Add support for SAE-FT
Bug:149449646
Test: Tested on Android-R and verified on sniffer.
Signed-off-by: Mir Ali <mir-khizer.ali@broadcom.com>
Change-Id: I57d5642386dc7cbbcc162f4049721413c78a47ab
diff --git a/src/common/brcm_vendor.h b/src/common/brcm_vendor.h
index b1bf397..0a44a6c 100644
--- a/src/common/brcm_vendor.h
+++ b/src/common/brcm_vendor.h
@@ -27,6 +27,7 @@
*/
enum brcm_nl80211_vendor_subcmds {
BRCM_VENDOR_SUBCMD_UNSPEC = 0,
+ BRCM_VENDOR_SUBCMD_SET_PMK = 4,
BRCM_VENDOR_SUBCMD_SET_MAC = 6,
BRCM_VENDOR_SCMD_ACS = 9,
BRCM_VENDOR_SCMD_MAX = 10
@@ -65,6 +66,7 @@
enum brcm_wlan_vendor_attr {
BRCM_ATTR_DRIVER_CMD = 0,
+ BRCM_ATTR_DRIVER_KEY_PMK = 1,
BRCM_ATTR_DRIVER_MAC_ADDR = 3,
BRCM_ATTR_DRIVER_AFTER_LAST = 5,
BRCM_ATTR_DRIVER_MAX = BRCM_ATTR_DRIVER_AFTER_LAST - 1,
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 4295f0c..5d1b52a 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3240,6 +3240,36 @@
#endif /* CONFIG_DRIVER_NL80211_QCA */
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+static int key_mgmt_set_key(struct wpa_driver_nl80211_data *drv,
+ const u8 *key, size_t key_len)
+{
+ struct nl_msg *msg;
+ int ret;
+ struct nlattr *params;
+
+ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_BRCM) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
+ BRCM_VENDOR_SUBCMD_SET_PMK) ||
+ !(params = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
+ nla_put(msg, BRCM_ATTR_DRIVER_KEY_PMK, key_len, key)) {
+ nl80211_nlmsg_clear(msg);
+ nlmsg_free(msg);
+ return -ENOBUFS;
+ }
+ nla_nest_end(msg, params);
+
+ ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1, NULL, NULL);
+ if (ret) {
+ wpa_printf(MSG_DEBUG, "nl80211: Key mgmt set key failed: ret=%d (%s)",
+ ret, strerror(-ret));
+ }
+
+ return ret;
+}
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
+
static int nl80211_set_pmk(struct wpa_driver_nl80211_data *drv,
const u8 *key, size_t key_len,
const u8 *addr)
@@ -3327,6 +3357,12 @@
if (key_flag & KEY_FLAG_PMK) {
if (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)
return nl80211_set_pmk(drv, key, key_len, addr);
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+ if (drv->vendor_set_pmk) {
+ wpa_printf(MSG_INFO, "nl80211: key_mgmt_set_key with key_len %lu", key_len);
+ return key_mgmt_set_key(drv, key, key_len);
+ }
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
/* The driver does not have any offload mechanism for PMK, so
* there is no need to configure this key. */
return 0;
diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h
index 0db7d55..4688924 100644
--- a/src/drivers/driver_nl80211.h
+++ b/src/drivers/driver_nl80211.h
@@ -220,6 +220,9 @@
* (NL80211_CMD_VENDOR). 0 if no pending scan request.
*/
int last_scan_cmd;
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+ unsigned int vendor_set_pmk:1; /* for legacy set_pmk method before NL80211_CMD_SET_PMK */
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
};
struct nl_msg;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 416531f..0e038db 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -1009,6 +1009,9 @@
drv->capa.flags |=
WPA_DRIVER_FLAGS_SUPPORT_HW_MODE_ANY;
break;
+ case BRCM_VENDOR_SUBCMD_SET_PMK:
+ drv->vendor_set_pmk = 1;
+ break;
default:
break;
}
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 6c6de80..d028e95 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -3824,6 +3824,20 @@
pmksa_cache_flush(sm->pmksa, network_ctx, NULL, 0);
}
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+void wpa_sm_install_pmk(struct wpa_sm *sm)
+{
+ /* In case the driver wants to handle re-assocs, pass it down the PMK. */
+ if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->pairwise_cipher), NULL, 0, 0, NULL, 0,
+ (u8*)sm->pmk, sm->pmk_len, KEY_FLAG_PMK) < 0) {
+ wpa_hexdump(MSG_DEBUG, "PSK: Install PMK to the driver for driver reassociations",
+ (u8*)sm->pmk, sm->pmk_len);
+ /* No harm if the driver doesn't support. */
+ wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: Failed to set PMK to the driver");
+ }
+}
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
#ifdef CONFIG_WNM
int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 2142772..5fc7ed6 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -198,6 +198,10 @@
int wpa_sm_get_p2p_ip_addr(struct wpa_sm *sm, u8 *buf);
+#ifdef CONFIG_DRIVER_NL80211_BRCM
+void wpa_sm_install_pmk(struct wpa_sm *sm);
+#endif /* CONFIG_DRIVER_NL80211_BRCM */
+
void wpa_sm_set_rx_replay_ctr(struct wpa_sm *sm, const u8 *rx_replay_counter);
void wpa_sm_set_ptk_kck_kek(struct wpa_sm *sm,
const u8 *ptk_kck, size_t ptk_kck_len,
@@ -410,6 +414,7 @@
const u8 *ric_ies, size_t ric_ies_len);
int wpa_ft_is_completed(struct wpa_sm *sm);
void wpa_reset_ft_completed(struct wpa_sm *sm);
+void wpa_set_ft_completed(struct wpa_sm *sm);
int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
size_t ies_len, const u8 *src_addr);
int wpa_ft_start_over_ds(struct wpa_sm *sm, const u8 *target_ap,
@@ -451,6 +456,10 @@
{
}
+static inline void wpa_set_ft_completed(struct wpa_sm *sm)
+{
+}
+
static inline int
wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
const u8 *src_addr)
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index bf73376..d7e3685 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -718,6 +718,12 @@
}
+void wpa_set_ft_completed(struct wpa_sm *sm)
+{
+ if (sm != NULL)
+ sm->ft_completed = 1;
+}
+
static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem,
size_t gtk_elem_len)
{