From patchwork Fri Jul 8 16:52:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 12911519 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1F7C1CCA47B for ; Fri, 8 Jul 2022 16:52:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238769AbiGHQwc (ORCPT ); Fri, 8 Jul 2022 12:52:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36654 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239405AbiGHQw1 (ORCPT ); Fri, 8 Jul 2022 12:52:27 -0400 Received: from alexa-out-sd-02.qualcomm.com (alexa-out-sd-02.qualcomm.com [199.106.114.39]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4328974361 for ; Fri, 8 Jul 2022 09:52:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; i=@quicinc.com; q=dns/txt; s=qcdkim; t=1657299146; x=1688835146; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=5oufjD70T0Nm3AKvWZAVy8tsfi/hpQvZ5iFwqXRUD74=; b=OUBCfn5MJofM+RWZiF1l1k13fSJoT/IeIejg2O/ffnmr3ep/eJaZcLFv irtbAeBqag4XsHV9SB7K7jMF+S1G3vCBK9h9ar/xd8r7uSK+3XKTaQnTW ZzSdZvMtOcbQIewjaJ8kJWwDupxlfdpMgaSmrkJJ74NVKS9ds3X/Nbzsf Q=; Received: from unknown (HELO ironmsg01-sd.qualcomm.com) ([10.53.140.141]) by alexa-out-sd-02.qualcomm.com with ESMTP; 08 Jul 2022 09:52:26 -0700 X-QCInternal: smtphost Received: from nasanex01c.na.qualcomm.com ([10.47.97.222]) by ironmsg01-sd.qualcomm.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Jul 2022 09:52:25 -0700 Received: from nalasex01a.na.qualcomm.com (10.47.209.196) by nasanex01c.na.qualcomm.com (10.47.97.222) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Fri, 8 Jul 2022 09:52:25 -0700 Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Fri, 8 Jul 2022 09:52:24 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH 1/2] nl80211: Allow transmitting auth frames with random TA Date: Fri, 8 Jul 2022 22:22:11 +0530 Message-ID: <20220708165212.2069149-1-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01a.na.qualcomm.com (10.52.223.231) To nalasex01a.na.qualcomm.com (10.47.209.196) Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org Allow authentication frames with a random local address as transmit address if the driver supports. This is required for below cases: - Enabling use of randomized transmit address for PASN authentication frames improve privacy of WLAN clients. - To allow user space to use link address indicated by driver as transmit address for authentication frames triggered by NL80211_CMD_EXTERNAL_AUTH for MLO connection. Signed-off-by: Veerendranath Jakkam --- include/uapi/linux/nl80211.h | 4 ++++ net/wireless/mlme.c | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h index 279f9715919e..9e665f7b3e23 100644 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -6225,6 +6225,9 @@ enum nl80211_feature_flags { * @NL80211_EXT_FEATURE_RADAR_BACKGROUND: Device supports background radar/CAC * detection. * + * @NL80211_EXT_FEATURE_AUTH_TX_RANDOM_TA: Device supports randomized TA + * for authentication frames in @NL80211_CMD_FRAME. + * * @NUM_NL80211_EXT_FEATURES: number of extended features. * @MAX_NL80211_EXT_FEATURES: highest extended feature index. */ @@ -6292,6 +6295,7 @@ enum nl80211_ext_feature_index { NL80211_EXT_FEATURE_BSS_COLOR, NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD, NL80211_EXT_FEATURE_RADAR_BACKGROUND, + NL80211_EXT_FEATURE_AUTH_TX_RANDOM_TA, /* add new features before the definition below */ NUM_NL80211_EXT_FEATURES, diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c index 2bb4da97b66a..176513a75ddf 100644 --- a/net/wireless/mlme.c +++ b/net/wireless/mlme.c @@ -736,6 +736,16 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev, } if (!ether_addr_equal(mgmt->sa, wdev_address(wdev))) { + /* Allow random TA to be used with authentication frames if the + * driver has indicated support for this. Otherwise, only allow + * the local address to be used. + */ + if (ieee80211_is_auth(mgmt->frame_control) && + wiphy_ext_feature_isset( + &rdev->wiphy, + NL80211_EXT_FEATURE_AUTH_TX_RANDOM_TA)) + goto out_tx; + /* Allow random TA to be used with Public Action frames if the * driver has indicated support for this. Otherwise, only allow * the local address to be used. @@ -755,6 +765,7 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev, return -EINVAL; } +out_tx: /* Transmit the Action frame as requested by user space */ return rdev_mgmt_tx(rdev, wdev, params, cookie); } From patchwork Fri Jul 8 16:52:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 12911520 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AAD98C433EF for ; Fri, 8 Jul 2022 16:52:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239402AbiGHQwd (ORCPT ); Fri, 8 Jul 2022 12:52:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36742 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239409AbiGHQw2 (ORCPT ); Fri, 8 Jul 2022 12:52:28 -0400 Received: from alexa-out.qualcomm.com (alexa-out.qualcomm.com [129.46.98.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08F4B2BB33 for ; Fri, 8 Jul 2022 09:52:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; i=@quicinc.com; q=dns/txt; s=qcdkim; t=1657299148; x=1688835148; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kkgT01xD1QFEq3LaQ8YC1xfCtkTa+Xx6ol/y4IH4Wcs=; b=ZBc2+g9S9eSKphY2eMM41/BLZhnALr+qMJS2Q48sYUIbEP95m4vNP18b ODcPR2icCLkbtu6ZIRTibF6GDz0yu4m+W1bTDz7NjQlmvnezGaPInjHyt HqdbTLZBXStLltJtC0rlc1HUix2vYM8/oVCx5gZcGQkZmFVeNczVO5rNd Y=; Received: from ironmsg08-lv.qualcomm.com ([10.47.202.152]) by alexa-out.qualcomm.com with ESMTP; 08 Jul 2022 09:52:28 -0700 X-QCInternal: smtphost Received: from nasanex01c.na.qualcomm.com ([10.47.97.222]) by ironmsg08-lv.qualcomm.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Jul 2022 09:52:27 -0700 Received: from nalasex01a.na.qualcomm.com (10.47.209.196) by nasanex01c.na.qualcomm.com (10.47.97.222) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Fri, 8 Jul 2022 09:52:27 -0700 Received: from cnss-mw-linux.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Fri, 8 Jul 2022 09:52:25 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH 2/2] cfg80211: Indicate transmit address in external auth request Date: Fri, 8 Jul 2022 22:22:12 +0530 Message-ID: <20220708165212.2069149-2-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220708165212.2069149-1-quic_vjakkam@quicinc.com> References: <20220708165212.2069149-1-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01a.na.qualcomm.com (10.52.223.231) To nalasex01a.na.qualcomm.com (10.47.209.196) Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org If external authentication request triggered during MLO connection, the link address used by driver can be different from the interface address. Add support to indicate transmit address to use for authentication frames sent by user space for current external authentication request. Signed-off-by: Veerendranath Jakkam --- include/net/cfg80211.h | 6 ++++++ net/wireless/nl80211.c | 9 +++++++++ 2 files changed, 15 insertions(+) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 140354f5f15b..be0ebed560f6 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -3553,6 +3553,11 @@ struct cfg80211_pmk_conf { * the real status code for failures. Used only for the authentication * response command interface (user space to driver). * @pmkid: The identifier to refer a PMKSA. + * @tx_addr: Transmit address to use for current external authentication + * request. Only valid for the authentication request event. Driver must + * indicate support for randomizing transmit address of authentication + * frames with %NL80211_EXT_FEATURE_AUTH_TX_RANDOM_TA to fill non-zero + * value in this parameter. */ struct cfg80211_external_auth_params { enum nl80211_external_auth_action action; @@ -3561,6 +3566,7 @@ struct cfg80211_external_auth_params { unsigned int key_mgmt_suite; u16 status; const u8 *pmkid; + u8 tx_addr[ETH_ALEN] __aligned(2); }; /** diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index eda2ad029c90..e00539c98112 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -19280,6 +19280,15 @@ int cfg80211_external_auth_request(struct net_device *dev, params->ssid.ssid)) goto nla_put_failure; + if (!is_zero_ether_addr(params->tx_addr)) { + if (!wiphy_ext_feature_isset(&rdev->wiphy, + NL80211_EXT_FEATURE_AUTH_TX_RANDOM_TA)) + return -EINVAL; + + if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->tx_addr)) + goto nla_put_failure; + } + genlmsg_end(msg, hdr); genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, wdev->conn_owner_nlportid);