Revert "cfg80211: Key management offload support for SHA-256 and FT/8021.X"

This reverts commit 3bb41fde01. Key management offload (LFR3) cannot be dependent on kernel changes that have not yet been up-streamed. Therefore, all kernel support for key management offload needs to be reverted until the open source version of kernel support for key management offload is available. CRs-Fixed: 778119 Change-Id: Idd3d5847636da558a12f27396d43ca6c4e12a519 Signed-off-by: Chet Lanctot <clanctot@codeaurora.org>
2015-01-07 13:13:27 -08:00 · 2015-01-07 13:13:27 -08:00 · 3324dacd1b
parent 8950c224fd
commit 3324dacd1b
5 changed files with 13 additions and 23 deletions
--- a/Documentation/networking/key-mgmt-offload.txt
+++ b/Documentation/networking/key-mgmt-offload.txt
@ -6,7 +6,7 @@ Security Network during initial connection or after a roam between
 APs occurs.  It might also happen during after the device handles a
 PTK rekeying operation.

-This design only supports key management offload in a station
+This design only supports key managment offload in a station
 (non-AP STA).

 There are a couple of possible advantages to offloading key
@ -83,7 +83,8 @@ NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA
   association connect time because the 802.1X authentication must
   first take place before the PMK is established.  The PMK will be
   passed to the driver using cfg80211_key_mgmt_set_pmk in this case
-   once it is known.
+   once it is known.  A new cipher suite type is defined to identify
+   the value as a PMK when cfg80211_add_key is used in this way.

 Indication
 ----------
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@ -2092,9 +2092,7 @@ struct cfg80211_qos_map {
 *
 * @key_mgmt_set_pmk: Used to pass the PMK to the device for key management
 *	offload.  This will be used in the case of key management offload on an
- *	already established PMKSA.  If connection is FT (802.11r) enabled with
- *	802.1X, then the second 256 bits of the MSK is passed instead of the
- *	PMK.
+ *	already established PMKSA.
 */
 struct cfg80211_ops {
 	int	(*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
@ -2340,7 +2338,7 @@ struct cfg80211_ops {
 				    struct cfg80211_chan_def *chandef);

 	int	(*key_mgmt_set_pmk)(struct wiphy *wiphy, struct net_device *dev,
-				    const u8 *pmk);
+				   u8 *pmk);
 };

 /*
@ -2730,8 +2728,8 @@ struct wiphy_vendor_command {
 *
 * @key_mgmt_offload_support: Bitmap of supported types of key management
 *	that can be offloaded to the device.  See
- *	nl80211_key_mgmt_offload_support.  Only valid when
- *	WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
+ *	nl80211_key_mgmt_offload_support.
+ *	Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
 * @key_derive_offload_support: Bitmap of supported key derivations used as
 *	part of key management offload.  See nl80211_key_derive_offload_support.
 *	Only valid when WIPHY_FLAG_HAS_KEY_MGMT_OFFLOAD is set.
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@ -700,9 +700,7 @@
 * @NL80211_CMD_KEY_MGMT_SET_PMK: Used to pass the PMK to the device for
 *	key management offload.  This will be used in the case of key
 *	management offload on an already established PMKSA.  The PMK is passed
- *	in NL80211_ATTR_PMK once it is known by the supplicant.  If connection
- *	is FT (802.11r) enabled with 802.1X, then the second 256 bits of the
- *	MSK is passed instead of the PMK.
+ *	in NL80211_ATTR_PMK once it is known by the supplicant.
 *
 * @NL80211_CMD_MAX: highest used command number
 * @__NL80211_CMD_AFTER_LAST: internal use
@ -4017,15 +4015,11 @@ enum nl80211_tdls_peer_capability {
 * @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA: Key management on already
 *	established PMKSA.  The PMK will be passed using
 *	NL80211_CMD_KEY_MGMT_SET_PMK once it is known.
- * @NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_802_1X: 802.11r (FT) with
- *	802.1X.  The second 256 bits of the MSK is passed using
- *	NL80211_CMD_KEY_MGMT_SET_PMK once it is known.
 */
 enum nl80211_key_mgmt_offload_support {
-	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PSK		= 1 << 0,
-	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_PSK		= 1 << 1,
-	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA		= 1 << 2,
-	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_802_1X	= 1 << 3,
+	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PSK	= 1 << 0,
+	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_FT_PSK	= 1 << 1,
+	NL80211_KEY_MGMT_OFFLOAD_SUPPORT_PMKSA	= 1 << 2,
 };

 /**
@ -4036,11 +4030,9 @@ enum nl80211_key_mgmt_offload_support {
 * by default for all supported key management offload types.
 *
 * @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK: IGTK key derivation.
- * @NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_SHA256: SHA-256 key derivation.
 */
 enum nl80211_key_derive_offload_support {
-	NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK		= 1 << 0,
-	NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_SHA256	= 1 << 1,
+	NL80211_KEY_DERIVE_OFFLOAD_SUPPORT_IGTK	= 1 << 0,
 };

 /**
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@ -9427,7 +9427,7 @@ static struct genl_ops nl80211_ops[] = {
 				  NL80211_FLAG_NEED_RTNL,
 	},
 	{
-		.cmd = NL80211_CMD_KEY_MGMT_SET_PMK,
+	.cmd = NL80211_CMD_KEY_MGMT_SET_PMK,
 		.doit = nl80211_key_mgmt_set_pmk,
 		.policy = nl80211_policy,
 		.flags = GENL_ADMIN_PERM,
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@ -794,7 +794,6 @@ void cfg80211_process_wdev_events(struct wireless_dev *wdev)
 			__cfg80211_authorization_event(wdev->netdev,
 						       ev->au.auth_status,
 						       ev->au.key_replay_ctr);
-			break;
 		}
 		wdev_unlock(wdev);