4 * Copyright 2008, 2009 Luis R. Rodriguez <lrodriguez@atheros.com>
5 * Copyright 2008 Jouni Malinen <jouni.malinen@atheros.com>
6 * Copyright 2008 Colin McCabe <colin@cozybit.com>
7 - * Copyright 2015 Intel Deutschland GmbH
8 + * Copyright 2015-2017 Intel Deutschland GmbH
10 * Permission to use, copy, modify, and/or distribute this software for any
11 * purpose with or without fee is hereby granted, provided that the above
16 + * DOC: WPA/WPA2 EAPOL handshake offload
18 + * By setting @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK flag drivers
19 + * can indicate they support offloading EAPOL handshakes for WPA/WPA2
20 + * preshared key authentication. In %NL80211_CMD_CONNECT the preshared
21 + * key should be specified using %NL80211_ATTR_PMK. Drivers supporting
22 + * this offload may reject the %NL80211_CMD_CONNECT when no preshared
23 + * key material is provided, for example when that driver does not
24 + * support setting the temporal keys through %CMD_NEW_KEY.
26 + * Similarly @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X flag can be
27 + * set by drivers indicating offload support of the PTK/GTK EAPOL
28 + * handshakes during 802.1X authentication. In order to use the offload
29 + * the %NL80211_CMD_CONNECT should have %NL80211_ATTR_WANT_1X_4WAY_HS
30 + * attribute flag. Drivers supporting this offload may reject the
31 + * %NL80211_CMD_CONNECT when the attribute flag is not present.
33 + * For 802.1X the PMK or PMK-R0 are set by providing %NL80211_ATTR_PMK
34 + * using %NL80211_CMD_SET_PMK. For offloaded FT support also
35 + * %NL80211_ATTR_PMKR0_NAME must be provided.
39 + * DOC: FILS shared key authentication offload
41 + * FILS shared key authentication offload can be advertized by drivers by
42 + * setting @NL80211_EXT_FEATURE_FILS_SK_OFFLOAD flag. The drivers that support
43 + * FILS shared key authentication offload should be able to construct the
44 + * authentication and association frames for FILS shared key authentication and
45 + * eventually do a key derivation as per IEEE 802.11ai. The below additional
46 + * parameters should be given to driver in %NL80211_CMD_CONNECT.
47 + * %NL80211_ATTR_FILS_ERP_USERNAME - used to construct keyname_nai
48 + * %NL80211_ATTR_FILS_ERP_REALM - used to construct keyname_nai
49 + * %NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM - used to construct erp message
50 + * %NL80211_ATTR_FILS_ERP_RRK - used to generate the rIK and rMSK
51 + * rIK should be used to generate an authentication tag on the ERP message and
52 + * rMSK should be used to derive a PMKSA.
53 + * rIK, rMSK should be generated and keyname_nai, sequence number should be used
54 + * as specified in IETF RFC 6696.
56 + * When FILS shared key authentication is completed, driver needs to provide the
57 + * below additional parameters to userspace.
58 + * %NL80211_ATTR_FILS_KEK - used for key renewal
59 + * %NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM - used in further EAP-RP exchanges
60 + * %NL80211_ATTR_PMKID - used to identify the PMKSA used/generated
61 + * %Nl80211_ATTR_PMK - used to update PMKSA cache in userspace
62 + * The PMKSA can be maintained in userspace persistently so that it can be used
63 + * later after reboots or wifi turn off/on also.
65 + * %NL80211_ATTR_FILS_CACHE_ID is the cache identifier advertized by a FILS
66 + * capable AP supporting PMK caching. It specifies the scope within which the
67 + * PMKSAs are cached in an ESS. %NL80211_CMD_SET_PMKSA and
68 + * %NL80211_CMD_DEL_PMKSA are enhanced to allow support for PMKSA caching based
69 + * on FILS cache identifier. Additionally %NL80211_ATTR_PMK is used with
70 + * %NL80211_SET_PMKSA to specify the PMK corresponding to a PMKSA for driver to
71 + * use in a FILS shared key connection with PMKSA caching.
75 * enum nl80211_commands - supported nl80211 commands
77 * @NL80211_CMD_UNSPEC: unspecified command to catch errors
79 * @NL80211_CMD_GET_SCAN: get scan results
80 * @NL80211_CMD_TRIGGER_SCAN: trigger a new scan with the given parameters
81 * %NL80211_ATTR_TX_NO_CCK_RATE is used to decide whether to send the
82 - * probe requests at CCK rate or not. %NL80211_ATTR_MAC can be used to
83 + * probe requests at CCK rate or not. %NL80211_ATTR_BSSID can be used to
84 * specify a BSSID to scan for; if not included, the wildcard BSSID will
86 * @NL80211_CMD_NEW_SCAN_RESULTS: scan notification (as a reply to
88 * are used. Extra IEs can also be passed from the userspace by
89 * using the %NL80211_ATTR_IE attribute. The first cycle of the
90 * scheduled scan can be delayed by %NL80211_ATTR_SCHED_SCAN_DELAY
92 + * is supplied. If the device supports multiple concurrent scheduled
93 + * scans, it will allow such when the caller provides the flag attribute
94 + * %NL80211_ATTR_SCHED_SCAN_MULTI to indicate user-space support for it.
95 * @NL80211_CMD_STOP_SCHED_SCAN: stop a scheduled scan. Returns -ENOENT if
96 * scheduled scan is not running. The caller may assume that as soon
97 * as the call returns, it is safe to start a new scheduled scan again.
99 * @NL80211_CMD_NEW_SURVEY_RESULTS: survey data notification (as a reply to
100 * NL80211_CMD_GET_SURVEY and on the "scan" multicast group)
102 - * @NL80211_CMD_SET_PMKSA: Add a PMKSA cache entry, using %NL80211_ATTR_MAC
103 - * (for the BSSID) and %NL80211_ATTR_PMKID.
104 + * @NL80211_CMD_SET_PMKSA: Add a PMKSA cache entry using %NL80211_ATTR_MAC
105 + * (for the BSSID), %NL80211_ATTR_PMKID, and optionally %NL80211_ATTR_PMK
106 + * (PMK is used for PTKSA derivation in case of FILS shared key offload) or
107 + * using %NL80211_ATTR_SSID, %NL80211_ATTR_FILS_CACHE_ID,
108 + * %NL80211_ATTR_PMKID, and %NL80211_ATTR_PMK in case of FILS
109 + * authentication where %NL80211_ATTR_FILS_CACHE_ID is the identifier
110 + * advertized by a FILS capable AP identifying the scope of PMKSA in an
112 * @NL80211_CMD_DEL_PMKSA: Delete a PMKSA cache entry, using %NL80211_ATTR_MAC
113 - * (for the BSSID) and %NL80211_ATTR_PMKID.
114 + * (for the BSSID) and %NL80211_ATTR_PMKID or using %NL80211_ATTR_SSID,
115 + * %NL80211_ATTR_FILS_CACHE_ID, and %NL80211_ATTR_PMKID in case of FILS
117 * @NL80211_CMD_FLUSH_PMKSA: Flush all PMKSA cache entries.
119 * @NL80211_CMD_REG_CHANGE: indicates to userspace the regulatory domain
121 * authentication/association or not receiving a response from the AP.
122 * Non-zero %NL80211_ATTR_STATUS_CODE value is indicated in that case as
123 * well to remain backwards compatible.
124 - * @NL80211_CMD_ROAM: request that the card roam (currently not implemented),
125 - * sent as an event when the card/driver roamed by itself.
126 + * @NL80211_CMD_ROAM: notifcation indicating the card/driver roamed by itself.
127 + * When the driver roamed in a network that requires 802.1X authentication,
128 + * %NL80211_ATTR_PORT_AUTHORIZED should be set if the 802.1X authentication
129 + * was done by the driver or if roaming was done using Fast Transition
130 + * protocol (in which case 802.1X authentication is not needed). If
131 + * %NL80211_ATTR_PORT_AUTHORIZED is not set, user space is responsible for
132 + * the 802.1X authentication.
133 * @NL80211_CMD_DISCONNECT: drop a given connection; also used to notify
134 * userspace that a connection was dropped by the AP or due to other
135 * reasons, for this the %NL80211_ATTR_DISCONNECTED_BY_AP and
138 * @NL80211_CMD_SET_WDS_PEER: Set the MAC address of the peer on a WDS interface.
140 + * @NL80211_CMD_SET_MULTICAST_TO_UNICAST: Configure if this AP should perform
141 + * multicast to unicast conversion. When enabled, all multicast packets
142 + * with ethertype ARP, IPv4 or IPv6 (possibly within an 802.1Q header)
143 + * will be sent out to each station once with the destination (multicast)
144 + * MAC address replaced by the station's MAC address. Note that this may
145 + * break certain expectations of the receiver, e.g. the ability to drop
146 + * unicast IP packets encapsulated in multicast L2 frames, or the ability
147 + * to not send destination unreachable messages in such cases.
148 + * This can only be toggled per BSS. Configure this on an interface of
149 + * type %NL80211_IFTYPE_AP. It applies to all its VLAN interfaces
150 + * (%NL80211_IFTYPE_AP_VLAN), except for those in 4addr (WDS) mode.
151 + * If %NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED is not present with this
152 + * command, the feature is disabled.
154 * @NL80211_CMD_JOIN_MESH: Join a mesh. The mesh ID must be given, and initial
155 * mesh config parameters may be given.
156 * @NL80211_CMD_LEAVE_MESH: Leave the mesh network -- no special arguments, the
157 @@ -840,12 +928,15 @@
158 * cfg80211_scan_done().
160 * @NL80211_CMD_START_NAN: Start NAN operation, identified by its
161 - * %NL80211_ATTR_WDEV interface. This interface must have been previously
162 - * created with %NL80211_CMD_NEW_INTERFACE. After it has been started, the
163 - * NAN interface will create or join a cluster. This command must have a
164 - * valid %NL80211_ATTR_NAN_MASTER_PREF attribute and optional
165 - * %NL80211_ATTR_NAN_DUAL attributes.
166 - * After this command NAN functions can be added.
167 + * %NL80211_ATTR_WDEV interface. This interface must have been
168 + * previously created with %NL80211_CMD_NEW_INTERFACE. After it
169 + * has been started, the NAN interface will create or join a
170 + * cluster. This command must have a valid
171 + * %NL80211_ATTR_NAN_MASTER_PREF attribute and optional
172 + * %NL80211_ATTR_BANDS attributes. If %NL80211_ATTR_BANDS is
173 + * omitted or set to 0, it means don't-care and the device will
174 + * decide what to use. After this command NAN functions can be
176 * @NL80211_CMD_STOP_NAN: Stop the NAN operation, identified by
177 * its %NL80211_ATTR_WDEV interface.
178 * @NL80211_CMD_ADD_NAN_FUNCTION: Add a NAN function. The function is defined
179 @@ -866,14 +957,32 @@
180 * This command is also used as a notification sent when a NAN function is
181 * terminated. This will contain a %NL80211_ATTR_NAN_FUNC_INST_ID
182 * and %NL80211_ATTR_COOKIE attributes.
183 - * @NL80211_CMD_CHANGE_NAN_CONFIG: Change current NAN configuration. NAN
184 - * must be operational (%NL80211_CMD_START_NAN was executed).
185 - * It must contain at least one of the following attributes:
186 - * %NL80211_ATTR_NAN_MASTER_PREF, %NL80211_ATTR_NAN_DUAL.
187 + * @NL80211_CMD_CHANGE_NAN_CONFIG: Change current NAN
188 + * configuration. NAN must be operational (%NL80211_CMD_START_NAN
189 + * was executed). It must contain at least one of the following
190 + * attributes: %NL80211_ATTR_NAN_MASTER_PREF,
191 + * %NL80211_ATTR_BANDS. If %NL80211_ATTR_BANDS is omitted, the
192 + * current configuration is not changed. If it is present but
193 + * set to zero, the configuration is changed to don't-care
194 + * (i.e. the device can decide what to do).
195 * @NL80211_CMD_NAN_FUNC_MATCH: Notification sent when a match is reported.
196 * This will contain a %NL80211_ATTR_NAN_MATCH nested attribute and
197 * %NL80211_ATTR_COOKIE.
199 + * @NL80211_CMD_UPDATE_CONNECT_PARAMS: Update one or more connect parameters
200 + * for subsequent roaming cases if the driver or firmware uses internal
201 + * BSS selection. This command can be issued only while connected and it
202 + * does not result in a change for the current association. Currently,
203 + * only the %NL80211_ATTR_IE data is used and updated with this command.
205 + * @NL80211_CMD_SET_PMK: For offloaded 4-Way handshake, set the PMK or PMK-R0
206 + * for the given authenticator address (specified with &NL80211_ATTR_MAC).
207 + * When &NL80211_ATTR_PMKR0_NAME is set, &NL80211_ATTR_PMK specifies the
208 + * PMK-R0, otherwise it specifies the PMK.
209 + * @NL80211_CMD_DEL_PMK: For offloaded 4-Way handshake, delete the previously
210 + * configured PMK for the authenticator address identified by
211 + * &NL80211_ATTR_MAC.
213 * @NL80211_CMD_MAX: highest used command number
214 * @__NL80211_CMD_AFTER_LAST: internal use
216 @@ -1069,6 +1178,13 @@ enum nl80211_commands {
217 NL80211_CMD_CHANGE_NAN_CONFIG,
218 NL80211_CMD_NAN_MATCH,
220 + NL80211_CMD_SET_MULTICAST_TO_UNICAST,
222 + NL80211_CMD_UPDATE_CONNECT_PARAMS,
224 + NL80211_CMD_SET_PMK,
225 + NL80211_CMD_DEL_PMK,
227 /* add new commands above here */
229 /* used to define NL80211_CMD_MAX below */
230 @@ -1638,8 +1754,16 @@ enum nl80211_commands {
231 * the connection request from a station. nl80211_connect_failed_reason
232 * enum has different reasons of connection failure.
234 - * @NL80211_ATTR_SAE_DATA: SAE elements in Authentication frames. This starts
235 - * with the Authentication transaction sequence number field.
236 + * @NL80211_ATTR_AUTH_DATA: Fields and elements in Authentication frames.
237 + * This contains the authentication frame body (non-IE and IE data),
238 + * excluding the Authentication algorithm number, i.e., starting at the
239 + * Authentication transaction sequence number field. It is used with
240 + * authentication algorithms that need special fields to be added into
241 + * the frames (SAE and FILS). Currently, only the SAE cases use the
242 + * initial two fields (Authentication transaction sequence number and
243 + * Status code). However, those fields are included in the attribute data
244 + * for all authentication algorithms to keep the attribute definition
247 * @NL80211_ATTR_VHT_CAPABILITY: VHT Capability information element (from
248 * association request when used with NL80211_CMD_NEW_STATION)
249 @@ -1740,7 +1864,9 @@ enum nl80211_commands {
251 * @NL80211_ATTR_OPMODE_NOTIF: Operating mode field from Operating Mode
252 * Notification Element based on association request when used with
253 - * %NL80211_CMD_NEW_STATION; u8 attribute.
254 + * %NL80211_CMD_NEW_STATION or %NL80211_CMD_SET_STATION (only when
255 + * %NL80211_FEATURE_FULL_AP_CLIENT_STATE is supported, or with TDLS);
258 * @NL80211_ATTR_VENDOR_ID: The vendor ID, either a 24-bit OUI or, if
259 * %NL80211_VENDOR_ID_IS_LINUX is set, a special Linux ID (not used yet)
260 @@ -1783,11 +1909,12 @@ enum nl80211_commands {
261 * that configured the indoor setting, and the indoor operation would be
262 * cleared when the socket is closed.
263 * If set during NAN interface creation, the interface will be destroyed
264 - * if the socket is closed just like any other interface. Moreover, only
265 - * the netlink socket that created the interface will be allowed to add
266 - * and remove functions. NAN notifications will be sent in unicast to that
267 - * socket. Without this attribute, any socket can add functions and the
268 - * notifications will be sent to the %NL80211_MCGRP_NAN multicast group.
269 + * if the socket is closed just like any other interface. Moreover, NAN
270 + * notifications will be sent in unicast to that socket. Without this
271 + * attribute, the notifications will be sent to the %NL80211_MCGRP_NAN
273 + * If set during %NL80211_CMD_ASSOCIATE or %NL80211_CMD_CONNECT the
274 + * station will deauthenticate when the socket is closed.
276 * @NL80211_ATTR_TDLS_INITIATOR: flag attribute indicating the current end is
277 * the TDLS link initiator.
278 @@ -1927,15 +2054,93 @@ enum nl80211_commands {
279 * %NL80211_CMD_CHANGE_NAN_CONFIG. Its type is u8 and it can't be 0.
280 * Also, values 1 and 255 are reserved for certification purposes and
281 * should not be used during a normal device operation.
282 - * @NL80211_ATTR_NAN_DUAL: NAN dual band operation config (see
283 - * &enum nl80211_nan_dual_band_conf). This attribute is used with
284 - * %NL80211_CMD_START_NAN and optionally with
285 - * %NL80211_CMD_CHANGE_NAN_CONFIG.
286 + * @NL80211_ATTR_BANDS: operating bands configuration. This is a u32
287 + * bitmask of BIT(NL80211_BAND_*) as described in %enum
288 + * nl80211_band. For instance, for NL80211_BAND_2GHZ, bit 0
289 + * would be set. This attribute is used with
290 + * %NL80211_CMD_START_NAN and %NL80211_CMD_CHANGE_NAN_CONFIG, and
291 + * it is optional. If no bands are set, it means don't-care and
292 + * the device will decide what to use.
293 * @NL80211_ATTR_NAN_FUNC: a function that can be added to NAN. See
294 * &enum nl80211_nan_func_attributes for description of this nested
296 * @NL80211_ATTR_NAN_MATCH: used to report a match. This is a nested attribute.
297 * See &enum nl80211_nan_match_attributes.
298 + * @NL80211_ATTR_FILS_KEK: KEK for FILS (Re)Association Request/Response frame
300 + * @NL80211_ATTR_FILS_NONCES: Nonces (part of AAD) for FILS (Re)Association
301 + * Request/Response frame protection. This attribute contains the 16 octet
302 + * STA Nonce followed by 16 octets of AP Nonce.
304 + * @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED: Indicates whether or not multicast
305 + * packets should be send out as unicast to all stations (flag attribute).
307 + * @NL80211_ATTR_BSSID: The BSSID of the AP. Note that %NL80211_ATTR_MAC is also
308 + * used in various commands/events for specifying the BSSID.
310 + * @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI: Relative RSSI threshold by which
311 + * other BSSs has to be better or slightly worse than the current
312 + * connected BSS so that they get reported to user space.
313 + * This will give an opportunity to userspace to consider connecting to
314 + * other matching BSSs which have better or slightly worse RSSI than
315 + * the current connected BSS by using an offloaded operation to avoid
316 + * unnecessary wakeups.
318 + * @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST: When present the RSSI level for BSSs in
319 + * the specified band is to be adjusted before doing
320 + * %NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI based comparision to figure out
321 + * better BSSs. The attribute value is a packed structure
322 + * value as specified by &struct nl80211_bss_select_rssi_adjust.
324 + * @NL80211_ATTR_TIMEOUT_REASON: The reason for which an operation timed out.
325 + * u32 attribute with an &enum nl80211_timeout_reason value. This is used,
326 + * e.g., with %NL80211_CMD_CONNECT event.
328 + * @NL80211_ATTR_FILS_ERP_USERNAME: EAP Re-authentication Protocol (ERP)
329 + * username part of NAI used to refer keys rRK and rIK. This is used with
330 + * %NL80211_CMD_CONNECT.
332 + * @NL80211_ATTR_FILS_ERP_REALM: EAP Re-authentication Protocol (ERP) realm part
333 + * of NAI specifying the domain name of the ER server. This is used with
334 + * %NL80211_CMD_CONNECT.
336 + * @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM: Unsigned 16-bit ERP next sequence number
337 + * to use in ERP messages. This is used in generating the FILS wrapped data
338 + * for FILS authentication and is used with %NL80211_CMD_CONNECT.
340 + * @NL80211_ATTR_FILS_ERP_RRK: ERP re-authentication Root Key (rRK) for the
341 + * NAI specified by %NL80211_ATTR_FILS_ERP_USERNAME and
342 + * %NL80211_ATTR_FILS_ERP_REALM. This is used for generating rIK and rMSK
343 + * from successful FILS authentication and is used with
344 + * %NL80211_CMD_CONNECT.
346 + * @NL80211_ATTR_FILS_CACHE_ID: A 2-octet identifier advertized by a FILS AP
347 + * identifying the scope of PMKSAs. This is used with
348 + * @NL80211_CMD_SET_PMKSA and @NL80211_CMD_DEL_PMKSA.
350 + * @NL80211_ATTR_PMK: attribute for passing PMK key material. Used with
351 + * %NL80211_CMD_SET_PMKSA for the PMKSA identified by %NL80211_ATTR_PMKID.
352 + * For %NL80211_CMD_CONNECT it is used to provide PSK for offloading 4-way
353 + * handshake for WPA/WPA2-PSK networks. For 802.1X authentication it is
354 + * used with %NL80211_CMD_SET_PMK. For offloaded FT support this attribute
355 + * specifies the PMK-R0 if NL80211_ATTR_PMKR0_NAME is included as well.
357 + * @NL80211_ATTR_SCHED_SCAN_MULTI: flag attribute which user-space shall use to
358 + * indicate that it supports multiple active scheduled scan requests.
359 + * @NL80211_ATTR_SCHED_SCAN_MAX_REQS: indicates maximum number of scheduled
360 + * scan request that may be active for the device (u32).
362 + * @NL80211_ATTR_WANT_1X_4WAY_HS: flag attribute which user-space can include
363 + * in %NL80211_CMD_CONNECT to indicate that for 802.1X authentication it
364 + * wants to use the supported offload of the 4-way handshake.
365 + * @NL80211_ATTR_PMKR0_NAME: PMK-R0 Name for offloaded FT.
366 + * @NL80211_ATTR_PORT_AUTHORIZED: flag attribute used in %NL80211_CMD_ROAMED
367 + * notification indicating that that 802.1X authentication was done by
368 + * the driver or is not needed (because roaming used the Fast Transition
371 + * @NL80211_ATTR_WIPHY_ANTENNA_GAIN: Configured antenna gain. Used to reduce
372 + * transmit power to stay within regulatory limits. u32, dBi.
