This patch adds attributes to NL80211_CMD_START_AP that the user application
can use to pass down PTK/GTK rekey interval times to the driver. If driver can't
support the configuration, it is expected to return failure to NL8011_CMD_START_AP.
The rekey interval timings are to be passed in seconds.
---
v1 > v2: Fixed the missing nl80211_policy changes
Signed-off-by: Jithu Jance <jithu.jance@xxxxxxxxxxxx>
---
include/net/cfg80211.h | 6 ++++++
include/uapi/linux/nl80211.h | 13 +++++++++++++
net/wireless/nl80211.c | 13 +++++++++++++
3 files changed, 32 insertions(+)
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index b137a33a1b68..459e29d4d766 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -1218,6 +1218,10 @@ struct survey_info {
*
* NL80211_SAE_PWE_BOTH
* Allow either hunting-and-pecking loop or hash-to-element
+ * @ptk_rekey_interval: PTK rekey interval in seconds for drivers supporting
+ * AP 4 way handshake offload.
+ * @gtk_rekey_interval: GTK rekey interval in seconds for drivers supporting
+ * AP 4 way handshake offload.
*/
struct cfg80211_crypto_settings {
u32 wpa_versions;
@@ -1235,6 +1239,8 @@ struct cfg80211_crypto_settings {
const u8 *sae_pwd;
u8 sae_pwd_len;
enum nl80211_sae_pwe_mechanism sae_pwe;
+ u32 ptk_rekey_interval;
+ u32 gtk_rekey_interval;
};
/**
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index dced2c49daec..1bc4650efed1 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -205,6 +205,10 @@
* preshared key material is provided, for example when that driver does
* not support setting the temporal keys through %NL80211_CMD_NEW_KEY.
*
+ * NL80211_CMD_START_AP can optionally carry %NL80211_ATTR_GTK_REKEY_INTERVAL
+ * and %NL80211_ATTR_PTK_REKEY_INTERVAL to pass down user configured values to
+ * the driver.
+ *
* For 802.1X the PMK or PMK-R0 are set by providing %NL80211_ATTR_PMK
* using %NL80211_CMD_SET_PMK. For offloaded FT support also
* %NL80211_ATTR_PMKR0_NAME must be provided.
@@ -2826,6 +2830,12 @@ enum nl80211_commands {
* @NL80211_ATTR_MLO_LINK_DISABLED: Flag attribute indicating that the link is
* disabled.
*
+ * @NL80211_ATTR_PTK_REKEY_INTERVAL: PTK refresh interval in seconds for drivers
+ * supporting NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK.
+ *
+ * @NL80211_ATTR_GTK_REKEY_INTERVAL: GTK refresh interval in seconds for drivers
+ * supporting NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK.
+ *
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
* @NL80211_ATTR_MAX: highest attribute number currently defined
* @__NL80211_ATTR_AFTER_LAST: internal use
@@ -3364,6 +3374,9 @@ enum nl80211_attrs {
NL80211_ATTR_MLO_LINK_DISABLED,
+ NL80211_ATTR_PTK_REKEY_INTERVAL,
+ NL80211_ATTR_GTK_REKEY_INTERVAL,
+
/* add attributes here, update the policy in nl80211.c */
__NL80211_ATTR_AFTER_LAST,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 569234bc2be6..514960e5681d 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -818,6 +818,8 @@ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
[NL80211_ATTR_HW_TIMESTAMP_ENABLED] = { .type = NLA_FLAG },
[NL80211_ATTR_EMA_RNR_ELEMS] = { .type = NLA_NESTED },
[NL80211_ATTR_MLO_LINK_DISABLED] = { .type = NLA_FLAG },
+ [NL80211_ATTR_PTK_REKEY_INTERVAL] = { .type = NLA_U32 },
+ [NL80211_ATTR_GTK_REKEY_INTERVAL] = { .type = NLA_U32 },
};
/* policy for the key attributes */
@@ -10892,6 +10894,17 @@ static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
else
settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED;
+ if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL] ||
+ info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]) {
+ if (!wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK))
+ return -EINVAL;
+ if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL])
+ settings->ptk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL]);
+ else
+ settings->gtk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]);
+ }
+
return 0;
}
--
2.38.1
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
