nl80211: Allow SAE Authentication for NL80211_CMD_CONNECT

This commit allows SAE Authentication for NL80211_CMD_CONNECT
interface, provided host driver advertises the support.

Host drivers may offload the SAE authentication to user space
through NL80211_CMD_EXTERNAL_AUTH interface and thus expect
the user space to advertise support to handle offload through
NL80211_ATTR_EXTERNAL_AUTH_SUPPORT in NL80211_CMD_CONNECT
request. Such drivers should reject the connect request on no
offload support from user space.

Signed-off-by: Srinivas Dasari <dasaris@qti.qualcomm.com>
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index aa6b64069c80afbd08ac8521f2f36a5a94d29752..bdb70fe74e3cd40a6119f08e5b97bb924a119be7 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -3921,9 +3921,10 @@ static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
                        return false;
                return true;
        case NL80211_CMD_CONNECT:
-               /* SAE not supported yet */
-               if (auth_type == NL80211_AUTHTYPE_SAE)
+               if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
+                   auth_type == NL80211_AUTHTYPE_SAE)
                        return false;
+
                /* FILS with SK PFS or PK not supported yet */
                if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
                    auth_type == NL80211_AUTHTYPE_FILS_PK)