nl80211: Beacon protection capability flag and default key type

Add a new capability flag based on the nl80211 feature advertisement and
start using the new default key type for Beacon protection. This enables
AP mode functionality to allow Beacon protection to be enabled. This is
also enabling the previously added ap_pmf_beacon_protection_* hwsim test
cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 48dd3fe525921a4e6c85916e5229ff71d2931a04..cd1ec31a13bf16865f7ac83348bd989d789a0677 100644 (file)
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1840,6 +1840,8 @@ struct wpa_driver_capa {
 #define WPA_DRIVER_FLAGS_UPDATE_FT_IES         0x1000000000000000ULL
 /** Driver can correctly rekey PTKs without Extended Key ID */
 #define WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS      0x2000000000000000ULL
+/** Driver supports Beacon protection */
+#define WPA_DRIVER_FLAGS_BEACON_PROTECTION     0x4000000000000000ULL
        u64 flags;
 
 #define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \

diff --git a/src/drivers/driver_common.c b/src/drivers/driver_common.c
index bdb5c50da775e32aebaad6dcb312989331320e88..f4d06e438fa9ce6a8c5e50104ff1c079df0bde2b 100644 (file)
--- a/src/drivers/driver_common.c
+++ b/src/drivers/driver_common.c
@@ -314,6 +314,7 @@ const char * driver_flag_to_string(u64 flag)
        DF2S(VLAN_OFFLOAD);
        DF2S(UPDATE_FT_IES);
        DF2S(SAFE_PTK0_REKEYS);
+       DF2S(BEACON_PROTECTION);
        }
        return "UNKNOWN";
 #undef DF2S

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 659f6584d4625d356897396bf24b53c041dac269..18e4b8eef918f8fefff80300577e3334928dd0fe 100644 (file)
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3189,8 +3189,10 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss,
                                   alg == WPA_ALG_BIP_GMAC_128 ||
                                   alg == WPA_ALG_BIP_GMAC_256 ||
                                   alg == WPA_ALG_BIP_CMAC_256) ?
-                                  NL80211_KEY_DEFAULT_MGMT :
-                                  NL80211_KEY_DEFAULT))
+                        (key_idx == 6 || key_idx == 7 ?
+                         NL80211_KEY_DEFAULT_BEACON :
+                         NL80211_KEY_DEFAULT_MGMT) :
+                        NL80211_KEY_DEFAULT))
                goto fail;
        if (addr && is_broadcast_ether_addr(addr)) {
                struct nlattr *types;

diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 61c8c2556ee0272b3d3ed4d170cf183cb15e2063..ea1ab8a2f921980bf87f3d9ec88b060598f1b1f3 100644 (file)
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -449,6 +449,10 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
        if (ext_feature_isset(ext_features, len,
                              NL80211_EXT_FEATURE_CAN_REPLACE_PTK0))
                capa->flags |= WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS;
+
+       if (ext_feature_isset(ext_features, len,
+                             NL80211_EXT_FEATURE_BEACON_PROTECTION))
+               capa->flags |= WPA_DRIVER_FLAGS_BEACON_PROTECTION;
 }