cfg80211: connect/disconnect API

This patch introduces the cfg80211 connect/disconnect API.
The goal here is to run the AUTH and ASSOC steps in one call.
This is needed for some fullmac cards that run both steps
directly from the target, after the host driver sends a
connect command.

Additionally, all the new crypto parameters for connect()
are now also valid for associate() -- although associate
requires the IEs to be used, the information can be useful
for drivers and should be given.

Signed-off-by: Samuel Ortiz <samuel.ortiz@intel.com>
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

2 files changed, 209 insertions, 6 deletions

diff --git a/include/linux/nl80211.h b/include/linux/nl80211.h
index 651b18839088..b34c17f52f3e 100644
--- a/include/linux/nl80211.h
+++ b/include/linux/nl80211.h
@@ -246,6 +246,22 @@
  *      to identify the device, and the TESTDATA blob attribute to pass through
  *      to the driver.
  *
+ * @NL80211_CMD_CONNECT: connection request and notification; this command
+ *      requests to connect to a specified network but without separating
+ *      auth and assoc steps. For this, you need to specify the SSID in a
+ *      %NL80211_ATTR_SSID attribute, and can optionally specify the association
+ *      IEs in %NL80211_ATTR_IE, %NL80211_ATTR_AUTH_TYPE, %NL80211_ATTR_MAC,
+ *      %NL80211_ATTR_WIPHY_FREQ and %NL80211_ATTR_CONTROL_PORT.
+ *      It is also sent as an event, with the BSSID and response IEs when the
+ *      connection is established or failed to be established. This can be
+ *      determined by the STATUS_CODE attribute.
+ * @NL80211_CMD_ROAM: request that the card roam (currently not implemented),
+ *      sent as an event when the card/driver roamed by itself.
+ * @NL80211_CMD_DISCONNECT: drop a given connection; also used to notify
+ *      userspace that a connection was dropped by the AP or due to other
+ *      reasons, for this the %NL80211_ATTR_DISCONNECTED_BY_AP and
+ *      %NL80211_ATTR_REASON_CODE attributes are used.
+ *
  * @NL80211_CMD_MAX: highest used command number
  * @__NL80211_CMD_AFTER_LAST: internal use
  */
@@ -316,6 +332,10 @@ enum nl80211_commands {
 
         NL80211_CMD_TESTMODE,
 
+        NL80211_CMD_CONNECT,
+        NL80211_CMD_ROAM,
+        NL80211_CMD_DISCONNECT,
+
         /* add new commands above here */
 
         /* used to define NL80211_CMD_MAX below */
@@ -520,6 +540,30 @@ enum nl80211_commands {
  * @NL80211_ATTR_TESTDATA: Testmode data blob, passed through to the driver.
  *      We recommend using nested, driver-specific attributes within this.
  *
+ * @NL80211_ATTR_DISCONNECTED_BY_AP: A flag indicating that the DISCONNECT
+ *      event was due to the AP disconnecting the station, and not due to
+ *      a local disconnect request.
+ * @NL80211_ATTR_STATUS_CODE: StatusCode for the %NL80211_CMD_CONNECT
+ *      event (u16)
+ * @NL80211_ATTR_PRIVACY: Flag attribute, used with connect(), indicating
+ *      that protected APs should be used.
+ *
+ * @NL80211_ATTR_CIPHERS_PAIRWISE: Used with CONNECT and ASSOCIATE to
+ *      indicate which unicast key ciphers will be used with the connection
+ *      (an array of u32).
+ * @NL80211_ATTR_CIPHER_GROUP: Used with CONNECT and ASSOCIATE to indicate
+ *      which group key cipher will be used with the connection (a u32).
+ * @NL80211_ATTR_WPA_VERSIONS: Used with CONNECT and ASSOCIATE to indicate
+ *      which WPA version(s) the AP we want to associate with is using
+ *      (a u32 with flags from &enum nl80211_wpa_versions).
+ * @NL80211_ATTR_AKM_SUITES: Used with CONNECT and ASSOCIATE to indicate
+ *      which key management algorithm(s) to use (an array of u32).
+ *
+ * @NL80211_ATTR_REQ_IE: (Re)association request information elements as
+ *      sent out by the card, for ROAM and successful CONNECT events.
+ * @NL80211_ATTR_RESP_IE: (Re)association response information elements as
+ *      sent by peer, for ROAM and successful CONNECT events.
+ *
  * @NL80211_ATTR_MAX: highest attribute number currently defined
  * @__NL80211_ATTR_AFTER_LAST: internal use
  */
@@ -630,6 +674,19 @@ enum nl80211_attrs {
 
         NL80211_ATTR_TESTDATA,
 
+        NL80211_ATTR_PRIVACY,
+
+        NL80211_ATTR_DISCONNECTED_BY_AP,
+        NL80211_ATTR_STATUS_CODE,
+
+        NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
+        NL80211_ATTR_CIPHER_SUITE_GROUP,
+        NL80211_ATTR_WPA_VERSIONS,
+        NL80211_ATTR_AKM_SUITES,
+
+        NL80211_ATTR_REQ_IE,
+        NL80211_ATTR_RESP_IE,
+
         /* add attributes here, update the policy in nl80211.c */
 
         __NL80211_ATTR_AFTER_LAST,
@@ -640,6 +697,7 @@ enum nl80211_attrs {
  * Allow user space programs to use #ifdef on new attributes by defining them
  * here
  */
+#define NL80211_CMD_CONNECT NL80211_CMD_CONNECT
 #define NL80211_ATTR_HT_CAPABILITY NL80211_ATTR_HT_CAPABILITY
 #define NL80211_ATTR_BSS_BASIC_RATES NL80211_ATTR_BSS_BASIC_RATES
 #define NL80211_ATTR_WIPHY_TXQ_PARAMS NL80211_ATTR_WIPHY_TXQ_PARAMS
@@ -653,6 +711,10 @@ enum nl80211_attrs {
 #define NL80211_ATTR_SSID NL80211_ATTR_SSID
 #define NL80211_ATTR_AUTH_TYPE NL80211_ATTR_AUTH_TYPE
 #define NL80211_ATTR_REASON_CODE NL80211_ATTR_REASON_CODE
+#define NL80211_ATTR_CIPHER_SUITES_PAIRWISE NL80211_ATTR_CIPHER_SUITES_PAIRWISE
+#define NL80211_ATTR_CIPHER_SUITE_GROUP NL80211_ATTR_CIPHER_SUITE_GROUP
+#define NL80211_ATTR_WPA_VERSIONS NL80211_ATTR_WPA_VERSIONS
+#define NL80211_ATTR_AKM_SUITES NL80211_ATTR_AKM_SUITES
 
 #define NL80211_MAX_SUPP_RATES                  32
 #define NL80211_MAX_SUPP_REG_RULES              32
@@ -661,6 +723,9 @@ enum nl80211_attrs {
 #define NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY     24
 #define NL80211_HT_CAPABILITY_LEN               26
 
+#define NL80211_MAX_NR_CIPHER_SUITES            5
+#define NL80211_MAX_NR_AKM_SUITES               2
+
 /**
  * enum nl80211_iftype - (virtual) interface types
  *
@@ -1205,12 +1270,22 @@ enum nl80211_bss {
  * @NL80211_AUTHTYPE_SHARED_KEY: Shared Key authentication (WEP only)
  * @NL80211_AUTHTYPE_FT: Fast BSS Transition (IEEE 802.11r)
  * @NL80211_AUTHTYPE_NETWORK_EAP: Network EAP (some Cisco APs and mainly LEAP)
+ * @__NL80211_AUTHTYPE_NUM: internal
+ * @NL80211_AUTHTYPE_MAX: maximum valid auth algorithm
+ * @NL80211_AUTHTYPE_AUTOMATIC: determine automatically (if necessary by
+ *      trying multiple times); this is invalid in netlink -- leave out
+ *      the attribute for this on CONNECT commands.
  */
 enum nl80211_auth_type {
         NL80211_AUTHTYPE_OPEN_SYSTEM,
         NL80211_AUTHTYPE_SHARED_KEY,
         NL80211_AUTHTYPE_FT,
         NL80211_AUTHTYPE_NETWORK_EAP,
+
+        /* keep last */
+        __NL80211_AUTHTYPE_NUM,
+        NL80211_AUTHTYPE_MAX = __NL80211_AUTHTYPE_NUM - 1,
+        NL80211_AUTHTYPE_AUTOMATIC
 };
 
