summaryrefslogtreecommitdiff
path: root/net/wireless
diff options
context:
space:
mode:
authorAiny Kumari <ainy.kumari@oss.qualcomm.com>2026-01-14 16:48:52 +0530
committerJohannes Berg <johannes.berg@intel.com>2026-01-14 14:34:15 +0100
commitf29c852149f94dc1975c64fa919b3dd62db04d23 (patch)
treed07dde77c813e592c3f2613433d1dc2ad3f32faa /net/wireless
parent24a57985670e9dac5547e5b7731bf8e7b03d5be8 (diff)
downloadlinux-next-f29c852149f94dc1975c64fa919b3dd62db04d23.tar.gz
linux-next-f29c852149f94dc1975c64fa919b3dd62db04d23.zip
wifi: cfg80211: add support for EPPKE Authentication Protocol
Add an extended feature flag NL80211_EXT_FEATURE_EPPKE to allow a driver to indicate support for the Enhanced Privacy Protection Key Exchange (EPPKE) authentication protocol in non-AP STA mode, as defined in "IEEE P802.11bi/D3.0, 12.16.9". In case of SME in userspace, the Authentication frame body is prepared in userspace while the driver finalizes the Authentication frame once it receives the required fields and elements. The driver indicates support for EPPKE using the extended feature flag so that userspace can initiate EPPKE authentication. When the feature flag is set, process EPPKE Authentication frames from userspace in non-AP STA mode. If the flag is not set, reject EPPKE Authentication frames. Define a new authentication type NL80211_AUTHTYPE_EPPKE for EPPKE. Signed-off-by: Ainy Kumari <ainy.kumari@oss.qualcomm.com> Co-developed-by: Kavita Kavita <kavita.kavita@oss.qualcomm.com> Signed-off-by: Kavita Kavita <kavita.kavita@oss.qualcomm.com> Link: https://patch.msgid.link/20260114111900.2196941-2-kavita.kavita@oss.qualcomm.com Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/wireless')
-rw-r--r--net/wireless/nl80211.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 225580507a4b..8f3a27b7d4fd 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -6473,6 +6473,10 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
auth_type == NL80211_AUTHTYPE_FILS_PK))
return false;
+ if (!wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_EPPKE) &&
+ auth_type == NL80211_AUTHTYPE_EPPKE)
+ return false;
return true;
case NL80211_CMD_CONNECT:
if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
@@ -6490,6 +6494,10 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
auth_type == NL80211_AUTHTYPE_FILS_SK)
return false;
+ if (!wiphy_ext_feature_isset(&rdev->wiphy,
+ NL80211_EXT_FEATURE_EPPKE) &&
+ auth_type == NL80211_AUTHTYPE_EPPKE)
+ return false;
return true;
case NL80211_CMD_START_AP:
if (!wiphy_ext_feature_isset(&rdev->wiphy,
@@ -11956,7 +11964,8 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
if ((auth_type == NL80211_AUTHTYPE_SAE ||
auth_type == NL80211_AUTHTYPE_FILS_SK ||
auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
- auth_type == NL80211_AUTHTYPE_FILS_PK) &&
+ auth_type == NL80211_AUTHTYPE_FILS_PK ||
+ auth_type == NL80211_AUTHTYPE_EPPKE) &&
!info->attrs[NL80211_ATTR_AUTH_DATA])
return -EINVAL;
@@ -11964,7 +11973,8 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
if (auth_type != NL80211_AUTHTYPE_SAE &&
auth_type != NL80211_AUTHTYPE_FILS_SK &&
auth_type != NL80211_AUTHTYPE_FILS_SK_PFS &&
- auth_type != NL80211_AUTHTYPE_FILS_PK)
+ auth_type != NL80211_AUTHTYPE_FILS_PK &&
+ auth_type != NL80211_AUTHTYPE_EPPKE)
return -EINVAL;
req.auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]);
req.auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]);