netdev
[Top] [All Lists]

[patch 13/13] WE-18 (aka WPA)

To: davem@xxxxxxxxxxxxx
Subject: [patch 13/13] WE-18 (aka WPA)
From: akpm@xxxxxxxx
Date: Tue, 15 Mar 2005 14:22:50 -0800
Cc: jgarzik@xxxxxxxxx, netdev@xxxxxxxxxxx, akpm@xxxxxxxx, jt@xxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
From: Jean Tourrilhes <jt@xxxxxxxxxx>

This is version 18 of the Wireless Extensions.  The main change is that it
adds all the necessary APIs for WPA and WPA2 support.  This work was
entirely done by Jouni Malinen, so let's thank him for both his hard work
and deep expertise on the subject ;-)

This APIs obviously doesn't do much by itself and works in concert with
driver support (Jouni already sent you the HostAP changes) and userspace
(Jouni is updating wpa_supplicant).  This is also orthogonal with the
ongoing work on in-kernel IEEE support (but potentially useful).

The patch is attached, tested with 2.6.11.  Normally, I would ask you to
push that directly in the kernel (99% of the patch has been on my web page
for ages and it does not affect non-WPA stuff), but Jouni convinced me that
it should bake a few weeks in wireless-2.6

Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

 25-akpm/include/linux/wireless.h |  283 ++++++++++++++++++++++++++++++++++++++-
 25-akpm/net/core/wireless.c      |   74 +++++++++-
 2 files changed, 352 insertions(+), 5 deletions(-)

diff -puN include/linux/wireless.h~we-18-aka-wpa include/linux/wireless.h
--- 25/include/linux/wireless.h~we-18-aka-wpa   Tue Mar 15 14:19:55 2005
+++ 25-akpm/include/linux/wireless.h    Tue Mar 15 14:19:55 2005
@@ -1,10 +1,10 @@
 /*
  * This file define a set of standard wireless extensions
  *
- * Version :   17      21.6.04
+ * Version :   18      12.3.05
  *
  * Authors :   Jean Tourrilhes - HPL - <jt@xxxxxxxxxx>
- * Copyright (c) 1997-2004 Jean Tourrilhes, All Rights Reserved.
+ * Copyright (c) 1997-2005 Jean Tourrilhes, All Rights Reserved.
  */
 
 #ifndef _LINUX_WIRELESS_H
@@ -82,7 +82,7 @@
  * (there is some stuff that will be added in the future...)
  * I just plan to increment with each new version.
  */
-#define WIRELESS_EXT   17
+#define WIRELESS_EXT   18
 
 /*
  * Changes :
@@ -182,6 +182,21 @@
  *     - Document (struct iw_quality *)->updated, add new flags (INVALID)
  *     - Wireless Event capability in struct iw_range
  *     - Add support for relative TxPower (yick !)
+ *
+ * V17 to V18 (From Jouni Malinen <jkmaline@xxxxxxxxx>)
+ * ----------
+ *     - Add support for WPA/WPA2
+ *     - Add extended encoding configuration (SIOCSIWENCODEEXT and
+ *       SIOCGIWENCODEEXT)
+ *     - Add SIOCSIWGENIE/SIOCGIWGENIE
+ *     - Add SIOCSIWMLME
+ *     - Add SIOCSIWPMKSA
+ *     - Add struct iw_range bit field for supported encoding capabilities
+ *     - Add optional scan request parameters for SIOCSIWSCAN
+ *     - Add SIOCSIWAUTH/SIOCGIWAUTH for setting authentication and WPA
+ *       related parameters (extensible up to 4096 parameter values)
+ *     - Add wireless events: IWEVGENIE, IWEVMICHAELMICFAILURE,
+ *       IWEVASSOCREQIE, IWEVASSOCRESPIE, IWEVPMKIDCAND
  */
 
 /**************************** CONSTANTS ****************************/
@@ -256,6 +271,30 @@
 #define SIOCSIWPOWER   0x8B2C          /* set Power Management settings */
 #define SIOCGIWPOWER   0x8B2D          /* get Power Management settings */
 
+/* WPA : Generic IEEE 802.11 informatiom element (e.g., for WPA/RSN/WMM).
+ * This ioctl uses struct iw_point and data buffer that includes IE id and len
+ * fields. More than one IE may be included in the request. Setting the generic
+ * IE to empty buffer (len=0) removes the generic IE from the driver. Drivers
+ * are allowed to generate their own WPA/RSN IEs, but in these cases, drivers
+ * are required to report the used IE as a wireless event, e.g., when
+ * associating with an AP. */
+#define SIOCSIWGENIE   0x8B30          /* set generic IE */
+#define SIOCGIWGENIE   0x8B31          /* get generic IE */
+
+/* WPA : IEEE 802.11 MLME requests */
+#define SIOCSIWMLME    0x8B16          /* request MLME operation; uses
+                                        * struct iw_mlme */
+/* WPA : Authentication mode parameters */
+#define SIOCSIWAUTH    0x8B32          /* set authentication mode params */
+#define SIOCGIWAUTH    0x8B33          /* get authentication mode params */
+
+/* WPA : Extended version of encoding configuration */
+#define SIOCSIWENCODEEXT 0x8B34                /* set encoding token & mode */
+#define SIOCGIWENCODEEXT 0x8B35                /* get encoding token & mode */
+
+/* WPA2 : PMKSA cache management */
+#define SIOCSIWPMKSA   0x8B36          /* PMKSA cache operation */
+
 /* -------------------- DEV PRIVATE IOCTL LIST -------------------- */
 
 /* These 32 ioctl are wireless device private, for 16 commands.
@@ -297,6 +336,34 @@
 #define IWEVCUSTOM     0x8C02          /* Driver specific ascii string */
 #define IWEVREGISTERED 0x8C03          /* Discovered a new node (AP mode) */
 #define IWEVEXPIRED    0x8C04          /* Expired a node (AP mode) */
+#define IWEVGENIE      0x8C05          /* Generic IE (WPA, RSN, WMM, ..)
+                                        * (scan results); This includes id and
+                                        * length fields. One IWEVGENIE may
+                                        * contain more than one IE. Scan
+                                        * results may contain one or more
+                                        * IWEVGENIE events. */
+#define IWEVMICHAELMICFAILURE 0x8C06   /* Michael MIC failure
+                                        * (struct iw_michaelmicfailure)
+                                        */
+#define IWEVASSOCREQIE 0x8C07          /* IEs used in (Re)Association Request.
+                                        * The data includes id and length
+                                        * fields and may contain more than one
+                                        * IE. This event is required in
+                                        * Managed mode if the driver
+                                        * generates its own WPA/RSN IE. This
+                                        * should be sent just before
+                                        * IWEVREGISTERED event for the
+                                        * association. */
+#define IWEVASSOCRESPIE        0x8C08          /* IEs used in (Re)Association
+                                        * Response. The data includes id and
+                                        * length fields and may contain more
+                                        * than one IE. This may be sent
+                                        * between IWEVASSOCREQIE and
+                                        * IWEVREGISTERED events for the
+                                        * association. */
+#define IWEVPMKIDCAND  0x8C09          /* PMKID candidate for RSN
+                                        * pre-authentication
+                                        * (struct iw_pmkid_cand) */
 
 #define IWEVFIRST      0x8C00
 
@@ -432,12 +499,94 @@
 #define IW_SCAN_THIS_MODE      0x0020  /* Scan only this Mode */
 #define IW_SCAN_ALL_RATE       0x0040  /* Scan all Bit-Rates */
 #define IW_SCAN_THIS_RATE      0x0080  /* Scan only this Bit-Rate */
+/* struct iw_scan_req scan_type */
+#define IW_SCAN_TYPE_ACTIVE 0
+#define IW_SCAN_TYPE_PASSIVE 1
 /* Maximum size of returned data */
 #define IW_SCAN_MAX_DATA       4096    /* In bytes */
 
 /* Max number of char in custom event - use multiple of them if needed */
 #define IW_CUSTOM_MAX          256     /* In bytes */
 
+/* Generic information element */
+#define IW_GENERIC_IE_MAX      1024
+
+/* MLME requests (SIOCSIWMLME / struct iw_mlme) */
+#define IW_MLME_DEAUTH         0
+#define IW_MLME_DISASSOC       1
+
+/* SIOCSIWAUTH/SIOCGIWAUTH struct iw_param flags */
+#define IW_AUTH_INDEX          0x0FFF
+#define IW_AUTH_FLAGS          0xF000
+/* SIOCSIWAUTH/SIOCGIWAUTH parameters (0 .. 4095)
+ * (IW_AUTH_INDEX mask in struct iw_param flags; this is the index of the
+ * parameter that is being set/get to; value will be read/written to
+ * struct iw_param value field) */
+#define IW_AUTH_WPA_VERSION            0
+#define IW_AUTH_CIPHER_PAIRWISE                1
+#define IW_AUTH_CIPHER_GROUP           2
+#define IW_AUTH_KEY_MGMT               3
+#define IW_AUTH_TKIP_COUNTERMEASURES   4
+#define IW_AUTH_DROP_UNENCRYPTED       5
+#define IW_AUTH_80211_AUTH_ALG         6
+#define IW_AUTH_WPA_ENABLED            7
+#define IW_AUTH_RX_UNENCRYPTED_EAPOL   8
+#define IW_AUTH_ROAMING_CONTROL                9
+#define IW_AUTH_PRIVACY_INVOKED                10
+
+/* IW_AUTH_WPA_VERSION values (bit field) */
+#define IW_AUTH_WPA_VERSION_DISABLED   0x00000001
+#define IW_AUTH_WPA_VERSION_WPA                0x00000002
+#define IW_AUTH_WPA_VERSION_WPA2       0x00000004
+
+/* IW_AUTH_PAIRWISE_CIPHER and IW_AUTH_GROUP_CIPHER values (bit field) */
+#define IW_AUTH_CIPHER_NONE    0x00000001
+#define IW_AUTH_CIPHER_WEP40   0x00000002
+#define IW_AUTH_CIPHER_TKIP    0x00000004
+#define IW_AUTH_CIPHER_CCMP    0x00000008
+#define IW_AUTH_CIPHER_WEP104  0x00000010
+
+/* IW_AUTH_KEY_MGMT values (bit field) */
+#define IW_AUTH_KEY_MGMT_802_1X        1
+#define IW_AUTH_KEY_MGMT_PSK   2
+
+/* IW_AUTH_80211_AUTH_ALG values (bit field) */
+#define IW_AUTH_ALG_OPEN_SYSTEM        0x00000001
+#define IW_AUTH_ALG_SHARED_KEY 0x00000002
+#define IW_AUTH_ALG_LEAP       0x00000004
+
+/* IW_AUTH_ROAMING_CONTROL values */
+#define IW_AUTH_ROAMING_ENABLE 0       /* driver/firmware based roaming */
+#define IW_AUTH_ROAMING_DISABLE        1       /* user space program used for 
roaming
+                                        * control */
+
+/* SIOCSIWENCODEEXT definitions */
+#define IW_ENCODE_SEQ_MAX_SIZE 8
+/* struct iw_encode_ext ->alg */
+#define IW_ENCODE_ALG_NONE     0
+#define IW_ENCODE_ALG_WEP      1
+#define IW_ENCODE_ALG_TKIP     2
+#define IW_ENCODE_ALG_CCMP     3
+/* struct iw_encode_ext ->ext_flags */
+#define IW_ENCODE_EXT_TX_SEQ_VALID     0x00000001
+#define IW_ENCODE_EXT_RX_SEQ_VALID     0x00000002
+#define IW_ENCODE_EXT_GROUP_KEY                0x00000004
+#define IW_ENCODE_EXT_SET_TX_KEY       0x00000008
+
+/* IWEVMICHAELMICFAILURE : struct iw_michaelmicfailure ->flags */
+#define IW_MICFAILURE_KEY_ID   0x00000003 /* Key ID 0..3 */
+#define IW_MICFAILURE_GROUP    0x00000004
+#define IW_MICFAILURE_PAIRWISE 0x00000008
+#define IW_MICFAILURE_STAKEY   0x00000010
+#define IW_MICFAILURE_COUNT    0x00000060 /* 1 or 2 (0 = count not supported)
+                                           */
+
+/* Bit field values for enc_capa in struct iw_range */
+#define IW_ENC_CAPA_WPA                0x00000001
+#define IW_ENC_CAPA_WPA2       0x00000002
+#define IW_ENC_CAPA_CIPHER_TKIP        0x00000004
+#define IW_ENC_CAPA_CIPHER_CCMP        0x00000008
+
 /* Event capability macros - in (struct iw_range *)->event_capa
  * Because we have more than 32 possible events, we use an array of
  * 32 bit bitmasks. Note : 32 bits = 0x20 = 2^5. */
@@ -546,6 +695,132 @@ struct    iw_thrspy
        struct iw_quality       high;           /* High threshold */
 };
 
+/*
+ *     Optional data for scan request
+ *
+ *     Note: these optional parameters are controlling parameters for the
+ *     scanning behavior, these do not apply to getting scan results
+ *     (SIOCGIWSCAN). Drivers are expected to keep a local BSS table and
+ *     provide a merged results with all BSSes even if the previous scan
+ *     request limited scanning to a subset, e.g., by specifying an SSID.
+ *     Especially, scan results are required to include an entry for the
+ *     current BSS if the driver is in Managed mode and associated with an AP.
+ */
+struct iw_scan_req
+{
+       __u8            scan_type; /* IW_SCAN_TYPE_{ACTIVE,PASSIVE} */
+       __u8            essid_len;
+       __u8            num_channels; /* num entries in channel_list;
+                                      * 0 = scan all allowed channels */
+       __u8            flags; /* reserved as padding; use zero, this may
+                               * be used in the future for adding flags
+                               * to request different scan behavior */
+       struct sockaddr bssid; /* ff:ff:ff:ff:ff:ff for broadcast BSSID or
+                               * individual address of a specific BSS */
+
+       /*
+        * Use this ESSID if IW_SCAN_THIS_ESSID flag is used instead of using
+        * the current ESSID. This allows scan requests for specific ESSID
+        * without having to change the current ESSID and potentially breaking
+        * the current association.
+        */
+       __u8            essid[IW_ESSID_MAX_SIZE];
+
+       /*
+        * Optional parameters for changing the default scanning behavior.
+        * These are based on the MLME-SCAN.request from IEEE Std 802.11.
+        * TU is 1.024 ms. If these are set to 0, driver is expected to use
+        * reasonable default values. min_channel_time defines the time that
+        * will be used to wait for the first reply on each channel. If no
+        * replies are received, next channel will be scanned after this. If
+        * replies are received, total time waited on the channel is defined by
+        * max_channel_time.
+        */
+       __u32           min_channel_time; /* in TU */
+       __u32           max_channel_time; /* in TU */
+
+       struct iw_freq  channel_list[IW_MAX_FREQUENCIES];
+};
+
+/* ------------------------- WPA SUPPORT ------------------------- */
+
+/*
+ *     Extended data structure for get/set encoding (this is used with
+ *     SIOCSIWENCODEEXT/SIOCGIWENCODEEXT. struct iw_point and IW_ENCODE_*
+ *     flags are used in the same way as with SIOCSIWENCODE/SIOCGIWENCODE and
+ *     only the data contents changes (key data -> this structure, including
+ *     key data).
+ *
+ *     If the new key is the first group key, it will be set as the default
+ *     TX key. Otherwise, default TX key index is only changed if
+ *     IW_ENCODE_EXT_SET_TX_KEY flag is set.
+ *
+ *     Key will be changed with SIOCSIWENCODEEXT in all cases except for
+ *     special "change TX key index" operation which is indicated by setting
+ *     key_len = 0 and ext_flags |= IW_ENCODE_EXT_SET_TX_KEY.
+ *
+ *     tx_seq/rx_seq are only used when respective
+ *     IW_ENCODE_EXT_{TX,RX}_SEQ_VALID flag is set in ext_flags. Normal
+ *     TKIP/CCMP operation is to set RX seq with SIOCSIWENCODEEXT and start
+ *     TX seq from zero whenever key is changed. SIOCGIWENCODEEXT is normally
+ *     used only by an Authenticator (AP or an IBSS station) to get the
+ *     current TX sequence number. Using TX_SEQ_VALID for SIOCSIWENCODEEXT and
+ *     RX_SEQ_VALID for SIOCGIWENCODEEXT are optional, but can be useful for
+ *     debugging/testing.
+ */
+struct iw_encode_ext
+{
+       __u32           ext_flags; /* IW_ENCODE_EXT_* */
+       __u8            tx_seq[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */
+       __u8            rx_seq[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */
+       struct sockaddr addr; /* ff:ff:ff:ff:ff:ff for broadcast/multicast
+                              * (group) keys or unicast address for
+                              * individual keys */
+       __u16           alg; /* IW_ENCODE_ALG_* */
+       __u16           key_len;
+       __u8            key[0];
+};
+
+/* SIOCSIWMLME data */
+struct iw_mlme
+{
+       __u16           cmd; /* IW_MLME_* */
+       __u16           reason_code;
+       struct sockaddr addr;
+};
+
+/* SIOCSIWPMKSA data */
+#define IW_PMKSA_ADD           1
+#define IW_PMKSA_REMOVE                2
+#define IW_PMKSA_FLUSH         3
+
+#define IW_PMKID_LEN   16
+
+struct iw_pmksa
+{
+       __u32           cmd; /* IW_PMKSA_* */
+       struct sockaddr bssid;
+       __u8            pmkid[IW_PMKID_LEN];
+};
+
+/* IWEVMICHAELMICFAILURE data */
+struct iw_michaelmicfailure
+{
+       __u32           flags;
+       struct sockaddr src_addr;
+       __u8            tsc[IW_ENCODE_SEQ_MAX_SIZE]; /* LSB first */
+};
+
+/* IWEVPMKIDCAND data */
+#define IW_PMKID_CAND_PREAUTH  0x00000001 /* RNS pre-authentication enabled */
+struct iw_pmkid_cand
+{
+       __u32           flags; /* IW_PMKID_CAND_* */
+       __u32           index; /* the smaller the index, the higher the
+                               * priority */
+       struct sockaddr bssid;
+};
+
 /* ------------------------ WIRELESS STATS ------------------------ */
 /*
  * Wireless statistics (used for /proc/net/wireless)
@@ -725,6 +1000,8 @@ struct     iw_range
        struct iw_freq  freq[IW_MAX_FREQUENCIES];       /* list */
        /* Note : this frequency list doesn't need to fit channel numbers,
         * because each entry contain its channel index */
+
+       __u32           enc_capa; /* IW_ENC_CAPA_* bit field */
 };
 
 /*
diff -puN net/core/wireless.c~we-18-aka-wpa net/core/wireless.c
--- 25/net/core/wireless.c~we-18-aka-wpa        Tue Mar 15 14:19:55 2005
+++ 25-akpm/net/core/wireless.c Tue Mar 15 14:19:55 2005
@@ -2,7 +2,7 @@
  * This file implement the Wireless Extensions APIs.
  *
  * Authors :   Jean Tourrilhes - HPL - <jt@xxxxxxxxxx>
- * Copyright (c) 1997-2004 Jean Tourrilhes, All Rights Reserved.
+ * Copyright (c) 1997-2005 Jean Tourrilhes, All Rights Reserved.
  *
  * (As all part of the Linux kernel, this file is GPL)
  */
@@ -187,6 +187,12 @@ static const struct iw_ioctl_description
                .header_type    = IW_HEADER_TYPE_ADDR,
                .flags          = IW_DESCR_FLAG_DUMP,
        },
+       [SIOCSIWMLME    - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .min_tokens     = sizeof(struct iw_mlme),
+               .max_tokens     = sizeof(struct iw_mlme),
+       },
        [SIOCGIWAPLIST  - SIOCIWFIRST] = {
                .header_type    = IW_HEADER_TYPE_POINT,
                .token_size     = sizeof(struct sockaddr) +
@@ -195,7 +201,10 @@ static const struct iw_ioctl_description
                .flags          = IW_DESCR_FLAG_NOMAX,
        },
        [SIOCSIWSCAN    - SIOCIWFIRST] = {
-               .header_type    = IW_HEADER_TYPE_PARAM,
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .min_tokens     = 0,
+               .max_tokens     = sizeof(struct iw_scan_req),
        },
        [SIOCGIWSCAN    - SIOCIWFIRST] = {
                .header_type    = IW_HEADER_TYPE_POINT,
@@ -273,6 +282,42 @@ static const struct iw_ioctl_description
        [SIOCGIWPOWER   - SIOCIWFIRST] = {
                .header_type    = IW_HEADER_TYPE_PARAM,
        },
+       [SIOCSIWGENIE   - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = IW_GENERIC_IE_MAX,
+       },
+       [SIOCGIWGENIE   - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = IW_GENERIC_IE_MAX,
+       },
+       [SIOCSIWAUTH    - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_PARAM,
+       },
+       [SIOCGIWAUTH    - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_PARAM,
+       },
+       [SIOCSIWENCODEEXT - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .min_tokens     = sizeof(struct iw_encode_ext),
+               .max_tokens     = sizeof(struct iw_encode_ext) +
+                                 IW_ENCODING_TOKEN_MAX,
+       },
+       [SIOCGIWENCODEEXT - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .min_tokens     = sizeof(struct iw_encode_ext),
+               .max_tokens     = sizeof(struct iw_encode_ext) +
+                                 IW_ENCODING_TOKEN_MAX,
+       },
+       [SIOCSIWPMKSA - SIOCIWFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .min_tokens     = sizeof(struct iw_pmksa),
+               .max_tokens     = sizeof(struct iw_pmksa),
+       },
 };
 static const int standard_ioctl_num = (sizeof(standard_ioctl) /
                                       sizeof(struct iw_ioctl_description));
@@ -299,6 +344,31 @@ static const struct iw_ioctl_description
        [IWEVEXPIRED    - IWEVFIRST] = {
                .header_type    = IW_HEADER_TYPE_ADDR, 
        },
+       [IWEVGENIE      - IWEVFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = IW_GENERIC_IE_MAX,
+       },
+       [IWEVMICHAELMICFAILURE  - IWEVFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = sizeof(struct iw_michaelmicfailure),
+       },
+       [IWEVASSOCREQIE - IWEVFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = IW_GENERIC_IE_MAX,
+       },
+       [IWEVASSOCRESPIE        - IWEVFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = IW_GENERIC_IE_MAX,
+       },
+       [IWEVPMKIDCAND  - IWEVFIRST] = {
+               .header_type    = IW_HEADER_TYPE_POINT,
+               .token_size     = 1,
+               .max_tokens     = sizeof(struct iw_pmkid_cand),
+       },
 };
 static const int standard_event_num = (sizeof(standard_event) /
                                       sizeof(struct iw_ioctl_description));
_

<Prev in Thread] Current Thread [Next in Thread>