100644 > --- a/net/wireless/trace.h > +++ b/net/wireless/trace.h > @@ -167,6 +167,19 @@ > __entry->center_freq1, __entry->freq1_offset, \ > __entry->center_freq2 > > +#define FILS_AAD_ASSIGN(fa) > \ > + do { > \ > + if (fa) { \ > + ether_addr_copy(__entry->macaddr, fa->macaddr); \ > + __entry->kek_len = fa->kek_len; \ > + } else { \ > + eth_zero_addr(__entry->macaddr); \ > + __entry->kek_len = 0; \ > + } \ > + } while (0) > +#define FILS_AAD_PR_FMT > \ > + "macaddr: %pM, kek_len: %d" > + > #define SINFO_ENTRY __field(int, generation) \ > __field(u32, connected_time) \ > __field(u32, inactive_time) \ > @@ -2614,6 +2627,24 @@ DEFINE_EVENT(wiphy_wdev_cookie_evt, > rdev_abort_pmsr, > TP_ARGS(wiphy, wdev, cookie) > ); > > +TRACE_EVENT(rdev_set_fils_aad, > + TP_PROTO(struct wiphy *wiphy, struct net_device *netdev, > + struct cfg80211_fils_aad *fils_aad), > + TP_ARGS(wiphy, netdev, fils_aad), > + TP_STRUCT__entry(WIPHY_ENTRY > + NETDEV_ENTRY > + __array(u8, macaddr, ETH_ALEN) > + __field(u8, kek_len) > + ), > + TP_fast_assign(WIPHY_ASSIGN; > + NETDEV_ASSIGN; > + FILS_AAD_ASSIGN(fils_aad); > + ), > + TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " FILS_AAD_PR_FMT, > + WIPHY_PR_ARG, NETDEV_PR_ARG, __entry->macaddr, > + __entry->kek_len) > +); > + > /************************************************************* > * cfg80211 exported functions traces * > *************************************************************/
Hi Subrat, Thank you for the patch! Yet something to improve: [auto build test ERROR on mac80211-next/master] [also build test ERROR on next-20210908] [cannot apply to mac80211/master v5.14] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Subrat-Mishra/cfg80211-AP-mode-driver-offload-for-FILS-association-crypto/20210908-172202 base: https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git master config: mips-randconfig-r004-20210908 (attached as .config) compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 9c476172b93367d2cb88d7d3f4b1b5b456fa6020) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install mips cross compiling tool for clang build # apt-get install binutils-mips-linux-gnu # https://github.com/0day-ci/linux/commit/cccf904c13513e3beb1919c1153d552145b45443 git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Subrat-Mishra/cfg80211-AP-mode-driver-offload-for-FILS-association-crypto/20210908-172202 git checkout cccf904c13513e3beb1919c1153d552145b45443 # save the attached .config to linux build tree mkdir build_dir COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross O=build_dir ARCH=mips SHELL=/bin/bash net/wireless/ If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All errors (new ones prefixed by >>): In file included from net/wireless/wext-core.c:17: >> include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ >> include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ 6 errors generated. -- In file included from net/wireless/util.c:15: >> include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ >> include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ In file included from net/wireless/util.c:16: In file included from include/net/ip.h:28: In file included from include/net/inet_sock.h:22: In file included from include/net/sock.h:61: include/linux/poll.h:142:27: warning: division by zero is undefined [-Wdivision-by-zero] M(RDNORM) | M(RDBAND) | M(WRNORM) | M(WRBAND) | ^~~~~~~~~ include/linux/poll.h:140:32: note: expanded from macro 'M' #define M(X) (__force __poll_t)__MAP(val, POLL##X, (__force __u16)EPOLL##X) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/poll.h:126:51: note: expanded from macro '__MAP' (from < to ? (v & from) * (to/from) : (v & from) / (from/to)) ^ ~~~~~~~~~ include/linux/poll.h:142:39: warning: division by zero is undefined [-Wdivision-by-zero] M(RDNORM) | M(RDBAND) | M(WRNORM) | M(WRBAND) | ^~~~~~~~~ include/linux/poll.h:140:32: note: expanded from macro 'M' #define M(X) (__force __poll_t)__MAP(val, POLL##X, (__force __u16)EPOLL##X) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/poll.h:126:51: note: expanded from macro '__MAP' (from < to ? (v & from) * (to/from) : (v & from) / (from/to)) ^ ~~~~~~~~~ 2 warnings and 6 errors generated. -- In file included from net/wireless/nl80211.c:26: >> include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ >> include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ In file included from net/wireless/nl80211.c:27: In file included from include/net/sock.h:61: include/linux/poll.h:142:27: warning: division by zero is undefined [-Wdivision-by-zero] M(RDNORM) | M(RDBAND) | M(WRNORM) | M(WRBAND) | ^~~~~~~~~ include/linux/poll.h:140:32: note: expanded from macro 'M' #define M(X) (__force __poll_t)__MAP(val, POLL##X, (__force __u16)EPOLL##X) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/poll.h:126:51: note: expanded from macro '__MAP' (from < to ? (v & from) * (to/from) : (v & from) / (from/to)) ^ ~~~~~~~~~ include/linux/poll.h:142:39: warning: division by zero is undefined [-Wdivision-by-zero] M(RDNORM) | M(RDBAND) | M(WRNORM) | M(WRBAND) | ^~~~~~~~~ include/linux/poll.h:140:32: note: expanded from macro 'M' #define M(X) (__force __poll_t)__MAP(val, POLL##X, (__force __u16)EPOLL##X) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/poll.h:126:51: note: expanded from macro '__MAP' (from < to ? (v & from) * (to/from) : (v & from) / (from/to)) ^ ~~~~~~~~~ >> net/wireless/nl80211.c:3543:5: error: passing 'struct cfg80211_fils_aad' to parameter of incompatible type 'u32' (aka 'unsigned int') cfg80211_get_chandef_type(chandef))) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/compiler.h:56:47: note: expanded from macro 'if' #define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) ) ^~~~ include/linux/compiler.h:58:52: note: expanded from macro '__trace_if_var' #define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond)) ^~~~ include/net/netlink.h:1307:70: note: passing argument to parameter 'value' here static inline int nla_put_u32(struct sk_buff *skb, int attrtype, u32 value) ^ >> net/wireless/nl80211.c:3543:5: error: passing 'struct cfg80211_fils_aad' to parameter of incompatible type 'u32' (aka 'unsigned int') cfg80211_get_chandef_type(chandef))) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/compiler.h:56:47: note: expanded from macro 'if' #define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) ) ^~~~ include/linux/compiler.h:58:61: note: expanded from macro '__trace_if_var' #define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond)) ^~~~ include/net/netlink.h:1307:70: note: passing argument to parameter 'value' here static inline int nla_put_u32(struct sk_buff *skb, int attrtype, u32 value) ^ >> net/wireless/nl80211.c:3543:5: error: passing 'struct cfg80211_fils_aad' to parameter of incompatible type 'u32' (aka 'unsigned int') cfg80211_get_chandef_type(chandef))) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/compiler.h:56:47: note: expanded from macro 'if' #define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) ) ^~~~ include/linux/compiler.h:58:86: note: expanded from macro '__trace_if_var' #define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond)) ^~~~ include/linux/compiler.h:69:3: note: expanded from macro '__trace_if_value' (cond) ? \ ^~~~ include/net/netlink.h:1307:70: note: passing argument to parameter 'value' here static inline int nla_put_u32(struct sk_buff *skb, int attrtype, u32 value) ^ 2 warnings and 9 errors generated. -- In file included from net/wireless/trace.c:5: In file included from net/wireless/trace.h:12: >> include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ >> include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ In file included from net/wireless/trace.c:5: In file included from net/wireless/trace.h:3683: include/trace/define_trace.h:95:10: fatal error: './trace.h' file not found #include TRACE_INCLUDE(TRACE_INCLUDE_FILE) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/trace/define_trace.h:90:32: note: expanded from macro 'TRACE_INCLUDE' # define TRACE_INCLUDE(system) __TRACE_INCLUDE(system) ^~~~~~~~~~~~~~~~~~~~~~~ include/trace/define_trace.h:87:34: note: expanded from macro '__TRACE_INCLUDE' # define __TRACE_INCLUDE(system) __stringify(TRACE_INCLUDE_PATH/system.h) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/stringify.h:10:27: note: expanded from macro '__stringify' #define __stringify(x...) __stringify_1(x) ^~~~~~~~~~~~~~~~ include/linux/stringify.h:9:29: note: expanded from macro '__stringify_1' #define __stringify_1(x...) #x ^~ <scratch space>:71:1: note: expanded from here "./trace.h" ^~~~~~~~~~~ 7 errors generated. vim +/struct +765 include/net/cfg80211.h cccf904c13513e Subrat Mishra 2021-09-08 757 3d9d1d6656a73e Johannes Berg 2012-11-08 758 /** 3d9d1d6656a73e Johannes Berg 2012-11-08 759 * cfg80211_get_chandef_type - return old channel type from chandef 3d9d1d6656a73e Johannes Berg 2012-11-08 760 * @chandef: the channel definition 3d9d1d6656a73e Johannes Berg 2012-11-08 761 * 0ae997dc75efb6 Yacine Belkadi 2013-01-12 762 * Return: The old channel type (NOHT, HT20, HT40+/-) from a given 3d9d1d6656a73e Johannes Berg 2012-11-08 763 * chandef, which must have a bandwidth allowing this conversion. 3d9d1d6656a73e Johannes Berg 2012-11-08 764 */ 683b6d3b31a519 Johannes Berg 2012-11-08 @765 static inline enum nl80211_channel_type 683b6d3b31a519 Johannes Berg 2012-11-08 766 cfg80211_get_chandef_type(const struct cfg80211_chan_def *chandef) 683b6d3b31a519 Johannes Berg 2012-11-08 767 { 3d9d1d6656a73e Johannes Berg 2012-11-08 768 switch (chandef->width) { 3d9d1d6656a73e Johannes Berg 2012-11-08 769 case NL80211_CHAN_WIDTH_20_NOHT: 3d9d1d6656a73e Johannes Berg 2012-11-08 @770 return NL80211_CHAN_NO_HT; 3d9d1d6656a73e Johannes Berg 2012-11-08 771 case NL80211_CHAN_WIDTH_20: 3d9d1d6656a73e Johannes Berg 2012-11-08 772 return NL80211_CHAN_HT20; 3d9d1d6656a73e Johannes Berg 2012-11-08 773 case NL80211_CHAN_WIDTH_40: 3d9d1d6656a73e Johannes Berg 2012-11-08 774 if (chandef->center_freq1 > chandef->chan->center_freq) 3d9d1d6656a73e Johannes Berg 2012-11-08 775 return NL80211_CHAN_HT40PLUS; 3d9d1d6656a73e Johannes Berg 2012-11-08 776 return NL80211_CHAN_HT40MINUS; 3d9d1d6656a73e Johannes Berg 2012-11-08 777 default: 3d9d1d6656a73e Johannes Berg 2012-11-08 778 WARN_ON(1); 3d9d1d6656a73e Johannes Berg 2012-11-08 779 return NL80211_CHAN_NO_HT; 3d9d1d6656a73e Johannes Berg 2012-11-08 780 } 3d9d1d6656a73e Johannes Berg 2012-11-08 781 } 3d9d1d6656a73e Johannes Berg 2012-11-08 782 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Hi Subrat, Thank you for the patch! Yet something to improve: [auto build test ERROR on mac80211-next/master] [also build test ERROR on next-20210908] [cannot apply to mac80211/master v5.14] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Subrat-Mishra/cfg80211-AP-mode-driver-offload-for-FILS-association-crypto/20210908-172202 base: https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git master config: x86_64-randconfig-a016-20210908 (attached as .config) compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 9c476172b93367d2cb88d7d3f4b1b5b456fa6020) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/0day-ci/linux/commit/cccf904c13513e3beb1919c1153d552145b45443 git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Subrat-Mishra/cfg80211-AP-mode-driver-offload-for-FILS-association-crypto/20210908-172202 git checkout cccf904c13513e3beb1919c1153d552145b45443 # save the attached .config to linux build tree mkdir build_dir COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross O=build_dir ARCH=x86_64 SHELL=/bin/bash net/mac80211/ net/wireless/ If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All errors (new ones prefixed by >>): In file included from net/mac80211/ibss.c:22: In file included from include/net/mac80211.h:21: include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ >> net/mac80211/ibss.c:422:13: error: assigning to 'enum nl80211_channel_type' from incompatible type 'struct cfg80211_fils_aad' chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ net/mac80211/ibss.c:827:11: error: assigning to 'enum nl80211_channel_type' from incompatible type 'struct cfg80211_fils_aad' ch_type = cfg80211_get_chandef_type(&ifibss->chandef); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 errors generated. -- In file included from net/mac80211/cfg.c:19: include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ >> net/mac80211/cfg.c:3350:52: error: invalid operands to binary expression ('struct cfg80211_fils_aad' and 'struct cfg80211_fils_aad') if (cfg80211_get_chandef_type(¶ms->chandef) != ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ 7 errors generated. -- In file included from net/mac80211/util.c:14: In file included from include/net/mac80211.h:21: include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ >> net/mac80211/util.c:4038:11: error: assigning to 'enum nl80211_channel_type' from incompatible type 'struct cfg80211_fils_aad' ch_type = cfg80211_get_chandef_type(&csa_settings->chandef); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 7 errors generated. -- In file included from net/mac80211/tdls.c:14: include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ >> net/mac80211/tdls.c:1512:49: error: invalid operands to binary expression ('struct cfg80211_fils_aad' and 'int') ht40plus = cfg80211_get_chandef_type(chandef) == ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ 7 errors generated. -- In file included from net/wireless/nl80211.c:26: include/net/cfg80211.h:765:15: error: cannot combine with previous 'struct' declaration specifier static inline enum nl80211_channel_type ^ include/net/cfg80211.h:770:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:772:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT20; ^~~~~~~~~~~~~~~~~ include/net/cfg80211.h:775:11: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40PLUS; ^~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:776:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_HT40MINUS; ^~~~~~~~~~~~~~~~~~~~~~ include/net/cfg80211.h:779:10: error: returning 'int' from a function with incompatible result type 'struct cfg80211_fils_aad' return NL80211_CHAN_NO_HT; ^~~~~~~~~~~~~~~~~~ >> net/wireless/nl80211.c:3543:5: error: passing 'struct cfg80211_fils_aad' to parameter of incompatible type 'u32' (aka 'unsigned int') cfg80211_get_chandef_type(chandef))) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/net/netlink.h:1307:70: note: passing argument to parameter 'value' here static inline int nla_put_u32(struct sk_buff *skb, int attrtype, u32 value) ^ 7 errors generated. vim +422 net/mac80211/ibss.c 469002983fc90c Johannes Berg 2009-02-15 396 af8cdcd828ad75 Johannes Berg 2009-04-19 397 