[PATCH 0/9] cfg80211/mac80211 patches from our internal tree 2017-04-26

[PATCH 0/9] cfg80211/mac80211 patches from our internal tree 2017-04-26

[Luca Coelho]

From: Luca Coelho <luciano.coelho@intel.com>

Hi,

Here are some mac80211 and cfg80211 patches from our internal tree.

 * New AKM suite selectors in the ieee80211 header;
 * Some improvements in the roaming API in cfg80211;
 * Support for max BSS idle period in mac80211;
 * Some cleanups and an optimization;
 
Please review.

Cheers,
Luca.


Avraham Stern (3):
  mac80211: Add support for BSS max idle period element
  cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()
  cfg80211/nl80211: add authorized flag to roaming event

Emmanuel Grumbach (1):
  mac80211: don't parse encrypted management frames in
    ieee80211_frame_acked

Johannes Berg (2):
  ieee80211: fix kernel-doc parsing errors
  mac80211: disentangle iflist_mtx and chanctx_mtx

Luca Coelho (3):
  ieee80211: add SUITE_B AKM selectors
  ieee80211: add FT-802.1X AKM suite selector
  mac80211: make multicast variable a bool in ieee80211_accept_frame()

 drivers/net/wireless/ath/ath6kl/cfg80211.c         | 10 ++-
 .../broadcom/brcm80211/brcmfmac/cfg80211.c         | 13 +++-
 drivers/net/wireless/rndis_wlan.c                  | 19 +++--
 drivers/staging/wlan-ng/cfg80211.c                 |  7 +-
 include/linux/ieee80211.h                          | 67 +++++++++++-----
 include/net/cfg80211.h                             | 62 +++++++--------
 include/net/mac80211.h                             | 14 +++-
 include/uapi/linux/nl80211.h                       | 14 ++++
 net/mac80211/cfg.c                                 |  6 +-
 net/mac80211/ieee80211_i.h                         |  1 +
 net/mac80211/main.c                                |  2 +
 net/mac80211/mlme.c                                | 14 +++-
 net/mac80211/rx.c                                  |  2 +-
 net/mac80211/status.c                              |  1 +
 net/mac80211/util.c                                | 18 ++++-
 net/wireless/core.h                                | 12 +--
 net/wireless/nl80211.c                             | 20 +++--
 net/wireless/nl80211.h                             |  5 +-
 net/wireless/sme.c                                 | 91 ++++++++++------------
 net/wireless/util.c                                |  4 +-
 20 files changed, 231 insertions(+), 151 deletions(-)

-- 
2.11.0

[PATCH 1/9] ieee80211: add SUITE_B AKM selectors

[Luca Coelho]

From: Luca Coelho <luciano.coelho@intel.com>

Add the definitions for SUITE_B and SUITE_B_192 AKM selectors as
defined in IEEE802.11REVmc_D5.0, table 9-132.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 include/linux/ieee80211.h | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index 294fa6273a62..23e095fa6701 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -2356,18 +2356,20 @@ enum ieee80211_sa_query_action {
 #define WLAN_CIPHER_SUITE_SMS4		SUITE(0x001472, 1)
 
 /* AKM suite selectors */
-#define WLAN_AKM_SUITE_8021X		SUITE(0x000FAC, 1)
-#define WLAN_AKM_SUITE_PSK		SUITE(0x000FAC, 2)
-#define WLAN_AKM_SUITE_FT_PSK		SUITE(0x000FAC, 4)
-#define WLAN_AKM_SUITE_8021X_SHA256	SUITE(0x000FAC, 5)
-#define WLAN_AKM_SUITE_PSK_SHA256	SUITE(0x000FAC, 6)
-#define WLAN_AKM_SUITE_TDLS		SUITE(0x000FAC, 7)
-#define WLAN_AKM_SUITE_SAE		SUITE(0x000FAC, 8)
-#define WLAN_AKM_SUITE_FT_OVER_SAE	SUITE(0x000FAC, 9)
-#define WLAN_AKM_SUITE_FILS_SHA256	SUITE(0x000FAC, 14)
-#define WLAN_AKM_SUITE_FILS_SHA384	SUITE(0x000FAC, 15)
-#define WLAN_AKM_SUITE_FT_FILS_SHA256	SUITE(0x000FAC, 16)
-#define WLAN_AKM_SUITE_FT_FILS_SHA384	SUITE(0x000FAC, 17)
+#define WLAN_AKM_SUITE_8021X			SUITE(0x000FAC, 1)
+#define WLAN_AKM_SUITE_PSK			SUITE(0x000FAC, 2)
+#define WLAN_AKM_SUITE_FT_PSK			SUITE(0x000FAC, 4)
+#define WLAN_AKM_SUITE_8021X_SHA256		SUITE(0x000FAC, 5)
+#define WLAN_AKM_SUITE_PSK_SHA256		SUITE(0x000FAC, 6)
+#define WLAN_AKM_SUITE_TDLS			SUITE(0x000FAC, 7)
+#define WLAN_AKM_SUITE_SAE			SUITE(0x000FAC, 8)
+#define WLAN_AKM_SUITE_FT_OVER_SAE		SUITE(0x000FAC, 9)
+#define WLAN_AKM_SUITE_8021X_SUITE_B		SUITE(0x000FAC, 11)
+#define WLAN_AKM_SUITE_8021X_SUITE_B_192	SUITE(0x000FAC, 12)
+#define WLAN_AKM_SUITE_FILS_SHA256		SUITE(0x000FAC, 14)
+#define WLAN_AKM_SUITE_FILS_SHA384		SUITE(0x000FAC, 15)
+#define WLAN_AKM_SUITE_FT_FILS_SHA256		SUITE(0x000FAC, 16)
+#define WLAN_AKM_SUITE_FT_FILS_SHA384		SUITE(0x000FAC, 17)
 
 #define WLAN_MAX_KEY_LEN		32
 
-- 
2.11.0

[PATCH 2/9] mac80211: Add support for BSS max idle period element

[Luca Coelho]

From: Avraham Stern <avraham.stern@intel.com>

Parse the BSS max idle period element and set the BSS configuration
accordingly so the driver can use this information to configure the
max idle period and to use protected management frames for keep alive
when required.

The BSS max idle period element is defined in IEEE802.11-2016,
section 9.4.2.79

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 include/linux/ieee80211.h  | 28 +++++++++++++++++++++++++++-
 include/net/mac80211.h     | 14 +++++++++++++-
 net/mac80211/ieee80211_i.h |  1 +
 net/mac80211/mlme.c        | 14 +++++++++++++-
 net/mac80211/util.c        |  9 +++++++++
 5 files changed, 63 insertions(+), 3 deletions(-)

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index 23e095fa6701..c916ba4a22d4 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -7,7 +7,7 @@
  * Copyright (c) 2005, Devicescape Software, Inc.
  * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
  * Copyright (c) 2013 - 2014 Intel Mobile Communications GmbH
- * Copyright (c) 2016 Intel Deutschland GmbH
+ * Copyright (c) 2016 - 2017 Intel Deutschland GmbH
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -2316,6 +2316,32 @@ struct ieee80211_timeout_interval_ie {
 	__le32 value;
 } __packed;
 
+/**
+ * enum ieee80211_idle_options - BSS idle options
+ * @WLAN_IDLE_OPTIONS_PROTECTED_KEEP_ALIVE: the station should send an RSN
+ *	protected frame to the AP to reset the idle timer at the AP for
+ *	the station.
+ */
+enum ieee80211_idle_options {
+	WLAN_IDLE_OPTIONS_PROTECTED_KEEP_ALIVE = BIT(0),
+};
+
+/**
+ * struct ieee80211_bss_max_idle_period_ie
+ *
+ * This structure refers to "BSS Max idle period element"
+ *
+ * @max_idle_period: indicates the time period during which a station can
+ *	refrain from transmitting frames to its associated AP without being
+ *	disassociated. In units of 1000 TUs.
+ * @idle_options: indicates the options associated with the BSS idle capability
+ *	as specified in &enum ieee80211_idle_options.
+ */
+struct ieee80211_bss_max_idle_period_ie {
+	__le16 max_idle_period;
+	u8 idle_options;
+} __packed;
+
 /* BACK action code */
 enum ieee80211_back_actioncode {
 	WLAN_ACTION_ADDBA_REQ = 0,
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index b1ac872dc88a..66e602d501e5 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -5,7 +5,7 @@
  * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
  * Copyright 2007-2010	Johannes Berg <johannes@sipsolutions.net>
  * Copyright 2013-2014  Intel Mobile Communications GmbH
- * Copyright (C) 2015 - 2016 Intel Deutschland GmbH
+ * Copyright (C) 2015 - 2017 Intel Deutschland GmbH
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -299,6 +299,8 @@ struct ieee80211_vif_chanctx_switch {
  *	context had been assigned.
  * @BSS_CHANGED_OCB: OCB join status changed
  * @BSS_CHANGED_MU_GROUPS: VHT MU-MIMO group id or user position changed
+ * @BSS_CHANGED_KEEP_ALIVE: keep alive options (idle period or protected
+ *	keep alive) changed.
  */
 enum ieee80211_bss_change {
 	BSS_CHANGED_ASSOC		= 1<<0,
@@ -325,6 +327,7 @@ enum ieee80211_bss_change {
 	BSS_CHANGED_BANDWIDTH		= 1<<21,
 	BSS_CHANGED_OCB                 = 1<<22,
 	BSS_CHANGED_MU_GROUPS		= 1<<23,
+	BSS_CHANGED_KEEP_ALIVE		= 1<<24,
 
