631 static int wpa_ft_rrb_send(struct wpa_authenticator *wpa_auth, const u8 *dst,  in wpa_ft_rrb_send()  argument
634 	if (wpa_auth->cb->send_ether == NULL)  in wpa_ft_rrb_send()
637 	return wpa_auth->cb->send_ether(wpa_auth->cb_ctx, dst, ETH_P_RRB,  in wpa_ft_rrb_send()
642 static int wpa_ft_rrb_oui_send(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_oui_send()  argument
646 	if (!wpa_auth->cb->send_oui)  in wpa_ft_rrb_oui_send()
650 	return wpa_auth->cb->send_oui(wpa_auth->cb_ctx, dst, oui_suffix, data,  in wpa_ft_rrb_oui_send()
655 static int wpa_ft_action_send(struct wpa_authenticator *wpa_auth,  in wpa_ft_action_send()  argument
658 	if (wpa_auth->cb->send_ft_action == NULL)  in wpa_ft_action_send()
660 	return wpa_auth->cb->send_ft_action(wpa_auth->cb_ctx, dst,  in wpa_ft_action_send()
665 static const u8 * wpa_ft_get_psk(struct wpa_authenticator *wpa_auth,  in wpa_ft_get_psk()  argument
669 	if (wpa_auth->cb->get_psk == NULL)  in wpa_ft_get_psk()
671 	return wpa_auth->cb->get_psk(wpa_auth->cb_ctx, addr, p2p_dev_addr,  in wpa_ft_get_psk()
677 wpa_ft_add_sta(struct wpa_authenticator *wpa_auth, const u8 *sta_addr)  in wpa_ft_add_sta()  argument
679 	if (wpa_auth->cb->add_sta == NULL)  in wpa_ft_add_sta()
681 	return wpa_auth->cb->add_sta(wpa_auth->cb_ctx, sta_addr);  in wpa_ft_add_sta()
685 static int wpa_ft_set_vlan(struct wpa_authenticator *wpa_auth,  in wpa_ft_set_vlan()  argument
688 	if (!wpa_auth->cb->set_vlan)  in wpa_ft_set_vlan()
690 	return wpa_auth->cb->set_vlan(wpa_auth->cb_ctx, sta_addr, vlan);  in wpa_ft_set_vlan()
694 static int wpa_ft_get_vlan(struct wpa_authenticator *wpa_auth,  in wpa_ft_get_vlan()  argument
697 	if (!wpa_auth->cb->get_vlan)  in wpa_ft_get_vlan()
699 	return wpa_auth->cb->get_vlan(wpa_auth->cb_ctx, sta_addr, vlan);  in wpa_ft_get_vlan()
704 wpa_ft_set_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,  in wpa_ft_set_identity()  argument
707 	if (!wpa_auth->cb->set_identity)  in wpa_ft_set_identity()
709 	return wpa_auth->cb->set_identity(wpa_auth->cb_ctx, sta_addr, identity,  in wpa_ft_set_identity()
715 wpa_ft_get_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,  in wpa_ft_get_identity()  argument
719 	if (!wpa_auth->cb->get_identity)  in wpa_ft_get_identity()
721 	return wpa_auth->cb->get_identity(wpa_auth->cb_ctx, sta_addr, buf);  in wpa_ft_get_identity()
726 wpa_ft_set_radius_cui(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,  in wpa_ft_set_radius_cui()  argument
729 	if (!wpa_auth->cb->set_radius_cui)  in wpa_ft_set_radius_cui()
731 	return wpa_auth->cb->set_radius_cui(wpa_auth->cb_ctx, sta_addr,  in wpa_ft_set_radius_cui()
737 wpa_ft_get_radius_cui(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,  in wpa_ft_get_radius_cui()  argument
741 	if (!wpa_auth->cb->get_radius_cui)  in wpa_ft_get_radius_cui()
743 	return wpa_auth->cb->get_radius_cui(wpa_auth->cb_ctx, sta_addr, buf);  in wpa_ft_get_radius_cui()
748 wpa_ft_set_session_timeout(struct wpa_authenticator *wpa_auth,  in wpa_ft_set_session_timeout()  argument
751 	if (!wpa_auth->cb->set_session_timeout)  in wpa_ft_set_session_timeout()
753 	wpa_auth->cb->set_session_timeout(wpa_auth->cb_ctx, sta_addr,  in wpa_ft_set_session_timeout()
759 wpa_ft_get_session_timeout(struct wpa_authenticator *wpa_auth,  in wpa_ft_get_session_timeout()  argument
