mirror of
https://github.com/torvalds/linux.git
synced 2024-11-27 22:51:35 +00:00
cfg80211: Add Fast Initial Link Setup (FILS) auth algs
This defines authentication algorithms for FILS (IEEE 802.11ai). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
parent
3f817fe718
commit
631810603a
@ -1576,6 +1576,9 @@ struct ieee80211_vht_operation {
|
||||
#define WLAN_AUTH_SHARED_KEY 1
|
||||
#define WLAN_AUTH_FT 2
|
||||
#define WLAN_AUTH_SAE 3
|
||||
#define WLAN_AUTH_FILS_SK 4
|
||||
#define WLAN_AUTH_FILS_SK_PFS 5
|
||||
#define WLAN_AUTH_FILS_PK 6
|
||||
#define WLAN_AUTH_LEAP 128
|
||||
|
||||
#define WLAN_AUTH_CHALLENGE_LEN 128
|
||||
|
@ -3669,6 +3669,9 @@ enum nl80211_bss_status {
|
||||
* @NL80211_AUTHTYPE_FT: Fast BSS Transition (IEEE 802.11r)
|
||||
* @NL80211_AUTHTYPE_NETWORK_EAP: Network EAP (some Cisco APs and mainly LEAP)
|
||||
* @NL80211_AUTHTYPE_SAE: Simultaneous authentication of equals
|
||||
* @NL80211_AUTHTYPE_FILS_SK: Fast Initial Link Setup shared key
|
||||
* @NL80211_AUTHTYPE_FILS_SK_PFS: Fast Initial Link Setup shared key with PFS
|
||||
* @NL80211_AUTHTYPE_FILS_PK: Fast Initial Link Setup public key
|
||||
* @__NL80211_AUTHTYPE_NUM: internal
|
||||
* @NL80211_AUTHTYPE_MAX: maximum valid auth algorithm
|
||||
* @NL80211_AUTHTYPE_AUTOMATIC: determine automatically (if necessary by
|
||||
@ -3681,6 +3684,9 @@ enum nl80211_auth_type {
|
||||
NL80211_AUTHTYPE_FT,
|
||||
NL80211_AUTHTYPE_NETWORK_EAP,
|
||||
NL80211_AUTHTYPE_SAE,
|
||||
NL80211_AUTHTYPE_FILS_SK,
|
||||
NL80211_AUTHTYPE_FILS_SK_PFS,
|
||||
NL80211_AUTHTYPE_FILS_PK,
|
||||
|
||||
/* keep last */
|
||||
__NL80211_AUTHTYPE_NUM,
|
||||
|
@ -3778,12 +3778,23 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
|
||||
if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
|
||||
auth_type == NL80211_AUTHTYPE_SAE)
|
||||
return false;
|
||||
if (!wiphy_ext_feature_isset(&rdev->wiphy,
|
||||
NL80211_EXT_FEATURE_FILS_STA) &&
|
||||
(auth_type == NL80211_AUTHTYPE_FILS_SK ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_PK))
|
||||
return false;
|
||||
return true;
|
||||
case NL80211_CMD_CONNECT:
|
||||
case NL80211_CMD_START_AP:
|
||||
/* SAE not supported yet */
|
||||
if (auth_type == NL80211_AUTHTYPE_SAE)
|
||||
return false;
|
||||
/* FILS not supported yet */
|
||||
if (auth_type == NL80211_AUTHTYPE_FILS_SK ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_PK)
|
||||
return false;
|
||||
return true;
|
||||
default:
|
||||
return false;
|
||||
@ -7810,12 +7821,18 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
|
||||
if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
|
||||
return -EINVAL;
|
||||
|
||||
if (auth_type == NL80211_AUTHTYPE_SAE &&
|
||||
if ((auth_type == NL80211_AUTHTYPE_SAE ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_SK ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
|
||||
auth_type == NL80211_AUTHTYPE_FILS_PK) &&
|
||||
!info->attrs[NL80211_ATTR_AUTH_DATA])
|
||||
return -EINVAL;
|
||||
|
||||
if (info->attrs[NL80211_ATTR_AUTH_DATA]) {
|
||||
if (auth_type != NL80211_AUTHTYPE_SAE)
|
||||
if (auth_type != NL80211_AUTHTYPE_SAE &&
|
||||
auth_type != NL80211_AUTHTYPE_FILS_SK &&
|
||||
auth_type != NL80211_AUTHTYPE_FILS_SK_PFS &&
|
||||
auth_type != NL80211_AUTHTYPE_FILS_PK)
|
||||
return -EINVAL;
|
||||
auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]);
|
||||
auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]);
|
||||
|
Loading…
Reference in New Issue
Block a user