From patchwork Mon Jan 7 11:14:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arend van Spriel X-Patchwork-Id: 1021275 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=broadcom.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="uE1MWJXO"; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=broadcom.com header.i=@broadcom.com header.b="QaDaTz0n"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43YCVC3Q5xz9sDr for ; Mon, 7 Jan 2019 22:15:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=zm6yhwpP1L2M04hc0bTbYLoZnsZAwx3FcXiKmBpJmzI=; b=uE1 MWJXOInIJri+JAU0pL1KqkwFI1ZGLRm9oHCQGUITIcmnq0pWxTVI9CaaryPv/hOv+lv12SQE+ek4i SWbCu19e1AEiChm9inzBd6+dzZs5hRCAUdRMzmzo224ShQypVMQJ4qCn188GuDWC1FZTuNgfNQfL0 1iMQfhUAlUEtxxGJTf2IRsTUKaIqByrdUij0eZutXS5jMN3dqnZknOd2T8V6Y56KpxcmMMgS6WOkx PjNEMOBN7Eff4H/KddxtE7dfAReE39IsqwDZW3el6S16c4vXFQIGyp2K6iubaHWS5xvZoQYm8dvJy WryJHzPaKI/fkec/ebxg+Cj1RWLjV1g==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1ggSs6-0006N8-VY; Mon, 07 Jan 2019 11:15:06 +0000 Received: from rnd-relay.smtp.broadcom.com ([192.19.229.170]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1ggSrw-00066K-P9 for hostap@lists.infradead.org; Mon, 07 Jan 2019 11:14:58 +0000 Received: from mail-irv-17.broadcom.com (mail-irv-17.lvn.broadcom.net [10.75.224.233]) by rnd-relay.smtp.broadcom.com (Postfix) with ESMTP id 6F9A930C01D; Mon, 7 Jan 2019 03:14:40 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.10.3 rnd-relay.smtp.broadcom.com 6F9A930C01D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=broadcom.com; s=dkimrelay; t=1546859680; bh=JxAXsr4FgapYIHlLxsCG3g5murPFFCsm0JHGXWWYzdE=; h=From:To:Cc:Subject:Date:From; b=QaDaTz0n6uuRmKKdWoDQ2V6p38LQyh1glpGTku85TOTWyyqI1btKFhN5wmNfGIHYz LCniiEVXPhvWkNuAQ5RFfwvgDKdLPGPwmKsEuq8jLntYdRaclANdOp2BBE+BhIFGqh OACRKdKiwQycPWswJPP8o4b6bipYwLCloW7exJLw= Received: from bld-bun-01.bun.broadcom.com (bld-bun-01.bun.broadcom.com [10.176.128.83]) by mail-irv-17.broadcom.com (Postfix) with ESMTP id 14D0F81EBF; Mon, 7 Jan 2019 03:14:49 -0800 (PST) Received: by bld-bun-01.bun.broadcom.com (Postfix, from userid 25152) id A6F6BB02A8D; Mon, 7 Jan 2019 12:14:47 +0100 (CET) From: Arend van Spriel To: Jouni Malinen Subject: [PATCH 1/2] drivers: add separate driver flags for 802.1X and WPA/WPA2-Personal Date: Mon, 7 Jan 2019 12:14:40 +0100 Message-Id: <1546859681-4597-1-git-send-email-arend.vanspriel@broadcom.com> X-Mailer: git-send-email 1.9.1 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190107_031457_103877_9922D1F2 X-CRM114-Status: GOOD ( 14.20 ) X-Spam-Score: -7.1 (-------) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-7.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/, medium trust [192.19.229.170 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -4.6 DKIMWL_WL_HIGH DKIMwl.org - Whitelisted High sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: hostap@lists.infradead.org, Arend van Spriel MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Allow drivers to indicate support for either 802.1X and/or WPA/WPA2-PSK introducing two separate drivers flags. Signed-off-by: Arend van Spriel --- src/drivers/driver.h | 18 ++++++++++-------- src/drivers/driver_common.c | 3 ++- src/drivers/driver_nl80211.c | 4 ++-- src/drivers/driver_nl80211_capa.c | 7 ++++--- src/drivers/driver_openbsd.c | 3 ++- src/drivers/driver_wext.c | 5 +++-- wpa_supplicant/events.c | 4 ++-- wpa_supplicant/wpa_supplicant.c | 6 +++--- wpa_supplicant/wpas_glue.c | 2 +- 9 files changed, 29 insertions(+), 23 deletions(-) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 26b6fa3..e08e725 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -931,10 +931,10 @@ struct wpa_driver_associate_params { * passphrase - RSN passphrase for PSK * * This value is made available only for WPA/WPA2-Personal (PSK) and - * only for drivers that set WPA_DRIVER_FLAGS_4WAY_HANDSHAKE. This is - * the 8..63 character ASCII passphrase, if available. Please note that - * this can be %NULL if passphrase was not used to generate the PSK. In - * that case, the psk field must be used to fetch the PSK. + * only for drivers that set WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK. This + * is the 8..63 character ASCII passphrase, if