nl80211: Configure PMKSA lifetime and reauth threshold timer to driver

Drivers that trigger roaming need to know the lifetime and reauth
threshold time of configured PMKSA so that they can trigger full
authentication to avoid unnecessary disconnection. To support this, send
dot11RSNAConfigPMKLifetime and dot11RSNAConfigPMKReauthThreshold values
configured in wpa_supplicant to the driver while configuring a PMKSA.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>

diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 39c7f9cb922e5e1152369baf2769520826b54873..bc4f0ef95ca4e54e1ab4657f4b5c528d146c9250 100644 (file)
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2357,6 +2357,8 @@ struct wpa_pmkid_params {
        const u8 *pmkid;
        const u8 *pmk;
        size_t pmk_len;
+       u32 pmk_lifetime;
+       u8 pmk_reauth_threshold;
 };
 
 /* Mask used to specify which connection parameters have to be updated */

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 5f2b5651c4c35701b2ca0f17af3b2f98194a2db5..4790770bf2441272ced49d57f6b0a8cb2ba59c14 100644 (file)
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8228,6 +8228,12 @@ static int nl80211_pmkid(struct i802_bss *bss, int cmd,
            (params->fils_cache_id &&
             nla_put(msg, NL80211_ATTR_FILS_CACHE_ID, 2,
                     params->fils_cache_id)) ||
+           (params->pmk_lifetime &&
+            nla_put_u32(msg, NL80211_ATTR_PMK_LIFETIME,
+                        params->pmk_lifetime)) ||
+           (params->pmk_reauth_threshold &&
+            nla_put_u8(msg, NL80211_ATTR_PMK_REAUTH_THRESHOLD,
+                       params->pmk_reauth_threshold)) ||
            (cmd != NL80211_CMD_DEL_PMKSA &&
             params->pmk_len && params->pmk_len <= PMK_MAX_LEN &&
             nla_put(msg, NL80211_ATTR_PMK, params->pmk_len, params->pmk))) {

diff --git a/src/rsn_supp/pmksa_cache.c b/src/rsn_supp/pmksa_cache.c
index 9c970f8112348f2507b5c4662dd5575dd44ddafa..bd32cef08358862bfa98aea2644afea23a726dd7 100644 (file)
--- a/src/rsn_supp/pmksa_cache.c
+++ b/src/rsn_supp/pmksa_cache.c
@@ -267,7 +267,9 @@ pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa,
                   entry->network_ctx, entry->akmp);
        wpa_sm_add_pmkid(pmksa->sm, entry->network_ctx, entry->aa, entry->pmkid,
                         entry->fils_cache_id_set ? entry->fils_cache_id : NULL,
-                        entry->pmk, entry->pmk_len);
+                        entry->pmk, entry->pmk_len,
+                        pmksa->sm->dot11RSNAConfigPMKLifetime,
+                        pmksa->sm->dot11RSNAConfigPMKReauthThreshold);
 
        return entry;
 }

diff --git a/src/rsn_supp/preauth.c b/src/rsn_supp/preauth.c
index a7ca2ed8b76526da523c7c9176ac3826e744be32..a10192172b1e7fbcc9f005abd8b873a551a53871 100644 (file)
--- a/src/rsn_supp/preauth.c
+++ b/src/rsn_supp/preauth.c
@@ -349,7 +349,7 @@ void rsn_preauth_candidate_process(struct wpa_sm *sm)
                 * PMKIDs again, so report the existing data now. */
                if (p) {
                        wpa_sm_add_pmkid(sm, NULL, candidate->bssid, p->pmkid,
-                                        NULL, p->pmk, p->pmk_len);
+                                        NULL, p->pmk, p->pmk_len, 0, 0);
                }
 
                dl_list_del(&candidate->list);

diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 1f22f2f26a9e5d695fd29da258cd24817060bca2..796f39203702e13961d09a8b43011d5f33409d09 100644 (file)
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -42,7 +42,8 @@ struct wpa_sm_ctx {
                            size_t *msg_len, void **data_pos);
        int (*add_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
                         const u8 *pmkid, const u8 *fils_cache_id,
-                        const u8 *pmk, size_t pmk_len);
+                        const u8 *pmk, size_t pmk_len, u32 pmk_lifetime,
+                        u8 pmk_reauth_threshold);
        int (*remove_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
                            const u8 *pmkid, const u8 *fils_cache_id);
        void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);

diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index 5178c28cb4909ed167a8ef602eb106a45a250912..1ad75dcfa934fbc222038a15163055e67d1a7829 100644 (file)
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -264,11 +264,13 @@ static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
 static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx,
                                   const u8 *bssid, const u8 *pmkid,
                                   const u8 *cache_id, const u8 *pmk,
-                                  size_t pmk_len)
+                                  size_t pmk_len, u32 pmk_lifetime,
+                                  u8 pmk_reauth_threshold)
 {
        WPA_ASSERT(sm->ctx->add_pmkid);
        return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid,
-                                 cache_id, pmk, pmk_len);
+                                 cache_id, pmk, pmk_len, pmk_lifetime,
+                                 pmk_reauth_threshold);
 }
 
 static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx,

diff --git a/wpa_supplicant/preauth_test.c b/wpa_supplicant/preauth_test.c
index 7ed5860f0b21c8728af2bf6b4915f82dd1ffca81..4a8f4ff8fbc6fd61c60343e6253256b93b60bf5f 100644 (file)
--- a/wpa_supplicant/preauth_test.c
+++ b/wpa_supplicant/preauth_test.c
@@ -153,7 +153,8 @@ static int wpa_supplicant_mlme_setprotection(void *wpa_s, const u8 *addr,
 static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx,
                                    const u8 *bssid, const u8 *pmkid,
                                    const u8 *fils_cache_id,
-                                   const u8 *pmk, size_t pmk_len)
+                                   const u8 *pmk, size_t pmk_len,
+                                   u32 pmk_lifetime, u8 pmk_reauth_threshold)
 {
        printf("%s - not implemented\n", __func__);
        return -1;

diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index 200a439cb3116e89212df6f765a1087a47b1dd57..6bd271e12e73710474d97caf10cefbb5b7cfccfa 100644 (file)
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -574,7 +574,8 @@ static struct wpa_ssid * wpas_get_network_ctx(struct wpa_supplicant *wpa_s,
 static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
                                    const u8 *bssid, const u8 *pmkid,
                                    const u8 *fils_cache_id,
-                                   const u8 *pmk, size_t pmk_len)
+                                   const u8 *pmk, size_t pmk_len,
+                                   u32 pmk_lifetime, u8 pmk_reauth_threshold)
 {
        struct wpa_supplicant *wpa_s = _wpa_s;
        struct wpa_ssid *ssid;
@@ -596,6 +597,8 @@ static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
        params.pmkid = pmkid;
        params.pmk = pmk;
        params.pmk_len = pmk_len;
+       params.pmk_lifetime = pmk_lifetime;
+       params.pmk_reauth_threshold = pmk_reauth_threshold;
 
        return wpa_drv_add_pmkid(wpa_s, &params);
 }