* @seq_len: length of @seq.
* @vlan_id: vlan_id for VLAN group key (if nonzero)
* @mode: key install mode (RX_TX, NO_TX or SET_TX)
+ * @ltf_keyseed: LTF key seed material
+ * @ltf_keyseed_len: length of LTF key seed material
*/
struct key_params {
const u8 *key;
u16 vlan_id;
u32 cipher;
enum nl80211_key_mode mode;
+ const u8 *ltf_keyseed;
+ size_t ltf_keyseed_len;
};
/**
* @NL80211_KEY_MODE: the mode from enum nl80211_key_mode.
* Defaults to @NL80211_KEY_RX_TX.
* @NL80211_KEY_DEFAULT_BEACON: flag indicating default Beacon frame key
+ * @NL80211_KEY_LTF_SEED: LTF key seed is used by the driver to generate
+ * secure LTF keys used in case of peer measurement request with FTM
+ * request type as either %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED
+ * or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED. Secure LTF key seeds
+ * will help enable PHY security in peer measurement session.
+ * The LTF key seed is installed along with the TK (Temporal Key) using
+ * %NL80211_CMD_NEW_KEY. The TK is configured using the
+ * %NL80211_ATTR_KEY_DATA attribute, while the LTF key seed is configured
+ * using this attribute. Both keys must be configured before initiation
+ * of peer measurement to ensure peer measurement session is secure.
+ * Only valid if %NL80211_EXT_FEATURE_SET_KEY_LTF_SEED is set. This
+ * attribute is restricted to pairwise keys (%NL80211_KEYTYPE_PAIRWISE).
*
* @__NL80211_KEY_AFTER_LAST: internal
* @NL80211_KEY_MAX: highest key attribute
NL80211_KEY_DEFAULT_TYPES,
NL80211_KEY_MODE,
NL80211_KEY_DEFAULT_BEACON,
+ NL80211_KEY_LTF_SEED,
/* keep last */
__NL80211_KEY_AFTER_LAST,
* forward frames with a matching MAC address to userspace during
* the off-channel period.
*
+ * @NL80211_EXT_FEATURE_SET_KEY_LTF_SEED: Driver supports installing the
+ * LTF key seed via %NL80211_KEY_LTF_SEED. The seed is used to generate
+ * secure LTF keys for secure LTF measurement sessions.
+ *
* @NUM_NL80211_EXT_FEATURES: number of extended features.
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
*/
NL80211_EXT_FEATURE_ASSOC_FRAME_ENCRYPTION,
NL80211_EXT_FEATURE_IEEE8021X_AUTH,
NL80211_EXT_FEATURE_ROC_ADDR_FILTER,
+ NL80211_EXT_FEATURE_SET_KEY_LTF_SEED,
/* add new features before the definition below */
NUM_NL80211_EXT_FEATURES,
[NL80211_KEY_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES - 1),
[NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
[NL80211_KEY_MODE] = NLA_POLICY_RANGE(NLA_U8, 0, NL80211_KEY_SET_TX),
+ [NL80211_KEY_LTF_SEED] = {
+ .type = NLA_BINARY,
+ .len = WLAN_MAX_SECURE_LTF_KEYSEED_LEN,
+ },
};
/* policy for the key default flags */
if (tb[NL80211_KEY_MODE])
k->p.mode = nla_get_u8(tb[NL80211_KEY_MODE]);
+ if (tb[NL80211_KEY_LTF_SEED]) {
+ k->p.ltf_keyseed = nla_data(tb[NL80211_KEY_LTF_SEED]);
+ k->p.ltf_keyseed_len = nla_len(tb[NL80211_KEY_LTF_SEED]);
+ }
+
return 0;
}
if (!cfg80211_supported_cipher_suite(&rdev->wiphy, params->cipher))
return -EINVAL;
+ if (params->ltf_keyseed) {
+ if (!wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_SECURE_LTF) ||
+ !wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_SET_KEY_LTF_SEED))
+ return -EOPNOTSUPP;
+
+ /*
+ * LTF key seed is pairwise key material and must only be
+ * used with a pairwise key
+ */
+ if (!pairwise)
+ return -EINVAL;
+ }
+
return 0;
}
projects / thirdparty / kernel / linux.git / commitdiff
