[v3,14/17] nl80211: Extended Key ID support

Message ID	20190817211435.158335-15-alexander@wetzel-home.de
State	Superseded
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> sender: postmaster@awhome.eu) by player716.ha.ovh.net (Postfix) with ESMTPSA id 3FE178D89C47; Sat, 17 Aug 2019 21:14:56 +0000 (UTC) From: Alexander Wetzel <alexander@wetzel-home.de> To: j@w1.fi Subject: [PATCH v3 14/17] nl80211: Extended Key ID support Date: Sat, 17 Aug 2019 23:14:32 +0200 Message-Id: <20190817211435.158335-15-alexander@wetzel-home.de> In-Reply-To: <20190817211435.158335-1-alexander@wetzel-home.de> References: <20190817211435.158335-1-alexander@wetzel-home.de> MIME-Version: 1.0 summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [46.105.76.150 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain Precedence: list Cc: Alexander Wetzel <alexander@wetzel-home.de>, hostap@lists.infradead.org, luca@coelho.fi, johannes@sipsolutions.net Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	Support seamless PTK rekeys with Extended Key ID \| expand [v3,00/17] Support seamless PTK rekeys with Extended Key ID [v3,01/17] nl80211: Migrate to current netlink key message format [v3,02/17] Driver: Introduce key_types and Extended Key ID driver flag [v3,03/17] Add new argument key_type to all set_key() functions [v3,04/17] hostapd: Set the correct key_type for key installs [v3,05/17] wpa_supplicant: Set the correct key_type for key installs [v3,06/17] drivers: Migrate drivers from set_tx to key_type API [v3,07/17] nl80211: Switch to the new key_type API & cleanup [v3,08/17] nl80211,wpa_supplicant: Drop outdated tdls hack [v3,09/17] hostapd: Add support for Extended Key ID [v3,10/17] wpa_supplicant: Extended Key ID support for AP connections [v3,11/17] tests: Extended Key ID tests [v3,12/17] hostapd: FILS Extended Key ID support [v3,13/17] wpa_supplicant: FILS Extended Key ID support [v3,14/17] nl80211: Extended Key ID support [v3,15/17] nl80211: Hack for keyidx=1 installs [v3,16/17] Drop set_tx from all set_key() functions [v3,17/17] hostapd: Extended Key ID stress test

Message ID

20190817211435.158335-15-alexander@wetzel-home.de

State

Superseded

Headers

From: Alexander Wetzel <alexander@wetzel-home.de>
To: j@w1.fi
Subject: [PATCH v3 14/17] nl80211: Extended Key ID support
Date: Sat, 17 Aug 2019 23:14:32 +0200
Message-Id: <20190817211435.158335-15-alexander@wetzel-home.de>
In-Reply-To: <20190817211435.158335-1-alexander@wetzel-home.de>
References: <20190817211435.158335-1-alexander@wetzel-home.de>
MIME-Version: 1.0
Precedence: list
Cc: Alexander Wetzel <alexander@wetzel-home.de>, hostap@lists.infradead.org, 
	luca@coelho.fi, johannes@sipsolutions.net
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

Support seamless PTK rekeys with Extended Key ID | expand

Commit Message

Alexander Wetzel Aug. 17, 2019, 9:14 p.m. UTC

Nl80211 supports Extended Key ID, implement support for it.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
---

This patch allows hostapd/wpa_supplicant to really use Extended Key ID.

Since so far only linux support Extended Key ID (and only via nl80211)
the other drivers can't be updated.

The patch is close to the end of the series make sure bisecting still
generates working binaries regardless at which patch we split this
series.

 src/drivers/driver_nl80211.c      | 25 ++++++++++++++++++++++---
 src/drivers/driver_nl80211_capa.c |  4 ++++
 2 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 7ff912912..9ef376c56 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3049,7 +3049,11 @@  static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
 	if (!key_msg)
 		return -ENOBUFS;
 
-	if (alg == WPA_ALG_NONE) {
+	if (key_type == KEY_TYPE_SET_TX) {
+		msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
+		if (!msg)
+			goto fail2;
+	} else if (alg == WPA_ALG_NONE) {
 		msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY);
 		if (!msg)
 			goto fail2;
@@ -3059,16 +3063,18 @@  static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
 		suite = wpa_alg_to_cipher_suite(alg, key_len);
 		if (!suite)
 			goto fail2;
+
 		msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY);
 		if (!msg)
 			goto fail2;
+
 		if (nla_put(key_msg, NL80211_KEY_DATA, key_len, key) ||
 		    nla_put_u32(key_msg, NL80211_KEY_CIPHER, suite))
 			goto fail;
 		wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
 	}
 
-	if (seq && seq_len) {
+	if (seq && seq_len && key_type != KEY_TYPE_SET_TX) {
 		if (nla_put(key_msg, NL80211_KEY_SEQ, seq_len, seq))
 			goto fail;
 		wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
@@ -3079,7 +3085,20 @@  static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
 		if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
 			goto fail;
 
-		if (alg != WPA_ALG_WEP && key_type != KEY_TYPE_PAIRWISE) {
+		if (key_type == KEY_TYPE_NO_AUTO_TX ||
+		    key_type == KEY_TYPE_SET_TX) {
+			wpa_printf(MSG_DEBUG, "nl80211: %s for "
+				   "keyid=%d addr=" MACSTR,
+				   key_type == KEY_TYPE_NO_AUTO_TX ?
+				   "KEY_TYPE_NO_AUTO_TX" : "KEY_TYPE_SET_TX",
+				   key_idx, MAC2STR(addr));
+			if (nla_put_u8(key_msg, NL80211_KEY_MODE,
+				       key_type == KEY_TYPE_NO_AUTO_TX ?
+				       NL80211_KEY_NO_TX :
+				       NL80211_KEY_SET_TX))
+				goto fail;
+		} else if (alg != WPA_ALG_WEP &&
+			   key_type != KEY_TYPE_PAIRWISE) {
 			wpa_printf(MSG_DEBUG, "   RSN IBSS RX GTK");
 			if (nla_put_u32(key_msg, NL80211_KEY_TYPE,
 					NL80211_KEYTYPE_GROUP))
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 8318b10ab..b4d175f4e 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -417,6 +417,10 @@  static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
 			      NL80211_EXT_FEATURE_DFS_OFFLOAD))
 		capa->flags |= WPA_DRIVER_FLAGS_DFS_OFFLOAD;
 
+	if (ext_feature_isset(ext_features, len,
+			      NL80211_EXT_FEATURE_EXT_KEY_ID))
+		capa->flags |= WPA_DRIVER_FLAGS_EXTENDED_KEY_ID;
+
 #ifdef CONFIG_MBO
 	if (ext_feature_isset(ext_features, len,
 			      NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME) &&

[v3,14/17] nl80211: Extended Key ID support

Commit Message

Patch