From patchwork Fri Sep 22 12:49:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinayak Yadawad X-Patchwork-Id: 726324 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 279C6E6FE20 for ; Fri, 22 Sep 2023 12:49:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231283AbjIVMtr (ORCPT ); Fri, 22 Sep 2023 08:49:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56314 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229971AbjIVMtp (ORCPT ); Fri, 22 Sep 2023 08:49:45 -0400 Received: from mail-oi1-x234.google.com (mail-oi1-x234.google.com [IPv6:2607:f8b0:4864:20::234]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9CC1B8F for ; Fri, 22 Sep 2023 05:49:39 -0700 (PDT) Received: by mail-oi1-x234.google.com with SMTP id 5614622812f47-3adba522a5dso1217878b6e.2 for ; Fri, 22 Sep 2023 05:49:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; t=1695386979; x=1695991779; darn=vger.kernel.org; h=mime-version:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=IOH37OsEFFrcw56CIhoEYu0QMohLGycplmMZLz0vkp8=; b=FUmQXQrVhKbp9sqAFLZshsABtTwNMaD0g2bs4OiWvD9e+LeKaFjCx3X4tdhsBt1xgH eNLZUXcYupG8ToOjcqhfoaamWcZ+IPST6fWvaU9Lli97kdLa6y6kOLto9D0f33tRPoSg lmS79qANgVXor0lcG09FMiYe++prdd5XiyXCk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695386979; x=1695991779; h=mime-version:message-id:date:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=IOH37OsEFFrcw56CIhoEYu0QMohLGycplmMZLz0vkp8=; b=jj6Z5RuuqOnZim6iDQsni/IeJmd9/dsoJuM9Pz4nJlDle5cHItGM7LVfwqbDY+R3Sc NvpiAiQTT/Ippidb2o1sCDdNf3MsE3SsPTlKQIdI7+QL8T0UC0lLLT2O39FDaVOiLpYU O8MBVjPUlCEsJQMiF8mneRZBGXvtGX4JF6DMLW9LPnDCpgZXmArnkcSH/V9Lie/HY5Xx VWGb1AY2E7bbfS0A9ZUXyFH01zw860VdLxQMv0S2YBfjg57rbPBvQJWQsoQjhKTlzfVI TznQgG7kGU8JbZrmHGF/+efe6JC2ebiZEAPBJ1na6pZY967N+rX/FH7lcHRDGHCgTh0w DVAg== X-Gm-Message-State: AOJu0YzjcR9LmeB4Cvr72YtyPDR0D5ehd1gb+OrbH4tFO2ikr74TvTj3 FxZDRA5JXI/pQPrrqPsPvRtv4g== X-Google-Smtp-Source: AGHT+IFL3Vg4J15kkoKp+Keof50D7McV0CnHKHx1uX6UXc1vReCM1qknOpwaOYfDM7tKvO+hKYkwPg== X-Received: by 2002:a05:6808:1382:b0:3ab:5e9e:51f8 with SMTP id c2-20020a056808138200b003ab5e9e51f8mr9668451oiw.9.1695386978816; Fri, 22 Sep 2023 05:49:38 -0700 (PDT) Received: from ibnvda0196.ibn.broadcom.net ([192.19.252.250]) by smtp.gmail.com with ESMTPSA id s25-20020a63af59000000b0056606274e54sm3036004pgo.31.2023.09.22.05.49.36 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 22 Sep 2023 05:49:38 -0700 (PDT) From: Vinayak Yadawad To: johannes@sipsolutions.net Cc: linux-wireless@vger.kernel.org, jithu.jance@broadcom.com, Vinayak Yadawad Subject: [PATCH v3 1/1] cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient Date: Fri, 22 Sep 2023 18:19:20 +0530 Message-Id: X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org In 4way handshake offload, cfg80211_port_authorized enables driver to indicate successful 4way handshake to cfg80211 layer. Currently this path of port authorization is restricted to interface type NL80211_IFTYPE_STATION and NL80211_IFTYPE_P2P_CLIENT. This patch extends the support for NL80211_IFTYPE_AP and NL80211_IFTYPE_P2P_GO interfaces to authorize peer STA/P2P_CLIENT, whenever authentication is offloaded on the AP/P2P_GO interface. Signed-off-by: Vinayak Yadawad --- v2->v3: Fixed indentation in comment v1->v2: Address review comments to change peer_mac to peer_addr --- include/net/cfg80211.h | 8 ++++++-- net/wireless/core.h | 2 +- net/wireless/nl80211.c | 4 ++-- net/wireless/nl80211.h | 5 ++++- net/wireless/sme.c | 23 ++++++++++++++--------- net/wireless/util.c | 2 +- 6 files changed, 28 insertions(+), 16 deletions(-) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 3a4b684f89bf..444fd8aac8c1 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -7967,7 +7967,8 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info, * cfg80211_port_authorized - notify cfg80211 of successful security association * * @dev: network device - * @bssid: the BSSID of the AP + * @peer_addr: BSSID of the AP/P2P GO in case of STA/GC or STA/GC MAC address + * in case of AP/P2P GO * @td_bitmap: transition disable policy * @td_bitmap_len: Length of transition disable policy * @gfp: allocation flags @@ -7978,8 +7979,11 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info, * should be preceded with a call to cfg80211_connect_result(), * cfg80211_connect_done(), cfg80211_connect_bss() or cfg80211_roamed() to * indicate the 802.11 association. + * This function can also be called by AP/P2P GO driver that supports + * authentication offload. In this case the peer_mac passed is that of + * associated STA/GC. */ -void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, +void cfg80211_port_authorized(struct net_device *dev, const u8 *peer_addr, const u8* td_bitmap, u8 td_bitmap_len, gfp_t gfp); /** diff --git a/net/wireless/core.h b/net/wireless/core.h index 507d184b8b40..678aba05e78b 100644 --- a/net/wireless/core.h +++ b/net/wireless/core.h @@ -276,7 +276,7 @@ struct cfg80211_event { struct ieee80211_channel *channel; } ij; struct { - u8 bssid[ETH_ALEN]; + u8 peer_addr[ETH_ALEN]; const u8 *td_bitmap; u8 td_bitmap_len; } pa; diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index de47838aca4f..af4878df118e 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -18219,7 +18219,7 @@ void nl80211_send_roamed(struct cfg80211_registered_device *rdev, } void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev, - struct net_device *netdev, const u8 *bssid, + struct net_device *netdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len) { struct sk_buff *msg; @@ -18237,7 +18237,7 @@ void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev, if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || - nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) + nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_addr)) goto nla_put_failure; if ((td_bitmap_len > 0) && td_bitmap) diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h index b4af53f9b227..d3cabf358696 100644 --- a/net/wireless/nl80211.h +++ b/net/wireless/nl80211.h @@ -82,8 +82,11 @@ void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, void nl80211_send_roamed(struct cfg80211_registered_device *rdev, struct net_device *netdev, struct cfg80211_roam_info *info, gfp_t gfp); +/* For STA/GC, indicate port authorized with AP/GO bssid. + * For GO/AP, use peer GC/STA mac_addr. + */ void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev, - struct net_device *netdev, const u8 *bssid, + struct net_device *netdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len); void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, struct net_device *netdev, u16 reason, diff --git a/net/wireless/sme.c b/net/wireless/sme.c index 9bba233b5a6e..59f1e9936c29 100644 --- a/net/wireless/sme.c +++ b/net/wireless/sme.c @@ -1294,24 +1294,29 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info, } EXPORT_SYMBOL(cfg80211_roamed); -void __cfg80211_port_authorized(struct wireless_dev *wdev, const u8 *bssid, +void __cfg80211_port_authorized(struct wireless_dev *wdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len) { ASSERT_WDEV_LOCK(wdev); if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION && - wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)) + wdev->iftype != NL80211_IFTYPE_P2P_CLIENT && + wdev->iftype != NL80211_IFTYPE_AP && + wdev->iftype != NL80211_IFTYPE_P2P_GO)) return; - if (WARN_ON(!wdev->connected) || - WARN_ON(!ether_addr_equal(wdev->u.client.connected_addr, bssid))) - return; + if (wdev->iftype == NL80211_IFTYPE_STATION || + wdev->iftype == NL80211_IFTYPE_P2P_CLIENT) { + if (WARN_ON(!wdev->connected) || + WARN_ON(!ether_addr_equal(wdev->u.client.connected_addr, peer_addr))) + return; + } nl80211_send_port_authorized(wiphy_to_rdev(wdev->wiphy), wdev->netdev, - bssid, td_bitmap, td_bitmap_len); + peer_addr, td_bitmap, td_bitmap_len); } -void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, +void cfg80211_port_authorized(struct net_device *dev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len, gfp_t gfp) { struct wireless_dev *wdev = dev->ieee80211_ptr; @@ -1319,7 +1324,7 @@ void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, struct cfg80211_event *ev; unsigned long flags; - if (WARN_ON(!bssid)) + if (WARN_ON(!peer_addr)) return; ev = kzalloc(sizeof(*ev) + td_bitmap_len, gfp); @@ -1327,7 +1332,7 @@ void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, return; ev->type = EVENT_PORT_AUTHORIZED; - memcpy(ev->pa.bssid, bssid, ETH_ALEN); + memcpy(ev->pa.peer_addr, peer_addr, ETH_ALEN); ev->pa.td_bitmap = ((u8 *)ev) + sizeof(*ev); ev->pa.td_bitmap_len = td_bitmap_len; memcpy((void *)ev->pa.td_bitmap, td_bitmap, td_bitmap_len); diff --git a/net/wireless/util.c b/net/wireless/util.c index 1783ab9d57a3..e9e2f0a7ea11 100644 --- a/net/wireless/util.c +++ b/net/wireless/util.c @@ -1069,7 +1069,7 @@ void cfg80211_process_wdev_events(struct wireless_dev *wdev) __cfg80211_leave(wiphy_to_rdev(wdev->wiphy), wdev); break; case EVENT_PORT_AUTHORIZED: - __cfg80211_port_authorized(wdev, ev->pa.bssid, + __cfg80211_port_authorized(wdev, ev->pa.peer_addr, ev->pa.td_bitmap, ev->pa.td_bitmap_len); break;