available. Please note + * that this can be %NULL if passphrase was not used to generate the + * PSK. In that case, the psk field must be used to fetch the PSK. */ const char *passphrase; @@ -942,9 +942,9 @@ struct wpa_driver_associate_params { * psk - RSN PSK (alternative for passphrase for PSK) * * This value is made available only for WPA/WPA2-Personal (PSK) and - * only for drivers that set WPA_DRIVER_FLAGS_4WAY_HANDSHAKE. This is - * the 32-octet (256-bit) PSK, if available. The driver wrapper should - * be prepared to handle %NULL value as an error. + * only for drivers that set WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK. This + * is the 32-octet (256-bit) PSK, if available. The driver wrapper + * should be prepared to handle %NULL value as an error. */ const u8 *psk; @@ -1492,7 +1492,7 @@ struct wpa_driver_capa { #define WPA_DRIVER_FLAGS_DFS_OFFLOAD 0x00000004 /** Driver takes care of RSN 4-way handshake internally; PMK is configured with * struct wpa_driver_ops::set_key using alg = WPA_ALG_PMK */ -#define WPA_DRIVER_FLAGS_4WAY_HANDSHAKE 0x00000008 +#define WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X 0x00000008 /** Driver is for a wired Ethernet interface */ #define WPA_DRIVER_FLAGS_WIRED 0x00000010 /** Driver provides separate commands for authentication and association (SME in @@ -1616,6 +1616,8 @@ struct wpa_driver_capa { #define WPA_DRIVER_FLAGS_SELF_MANAGED_REGULATORY 0x0080000000000000ULL /** Driver supports FTM responder functionality */ #define WPA_DRIVER_FLAGS_FTM_RESPONDER 0x0100000000000000ULL +/** Driver support 4-way handshake offload for WPA-Personal */ +#define WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK 0x0200000000000000ULL u64 flags; #define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \ diff --git a/src/drivers/driver_common.c b/src/drivers/driver_common.c index 1b92e86..e55e6cd 100644 --- a/src/drivers/driver_common.c +++ b/src/drivers/driver_common.c @@ -253,7 +253,8 @@ const char * driver_flag_to_string(u64 flag) DF2S(DRIVER_IE); DF2S(SET_KEYS_AFTER_ASSOC); DF2S(DFS_OFFLOAD); - DF2S(4WAY_HANDSHAKE); + DF2S(4WAY_HANDSHAKE_PSK); + DF2S(4WAY_HANDSHAKE_8021X); DF2S(WIRED); DF2S(SME); DF2S(AP); diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 4cf2bda..5081b5b 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3031,7 +3031,7 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, #endif /* CONFIG_DRIVER_NL80211_QCA */ if (alg == WPA_ALG_PMK && - (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) + (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) return nl80211_set_pmk(drv, key, key_len, addr); if (alg == WPA_ALG_NONE) { @@ -5570,7 +5570,7 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, /* Add PSK in case of 4-way handshake offload */ if (params->psk && - (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) { + (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) { wpa_hexdump_key(MSG_DEBUG, " * PSK", params->psk, 32); if (nla_put(msg, NL80211_ATTR_PMK, 32, params->psk)) return -1; diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c index 084db0b..37eeb5e 100644 --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c @@ -403,10 +403,11 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info, capa->flags |= WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD; if (ext_feature_isset(ext_features, len, - NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK) && - ext_feature_isset(ext_features, len, + NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK)) + capa->flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK; + if (ext_feature_isset(ext_features, len, NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X)) - capa->flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; + capa->flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X; if (ext_feature_isset(ext_features, len, NL80211_EXT_FEATURE_MFP_OPTIONAL)) diff --git a/src/drivers/driver_openbsd.c b/src/drivers/driver_openbsd.c index e94eda0..c06e75c 100644 --- a/src/drivers/driver_openbsd.c +++ b/src/drivers/driver_openbsd.c @@ -62,7 +62,8 @@ static int wpa_driver_openbsd_get_capa(void *priv, struct wpa_driver_capa *capa) { os_memset(capa, 0, sizeof(*capa)); - capa->flags = WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; + capa->flags = WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK | + WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X; return 0; } diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c index 888ea89..4981039 100644 --- a/src/drivers/driver_wext.c +++ b/src/drivers/driver_wext.c @@ -1647,7 +1647,8 @@ static int wpa_driver_wext_get_range(void *priv) if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP) drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE) - drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; + drv->capa.flags |= (WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK | + WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X); drv->capa.auth = WPA_DRIVER_AUTH_OPEN | WPA_DRIVER_AUTH_SHARED | WPA_DRIVER_AUTH_LEAP; @@ -1678,7 +1679,7 @@ static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv, wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); - if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) + if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) return 0; if (!psk) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 6fccf00..638a9ab 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -2805,7 +2805,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, } wpa_supplicant_cancel_scan(wpa_s); - if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { /* * We are done; the driver will take care of RSN 4-way @@ -2815,7 +2815,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); eapol_sm_notify_portValid(wpa_s->eapol, TRUE); eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); - } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && + } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { /* * The driver will take care of RSN 4-way handshake, so we need diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 1132df2..7d80946 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -3106,7 +3106,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) } params.wep_tx_keyidx = ssid->wep_tx_keyidx; - if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && (params.key_mgmt_suite == WPA_KEY_MGMT_PSK || params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { params.passphrase = ssid->passphrase; @@ -4113,7 +4113,7 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, } if (wpa_s->eapol_received == 0 && - (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) || + (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) || !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || wpa_s->wpa_state != WPA_COMPLETED) && (wpa_s->current_ssid == NULL || @@ -4179,7 +4179,7 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) return; wpa_drv_poll(wpa_s); - if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) + if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { /* diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index 7cfad91..449e04a 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -296,7 +296,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, } if (result != EAPOL_SUPP_RESULT_SUCCESS || - !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) + !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) return; if (!wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) From patchwork Mon Jan 7 11:14:41 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arend van Spriel X-Patchwork-Id: 1021274 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=broadcom.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Iryl7Bk4"; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=broadcom.com header.i=@broadcom.com header.b="O5YBeu5W"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43YCV80y25z9sDr for ; Mon, 7 Jan 2019 22:15:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=jgjPZmPdlLUsj0iq19HPccMpu/JB6/2rkmuYdrsB4V8=; b=Iryl7Bk41VoxFLAl9RB7E+eKNn rleLNZSQI2Rz6lqMu3nn5FHLBl26qybTEK6QgFL3cw8jL8n66CNied1usmUeGf+/tjAvNrA3wGZct 56Hjpo7qZIMKEa2nQj/AAnTqx+yOohe1xsk+H0mFN56rFnJKJd2Dhnkuw/dGM+XXpT4ECEyoW2vZR HR+4cK4n68rxihRK56/4tnXXNIA+JobjC/mfZci6rP4QN+eLYfuGvIQdv93kUz905DQ9aCk303a5l F/plj9Z8AeuatkMcZic5pshAcz8uUNqGV8gb53XEcvxFofhF3ZnsxR/mxiWNFj/NRZYSAl2OeCJo2 i4BlS1ew==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1ggSrz-000676-PK; Mon, 07 Jan 2019 11:14:59 +0000 Received: from rnd-relay.smtp.broadcom.com ([192.19.229.170]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1ggSrw-00066J-Ow for hostap@lists.infradead.org; Mon, 07 Jan 2019 11:14:58 +0000 Received: from mail-irv-17.broadcom.com (mail-irv-17.lvn.broadcom.net [10.75.224.233]) by rnd-relay.smtp.broadcom.com (Postfix) with ESMTP id 6F98C30C01C; Mon, 7 Jan 2019 03:14:40 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.10.3 rnd-relay.smtp.broadcom.com 6F98C30C01C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=broadcom.com; s=dkimrelay; t=1546859680; bh=jCQQf498wvBLSA/b3vCXl1FZW3IqAVe2v6QhRv+Wb4g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=O5YBeu5WALsd+Oe+3h/Dk8fCSGZaMDZa8ZEVCccB6nQk/8SG2xbvIvpoSICrE8nYl yxM/bWaVhlETa7sRj1LHe4Aej+n47/T2iqV6hKUeF+H1shXCOdiI73xiyckd9tuDC1 RvV0cdSQ2kEkZi5o+IfgcOlaq/JLBMQNeh2ZaLnw= Received: from bld-bun-01.bun.broadcom.com (bld-bun-01.bun.broadcom.com [10.176.128.83]) by mail-irv-17.broadcom.com (Postfix) with ESMTP id 3C54C81EC4; Mon, 7 Jan 2019 03:14:49 -0800 (PST) Received: by bld-bun-01.bun.broadcom.com (Postfix, from userid 25152) id F2709B006CB; Mon, 7 Jan 2019 12:14:47 +0100 (CET) From: Arend van Spriel To: Jouni Malinen Subject: [PATCH 2/2] drivers: nl80211: indicate 802.1X 4-way handshake offload in connect Date: Mon, 7 Jan 2019 12:14:41 +0100 Message-Id: <1546859681-4597-2-git-send-email-arend.vanspriel@broadcom.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1546859681-4597-1-git-send-email-arend.vanspriel@broadcom.com> References: <1546859681-4597-1-git-send-email-arend.vanspriel@broadcom.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190107_031456_947864_92A4A7B0 X-CRM114-Status: GOOD ( 10.37 ) X-Spam-Score: -7.1 (-------) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-7.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/, medium trust [192.19.229.170 listed in list.dnswl.org] -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -4.6 DKIMWL_WL_HIGH DKIMwl.org - Whitelisted High sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: hostap@lists.infradead.org, Arend van Spriel MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Upon issuing a connect request we need to indicate that we want the driver to offload the 802.1X 4-way handshake for us. Indicate it if the driver capability supports the offload. Signed-off-by: Arend van Spriel --- Hi Jouni, Here the patch to indicate to the driver that it should offload the 802.1X handshake. I am not entirely sure about all the key management suites that are to be considered as 802.1X offload. I reused the req_key_mgmt_offload flag as it sounded like a nice fit, but not sure if that could cause issues. At least with the brcmfmac it seems to work as intended. Regards, Arend --- src/drivers/driver_nl80211.c | 5 +++++ wpa_supplicant/wpa_supplicant.c | 7 +++++++ 2 files changed, 12 insertions(+) -- 1.9.1 diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 5081b5b..e260d56 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -5568,6 +5568,11 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, return -1; } + if (params->req_key_mgmt_offload && + (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && + nla_put_flag(msg, NL80211_ATTR_WANT_1X_4WAY_HS)) + return -1; + /* Add PSK in case of 4-way handshake offload */ if (params->psk && (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) { diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 7d80946..68f2b1f 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -3113,6 +3113,13 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) if (ssid->psk_set) params.psk = ssid->psk; } + if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && + (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || + params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || + params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || + params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || + params.key_mgmt_suite == WPA_KEY_MGMT_FT_IEEE8021X)) + params.req_key_mgmt_offload = 1; if (wpa_s->conf->key_mgmt_offload) { if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||