374 * @NUM_NL80211_ATTR: total number of nl80211_attrs available
375 * @NL80211_ATTR_MAX: highest attribute number currently defined
376 @@ -2195,7 +2400,7 @@ enum nl80211_attrs {
378 NL80211_ATTR_CONN_FAILED_REASON,
380 - NL80211_ATTR_SAE_DATA,
381 + NL80211_ATTR_AUTH_DATA,
383 NL80211_ATTR_VHT_CAPABILITY,
385 @@ -2332,10 +2537,39 @@ enum nl80211_attrs {
386 NL80211_ATTR_MESH_PEER_AID,
388 NL80211_ATTR_NAN_MASTER_PREF,
389 - NL80211_ATTR_NAN_DUAL,
390 + NL80211_ATTR_BANDS,
391 NL80211_ATTR_NAN_FUNC,
392 NL80211_ATTR_NAN_MATCH,
394 + NL80211_ATTR_FILS_KEK,
395 + NL80211_ATTR_FILS_NONCES,
397 + NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED,
399 + NL80211_ATTR_BSSID,
401 + NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI,
402 + NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST,
404 + NL80211_ATTR_TIMEOUT_REASON,
406 + NL80211_ATTR_FILS_ERP_USERNAME,
407 + NL80211_ATTR_FILS_ERP_REALM,
408 + NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
409 + NL80211_ATTR_FILS_ERP_RRK,
410 + NL80211_ATTR_FILS_CACHE_ID,
414 + NL80211_ATTR_SCHED_SCAN_MULTI,
415 + NL80211_ATTR_SCHED_SCAN_MAX_REQS,
417 + NL80211_ATTR_WANT_1X_4WAY_HS,
418 + NL80211_ATTR_PMKR0_NAME,
419 + NL80211_ATTR_PORT_AUTHORIZED,
421 + NL80211_ATTR_WIPHY_ANTENNA_GAIN,
423 /* add attributes here, update the policy in nl80211.c */
425 __NL80211_ATTR_AFTER_LAST,
426 @@ -2347,6 +2581,7 @@ enum nl80211_attrs {
427 #define NL80211_ATTR_SCAN_GENERATION NL80211_ATTR_GENERATION
428 #define NL80211_ATTR_MESH_PARAMS NL80211_ATTR_MESH_CONFIG
429 #define NL80211_ATTR_IFACE_SOCKET_OWNER NL80211_ATTR_SOCKET_OWNER
430 +#define NL80211_ATTR_SAE_DATA NL80211_ATTR_AUTH_DATA
433 * Allow user space programs to use #ifdef on new attributes by defining them
434 @@ -3019,6 +3254,7 @@ enum nl80211_reg_rule_attr {
435 * @__NL80211_SCHED_SCAN_MATCH_ATTR_INVALID: attribute number 0 is reserved
436 * @NL80211_SCHED_SCAN_MATCH_ATTR_SSID: SSID to be used for matching,
437 * only report BSS with matching SSID.
438 + * (This cannot be used together with BSSID.)
439 * @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI: RSSI threshold (in dBm) for reporting a
440 * BSS in scan results. Filtering is turned off if not specified. Note that
441 * if this attribute is in a match set of its own, then it is treated as
442 @@ -3027,6 +3263,15 @@ enum nl80211_reg_rule_attr {
443 * how this API was implemented in the past. Also, due to the same problem,
444 * the only way to create a matchset with only an RSSI filter (with this
445 * attribute) is if there's only a single matchset with the RSSI attribute.
446 + * @NL80211_SCHED_SCAN_MATCH_ATTR_RELATIVE_RSSI: Flag indicating whether
447 + * %NL80211_SCHED_SCAN_MATCH_ATTR_RSSI to be used as absolute RSSI or
448 + * relative to current bss's RSSI.
449 + * @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI_ADJUST: When present the RSSI level for
450 + * BSS-es in the specified band is to be adjusted before doing
451 + * RSSI-based BSS selection. The attribute value is a packed structure
452 + * value as specified by &struct nl80211_bss_select_rssi_adjust.
453 + * @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID: BSSID to be used for matching
454 + * (this cannot be used together with SSID).
455 * @NL80211_SCHED_SCAN_MATCH_ATTR_MAX: highest scheduled scan filter
456 * attribute number currently defined
457 * @__NL80211_SCHED_SCAN_MATCH_ATTR_AFTER_LAST: internal use
458 @@ -3036,6 +3281,9 @@ enum nl80211_sched_scan_match_attr {
460 NL80211_SCHED_SCAN_MATCH_ATTR_SSID,
461 NL80211_SCHED_SCAN_MATCH_ATTR_RSSI,
462 + NL80211_SCHED_SCAN_MATCH_ATTR_RELATIVE_RSSI,
463 + NL80211_SCHED_SCAN_MATCH_ATTR_RSSI_ADJUST,
464 + NL80211_SCHED_SCAN_MATCH_ATTR_BSSID,
467 __NL80211_SCHED_SCAN_MATCH_ATTR_AFTER_LAST,
468 @@ -3660,6 +3908,9 @@ enum nl80211_bss_status {
469 * @NL80211_AUTHTYPE_FT: Fast BSS Transition (IEEE 802.11r)
470 * @NL80211_AUTHTYPE_NETWORK_EAP: Network EAP (some Cisco APs and mainly LEAP)
471 * @NL80211_AUTHTYPE_SAE: Simultaneous authentication of equals
472 + * @NL80211_AUTHTYPE_FILS_SK: Fast Initial Link Setup shared key
473 + * @NL80211_AUTHTYPE_FILS_SK_PFS: Fast Initial Link Setup shared key with PFS
474 + * @NL80211_AUTHTYPE_FILS_PK: Fast Initial Link Setup public key
475 * @__NL80211_AUTHTYPE_NUM: internal
476 * @NL80211_AUTHTYPE_MAX: maximum valid auth algorithm
477 * @NL80211_AUTHTYPE_AUTOMATIC: determine automatically (if necessary by
478 @@ -3672,6 +3923,9 @@ enum nl80211_auth_type {
480 NL80211_AUTHTYPE_NETWORK_EAP,
481 NL80211_AUTHTYPE_SAE,
482 + NL80211_AUTHTYPE_FILS_SK,
483 + NL80211_AUTHTYPE_FILS_SK_PFS,
484 + NL80211_AUTHTYPE_FILS_PK,
487 __NL80211_AUTHTYPE_NUM,
488 @@ -3839,7 +4093,10 @@ enum nl80211_ps_state {
489 * @__NL80211_ATTR_CQM_INVALID: invalid
490 * @NL80211_ATTR_CQM_RSSI_THOLD: RSSI threshold in dBm. This value specifies
491 * the threshold for the RSSI level at which an event will be sent. Zero
493 + * to disable. Alternatively, if %NL80211_EXT_FEATURE_CQM_RSSI_LIST is
494 + * set, multiple values can be supplied as a low-to-high sorted array of
495 + * threshold values in dBm. Events will be sent when the RSSI value
496 + * crosses any of the thresholds.
497 * @NL80211_ATTR_CQM_RSSI_HYST: RSSI hysteresis in dBm. This value specifies
498 * the minimum amount the RSSI level must change after an event before a
499 * new event may be issued (to reduce effects of RSSI oscillation).
500 @@ -3859,6 +4116,8 @@ enum nl80211_ps_state {
501 * %NL80211_CMD_NOTIFY_CQM. Set to 0 to turn off TX error reporting.
502 * @NL80211_ATTR_CQM_BEACON_LOSS_EVENT: flag attribute that's set in a beacon
504 + * @NL80211_ATTR_CQM_RSSI_LEVEL: the RSSI value in dBm that triggered the
505 + * RSSI threshold event.
506 * @__NL80211_ATTR_CQM_AFTER_LAST: internal
507 * @NL80211_ATTR_CQM_MAX: highest key attribute
509 @@ -3872,6 +4131,7 @@ enum nl80211_attr_cqm {
510 NL80211_ATTR_CQM_TXE_PKTS,
511 NL80211_ATTR_CQM_TXE_INTVL,
512 NL80211_ATTR_CQM_BEACON_LOSS_EVENT,
513 + NL80211_ATTR_CQM_RSSI_LEVEL,
516 __NL80211_ATTR_CQM_AFTER_LAST,
517 @@ -4280,6 +4540,9 @@ enum nl80211_iface_limit_attrs {
518 * of supported channel widths for radar detection.
519 * @NL80211_IFACE_COMB_RADAR_DETECT_REGIONS: u32 attribute containing the bitmap
520 * of supported regulatory regions for radar detection.
521 + * @NL80211_IFACE_COMB_BI_MIN_GCD: u32 attribute specifying the minimum GCD of
522 + * different beacon intervals supported by all the interface combinations
523 + * in this group (if not present, all beacon intervals be identical).
524 * @NUM_NL80211_IFACE_COMB: number of attributes
525 * @MAX_NL80211_IFACE_COMB: highest attribute number
527 @@ -4287,8 +4550,8 @@ enum nl80211_iface_limit_attrs {
528 * limits = [ #{STA} <= 1, #{AP} <= 1 ], matching BI, channels = 1, max = 2
529 * => allows an AP and a STA that must match BIs
531 - * numbers = [ #{AP, P2P-GO} <= 8 ], channels = 1, max = 8
532 - * => allows 8 of AP/GO
533 + * numbers = [ #{AP, P2P-GO} <= 8 ], BI min gcd, channels = 1, max = 8,
534 + * => allows 8 of AP/GO that can have BI gcd >= min gcd
536 * numbers = [ #{STA} <= 2 ], channels = 2, max = 2
537 * => allows two STAs on different channels
538 @@ -4314,6 +4577,7 @@ enum nl80211_if_combination_attrs {
539 NL80211_IFACE_COMB_NUM_CHANNELS,
540 NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
541 NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
542 + NL80211_IFACE_COMB_BI_MIN_GCD,
545 NUM_NL80211_IFACE_COMB,
546 @@ -4634,6 +4898,27 @@ enum nl80211_feature_flags {
547 * configuration (AP/mesh) with HT rates.
548 * @NL80211_EXT_FEATURE_BEACON_RATE_VHT: Driver supports beacon rate
549 * configuration (AP/mesh) with VHT rates.
550 + * @NL80211_EXT_FEATURE_FILS_STA: This driver supports Fast Initial Link Setup
551 + * with user space SME (NL80211_CMD_AUTHENTICATE) in station mode.
552 + * @NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA: This driver supports randomized TA
553 + * in @NL80211_CMD_FRAME while not associated.
554 + * @NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA_CONNECTED: This driver supports
555 + * randomized TA in @NL80211_CMD_FRAME while associated.
556 + * @NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI: The driver supports sched_scan
557 + * for reporting BSSs with better RSSI than the current connected BSS
558 + * (%NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI).
559 + * @NL80211_EXT_FEATURE_CQM_RSSI_LIST: With this driver the
560 + * %NL80211_ATTR_CQM_RSSI_THOLD attribute accepts a list of zero or more
561 + * RSSI threshold values to monitor rather than exactly one threshold.
562 + * @NL80211_EXT_FEATURE_FILS_SK_OFFLOAD: Driver SME supports FILS shared key
563 + * authentication with %NL80211_CMD_CONNECT.
564 + * @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK: Device wants to do 4-way
565 + * handshake with PSK in station mode (PSK is passed as part of the connect
566 + * and associate commands), doing it in the host might not be supported.
567 + * @NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X: Device wants to do doing 4-way
568 + * handshake with 802.1X in station mode (will pass EAP frames to the host
569 + * and accept the set_pmk/del_pmk commands), doing it in the host might not
572 * @NUM_NL80211_EXT_FEATURES: number of extended features.
573 * @MAX_NL80211_EXT_FEATURES: highest extended feature index.
574 @@ -4648,6 +4933,14 @@ enum nl80211_ext_feature_index {
575 NL80211_EXT_FEATURE_BEACON_RATE_LEGACY,
576 NL80211_EXT_FEATURE_BEACON_RATE_HT,
577 NL80211_EXT_FEATURE_BEACON_RATE_VHT,
578 + NL80211_EXT_FEATURE_FILS_STA,
579 + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA,
580 + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA_CONNECTED,
581 + NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI,
582 + NL80211_EXT_FEATURE_CQM_RSSI_LIST,
583 + NL80211_EXT_FEATURE_FILS_SK_OFFLOAD,
584 + NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK,
585 + NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X,
587 /* add new features before the definition below */
588 NUM_NL80211_EXT_FEATURES,
589 @@ -4687,6 +4980,21 @@ enum nl80211_connect_failed_reason {
593 + * enum nl80211_timeout_reason - timeout reasons
595 + * @NL80211_TIMEOUT_UNSPECIFIED: Timeout reason unspecified.
596 + * @NL80211_TIMEOUT_SCAN: Scan (AP discovery) timed out.
597 + * @NL80211_TIMEOUT_AUTH: Authentication timed out.
598 + * @NL80211_TIMEOUT_ASSOC: Association timed out.
600 +enum nl80211_timeout_reason {
601 + NL80211_TIMEOUT_UNSPECIFIED,
602 + NL80211_TIMEOUT_SCAN,
603 + NL80211_TIMEOUT_AUTH,
604 + NL80211_TIMEOUT_ASSOC,
608 * enum nl80211_scan_flags - scan request control flags
610 * Scan request control flags are used to control the handling
611 @@ -4768,12 +5076,17 @@ enum nl80211_smps_mode {
612 * change to the channel status.
613 * @NL80211_RADAR_NOP_FINISHED: The Non-Occupancy Period for this channel is
614 * over, channel becomes usable.
615 + * @NL80211_RADAR_PRE_CAC_EXPIRED: Channel Availability Check done on this
616 + * non-operating channel is expired and no longer valid. New CAC must
617 + * be done on this channel before starting the operation. This is not
618 + * applicable for ETSI dfs domain where pre-CAC is valid for ever.
620 enum nl80211_radar_event {
621 NL80211_RADAR_DETECTED,
622 NL80211_RADAR_CAC_FINISHED,
623 NL80211_RADAR_CAC_ABORTED,
624 NL80211_RADAR_NOP_FINISHED,
625 + NL80211_RADAR_PRE_CAC_EXPIRED,
629 @@ -4900,8 +5213,9 @@ enum nl80211_sched_scan_plan {
631 * struct nl80211_bss_select_rssi_adjust - RSSI adjustment parameters.
633 - * @band: band of BSS that must match for RSSI value adjustment.
634 - * @delta: value used to adjust the RSSI value of matching BSS.
635 + * @band: band of BSS that must match for RSSI value adjustment. The value
636 + * of this field is according to &enum nl80211_band.
637 + * @delta: value used to adjust the RSSI value of matching BSS in dB.
639 struct nl80211_bss_select_rssi_adjust {
641 @@ -4942,21 +5256,6 @@ enum nl80211_bss_select_attr {
645 - * enum nl80211_nan_dual_band_conf - NAN dual band configuration
647 - * Defines the NAN dual band mode of operation
649 - * @NL80211_NAN_BAND_DEFAULT: device default mode
650 - * @NL80211_NAN_BAND_2GHZ: 2.4GHz mode
651 - * @NL80211_NAN_BAND_5GHZ: 5GHz mode
653 -enum nl80211_nan_dual_band_conf {
654 - NL80211_NAN_BAND_DEFAULT = 1 << 0,
655 - NL80211_NAN_BAND_2GHZ = 1 << 1,
656 - NL80211_NAN_BAND_5GHZ = 1 << 2,
660 * enum nl80211_nan_function_type - NAN function type
662 * Defines the function type of a NAN function
projects / oweals / openwrt.git / blob