Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.0/patches/2198451/?format=api
{ "id": 2198451, "url": "http://patchwork.ozlabs.org/api/1.0/patches/2198451/?format=api", "project": { "id": 22, "url": "http://patchwork.ozlabs.org/api/1.0/projects/22/?format=api", "name": "HostAP Development", "link_name": "hostap", "list_id": "hostap.lists.infradead.org", "list_email": "hostap@lists.infradead.org", "web_url": "", "scm_url": "", "webscm_url": "" }, "msgid": "<20260219202514.5781-45-andrei.otcheretianski@intel.com>", "date": "2026-02-19T20:25:00", "name": "[44/58] NAN: Add security configuration to NDP request/response", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "deefa13c3bb6fd992d1d3c95d6ac86d22cc02ae7", "submitter": { "id": 62065, "url": "http://patchwork.ozlabs.org/api/1.0/people/62065/?format=api", "name": "Andrei Otcheretianski", "email": "andrei.otcheretianski@intel.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/hostap/patch/20260219202514.5781-45-andrei.otcheretianski@intel.com/mbox/", "series": [ { "id": 492721, "url": "http://patchwork.ozlabs.org/api/1.0/series/492721/?format=api", "date": "2026-02-19T20:24:21", "name": "NAN: Add NAN Data Path (NDP) support", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/492721/mbox/" } ], "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2198451/checks/", "tags": {}, "headers": { "Return-Path": "\n <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Vq6ngh6L;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256\n header.s=Intel header.b=WSPcMBxH;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)" ], "Received": [ "from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fH4kt74h5z1xvS\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 20 Feb 2026 07:30:30 +1100 (AEDT)", "from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1vtAer-0000000C1Jm-02M7;\n\tThu, 19 Feb 2026 20:29:57 +0000", "from mgamail.intel.com ([198.175.65.10])\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1vtAdJ-0000000BwCB-06n6\n\tfor hostap@lists.infradead.org;\n\tThu, 19 Feb 2026 20:28:31 +0000", "from orviesa004.jf.intel.com ([10.64.159.144])\n by orvoesa102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 19 Feb 2026 12:27:35 -0800", "from aotchere-mobl1.ger.corp.intel.com (HELO\n aotchere-mobl1.intel.com) ([10.245.246.171])\n by orviesa004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 19 Feb 2026 12:27:32 -0800" ], "DKIM-Signature": [ "v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:\n\tMessage-ID:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:\n\tResent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:\n\tList-Owner; bh=4VM2/X8ggjm/t99V51WAhyK89qjsyu1tCLJ8rABuVOc=; b=Vq6ngh6L/MkhEJ\n\t0QPco4gYB3mrofLapUB0WAcaS6BhNLNqIfQlwiQKjLaYYBfQFOqFPIqCq5f7N3y+bywX3Up4Ubt9X\n\tWY6kqQSXFSZuhP/gf6mnXpel0WPQz2vHqNIrEYpVGQp51bHobGLJYT1e5r5wsdCHZEjG207ZD30//\n\tLBUtoDdIhcw5zA9UpZiS2kAMGQdaKWlzeM+WDbLYmxHC8Tv8HZOhdY5b+XsCic64dL1EdEzqVo3sk\n\t7pk5E4HdvqmZLQuRkB+8bvdr73bdEslLLgdhQ3/vnZRAn+SqQzkb9XIyZuRJTXmEc2D2ypHRQFiTr\n\tck2VNSzDzX12iDmH3DIQ==;", "v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1771532901; x=1803068901;\n h=from:to:cc:subject:date:message-id:in-reply-to:\n references:mime-version:content-transfer-encoding;\n bh=bhHAHuBi83FTQXWotMIC3JmrY68LPyPrBQZHGhZzHgg=;\n b=WSPcMBxHOvyQj+K+EumTJUx1bu25wXwc2aTrqGYnEpT8FhbgeGhGIqu1\n JqGGIKcdKx4/Hh/Gomk41BCe4jZv9nRd8OX6iRM/QjgvHQvkw+8nVPFC0\n pybDg+2isaWZjNWslKpekeC7uatudXV0aLsIjTAD2gpYn4vLGdweRVdQV\n cZbP6zkJUfnMTNKDvQoOkcUgabiR0pMxofjpbosJT9uPd+bth+8O/rDTI\n zupC9YI/zjPUw84N+Da6p7uaa3/kfF3FH4KmBKiac2PowSz34GGRIJzW+\n GNH9woN2qBweRCIO/LjG+fAr3k4BMNExbz5GMufqYfkX1OXHwJItYE3o/\n A==;" ], "X-CSE-ConnectionGUID": [ "AV/GLq6TS9uWmeHr9HGqbQ==", "6WCtNSAmR/6VSA6GeboBYA==" ], "X-CSE-MsgGUID": [ "X2PlojG/TlGd1BklXDuPJw==", "evqDocKYTdijXzXUlBlplQ==" ], "X-IronPort-AV": [ "E=McAfee;i=\"6800,10657,11706\"; a=\"90040134\"", "E=Sophos;i=\"6.21,300,1763452800\";\n d=\"scan'208\";a=\"90040134\"", "E=Sophos;i=\"6.21,300,1763452800\";\n d=\"scan'208\";a=\"219154035\"" ], "X-ExtLoop1": "1", "From": "Andrei Otcheretianski <andrei.otcheretianski@intel.com>", "To": "hostap@lists.infradead.org,\n\tvamsin@qti.qualcomm.com,\n\tvganneva@qti.qualcomm.com,\n\tmaheshkkv@google.com", "Cc": "Ilan Peer <ilan.peer@intel.com>", "Subject": "[PATCH 44/58] NAN: Add security configuration to NDP request/response", "Date": "Thu, 19 Feb 2026 22:25:00 +0200", "Message-ID": "<20260219202514.5781-45-andrei.otcheretianski@intel.com>", "X-Mailer": "git-send-email 2.52.0", "In-Reply-To": "<20260219202514.5781-1-andrei.otcheretianski@intel.com>", "References": "<20260219202514.5781-1-andrei.otcheretianski@intel.com>", "MIME-Version": "1.0", "X-CRM114-Version": "20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ", "X-CRM114-CacheID": "sfid-20260219_122821_250874_1B4E8135 ", "X-CRM114-Status": "GOOD ( 15.75 )", "X-Spam-Score": "-4.4 (----)", "X-Spam-Report": "Spam detection software,\n running on the system \"bombadil.infradead.org\",\n has NOT identified this incoming email as spam. The original\n message has been attached to this so you can view it or label\n similar future email. If you have any questions, see\n the administrator of that system for details.\n Content preview: From: Ilan Peer <ilan.peer@intel.com> Add security\n configuration\n parameters to struct nan_ndp_params, and update the NDP state machine with\n the security configuration. Signed-off-by: Ilan Peer <ilan.peer@intel.com>\n --- src/nan/nan.h | 15 ++++++++++++ src/nan/nan_ndp.c | 59\n ++++++++++++++++++++++++++++++++++++++++-------\n 2 files changed, 66 insertions(+), 8 deletions [...]\n Content analysis details: (-4.4 points, 5.0 required)\n pts rule name description\n ---- ----------------------\n --------------------------------------------------\n -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/,\n medium trust\n [198.175.65.10 listed in list.dnswl.org]\n 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to\n Validity was blocked. See\n https://knowledge.validity.com/hc/en-us/articles/20961730681243\n for more information.\n [198.175.65.10 listed in sa-accredit.habeas.com]\n 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The\n query to Validity was blocked. See\n https://knowledge.validity.com/hc/en-us/articles/20961730681243\n for more information.\n [198.175.65.10 listed in\n sa-trusted.bondedsender.org]\n 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to\n Validity was blocked. See\n https://knowledge.validity.com/hc/en-us/articles/20961730681243\n for more information.\n [198.175.65.10 listed in\n bl.score.senderscore.com]\n -0.0 SPF_PASS SPF: sender matches SPF record\n 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record\n -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from\n author's\n domain\n -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from\n envelope-from domain\n -0.1 DKIM_VALID Message has at least one valid DKIM or DK\n signature\n 0.1 DKIM_SIGNED Message has a DKIM or DK signature,\n not necessarily valid\n -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%\n [score: 0.0000]\n -0.0 DKIMWL_WL_HIGH DKIMwl.org - High trust sender", "X-BeenThere": "hostap@lists.infradead.org", "X-Mailman-Version": "2.1.34", "Precedence": "list", "List-Id": "<hostap.lists.infradead.org>", "List-Unsubscribe": "<http://lists.infradead.org/mailman/options/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>", "List-Archive": "<http://lists.infradead.org/pipermail/hostap/>", "List-Post": "<mailto:hostap@lists.infradead.org>", "List-Help": "<mailto:hostap-request@lists.infradead.org?subject=help>", "List-Subscribe": "<http://lists.infradead.org/mailman/listinfo/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=subscribe>", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Sender": "\"Hostap\" <hostap-bounces@lists.infradead.org>", "Errors-To": "hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org" }, "content": "From: Ilan Peer <ilan.peer@intel.com>\n\nAdd security configuration parameters to struct nan_ndp_params,\nand update the NDP state machine with the security configuration.\n\nSigned-off-by: Ilan Peer <ilan.peer@intel.com>\n---\n src/nan/nan.h | 15 ++++++++++++\n src/nan/nan_ndp.c | 59 ++++++++++++++++++++++++++++++++++++++++-------\n 2 files changed, 66 insertions(+), 8 deletions(-)", "diff": "diff --git a/src/nan/nan.h b/src/nan/nan.h\nindex 1ca3e49dba..0cace92069 100644\n--- a/src/nan/nan.h\n+++ b/src/nan/nan.h\n@@ -10,6 +10,7 @@\n #define NAN_H\n \n #include \"common/nan_defs.h\"\n+#include \"common/wpa_common.h\"\n \n struct nan_cluster_config;\n enum nan_reason;\n@@ -181,6 +182,17 @@ struct nan_schedule {\n \tstruct wpabuf *elems;\n };\n \n+/*\n+ * struct nan_ndp_sec_params - NAN NDP security parameters\n+ *\n+ * @csid: Cipher suite ID. See &enum nan_cipher_suite_id\n+ * @pmk: NAN Pairwise Master Key (PMK)\n+ */\n+struct nan_ndp_sec_params {\n+\tenum nan_cipher_suite_id csid;\n+\tu8 pmk[PMK_LEN];\n+};\n+\n /*\n * struct nan_ndp_params - Holds the ndp parameters for setting up or\n * terminating an NDP.\n@@ -191,6 +203,8 @@ struct nan_schedule {\n * max_latency, max_latency should be set to NAN_QOS_MAX_LATENCY_NO_PREF.\n * Should be set only with NAN_NDP_ACTION_REQ and NAN_NDP_ACTION_RESP.\n * Ignored for other types.\n+ * @sec: NDP security parameters. Should be set only with NAN_NDP_ACTION_REQ\n+ * and NAN_NDP_ACTION_RESP. Ignored for other types.\n * @ssi: Service specific information. Should be set only with\n * NAN_NDP_ACTION_REQ and NAN_NDP_ACTION_RESP. Ignored for other types.\n * @ssi_len: Service specific information length\n@@ -211,6 +225,7 @@ struct nan_ndp_params {\n \n \tstruct nan_ndp_id ndp_id;\n \tstruct nan_qos qos;\n+\tstruct nan_ndp_sec_params sec;\n \tconst u8 *ssi;\n \tu16 ssi_len;\n \ndiff --git a/src/nan/nan_ndp.c b/src/nan/nan_ndp.c\nindex bd06309ce9..185cf12b22 100644\n--- a/src/nan/nan_ndp.c\n+++ b/src/nan/nan_ndp.c\n@@ -121,6 +121,8 @@ int nan_ndp_setup_req(struct nan_data *nan, struct nan_peer *peer,\n \n \tpeer->ndp_setup.dialog_token = nan_get_next_dialog_token(nan);\n \tpeer->ndp_setup.publish_inst_id = params->u.req.publish_inst_id;\n+\tos_memcpy(peer->ndp_setup.service_id, params->u.req.service_id,\n+\t\t NAN_SERVICE_ID_LEN);\n \n \t/* Require confirmation for all locally initiated NDPs */\n \tpeer->ndp_setup.conf_req = 1;\n@@ -134,6 +136,19 @@ int nan_ndp_setup_req(struct nan_data *nan, struct nan_peer *peer,\n \t}\n \n \tnan_sec_reset(nan, &peer->ndp_setup.sec);\n+\n+\tif (params->sec.csid) {\n+\t\tpeer->ndp_setup.sec.i_csid = params->sec.csid;\n+\t\tos_memcpy(peer->ndp_setup.sec.pmk, params->sec.pmk,\n+\t\t\t PMK_LEN);\n+\n+\t\tpeer->ndp_setup.sec.present = 1;\n+\t\tpeer->ndp_setup.sec.valid = 1;\n+\n+\t\tpeer->ndp_setup.sec.i_instance_id =\n+\t\t\tpeer->ndp_setup.publish_inst_id;\n+\t}\n+\n \tnan_ndp_set_state(nan, &peer->ndp_setup, NAN_NDP_STATE_START);\n \tpeer->ndp_setup.status = NAN_NDP_STATUS_CONTINUED;\n \treturn 0;\n@@ -180,14 +195,6 @@ int nan_ndp_setup_resp(struct nan_data *nan, struct nan_peer *peer,\n \t\treturn -1;\n \t}\n \n-\t/* Store service specific information */\n-\tret = nan_ndp_ssi(nan, &peer->ndp_setup, params->ssi, params->ssi_len);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\t/* TODO: In case of security and status accept, need to change to\n-\t * continue\n-\t */\n \tpeer->ndp_setup.status = params->u.resp.status;\n \tpeer->ndp_setup.reason = params->u.resp.reason_code;\n \n@@ -197,8 +204,44 @@ int nan_ndp_setup_resp(struct nan_data *nan, struct nan_peer *peer,\n \n \t\tos_memcpy(peer->ndp_setup.ndp->resp_ndi,\n \t\t\t params->u.resp.resp_ndi, ETH_ALEN);\n+\n+\t\tif (!peer->ndp_setup.sec.present && params->sec.csid) {\n+\t\t\twpa_printf(MSG_DEBUG,\n+\t\t\t\t \"NAN: NDP: security not requested by peer\");\n+\t\t\treturn -1;\n+\t\t} else if (peer->ndp_setup.sec.present) {\n+\t\t\tif (params->sec.csid != peer->ndp_setup.sec.i_csid) {\n+\t\t\t\twpa_printf(MSG_DEBUG,\n+\t\t\t\t\t \"NAN: NDP: Different cipher suite specified.\");\n+\t\t\t\treturn -1;\n+\t\t\t}\n+\n+\t\t\tpeer->ndp_setup.sec.r_csid = params->sec.csid;\n+\t\t\tos_memcpy(peer->ndp_setup.sec.pmk, params->sec.pmk,\n+\t\t\t\t PMK_LEN);\n+\n+\t\t\tret = nan_sec_init_resp(nan, peer);\n+\t\t\tif (ret) {\n+\t\t\t\twpa_printf(MSG_DEBUG,\n+\t\t\t\t\t \"NAN: NDP: Failed to init responder security\");\n+\n+\t\t\t\tpeer->ndp_setup.status =\n+\t\t\t\t\tNAN_NDP_STATUS_REJECTED;\n+\t\t\t\tpeer->ndp_setup.reason =\n+\t\t\t\t\tNAN_REASON_INVALID_PARAMETERS;\n+\t\t\t\treturn 0;\n+\t\t\t}\n+\n+\t\t\tpeer->ndp_setup.status = NAN_NDP_STATUS_CONTINUED;\n+\t\t}\n+\n \t}\n \n+\t/* Store service specific information */\n+\tret = nan_ndp_ssi(nan, &peer->ndp_setup, params->ssi, params->ssi_len);\n+\tif (ret)\n+\t\treturn ret;\n+\n \treturn 0;\n }\n \n", "prefixes": [ "44/58" ] }