mirror of
https://github.com/torvalds/linux.git
synced 2024-11-30 16:11:38 +00:00
a11e2f8548
Instead of open coding the CCM aead mode in the driver, and invoking the AES block cipher block by block, use a ccm(aes) aead transform which already encapsulates this functionality. This is a cleaner use of the crypto API, and permits optimized implementations to be used, which are typically much faster and deal more efficiently with the SIMD register file, which usually needs to be preserved/restored in order to use special AES instructions. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Link: https://lore.kernel.org/r/20190617091901.7063-1-ard.biesheuvel@linaro.org Signed-off-by: Johannes Berg <johannes.berg@intel.com>
236 lines
7.5 KiB
Plaintext
236 lines
7.5 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
config WIRELESS_EXT
|
|
bool
|
|
|
|
config WEXT_CORE
|
|
def_bool y
|
|
depends on CFG80211_WEXT || WIRELESS_EXT
|
|
|
|
config WEXT_PROC
|
|
def_bool y
|
|
depends on PROC_FS
|
|
depends on WEXT_CORE
|
|
|
|
config WEXT_SPY
|
|
bool
|
|
|
|
config WEXT_PRIV
|
|
bool
|
|
|
|
config CFG80211
|
|
tristate "cfg80211 - wireless configuration API"
|
|
depends on RFKILL || !RFKILL
|
|
select FW_LOADER
|
|
# may need to update this when certificates are changed and are
|
|
# using a different algorithm, though right now they shouldn't
|
|
# (this is here rather than below to allow it to be a module)
|
|
select CRYPTO_SHA256 if CFG80211_USE_KERNEL_REGDB_KEYS
|
|
---help---
|
|
cfg80211 is the Linux wireless LAN (802.11) configuration API.
|
|
Enable this if you have a wireless device.
|
|
|
|
For more information refer to documentation on the wireless wiki:
|
|
|
|
http://wireless.kernel.org/en/developers/Documentation/cfg80211
|
|
|
|
When built as a module it will be called cfg80211.
|
|
|
|
if CFG80211
|
|
|
|
config NL80211_TESTMODE
|
|
bool "nl80211 testmode command"
|
|
help
|
|
The nl80211 testmode command helps implementing things like
|
|
factory calibration or validation tools for wireless chips.
|
|
|
|
Select this option ONLY for kernels that are specifically
|
|
built for such purposes.
|
|
|
|
Debugging tools that are supposed to end up in the hands of
|
|
users should better be implemented with debugfs.
|
|
|
|
Say N.
|
|
|
|
config CFG80211_DEVELOPER_WARNINGS
|
|
bool "enable developer warnings"
|
|
default n
|
|
help
|
|
This option enables some additional warnings that help
|
|
cfg80211 developers and driver developers, but beware that
|
|
they can also trigger due to races with userspace.
|
|
|
|
For example, when a driver reports that it was disconnected
|
|
from the AP, but the user disconnects manually at the same
|
|
time, the warning might trigger spuriously due to races.
|
|
|
|
Say Y only if you are developing cfg80211 or a driver based
|
|
on it (or mac80211).
|
|
|
|
|
|
config CFG80211_CERTIFICATION_ONUS
|
|
bool "cfg80211 certification onus"
|
|
depends on EXPERT
|
|
default n
|
|
---help---
|
|
You should disable this option unless you are both capable
|
|
and willing to ensure your system will remain regulatory
|
|
compliant with the features available under this option.
|
|
Some options may still be under heavy development and
|
|
for whatever reason regulatory compliance has not or
|
|
cannot yet be verified. Regulatory verification may at
|
|
times only be possible until you have the final system
|
|
in place.
|
|
|
|
This option should only be enabled by system integrators
|
|
or distributions that have done work necessary to ensure
|
|
regulatory certification on the system with the enabled
|
|
features. Alternatively you can enable this option if
|
|
you are a wireless researcher and are working in a controlled
|
|
and approved environment by your local regulatory agency.
|
|
|
|
config CFG80211_REQUIRE_SIGNED_REGDB
|
|
bool "require regdb signature" if CFG80211_CERTIFICATION_ONUS
|
|
default y
|
|
select SYSTEM_DATA_VERIFICATION
|
|
help
|
|
Require that in addition to the "regulatory.db" file a
|
|
"regulatory.db.p7s" can be loaded with a valid PKCS#7
|
|
signature for the regulatory.db file made by one of the
|
|
keys in the certs/ directory.
|
|
|
|
config CFG80211_USE_KERNEL_REGDB_KEYS
|
|
bool "allow regdb keys shipped with the kernel" if CFG80211_CERTIFICATION_ONUS
|
|
default y
|
|
depends on CFG80211_REQUIRE_SIGNED_REGDB
|
|
help
|
|
Allow the regulatory database to be signed by one of the keys for
|
|
which certificates are part of the kernel sources
|
|
(in net/wireless/certs/).
|
|
|
|
This is currently only Seth Forshee's key, who is the regulatory
|
|
database maintainer.
|
|
|
|
config CFG80211_EXTRA_REGDB_KEYDIR
|
|
string "additional regdb key directory" if CFG80211_CERTIFICATION_ONUS
|
|
depends on CFG80211_REQUIRE_SIGNED_REGDB
|
|
help
|
|
If selected, point to a directory with DER-encoded X.509
|
|
certificates like in the kernel sources (net/wireless/certs/)
|
|
that shall be accepted for a signed regulatory database.
|
|
|
|
Note that you need to also select the correct CRYPTO_<hash> modules
|
|
for your certificates, and if cfg80211 is built-in they also must be.
|
|
|
|
config CFG80211_REG_CELLULAR_HINTS
|
|
bool "cfg80211 regulatory support for cellular base station hints"
|
|
depends on CFG80211_CERTIFICATION_ONUS
|
|
---help---
|
|
This option enables support for parsing regulatory hints
|
|
from cellular base stations. If enabled and at least one driver
|
|
claims support for parsing cellular base station hints the
|
|
regulatory core will allow and parse these regulatory hints.
|
|
The regulatory core will only apply these regulatory hints on
|
|
drivers that support this feature. You should only enable this
|
|
feature if you have tested and validated this feature on your
|
|
systems.
|
|
|
|
config CFG80211_REG_RELAX_NO_IR
|
|
bool "cfg80211 support for NO_IR relaxation"
|
|
depends on CFG80211_CERTIFICATION_ONUS
|
|
---help---
|
|
This option enables support for relaxation of the NO_IR flag for
|
|
situations that certain regulatory bodies have provided clarifications
|
|
on how relaxation can occur. This feature has an inherent dependency on
|
|
userspace features which must have been properly tested and as such is
|
|
not enabled by default.
|
|
|
|
A relaxation feature example is allowing the operation of a P2P group
|
|
owner (GO) on channels marked with NO_IR if there is an additional BSS
|
|
interface which associated to an AP which userspace assumes or confirms
|
|
to be an authorized master, i.e., with radar detection support and DFS
|
|
capabilities. However, note that in order to not create daisy chain
|
|
scenarios, this relaxation is not allowed in cases where the BSS client
|
|
is associated to P2P GO and in addition the P2P GO instantiated on
|
|
a channel due to this relaxation should not allow connection from
|
|
non P2P clients.
|
|
|
|
The regulatory core will apply these relaxations only for drivers that
|
|
support this feature by declaring the appropriate channel flags and
|
|
capabilities in their registration flow.
|
|
|
|
config CFG80211_DEFAULT_PS
|
|
bool "enable powersave by default"
|
|
default y
|
|
help
|
|
This option enables powersave mode by default.
|
|
|
|
If this causes your applications to misbehave you should fix your
|
|
applications instead -- they need to register their network
|
|
latency requirement, see Documentation/power/pm_qos_interface.rst.
|
|
|
|
config CFG80211_DEBUGFS
|
|
bool "cfg80211 DebugFS entries"
|
|
depends on DEBUG_FS
|
|
---help---
|
|
You can enable this if you want debugfs entries for cfg80211.
|
|
|
|
If unsure, say N.
|
|
|
|
config CFG80211_CRDA_SUPPORT
|
|
bool "support CRDA" if EXPERT
|
|
default y
|
|
help
|
|
You should enable this option unless you know for sure you have no
|
|
need for it, for example when using internal regdb (above) or the
|
|
database loaded as a firmware file.
|
|
|
|
If unsure, say Y.
|
|
|
|
config CFG80211_WEXT
|
|
bool "cfg80211 wireless extensions compatibility" if !CFG80211_WEXT_EXPORT
|
|
select WEXT_CORE
|
|
default y if CFG80211_WEXT_EXPORT
|
|
help
|
|
Enable this option if you need old userspace for wireless
|
|
extensions with cfg80211-based drivers.
|
|
|
|
config CFG80211_WEXT_EXPORT
|
|
bool
|
|
help
|
|
Drivers should select this option if they require cfg80211's
|
|
wext compatibility symbols to be exported.
|
|
|
|
endif # CFG80211
|
|
|
|
config LIB80211
|
|
tristate
|
|
default n
|
|
help
|
|
This options enables a library of common routines used
|
|
by IEEE802.11 wireless LAN drivers.
|
|
|
|
Drivers should select this themselves if needed.
|
|
|
|
config LIB80211_CRYPT_WEP
|
|
tristate
|
|
select CRYPTO_LIB_ARC4
|
|
|
|
config LIB80211_CRYPT_CCMP
|
|
tristate
|
|
select CRYPTO_AES
|
|
select CRYPTO_CCM
|
|
|
|
config LIB80211_CRYPT_TKIP
|
|
tristate
|
|
select CRYPTO_LIB_ARC4
|
|
|
|
config LIB80211_DEBUG
|
|
bool "lib80211 debugging messages"
|
|
depends on LIB80211
|
|
default n
|
|
---help---
|
|
You can enable this if you want verbose debugging messages
|
|
from lib80211.
|
|
|
|
If unsure, say N.
|