static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 469002983fc90c Johannes Berg 2009-02-15 398 struct ieee80211_bss *bss) 469002983fc90c Johannes Berg 2009-02-15 399 { 0c1ad2cac1cb54 Johannes Berg 2009-12-23 400 struct cfg80211_bss *cbss = 0c1ad2cac1cb54 Johannes Berg 2009-12-23 401 container_of((void *)bss, struct cfg80211_bss, priv); b59066a291ca7c Johannes Berg 2009-05-12 402 struct ieee80211_supported_band *sband; 75a423f493ffdf Simon Wunderlich 2013-08-21 403 struct cfg80211_chan_def chandef; b59066a291ca7c Johannes Berg 2009-05-12 404 u32 basic_rates; b59066a291ca7c Johannes Berg 2009-05-12 405 int i, j; 0c1ad2cac1cb54 Johannes Berg 2009-12-23 406 u16 beacon_int = cbss->beacon_interval; 8cef2c9df88fdd Johannes Berg 2013-02-05 407 const struct cfg80211_bss_ies *ies; 75a423f493ffdf Simon Wunderlich 2013-08-21 408 enum nl80211_channel_type chan_type; 8cef2c9df88fdd Johannes Berg 2013-02-05 409 u64 tsf; 2103dec14792be Simon Wunderlich 2013-07-08 410 u32 rate_flags; 2103dec14792be Simon Wunderlich 2013-07-08 411 int shift; 57c4d7b4c49860 Johannes Berg 2009-04-23 412 8d61ffa5e01c5f Johannes Berg 2013-05-10 413 sdata_assert_lock(sdata); 7a17a33c0da37f Johannes Berg 2010-07-21 414 57c4d7b4c49860 Johannes Berg 2009-04-23 415 if (beacon_int < 10) 57c4d7b4c49860 Johannes Berg 2009-04-23 416 beacon_int = 10; 57c4d7b4c49860 Johannes Berg 2009-04-23 417 75a423f493ffdf Simon Wunderlich 2013-08-21 418 switch (sdata->u.ibss.chandef.width) { 75a423f493ffdf Simon Wunderlich 2013-08-21 419 case NL80211_CHAN_WIDTH_20_NOHT: 75a423f493ffdf Simon Wunderlich 2013-08-21 420 case NL80211_CHAN_WIDTH_20: 75a423f493ffdf Simon Wunderlich 2013-08-21 421 case NL80211_CHAN_WIDTH_40: 75a423f493ffdf Simon Wunderlich 2013-08-21 @422 chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef); 75a423f493ffdf Simon Wunderlich 2013-08-21 423 cfg80211_chandef_create(&chandef, cbss->channel, chan_type); 75a423f493ffdf Simon Wunderlich 2013-08-21 424 break; 75a423f493ffdf Simon Wunderlich 2013-08-21 425 case NL80211_CHAN_WIDTH_5: 75a423f493ffdf Simon Wunderlich 2013-08-21 426 case NL80211_CHAN_WIDTH_10: 75a423f493ffdf Simon Wunderlich 2013-08-21 427 cfg80211_chandef_create(&chandef, cbss->channel, a4ac6f2e53e568 Matthias Kaehlcke 2017-04-17 428 NL80211_CHAN_NO_HT); 75a423f493ffdf Simon Wunderlich 2013-08-21 429 chandef.width = sdata->u.ibss.chandef.width; 75a423f493ffdf Simon Wunderlich 2013-08-21 430 break; abcff6ef01f9ff Janusz.Dziedzic@tieto.com 2015-03-20 431 case NL80211_CHAN_WIDTH_80: c39b336deb2ec9 Jouni Malinen 2015-11-26 432 case NL80211_CHAN_WIDTH_80P80: abcff6ef01f9ff Janusz.Dziedzic@tieto.com 2015-03-20 433 case NL80211_CHAN_WIDTH_160: abcff6ef01f9ff Janusz.Dziedzic@tieto.com 2015-03-20 434 chandef = sdata->u.ibss.chandef; abcff6ef01f9ff Janusz.Dziedzic@tieto.com 2015-03-20 435 chandef.chan = cbss->channel; abcff6ef01f9ff Janusz.Dziedzic@tieto.com 2015-03-20 436 break; 75a423f493ffdf Simon Wunderlich 2013-08-21 437 default: 75a423f493ffdf Simon Wunderlich 2013-08-21 438 /* fall back to 20 MHz for unsupported modes */ 75a423f493ffdf Simon Wunderlich 2013-08-21 439 cfg80211_chandef_create(&chandef, cbss->channel, a4ac6f2e53e568 Matthias Kaehlcke 2017-04-17 440 NL80211_CHAN_NO_HT); 75a423f493ffdf Simon Wunderlich 2013-08-21 441 break; 75a423f493ffdf Simon Wunderlich 2013-08-21 442 } 75a423f493ffdf Simon Wunderlich 2013-08-21 443 0c1ad2cac1cb54 Johannes Berg 2009-12-23 444 sband = sdata->local->hw.wiphy->bands[cbss->channel->band]; 2103dec14792be Simon Wunderlich 2013-07-08 445 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef); 2103dec14792be Simon Wunderlich 2013-07-08 446 shift = ieee80211_vif_get_shift(&sdata->vif); b59066a291ca7c Johannes Berg 2009-05-12 447 b59066a291ca7c Johannes Berg 2009-05-12 448 basic_rates = 0; b59066a291ca7c Johannes Berg 2009-05-12 449 b59066a291ca7c Johannes Berg 2009-05-12 450 for (i = 0; i < bss->supp_rates_len; i++) { 2103dec14792be Simon Wunderlich 2013-07-08 451 int rate = bss->supp_rates[i] & 0x7f; b59066a291ca7c Johannes Berg 2009-05-12 452 bool is_basic = !!(bss->supp_rates[i] & 0x80); b59066a291ca7c Johannes Berg 2009-05-12 453 b59066a291ca7c Johannes Berg 2009-05-12 454 for (j = 0; j < sband->n_bitrates; j++) { 2103dec14792be Simon Wunderlich 2013-07-08 455 int brate; 2103dec14792be Simon Wunderlich 2013-07-08 456 if ((rate_flags & sband->bitrates[j].flags) 2103dec14792be Simon Wunderlich 2013-07-08 457 != rate_flags) 2103dec14792be Simon Wunderlich 2013-07-08 458 continue; 2103dec14792be Simon Wunderlich 2013-07-08 459 2103dec14792be Simon Wunderlich 2013-07-08 460 brate = DIV_ROUND_UP(sband->bitrates[j].bitrate, 2103dec14792be Simon Wunderlich 2013-07-08 461 5 * (1 << shift)); 2103dec14792be Simon Wunderlich 2013-07-08 462 if (brate == rate) { b59066a291ca7c Johannes Berg 2009-05-12 463 if (is_basic) b59066a291ca7c Johannes Berg 2009-05-12 464 basic_rates |= BIT(j); b59066a291ca7c Johannes Berg 2009-05-12 465 break; b59066a291ca7c Johannes Berg 2009-05-12 466 } b59066a291ca7c Johannes Berg 2009-05-12 467 } b59066a291ca7c Johannes Berg 2009-05-12 468 } b59066a291ca7c Johannes Berg 2009-05-12 469 8cef2c9df88fdd Johannes Berg 2013-02-05 470 rcu_read_lock(); 8cef2c9df88fdd Johannes Berg 2013-02-05 471 ies = rcu_dereference(cbss->ies); 8cef2c9df88fdd Johannes Berg 2013-02-05 472 tsf = ies->tsf; 8cef2c9df88fdd Johannes Berg 2013-02-05 473 rcu_read_unlock(); 8cef2c9df88fdd Johannes Berg 2013-02-05 474 0c1ad2cac1cb54 Johannes Berg 2009-12-23 475 __ieee80211_sta_join_ibss(sdata, cbss->bssid, 57c4d7b4c49860 Johannes Berg 2009-04-23 476 beacon_int, 75a423f493ffdf Simon Wunderlich 2013-08-21 477 &chandef, b59066a291ca7c Johannes Berg 2009-05-12 478 basic_rates, 0c1ad2cac1cb54 Johannes Berg 2009-12-23 479 cbss->capability, 8cef2c9df88fdd Johannes Berg 2013-02-05 480 tsf, false); 469002983fc90c Johannes Berg 2009-02-15 481 } 469002983fc90c Johannes Berg 2009-02-15 482 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 62dd842..621e3b2 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -740,6 +740,22 @@ struct cfg80211_tid_config { }; /** + * struct cfg80211_fils_aad - FILS AAD data + * @macaddr: STA MAC address + * @kek: FILS KEK + * @kek_len: FILS KEK length + * @snonce: STA Nonce + * @anonce: AP Nonce + */ +struct cfg80211_fils_aad { + const u8 *macaddr; + const u8 *kek; + u8 kek_len; + const u8 *snonce; + const u8 *anonce; +} + +/** * cfg80211_get_chandef_type - return old channel type from chandef * @chandef: the channel definition * @@ -4018,6 +4034,10 @@ struct mgmt_frame_regs { * @set_sar_specs: Update the SAR (TX power) settings. * * @color_change: Initiate a color change. + * + * @set_fils_aad: Set FILS AAD data to the AP driver so that the driver can use + * those to decrypt (Re)Association Request and encrypt (Re)Association + * Response frame. */ struct cfg80211_ops { int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow); @@ -4348,6 +4368,8 @@ struct cfg80211_ops { int (*color_change)(struct wiphy *wiphy, struct net_device *dev, struct cfg80211_color_change_settings *params); + int (*set_fils_aad)(struct wiphy *wiphy, struct net_device *dev, + struct cfg80211_fils_aad *fils_aad); }; /* diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h index c2efea9..e89bbf8 100644 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -301,6 +301,29 @@ */ /** + * DOC: FILS shared key crypto offload + * + * This feature is applicable to drivers running in AP mode. + * + * FILS shared key crypto offload can be advertised by drivers by setting + * @NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD flag. The drivers that support + * FILS shared key crypto offload should be able to encrypt and decrypt + * association frames for FILS shared key authentication as per IEEE 802.11ai. + * With this capability, for FILS key derivation, drivers depend on userspace. + * + * After FILS key derivation, userspace shares the FILS AAD details with the + * driver and the driver stores the same to use in decryption of association + * request and in encryption of association response. The below parameters + * should be given to the driver in %NL80211_CMD_SET_FILS_AAD. + * %NL80211_ATTR_MAC - STA MAC address, used for storing FILS AAD per STA + * %NL80211_ATTR_FILS_KEK - Used for encryption or decryption + * %NL80211_ATTR_FILS_NONCES - Used for encryption or decryption + * (STA Nonce 16 bytes followed by AP Nonce 16 bytes) + * + * Once the association is done, the driver cleans the FILS AAD data. + */ + +/** * enum nl80211_commands - supported nl80211 commands * * @NL80211_CMD_UNSPEC: unspecified command to catch errors @@ -1200,6 +1223,12 @@ * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color change * has completed * + * @NL80211_CMD_SET_FILS_AAD: Set FILS AAD data to the driver using - + * &NL80211_ATTR_MAC - for STA MAC address + * &NL80211_ATTR_FILS_KEK - for KEK + * &NL80211_ATTR_FILS_NONCES - for FILS Nonces + * (STA Nonce 16 bytes followed by AP Nonce 16 bytes) + * * @NL80211_CMD_MAX: highest used command number * @__NL80211_CMD_AFTER_LAST: internal use */ @@ -1440,6 +1469,8 @@ enum nl80211_commands { NL80211_CMD_COLOR_CHANGE_ABORTED, NL80211_CMD_COLOR_CHANGE_COMPLETED, + NL80211_CMD_SET_FILS_AAD, + /* add new commands above here */ /* used to define NL80211_CMD_MAX below */ @@ -5995,6 +6026,11 @@ enum nl80211_feature_flags { * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color collision * detection and change announcemnts. * + * @NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD: Driver running in AP mode supports + * FILS encryption and decryption for (Re)Association Request and Response + * frames. Userspace has to share FILS AAD details to the driver by using + * @NL80211_CMD_SET_FILS_AAD. + * * @NUM_NL80211_EXT_FEATURES: number of extended features. * @MAX_NL80211_EXT_FEATURES: highest extended feature index. */ @@ -6060,6 +6096,7 @@ enum nl80211_ext_feature_index { NL80211_EXT_FEATURE_SECURE_RTT, NL80211_EXT_FEATURE_PROT_RANGE_NEGO_AND_MEASURE, NL80211_EXT_FEATURE_BSS_COLOR, + NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD, /* add new features before the definition below */ NUM_NL80211_EXT_FEATURES, diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index bf7cd47..761760a 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -14904,6 +14904,29 @@ static int nl80211_color_change(struct sk_buff *skb, struct genl_info *info) return err; } +static int nl80211_set_fils_aad(struct sk_buff *skb, + struct genl_info *info) +{ + struct cfg80211_registered_device *rdev = info->user_ptr[0]; + struct net_device *dev = info->user_ptr[1]; + struct cfg80211_fils_aad fils_aad = {}; + u8 *nonces; + + if (!info->attrs[NL80211_ATTR_MAC] || + !info->attrs[NL80211_ATTR_FILS_KEK] || + !info->attrs[NL80211_ATTR_FILS_NONCES]) + return -EINVAL; + + fils_aad.macaddr = nla_data(info->attrs[NL80211_ATTR_MAC]); + fils_aad.kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]); + fils_aad.kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]); + nonces = nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]); + fils_aad.snonce = nonces; + fils_aad.anonce = nonces + FILS_NONCE_LEN; + + return rdev_set_fils_aad(rdev, dev, &fils_aad); +} + #define NL80211_FLAG_NEED_WIPHY 0x01 #define NL80211_FLAG_NEED_NETDEV 0x02 #define NL80211_FLAG_NEED_RTNL 0x04 @@ -15907,6 +15930,13 @@ static const struct genl_small_ops nl80211_small_ops[] = { .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | NL80211_FLAG_NEED_RTNL, }, + { + .cmd = NL80211_CMD_SET_FILS_AAD, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nl80211_set_fils_aad, + .flags = GENL_UNS_ADMIN_PERM, + .internal_flags = NL80211_FLAG_NEED_NETDEV_UP, + }, }; static struct genl_family nl80211_fam __ro_after_init = { diff --git a/net/wireless/rdev-ops.h b/net/wireless/rdev-ops.h index ce6bf21..cc1efec 100644 --- a/net/wireless/rdev-ops.h +++ b/net/wireless/rdev-ops.h @@ -1381,4 +1381,18 @@ static inline int rdev_color_change(struct cfg80211_registered_device *rdev, return ret; } +static inline int +rdev_set_fils_aad(struct cfg80211_registered_device *rdev, + struct net_device *dev, struct cfg80211_fils_aad *fils_aad) +{ + int ret = -EOPNOTSUPP; + + trace_rdev_set_fils_aad(&rdev->wiphy, dev, fils_aad); + if (rdev->ops->set_fils_aad) + ret = rdev->ops->set_fils_aad(&rdev->wiphy, dev, fils_aad); + trace_rdev_return_int(&rdev->wiphy, ret); + + return ret; +} + #endif /* __CFG80211_RDEV_OPS */ diff --git a/net/wireless/trace.h b/net/wireless/trace.h index 19b78d4..88cd694 100644 --- a/net/wireless/trace.h +++ b/net/wireless/trace.h @@ -167,6 +167,19 @@ __entry->center_freq1, __entry->freq1_offset, \ __entry->center_freq2 +#define FILS_AAD_ASSIGN(fa) \ + do { \ + if (fa) { \ + ether_addr_copy(__entry->macaddr, fa->macaddr); \ + __entry->kek_len = fa->kek_len; \ + } else { \ + eth_zero_addr(__entry->macaddr); \ + __entry->kek_len = 0; \ + } \ + } while (0) +#define FILS_AAD_PR_FMT \ + "macaddr: %pM, kek_len: %d" + #define SINFO_ENTRY __field(int, generation) \ __field(u32, connected_time) \ __field(u32, inactive_time) \ @@ -2614,6 +2627,24 @@ DEFINE_EVENT(wiphy_wdev_cookie_evt, rdev_abort_pmsr, TP_ARGS(wiphy, wdev, cookie) ); +TRACE_EVENT(rdev_set_fils_aad, + TP_PROTO(struct wiphy *wiphy, struct net_device *netdev, + struct cfg80211_fils_aad *fils_aad), + TP_ARGS(wiphy, netdev, fils_aad), + TP_STRUCT__entry(WIPHY_ENTRY + NETDEV_ENTRY + __array(u8, macaddr, ETH_ALEN) + __field(u8, kek_len) + ), + TP_fast_assign(WIPHY_ASSIGN; + NETDEV_ASSIGN; + FILS_AAD_ASSIGN(fils_aad); + ), + TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " FILS_AAD_PR_FMT, + WIPHY_PR_ARG, NETDEV_PR_ARG, __entry->macaddr, + __entry->kek_len) +); + /************************************************************* * cfg80211 exported functions traces * *************************************************************/
Add a driver FILS crypto offload extended capability flag to indicate that the driver running in AP mode is capable of handling encryption and decryption of (Re)Association request and response frames. Add a command to set FILS AAD data to driver. This feature is supported on drivers running in AP mode only. This extended capability is exchanged with hostapd during cfg80211 init. If the driver indicates this capability, then before sending the Authentication response frame, hostapd sets FILS AAD data to the driver. This allows the driver to decrypt (Re)Association Request frame and encrypt (Re)Association Response frame. FILS Key derivation will still be done in hostapd. Signed-off-by: Subrat Mishra <subratm@codeaurora.org> v2: - NL80211_FLAG_NEED_RTNL flag removed from internal_flags of command NL80211_FLAG_NEED_RTNL - Fixed alignment in include/net/cfg80211.h set_fils_aad() comments - Fixed alignment in net/wireless/trace.h rdev_set_fils_aad Trace event