[PATCH 1/1] hostapd: Add support for OWE offload for STA/AP interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The current change enables OWE DH IE inclusion and processing
of peer DH IE to generate PMK by the driver. The OWE offload
is enabled based on NL80211_EXT_FEATURE_OWE_OFFLOAD flag
advertised by the driver.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@xxxxxxxxxxxx>
---
 src/ap/drv_callbacks.c            |  2 ++
 src/ap/ieee802_11.c               | 20 ++++++++++++--------
 src/drivers/driver.h              |  4 ++++
 src/drivers/driver_nl80211_capa.c |  8 ++++++++
 src/drivers/nl80211_copy.h        | 17 +++++++++++++++++
 wpa_supplicant/events.c           |  1 +
 wpa_supplicant/wpa_supplicant.c   |  3 ++-
 7 files changed, 46 insertions(+), 9 deletions(-)

diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index ff826dd67..a873a1916 100644
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -260,6 +260,7 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
 	u16 reason = WLAN_REASON_UNSPECIFIED;
 	int status = WLAN_STATUS_SUCCESS;
 	const u8 *p2p_dev_addr = NULL;
+	struct hostapd_iface *iface = hapd->iface;
 
 	if (addr == NULL) {
 		/*
@@ -785,6 +786,7 @@ skip_wpa_check:
 
 #ifdef CONFIG_OWE
 	if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) &&
+	    !(iface->drv_flags & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_AP) &&
 	    wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE &&
 	    elems.owe_dh) {
 		u8 *npos;
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index a9b3e8c60..e3162ef6c 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3709,6 +3709,7 @@ u16 owe_process_rsn_ie(struct hostapd_data *hapd,
 	u8 *owe_buf, ie[256 * 2];
 	size_t ie_len = 0;
 	enum wpa_validate_result res;
+	struct hostapd_iface *iface = hapd->iface;
 
 	if (!rsn_ie || rsn_ie_len < 2) {
 		wpa_printf(MSG_DEBUG, "OWE: No RSNE in (Re)AssocReq");
@@ -3738,14 +3739,17 @@ u16 owe_process_rsn_ie(struct hostapd_data *hapd,
 	status = wpa_res_to_status_code(res);
 	if (status != WLAN_STATUS_SUCCESS)
 		goto end;
-	status = owe_process_assoc_req(hapd, sta, owe_dh, owe_dh_len);
-	if (status != WLAN_STATUS_SUCCESS)
-		goto end;
-	owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, ie, sizeof(ie),
-						NULL, 0);
-	if (!owe_buf) {
-		status = WLAN_STATUS_UNSPECIFIED_FAILURE;
-		goto end;
+
+	if (!(iface->drv_flags & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_AP)) {
+		status = owe_process_assoc_req(hapd, sta, owe_dh, owe_dh_len);
+		if (status != WLAN_STATUS_SUCCESS)
+			goto end;
+		owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, ie, sizeof(ie),
+							NULL, 0);
+		if (!owe_buf) {
+			status = WLAN_STATUS_UNSPECIFIED_FAILURE;
+			goto end;
+		}
 	}
 
 	if (sta->owe_ecdh) {
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index dbe2ad5e4..43000ebfd 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2253,6 +2253,10 @@ struct wpa_driver_capa {
 #define WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA	0x0000000000002000ULL
 /** Driver supports MLO in station/AP mode */
 #define WPA_DRIVER_FLAGS2_MLO			0x0000000000004000ULL
+/** Driver supports OWE STA offload */
+#define WPA_DRIVER_FLAGS2_OWE_OFFLOAD	0x0000000000008000ULL
+/** Driver supports OWE AP offload */
+#define WPA_DRIVER_FLAGS2_OWE_OFFLOAD_AP	0x0000000000010000ULL
 	u64 flags2;
 
 #define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 5e6406885..71c74e081 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -697,6 +697,14 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
 		capa->flags2 |= WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA;
 		capa->flags2 |= WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_AP;
 	}
+
+	if (ext_feature_isset(ext_features, len,
+			      NL80211_EXT_FEATURE_OWE_OFFLOAD))
+		capa->flags2 |= WPA_DRIVER_FLAGS2_OWE_OFFLOAD;
+
+	if (ext_feature_isset(ext_features, len,
+			      NL80211_EXT_FEATURE_OWE_OFFLOAD_AP))
+		capa->flags2 |= WPA_DRIVER_FLAGS2_OWE_OFFLOAD_AP;
 }
 
 
diff --git a/src/drivers/nl80211_copy.h b/src/drivers/nl80211_copy.h
index c59fec406..6cbd63aab 100644
--- a/src/drivers/nl80211_copy.h
+++ b/src/drivers/nl80211_copy.h
@@ -334,6 +334,15 @@
  * use %NL80211_CMD_START_AP or similar functions.
  */
 
+/**
+ * DOC: OWE DH IE handling offload
+ *
+ * By setting @NL80211_EXT_FEATURE_OWE_OFFLOAD flag, drivers can indicate
+ * kernel/application space to avoid DH IE handling. When this flag is
+ * advertised, the driver/device will take care of DH IE inclusion and
+ * processing of peer DH IE to generate PMK.
+ */
+
 /**
  * enum nl80211_commands - supported nl80211 commands
  *
@@ -6372,6 +6381,12 @@ enum nl80211_feature_flags {
  *	in authentication and deauthentication frames sent to unassociated peer
  *	using @NL80211_CMD_FRAME.
  *
+ * @NL80211_EXT_FEATURE_OWE_OFFLOAD: Driver/Device wants to do OWE DH IE
+ *	handling in station mode.
+ *
+ * @NL80211_EXT_FEATURE_OWE_OFFLOAD_AP: Driver/Device wants to do OWE DH IE
+ *	handling in AP mode.
+ *
  * @NUM_NL80211_EXT_FEATURES: number of extended features.
  * @MAX_NL80211_EXT_FEATURES: highest extended feature index.
  */
@@ -6443,6 +6458,8 @@ enum nl80211_ext_feature_index {
 	NL80211_EXT_FEATURE_PUNCT,
 	NL80211_EXT_FEATURE_SECURE_NAN,
 	NL80211_EXT_FEATURE_AUTH_AND_DEAUTH_RANDOM_TA,
+	NL80211_EXT_FEATURE_OWE_OFFLOAD,
+	NL80211_EXT_FEATURE_OWE_OFFLOAD_AP,
 
 	/* add new features before the definition below */
 	NUM_NL80211_EXT_FEATURES,
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index f205b91d5..a9ab4aea4 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -3206,6 +3206,7 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
 
 #ifdef CONFIG_OWE
 	if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE &&
+	    (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS2_OWE_OFFLOAD)) &&
 	    (!bssid_known ||
 	     owe_process_assoc_resp(wpa_s->wpa,
 				    wpa_s->valid_links ?
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index ba68e8198..a088bee73 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3588,7 +3588,8 @@ static u8 * wpas_populate_assoc_ies(
 	} else
 #endif /* CONFIG_TESTING_OPTIONS */
 	if (algs == WPA_AUTH_ALG_OPEN &&
-	    ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
+	    ssid->key_mgmt == WPA_KEY_MGMT_OWE &&
+	    !(wpa_s->drv_flags & WPA_DRIVER_FLAGS2_OWE_OFFLOAD)) {
 		struct wpabuf *owe_ie;
 		u16 group;
 
-- 
2.32.0

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux