This patch adds attributes to NL80211_CMD_START_AP that the user application can use to pass down PTK/GTK rekey interval times to the driver. If driver can't support the configuration, it is expected to return failure to NL8011_CMD_START_AP. The rekey interval timings are to be passed in seconds. --- v1 > v2: Fixed the missing nl80211_policy changes Signed-off-by: Jithu Jance <jithu.jance@xxxxxxxxxxxx> --- include/net/cfg80211.h | 6 ++++++ include/uapi/linux/nl80211.h | 13 +++++++++++++ net/wireless/nl80211.c | 13 +++++++++++++ 3 files changed, 32 insertions(+) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index b137a33a1b68..459e29d4d766 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -1218,6 +1218,10 @@ struct survey_info { * * NL80211_SAE_PWE_BOTH * Allow either hunting-and-pecking loop or hash-to-element + * @ptk_rekey_interval: PTK rekey interval in seconds for drivers supporting + * AP 4 way handshake offload. + * @gtk_rekey_interval: GTK rekey interval in seconds for drivers supporting + * AP 4 way handshake offload. */ struct cfg80211_crypto_settings { u32 wpa_versions; @@ -1235,6 +1239,8 @@ struct cfg80211_crypto_settings { const u8 *sae_pwd; u8 sae_pwd_len; enum nl80211_sae_pwe_mechanism sae_pwe; + u32 ptk_rekey_interval; + u32 gtk_rekey_interval; }; /** diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h index dced2c49daec..1bc4650efed1 100644 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -205,6 +205,10 @@ * preshared key material is provided, for example when that driver does * not support setting the temporal keys through %NL80211_CMD_NEW_KEY. * + * NL80211_CMD_START_AP can optionally carry %NL80211_ATTR_GTK_REKEY_INTERVAL + * and %NL80211_ATTR_PTK_REKEY_INTERVAL to pass down user configured values to + * the driver. + * * For 802.1X the PMK or PMK-R0 are set by providing %NL80211_ATTR_PMK * using %NL80211_CMD_SET_PMK. For offloaded FT support also * %NL80211_ATTR_PMKR0_NAME must be provided. @@ -2826,6 +2830,12 @@ enum nl80211_commands { * @NL80211_ATTR_MLO_LINK_DISABLED: Flag attribute indicating that the link is * disabled. * + * @NL80211_ATTR_PTK_REKEY_INTERVAL: PTK refresh interval in seconds for drivers + * supporting NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK. + * + * @NL80211_ATTR_GTK_REKEY_INTERVAL: GTK refresh interval in seconds for drivers + * supporting NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK. + * * @NUM_NL80211_ATTR: total number of nl80211_attrs available * @NL80211_ATTR_MAX: highest attribute number currently defined * @__NL80211_ATTR_AFTER_LAST: internal use @@ -3364,6 +3374,9 @@ enum nl80211_attrs { NL80211_ATTR_MLO_LINK_DISABLED, + NL80211_ATTR_PTK_REKEY_INTERVAL, + NL80211_ATTR_GTK_REKEY_INTERVAL, + /* add attributes here, update the policy in nl80211.c */ __NL80211_ATTR_AFTER_LAST, diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 569234bc2be6..514960e5681d 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -818,6 +818,8 @@ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = { [NL80211_ATTR_HW_TIMESTAMP_ENABLED] = { .type = NLA_FLAG }, [NL80211_ATTR_EMA_RNR_ELEMS] = { .type = NLA_NESTED }, [NL80211_ATTR_MLO_LINK_DISABLED] = { .type = NLA_FLAG }, + [NL80211_ATTR_PTK_REKEY_INTERVAL] = { .type = NLA_U32 }, + [NL80211_ATTR_GTK_REKEY_INTERVAL] = { .type = NLA_U32 }, }; /* policy for the key attributes */ @@ -10892,6 +10894,17 @@ static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, else settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED; + if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL] || + info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]) { + if (!wiphy_ext_feature_isset(&rdev->wiphy, + NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK)) + return -EINVAL; + if (info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL]) + settings->ptk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_PTK_REKEY_INTERVAL]); + else + settings->gtk_rekey_interval = nla_get_u32(info->attrs[NL80211_ATTR_GTK_REKEY_INTERVAL]); + } + return 0; } -- 2.38.1
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature