nl80211: Introduce NL80211_MESH_SETUP_USERSPACE_AMPE

Introduce a new configuration option to support AMPE from userspace. Prior to this series we only supported authentication in userspace: an authentication daemon would authenticate peer candidates in userspace and hand them over to the kernel. From that point the mesh stack would take over and establish a peer link (Mesh Peering Management). These patches introduce support for Authenticated Mesh Peering Exchange in userspace. The userspace daemon implements the AMPE protocol and on successfull completion create mesh peers and install encryption keys. Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
author: Javier Cardona <javier@cozybit.com> 2011-05-03 19:57:07 -0400
committer: John W. Linville <linville@tuxdriver.com> 2011-05-11 14:37:47 -0400
commit: b130e5cec958bae3867cf6ab09a9b24ba8fada01 (patch)
tree: 945eca0ace3d299dfd83de7b7e13c60aa36ba2e9 /include
parent: f3a57fd148a4afd3c38f558c5b44972cb29ea8ba (diff)
2 files changed, 13 insertions, 1 deletions
diff --git a/include/linux/nl80211.h b/include/linux/nl80211.h
index a75dea9c416e..c53b916036c5 100644
--- a/include/linux/nl80211.h
+++ b/include/linux/nl80211.h
@@ -1769,6 +1769,15 @@ enum nl80211_meshconf_params {
 * @NL80211_MESH_SETUP_USERSPACE_AUTH: Enable this option if an authentication
 * daemon will be authenticating mesh candidates.
 *
+ * @NL80211_MESH_SETUP_USERSPACE_AMPE: Enable this option if an authentication
+ * daemon will be securing peer link frames.  AMPE is a secured version of Mesh
+ * Peering Management (MPM) and is implemented with the assistance of a
+ * userspace daemon.  When this flag is set, the kernel will send peer
+ * management frames to a userspace daemon that will implement AMPE
+ * functionality (security capabilities selection, key confirmation, and key
+ * management).  When the flag is unset (default), the kernel can autonomously
+ * complete (unsecured) mesh peering without the need of a userspace daemon.
+ *
 * @NL80211_MESH_SETUP_ATTR_MAX: highest possible mesh setup attribute number
 * @__NL80211_MESH_SETUP_ATTR_AFTER_LAST: Internal use
 */
@@ -1778,6 +1787,7 @@ enum nl80211_mesh_setup_params {
        NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC,
        NL80211_MESH_SETUP_IE,
        NL80211_MESH_SETUP_USERSPACE_AUTH,
+        NL80211_MESH_SETUP_USERSPACE_AMPE,
        /* keep last */
        __NL80211_MESH_SETUP_ATTR_AFTER_LAST,
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 0920daf36807..10c17d68059f 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -695,7 +695,8 @@ struct mesh_config {
 * @path_metric: which metric to use
 * @ie: vendor information elements (optional)
 * @ie_len: length of vendor information elements
- * @is_secure: or not
+ * @is_authenticated: this mesh requires authentication
+ * @is_secure: this mesh uses security
 *
 * These parameters are fixed when the mesh is created.
 */
@@ -706,6 +707,7 @@ struct mesh_setup {
        u8  path_metric;
        const u8 *ie;
        u8 ie_len;
+        bool is_authenticated;
        bool is_secure;
 };
author	Javier Cardona <javier@cozybit.com>	2011-05-03 19:57:07 -0400
committer	John W. Linville <linville@tuxdriver.com>	2011-05-11 14:37:47 -0400
commit	b130e5cec958bae3867cf6ab09a9b24ba8fada01 (patch)
tree	945eca0ace3d299dfd83de7b7e13c60aa36ba2e9 /include
parent	f3a57fd148a4afd3c38f558c5b44972cb29ea8ba (diff)