From patchwork Tue Dec 10 22:11:17 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chet Lanctot X-Patchwork-Id: 3320521 Return-Path: X-Original-To: patchwork-linux-wireless@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id F20C39F37C for ; Tue, 10 Dec 2013 22:11:30 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 2EA86200ED for ; Tue, 10 Dec 2013 22:11:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 436E020163 for ; Tue, 10 Dec 2013 22:11:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752012Ab3LJWL0 (ORCPT ); Tue, 10 Dec 2013 17:11:26 -0500 Received: from wolverine02.qualcomm.com ([199.106.114.251]:35105 "EHLO wolverine02.qualcomm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751779Ab3LJWLY (ORCPT ); Tue, 10 Dec 2013 17:11:24 -0500 X-IronPort-AV: E=McAfee;i="5400,1158,7285"; a="92041596" Received: from ironmsg04-l.qualcomm.com ([172.30.48.19]) by wolverine02.qualcomm.com with ESMTP; 10 Dec 2013 14:11:24 -0800 X-IronPort-AV: E=McAfee;i="5400,1158,7285"; a="560005141" Received: from yaz-login-02.qualcomm.com ([10.227.178.54]) by Ironmsg04-L.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Dec 2013 14:11:24 -0800 Received: (from clanctot@localhost) by yaz-login-02.qualcomm.com (8.14.2/8.14.5/Submit) id rBAMBO8x030072; Tue, 10 Dec 2013 14:11:24 -0800 From: Chet Lanctot To: linville@tuxdriver.com Cc: linux-wireless@vger.kernel.org, Chet Lanctot Subject: [PATCH 2/2 V3] nl80211/cfg80211: Enable station PMF requirement to be specified to driver with AP SME Date: Tue, 10 Dec 2013 14:11:17 -0800 Message-Id: <1386713477-30040-3-git-send-email-clanctot@codeaurora.org> X-Mailer: git-send-email 1.7.12.rc0.22.gcdd159b In-Reply-To: <1386713477-30040-1-git-send-email-clanctot@codeaurora.org> References: <1386713477-30040-1-git-send-email-clanctot@codeaurora.org> Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP When the device driver implements the AP SME there is a need for userspace to indicate to the driver the PMF (Protected Management Frames, 802.11w) requirements for station connections. The driver enforces the requested PMF state when processing station connection requests. Value NL80211_MFP_NO means that PMF connections cannot be made with stations. Value NL80211_MFP_REQUIRED means that all station connections must be PMF protected. Value NL80211_MFP_OPTIONAL means that a connection can be made if the station supports it, but it is not required. Signed-off-by: Chet Lanctot --- include/net/cfg80211.h | 4 ++++ include/uapi/linux/nl80211.h | 12 +++++++++--- net/wireless/nl80211.c | 9 +++++++++ 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index aeaf6df..9039888 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -636,6 +636,9 @@ struct cfg80211_acl_data { * user space) * @ssid_len: length of @ssid * @hidden_ssid: whether to hide the SSID in Beacon/Probe Response frames + * @mfp: indicate whether management frame protection is used for + * station connections, this is enforced by the driver when a station + * attempts to make a connection (see definion of nl80211_mfp for details) * @crypto: crypto settings * @privacy: the BSS uses privacy * @auth_type: Authentication type (algorithm) @@ -655,6 +658,7 @@ struct cfg80211_ap_settings { const u8 *ssid; size_t ssid_len; enum nl80211_hidden_ssid hidden_ssid; + enum nl80211_mfp mfp; struct cfg80211_crypto_settings crypto; bool privacy; enum nl80211_auth_type auth_type; diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h index 4c80a10..59d4d2e 100644 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -1063,8 +1063,8 @@ enum nl80211_commands { * * @NL80211_ATTR_USE_MFP: Whether management frame protection (IEEE 802.11w) is * used for the association (&enum nl80211_mfp, represented as a u32); - * this attribute can be used - * with %NL80211_CMD_ASSOCIATE and %NL80211_CMD_CONNECT requests + * this attribute can be used with %NL80211_CMD_ASSOCIATE, + * %NL80211_CMD_CONNECT, and @NL80211_CMD_START_AP requests * * @NL80211_ATTR_STA_FLAGS2: Attribute containing a * &struct nl80211_sta_flag_update. @@ -2934,12 +2934,18 @@ enum nl80211_key_type { /** * enum nl80211_mfp - Management frame protection state - * @NL80211_MFP_NO: Management frame protection not used + * @NL80211_MFP_NO: Management frame protection not used on + * any connection * @NL80211_MFP_REQUIRED: Management frame protection required + * on all connections + * @NL80211_MFP_OPTIONAL: For an AP, management frame + * protection is optional for a station connection depending + * on whether the station supports MFP */ enum nl80211_mfp { NL80211_MFP_NO, NL80211_MFP_REQUIRED, + NL80211_MFP_OPTIONAL, }; enum nl80211_wpa_versions { diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 276e4a3..7a73adf 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -3207,6 +3207,15 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info) return PTR_ERR(params.acl); } + if (info->attrs[NL80211_ATTR_USE_MFP]) { + params.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); + if (params.mfp != NL80211_MFP_REQUIRED && + params.mfp != NL80211_MFP_OPTIONAL && + params.mfp != NL80211_MFP_NO) + return -EINVAL; + } else + params.mfp = NL80211_MFP_NO; + err = rdev_start_ap(rdev, dev, ¶ms); if (!err) { wdev->preset_chandef = params.chandef;