Commit 648fba79 authored by Shivani Baranwal's avatar Shivani Baranwal Committed by Johannes Berg
Browse files

wifi: cfg80211: Support 32 bytes KCK key in GTK rekey offload 



Currently, maximum KCK key length supported for GTK rekey offload is 24
bytes but with some newer AKMs the KCK key length can be 32 bytes. e.g.,
00-0F-AC:24 AKM suite with SAE finite cyclic group 21. Add support to
allow 32 bytes KCK keys in GTK rekey offload.

Signed-off-by: default avatarShivani Baranwal <quic_shivbara@quicinc.com>
Signed-off-by: default avatarVeerendranath Jakkam <quic_vjakkam@quicinc.com>
Link: https://lore.kernel.org/r/20221206143715.1802987-3-quic_vjakkam@quicinc.com


Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent df4969ca

include/net/cfg80211.h

+2 −1
Original line number Diff line number Diff line
@@ -4682,6 +4682,7 @@ struct cfg80211_ops { 
 *	in order to not have them reachable in normal drivers, until we have

 *	complete feature/interface combinations/etc. advertisement. No driver

 *	should set this flag for now.

 * @WIPHY_FLAG_SUPPORTS_EXT_KCK_32: The device supports 32-byte KCK keys.

 */

enum wiphy_flags {

	WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK		= BIT(0),
@@ -4694,7 +4695,7 @@ enum wiphy_flags { 
	WIPHY_FLAG_CONTROL_PORT_PROTOCOL	= BIT(7),

	WIPHY_FLAG_IBSS_RSN			= BIT(8),

	WIPHY_FLAG_MESH_AUTH			= BIT(10),

	/* use hole at 11 */

	WIPHY_FLAG_SUPPORTS_EXT_KCK_32          = BIT(11),

	/* use hole at 12 */

	WIPHY_FLAG_SUPPORTS_FW_ROAM		= BIT(13),

	WIPHY_FLAG_AP_UAPSD			= BIT(14),

include/uapi/linux/nl80211.h

+1 −0
Original line number Diff line number Diff line
@@ -5869,6 +5869,7 @@ enum plink_actions { 
#define NL80211_KEK_LEN			16

#define NL80211_KCK_EXT_LEN		24

#define NL80211_KEK_EXT_LEN		32

#define NL80211_KCK_EXT_LEN_32		32

#define NL80211_REPLAY_CTR_LEN		8



/**

net/wireless/nl80211.c

+4 −2
Original line number Diff line number Diff line
@@ -883,7 +883,7 @@ nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { 
	},

	[NL80211_REKEY_DATA_KCK] = {

		.type = NLA_BINARY,

		.len = NL80211_KCK_EXT_LEN

		.len = NL80211_KCK_EXT_LEN_32

	},

	[NL80211_REKEY_DATA_REPLAY_CTR] = NLA_POLICY_EXACT_LEN(NL80211_REPLAY_CTR_LEN),

	[NL80211_REKEY_DATA_AKM] = { .type = NLA_U32 },
@@ -13809,7 +13809,9 @@ static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) 
		return -ERANGE;

	if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN &&

	    !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK &&

	      nla_len(tb[NL80211_REKEY_DATA_KCK]) == NL80211_KCK_EXT_LEN))

	      nla_len(tb[NL80211_REKEY_DATA_KCK]) == NL80211_KCK_EXT_LEN) &&

	     !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KCK_32 &&

	       nla_len(tb[NL80211_REKEY_DATA_KCK]) == NL80211_KCK_EXT_LEN_32))

		return -ERANGE;









	rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]);