 /**
@@ -1235,4 +1310,9 @@ enum nl80211_mfp {
         NL80211_MFP_REQUIRED,
 };
 
+enum nl80211_wpa_versions {
+        NL80211_WPA_VERSION_1 = 1 << 0,
+        NL80211_WPA_VERSION_2 = 1 << 1,
+};
+
 #endif /* __LINUX_NL80211_H */
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 885d4e5bc4b5..68e11321ed74 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -605,6 +605,30 @@ struct cfg80211_bss {
 };
 
 /**
+ * struct cfg80211_crypto_settings - Crypto settings
+ * @wpa_versions: indicates which, if any, WPA versions are enabled
+ *      (from enum nl80211_wpa_versions)
+ * @cipher_group: group key cipher suite (or 0 if unset)
+ * @n_ciphers_pairwise: number of AP supported unicast ciphers
+ * @ciphers_pairwise: unicast key cipher suites
+ * @n_akm_suites: number of AKM suites
+ * @akm_suites: AKM suites
+ * @control_port: Whether user space controls IEEE 802.1X port, i.e.,
+ *      sets/clears %NL80211_STA_FLAG_AUTHORIZED. If true, the driver is
+ *      required to assume that the port is unauthorized until authorized by
+ *      user space. Otherwise, port is marked authorized by default.
+ */
+struct cfg80211_crypto_settings {
+        u32 wpa_versions;
+        u32 cipher_group;
+        int n_ciphers_pairwise;
+        u32 ciphers_pairwise[NL80211_MAX_NR_CIPHER_SUITES];
+        int n_akm_suites;
+        u32 akm_suites[NL80211_MAX_NR_AKM_SUITES];
+        bool control_port;
+};
+
+/**
  * struct cfg80211_auth_request - Authentication request data
  *
  * This structure provides information needed to complete IEEE 802.11
@@ -658,10 +682,7 @@ struct cfg80211_auth_request {
  * @ie: Extra IEs to add to (Re)Association Request frame or %NULL
  * @ie_len: Length of ie buffer in octets
  * @use_mfp: Use management frame protection (IEEE 802.11w) in this association
- * @control_port: Whether user space controls IEEE 802.1X port, i.e.,
- *      sets/clears %NL80211_STA_FLAG_AUTHORIZED. If true, the driver is
- *      required to assume that the port is unauthorized until authorized by
- *      user space. Otherwise, port is marked authorized by default.
+ * @crypto: crypto settings
  */
 struct cfg80211_assoc_request {
         struct ieee80211_channel *chan;
@@ -671,7 +692,7 @@ struct cfg80211_assoc_request {
         const u8 *ie;
         size_t ie_len;
         bool use_mfp;
-        bool control_port;
+        struct cfg80211_crypto_settings crypto;
 };
 
 /**
@@ -738,6 +759,36 @@ struct cfg80211_ibss_params {
 };
 
 /**
+ * struct cfg80211_connect_params - Connection parameters
+ *
+ * This structure provides information needed to complete IEEE 802.11
+ * authentication and association.
+ *
+ * @channel: The channel to use or %NULL if not specified (auto-select based
+ *      on scan results)
+ * @bssid: The AP BSSID or %NULL if not specified (auto-select based on scan
+ *      results)
+ * @ssid: SSID
+ * @ssid_len: Length of ssid in octets
+ * @auth_type: Authentication type (algorithm)
+ * @assoc_ie: IEs for association request
+ * @assoc_ie_len: Length of assoc_ie in octets
+ * @privacy: indicates whether privacy-enabled APs should be used
+ * @crypto: crypto settings
+ */
+struct cfg80211_connect_params {
+        struct ieee80211_channel *channel;
+        u8 *bssid;
+        u8 *ssid;
+        size_t ssid_len;
+        enum nl80211_auth_type auth_type;
+        u8 *ie;
+        size_t ie_len;
+        bool privacy;
+        struct cfg80211_crypto_settings crypto;
+};
+
+/**
  * enum wiphy_params_flags - set_wiphy_params bitfield values
  * WIPHY_PARAM_RETRY_SHORT: wiphy->retry_short has changed
  * WIPHY_PARAM_RETRY_LONG: wiphy->retry_long has changed
@@ -841,6 +892,12 @@ enum tx_power_setting {
  * @deauth: Request to deauthenticate from the specified peer
  * @disassoc: Request to disassociate from the specified peer
  *
+ * @connect: Connect to the ESS with the specified parameters. When connected,
+ *      call cfg80211_connect_result() with status code %WLAN_STATUS_SUCCESS.
+ *      If the connection fails for some reason, call cfg80211_connect_result()
+ *      with the status from the AP.
+ * @disconnect: Disconnect from the BSS/ESS.
+ *
  * @join_ibss: Join the specified IBSS (or create if necessary). Once done, call
  *      cfg80211_ibss_joined(), also call that function when changing BSSID due
  *      to a merge.
@@ -946,6 +1003,11 @@ struct cfg80211_ops {
         int     (*disassoc)(struct wiphy *wiphy, struct net_device *dev,
                             struct cfg80211_disassoc_request *req);
 
+        int     (*connect)(struct wiphy *wiphy, struct net_device *dev,
+                           struct cfg80211_connect_params *sme);
+        int     (*disconnect)(struct wiphy *wiphy, struct net_device *dev,
+                              u16 reason_code);
+
         int     (*join_ibss)(struct wiphy *wiphy, struct net_device *dev,
                              struct cfg80211_ibss_params *params);
         int     (*leave_ibss)(struct wiphy *wiphy, struct net_device *dev);
@@ -1174,10 +1236,15 @@ struct wireless_dev {
         struct list_head list;
         struct net_device *netdev;
 
-        /* currently used for IBSS - might be rearranged in the future */
+        /* currently used for IBSS and SME - might be rearranged later */
         struct cfg80211_bss *current_bss;
         u8 ssid[IEEE80211_MAX_SSID_LEN];
         u8 ssid_len;
+        enum {
+                CFG80211_SME_IDLE,
+                CFG80211_SME_CONNECTING, /* ->connect called */
+                CFG80211_SME_CONNECTED,
+        } sme_state;
 
 #ifdef CONFIG_WIRELESS_EXT
         /* wext data */
@@ -1788,4 +1855,60 @@ void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp);
 #define CFG80211_TESTMODE_CMD(cmd)
 #endif
 
+/**
+ * cfg80211_connect_result - notify cfg80211 of connection result
+ *
+ * @dev: network device
+ * @bssid: the BSSID of the AP
+ * @req_ie: association request IEs (maybe be %NULL)
+ * @req_ie_len: association request IEs length
+ * @resp_ie: association response IEs (may be %NULL)
+ * @resp_ie_len: assoc response IEs length
+ * @status: status code, 0 for successful connection, use
+ *      %WLAN_STATUS_UNSPECIFIED_FAILURE if your device cannot give you
+ *      the real status code for failures.
+ * @gfp: allocation flags
+ *
+ * It should be called by the underlying driver whenever connect() has
+ * succeeded.
+ */
+void cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
+                             const u8 *req_ie, size_t req_ie_len,
+                             const u8 *resp_ie, size_t resp_ie_len,
+                             u16 status, gfp_t gfp);
+
+/**
+ * cfg80211_roamed - notify cfg80211 of roaming
+ *
+ * @dev: network device
+ * @bssid: the BSSID of the new AP
+ * @req_ie: association request IEs (maybe be %NULL)
+ * @req_ie_len: association request IEs length
+ * @resp_ie: association response IEs (may be %NULL)
+ * @resp_ie_len: assoc response IEs length
+ * @gfp: allocation flags
+ *
+ * It should be called by the underlying driver whenever it roamed
+ * from one AP to another while connected.
+ */
+void cfg80211_roamed(struct net_device *dev, const u8 *bssid,
+                     const u8 *req_ie, size_t req_ie_len,
+                     const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp);
+
+/**
+ * cfg80211_disconnected - notify cfg80211 that connection was dropped
+ *
+ * @dev: network device
+ * @ie: information elements of the deauth/disassoc frame (may be %NULL)
+ * @ie_len: length of IEs
+ * @reason: reason code for the disconnection, set it to 0 if unknown
+ * @gfp: allocation flags
+ *
+ * After it calls this function, the driver should enter an idle state
+ * and not try to connect to any AP any more.
+ */
+void cfg80211_disconnected(struct net_device *dev, u16 reason,
+                           u8 *ie, size_t ie_len, gfp_t gfp);
+
+
 #endif /* __NET_CFG80211_H */