Hi Johannes,
Could you please let us know whether this patch is fine. If fine, we
shall go ahead and submit the patch for wpa_supplicant as well. This
patch is useful for allowing the user space to flush PMKs generated at
firmware for the SAE/OWE offloads when a user changes
credential/removes the connection profile.
Thanks,
Jithu Jance
Jithu Jance
On Thu, Nov 9, 2023 at 6:00 PM Vinayak Yadawad
<vinayak.yadawad@xxxxxxxxxxxx> wrote:
>
> Current handling of del pmksa with SSID is limited to FILS
> security. In the current change the del pmksa support is extended
> to SAE/OWE security offloads as well. For OWE/SAE offloads, the
> PMK is generated and cached at driver/FW, so user app needs the
> capability to request cache deletion based on SSID for drivers
> supporting SAE/OWE offload.
>
> Signed-off-by: Vinayak Yadawad <vinayak.yadawad@xxxxxxxxxxxx>
> ---
> v1->v2: Addressed review comments for indentation
> v2->v3: Addressed review comments for version update in header
> ---
> net/wireless/nl80211.c | 27 ++++++++++++++++++++-------
> 1 file changed, 20 insertions(+), 7 deletions(-)
>
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index 569234bc2be6..8dc1c800f171 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -12183,24 +12183,37 @@ static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
>
> memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
>
> - if (!info->attrs[NL80211_ATTR_PMKID])
> + if ((info->genlhdr->cmd == NL80211_CMD_SET_PMKSA) &&
> + (!info->attrs[NL80211_ATTR_PMKID]))
> return -EINVAL;
>
> - pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
> + if (info->attrs[NL80211_ATTR_PMKID])
> + pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
>
> if (info->attrs[NL80211_ATTR_MAC]) {
> pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
> - } else if (info->attrs[NL80211_ATTR_SSID] &&
> - info->attrs[NL80211_ATTR_FILS_CACHE_ID] &&
> - (info->genlhdr->cmd == NL80211_CMD_DEL_PMKSA ||
> + } else if (info->attrs[NL80211_ATTR_SSID]) {
> + /* SSID based pmksa flush suppported only for FILS,
> + * OWE/SAE OFFLOAD cases
> + */
> + if (info->attrs[NL80211_ATTR_FILS_CACHE_ID] &&
> + (info->genlhdr->cmd == NL80211_CMD_DEL_PMKSA ||
> info->attrs[NL80211_ATTR_PMK])) {
> + pmksa.cache_id =
> + nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]);
> + } else if ((info->genlhdr->cmd == NL80211_CMD_DEL_PMKSA) &&
> + (!wiphy_ext_feature_isset(
> + &rdev->wiphy, NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
> + (!wiphy_ext_feature_isset(
> + &rdev->wiphy,NL80211_EXT_FEATURE_OWE_OFFLOAD)))){
> + return -EINVAL;
> + }
> pmksa.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
> pmksa.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
> - pmksa.cache_id =
> - nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]);
> } else {
> return -EINVAL;
> }
> +
> if (info->attrs[NL80211_ATTR_PMK]) {
> pmksa.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
> pmksa.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
> --
> 2.32.0
>
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
