Add NL80211_ATTR_LTF_KEYSEED attribute to support secure FTM measurements. This allows drivers to generate secure LTF keys for PHY-layer security in ranging operations. The keyseed is used with trigger-based and non-trigger-based FTM requests to enable secure peer measurement sessions. Signed-off-by: Peddolla Harshavardhan Reddy --- include/net/cfg80211.h | 2 ++ include/uapi/linux/nl80211.h | 15 ++++++++++++--- net/wireless/nl80211.c | 7 +++++++ 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index dd45dda7e619..ea6b9c994455 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -800,6 +800,8 @@ struct key_params { u16 vlan_id; u32 cipher; enum nl80211_key_mode mode; + const u8 *ltf_keyseed; + int ltf_keyseed_len; }; /** diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h index c102a54ff335..4db71f400571 100644 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -395,9 +395,10 @@ * %NL80211_ATTR_MLO_LINK_ID. * @NL80211_CMD_NEW_KEY: add a key with given %NL80211_ATTR_KEY_DATA, * %NL80211_ATTR_KEY_IDX, %NL80211_ATTR_MAC, %NL80211_ATTR_KEY_CIPHER, - * and %NL80211_ATTR_KEY_SEQ attributes. %NL80211_ATTR_MAC represents - * peer's MLD address for MLO pairwise key. The link to add MLO - * group key is identified by %NL80211_ATTR_MLO_LINK_ID. + * %NL80211_ATTR_KEY_SEQ and %NL80211_ATTR_LTF_KEYSEED attributes. + * %NL80211_ATTR_MAC represents peer's MLD address for MLO pairwise key. + * The link to add MLO group key is identified by + * %NL80211_ATTR_MLO_LINK_ID. * @NL80211_CMD_DEL_KEY: delete a key identified by %NL80211_ATTR_KEY_IDX * or %NL80211_ATTR_MAC. %NL80211_ATTR_MAC represents peer's MLD address * for MLO pairwise key. The link to delete group key is identified by @@ -5536,6 +5537,13 @@ enum nl80211_key_default_types { * @NL80211_KEY_MODE: the mode from enum nl80211_key_mode. * Defaults to @NL80211_KEY_RX_TX. * @NL80211_KEY_DEFAULT_BEACON: flag indicating default Beacon frame key + * @NL80211_ATTR_LTF_KEYSEED: LTF key seed is used by the driver to generate + * secure LTF keys used in case of peer measurement request with FTM + * request type as either %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED + * or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED, secure LTF key seeds will + * help enable PHY security in peer measurement session. The corresponding + * keys need to be configured before hand to ensure peer measurement + * session is secure. * * @__NL80211_KEY_AFTER_LAST: internal * @NL80211_KEY_MAX: highest key attribute @@ -5552,6 +5560,7 @@ enum nl80211_key_attributes { NL80211_KEY_DEFAULT_TYPES, NL80211_KEY_MODE, NL80211_KEY_DEFAULT_BEACON, + NL80211_ATTR_LTF_KEYSEED, /* keep last */ __NL80211_KEY_AFTER_LAST, diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 2909520bb949..3aaa5734be57 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -968,6 +968,8 @@ static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { [NL80211_KEY_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES - 1), [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, [NL80211_KEY_MODE] = NLA_POLICY_RANGE(NLA_U8, 0, NL80211_KEY_SET_TX), + [NL80211_ATTR_LTF_KEYSEED] = { .type = NLA_BINARY, + .len = WLAN_MAX_KEY_LEN }, }; /* policy for the key default flags */ @@ -1491,6 +1493,11 @@ static int nl80211_parse_key_new(struct genl_info *info, struct nlattr *key, if (tb[NL80211_KEY_MODE]) k->p.mode = nla_get_u8(tb[NL80211_KEY_MODE]); + if (tb[NL80211_ATTR_LTF_KEYSEED]) { + k->p.ltf_keyseed = nla_data(tb[NL80211_ATTR_LTF_KEYSEED]); + k->p.ltf_keyseed_len = nla_len(tb[NL80211_ATTR_LTF_KEYSEED]); + } + return 0; } -- 2.34.1