[v9,15/16] nl80211: Extended Key ID support

Message ID	20200104221015.90469-16-alexander@wetzel-home.de
State	Changes Requested
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> sender: postmaster@awhome.eu) by player798.ha.ovh.net (Postfix) with ESMTPSA id B281EDF669CE; Sat, 4 Jan 2020 22:11:01 +0000 (UTC) From: Alexander Wetzel <alexander@wetzel-home.de> To: j@w1.fi Subject: [Patch v9 15/16] nl80211: Extended Key ID support Date: Sat, 4 Jan 2020 23:10:14 +0100 Message-Id: <20200104221015.90469-16-alexander@wetzel-home.de> In-Reply-To: <20200104221015.90469-1-alexander@wetzel-home.de> References: <20200104221015.90469-1-alexander@wetzel-home.de> MIME-Version: 1.0 summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.32.124.17 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [178.32.124.17 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders Precedence: list Cc: Alexander Wetzel <alexander@wetzel-home.de>, hostap@lists.infradead.org, luca@coelho.fi, johannes@sipsolutions.net Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	Seamless PTK rekeys \| expand [v9,00/16] Seamless PTK rekeys [v9,01/16] nl80211: Add support for CAN_REPLACE_PTK0 [v9,02/16] AP: Address PTK rekey issues [v9,03/16] wpa_supplicant: Address PTK rekey issues [v9,04/16] tests: Allow PTK0 rekey for tests [v9,05/16] Introduce and add key_flag [v9,06/16] nl80211: Migrate from set_tx to key_flag API [v9,07/16] nl80211,wpa_supplicant: Drop outdated tdls hack [v9,08/16] drivers: Migrate drivers from set_tx to key_flag API [v9,09/16] Drop set_tx from all set_key() functions [v9,10/16] AP: Support Extended Key ID [v9,11/16] wpa_supplicant: Support Extended Key ID [v9,12/16] tests: Extended Key ID tests [v9,13/16] AP: FILS Extended Key ID support [v9,14/16] wpa_supplicant: FILS Extended Key ID support [v9,15/16] nl80211: Extended Key ID support [v9,16/16] AP: Let PTK keys default to keyid 1 when supported

Message ID

20200104221015.90469-16-alexander@wetzel-home.de

State

Changes Requested

Headers

From: Alexander Wetzel <alexander@wetzel-home.de>
To: j@w1.fi
Subject: [Patch v9 15/16] nl80211: Extended Key ID support
Date: Sat,  4 Jan 2020 23:10:14 +0100
Message-Id: <20200104221015.90469-16-alexander@wetzel-home.de>
In-Reply-To: <20200104221015.90469-1-alexander@wetzel-home.de>
References: <20200104221015.90469-1-alexander@wetzel-home.de>
MIME-Version: 1.0
Precedence: list
Cc: Alexander Wetzel <alexander@wetzel-home.de>, hostap@lists.infradead.org, 
	luca@coelho.fi, johannes@sipsolutions.net
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

Seamless PTK rekeys | expand

Commit Message

Alexander Wetzel Jan. 4, 2020, 10:10 p.m. UTC

Add support for Extended Key ID to nl80211, allowing hostapd and
wpa_supplicant to use it.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
---
 src/drivers/driver_nl80211.c      | 22 +++++++++++++++++++---
 src/drivers/driver_nl80211_capa.c |  4 ++++
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index aa7e24677..36f7d14c9 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3051,7 +3051,11 @@  static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
 	if (!key_msg)
 		return -ENOBUFS;
 
-	if (alg == WPA_ALG_NONE) {
+	if (key_flag == KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
+		msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY);
+		if (!msg)
+			goto fail2;
+	} else if (alg == WPA_ALG_NONE) {
 		msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY);
 		if (!msg)
 			goto fail2;
@@ -3070,7 +3074,7 @@  static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
 		wpa_hexdump_key(MSG_DEBUG, "nl80211: KEY_DATA", key, key_len);
 	}
 
-	if (seq && seq_len) {
+	if (seq && seq_len && key_flag != KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
 		if (nla_put(key_msg, NL80211_KEY_SEQ, seq_len, seq))
 			goto fail;
 		wpa_hexdump(MSG_DEBUG, "nl80211: KEY_SEQ", seq, seq_len);
@@ -3081,7 +3085,19 @@  static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss,
 		if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
 			goto fail;
 
-		if (key_flag == KEY_FLAG_GROUP_RX) {
+		if (key_flag == KEY_FLAG_PAIRWISE_RX ||
+		    key_flag == KEY_FLAG_PAIRWISE_RX_TX_MODIFY) {
+			wpa_printf(MSG_DEBUG,
+				   "   PAIRWISE_RX%s keyid=%d addr=" MACSTR,
+				   key_flag !=  KEY_FLAG_PAIRWISE_RX ?
+						"_TX_MODIFY" : "",
+				   key_idx, MAC2STR(addr));
+			if (nla_put_u8(key_msg, NL80211_KEY_MODE,
+				       key_flag ==  KEY_FLAG_PAIRWISE_RX ?
+				       NL80211_KEY_NO_TX :
+				       NL80211_KEY_SET_TX))
+				goto fail;
+		} else if (key_flag == KEY_FLAG_GROUP_RX) {
 			wpa_printf(MSG_DEBUG, "   RSN IBSS RX GTK");
 			if (nla_put_u32(key_msg, NL80211_KEY_TYPE,
 					NL80211_KEYTYPE_GROUP))
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 96f691b60..dd3497089 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -421,6 +421,10 @@  static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
 			       NL80211_EXT_FEATURE_CAN_REPLACE_PTK0))
 		capa->flags |= WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS;
 
+	if (ext_feature_isset(ext_features, len,
+			      NL80211_EXT_FEATURE_EXT_KEY_ID))
+		capa->flags |= WPA_DRIVER_FLAGS_EXTENDED_KEY_ID;
+
 #ifdef CONFIG_MBO
 	if (ext_feature_isset(ext_features, len,
 			      NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME) &&