* [PATCH 0/3] brcmfmac: connection and action frame change series
@ 2020-05-06 13:03 Wright Feng
2020-05-06 13:03 ` [PATCH 1/3] brcmfmac: set security after reiniting interface Wright Feng
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Wright Feng @ 2020-05-06 13:03 UTC (permalink / raw)
To: linux-wireless
Cc: wright.feng, brcm80211-dev-list, brcm80211-dev-list,
Arend van Spriel, Franky Lin, Hante Meuleman, Kalle Valo,
chi-hsien.lin
This series addresses encrypted connection and action frame issues
Jia-Shyr Chuang (1):
brcmfmac: set security after reiniting interface
Ryohei Kondo (1):
brcmfmac: use actframe_abort to cancel ongoing action frame
Soontak Lee (1):
brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv
in (GTK) keys
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 101 ++++++++++++++-------
.../net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 34 ++++++-
2 files changed, 101 insertions(+), 34 deletions(-)
--
2.1.0
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 1/3] brcmfmac: set security after reiniting interface
2020-05-06 13:03 [PATCH 0/3] brcmfmac: connection and action frame change series Wright Feng
@ 2020-05-06 13:03 ` Wright Feng
2020-05-12 8:51 ` Kalle Valo
2020-05-06 13:03 ` [PATCH 2/3] brcmfmac: use actframe_abort to cancel ongoing action frame Wright Feng
2020-05-06 13:03 ` [PATCH 3/3] brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys Wright Feng
2 siblings, 1 reply; 5+ messages in thread
From: Wright Feng @ 2020-05-06 13:03 UTC (permalink / raw)
To: linux-wireless
Cc: wright.feng, brcm80211-dev-list, brcm80211-dev-list,
Arend van Spriel, Franky Lin, Hante Meuleman, Kalle Valo,
chi-hsien.lin, Jia-Shyr Chuang
From: Jia-Shyr Chuang <joseph.chuang@cypress.com>
Host driver parses and sets security params into FW passed by
supplicant. This has to be done after reiniting interface in the
firmware.
Signed-off-by: Jia-Shyr Chuang <joseph.chuang@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
Signed-off-by: Wright Feng <wright.feng@cypress.com>
---
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 90 ++++++++++++++--------
1 file changed, 58 insertions(+), 32 deletions(-)
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index fa84647..4c86ed2 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -4599,6 +4599,48 @@ brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
}
static s32
+brcmf_parse_configure_security(struct brcmf_if *ifp,
+ struct cfg80211_ap_settings *settings,
+ enum nl80211_iftype dev_role)
+{
+ const struct brcmf_tlv *rsn_ie;
+ const struct brcmf_vs_tlv *wpa_ie;
+ s32 err = 0;
+
+ /* find the RSN_IE */
+ rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
+ settings->beacon.tail_len, WLAN_EID_RSN);
+
+ /* find the WPA_IE */
+ wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
+ settings->beacon.tail_len);
+
+ if (wpa_ie || rsn_ie) {
+ brcmf_dbg(TRACE, "WPA(2) IE is found\n");
+ if (wpa_ie) {
+ /* WPA IE */
+ err = brcmf_configure_wpaie(ifp, wpa_ie, false);
+ if (err < 0)
+ return err;
+ } else {
+ struct brcmf_vs_tlv *tmp_ie;
+
+ tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
+
+ /* RSN IE */
+ err = brcmf_configure_wpaie(ifp, tmp_ie, true);
+ if (err < 0)
+ return err;
+ }
+ } else {
+ brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
+ brcmf_configure_opensecurity(ifp);
+ }
+
+ return err;
+}
+
+static s32
brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
struct cfg80211_ap_settings *settings)
{
@@ -4610,8 +4652,6 @@ brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
const struct brcmf_tlv *country_ie;
struct brcmf_ssid_le ssid_le;
s32 err = -EPERM;
- const struct brcmf_tlv *rsn_ie;
- const struct brcmf_vs_tlv *wpa_ie;
struct brcmf_join_params join_params;
enum nl80211_iftype dev_role;
struct brcmf_fil_bss_enable_le bss_enable;
@@ -4665,36 +4705,6 @@ brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
brcmf_configure_arp_nd_offload(ifp, false);
}
- /* find the RSN_IE */
- rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
- settings->beacon.tail_len, WLAN_EID_RSN);
-
- /* find the WPA_IE */
- wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
- settings->beacon.tail_len);
-
- if ((wpa_ie != NULL || rsn_ie != NULL)) {
- brcmf_dbg(TRACE, "WPA(2) IE is found\n");
- if (wpa_ie != NULL) {
- /* WPA IE */
- err = brcmf_configure_wpaie(ifp, wpa_ie, false);
- if (err < 0)
- goto exit;
- } else {
- struct brcmf_vs_tlv *tmp_ie;
-
- tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
-
- /* RSN IE */
- err = brcmf_configure_wpaie(ifp, tmp_ie, true);
- if (err < 0)
- goto exit;
- }
- } else {
- brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
- brcmf_configure_opensecurity(ifp);
- }
-
/* Parameters shared by all radio interfaces */
if (!mbss) {
if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
@@ -4775,6 +4785,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
goto exit;
}
+
+ err = brcmf_parse_configure_security(ifp, settings,
+ NL80211_IFTYPE_AP);
+ if (err < 0) {
+ bphy_err(drvr, "brcmf_parse_configure_security error\n");
+ goto exit;
+ }
+
/* On DOWN the firmware removes the WEP keys, reconfigure
* them if they were set.
*/
@@ -4807,6 +4825,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
chanspec, err);
goto exit;
}
+
+ err = brcmf_parse_configure_security(ifp, settings,
+ NL80211_IFTYPE_P2P_GO);
+ if (err < 0) {
+ brcmf_err("brcmf_parse_configure_security error\n");
+ goto exit;
+ }
+
err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
sizeof(ssid_le));
if (err < 0) {
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/3] brcmfmac: use actframe_abort to cancel ongoing action frame
2020-05-06 13:03 [PATCH 0/3] brcmfmac: connection and action frame change series Wright Feng
2020-05-06 13:03 ` [PATCH 1/3] brcmfmac: set security after reiniting interface Wright Feng
@ 2020-05-06 13:03 ` Wright Feng
2020-05-06 13:03 ` [PATCH 3/3] brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys Wright Feng
2 siblings, 0 replies; 5+ messages in thread
From: Wright Feng @ 2020-05-06 13:03 UTC (permalink / raw)
To: linux-wireless
Cc: wright.feng, brcm80211-dev-list, brcm80211-dev-list,
Arend van Spriel, Franky Lin, Hante Meuleman, Kalle Valo,
chi-hsien.lin, Ryohei Kondo
From: Ryohei Kondo <ryohei.kondo@cypress.com>
The driver sends an action frame down and waits for dwell time to be
completed or aborted before sending out the next action frame.
Driver issues "scan abort" to cancel the current time slot, but this
doesn't have any effect because, we are not using scan engine for
sending action frame.
Fix is to use "actframe_abort" to cancels the current action frame.
Signed-off-by: Ryohei Kondo <ryohei.kondo@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
Signed-off-by: Wright Feng <wright.feng@cypress.com>
---
.../net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 34 ++++++++++++++++++++--
1 file changed, 32 insertions(+), 2 deletions(-)
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
index 1f5deea..7e43eea 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
@@ -1245,6 +1245,30 @@ bool brcmf_p2p_scan_finding_common_channel(struct brcmf_cfg80211_info *cfg,
}
/**
+ * brcmf_p2p_abort_action_frame() - abort action frame.
+ *
+ * @cfg: common configuration struct.
+ *
+ */
+static s32 brcmf_p2p_abort_action_frame(struct brcmf_cfg80211_info *cfg)
+{
+ struct brcmf_p2p_info *p2p = &cfg->p2p;
+ struct brcmf_cfg80211_vif *vif;
+ s32 err;
+ s32 int_val = 1;
+
+ brcmf_dbg(TRACE, "Enter\n");
+
+ vif = p2p->bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
+ err = brcmf_fil_bsscfg_data_set(vif->ifp, "actframe_abort", &int_val,
+ sizeof(s32));
+ if (err)
+ brcmf_err(" aborting action frame has failed (%d)\n", err);
+
+ return err;
+}
+
+/**
* brcmf_p2p_stop_wait_next_action_frame() - finish scan if af tx complete.
*
* @cfg: common configuration struct.
@@ -1255,6 +1279,7 @@ brcmf_p2p_stop_wait_next_action_frame(struct brcmf_cfg80211_info *cfg)
{
struct brcmf_p2p_info *p2p = &cfg->p2p;
struct brcmf_if *ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
+ s32 err;
if (test_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status) &&
(test_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status) ||
@@ -1263,8 +1288,13 @@ brcmf_p2p_stop_wait_next_action_frame(struct brcmf_cfg80211_info *cfg)
/* if channel is not zero, "actfame" uses off channel scan.
* So abort scan for off channel completion.
*/
- if (p2p->af_sent_channel)
- brcmf_notify_escan_complete(cfg, ifp, true, true);
+ if (p2p->af_sent_channel) {
+ /* abort actframe using actframe_abort or abort scan */
+ err = brcmf_p2p_abort_action_frame(cfg);
+ if (err)
+ brcmf_notify_escan_complete(cfg, ifp, true,
+ true);
+ }
} else if (test_bit(BRCMF_P2P_STATUS_WAITING_NEXT_AF_LISTEN,
&p2p->status)) {
brcmf_dbg(TRACE, "*** Wake UP ** abort listen for next af frame\n");
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/3] brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys
2020-05-06 13:03 [PATCH 0/3] brcmfmac: connection and action frame change series Wright Feng
2020-05-06 13:03 ` [PATCH 1/3] brcmfmac: set security after reiniting interface Wright Feng
2020-05-06 13:03 ` [PATCH 2/3] brcmfmac: use actframe_abort to cancel ongoing action frame Wright Feng
@ 2020-05-06 13:03 ` Wright Feng
2 siblings, 0 replies; 5+ messages in thread
From: Wright Feng @ 2020-05-06 13:03 UTC (permalink / raw)
To: linux-wireless
Cc: wright.feng, brcm80211-dev-list, brcm80211-dev-list,
Arend van Spriel, Franky Lin, Hante Meuleman, Kalle Valo,
chi-hsien.lin, Soontak Lee
From: Soontak Lee <soontak.lee@cypress.com>
When plumbing rxiv for (GTK) keys, current code does not use seq/seq_len
when present nor set iv_initialized for iovar wsec_key. This could
result in missing broadcast traffic after GTK rekey. The fix is setting
iv_initialized and using seq/seq_len for iovar wsec_key.
Signed-off-by: Soontak Lee <soontak.lee@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
Signed-off-by: Wright Feng <wright.feng@cypress.com>
---
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 4c86ed2..b20ccfd 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -2468,6 +2468,17 @@ brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
if (!ext_key)
key->flags = BRCMF_PRIMARY_KEY;
+ if (params->seq && params->seq_len == 6) {
+ /* rx iv */
+ u8 *ivptr;
+
+ ivptr = (u8 *)params->seq;
+ key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
+ (ivptr[3] << 8) | ivptr[2];
+ key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
+ key->iv_initialized = true;
+ }
+
switch (params->cipher) {
case WLAN_CIPHER_SUITE_WEP40:
key->algo = CRYPTO_ALGO_WEP1;
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 1/3] brcmfmac: set security after reiniting interface
2020-05-06 13:03 ` [PATCH 1/3] brcmfmac: set security after reiniting interface Wright Feng
@ 2020-05-12 8:51 ` Kalle Valo
0 siblings, 0 replies; 5+ messages in thread
From: Kalle Valo @ 2020-05-12 8:51 UTC (permalink / raw)
To: Wright Feng
Cc: linux-wireless, wright.feng, brcm80211-dev-list,
brcm80211-dev-list, Arend van Spriel, Franky Lin, Hante Meuleman,
chi-hsien.lin, Jia-Shyr Chuang
Wright Feng <wright.feng@cypress.com> wrote:
> From: Jia-Shyr Chuang <joseph.chuang@cypress.com>
>
> Host driver parses and sets security params into FW passed by
> supplicant. This has to be done after reiniting interface in the
> firmware.
>
> Signed-off-by: Jia-Shyr Chuang <joseph.chuang@cypress.com>
> Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
> Signed-off-by: Wright Feng <wright.feng@cypress.com>
3 patches applied to wireless-drivers-next.git, thanks.
b46f1546a708 brcmfmac: set security after reiniting interface
30fb1b272909 brcmfmac: use actframe_abort to cancel ongoing action frame
78db077db638 brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys
--
https://patchwork.kernel.org/patch/11531191/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-05-12 8:52 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-06 13:03 [PATCH 0/3] brcmfmac: connection and action frame change series Wright Feng
2020-05-06 13:03 ` [PATCH 1/3] brcmfmac: set security after reiniting interface Wright Feng
2020-05-12 8:51 ` Kalle Valo
2020-05-06 13:03 ` [PATCH 2/3] brcmfmac: use actframe_abort to cancel ongoing action frame Wright Feng
2020-05-06 13:03 ` [PATCH 3/3] brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys Wright Feng
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).