diff options
| author | Peddolla Harshavardhan Reddy <peddolla.reddy@oss.qualcomm.com> | 2026-04-20 14:38:55 +0530 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2026-05-05 13:52:23 +0200 |
| commit | 4bb6e58bc29ab772c26c5eb471ab255fe2e044d8 (patch) | |
| tree | 74aa570fe40f5037e069aefda2cf5ef15df02325 /include/uapi | |
| parent | 410aa47fd9d308029f3520e97eec71a8eb508622 (diff) | |
wifi: cfg80211: add LTF keyseed support for secure ranging
Currently there is no way to install an LTF key seed that can be
used in non-trigger-based (NTB) and trigger-based (TB) FTM ranging
to protect NDP frames. Without this, drivers cannot enable PHY-layer
security for peer measurement sessions, leaving ranging measurements
vulnerable to eavesdropping and manipulation.
Introduce NL80211_KEY_LTF_SEED attribute and the dedicated extended
feature flag NL80211_EXT_FEATURE_SET_KEY_LTF_SEED to allow drivers
to advertise and install LTF key seeds via nl80211. The key seed
must be configured beforehand to ensure the peer measurement session
is secure. The driver must advertise both NL80211_EXT_FEATURE_SECURE_LTF
and NL80211_EXT_FEATURE_SET_KEY_LTF_SEED for the key seed installation
to be permitted.
The LTF key seed is pairwise key material and must only be used with
pairwise key type. Reject attempts to use it with other key types.
Signed-off-by: Peddolla Harshavardhan Reddy <peddolla.reddy@oss.qualcomm.com>
Link: https://patch.msgid.link/20260420090856.2152905-13-peddolla.reddy@oss.qualcomm.com
[fix policy coding style]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'include/uapi')
| -rw-r--r-- | include/uapi/linux/nl80211.h | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h index 1da4dc3fc816..6c7e6c05b9a8 100644 --- a/include/uapi/linux/nl80211.h +++ b/include/uapi/linux/nl80211.h @@ -5814,6 +5814,18 @@ enum nl80211_key_default_types { * @NL80211_KEY_MODE: the mode from enum nl80211_key_mode. * Defaults to @NL80211_KEY_RX_TX. * @NL80211_KEY_DEFAULT_BEACON: flag indicating default Beacon frame key + * @NL80211_KEY_LTF_SEED: LTF key seed is used by the driver to generate + * secure LTF keys used in case of peer measurement request with FTM + * request type as either %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED + * or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED. Secure LTF key seeds + * will help enable PHY security in peer measurement session. + * The LTF key seed is installed along with the TK (Temporal Key) using + * %NL80211_CMD_NEW_KEY. The TK is configured using the + * %NL80211_ATTR_KEY_DATA attribute, while the LTF key seed is configured + * using this attribute. Both keys must be configured before initiation + * of peer measurement to ensure peer measurement session is secure. + * Only valid if %NL80211_EXT_FEATURE_SET_KEY_LTF_SEED is set. This + * attribute is restricted to pairwise keys (%NL80211_KEYTYPE_PAIRWISE). * * @__NL80211_KEY_AFTER_LAST: internal * @NL80211_KEY_MAX: highest key attribute @@ -5830,6 +5842,7 @@ enum nl80211_key_attributes { NL80211_KEY_DEFAULT_TYPES, NL80211_KEY_MODE, NL80211_KEY_DEFAULT_BEACON, + NL80211_KEY_LTF_SEED, /* keep last */ __NL80211_KEY_AFTER_LAST, @@ -7059,6 +7072,10 @@ enum nl80211_feature_flags { * forward frames with a matching MAC address to userspace during * the off-channel period. * + * @NL80211_EXT_FEATURE_SET_KEY_LTF_SEED: Driver supports installing the + * LTF key seed via %NL80211_KEY_LTF_SEED. The seed is used to generate + * secure LTF keys for secure LTF measurement sessions. + * * @NUM_NL80211_EXT_FEATURES: number of extended features. * @MAX_NL80211_EXT_FEATURES: highest extended feature index. */ @@ -7139,6 +7156,7 @@ enum nl80211_ext_feature_index { NL80211_EXT_FEATURE_ASSOC_FRAME_ENCRYPTION, NL80211_EXT_FEATURE_IEEE8021X_AUTH, NL80211_EXT_FEATURE_ROC_ADDR_FILTER, + NL80211_EXT_FEATURE_SET_KEY_LTF_SEED, /* add new features before the definition below */ NUM_NL80211_EXT_FEATURES, |