 	/* when adding here, make sure to change ieee80211_reconfig */
 };
@@ -533,6 +536,13 @@ struct ieee80211_mu_group_data {
  * @allow_p2p_go_ps: indication for AP or P2P GO interface, whether it's allowed
  *	to use P2P PS mechanism or not. AP/P2P GO is not allowed to use P2P PS
  *	if it has associated clients without P2P PS support.
+ * @max_idle_period: the time period during which the station can refrain from
+ *	transmitting frames to its associated AP without being disassociated.
+ *	In units of 1000 TUs. Zero value indicates that the AP did not include
+ *	a (valid) BSS Max Idle Period Element.
+ * @protected_keep_alive: if set, indicates that the station should send an RSN
+ *	protected frame to the AP to reset the idle timer at the AP for the
+ *	station.
  */
 struct ieee80211_bss_conf {
 	const u8 *bssid;
@@ -573,6 +583,8 @@ struct ieee80211_bss_conf {
 	enum nl80211_tx_power_setting txpower_type;
 	struct ieee80211_p2p_noa_attr p2p_noa_attr;
 	bool allow_p2p_go_ps;
+	u16 max_idle_period;
+	bool protected_keep_alive;
 };
 
 /**
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index cf6d5abb65a3..476570175a12 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -1477,6 +1477,7 @@ struct ieee802_11_elems {
 	const u8 *opmode_notif;
 	const struct ieee80211_sec_chan_offs_ie *sec_chan_offs;
 	const struct ieee80211_mesh_chansw_params_ie *mesh_chansw_params_ie;
+	const struct ieee80211_bss_max_idle_period_ie *max_idle_period_ie;
 
 	/* length of them, respectively */
 	u8 ext_capab_len;
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 24d69bcf71ad..93ecbd84d4fc 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -6,7 +6,7 @@
  * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
  * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
  * Copyright 2013-2014  Intel Mobile Communications GmbH
- * Copyright (C) 2015 - 2016 Intel Deutschland GmbH
+ * Copyright (C) 2015 - 2017 Intel Deutschland GmbH
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -3088,6 +3088,18 @@ static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata,
 	}
 	changed |= BSS_CHANGED_QOS;
 
+	if (elems.max_idle_period_ie) {
+		bss_conf->max_idle_period =
+			le16_to_cpu(elems.max_idle_period_ie->max_idle_period);
+		bss_conf->protected_keep_alive =
+			!!(elems.max_idle_period_ie->idle_options &
+			   WLAN_IDLE_OPTIONS_PROTECTED_KEEP_ALIVE);
+		changed |= BSS_CHANGED_KEEP_ALIVE;
+	} else {
+		bss_conf->max_idle_period = 0;
+		bss_conf->protected_keep_alive = false;
+	}
+
 	/* set AID and assoc capability,
 	 * ieee80211_set_associated() will tell the driver */
 	bss_conf->aid = aid;
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 7a37ce78bb38..1b8e54444c36 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -828,6 +828,7 @@ u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,
 		case WLAN_EID_EXT_CAPABILITY:
 		case WLAN_EID_CHAN_SWITCH_TIMING:
 		case WLAN_EID_LINK_ID:
+		case WLAN_EID_BSS_MAX_IDLE_PERIOD:
 		/*
 		 * not listing WLAN_EID_CHANNEL_SWITCH_WRAPPER -- it seems possible
 		 * that if the content gets bigger it might be needed more than once
@@ -1089,6 +1090,10 @@ u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,
 			else
 				elem_parse_failed = true;
 			break;
+		case WLAN_EID_BSS_MAX_IDLE_PERIOD:
+			if (elen >= sizeof(*elems->max_idle_period_ie))
+				elems->max_idle_period_ie = (void *)pos;
+			break;
 		default:
 			break;
 		}
@@ -1983,6 +1988,10 @@ int ieee80211_reconfig(struct ieee80211_local *local)
 			if (sdata->u.mgd.have_beacon)
 				changed |= BSS_CHANGED_BEACON_INFO;
 
+			if (sdata->vif.bss_conf.max_idle_period ||
+			    sdata->vif.bss_conf.protected_keep_alive)
+				changed |= BSS_CHANGED_KEEP_ALIVE;
+
 			sdata_lock(sdata);
 			ieee80211_bss_info_change_notify(sdata, changed);
 			sdata_unlock(sdata);
-- 
2.11.0

[PATCH 3/9] ieee80211: add FT-802.1X AKM suite selector

[Luca Coelho]

From: Luca Coelho <luciano.coelho@intel.com>

Add the definition for FT-8021.1X AKM selector as defined in
IEEE Std 802.11-2016, table 9-133.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 include/linux/ieee80211.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index c916ba4a22d4..13f23036dc05 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -2384,6 +2384,7 @@ enum ieee80211_sa_query_action {
 /* AKM suite selectors */
 #define WLAN_AKM_SUITE_8021X			SUITE(0x000FAC, 1)
 #define WLAN_AKM_SUITE_PSK			SUITE(0x000FAC, 2)
+#define WLAN_AKM_SUITE_FT_8021X			SUITE(0x000FAC, 3)
 #define WLAN_AKM_SUITE_FT_PSK			SUITE(0x000FAC, 4)
 #define WLAN_AKM_SUITE_8021X_SHA256		SUITE(0x000FAC, 5)
 #define WLAN_AKM_SUITE_PSK_SHA256		SUITE(0x000FAC, 6)
-- 
2.11.0

[PATCH 4/9] cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()

[Luca Coelho]

From: Avraham Stern <avraham.stern@intel.com>

cfg80211_roamed() and cfg80211_roamed_bss() take the same arguments
except that cfg80211_roamed() requires the BSSID and
cfg80211_roamed_bss() requires the bss entry.

Unify the two functions by using a struct for driver initiated
roaming information so that either the BSSID or the bss entry can be
passed as an argument to the unified function.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
[modified the ath6k, brcm80211, rndis and wlan-ng drivers accordingly]
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 drivers/net/wireless/ath/ath6kl/cfg80211.c         | 10 ++-
 .../broadcom/brcm80211/brcmfmac/cfg80211.c         | 13 +++-
 drivers/net/wireless/rndis_wlan.c                  | 19 +++--
 drivers/staging/wlan-ng/cfg80211.c                 |  7 +-
 include/net/cfg80211.h                             | 58 +++++++-------
 net/wireless/core.h                                | 12 +--
 net/wireless/nl80211.c                             | 18 +++--
 net/wireless/nl80211.h                             |  5 +-
 net/wireless/sme.c                                 | 90 +++++++++-------------
 net/wireless/util.c                                |  4 +-
 10 files changed, 115 insertions(+), 121 deletions(-)

diff --git a/drivers/net/wireless/ath/ath6kl/cfg80211.c b/drivers/net/wireless/ath/ath6kl/cfg80211.c
index 0c118b7c362c..e1567a530274 100644
--- a/drivers/net/wireless/ath/ath6kl/cfg80211.c
+++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c
@@ -806,9 +806,15 @@ void ath6kl_cfg80211_connect_event(struct ath6kl_vif *vif, u16 channel,
 					WLAN_STATUS_SUCCESS, GFP_KERNEL);
 		cfg80211_put_bss(ar->wiphy, bss);
 	} else if (vif->sme_state == SME_CONNECTED) {
+		struct cfg80211_roam_info roam_info = {
+			.bss = bss,
+			.req_ie = assoc_req_ie,
+			.req_ie_len = assoc_req_len,
+			.resp_ie = assoc_resp_ie,
+			.resp_ie_len = assoc_resp_len,
+		};
 		/* inform roam event to cfg80211 */
-		cfg80211_roamed_bss(vif->ndev, bss, assoc_req_ie, assoc_req_len,
-				    assoc_resp_ie, assoc_resp_len, GFP_KERNEL);
+		cfg80211_roamed(vif->ndev, &roam_info, GFP_KERNEL);
 	}
 }
 
