diff mbox series

[3/4] nl80211: support SAE authentication offload in AP mode

Message ID 20200623134938.39997-4-chi-hsien.lin@cypress.com (mailing list archive)
State Changes Requested
Delegated to: Johannes Berg
Headers show
Series nl80211: add support for WPA/WPA2-PSK 4-way handshake and SAE offload in AP mode | expand

Commit Message

Chi-Hsien Lin June 23, 2020, 1:49 p.m. UTC 
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>

Add support for SAE authentication offload in AP mode.

Signed-off-by: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
---
 include/uapi/linux/nl80211.h | 10 ++++++----
 net/wireless/nl80211.c       |  5 +++--
 2 files changed, 9 insertions(+), 6 deletions(-)

Comments

Johannes Berg July 30, 2020, 2:55 p.m. UTC | #1 
On Tue, 2020-06-23 at 08:49 -0500, Chi-Hsien Lin wrote:
> From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
> 
> Add support for SAE authentication offload in AP mode.

It seems to me you need a new feature flag for this, just like in the
PSK case, because brcmfmac in fact already sets this, and in fact as we
can see in patch 4 it would now set it in two places depending on
*different* firmware support conditions ... that may be OK for the
firmware right now, but it still doesn't really make much sense.

Please change to add another flag here.

johannes
diff mbox series

Patch

diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index f5bb69664b32..a340d88ee8a6 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -252,9 +252,10 @@ 
  * DOC: SAE authentication offload
  *
  * By setting @NL80211_EXT_FEATURE_SAE_OFFLOAD flag drivers can indicate they
- * support offloading SAE authentication for WPA3-Personal networks. In
- * %NL80211_CMD_CONNECT the password for SAE should be specified using
- * %NL80211_ATTR_SAE_PASSWORD.
+ * support offloading SAE authentication for WPA3-Personal networks. The
+ * password for SAE should be specified using %NL80211_ATTR_SAE_PASSWORD in
+ * %NL80211_CMD_CONNECT and %NL80211_CMD_START_AP for station and AP mode
+ * respectively.
  */
 
 /**
@@ -5736,7 +5737,8 @@  enum nl80211_feature_flags {
  *	to a station.
  *
  * @NL80211_EXT_FEATURE_SAE_OFFLOAD: Device wants to do SAE authentication in
- *	station mode (SAE password is passed as part of the connect command).
+ *	station mode (SAE password is passed as part of the connect command)
+ *	or AP mode (SAE password is passed as part of the start AP command).
  *
  * @NL80211_EXT_FEATURE_VLAN_OFFLOAD: The driver supports a single netdev
  *	with VLAN tagged frames and separate VLAN-specific netdevs added using
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 004c79338f31..bc4f066cf955 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -4813,8 +4813,9 @@  static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
 			return false;
 		return true;
 	case NL80211_CMD_START_AP:
-		/* SAE not supported yet */
-		if (auth_type == NL80211_AUTHTYPE_SAE)
+		if (!wiphy_ext_feature_isset(&rdev->wiphy,
+					     NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
+		    auth_type == NL80211_AUTHTYPE_SAE)
 			return false;
 		/* FILS not supported yet */
 		if (auth_type == NL80211_AUTHTYPE_FILS_SK ||