From: Jouni Malinen <jouni@codeaurora.org>
Date: Fri, 21 Feb 2020 16:19:04 +0000 (+0200)
Subject: nl80211: Beacon protection capability flag and default key type
X-Git-Tag: hostap_2_10~1749
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f1d385609009985de8a6ab8a8bbf46b672b93c3d;p=thirdparty%2Fhostap.git

nl80211: Beacon protection capability flag and default key type

Add a new capability flag based on the nl80211 feature advertisement and
start using the new default key type for Beacon protection. This enables
AP mode functionality to allow Beacon protection to be enabled. This is
also enabling the previously added ap_pmf_beacon_protection_* hwsim test
cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---

diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 48dd3fe52..cd1ec31a1 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1840,6 +1840,8 @@ struct wpa_driver_capa {
 #define WPA_DRIVER_FLAGS_UPDATE_FT_IES		0x1000000000000000ULL
 /** Driver can correctly rekey PTKs without Extended Key ID */
 #define WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS	0x2000000000000000ULL
+/** Driver supports Beacon protection */
+#define WPA_DRIVER_FLAGS_BEACON_PROTECTION	0x4000000000000000ULL
 	u64 flags;
 
 #define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \
diff --git a/src/drivers/driver_common.c b/src/drivers/driver_common.c
index bdb5c50da..f4d06e438 100644
--- a/src/drivers/driver_common.c
+++ b/src/drivers/driver_common.c
@@ -314,6 +314,7 @@ const char * driver_flag_to_string(u64 flag)
 	DF2S(VLAN_OFFLOAD);
 	DF2S(UPDATE_FT_IES);
 	DF2S(SAFE_PTK0_REKEYS);
+	DF2S(BEACON_PROTECTION);
 	}
 	return "UNKNOWN";
 #undef DF2S
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 659f6584d..18e4b8eef 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3189,8 +3189,10 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss,
 				   alg == WPA_ALG_BIP_GMAC_128 ||
 				   alg == WPA_ALG_BIP_GMAC_256 ||
 				   alg == WPA_ALG_BIP_CMAC_256) ?
-				   NL80211_KEY_DEFAULT_MGMT :
-				   NL80211_KEY_DEFAULT))
+			 (key_idx == 6 || key_idx == 7 ?
+			  NL80211_KEY_DEFAULT_BEACON :
+			  NL80211_KEY_DEFAULT_MGMT) :
+			 NL80211_KEY_DEFAULT))
 		goto fail;
 	if (addr && is_broadcast_ether_addr(addr)) {
 		struct nlattr *types;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 61c8c2556..ea1ab8a2f 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -449,6 +449,10 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
 	if (ext_feature_isset(ext_features, len,
 			      NL80211_EXT_FEATURE_CAN_REPLACE_PTK0))
 		capa->flags |= WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS;
+
+	if (ext_feature_isset(ext_features, len,
+			      NL80211_EXT_FEATURE_BEACON_PROTECTION))
+		capa->flags |= WPA_DRIVER_FLAGS_BEACON_PROTECTION;
 }