1 From: Rohan Dutta <drohan@codeaurora.org>
2 Date: Tue, 27 Oct 2020 12:09:10 +0200
3 Subject: [PATCH] cfg80211: Add support to configure SAE PWE value to drivers
5 Add support to configure SAE PWE preference from userspace to drivers in
6 both AP and STA modes. This is needed for cases where the driver takes
7 care of Authentication frame processing (SME in the driver) so that
8 correct enforcement of the acceptable PWE derivation mechanism can be
11 The userspace applications can pass the sae_pwe value using the
12 NL80211_ATTR_SAE_PWE attribute in the NL80211_CMD_CONNECT and
13 NL80211_CMD_START_AP commands to the driver. This allows selection
14 between the hunting-and-pecking loop and hash-to-element options for PWE
15 derivation. For backwards compatibility, this new attribute is optional
16 and if not included, the driver is notified of the value being
19 Signed-off-by: Rohan Dutta <drohan@codeaurora.org>
20 Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
21 Link: https://lore.kernel.org/r/20201027100910.22283-1-jouni@codeaurora.org
22 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
25 --- a/include/net/cfg80211.h
26 +++ b/include/net/cfg80211.h
27 @@ -1009,6 +1009,14 @@ struct survey_info {
28 * @sae_pwd: password for SAE authentication (for devices supporting SAE
30 * @sae_pwd_len: length of SAE password (for devices supporting SAE offload)
31 + * @sae_pwe: The mechanisms allowed for SAE PWE derivation
32 + * NL80211_SAE_PWE_UNSPECIFIED: Not-specified, used to indicate userspace
33 + * did not specify any preference. The driver should follow its
34 + * internal policy in such a scenario.
35 + * NL80211_SAE_PWE_HUNT_AND_PECK: Allow hunting-and-pecking loop only
36 + * NL80211_SAE_PWE_HASH_TO_ELEMENT: Allow hash-to-element only
37 + * NL80211_SAE_PWE_BOTH: Allow either hunting-and-pecking loop
38 + * or hash-to-element
40 struct cfg80211_crypto_settings {
42 @@ -1027,6 +1035,7 @@ struct cfg80211_crypto_settings {
46 + enum nl80211_sae_pwe_mechanism sae_pwe;
50 --- a/net/wireless/nl80211.c
51 +++ b/net/wireless/nl80211.c
52 @@ -736,6 +736,9 @@ static const struct nla_policy nl80211_p
53 NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN),
54 [NL80211_ATTR_S1G_CAPABILITY_MASK] =
55 NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN),
56 + [NL80211_ATTR_SAE_PWE] =
57 + NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK,
58 + NL80211_SAE_PWE_BOTH),
59 [NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
62 @@ -9764,6 +9767,12 @@ static int nl80211_crypto_settings(struc
63 nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
66 + if (info->attrs[NL80211_ATTR_SAE_PWE])
68 + nla_get_u8(info->attrs[NL80211_ATTR_SAE_PWE]);
70 + settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED;