[PATCH v2 4/7] netdev: allow PSK offload for FT AKMs

Wireless Daemon for Linux
 help / color / mirror / Atom feed

From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.01.org
Subject: [PATCH v2 4/7] netdev: allow PSK offload for FT AKMs
Date: Tue, 30 Mar 2021 11:48:05 -0700	[thread overview]
Message-ID: <20210330184808.744574-4-prestwoj@gmail.com> (raw)
In-Reply-To: <20210330184808.744574-1-prestwoj@gmail.com>

[-- Attachment #1: Type: text/plain, Size: 3266 bytes --]

If the handshake has offloading set, use ATTR_PMK (for WPA2)
which enables PSK offloading.

The CMD_ROAM event path was also modified to take into account
handshake offloading. If the handshake is offloaded we still
must issue GET_SCAN, but not start eapol since the firmware
takes care of this.
---
 src/netdev.c | 44 +++++++++++++++++++++++++++++---------------
 1 file changed, 29 insertions(+), 15 deletions(-)

diff --git a/src/netdev.c b/src/netdev.c
index 914f6479..5c5fcd86 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -1992,19 +1992,7 @@ process_resp_ies:
 	if (netdev->handshake->offload)
 		goto done;
 
-	if (netdev->sm) {
-		/*
-		 * Let station know about the roam so a state change can occur.
-		 */
-		if (cmd == NL80211_CMD_ROAM) {
-			if (netdev->event_filter)
-				netdev->event_filter(netdev,
-						NETDEV_EVENT_ROAMING,
-						NULL, netdev->user_data);
-			/* EAPoL started after GET_SCAN */
-			return;
-		}
-
+	if (netdev->sm && cmd != NL80211_CMD_ROAM) {
 		/*
 		 * Start processing EAPoL frames now that the state machine
 		 * has all the input data even in FT mode.
@@ -2016,6 +2004,19 @@ process_resp_ies:
 	}
 
 done:
+	/*
+	 * Let station know about the roam so a state change can occur.
+	 */
+	if (cmd == NL80211_CMD_ROAM) {
+		if (netdev->event_filter)
+			netdev->event_filter(netdev,
+						NETDEV_EVENT_ROAMING,
+						NULL, netdev->user_data);
+		/* EAPoL started after GET_SCAN */
+		if (!netdev->handshake->offload)
+			return;
+	}
+
 	netdev_connect_ok(netdev);
 
 	return;
@@ -2641,6 +2642,8 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev,
 		if (IE_AKM_IS_SAE(hs->akm_suite))
 			l_genl_msg_append_attr(msg, NL80211_ATTR_SAE_PASSWORD,
 					strlen(hs->passphrase), hs->passphrase);
+		else
+			l_genl_msg_append_attr(msg, NL80211_ATTR_PMK, 32, hs->pmk);
 	}
 
 	if (prev_bssid)
@@ -4000,7 +4003,7 @@ static bool netdev_get_fw_scan_cb(int err, struct l_queue *bss_list,
 	 * In this case we should just ignore this and allow the disconnect
 	 * logic to continue.
 	 */
-	if (!netdev->sm)
+	if (!netdev->handshake->offload && !netdev->sm)
 		return false;
 
 	if (err < 0) {
@@ -4028,6 +4031,11 @@ static bool netdev_get_fw_scan_cb(int err, struct l_queue *bss_list,
 
 	handshake_state_set_authenticator_ie(netdev->handshake, bss->rsne);
 
+	if (netdev->handshake->offload) {
+		netdev_connect_ok(netdev);
+		return false;
+	}
+
 	eapol_start(netdev->sm);
 
 	return false;
@@ -4063,14 +4071,20 @@ static bool netdev_roam_event(struct l_genl_msg *msg, struct netdev *netdev)
 		goto failed;
 	}
 
+	/* Handshake completed in firmware, just get the roamed BSS */
+	if (netdev->handshake->offload)
+		goto get_fw_scan;
+
 	/* Reset handshake state */
 	nhs->complete = false;
 	nhs->ptk_installed = false;
 	nhs->gtk_installed = true;
 	nhs->igtk_installed = true;
-	handshake_state_set_authenticator_address(netdev->handshake, mac);
 	netdev->handshake->ptk_complete = false;
 
+get_fw_scan:
+	handshake_state_set_authenticator_address(netdev->handshake, mac);
+
 	if (!scan_get_firmware_scan(netdev->wdev_id, netdev_get_fw_scan_cb,
 					netdev, NULL))
 		goto failed;
-- 
2.26.2

next prev parent reply	other threads:[~2021-03-30 18:48 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-30 18:48 [PATCH v2 1/7] wiphy: add offload out parameter to wiphy_can_connect_sae James Prestwood
2021-03-30 18:48 ` [PATCH v2 2/7] wiphy: fix wiphy_can_connect AKM checks James Prestwood
2021-03-30 19:58   ` Denis Kenzior
2021-03-30 18:48 ` [PATCH v2 3/7] wiphy: allow FT AKM to be used if Auth/Assoc is not supported James Prestwood
2021-03-30 18:48 ` James Prestwood [this message]
2021-03-30 20:25   ` [PATCH v2 4/7] netdev: allow PSK offload for FT AKMs Denis Kenzior
2021-03-30 20:40     ` James Prestwood
2021-03-30 18:48 ` [PATCH v2 5/7] station: set handshake->offload if required James Prestwood
2021-03-30 18:48 ` [PATCH v2 6/7] doc: document new [General].4WayOffload James Prestwood
2021-03-30 20:49   ` Denis Kenzior
2021-03-30 18:48 ` [PATCH v2 7/7] wiphy: remove wiphy_supports_cmds_auth_assoc James Prestwood

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:914f647 dfblob:5c5fcd8 )
 OR (
bs:"[PATCH v2 4/7] netdev: allow PSK offload for FT AKMs" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210330184808.744574-4-prestwoj@gmail.com \
    --to=prestwoj@gmail.com \
    --cc=iwd@lists.01.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox