* [PATCH V2 0/3] nl80211: brcmfmac: add SAE authentication offload
@ 2019-05-09 9:49 Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 1/3] nl80211: add WPA3 definition for SAE authentication Chi-Hsien Lin
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Chi-Hsien Lin @ 2019-05-09 9:49 UTC (permalink / raw)
To: linux-wireless
Cc: brcm80211-dev-list, brcm80211-dev-list, Arend van Spriel,
Franky Lin, Hante Meuleman, Wright Feng, Kalle Valo,
Chi-Hsien Lin
Adds SAE authentication offload.
Changelog:
V2:
- Change sae_pwd_len from u16 to u8.
- Move the new attribute to bottom.
Chung-Hsien Hsu (3):
nl80211: add WPA3 definition for SAE authentication
nl80211: add support for SAE authentication offload
brcmfmac: add support for SAE authentication offload
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 73 ++++++++++++++++++++--
.../broadcom/brcm80211/brcmfmac/cfg80211.h | 3 +-
.../wireless/broadcom/brcm80211/brcmfmac/feature.c | 1 +
.../wireless/broadcom/brcm80211/brcmfmac/feature.h | 4 +-
.../broadcom/brcm80211/brcmfmac/fwil_types.h | 13 ++++
.../broadcom/brcm80211/include/brcmu_wifi.h | 2 +
include/linux/ieee80211.h | 1 +
include/net/cfg80211.h | 5 ++
include/uapi/linux/nl80211.h | 20 ++++++
net/wireless/nl80211.c | 17 ++++-
10 files changed, 131 insertions(+), 8 deletions(-)
--
2.1.0
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH V2 1/3] nl80211: add WPA3 definition for SAE authentication
2019-05-09 9:49 [PATCH V2 0/3] nl80211: brcmfmac: add SAE authentication offload Chi-Hsien Lin
@ 2019-05-09 9:49 ` Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 2/3] nl80211: add support for SAE authentication offload Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 3/3] brcmfmac: " Chi-Hsien Lin
2 siblings, 0 replies; 5+ messages in thread
From: Chi-Hsien Lin @ 2019-05-09 9:49 UTC (permalink / raw)
To: linux-wireless
Cc: brcm80211-dev-list, brcm80211-dev-list, Arend van Spriel,
Franky Lin, Hante Meuleman, Wright Feng, Kalle Valo, Stanley Hsu,
Chi-Hsien Lin
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Add definition of WPA version 3 for SAE authentication.
Signed-off-by: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
---
include/uapi/linux/nl80211.h | 1 +
net/wireless/nl80211.c | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index 6f09d1500960..e9bf3d69d847 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -4406,6 +4406,7 @@ enum nl80211_mfp {
enum nl80211_wpa_versions {
NL80211_WPA_VERSION_1 = 1 << 0,
NL80211_WPA_VERSION_2 = 1 << 1,
+ NL80211_WPA_VERSION_3 = 1 << 2,
};
/**
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index fffe4b371e23..8e470591c424 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -8699,7 +8699,8 @@ static int nl80211_dump_survey(struct sk_buff *skb, struct netlink_callback *cb)
static bool nl80211_valid_wpa_versions(u32 wpa_versions)
{
return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
- NL80211_WPA_VERSION_2));
+ NL80211_WPA_VERSION_2 |
+ NL80211_WPA_VERSION_3));
}
static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH V2 2/3] nl80211: add support for SAE authentication offload
2019-05-09 9:49 [PATCH V2 0/3] nl80211: brcmfmac: add SAE authentication offload Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 1/3] nl80211: add WPA3 definition for SAE authentication Chi-Hsien Lin
@ 2019-05-09 9:49 ` Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 3/3] brcmfmac: " Chi-Hsien Lin
2 siblings, 0 replies; 5+ messages in thread
From: Chi-Hsien Lin @ 2019-05-09 9:49 UTC (permalink / raw)
To: linux-wireless
Cc: brcm80211-dev-list, brcm80211-dev-list, Arend van Spriel,
Franky Lin, Hante Meuleman, Wright Feng, Kalle Valo, Stanley Hsu,
Chi-Hsien Lin
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Let drivers advertise support for station-mode SAE authentication
offload with a new NL80211_EXT_FEATURE_SAE_OFFLOAD flag.
