From patchwork Tue Sep 26 10:32:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinayak Yadawad X-Patchwork-Id: 726681 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 16781E7D277 for ; Tue, 26 Sep 2023 10:32:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231182AbjIZKch (ORCPT ); Tue, 26 Sep 2023 06:32:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36370 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229445AbjIZKcg (ORCPT ); Tue, 26 Sep 2023 06:32:36 -0400 Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CB034BF for ; Tue, 26 Sep 2023 03:32:29 -0700 (PDT) Received: by mail-pj1-x102f.google.com with SMTP id 98e67ed59e1d1-27762a19386so2515708a91.2 for ; Tue, 26 Sep 2023 03:32:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; t=1695724348; x=1696329148; darn=vger.kernel.org; h=mime-version:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=MQkRgyeHWvKQpFG9o2Lf+mKes3Sqxx4uZXjn3JEFLeo=; b=LthhrgBGs9QE2VhqCqv/p0tRQP7CZK+LdSw9g29QyNGKpGyaK/QBnWALsteqSm/eOC 2zWcJk7/VBWfjiFVry9VF+l5kz/A6+/VvWTJ6MHiw8dx8t/z63ftvFwIQmv8IyCAYEzA 0KIcY6N/AM/E2SQSFm8jUj2seFvUo/ZfmKP7A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695724348; x=1696329148; h=mime-version:message-id:date:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=MQkRgyeHWvKQpFG9o2Lf+mKes3Sqxx4uZXjn3JEFLeo=; b=YtL26BhBqrUguGMAZBytm1IDGhoaQrfu3OoBbhJBRA3RIBv/R0rjzCUOL8ShldZDTw QyWcASfxtHqS+aEGDqDw20xycAaGZ1oVPXT1aAcZXu+jf85DOsqcyqI/aFx96hyMeNSI gh9jfuxAGHxHqnCPV9Amn24BalBp21bQi5lFw91tUiw8/5/MQYEp1dBF3P+6NkK1PxFw 8U7SEn4uOOZ4xPZMOdRapEXHQQpkMDYBkKdSwdVSbzAaQS2hVWuXEUhA5xpv0nRoH+HF /iCP1YgLQFGS4loUoP+eBF3P/PelHvtSP0ypwyPO0sqIG9bLW7QvBaL4bj9YibSopI2h wIKg== X-Gm-Message-State: AOJu0YyuOjc9+km/vTlW7MIAGOR0CbNunTQ1ldobt0SBEd/GKOJ4T41B 5hlhtFRcKB2KRahLXJJ7v0LTbQ== X-Google-Smtp-Source: AGHT+IEera9qj//21wwqz+qaNN1+6ThKfjelXUx1TkjdHRWiGyWsZp7TvxVN+wFyiNDxnp08xAQg3w== X-Received: by 2002:a17:90a:bf12:b0:268:3f6d:9751 with SMTP id c18-20020a17090abf1200b002683f6d9751mr7064333pjs.23.1695724348051; Tue, 26 Sep 2023 03:32:28 -0700 (PDT) Received: from ibnvda0196.ibn.broadcom.net ([192.19.252.250]) by smtp.gmail.com with ESMTPSA id pc16-20020a17090b3b9000b00274803c4c90sm4022334pjb.40.2023.09.26.03.32.26 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 26 Sep 2023 03:32:27 -0700 (PDT) From: Vinayak Yadawad To: johannes@sipsolutions.net Cc: linux-wireless@vger.kernel.org, jithu.jance@broadcom.com, Vinayak Yadawad Subject: [PATCH v4 1/1] wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient Date: Tue, 26 Sep 2023 16:02:22 +0530 Message-Id: X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org In 4way handshake offload, cfg80211_port_authorized enables driver to indicate successful 4way handshake to cfg80211 layer. Currently this path of port authorization is restricted to interface type NL80211_IFTYPE_STATION and NL80211_IFTYPE_P2P_CLIENT. This patch extends the support for NL80211_IFTYPE_AP and NL80211_IFTYPE_P2P_GO interfaces to authorize peer STA/P2P_CLIENT, whenever authentication is offloaded on the AP/P2P_GO interface. Signed-off-by: Vinayak Yadawad --- v3->v4: Changes to apply the patch to right wireless repo v2->v3: Fixed indentation in comment v1->v2: Address review comments to change peer_mac to peer_addr --- include/net/cfg80211.h | 8 ++++++-- net/wireless/core.h | 4 ++-- net/wireless/nl80211.c | 4 ++-- net/wireless/nl80211.h | 5 ++++- net/wireless/sme.c | 23 ++++++++++++++--------- net/wireless/util.c | 2 +- 6 files changed, 29 insertions(+), 17 deletions(-) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 34c50f7273d1..e7429f7ccc0a 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -8026,7 +8026,8 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info, * cfg80211_port_authorized - notify cfg80211 of successful security association * * @dev: network device - * @bssid: the BSSID of the AP + * @peer_addr: BSSID of the AP/P2P GO in case of STA/GC or STA/GC MAC address + * in case of AP/P2P GO * @td_bitmap: transition disable policy * @td_bitmap_len: Length of transition disable policy * @gfp: allocation flags @@ -8037,8 +8038,11 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info, * should be preceded with a call to cfg80211_connect_result(), * cfg80211_connect_done(), cfg80211_connect_bss() or cfg80211_roamed() to * indicate the 802.11 association. + * This function can also be called by AP/P2P GO driver that supports + * authentication offload. In this case the peer_mac passed is that of + * associated STA/GC. */ -void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, +void cfg80211_port_authorized(struct net_device *dev, const u8 *peer_addr, const u8* td_bitmap, u8 td_bitmap_len, gfp_t gfp); /** diff --git a/net/wireless/core.h b/net/wireless/core.h index 866f0a6934e6..7ef1d6f42bd7 100644 --- a/net/wireless/core.h +++ b/net/wireless/core.h @@ -270,7 +270,7 @@ struct cfg80211_event { struct ieee80211_channel *channel; } ij; struct { - u8 bssid[ETH_ALEN]; + u8 peer_addr[ETH_ALEN]; const u8 *td_bitmap; u8 td_bitmap_len; } pa; @@ -399,7 +399,7 @@ int cfg80211_disconnect(struct cfg80211_registered_device *rdev, bool wextev); void __cfg80211_roamed(struct wireless_dev *wdev, struct cfg80211_roam_info *info); -void __cfg80211_port_authorized(struct wireless_dev *wdev, const u8 *bssid, +void __cfg80211_port_authorized(struct wireless_dev *wdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len); int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev, struct wireless_dev *wdev); diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 87b21c0c0f25..7d2d425e1806 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -18095,7 +18095,7 @@ void nl80211_send_roamed(struct cfg80211_registered_device *rdev, } void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev, - struct net_device *netdev, const u8 *bssid, + struct net_device *netdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len) { struct sk_buff *msg; @@ -18113,7 +18113,7 @@ void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev, if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || - nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) + nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_addr)) goto nla_put_failure; if ((td_bitmap_len > 0) && td_bitmap) diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h index b4af53f9b227..d3cabf358696 100644 --- a/net/wireless/nl80211.h +++ b/net/wireless/nl80211.h @@ -82,8 +82,11 @@ void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, void nl80211_send_roamed(struct cfg80211_registered_device *rdev, struct net_device *netdev, struct cfg80211_roam_info *info, gfp_t gfp); +/* For STA/GC, indicate port authorized with AP/GO bssid. + * For GO/AP, use peer GC/STA mac_addr. + */ void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev, - struct net_device *netdev, const u8 *bssid, + struct net_device *netdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len); void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, struct net_device *netdev, u16 reason, diff --git a/net/wireless/sme.c b/net/wireless/sme.c index 50fcb27e6dab..acfe66da7109 100644 --- a/net/wireless/sme.c +++ b/net/wireless/sme.c @@ -1281,24 +1281,29 @@ void cfg80211_roamed(struct net_device *dev, struct cfg80211_roam_info *info, } EXPORT_SYMBOL(cfg80211_roamed); -void __cfg80211_port_authorized(struct wireless_dev *wdev, const u8 *bssid, +void __cfg80211_port_authorized(struct wireless_dev *wdev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len) { lockdep_assert_wiphy(wdev->wiphy); if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION && - wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)) + wdev->iftype != NL80211_IFTYPE_P2P_CLIENT && + wdev->iftype != NL80211_IFTYPE_AP && + wdev->iftype != NL80211_IFTYPE_P2P_GO)) return; - if (WARN_ON(!wdev->connected) || - WARN_ON(!ether_addr_equal(wdev->u.client.connected_addr, bssid))) - return; + if (wdev->iftype == NL80211_IFTYPE_STATION || + wdev->iftype == NL80211_IFTYPE_P2P_CLIENT) { + if (WARN_ON(!wdev->connected) || + WARN_ON(!ether_addr_equal(wdev->u.client.connected_addr, peer_addr))) + return; + } nl80211_send_port_authorized(wiphy_to_rdev(wdev->wiphy), wdev->netdev, - bssid, td_bitmap, td_bitmap_len); + peer_addr, td_bitmap, td_bitmap_len); } -void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, +void cfg80211_port_authorized(struct net_device *dev, const u8 *peer_addr, const u8 *td_bitmap, u8 td_bitmap_len, gfp_t gfp) { struct wireless_dev *wdev = dev->ieee80211_ptr; @@ -1306,7 +1311,7 @@ void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, struct cfg80211_event *ev; unsigned long flags; - if (WARN_ON(!bssid)) + if (WARN_ON(!peer_addr)) return; ev = kzalloc(sizeof(*ev) + td_bitmap_len, gfp); @@ -1314,7 +1319,7 @@ void cfg80211_port_authorized(struct net_device *dev, const u8 *bssid, return; ev->type = EVENT_PORT_AUTHORIZED; - memcpy(ev->pa.bssid, bssid, ETH_ALEN); + memcpy(ev->pa.peer_addr, peer_addr, ETH_ALEN); ev->pa.td_bitmap = ((u8 *)ev) + sizeof(*ev); ev->pa.td_bitmap_len = td_bitmap_len; memcpy((void *)ev->pa.td_bitmap, td_bitmap, td_bitmap_len); diff --git a/net/wireless/util.c b/net/wireless/util.c index 213c9405e645..87e298d3e44e 100644 --- a/net/wireless/util.c +++ b/net/wireless/util.c @@ -1062,7 +1062,7 @@ void cfg80211_process_wdev_events(struct wireless_dev *wdev) cfg80211_leave(wiphy_to_rdev(wdev->wiphy), wdev); break; case EVENT_PORT_AUTHORIZED: - __cfg80211_port_authorized(wdev, ev->pa.bssid, + __cfg80211_port_authorized(wdev, ev->pa.peer_addr, ev->pa.td_bitmap, ev->pa.td_bitmap_len); break;