diff mbox series

[v3,1/1] wifi: nl80211: Add PTK/GTK rekey interval attributes for APs supporting PSK offload

Message ID 20231113124742.13588-1-jithu.jance@broadcom.com (mailing list archive)
State Changes Requested
Delegated to: Johannes Berg
Headers show
Series [v3,1/1] wifi: nl80211: Add PTK/GTK rekey interval attributes for APs supporting PSK offload | expand

Commit Message

Jithu Jance Nov. 13, 2023, 12:47 p.m. UTC
This patch adds attributes to NL80211_CMD_START_AP that the user application
can use to pass down PTK/GTK rekey interval times to the driver. If driver can't
support the configuration, it is expected to return failure to NL8011_CMD_START_AP.
The rekey interval timings are to be passed in seconds.

---
v2 > v3: Fixed indentation
v1 > v2: Fixed the missing nl80211_policy changes

Signed-off-by: Jithu Jance <jithu.jance@broadcom.com>
---
 include/net/cfg80211.h       |  6 ++++++
 include/uapi/linux/nl80211.h | 13 +++++++++++++
 net/wireless/nl80211.c       | 13 +++++++++++++
 3 files changed, 32 insertions(+)

Comments

Johannes Berg Nov. 24, 2023, 7:03 p.m. UTC | #1
On Mon, 2023-11-13 at 18:17 +0530, Jithu Jance wrote:
> This patch adds attributes to NL80211_CMD_START_AP that the user application
> can use to pass down PTK/GTK rekey interval times to the driver. If driver can't
> support the configuration, it is expected to return failure to NL8011_CMD_START_AP.

That doesn't work, _all_ current drivers will obviously completely
ignore this setting. If you need that behaviour, you need to add new
feature flags for it.

> +		if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL])
> +			settings->ptk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL]);
> +		else
> +			settings->gtk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]);
> 

Why can you not set both at the same time?! That should be documented,
if it's really desired, but that seems really counter-intuitive?

johannes
Jithu Jance Nov. 25, 2023, 2:40 a.m. UTC | #2
>That doesn't work, _all_ current drivers will obviously completely
ignore this setting.
Got your point - without this user space will not be sure whether GTK/PTK
will work with the driver even though values are passed down. Will add it.


>Why can you not set both at the same time?!
Yes, agree. will fix it.

*Jithu Jance *


On Sat, Nov 25, 2023 at 12:33 AM Johannes Berg <johannes@sipsolutions.net>
wrote:

> On Mon, 2023-11-13 at 18:17 +0530, Jithu Jance wrote:
> > This patch adds attributes to NL80211_CMD_START_AP that the user
> application
> > can use to pass down PTK/GTK rekey interval times to the driver. If
> driver can't
> > support the configuration, it is expected to return failure to
> NL8011_CMD_START_AP.
>
> That doesn't work, _all_ current drivers will obviously completely
> ignore this setting. If you need that behaviour, you need to add new
> feature flags for it.
>
> > +             if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL])
> > +                     settings->ptk_rekey_interval =
> nla_get_u32(info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL]);
> > +             else
> > +                     settings->gtk_rekey_interval =
> nla_get_u32(info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]);
> >
>
> Why can you not set both at the same time?! That should be documented,
> if it's really desired, but that seems really counter-intuitive?
>
> johannes
>
diff mbox series

Patch

diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index b137a33a1b68..459e29d4d766 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -1218,6 +1218,10 @@  struct survey_info {
  *
  *	NL80211_SAE_PWE_BOTH
  *	  Allow either hunting-and-pecking loop or hash-to-element
+ * @ptk_rekey_interval: PTK rekey interval in seconds for drivers supporting
+ *	AP 4 way handshake offload.
+ * @gtk_rekey_interval: GTK rekey interval in seconds for drivers supporting
+ *	AP 4 way handshake offload.
  */
 struct cfg80211_crypto_settings {
 	u32 wpa_versions;
@@ -1235,6 +1239,8 @@  struct cfg80211_crypto_settings {
 	const u8 *sae_pwd;
 	u8 sae_pwd_len;
 	enum nl80211_sae_pwe_mechanism sae_pwe;
+	u32 ptk_rekey_interval;
+	u32 gtk_rekey_interval;
 };
 
 /**
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index dced2c49daec..519be2b58cd0 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -205,6 +205,10 @@ 
  * preshared key material is provided, for example when that driver does
  * not support setting the temporal keys through %NL80211_CMD_NEW_KEY.
  *
+ * NL80211_CMD_START_AP can optionally carry %NL80211_ATTR_GTK_REKEY_INTERVAL
+ * and %NL80211_ATTR_PTK_REKEY_INTERVAL to pass down user configured values to
+ * the driver.
+ *
  * For 802.1X the PMK or PMK-R0 are set by providing %NL80211_ATTR_PMK
  * using %NL80211_CMD_SET_PMK. For offloaded FT support also
  * %NL80211_ATTR_PMKR0_NAME must be provided.
@@ -2826,6 +2830,12 @@  enum nl80211_commands {
  * @NL80211_ATTR_MLO_LINK_DISABLED: Flag attribute indicating that the link is
  *	disabled.
  *
+ * @NL80211_ATTR_PTK_REKEY_INTERVAL: PTK refresh interval in seconds for drivers
+ *	supporting NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK.
+ *
+ * @NL80211_ATTR_GTK_REKEY_INTERVAL: GTK refresh interval in seconds for drivers
+ *	supporting NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK.
+ *
  * @NUM_NL80211_ATTR: total number of nl80211_attrs available
  * @NL80211_ATTR_MAX: highest attribute number currently defined
  * @__NL80211_ATTR_AFTER_LAST: internal use
@@ -3364,6 +3374,9 @@  enum nl80211_attrs {
 
 	NL80211_ATTR_MLO_LINK_DISABLED,
 
+	NL80211_ATTR_PTK_REKEY_INTERVAL,
+	NL80211_ATTR_GTK_REKEY_INTERVAL,
+
 	/* add attributes here, update the policy in nl80211.c */
 
 	__NL80211_ATTR_AFTER_LAST,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 569234bc2be6..514960e5681d 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -818,6 +818,8 @@  static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
 	[NL80211_ATTR_HW_TIMESTAMP_ENABLED] = { .type = NLA_FLAG },
 	[NL80211_ATTR_EMA_RNR_ELEMS] = { .type = NLA_NESTED },
 	[NL80211_ATTR_MLO_LINK_DISABLED] = { .type = NLA_FLAG },
+	[NL80211_ATTR_PTK_REKEY_INTERVAL] = { .type = NLA_U32 },
+	[NL80211_ATTR_GTK_REKEY_INTERVAL] = { .type = NLA_U32 },
 };
 
 /* policy for the key attributes */
@@ -10892,6 +10894,17 @@  static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
 	else
 		settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED;
 
+	if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL] ||
+	    info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]) {
+		if (!wiphy_ext_feature_isset(&rdev->wiphy,
+					NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK))
+			return -EINVAL;
+		if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL])
+			settings->ptk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL]);
+		else
+			settings->gtk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]);
+	}
+
 	return 0;
 }