Signed-off-by: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
---
include/linux/ieee80211.h | 1 +
include/net/cfg80211.h | 5 +++++
include/uapi/linux/nl80211.h | 19 +++++++++++++++++++
net/wireless/nl80211.c | 14 ++++++++++++++
4 files changed, 39 insertions(+)
diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index 61f0a316c6ac..5dfd949ade25 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -2612,6 +2612,7 @@ enum ieee80211_key_len {
#define FILS_ERP_MAX_RRK_LEN 64
#define PMK_MAX_LEN 64
+#define SAE_PASSWORD_MAX_LEN 128
/* Public action codes (IEEE Std 802.11-2016, 9.6.8.1, Table 9-307) */
enum ieee80211_pub_actioncode {
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 87dae868707e..6d4c4d4fd571 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -742,6 +742,9 @@ struct survey_info {
* CFG80211_MAX_WEP_KEYS WEP keys
* @wep_tx_key: key index (0..3) of the default TX static WEP key
* @psk: PSK (for devices supporting 4-way-handshake offload)
+ * @sae_pwd: password for SAE authentication (for devices supporting SAE
+ * offload)
+ * @sae_pwd_len: length of SAE password (for devices supporting SAE offload)
*/
struct cfg80211_crypto_settings {
u32 wpa_versions;
@@ -757,6 +760,8 @@ struct cfg80211_crypto_settings {
struct key_params *wep_keys;
int wep_tx_key;
const u8 *psk;
+ const u8 *sae_pwd;
+ u8 sae_pwd_len;
};
/**
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index e9bf3d69d847..8b1e43fecd25 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -235,6 +235,15 @@
*/
/**
+ * DOC: SAE authentication offload
+ *
+ * By setting @NL80211_EXT_FEATURE_SAE_OFFLOAD flag drivers can indicate they
+ * support offloading SAE authentication for WPA3-Personal networks. In
+ * %NL80211_CMD_CONNECT the password for SAE should be specified using
+ * %NL80211_ATTR_SAE_PASSWORD.
+ */
+
+/**
* enum nl80211_commands - supported nl80211 commands
*
* @NL80211_CMD_UNSPEC: unspecified command to catch errors
@@ -2341,6 +2350,10 @@ enum nl80211_commands {
* should be picking up the lowest tx power, either tx power per-interface
* or per-station.
*
+ * @NL80211_ATTR_SAE_PASSWORD: attribute for passing SAE password material. It
+ * is used with %NL80211_CMD_CONNECT to provide password for offloading
+ * SAE authentication for WPA3-Personal networks.
+ *
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
* @NL80211_ATTR_MAX: highest attribute number currently defined
* @__NL80211_ATTR_AFTER_LAST: internal use
@@ -2794,6 +2807,8 @@ enum nl80211_attrs {
NL80211_ATTR_STA_TX_POWER_SETTING,
NL80211_ATTR_STA_TX_POWER,
+ NL80211_ATTR_SAE_PASSWORD,
+
/* add attributes here, update the policy in nl80211.c */
__NL80211_ATTR_AFTER_LAST,
@@ -5423,6 +5438,9 @@ enum nl80211_feature_flags {
* @NL80211_EXT_FEATURE_STA_TX_PWR: This driver supports controlling tx power
* to a station.
*
+ * @NL80211_EXT_FEATURE_SAE_OFFLOAD: Device wants to do SAE authentication in
+ * station mode (SAE password is passed as part of the connect command).
+ *
* @NUM_NL80211_EXT_FEATURES: number of extended features.
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
*/
@@ -5467,6 +5485,7 @@ enum nl80211_ext_feature_index {
NL80211_EXT_FEATURE_SCHED_SCAN_BAND_SPECIFIC_RSSI_THOLD,
NL80211_EXT_FEATURE_EXT_KEY_ID,
NL80211_EXT_FEATURE_STA_TX_PWR,
+ NL80211_EXT_FEATURE_SAE_OFFLOAD,
/* add new features before the definition below */
NUM_NL80211_EXT_FEATURES,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 8e470591c424..d51015405e6f 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -546,6 +546,8 @@ const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
[NL80211_ATTR_PEER_MEASUREMENTS] =
NLA_POLICY_NESTED(nl80211_pmsr_attr_policy),
[NL80211_ATTR_AIRTIME_WEIGHT] = NLA_POLICY_MIN(NLA_U16, 1),
+ [NL80211_ATTR_SAE_PASSWORD] = { .type = NLA_BINARY,
+ .len = SAE_PASSWORD_MAX_LEN },
};
/* policy for the key attributes */
@@ -4397,6 +4399,8 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
return true;
case NL80211_CMD_CONNECT:
if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
+ !wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
auth_type == NL80211_AUTHTYPE_SAE)
return false;
@@ -8936,6 +8940,16 @@ static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]);
}
+ if (info->attrs[NL80211_ATTR_SAE_PASSWORD]) {
+ if (!wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_SAE_OFFLOAD))
+ return -EINVAL;
+ settings->sae_pwd =
+ nla_data(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
+ settings->sae_pwd_len =
+ nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
+ }
+
return 0;
}
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH V2 3/3] brcmfmac: add support for SAE authentication offload
2019-05-09 9:49 [PATCH V2 0/3] nl80211: brcmfmac: add SAE authentication offload Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 1/3] nl80211: add WPA3 definition for SAE authentication Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 2/3] nl80211: add support for SAE authentication offload Chi-Hsien Lin
@ 2019-05-09 9:49 ` Chi-Hsien Lin
2019-10-01 9:12 ` Kalle Valo
2 siblings, 1 reply; 5+ messages in thread
From: Chi-Hsien Lin @ 2019-05-09 9:49 UTC (permalink / raw)
To: linux-wireless
Cc: brcm80211-dev-list, brcm80211-dev-list, Arend van Spriel,
Franky Lin, Hante Meuleman, Wright Feng, Kalle Valo, Stanley Hsu,
Chi-Hsien Lin
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
The firmware may have SAE authentication code built-in. This is
detected by the driver and indicated in the wiphy features flags.
User-space can use this flag to determine whether or not to provide
the password material for SAE authentication in the nl80211 CONNECT
command.
Signed-off-by: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
---
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 73 ++++++++++++++++++++--
.../broadcom/brcm80211/brcmfmac/cfg80211.h | 3 +-
.../wireless/broadcom/brcm80211/brcmfmac/feature.c | 1 +
.../wireless/broadcom/brcm80211/brcmfmac/feature.h | 4 +-
.../broadcom/brcm80211/brcmfmac/fwil_types.h | 13 ++++
.../broadcom/brcm80211/include/brcmu_wifi.h | 2 +
6 files changed, 89 insertions(+), 7 deletions(-)
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 8ee8af4e7ec4..30f464a958db 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -1274,6 +1274,31 @@ static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
return err;
}
+static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data,
+ u16 pwd_len)
+{
+ struct brcmf_pub *drvr = ifp->drvr;
+ struct brcmf_wsec_sae_pwd_le sae_pwd;
+ int err;
+
+ if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) {
+ bphy_err(drvr, "sae_password must be less than %d\n",
+ BRCMF_WSEC_MAX_SAE_PASSWORD_LEN);
+ return -EINVAL;
+ }
+
+ sae_pwd.key_len = cpu_to_le16(pwd_len);
+ memcpy(sae_pwd.key, pwd_data, pwd_len);
+
+ err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd,
+ sizeof(sae_pwd));
+ if (err < 0)
+ bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n",
+ pwd_len);
+
+ return err;
+}
+
static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason)
{
struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
@@ -1492,6 +1517,8 @@ static s32 brcmf_set_wpa_version(struct net_device *ndev,
val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
+ else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3)
+ val = WPA3_AUTH_SAE_PSK;
else
val = WPA_AUTH_DISABLED;
brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
@@ -1524,6 +1551,10 @@ static s32 brcmf_set_auth_type(struct net_device *ndev,
val = 1;
brcmf_dbg(CONN, "shared key\n");
break;
+ case NL80211_AUTHTYPE_SAE:
+ val = 3;
+ brcmf_dbg(CONN, "SAE authentication\n");
+ break;
default:
val = 2;
brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
