From patchwork Mon Jul 3 08:26:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kavitha Velayutham X-Patchwork-Id: 699220 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02095EB64DC for ; Mon, 3 Jul 2023 13:18:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231268AbjGCNR5 (ORCPT ); Mon, 3 Jul 2023 09:17:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44562 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229608AbjGCNR4 (ORCPT ); Mon, 3 Jul 2023 09:17:56 -0400 Received: from mailout1.samsung.com (mailout1.samsung.com [203.254.224.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1F42E3 for ; Mon, 3 Jul 2023 06:17:53 -0700 (PDT) Received: from epcas5p2.samsung.com (unknown [182.195.41.40]) by mailout1.samsung.com (KnoxPortal) with ESMTP id 20230703131751epoutp012acf4855bf93c4c97214329895945426~uXgGTcg_m2487224872epoutp01U for ; Mon, 3 Jul 2023 13:17:51 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 mailout1.samsung.com 20230703131751epoutp012acf4855bf93c4c97214329895945426~uXgGTcg_m2487224872epoutp01U DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1688390271; bh=+noCVj8IZxKilu+ApMJfqRhNqqMewKdzTmQQ3GKkJ/E=; h=Subject:Reply-To:From:To:CC:In-Reply-To:Date:References:From; b=FGPBNu0r33BahYyOSMJdsstOYVor+CqIkHOpeoofv/xWKHBKYequOz8lmz45fSH91 Hn96AoCn2KGwmsvdRAvXVgTEH91i4NeILkg6fA6jQG+WCxzl+KhDRJHobMfs/kSQ9Z OgKB9r3eJpYqVMKOCLz6jwJfAQP+UBBCqFT/Cl/o= Received: from epsnrtp3.localdomain (unknown [182.195.42.164]) by epcas5p1.samsung.com (KnoxPortal) with ESMTP id 20230703131750epcas5p1034cc47c94a7567b9cc107b5fa9cd343~uXgGDfInM2113621136epcas5p1r; Mon, 3 Jul 2023 13:17:50 +0000 (GMT) Received: from epsmges5p1new.samsung.com (unknown [182.195.38.175]) by epsnrtp3.localdomain (Postfix) with ESMTP id 4Qvmgd53n4z4x9Pp; Mon, 3 Jul 2023 13:17:49 +0000 (GMT) X-AuditID: b6c32a49-67ffa7000000d8e2-ba-64a2ca7deb75 Received: from epcas5p3.samsung.com ( [182.195.41.41]) by epsmges5p1new.samsung.com (Symantec Messaging Gateway) with SMTP id 14.CC.55522.D7AC2A46; Mon, 3 Jul 2023 22:17:49 +0900 (KST) Mime-Version: 1.0 Subject: External Auth FILS Authentication Reply-To: k.velayutham@samsung.com Sender: Kavitha Velayutham From: Kavitha Velayutham To: "linux-wireless@vger.kernel.org" , "johannes@sipsolutions.net" CC: Pragya Gupta X-Priority: 3 X-Content-Kind-Code: NORMAL In-Reply-To: <20230628045628epcms5p5b1820343f828e3229035d6313fe735ce@epcms5p5> X-Drm-Type: N,general X-Msg-Generator: Mail X-Msg-Type: PERSONAL X-Reply-Demand: N Message-ID: <20230703082654epcms5p42bf0d3816b990c13a4f1d7272c4c8e7b@epcms5p4> Date: Mon, 03 Jul 2023 13:56:54 +0530 X-CMS-MailID: 20230703082654epcms5p42bf0d3816b990c13a4f1d7272c4c8e7b X-Sendblock-Type: REQ_APPROVE CMS-TYPE: 105P X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrFKsWRmVeSWpSXmKPExsWy7bCmpm7tqUUpBpOOK1h83PCJxeLNijvs Fi/3Fzswe/RtWcXo0d+7jcXj8ya5AOaobJuM1MSU1CKF1Lzk/JTMvHRbJe/geOd4UzMDQ11D SwtzJYW8xNxUWyUXnwBdt8wcoD1KCmWJOaVAoYDE4mIlfTubovzSklSFjPziElul1IKUnAKT Ar3ixNzi0rx0vbzUEitDAwMjU6DChOyMDcs7mAqu7GKs2PV7J3sD4/OtjF2MnBwSAiYSi5r+ sXQxcnEICexmlFjz4C5TFyMHB6+AoMTfHcIgNcICWhLb3h9hB7GFBJQkJqz7wQQRN5Xo2LaP DcRmEzCWuH+lhxFkjohAA6NE9+mDzCAJZgFtid4zv9kglvFKzGh/ygJhS0tsXw5xBKeAn8TM CxuZIOKiEjdXv2WHsd8fmw91qIhE672zzBC2oMSDn7uh4lISfX9OQM3Plmh48RvsfgmBEomr l60hTHOJP9t0Ib7ylWhZB/YVi4CqRPeEmawQjS4S615NZYM5eNnC18wg5cwCmhLrd+lDlMhK TD21jgmihE+i9/cTJpifdsyDsdUkTnSsgvpPRmJxA8yvHhKtS5czQwJwB5NE/z+pCYwKsxDB PAvJ4lkIixcwMq9ilEwtKM5NTy02LTDMSy2HR29yfu4mRnCi0/LcwXj3wQe9Q4xMHIyHGCU4 mJVEeJsfzk8R4k1JrKxKLcqPLyrNSS0+xGgK9PVEZinR5Hxgqs0riTc0sTQwMTMzM7E0NjNU Eud93To3RUggPbEkNTs1tSC1CKaPiYNTqoHJP8h6SeRxo/TiZPal56qdGI+9yJijM9l7QslU 9prWY1/iNjD+K7VawqZo/LSsKzY9/ayr/5xF4ZWGASGfFvYE/t3+6RCb96YzB/keO1TdLm/Q rWO1/J5d/ll04427AsJxpyU3SLb5zc+7+8r7Zv+Bjx9fPNsa5lc3e5ak2/EtRoZnazOvRbj/ +OS/de6dXJ9wrwecjdsjGv4E9UYwfGEVi26u2FvtumPGMt9tB9tCMvcG7ui68Yjd9u40nUzO w2mad7/fzN/rbFFu23p6ZwrbF/89Ky9tmODhU1atax2k4Bz9a+7O8r0MM71E7tXYy6/d+8t7 UdOxnklbT0zLaYk4nvHcgfXcRu6GJytVeM8osRRnJBpqMRcVJwIAoaOVWP0DAAA= DLP-Filter: Pass X-CFilter-Loop: Reflected X-CMS-RootMailID: 20230622102548epcas5p3e347215405116f1b64befe72ec99d567 References: <20230628045628epcms5p5b1820343f828e3229035d6313fe735ce@epcms5p5> <20230622103041epcms5p873a0f3404f38216c9802f6b299787d9d@epcms5p8> <202306221827.35MIRU0c2989147@administrator-PowerEdge-R740xd.sa.corp.samsungelectronics.net> Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org Author: Kavitha Velayutham Date:  Thu Jun 22 23:48:11 2023 +0530       [Patch 1/1] changes for FILS Authentication for External Auth         For Auth to be handled by supplicant when sme is in lower layers for FILS Authentication and     to send Assoc params to the  Lower layers.         Signed-off-by: Kavitha Velayutham diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h old mode 100644 new mode 100755 index 9e04f69712b1..ac61d326f0f3 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -3467,6 +3467,16 @@ struct cfg80211_update_ft_ies_params {          size_t ie_len; }; +#ifdef CONFIG_SCSC_WLAN_OCE +struct cfg80211_external_fils_assoc_params { +        const u8 *fils_kek; +        size_t fils_kek_len; +        const u8 *ie; +        size_t ie_len; +        const u8 *fils_nonces; +        size_t fils_nonces_len; +}; +#endif /**   * struct cfg80211_mgmt_tx_params - mgmt tx parameters   * @@ -4626,6 +4636,10 @@ struct cfg80211_ops {                                  struct net_device *dev);          int        (*update_ft_ies)(struct wiphy *wiphy, struct net_device *dev,                                   struct cfg80211_update_ft_ies_params *ftie); +#ifdef CONFIG_SCSC_WLAN_OCE +        int        (*set_fils_assoc_params)(struct wiphy *wiphy, struct net_device *dev, +                                         struct cfg80211_external_fils_assoc_params *ftie); +#endif          int        (*crit_proto_start)(struct wiphy *wiphy,                                      struct wireless_dev *wdev,                                      enum nl80211_crit_proto_id protocol, diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h old mode 100644 new mode 100755 index c59fec406da5..6ef927c966d3 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -1562,6 +1562,10 @@ enum nl80211_commands {          NL80211_CMD_SET_HW_TIMESTAMP, +        NL80211_CMD_SET_SAR_SPECS, + +        NL80211_CMD_FILS_ASSOC_REQ_INFO, +          /* add new commands above here */          /* used to define NL80211_CMD_MAX below */ @@ -1581,6 +1585,7 @@ enum nl80211_commands { #define NL80211_CMD_DEAUTHENTICATE NL80211_CMD_DEAUTHENTICATE #define NL80211_CMD_DISASSOCIATE NL80211_CMD_DISASSOCIATE #define NL80211_CMD_REG_BEACON_HINT NL80211_CMD_REG_BEACON_HINT +#define NL80211_CMD_FILS_ASSOC_REQ_INFO NL80211_CMD_FILS_ASSOC_REQ_INFO #define NL80211_ATTR_FEATURE_FLAGS NL80211_ATTR_FEATURE_FLAGS @@ -3302,6 +3307,14 @@ enum nl80211_attrs {          NL80211_ATTR_DISABLE_HE, +        NL80211_ATTR_FILS_ASSOC_IE, + +        NL80211_ATTR_RECONNECT_REQUESTED, + +        NL80211_ATTR_SAR_SPEC, + +        NL80211_ATTR_DISABLE_HE, +          NL80211_ATTR_OBSS_COLOR_BITMAP,          NL80211_ATTR_COLOR_CHANGE_COUNT, @@ -6443,7 +6456,7 @@ enum nl80211_ext_feature_index {          NL80211_EXT_FEATURE_PUNCT,          NL80211_EXT_FEATURE_SECURE_NAN,          NL80211_EXT_FEATURE_AUTH_AND_DEAUTH_RANDOM_TA, - +        NL80211_EXT_FEATURE_EXTERNAL_AUTH_FILS,          /* add new features before the definition below */          NUM_NL80211_EXT_FEATURES,          MAX_NL80211_EXT_FEATURES = NUM_NL80211_EXT_FEATURES - 1 diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig index f620acd2a0f5..cac4586e21e1 100644 --- a/net/wireless/Kconfig +++ b/net/wireless/Kconfig @@ -67,6 +67,11 @@ config CFG80211_DEVELOPER_WARNINGS            Say Y only if you are developing cfg80211 or a driver based            on it (or mac80211). +config SCSC_WLAN_OCE +        bool "OCE Auth Support with External Auth" +        default y +        help +          This option enables external Auth Support for FILS Authentication config CFG80211_CERTIFICATION_ONUS          bool "cfg80211 certification onus" diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c old mode 100644 new mode 100755 index d95f8053020d..b78236883b84 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -559,6 +559,11 @@ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {          [NL80211_ATTR_IE] = NLA_POLICY_VALIDATE_FN(NLA_BINARY,                                                    validate_ie_attr,                                                    IEEE80211_MAX_DATA_LEN), +#ifdef CONFIG_SCSC_WLAN_OCE +        [NL80211_ATTR_FILS_ASSOC_IE] = NLA_POLICY_VALIDATE_FN(NLA_BINARY, +                                                              validate_ie_attr, +                                                              IEEE80211_MAX_DATA_LEN), +#endif          [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },          [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, @@ -5844,10 +5849,11 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,                  if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||                      auth_type == NL80211_AUTHTYPE_FILS_PK)                          return false; -                if (!wiphy_ext_feature_isset( -                            &rdev->wiphy, -                            NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) && -                    auth_type == NL80211_AUTHTYPE_FILS_SK) +                if (!(wiphy_ext_feature_isset(&rdev->wiphy, NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) +#ifdef CONFIG_SCSC_WLAN_OCE +                    || wiphy_ext_feature_isset(&rdev->wiphy, NL80211_EXT_FEATURE_EXTERNAL_AUTH_FILS) +#endif +                    ) && auth_type == NL80211_AUTHTYPE_FILS_SK)                          return false;                  return true;          case NL80211_CMD_START_AP: @@ -11929,9 +11935,11 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)                  }          } -        if (wiphy_ext_feature_isset(&rdev->wiphy, -                                    NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) && -            info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] && +        if ((wiphy_ext_feature_isset(&rdev->wiphy, NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) +#ifdef CONFIG_SCSC_WLAN_OCE +            || wiphy_ext_feature_isset(&rdev->wiphy, NL80211_EXT_FEATURE_EXTERNAL_AUTH_FILS) +#endif +            ) && info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&              info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&              info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&              info->attrs[NL80211_ATTR_FILS_ERP_RRK]) { @@ -12013,8 +12021,8 @@ static int nl80211_update_connect_params(struct sk_buff *skb,                  changed |= UPDATE_ASSOC_IES;          } -        fils_sk_offload = wiphy_ext_feature_isset(&rdev->wiphy, -                                                  NL80211_EXT_FEATURE_FILS_SK_OFFLOAD); +        fils_sk_offload = wiphy_ext_feature_isset(&rdev->wiphy, NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) || +                          wiphy_ext_feature_isset(&rdev->wiphy, NL80211_EXT_FEATURE_EXTERNAL_AUTH_FILS);          /*           * when driver supports fils-sk offload all attributes must be @@ -14789,6 +14797,33 @@ static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info)          return rdev_update_ft_ies(rdev, dev, &ft_params); } +#ifdef CONFIG_SCSC_WLAN_OCE +static int nl80211_fils_assoc_req_ies(struct sk_buff *skb, struct genl_info *info) +{ +        struct cfg80211_registered_device *rdev = info->user_ptr[0]; +        struct cfg80211_external_fils_assoc_params fils_params; +        struct net_device *dev = info->user_ptr[1]; + +        if (!rdev->ops->set_fils_assoc_params) +                return -EOPNOTSUPP; + +        if (!info->attrs[NL80211_ATTR_FILS_KEK] || +            !info->attrs[NL80211_ATTR_FILS_ASSOC_IE] || +            !info->attrs[NL80211_ATTR_FILS_NONCES]) +                return -EINVAL; + +        memset(&fils_params, 0, sizeof(fils_params)); +        fils_params.fils_kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]); +        fils_params.fils_kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]); +        fils_params.ie = nla_data(info->attrs[NL80211_ATTR_FILS_ASSOC_IE]); +        fils_params.ie_len = nla_len(info->attrs[NL80211_ATTR_FILS_ASSOC_IE]); +        fils_params.fils_nonces = nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]); +        fils_params.fils_nonces_len = nla_len(info->attrs[NL80211_ATTR_FILS_NONCES]); + +        return rdev_fils_assoc_req_ies(rdev, dev, &fils_params); +} +#endif + static int nl80211_crit_protocol_start(struct sk_buff *skb,                                        struct genl_info *info) { @@ -16631,6 +16666,16 @@ static const struct genl_small_ops nl80211_small_ops[] = {                  .doit = nl80211_set_wiphy,                  .flags = GENL_UNS_ADMIN_PERM,          }, +#ifdef CONFIG_SCSC_WLAN_OCE +        { +                .cmd = NL80211_CMD_FILS_ASSOC_REQ_INFO, +                .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, +                .doit = nl80211_fils_assoc_req_ies, +                .flags = GENL_UNS_ADMIN_PERM, +                .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | +                                  NL80211_FLAG_NEED_RTNL, +        }, +#endif          {                  .cmd = NL80211_CMD_GET_INTERFACE,                  .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, diff --git a/net/wireless/rdev-ops.h b/net/wireless/rdev-ops.h old mode 100644 new mode 100755 index 2e497cf26ef2..000d2019901d --- a/net/wireless/rdev-ops.h +++ b/net/wireless/rdev-ops.h @@ -1062,6 +1062,20 @@ static inline int rdev_update_ft_ies(struct cfg80211_registered_device *rdev,          return ret; } +#ifdef CONFIG_SCSC_WLAN_OCE +static inline int rdev_fils_assoc_req_ies(struct cfg80211_registered_device *rdev, +                                          struct net_device *dev, +                                          struct cfg80211_external_fils_assoc_params *params) +{ +        int ret; + +        trace_rdev_fils_assoc_req_ies(&rdev->wiphy, dev, params); +        ret = rdev->ops->set_fils_assoc_params(&rdev->wiphy, dev, params); +        trace_rdev_return_int(&rdev->wiphy, ret); +        return ret; +} +#endif + static inline int rdev_crit_proto_start(struct cfg80211_registered_device *rdev,                                          struct wireless_dev *wdev,                                          enum nl80211_crit_proto_id protocol, diff --git a/net/wireless/trace.h b/net/wireless/trace.h old mode 100644 new mode 100755 index 716a1fa70069..7c2877a7099b --- a/net/wireless/trace.h +++ b/net/wireless/trace.h @@ -2256,6 +2256,30 @@ TRACE_EVENT(rdev_update_ft_ies,                    WIPHY_PR_ARG, NETDEV_PR_ARG, __entry->md) ); +#ifdef CONFIG_SCSC_WLAN_OCE +TRACE_EVENT(rdev_fils_assoc_req_ies, +        TP_PROTO(struct wiphy *wiphy, struct net_device *netdev, +                 struct cfg80211_external_fils_assoc_params *filsie), +        TP_ARGS(wiphy, netdev, filsie), +        TP_STRUCT__entry( +                WIPHY_ENTRY +                NETDEV_ENTRY +                __dynamic_array(u8, kek, filsie->fils_kek_len) +                __dynamic_array(u8, ie, filsie->ie_len) +                __dynamic_array(u8, nonces, filsie->fils_nonces_len) +        ), +        TP_fast_assign( +                WIPHY_ASSIGN; +                NETDEV_ASSIGN; +                memcpy(__get_dynamic_array(kek), filsie->fils_kek, filsie->fils_kek_len); +                memcpy(__get_dynamic_array(ie), filsie->ie, filsie->ie_len); +                memcpy(__get_dynamic_array(ie), filsie->fils_nonces, filsie->fils_nonces_len); +        ), +        TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT , +                  WIPHY_PR_ARG, NETDEV_PR_ARG) +); +#endif + TRACE_EVENT(rdev_crit_proto_start,          TP_PROTO(struct wiphy *wiphy, struct wireless_dev *wdev,                   enum nl80211_crit_proto_id protocol, u16 duration),