Re: [PATCH wireless-next v2 15/16] wifi: cfg80211: add LTF keyseed support for secure ranging

[Johannes Berg <johannes@sipsolutions.net>]

On Wed, 2026-03-04 at 12:45 +0530, Peddolla Harshavardhan Reddy wrote:
> 
>   * @NL80211_CMD_NEW_KEY: add a key with given %NL80211_ATTR_KEY_DATA,
>   *	%NL80211_ATTR_KEY_IDX, %NL80211_ATTR_MAC, %NL80211_ATTR_KEY_CIPHER,
> - *	and %NL80211_ATTR_KEY_SEQ attributes. %NL80211_ATTR_MAC represents
> - *	peer's MLD address for MLO pairwise key. The link to add MLO
> - *	group key is identified by %NL80211_ATTR_MLO_LINK_ID.
> + *	%NL80211_ATTR_KEY_SEQ and %NL80211_KEY_LTF_SEED attributes.
> + *	%NL80211_ATTR_MAC represents peer's MLD address for MLO pairwise key.
> + *	The link to add MLO group key is identified by
> + *	%NL80211_ATTR_MLO_LINK_ID.

I think this is a bit misleading since it mixes up the key attributes
now. I think at this level it should refer to %NL80211_ATTR_KEY instead
of the specific nested %NL80211_KEY_LTF_SEED.

>   * @NL80211_CMD_DEL_KEY: delete a key identified by %NL80211_ATTR_KEY_IDX
>   *	or %NL80211_ATTR_MAC. %NL80211_ATTR_MAC represents peer's MLD address
>   *	for MLO pairwise key. The link to delete group key is identified by
> @@ -5602,6 +5603,14 @@ enum nl80211_key_default_types {
>   * @NL80211_KEY_MODE: the mode from enum nl80211_key_mode.
>   *	Defaults to @NL80211_KEY_RX_TX.
>   * @NL80211_KEY_DEFAULT_BEACON: flag indicating default Beacon frame key
> + * @NL80211_KEY_LTF_SEED: LTF key seed is used by the driver to generate
> + *	secure LTF keys used in case of peer measurement request with FTM
> + *	request type as either %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED
> + *	or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED, secure LTF key seeds will
> + *	help enable PHY security in peer measurement session. The corresponding
> + *	keys need to be configured before hand to ensure peer measurement

"beforehand"

> + *	session is secure. Only valid if %NL80211_EXT_FEATURE_SECURE_LTF
> + *	is set.

NL80211_EXT_FEATURE_SECURE_LTF already exists today, and is set by
iwlwifi/mvm, so I'm not convinced you can just redefine it to mean also
LTF key seed is supported?

> +++ b/net/wireless/nl80211.c
> @@ -983,6 +983,7 @@ static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
>  	[NL80211_KEY_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES - 1),
>  	[NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
>  	[NL80211_KEY_MODE] = NLA_POLICY_RANGE(NLA_U8, 0, NL80211_KEY_SET_TX),
> +	[NL80211_KEY_LTF_SEED] = { .type = NLA_BINARY, .len = 48 },

This probably doesn't do what you think it does, unless you really
wanted that it's *at most* 48 bytes. And please add a define in
ieee80211.h for that.

johannes