@@ -1689,6 +1720,16 @@ brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
sme->crypto.cipher_group);
return -EINVAL;
}
+ } else if (val & WPA3_AUTH_SAE_PSK) {
+ switch (sme->crypto.akm_suites[0]) {
+ case WLAN_AKM_SUITE_SAE:
+ val = WPA3_AUTH_SAE_PSK;
+ break;
+ default:
+ bphy_err(drvr, "invalid cipher group (%d)\n",
+ sme->crypto.cipher_group);
+ return -EINVAL;
+ }
}
if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
@@ -1760,7 +1801,8 @@ brcmf_set_sharedkey(struct net_device *ndev,
brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
sec->wpa_versions, sec->cipher_pairwise);
- if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2))
+ if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 |
+ NL80211_WPA_VERSION_3))
return 0;
if (!(sec->cipher_pairwise &
@@ -1967,7 +2009,13 @@ brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
goto done;
}
- if (sme->crypto.psk) {
+ if (sme->crypto.sae_pwd) {
+ brcmf_dbg(INFO, "using SAE offload\n");
+ profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
+ }
+
+ if (sme->crypto.psk &&
+ profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
err = -EINVAL;
goto done;
@@ -1985,12 +2033,23 @@ brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
}
}
- if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK) {
+ if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
err = brcmf_set_pmk(ifp, sme->crypto.psk,
BRCMF_WSEC_MAX_PSK_LEN);
- if (err)
+ else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
+ /* clean up user-space RSNE */
+ if (brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0)) {
+ bphy_err(drvr, "failed to clean up user-space RSNE\n");
goto done;
+ }
+ err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
+ sme->crypto.sae_pwd_len);
+ if (!err && sme->crypto.psk)
+ err = brcmf_set_pmk(ifp, sme->crypto.psk,
+ BRCMF_WSEC_MAX_PSK_LEN);
}
+ if (err)
+ goto done;
/* Join with specific BSSID and cached SSID
* If SSID is zero join based on BSSID only
@@ -5362,7 +5421,8 @@ static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
brcmf_dbg(CONN, "Processing set ssid\n");
memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
- if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK)
+ if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK &&
+ vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE)
return true;
set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
@@ -6667,6 +6727,9 @@ static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
wiphy_ext_feature_set(wiphy,
NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
+ if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
+ wiphy_ext_feature_set(wiphy,
+ NL80211_EXT_FEATURE_SAE_OFFLOAD);
}
wiphy->mgmt_stypes = brcmf_txrx_stypes;
wiphy->max_remain_on_channel_duration = 5000;
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h
index 9a6287f084a9..dd355dff2ef2 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h
@@ -118,7 +118,8 @@ struct brcmf_cfg80211_security {
enum brcmf_profile_fwsup {
BRCMF_PROFILE_FWSUP_NONE,
BRCMF_PROFILE_FWSUP_PSK,
- BRCMF_PROFILE_FWSUP_1X
+ BRCMF_PROFILE_FWSUP_1X,
+ BRCMF_PROFILE_FWSUP_SAE
};
/**
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
index acca719b3907..ca35809d6a10 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
@@ -50,6 +50,7 @@ static const struct brcmf_feat_fwcap brcmf_fwcap_map[] = {
{ BRCMF_FEAT_P2P, "p2p" },
{ BRCMF_FEAT_MONITOR, "monitor" },
{ BRCMF_FEAT_MONITOR_FMT_RADIOTAP, "rtap" },
+ { BRCMF_FEAT_SAE, "sae" },
};
#ifdef DEBUG
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
index 5e88a7f16ad2..ee250e7de059 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
@@ -36,6 +36,7 @@
* MONITOR: firmware can pass monitor packets to host.
* MONITOR_FMT_RADIOTAP: firmware provides monitor packets with radiotap header
* MONITOR_FMT_HW_RX_HDR: firmware provides monitor packets with hw/ucode header
+ * SAE: simultaneous authentication of equals
*/
#define BRCMF_FEAT_LIST \
BRCMF_FEAT_DEF(MBSS) \
@@ -54,7 +55,8 @@
BRCMF_FEAT_DEF(FWSUP) \
BRCMF_FEAT_DEF(MONITOR) \
BRCMF_FEAT_DEF(MONITOR_FMT_RADIOTAP) \
- BRCMF_FEAT_DEF(MONITOR_FMT_HW_RX_HDR)
+ BRCMF_FEAT_DEF(MONITOR_FMT_HW_RX_HDR) \
+ BRCMF_FEAT_DEF(SAE)
/*
* Quirks:
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h
index 39ac1bbb6cc0..d81ad6542513 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h
@@ -72,6 +72,8 @@
#define BRCMF_WSEC_MAX_PSK_LEN 32
#define BRCMF_WSEC_PASSPHRASE BIT(0)
+#define BRCMF_WSEC_MAX_SAE_PASSWORD_LEN 128
+
/* primary (ie tx) key */
#define BRCMF_PRIMARY_KEY (1 << 1)
#define DOT11_BSSTYPE_ANY 2
@@ -529,6 +531,17 @@ struct brcmf_wsec_pmk_le {
u8 key[2 * BRCMF_WSEC_MAX_PSK_LEN + 1];
};
+/**
+ * struct brcmf_wsec_sae_pwd_le - firmware SAE password material.
+ *
+ * @key_len: number of octets in key materials.
+ * @key: SAE password material.
+ */
+struct brcmf_wsec_sae_pwd_le {
+ __le16 key_len;
+ u8 key[BRCMF_WSEC_MAX_SAE_PASSWORD_LEN];
+};
+
/* Used to get specific STA parameters */
struct brcmf_scb_val_le {
__le32 val;
diff --git a/drivers/net/wireless/broadcom/brcm80211/include/brcmu_wifi.h b/drivers/net/wireless/broadcom/brcm80211/include/brcmu_wifi.h
index dddebaa60352..60d7e3221b35 100644
--- a/drivers/net/wireless/broadcom/brcm80211/include/brcmu_wifi.h
+++ b/drivers/net/wireless/broadcom/brcm80211/include/brcmu_wifi.h
@@ -242,6 +242,8 @@ static inline bool ac_bitmap_tst(u8 bitmap, int prec)
#define WPA2_AUTH_FT 0x4000 /* Fast BSS Transition */
#define WPA2_AUTH_PSK_SHA256 0x8000 /* PSK with SHA256 key derivation */
+#define WPA3_AUTH_SAE_PSK 0x40000 /* SAE with 4-way handshake */
+
#define DOT11_DEFAULT_RTS_LEN 2347
#define DOT11_DEFAULT_FRAG_LEN 2346
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH V2 3/3] brcmfmac: add support for SAE authentication offload
2019-05-09 9:49 ` [PATCH V2 3/3] brcmfmac: " Chi-Hsien Lin
@ 2019-10-01 9:12 ` Kalle Valo
0 siblings, 0 replies; 5+ messages in thread
From: Kalle Valo @ 2019-10-01 9:12 UTC (permalink / raw)
To: Chi-Hsien Lin
Cc: linux-wireless, brcm80211-dev-list, brcm80211-dev-list,
Arend van Spriel, Franky Lin, Hante Meuleman, Wright Feng,
Stanley Hsu, Chi-Hsien Lin
Chi-Hsien Lin <Chi-Hsien.Lin@cypress.com> wrote:
> From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
>
> The firmware may have SAE authentication code built-in. This is
> detected by the driver and indicated in the wiphy features flags.
> User-space can use this flag to determine whether or not to provide
> the password material for SAE authentication in the nl80211 CONNECT
> command.
>
> Signed-off-by: Chung-Hsien Hsu <stanley.hsu@cypress.com>
> Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
Failed to apply, please rebase and resend.
Recorded preimage for 'drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c'
Recorded preimage for 'drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h'
error: Failed to merge in the changes.
Applying: brcmfmac: add support for SAE authentication offload
Using index info to reconstruct a base tree...
M drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
M drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h
M drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
M drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
M drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h
M drivers/net/wireless/broadcom/brcm80211/include/brcmu_wifi.h
Falling back to patching base and 3-way merge...
Auto-merging drivers/net/wireless/broadcom/brcm80211/include/brcmu_wifi.h
Auto-merging drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h
Auto-merging drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
CONFLICT (content): Merge conflict in drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
Auto-merging drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
CONFLICT (content): Merge conflict in drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
Auto-merging drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h
Auto-merging drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
Patch failed at 0001 brcmfmac: add support for SAE authentication offload
The copy of the patch that failed is found in: .git/rebase-apply/patch
Patch set to Changes Requested.
--
https://patchwork.kernel.org/patch/10936953/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-10-01 9:13 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-09 9:49 [PATCH V2 0/3] nl80211: brcmfmac: add SAE authentication offload Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 1/3] nl80211: add WPA3 definition for SAE authentication Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 2/3] nl80211: add support for SAE authentication offload Chi-Hsien Lin
2019-05-09 9:49 ` [PATCH V2 3/3] brcmfmac: " Chi-Hsien Lin
2019-10-01 9:12 ` Kalle Valo
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.