nl80211: Allow set/del pmksa operations for AP

Host drivers may offload authentication to the user space
through the commit ("cfg80211: Authentication offload to
user space in AP mode").

This interface can be used to implement SAE by having the
userspace do authentication/PMKID key derivation and driver
handle the association.

A step ahead, this interface can get further optimized if the
PMKID is passed to the host driver and also have it respond to
the association request by the STA on a valid PMKID.

This commit enables the userspace to pass the PMKID to the host
drivers through the set/del pmksa operations in AP mode.

Set/Del pmksa is now restricted to STA/P2P client mode only and
thus the drivers might not expect them in any other(AP) mode.

This commit also introduces a feature flag
NL80211_EXT_FEATURE_AP_PMKSA_CACHING (johannes: renamed) to
maintain the backward compatibility of such an expectation by
the host drivers. These operations are allowed in AP mode only
when the drivers advertize the capability through this flag.

Signed-off-by: Liangwei Dong <liangwei@codeaurora.org>
Signed-off-by: Srinivas Dasari <dasaris@codeaurora.org>
[rename flag to NL80211_EXT_FEATURE_AP_PMKSA_CACHING]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index 8b0fdb9..dd4f86e 100644 (file)
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -5340,6 +5340,9 @@ enum nl80211_feature_flags {
  *     fairness for transmitted packets and has enabled airtime fairness
  *     scheduling.
  *
+ * @NL80211_EXT_FEATURE_AP_PMKSA_CACHING: Driver/device supports PMKSA caching
+ *     (set/del PMKSA operations) in AP mode.
+ *
  * @NUM_NL80211_EXT_FEATURES: number of extended features.
  * @MAX_NL80211_EXT_FEATURES: highest extended feature index.
  */
@@ -5380,6 +5383,7 @@ enum nl80211_ext_feature_index {
        NL80211_EXT_FEATURE_CAN_REPLACE_PTK0,
        NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER,
        NL80211_EXT_FEATURE_AIRTIME_FAIRNESS,
+       NL80211_EXT_FEATURE_AP_PMKSA_CACHING,
 
        /* add new features before the definition below */
        NUM_NL80211_EXT_FEATURES,

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index dc96077..af89e5c 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -9899,7 +9899,10 @@ static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
        }
 
        if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
-           dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
+           dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
+           !(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_AP &&
+             wiphy_ext_feature_isset(&rdev->wiphy,
+                                     NL80211_EXT_FEATURE_AP_PMKSA_CACHING)))
                return -EOPNOTSUPP;
 
        switch (info->genlhdr->cmd) {