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 8c7f1ef288c6..a36bccbb40e5 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -5359,6 +5359,7 @@ brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
 	struct ieee80211_supported_band *band;
 	struct brcmf_bss_info_le *bi;
 	struct brcmu_chan ch;
+	struct cfg80211_roam_info roam_info = {};
 	u32 freq;
 	s32 err = 0;
 	u8 *buf;
@@ -5397,9 +5398,15 @@ brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
 
 done:
 	kfree(buf);
-	cfg80211_roamed(ndev, notify_channel, (u8 *)profile->bssid,
-			conn_info->req_ie, conn_info->req_ie_len,
-			conn_info->resp_ie, conn_info->resp_ie_len, GFP_KERNEL);
+
+	roam_info.channel = notify_channel;
+	roam_info.bssid = (u8*)profile->bssid;
+	roam_info.req_ie = conn_info->req_ie;
+	roam_info.req_ie_len = conn_info->req_ie_len;
+	roam_info.resp_ie = conn_info->resp_ie;
+	roam_info.resp_ie_len = conn_info->resp_ie_len;
+
+	cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
 	brcmf_dbg(CONN, "Report roaming result\n");
 
 	set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index eb513628d801..37ae24cbf00e 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -2830,15 +2830,22 @@ static void rndis_wlan_do_link_up_work(struct usbnet *usbdev)
 	}
 
 	if (priv->infra_mode == NDIS_80211_INFRA_INFRA) {
-		if (!roamed)
+		if (!roamed) {
 			cfg80211_connect_result(usbdev->net, bssid, req_ie,
 						req_ie_len, resp_ie,
 						resp_ie_len, 0, GFP_KERNEL);
-		else
-			cfg80211_roamed(usbdev->net,
-					get_current_channel(usbdev, NULL),
-					bssid, req_ie, req_ie_len,
-					resp_ie, resp_ie_len, GFP_KERNEL);
+		} else {
+			struct cfg80211_roam_info roam_info = {
+				.channel = get_current_channel(usbdev, NULL),
+				.bssid = bssid,
+				.req_ie = req_ie,
+				.req_ie_len = req_ie_len,
+				.resp_ie = resp_ie,
+				.resp_ie_len = resp_ie_len,
+			};
+
+			cfg80211_roamed(usbdev->net, &roam_info, GFP_KERNEL);
+		}
 	} else if (priv->infra_mode == NDIS_80211_INFRA_ADHOC)
 		cfg80211_ibss_joined(usbdev->net, bssid,
 				     get_current_channel(usbdev, NULL),
diff --git a/drivers/staging/wlan-ng/cfg80211.c b/drivers/staging/wlan-ng/cfg80211.c
index cbb3388a9756..178f6f5d4613 100644
--- a/drivers/staging/wlan-ng/cfg80211.c
+++ b/drivers/staging/wlan-ng/cfg80211.c
@@ -666,8 +666,11 @@ void prism2_disconnected(struct wlandevice *wlandev)
 
 void prism2_roamed(struct wlandevice *wlandev)
 {
-	cfg80211_roamed(wlandev->netdev, NULL, wlandev->bssid,
-			NULL, 0, NULL, 0, GFP_KERNEL);
+	struct cfg80211_roam_info roam_info = {
+		.bssid = wlandev->bssid,
+	};
+
+	cfg80211_roamed(wlandev->netdev, &roam_info, GFP_KERNEL);
 }
 
 /* Structures for declaring wiphy interface */
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 2a200b964b7a..115f6fc5a34d 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -2678,8 +2678,7 @@ struct cfg80211_nan_func {
  *	indication of requesting reassociation.
  *	In both the driver-initiated and new connect() call initiated roaming
  *	cases, the result of roaming is indicated with a call to
- *	cfg80211_roamed() or cfg80211_roamed_bss().
- *	(invoked with the wireless_dev mutex held)
+ *	cfg80211_roamed(). (invoked with the wireless_dev mutex held)
  * @update_connect_params: Update the connect parameters while connected to a
  *	BSS. The updated parameters can be used by driver/firmware for
  *	subsequent BSS selection (roaming) decisions and to form the
@@ -5376,51 +5375,46 @@ cfg80211_connect_timeout(struct net_device *dev, const u8 *bssid,
 }
 
 /**
- * cfg80211_roamed - notify cfg80211 of roaming
+ * struct cfg80211_roam_info - driver initiated roaming information
  *
- * @dev: network device
  * @channel: the channel of the new AP
- * @bssid: the BSSID of the new AP
+ * @bss: entry of bss to which STA got roamed (may be %NULL if %bssid is set)
+ * @bssid: the BSSID of the new AP (may be %NULL if %bss is set)
  * @req_ie: association request IEs (maybe be %NULL)
  * @req_ie_len: association request IEs length
  * @resp_ie: association response IEs (may be %NULL)
  * @resp_ie_len: assoc response IEs length
- * @gfp: allocation flags
- *
- * It should be called by the underlying driver whenever it roamed
- * from one AP to another while connected.
  */
-void cfg80211_roamed(struct net_device *dev,
-		     struct ieee80211_channel *channel,
-		     const u8 *bssid,
-		     const u8 *req_ie, size_t req_ie_len,
-		     const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp);
+struct cfg80211_roam_info {
+	struct ieee80211_channel *channel;
+	struct cfg80211_bss *bss;
+	const u8 *bssid;
+	const u8 *req_ie;
+	size_t req_ie_len;
+	const u8 *resp_ie;
+	size_t resp_ie_len;
+};
 
 /**
- * cfg80211_roamed_bss - notify cfg80211 of roaming
+ * cfg80211_roamed - notify cfg80211 of roaming
  *
  * @dev: network device
- * @bss: entry of bss to which STA got roamed
- * @req_ie: association request IEs (maybe be %NULL)
- * @req_ie_len: association request IEs length
- * @resp_ie: association response IEs (may be %NULL)
- * @resp_ie_len: assoc response IEs length
+ * @info: information about the new BSS. struct &cfg80211_roam_info.
  * @gfp: allocation flags
  *
- * This is just a wrapper to notify cfg80211 of roaming event with driver
- * passing bss to avoid a race in timeout of the bss entry. It should be
- * called by the underlying driver whenever it roamed from one AP to another
- * while connected. Drivers which have roaming implemented in firmware
- * may use this function to avoid a race in bss entry timeout where the bss
- * entry of the new AP is seen in the driver, but gets timed out by the time
- * it is accessed in __cfg80211_roamed() due to delay in scheduling
+ * This function may be called with the driver passing either the BSSID of the
+ * new AP or passing the bss entry to avoid a race in timeout of the bss entry.
+ * It should be called by the underlying driver whenever it roamed from one AP
+ * to another while connected. Drivers which have roaming implemented in
+ * firmware should pass the bss entry to avoid a race in bss entry timeout where
+ * the bss entry of the new AP is seen in the driver, but gets timed out by the
+ * time it is accessed in __cfg80211_roamed() due to delay in scheduling
  * rdev->event_work. In case of any failures, the reference is released
- * either in cfg80211_roamed_bss() or in __cfg80211_romed(), Otherwise,
- * it will be released while diconneting from the current bss.
+ * either in cfg80211_roamed() or in __cfg80211_romed(), Otherwise, it will be
+ * released while diconneting from the current bss.
  */
-void cfg80211_roamed_bss(struct net_device *dev, struct cfg80211_bss *bss,
-			 const u8 *req_ie, size_t req_ie_len,
-			 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp);
+void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info,
+		     gfp_t gfp);
 
 /**
  * cfg80211_disconnected - notify cfg80211 that connection was dropped
diff --git a/net/wireless/core.h b/net/wireless/core.h
index 5d27eca57d3b..5366aed49e5c 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -227,13 +227,7 @@ struct cfg80211_event {
 
 	union {
 		struct cfg80211_connect_resp_params cr;
-		struct {
-			const u8 *req_ie;
-			const u8 *resp_ie;
-			size_t req_ie_len;
-			size_t resp_ie_len;
-			struct cfg80211_bss *bss;
-		} rm;
+		struct cfg80211_roam_info rm;
 		struct {
 			const u8 *ie;
 			size_t ie_len;
@@ -398,9 +392,7 @@ int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
 			struct net_device *dev, u16 reason,
 			bool wextev);
 void __cfg80211_roamed(struct wireless_dev *wdev,
-		       struct cfg80211_bss *bss,
-		       const u8 *req_ie, size_t req_ie_len,
-		       const u8 *resp_ie, size_t resp_ie_len);
+		       struct cfg80211_roam_info *info);
 int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev,
 			      struct wireless_dev *wdev);
 void cfg80211_autodisconnect_wk(struct work_struct *work);
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 50c35affccad..ab9036e2d622 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -13596,14 +13596,14 @@ void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
 }
 
 void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
-			 struct net_device *netdev, const u8 *bssid,
-			 const u8 *req_ie, size_t req_ie_len,
-			 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
+			 struct net_device *netdev,
+			 struct cfg80211_roam_info *info, gfp_t gfp)
 {
 	struct sk_buff *msg;
 	void *hdr;
+	const u8 *bssid = info->bss ? info->bss->bssid : info->bssid;
 
-	msg = nlmsg_new(100 + req_ie_len + resp_ie_len, gfp);
+	msg = nlmsg_new(100 + info->req_ie_len + info->resp_ie_len, gfp);
 	if (!msg)
 		return;
 
@@ -13616,10 +13616,12 @@ void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
 	if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
 	    nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
 	    nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid) ||
-	    (req_ie &&
-	     nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
-	    (resp_ie &&
-	     nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
+	    (info->req_ie &&
+	     nla_put(msg, NL80211_ATTR_REQ_IE, info->req_ie_len,
+		     info->req_ie)) ||
+	    (info->resp_ie &&
+	     nla_put(msg, NL80211_ATTR_RESP_IE, info->resp_ie_len,
+		     info->resp_ie)))
 		goto nla_put_failure;
 
 	genlmsg_end(msg, hdr);
diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h
index d5f6860e62ab..b96933322077 100644
--- a/net/wireless/nl80211.h
+++ b/net/wireless/nl80211.h
@@ -56,9 +56,8 @@ void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
 				 struct cfg80211_connect_resp_params *params,
 				 gfp_t gfp);
 void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
-			 struct net_device *netdev, const u8 *bssid,
-			 const u8 *req_ie, size_t req_ie_len,
-			 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp);
+			 struct net_device *netdev,
+			 struct cfg80211_roam_info *info, gfp_t gfp);
 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
 			       struct net_device *netdev, u16 reason,
 			       const u8 *ie, size_t ie_len, bool from_ap);
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 6459bb7c21f7..532a0007ce82 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -5,6 +5,7 @@
  *
  * Copyright 2009	Johannes Berg <johannes@sipsolutions.net>
  * Copyright (C) 2009   Intel Corporation. All rights reserved.
+ * Copyright 2017	Intel Deutschland GmbH
  */
 
 #include <linux/etherdevice.h>
@@ -870,9 +871,7 @@ EXPORT_SYMBOL(cfg80211_connect_done);
 
 /* Consumes bss object one way or another */
 void __cfg80211_roamed(struct wireless_dev *wdev,
-		       struct cfg80211_bss *bss,
-		       const u8 *req_ie, size_t req_ie_len,
-		       const u8 *resp_ie, size_t resp_ie_len)
+		       struct cfg80211_roam_info *info)
 {
 #ifdef CONFIG_CFG80211_WEXT
 	union iwreq_data wrqu;
@@ -890,97 +889,84 @@ void __cfg80211_roamed(struct wireless_dev *wdev,
 	cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub);
 	wdev->current_bss = NULL;
 
-	cfg80211_hold_bss(bss_from_pub(bss));
-	wdev->current_bss = bss_from_pub(bss);
+	if (WARN_ON(!info->bss))
+		return;
+
+	cfg80211_hold_bss(bss_from_pub(info->bss));
+	wdev->current_bss = bss_from_pub(info->bss);
 
 	nl80211_send_roamed(wiphy_to_rdev(wdev->wiphy),
-			    wdev->netdev, bss->bssid,
-			    req_ie, req_ie_len, resp_ie, resp_ie_len,
-			    GFP_KERNEL);
+			    wdev->netdev, info, GFP_KERNEL);
 
 #ifdef CONFIG_CFG80211_WEXT
-	if (req_ie) {
+	if (info->req_ie) {
 		memset(&wrqu, 0, sizeof(wrqu));
-		wrqu.data.length = req_ie_len;
+		wrqu.data.length = info->req_ie_len;
 		wireless_send_event(wdev->netdev, IWEVASSOCREQIE,
-				    &wrqu, req_ie);
+				    &wrqu, info->req_ie);
 	}
 
-	if (resp_ie) {
+	if (info->resp_ie) {
 		memset(&wrqu, 0, sizeof(wrqu));
-		wrqu.data.length = resp_ie_len;
+		wrqu.data.length = info->resp_ie_len;
 		wireless_send_event(wdev->netdev, IWEVASSOCRESPIE,
-				    &wrqu, resp_ie);
+				    &wrqu, info->resp_ie);
 	}
 
 	memset(&wrqu, 0, sizeof(wrqu));
 	wrqu.ap_addr.sa_family = ARPHRD_ETHER;
-	memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
-	memcpy(wdev->wext.prev_bssid, bss->bssid, ETH_ALEN);
+	memcpy(wrqu.ap_addr.sa_data, info->bss->bssid, ETH_ALEN);
+	memcpy(wdev->wext.prev_bssid, info->bss->bssid, ETH_ALEN);
 	wdev->wext.prev_bssid_valid = true;
 	wireless_send_event(wdev->netdev, SIOCGIWAP, &wrqu, NULL);
 #endif
 
 	return;
 out:
-	cfg80211_put_bss(wdev->wiphy, bss);
-}
-
-void cfg80211_roamed(struct net_device *dev,
-		     struct ieee80211_channel *channel,
-		     const u8 *bssid,
-		     const u8 *req_ie, size_t req_ie_len,
-		     const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
-{
-	struct wireless_dev *wdev = dev->ieee80211_ptr;
-	struct cfg80211_bss *bss;
-
-	bss = cfg80211_get_bss(wdev->wiphy, channel, bssid, wdev->ssid,
-			       wdev->ssid_len,
-			       wdev->conn_bss_type, IEEE80211_PRIVACY_ANY);
-	if (WARN_ON(!bss))
-		return;
-
-	cfg80211_roamed_bss(dev, bss, req_ie, req_ie_len, resp_ie,
-			    resp_ie_len, gfp);
+	cfg80211_put_bss(wdev->wiphy, info->bss);
 }
-EXPORT_SYMBOL(cfg80211_roamed);
 
-/* Consumes bss object one way or another */
-void cfg80211_roamed_bss(struct net_device *dev,
-			 struct cfg80211_bss *bss, const u8 *req_ie,
-			 size_t req_ie_len, const u8 *resp_ie,
-			 size_t resp_ie_len, gfp_t gfp)
+/* Consumes info->bss object one way or another */
+void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info,
+		     gfp_t gfp)
 {
 	struct wireless_dev *wdev = dev->ieee80211_ptr;
 	struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
 	struct cfg80211_event *ev;
 	unsigned long flags;
 
-	if (WARN_ON(!bss))
+	if (!info->bss) {
+		info->bss = cfg80211_get_bss(wdev->wiphy, info->channel,
+					     info->bssid, wdev->ssid,
+					     wdev->ssid_len,
+					     wdev->conn_bss_type,
+					     IEEE80211_PRIVACY_ANY);
+	}
+
+	if (WARN_ON(!info->bss))
 		return;
 
-	ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
+	ev = kzalloc(sizeof(*ev) + info->req_ie_len + info->resp_ie_len, gfp);
 	if (!ev) {
-		cfg80211_put_bss(wdev->wiphy, bss);
+		cfg80211_put_bss(wdev->wiphy, info->bss);
 		return;
 	}
 
 	ev->type = EVENT_ROAMED;
 	ev->rm.req_ie = ((u8 *)ev) + sizeof(*ev);
-	ev->rm.req_ie_len = req_ie_len;
-	memcpy((void *)ev->rm.req_ie, req_ie, req_ie_len);
-	ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
-	ev->rm.resp_ie_len = resp_ie_len;
-	memcpy((void *)ev->rm.resp_ie, resp_ie, resp_ie_len);
-	ev->rm.bss = bss;
+	ev->rm.req_ie_len = info->req_ie_len;
+	memcpy((void *)ev->rm.req_ie, info->req_ie, info->req_ie_len);
+	ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + info->req_ie_len;
+	ev->rm.resp_ie_len = info->resp_ie_len;
+	memcpy((void *)ev->rm.resp_ie, info->resp_ie, info->resp_ie_len);
+	ev->rm.bss = info->bss;
 
 	spin_lock_irqsave(&wdev->event_lock, flags);
 	list_add_tail(&ev->list, &wdev->event_list);
 	spin_unlock_irqrestore(&wdev->event_lock, flags);
 	queue_work(cfg80211_wq, &rdev->event_work);
 }
-EXPORT_SYMBOL(cfg80211_roamed_bss);
+EXPORT_SYMBOL(cfg80211_roamed);
 
 void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
 			     size_t ie_len, u16 reason, bool from_ap)
diff --git a/net/wireless/util.c b/net/wireless/util.c
index a46bc42d0910..7198373e2920 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -946,9 +946,7 @@ void cfg80211_process_wdev_events(struct wireless_dev *wdev)
 				ev->cr.status == WLAN_STATUS_SUCCESS);
 			break;
 		case EVENT_ROAMED:
-			__cfg80211_roamed(wdev, ev->rm.bss, ev->rm.req_ie,
-					  ev->rm.req_ie_len, ev->rm.resp_ie,
-					  ev->rm.resp_ie_len);
+			__cfg80211_roamed(wdev, &ev->rm);
 			break;
 		case EVENT_DISCONNECTED:
 			__cfg80211_disconnected(wdev->netdev,
-- 
2.11.0

[PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Luca Coelho]

From: Avraham Stern <avraham.stern@intel.com>

Drivers that initiate roaming while being connected to a network that
uses 802.1X authentication need to inform user space if 802.1X
authentication is further required after roaming.
For example, when using the Fast transition protocol, roaming within
the mobility domain does not require new 802.1X authentication, but
roaming to another mobility domain does.
In addition, some drivers may not support 802.1X authentication
(so it has to be done in user space), while other drivers do.

Add a flag to the roaming notification to indicate if user space is
required to do 802.1X authentication after the roaming or not.
This flag will only be used for networks that use 802.1X
authentication. For networks that do not use 802.1X authentication it
is assumed that no further action is required from user space after
the roaming notification.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 include/net/cfg80211.h       |  4 ++++
 include/uapi/linux/nl80211.h | 14 ++++++++++++++
 net/wireless/nl80211.c       |  4 +++-
 net/wireless/sme.c           |  1 +
 4 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 115f6fc5a34d..f9f4fde2dc09 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -5384,6 +5384,9 @@ cfg80211_connect_timeout(struct net_device *dev, const u8 *bssid,
  * @req_ie_len: association request IEs length
  * @resp_ie: association response IEs (may be %NULL)
  * @resp_ie_len: assoc response IEs length
+ * @authorized: true if the 802.1X authentication was done by the driver or is
+ *	not needed (e.g., when Fast Transition protocol was used), false
+ *	otherwise. Ignored for networks that don't use 802.1X authentication.
  */
 struct cfg80211_roam_info {
 	struct ieee80211_channel *channel;
@@ -5393,6 +5396,7 @@ struct cfg80211_roam_info {
 	size_t req_ie_len;
 	const u8 *resp_ie;
 	size_t resp_ie_len;
+	bool authorized;
 };
 
 /**
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index 6095a6c4c412..7bdbce7c4147 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -546,6 +546,12 @@
  *	well to remain backwards compatible.
  * @NL80211_CMD_ROAM: request that the card roam (currently not implemented),
  *	sent as an event when the card/driver roamed by itself.
+ *	When used as an event, and the driver roamed in a network that requires
+ *	802.1X authentication, %NL80211_ATTR_CONNECTION_AUTHORIZED should be set
+ *	if the 802.1X authentication was done by the driver or if roaming was
+ *	done using Fast Transition protocol (in which case 802.1X authentication
+ *	is not needed). If %NL80211_ATTR_CONNECTION_AUTHORIZED is not set,
+ *	user space is responsible for the 802.1X authentication.
  * @NL80211_CMD_DISCONNECT: drop a given connection; also used to notify
  *	userspace that a connection was dropped by the AP or due to other
  *	reasons, for this the %NL80211_ATTR_DISCONNECTED_BY_AP and
@@ -2081,6 +2087,12 @@ enum nl80211_commands {
  * @NL80211_ATTR_PMK: PMK for the PMKSA identified by %NL80211_ATTR_PMKID.
  *	This is used with @NL80211_CMD_SET_PMKSA.
  *
+ * @NL80211_ATTR_CONNECTION_AUTHORIZED: A flag attribute used with
+ *	%NL80211_CMD_ROAM to indicate that 802.1X authentication was done by the
+ *	driver or is not needed (because roaming used the Fast Transition
+ *	protocol). Only valid for roaming in networks that require 802.1X
+ *	authentication.
+ *
  * @NUM_NL80211_ATTR: total number of nl80211_attrs available
  * @NL80211_ATTR_MAX: highest attribute number currently defined
  * @__NL80211_ATTR_AFTER_LAST: internal use
@@ -2500,6 +2512,8 @@ enum nl80211_attrs {
 
 	NL80211_ATTR_PMK,
 
+	NL80211_ATTR_CONNECTION_AUTHORIZED,
+
 	/* add attributes here, update the policy in nl80211.c */
 
 	__NL80211_ATTR_AFTER_LAST,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index ab9036e2d622..f3bf20584222 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -13621,7 +13621,9 @@ void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
 		     info->req_ie)) ||
 	    (info->resp_ie &&
 	     nla_put(msg, NL80211_ATTR_RESP_IE, info->resp_ie_len,
-		     info->resp_ie)))
+		     info->resp_ie)) ||
+	    (info->authorized &&
+	     nla_put_flag(msg, NL80211_ATTR_CONNECTION_AUTHORIZED)))
 		goto nla_put_failure;
 
 	genlmsg_end(msg, hdr);
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 532a0007ce82..0a49b88070d0 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -960,6 +960,7 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info,
 	ev->rm.resp_ie_len = info->resp_ie_len;
 	memcpy((void *)ev->rm.resp_ie, info->resp_ie, info->resp_ie_len);
 	ev->rm.bss = info->bss;
+	ev->rm.authorized = info->authorized;
 
 	spin_lock_irqsave(&wdev->event_lock, flags);
 	list_add_tail(&ev->list, &wdev->event_list);
-- 
2.11.0

[PATCH 6/9] mac80211: don't parse encrypted management frames in ieee80211_frame_acked

[Luca Coelho]

From: Emmanuel Grumbach <emmanuel.grumbach@intel.com>

ieee80211_frame_acked is called when a frame is acked by
the peer. In case this is a management frame, we check
if this an SMPS frame, in which case we can update our
antenna configuration.

When we parse the management frame we look at the category
in case it is an action frame. That byte sits after the IV
in case the frame was encrypted. This means that if the
frame was encrypted, we basically look at the IV instead
of looking at the category. It is then theorically
possible that we think that an SMPS action frame was acked
where really we had another frame that was encrypted.

Since the only management frame whose ack needs to be
tracked is the SMPS action frame, and that frame is not
a robust management frame, it will never be encrypted.
The easiest way to fix this problem is then to not look
at frames that were encrypted.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 net/mac80211/status.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/mac80211/status.c b/net/mac80211/status.c
index 83b8b11f24ea..fac191d6dcb7 100644
--- a/net/mac80211/status.c
+++ b/net/mac80211/status.c
@@ -200,6 +200,7 @@ static void ieee80211_frame_acked(struct sta_info *sta, struct sk_buff *skb)
 	}
 
 	if (ieee80211_is_action(mgmt->frame_control) &&
+	    !ieee80211_has_protected(mgmt->frame_control) &&
 	    mgmt->u.action.category == WLAN_CATEGORY_HT &&
 	    mgmt->u.action.u.ht_smps.action == WLAN_HT_ACTION_SMPS &&
 	    ieee80211_sdata_running(sdata)) {
-- 
2.11.0

[PATCH 7/9] ieee80211: fix kernel-doc parsing errors

[Luca Coelho]

From: Johannes Berg <johannes.berg@intel.com>

Some of the enum definitions are unnamed but there's still
an attempt at documenting them - that doesn't work. Name
them to make that work.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
 include/linux/ieee80211.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index 13f23036dc05..69033353d0d1 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -2177,37 +2177,37 @@ enum ieee80211_tdls_actioncode {
 #define WLAN_BSS_COEX_INFORMATION_REQUEST	BIT(0)
 
 /**
- * enum - mesh synchronization method identifier
+ * enum ieee80211_mesh_sync_method - mesh synchronization method identifier
  *
  * @IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET: the default synchronization method
  * @IEEE80211_SYNC_METHOD_VENDOR: a vendor specific synchronization method
  *	that will be specified in a vendor specific information element
  */
-enum {
+enum ieee80211_mesh_sync_method {
 	IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET = 1,
 	IEEE80211_SYNC_METHOD_VENDOR = 255,
 };
 
 /**
- * enum - mesh path selection protocol identifier
+ * enum ieee80211_mesh_path_protocol - mesh path selection protocol identifier
  *
  * @IEEE80211_PATH_PROTOCOL_HWMP: the default path selection protocol
  * @IEEE80211_PATH_PROTOCOL_VENDOR: a vendor specific protocol that will
  *	be specified in a vendor specific information element
  */
-enum {
+enum ieee80211_mesh_path_protocol {
 	IEEE80211_PATH_PROTOCOL_HWMP = 1,
 	IEEE80211_PATH_PROTOCOL_VENDOR = 255,
 };
 
 /**
- * enum - mesh path selection metric identifier
+ * enum ieee80211_mesh_path_metric - mesh path selection metric identifier
  *
  * @IEEE80211_PATH_METRIC_AIRTIME: the default path selection metric
  * @IEEE80211_PATH_METRIC_VENDOR: a vendor specific metric that will be
  *	specified in a vendor specific information element
  */
-enum {
+enum ieee80211_mesh_path_metric {
 	IEEE80211_PATH_METRIC_AIRTIME = 1,
 	IEEE80211_PATH_METRIC_VENDOR = 255,
 };
-- 
2.11.0

[PATCH 8/9] mac80211: disentangle iflist_mtx and chanctx_mtx

[Luca Coelho]

From: Johannes Berg <johannes.berg@intel.com>

At least on iwlwifi, sometimes lockdep complains that we can
lock
 chanctx_mtx -> mvm.mutex -> iflist_mtx
 (due to iterate_interfaces)
and
 iflist_mtx -> chanctx_mtx

Remove the latter dependency in mac80211 by using the RTNL
that we already hold in one case, and can relatively easily
achieve in the other case.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
 net/mac80211/cfg.c  | 6 +-----
 net/mac80211/main.c | 2 ++
 net/mac80211/util.c | 9 ++++++---
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index d041f78ecee6..bdcb82c2ab74 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -739,11 +739,8 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy,
 		return 0;
 
 	mutex_lock(&local->mtx);
-	mutex_lock(&local->iflist_mtx);
 	if (local->use_chanctx) {
-		sdata = rcu_dereference_protected(
-				local->monitor_sdata,
-				lockdep_is_held(&local->iflist_mtx));
+		sdata = rtnl_dereference(local->monitor_sdata);
 		if (sdata) {
 			ieee80211_vif_release_channel(sdata);
 			ret = ieee80211_vif_use_channel(sdata, chandef,
@@ -756,7 +753,6 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy,
 
 	if (ret == 0)
 		local->monitor_chandef = *chandef;
-	mutex_unlock(&local->iflist_mtx);
 	mutex_unlock(&local->mtx);
 
 	return ret;
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index ae408a96c407..8aa1f5b6a051 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -253,6 +253,7 @@ static void ieee80211_restart_work(struct work_struct *work)
 	WARN(test_bit(SCAN_HW_SCANNING, &local->scanning),
 	     "%s called with hardware scan in progress\n", __func__);
 
+	flush_work(&local->radar_detected_work);
 	rtnl_lock();
 	list_for_each_entry(sdata, &local->interfaces, list)
 		flush_delayed_work(&sdata->dec_tailroom_needed_wk);
@@ -1187,6 +1188,7 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
 	cancel_work_sync(&local->reconfig_filter);
 	cancel_work_sync(&local->tdls_chsw_work);
 	flush_work(&local->sched_scan_stopped_work);
+	flush_work(&local->radar_detected_work);
 
 	ieee80211_clear_tx_pending(local);
 	rate_control_deinitialize(local);
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 1b8e54444c36..27a27070a751 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -2800,8 +2800,10 @@ void ieee80211_dfs_cac_cancel(struct ieee80211_local *local)
 	struct ieee80211_sub_if_data *sdata;
 	struct cfg80211_chan_def chandef;
 
+	/* for interface list, to avoid linking iflist_mtx and chanctx_mtx */
+	ASSERT_RTNL();
+
 	mutex_lock(&local->mtx);
-	mutex_lock(&local->iflist_mtx);
 	list_for_each_entry(sdata, &local->interfaces, list) {
 		/* it might be waiting for the local->mtx, but then
 		 * by the time it gets it, sdata->wdev.cac_started
@@ -2818,7 +2820,6 @@ void ieee80211_dfs_cac_cancel(struct ieee80211_local *local)
 					   GFP_KERNEL);
 		}
 	}
-	mutex_unlock(&local->iflist_mtx);
 	mutex_unlock(&local->mtx);
 }
 
@@ -2840,7 +2841,9 @@ void ieee80211_dfs_radar_detected_work(struct work_struct *work)
 	}
 	mutex_unlock(&local->chanctx_mtx);
 
+	rtnl_lock();
 	ieee80211_dfs_cac_cancel(local);
+	rtnl_unlock();
 
 	if (num_chanctx > 1)
 		/* XXX: multi-channel is not supported yet */
@@ -2855,7 +2858,7 @@ void ieee80211_radar_detected(struct ieee80211_hw *hw)
 
 	trace_api_radar_detected(local);
 
-	ieee80211_queue_work(hw, &local->radar_detected_work);
+	schedule_work(&local->radar_detected_work);
 }
 EXPORT_SYMBOL(ieee80211_radar_detected);
 
-- 
2.11.0

[PATCH 9/9] mac80211: make multicast variable a bool in ieee80211_accept_frame()

[Luca Coelho]

From: Luca Coelho <luciano.coelho@intel.com>

The multicast variable in the ieee80211_accept_frame() function is
treated as a boolean, but defined as int.  Fix that.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
---
 net/mac80211/rx.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 0094f3c0af64..fe6a760aa1ee 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -3574,7 +3574,7 @@ static bool ieee80211_accept_frame(struct ieee80211_rx_data *rx)
 	struct ieee80211_hdr *hdr = (void *)skb->data;
 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 	u8 *bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type);
-	int multicast = is_multicast_ether_addr(hdr->addr1);
+	bool multicast = is_multicast_ether_addr(hdr->addr1);
 
 	switch (sdata->vif.type) {
 	case NL80211_IFTYPE_STATION:
-- 
2.11.0

Re: [PATCH 0/9] cfg80211/mac80211 patches from our internal tree 2017-04-26

[Johannes Berg]

> Avraham Stern (3):
>   mac80211: Add support for BSS max idle period element
>   cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()
>   cfg80211/nl80211: add authorized flag to roaming event

I'm going to let these get a bit more time on the list.

Arend, it'd be nice if you could take a look as well.

> Emmanuel Grumbach (1):
>   mac80211: don't parse encrypted management frames in
>     ieee80211_frame_acked
> 
> Johannes Berg (2):
>   ieee80211: fix kernel-doc parsing errors
>   mac80211: disentangle iflist_mtx and chanctx_mtx
> 
> Luca Coelho (3):
>   ieee80211: add SUITE_B AKM selectors
>   ieee80211: add FT-802.1X AKM suite selector
>   mac80211: make multicast variable a bool in
> ieee80211_accept_frame()

But these seem uncontroversial, so applied.

johannes

Re: [PATCH 0/9] cfg80211/mac80211 patches from our internal tree 2017-04-26

[Luca Coelho]

On Wed, 2017-04-26 at 10:08 +0200, Johannes Berg wrote:
> > Avraham Stern (3):
> >   mac80211: Add support for BSS max idle period element
> >   cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()
> >   cfg80211/nl80211: add authorized flag to roaming event
> 
> I'm going to let these get a bit more time on the list.
> 
> Arend, it'd be nice if you could take a look as well.

Yes, especially for the changes I made in the other drivers.  They look
kind of ugly, IMHO.

--
Luca.

Re: [PATCH 0/9] cfg80211/mac80211 patches from our internal tree 2017-04-26

[Johannes Berg]

On Wed, 2017-04-26 at 11:11 +0300, Luca Coelho wrote:
> On Wed, 2017-04-26 at 10:08 +0200, Johannes Berg wrote:
> > > Avraham Stern (3):
> > >   mac80211: Add support for BSS max idle period element
> > >   cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()
> > >   cfg80211/nl80211: add authorized flag to roaming event
> > 
> > I'm going to let these get a bit more time on the list.
> > 
> > Arend, it'd be nice if you could take a look as well.
> 
> Yes, especially for the changes I made in the other drivers.  They
> look kind of ugly, IMHO.

I actually think they're a structural improvement since then we don't
have to touch everything for any kind of extension, and don't get so
many arguments ...

In fact, I'll probably apply that patch before I send the last pull
request, so we have it in during the merge window.

johannes

Re: [PATCH 4/9] cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()

[Arend van Spriel]

On 4/26/2017 9:58 AM, Luca Coelho wrote:
> From: Avraham Stern <avraham.stern@intel.com>
> 
> cfg80211_roamed() and cfg80211_roamed_bss() take the same arguments
> except that cfg80211_roamed() requires the BSSID and
> cfg80211_roamed_bss() requires the bss entry.
> 
> Unify the two functions by using a struct for driver initiated
> roaming information so that either the BSSID or the bss entry can be
> passed as an argument to the unified function.
> 
> Signed-off-by: Avraham Stern <avraham.stern@intel.com>
> [modified the ath6k, brcm80211, rndis and wlan-ng drivers accordingly]
> Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
> ---
>   drivers/net/wireless/ath/ath6kl/cfg80211.c         | 10 ++-
>   .../broadcom/brcm80211/brcmfmac/cfg80211.c         | 13 +++-
>   drivers/net/wireless/rndis_wlan.c                  | 19 +++--
>   drivers/staging/wlan-ng/cfg80211.c                 |  7 +-
>   include/net/cfg80211.h                             | 58 +++++++-------
>   net/wireless/core.h                                | 12 +--
>   net/wireless/nl80211.c                             | 18 +++--
>   net/wireless/nl80211.h                             |  5 +-
>   net/wireless/sme.c                                 | 90 +++++++++-------------
>   net/wireless/util.c                                |  4 +-
>   10 files changed, 115 insertions(+), 121 deletions(-)
> 

[...]

> diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> index 8c7f1ef288c6..a36bccbb40e5 100644
> --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> @@ -5359,6 +5359,7 @@ brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
>   	struct ieee80211_supported_band *band;
>   	struct brcmf_bss_info_le *bi;
>   	struct brcmu_chan ch;
> +	struct cfg80211_roam_info roam_info = {};
>   	u32 freq;
>   	s32 err = 0;
>   	u8 *buf;
> @@ -5397,9 +5398,15 @@ brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
>   
>   done:
>   	kfree(buf);
> -	cfg80211_roamed(ndev, notify_channel, (u8 *)profile->bssid,
> -			conn_info->req_ie, conn_info->req_ie_len,
> -			conn_info->resp_ie, conn_info->resp_ie_len, GFP_KERNEL);
> +
> +	roam_info.channel = notify_channel;
> +	roam_info.bssid = (u8*)profile->bssid;

I know it was there before, but this cast seem useless.

Regards,
Arend

> +	roam_info.req_ie = conn_info->req_ie;
> +	roam_info.req_ie_len = conn_info->req_ie_len;
> +	roam_info.resp_ie = conn_info->resp_ie;
> +	roam_info.resp_ie_len = conn_info->resp_ie_len;
> +
> +	cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
>   	brcmf_dbg(CONN, "Report roaming result\n");

Re: [PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Arend van Spriel]

Almost overlooked this one. Thanks for the hint, Johannes.

On 4/26/2017 9:58 AM, Luca Coelho wrote:
> From: Avraham Stern <avraham.stern@intel.com>
> 
> Drivers that initiate roaming while being connected to a network that
> uses 802.1X authentication need to inform user space if 802.1X
> authentication is further required after roaming.
> For example, when using the Fast transition protocol, roaming within
> the mobility domain does not require new 802.1X authentication, but
> roaming to another mobility domain does.

Not sure about the terminology here. Is "mobility domain" the same as 
"ESS" which stands for extended service set as definced in 802.11 
standard. If so, I would prefer use of that term here.

> In addition, some drivers may not support 802.1X authentication
> (so it has to be done in user space), while other drivers do.
> 
> Add a flag to the roaming notification to indicate if user space is
> required to do 802.1X authentication after the roaming or not.
> This flag will only be used for networks that use 802.1X
> authentication. For networks that do not use 802.1X authentication it
> is assumed that no further action is required from user space after
> the roaming notification.
 >
> Signed-off-by: Avraham Stern <avraham.stern@intel.com>
> Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
> ---
>   include/net/cfg80211.h       |  4 ++++
>   include/uapi/linux/nl80211.h | 14 ++++++++++++++
>   net/wireless/nl80211.c       |  4 +++-
>   net/wireless/sme.c           |  1 +
>   4 files changed, 22 insertions(+), 1 deletion(-)
> 
> diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
> index 115f6fc5a34d..f9f4fde2dc09 100644
> --- a/include/net/cfg80211.h
> +++ b/include/net/cfg80211.h
> @@ -5384,6 +5384,9 @@ cfg80211_connect_timeout(struct net_device *dev, const u8 *bssid,
>    * @req_ie_len: association request IEs length
>    * @resp_ie: association response IEs (may be %NULL)
>    * @resp_ie_len: assoc response IEs length
> + * @authorized: true if the 802.1X authentication was done by the driver or is
> + *	not needed (e.g., when Fast Transition protocol was used), false
> + *	otherwise. Ignored for networks that don't use 802.1X authentication.

It is not ignored in this patch so it is expected user-space behavior 
you are describing, which is not really needed here in cfg80211 driver api.

>    */
>   struct cfg80211_roam_info {
>   	struct ieee80211_channel *channel;
> @@ -5393,6 +5396,7 @@ struct cfg80211_roam_info {
>   	size_t req_ie_len;
>   	const u8 *resp_ie;
>   	size_t resp_ie_len;
> +	bool authorized;
>   };
>   
>   /**
> diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
> index 6095a6c4c412..7bdbce7c4147 100644
> --- a/include/uapi/linux/nl80211.h
> +++ b/include/uapi/linux/nl80211.h
> @@ -546,6 +546,12 @@
>    *	well to remain backwards compatible.
>    * @NL80211_CMD_ROAM: request that the card roam (currently not implemented),

Do we want to keep this comment about the request scenario. Is it likely 
implemented soon/ever?

>    *	sent as an event when the card/driver roamed by itself.
> + *	When used as an event, and the driver roamed in a network that requires
> + *	802.1X authentication, %NL80211_ATTR_CONNECTION_AUTHORIZED should be set
> + *	if the 802.1X authentication was done by the driver or if roaming was
> + *	done using Fast Transition protocol (in which case 802.1X authentication
> + *	is not needed). If %NL80211_ATTR_CONNECTION_AUTHORIZED is not set,
> + *	user space is responsible for the 802.1X authentication.

Would you consider using NL80211_ATTR_PORT_AUTHORIZED instead referring 
to the 802.1X port entities.

Regards,
Arend

>    * @NL80211_CMD_DISCONNECT: drop a given connection; also used to notify
>    *	userspace that a connection was dropped by the AP or due to other
>    *	reasons, for this the %NL80211_ATTR_DISCONNECTED_BY_AP and
> @@ -2081,6 +2087,12 @@ enum nl80211_commands {
>    * @NL80211_ATTR_PMK: PMK for the PMKSA identified by %NL80211_ATTR_PMKID.
>    *	This is used with @NL80211_CMD_SET_PMKSA.
>    *
> + * @NL80211_ATTR_CONNECTION_AUTHORIZED: A flag attribute used with
> + *	%NL80211_CMD_ROAM to indicate that 802.1X authentication was done by the
> + *	driver or is not needed (because roaming used the Fast Transition
> + *	protocol). Only valid for roaming in networks that require 802.1X
> + *	authentication.
> + *

Re: [PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Arend Van Spriel]

+ Jouni

On 26-4-2017 12:05, Arend van Spriel wrote:
> Almost overlooked this one. Thanks for the hint, Johannes.
> 
> On 4/26/2017 9:58 AM, Luca Coelho wrote:
>> From: Avraham Stern <avraham.stern@intel.com>
>>
>> Drivers that initiate roaming while being connected to a network that
>> uses 802.1X authentication need to inform user space if 802.1X
>> authentication is further required after roaming.
>> For example, when using the Fast transition protocol, roaming within
>> the mobility domain does not require new 802.1X authentication, but
>> roaming to another mobility domain does.
> 
> Not sure about the terminology here. Is "mobility domain" the same as
> "ESS" which stands for extended service set as definced in 802.11
> standard. If so, I would prefer use of that term here.
> 
>> In addition, some drivers may not support 802.1X authentication
>> (so it has to be done in user space), while other drivers do.
>>
>> Add a flag to the roaming notification to indicate if user space is
>> required to do 802.1X authentication after the roaming or not.
>> This flag will only be used for networks that use 802.1X
>> authentication. For networks that do not use 802.1X authentication it
>> is assumed that no further action is required from user space after
>> the roaming notification.
>>
>> Signed-off-by: Avraham Stern <avraham.stern@intel.com>
>> Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
>> ---
>>   include/net/cfg80211.h       |  4 ++++
>>   include/uapi/linux/nl80211.h | 14 ++++++++++++++
>>   net/wireless/nl80211.c       |  4 +++-
>>   net/wireless/sme.c           |  1 +
>>   4 files changed, 22 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
>> index 115f6fc5a34d..f9f4fde2dc09 100644
>> --- a/include/net/cfg80211.h
>> +++ b/include/net/cfg80211.h
>> @@ -5384,6 +5384,9 @@ cfg80211_connect_timeout(struct net_device *dev,
>> const u8 *bssid,
>>    * @req_ie_len: association request IEs length
>>    * @resp_ie: association response IEs (may be %NULL)
>>    * @resp_ie_len: assoc response IEs length
>> + * @authorized: true if the 802.1X authentication was done by the
>> driver or is
>> + *    not needed (e.g., when Fast Transition protocol was used), false
>> + *    otherwise. Ignored for networks that don't use 802.1X
>> authentication.
> 
> It is not ignored in this patch so it is expected user-space behavior
> you are describing, which is not really needed here in cfg80211 driver api.
> 
>>    */
>>   struct cfg80211_roam_info {
>>       struct ieee80211_channel *channel;
>> @@ -5393,6 +5396,7 @@ struct cfg80211_roam_info {
>>       size_t req_ie_len;
>>       const u8 *resp_ie;
>>       size_t resp_ie_len;
>> +    bool authorized;
>>   };
>>     /**
>> diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
>> index 6095a6c4c412..7bdbce7c4147 100644
>> --- a/include/uapi/linux/nl80211.h
>> +++ b/include/uapi/linux/nl80211.h
>> @@ -546,6 +546,12 @@
>>    *    well to remain backwards compatible.
>>    * @NL80211_CMD_ROAM: request that the card roam (currently not
>> implemented),
> 
> Do we want to keep this comment about the request scenario. Is it likely
> implemented soon/ever?
> 
>>    *    sent as an event when the card/driver roamed by itself.
>> + *    When used as an event, and the driver roamed in a network that
>> requires
>> + *    802.1X authentication, %NL80211_ATTR_CONNECTION_AUTHORIZED
>> should be set
>> + *    if the 802.1X authentication was done by the driver or if
>> roaming was
>> + *    done using Fast Transition protocol (in which case 802.1X
>> authentication
>> + *    is not needed). If %NL80211_ATTR_CONNECTION_AUTHORIZED is not set,
>> + *    user space is responsible for the 802.1X authentication.
> 
> Would you consider using NL80211_ATTR_PORT_AUTHORIZED instead referring
> to the 802.1X port entities.

In wpa_supplicant the function mlme_event_connect() is used to process
NL80211_CMD_CONNECT and NL80211_CMD_ROAM events. The latter is actually
used for processing QCA vendor specific event, which passes a nlattr
called authorized to the function. It is typed as u8:

	if (authorized && nla_get_u8(authorized)) {
		event.assoc_info.authorized = 1;
		wpa_printf(MSG_DEBUG, "nl80211: connection authorized");
	}

Not really a good argument, but choosing the same type for the new
attribute would make supporting it relatively easy.

Regards,
Arend

Re: [PATCH 4/9] cfg80211: unify cfg80211_roamed() and cfg80211_roamed_bss()

[Johannes Berg]

Applied, with the cast removed as Arend spotted.

johannes

Re: [PATCH 2/9] mac80211: Add support for BSS max idle period element

[Johannes Berg]

On Wed, 2017-04-26 at 10:58 +0300, Luca Coelho wrote:
> From: Avraham Stern <avraham.stern@intel.com>
> 
> Parse the BSS max idle period element and set the BSS configuration
> accordingly so the driver can use this information to configure the
> max idle period and to use protected management frames for keep alive
> when required.

Also applied.

johannes

Re: [PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Johannes Berg]

On Wed, 2017-04-26 at 12:05 +0200, Arend van Spriel wrote:
> 
> > the mobility domain does not require new 802.1X authentication, but
> > roaming to another mobility domain does.
> 
> Not sure about the terminology here. Is "mobility domain" the same
> as  "ESS" which stands for extended service set as definced in
> 802.11  standard. If so, I would prefer use of that term here.

No. "Mobility domain" was defined in 802.11r, it's unrelated to ESS.

> > + * @authorized: true if the 802.1X authentication was done by the
> > driver or is
> > + *	not needed (e.g., when Fast Transition protocol was
> > used), false
> > + *	otherwise. Ignored for networks that don't use 802.1X
> > authentication.
> 
> It is not ignored in this patch so it is expected user-space
> behavior you are describing, which is not really needed here in
> cfg80211 driver api.

Still kinda makes sense though to give that hint to the driver authors,
don't you think? Though it should be pretty clear ...

> >    *	well to remain backwards compatible.
> >    * @NL80211_CMD_ROAM: request that the card roam (currently not
> > implemented),
> 
> Do we want to keep this comment about the request scenario. Is it
> likely implemented soon/ever?

Heh, good question. Probably not, but it's kinda an unrelated cleanup,
no?

> >    *	sent as an event when the card/driver roamed by itself.
> > + *	When used as an event, and the driver roamed in a
> > network that requires
> > + *	802.1X authentication,
> > %NL80211_ATTR_CONNECTION_AUTHORIZED should be set
> > + *	if the 802.1X authentication was done by the driver or
> > if roaming was
> > + *	done using Fast Transition protocol (in which case
> > 802.1X authentication
> > + *	is not needed). If %NL80211_ATTR_CONNECTION_AUTHORIZED
> > is not set,
> > + *	user space is responsible for the 802.1X authentication.
> 
> Would you consider using NL80211_ATTR_PORT_AUTHORIZED instead
> referring to the 802.1X port entities.

I guess that makes sense, yeah.

johannes

Re: [PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Arend van Spriel]

On 4/28/2017 11:02 PM, Johannes Berg wrote:
> On Wed, 2017-04-26 at 12:05 +0200, Arend van Spriel wrote:
>>
>>> the mobility domain does not require new 802.1X authentication, but
>>> roaming to another mobility domain does.
>>
>> Not sure about the terminology here. Is "mobility domain" the same
>> as  "ESS" which stands for extended service set as definced in
>> 802.11  standard. If so, I would prefer use of that term here.
> 
> No. "Mobility domain" was defined in 802.11r, it's unrelated to ESS.

Thanks for the reference. So a "Mobility domain" is a group of BSSes 
within the same ESS. Noted.

>>> + * @authorized: true if the 802.1X authentication was done by the
>>> driver or is
>>> + *	not needed (e.g., when Fast Transition protocol was
>>> used), false
>>> + *	otherwise. Ignored for networks that don't use 802.1X
>>> authentication.
>>
>> It is not ignored in this patch so it is expected user-space
>> behavior you are describing, which is not really needed here in
>> cfg80211 driver api.
> 
> Still kinda makes sense though to give that hint to the driver authors,
> don't you think? Though it should be pretty clear ...

I tend to look further than the cfg80211 API ;-) Agree that is good to 
have it within the scope of the cfg80211 driver API.

>>>     *	well to remain backwards compatible.
>>>     * @NL80211_CMD_ROAM: request that the card roam (currently not
>>> implemented),
>>
>> Do we want to keep this comment about the request scenario. Is it
>> likely implemented soon/ever?
> 
> Heh, good question. Probably not, but it's kinda an unrelated cleanup,
> no?

True. It just seems a good time to do it.

>>>     *	sent as an event when the card/driver roamed by itself.
>>> + *	When used as an event, and the driver roamed in a
>>> network that requires
>>> + *	802.1X authentication,
>>> %NL80211_ATTR_CONNECTION_AUTHORIZED should be set
>>> + *	if the 802.1X authentication was done by the driver or
>>> if roaming was
>>> + *	done using Fast Transition protocol (in which case
>>> 802.1X authentication
>>> + *	is not needed). If %NL80211_ATTR_CONNECTION_AUTHORIZED
>>> is not set,
>>> + *	user space is responsible for the 802.1X authentication.
>>
>> Would you consider using NL80211_ATTR_PORT_AUTHORIZED instead
>> referring to the 802.1X port entities.
> 
> I guess that makes sense, yeah.

So I will include this patch in my patchset for PSK/1X offloading taken 
above into account.

Regards,
Arend

Re: [PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Johannes Berg]

On Mon, 2017-05-01 at 11:40 +0200, Arend van Spriel wrote:
> 
> So I will include this patch in my patchset for PSK/1X offloading
> taken above into account.

Great, thanks!

johannes