762 	if (!wpa_auth->cb->get_session_timeout)  in wpa_ft_get_session_timeout()
764 	return wpa_auth->cb->get_session_timeout(wpa_auth->cb_ctx, sta_addr);  in wpa_ft_get_session_timeout()
768 static int wpa_ft_add_tspec(struct wpa_authenticator *wpa_auth,  in wpa_ft_add_tspec()  argument
772 	if (wpa_auth->cb->add_tspec == NULL) {  in wpa_ft_add_tspec()
776 	return wpa_auth->cb->add_tspec(wpa_auth->cb_ctx, sta_addr, tspec_ie,  in wpa_ft_add_tspec()
782 static int wpa_channel_info(struct wpa_authenticator *wpa_auth,  in wpa_channel_info()  argument
785 	if (!wpa_auth->cb->channel_info)  in wpa_channel_info()
787 	return wpa_auth->cb->channel_info(wpa_auth->cb_ctx, ci);  in wpa_channel_info()
917 	int (*cb)(struct wpa_authenticator *wpa_auth,
935 static void wpa_ft_rrb_seq_flush(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_seq_flush()  argument
943 			item->cb(wpa_auth, item->src_addr, item->enc,  in wpa_ft_rrb_seq_flush()
959 wpa_ft_rrb_seq_req(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_seq_req()  argument
965 		   int (*cb)(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_seq_req()  argument
991 		   MAC2STR(wpa_auth->addr), MAC2STR(src_addr));  in wpa_ft_rrb_seq_req()
1022 			       wpa_auth, item);  in wpa_ft_rrb_seq_req()
1027 			     wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_REQ,  in wpa_ft_rrb_seq_req()
1035 	wpa_ft_rrb_oui_send(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_SEQ_REQ,  in wpa_ft_rrb_seq_req()
1128 wpa_ft_rrb_seq_accept(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_seq_accept()  argument
1356 static int wpa_ft_store_pmk_r0(struct wpa_authenticator *wpa_auth,  in wpa_ft_store_pmk_r0()  argument
1365 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;  in wpa_ft_store_pmk_r0()
1420 static int wpa_ft_fetch_pmk_r0(struct wpa_authenticator *wpa_auth,  in wpa_ft_fetch_pmk_r0()  argument
1424 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;  in wpa_ft_fetch_pmk_r0()
1443 static int wpa_ft_store_pmk_r1(struct wpa_authenticator *wpa_auth,  in wpa_ft_store_pmk_r1()  argument
1452 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;  in wpa_ft_store_pmk_r1()
1453 	int max_expires_in = wpa_auth->conf.r1_max_key_lifetime;  in wpa_ft_store_pmk_r1()
1510 int wpa_ft_fetch_pmk_r1(struct wpa_authenticator *wpa_auth,  in wpa_ft_fetch_pmk_r1()  argument
1518 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;  in wpa_ft_fetch_pmk_r1()
1576 static void wpa_ft_rrb_lookup_r0kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_lookup_r0kh()  argument
1586 	if (wpa_auth->conf.r0kh_list)  in wpa_ft_rrb_lookup_r0kh()
1587 		r0kh = *wpa_auth->conf.r0kh_list;  in wpa_ft_rrb_lookup_r0kh()
1623 static void wpa_ft_rrb_lookup_r1kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_lookup_r1kh()  argument
1633 	if (wpa_auth->conf.r1kh_list)  in wpa_ft_rrb_lookup_r1kh()
1634 		r1kh = *wpa_auth->conf.r1kh_list;  in wpa_ft_rrb_lookup_r1kh()
1654 static int wpa_ft_rrb_check_r0kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_check_r0kh()  argument
1657 	if (f_r0kh_id_len != wpa_auth->conf.r0_key_holder_len ||  in wpa_ft_rrb_check_r0kh()
1658 	    os_memcmp_const(f_r0kh_id, wpa_auth->conf.r0_key_holder,  in wpa_ft_rrb_check_r0kh()
1666 static int wpa_ft_rrb_check_r1kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_check_r1kh()  argument
1669 	if (os_memcmp_const(f_r1kh_id, wpa_auth->conf.r1_key_holder,  in wpa_ft_rrb_check_r1kh()
1679 	struct wpa_authenticator *wpa_auth = eloop_ctx;  in wpa_ft_rrb_del_r0kh()  local
1682 	if (!wpa_auth->conf.r0kh_list)  in wpa_ft_rrb_del_r0kh()
1685 	for (r0kh = *wpa_auth->conf.r0kh_list; r0kh; r0kh = r0kh->next) {  in wpa_ft_rrb_del_r0kh()
1695 		*wpa_auth->conf.r0kh_list = r0kh->next;  in wpa_ft_rrb_del_r0kh()
1697 		wpa_ft_rrb_seq_flush(wpa_auth, r0kh->seq, 0);  in wpa_ft_rrb_del_r0kh()
1703 static void wpa_ft_rrb_r0kh_replenish(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_r0kh_replenish()  argument
1708 					wpa_auth, r0kh);  in wpa_ft_rrb_r0kh_replenish()
1712 static void wpa_ft_rrb_r0kh_timeout(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_r0kh_timeout()  argument
1715 	eloop_cancel_timeout(wpa_ft_rrb_del_r0kh, wpa_auth, r0kh);  in wpa_ft_rrb_r0kh_timeout()
1719 				       wpa_auth, r0kh);  in wpa_ft_rrb_r0kh_timeout()
1724 wpa_ft_rrb_add_r0kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_add_r0kh()  argument
1731 	if (!wpa_auth->conf.r0kh_list)  in wpa_ft_rrb_add_r0kh()
1748 	r0kh->next = *wpa_auth->conf.r0kh_list;  in wpa_ft_rrb_add_r0kh()
1749 	*wpa_auth->conf.r0kh_list = r0kh;  in wpa_ft_rrb_add_r0kh()
1753 				       wpa_auth, r0kh);  in wpa_ft_rrb_add_r0kh()
1764 	struct wpa_authenticator *wpa_auth = eloop_ctx;  in wpa_ft_rrb_del_r1kh()  local
1767 	if (!wpa_auth->conf.r1kh_list)  in wpa_ft_rrb_del_r1kh()
1770 	for (r1kh = *wpa_auth->conf.r1kh_list; r1kh; r1kh = r1kh->next) {  in wpa_ft_rrb_del_r1kh()
1780 		*wpa_auth->conf.r1kh_list = r1kh->next;  in wpa_ft_rrb_del_r1kh()
1782 		wpa_ft_rrb_seq_flush(wpa_auth, r1kh->seq, 0);  in wpa_ft_rrb_del_r1kh()
1788 static void wpa_ft_rrb_r1kh_replenish(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_r1kh_replenish()  argument
1793 					wpa_auth, r1kh);  in wpa_ft_rrb_r1kh_replenish()
1798 wpa_ft_rrb_add_r1kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_add_r1kh()  argument
1804 	if (!wpa_auth->conf.r1kh_list)  in wpa_ft_rrb_add_r1kh()
1814 	r1kh->next = *wpa_auth->conf.r1kh_list;  in wpa_ft_rrb_add_r1kh()
1815 	*wpa_auth->conf.r1kh_list = r1kh;  in wpa_ft_rrb_add_r1kh()
1819 				       wpa_auth, r1kh);  in wpa_ft_rrb_add_r1kh()
1834 static void wpa_ft_deinit_seq(struct wpa_authenticator *wpa_auth)  in wpa_ft_deinit_seq()  argument
1839 	eloop_cancel_timeout(wpa_ft_rrb_seq_timeout, wpa_auth, ELOOP_ALL_CTX);  in wpa_ft_deinit_seq()
1841 	if (wpa_auth->conf.r0kh_list)  in wpa_ft_deinit_seq()
1842 		r0kh = *wpa_auth->conf.r0kh_list;  in wpa_ft_deinit_seq()
1848 		wpa_ft_rrb_seq_flush(wpa_auth, r0kh->seq, 0);  in wpa_ft_deinit_seq()
1853 	if (wpa_auth->conf.r1kh_list)  in wpa_ft_deinit_seq()
1854 		r1kh = *wpa_auth->conf.r1kh_list;  in wpa_ft_deinit_seq()
1860 		wpa_ft_rrb_seq_flush(wpa_auth, r1kh->seq, 0);  in wpa_ft_deinit_seq()
1867 static void wpa_ft_deinit_rkh_tmp(struct wpa_authenticator *wpa_auth)  in wpa_ft_deinit_rkh_tmp()  argument
1872 	if (wpa_auth->conf.r0kh_list)  in wpa_ft_deinit_rkh_tmp()
1873 		r0kh = *wpa_auth->conf.r0kh_list;  in wpa_ft_deinit_rkh_tmp()
1878 		if (eloop_cancel_timeout(wpa_ft_rrb_del_r0kh, wpa_auth,  in wpa_ft_deinit_rkh_tmp()
1883 				*wpa_auth->conf.r0kh_list = r0kh_next;  in wpa_ft_deinit_rkh_tmp()
1891 	if (wpa_auth->conf.r1kh_list)  in wpa_ft_deinit_rkh_tmp()
1892 		r1kh = *wpa_auth->conf.r1kh_list;  in wpa_ft_deinit_rkh_tmp()
1897 		if (eloop_cancel_timeout(wpa_ft_rrb_del_r1kh, wpa_auth,  in wpa_ft_deinit_rkh_tmp()
1902 				*wpa_auth->conf.r1kh_list = r1kh_next;  in wpa_ft_deinit_rkh_tmp()
1912 void wpa_ft_deinit(struct wpa_authenticator *wpa_auth)  in wpa_ft_deinit()  argument
1914 	wpa_ft_deinit_seq(wpa_auth);  in wpa_ft_deinit()
1915 	wpa_ft_deinit_rkh_tmp(wpa_auth);  in wpa_ft_deinit()
1919 static void wpa_ft_block_r0kh(struct wpa_authenticator *wpa_auth,  in wpa_ft_block_r0kh()  argument
1924 	if (!wpa_auth->conf.rkh_neg_timeout)  in wpa_ft_block_r0kh()
1927 	wpa_ft_rrb_lookup_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len,  in wpa_ft_block_r0kh()
1939 		wpa_ft_rrb_r0kh_timeout(wpa_auth, r0kh,  in wpa_ft_block_r0kh()
1940 					wpa_auth->conf.rkh_neg_timeout);  in wpa_ft_block_r0kh()
1943 		wpa_ft_rrb_add_r0kh(wpa_auth, r0kh_wildcard, NULL, f_r0kh_id,  in wpa_ft_block_r0kh()
1945 				    wpa_auth->conf.rkh_neg_timeout);  in wpa_ft_block_r0kh()
1956 		wpa_ft_block_r0kh(sm->wpa_auth, sm->r0kh_id, sm->r0kh_id_len);  in wpa_ft_expire_pull()
1970 	const u8 *key, *f_r1kh_id = sm->wpa_auth->conf.r1_key_holder;  in wpa_ft_pull_pmk_r1()
1998 		sm->wpa_auth->conf.rkh_pull_retries;  in wpa_ft_pull_pmk_r1()
2001 	wpa_ft_rrb_lookup_r0kh(sm->wpa_auth, sm->r0kh_id, sm->r0kh_id_len,  in wpa_ft_pull_pmk_r1()
2005 	r0kh_timeout = sm->wpa_auth->conf.rkh_pull_timeout / 1000 +  in wpa_ft_pull_pmk_r1()
2008 		wpa_ft_rrb_r0kh_replenish(sm->wpa_auth, r0kh, r0kh_timeout);  in wpa_ft_pull_pmk_r1()
2012 		r0kh = wpa_ft_rrb_add_r0kh(sm->wpa_auth, r0kh_wildcard,  in wpa_ft_pull_pmk_r1()
2027 	if (ether_addr_equal(r0kh->addr, sm->wpa_auth->addr)) {  in wpa_ft_pull_pmk_r1()
2039 		wpa_ft_rrb_seq_req(sm->wpa_auth, r0kh->seq, r0kh->addr,  in wpa_ft_pull_pmk_r1()
2046 		   MAC2STR(sm->wpa_auth->addr), MAC2STR(r0kh->addr));  in wpa_ft_pull_pmk_r1()
2061 			     sm->wpa_auth->addr, FT_PACKET_R0KH_R1KH_PULL,  in wpa_ft_pull_pmk_r1()
2073 	tsecs = sm->wpa_auth->conf.rkh_pull_timeout / 1000;  in wpa_ft_pull_pmk_r1()
2074 	tusecs = (sm->wpa_auth->conf.rkh_pull_timeout % 1000) * 1000;  in wpa_ft_pull_pmk_r1()
2077 	wpa_ft_rrb_oui_send(sm->wpa_auth, r0kh->addr, FT_PACKET_R0KH_R1KH_PULL,  in wpa_ft_pull_pmk_r1()
2089 	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;  in wpa_ft_store_pmk_fils()
2097 	if (wpa_ft_get_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) {  in wpa_ft_store_pmk_fils()
2103 	identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);  in wpa_ft_store_pmk_fils()
2104 	radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,  in wpa_ft_store_pmk_fils()
2106 	session_timeout = wpa_ft_get_session_timeout(sm->wpa_auth, sm->addr);  in wpa_ft_store_pmk_fils()
2108 	return wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len,  in wpa_ft_store_pmk_fils()
2121 	const u8 *mdid = sm->wpa_auth->conf.mobility_domain;  in wpa_auth_derive_ptk_ft()
2122 	const u8 *r0kh = sm->wpa_auth->conf.r0_key_holder;  in wpa_auth_derive_ptk_ft()
2123 	size_t r0kh_len = sm->wpa_auth->conf.r0_key_holder_len;  in wpa_auth_derive_ptk_ft()
2124 	const u8 *r1kh = sm->wpa_auth->conf.r1_key_holder;  in wpa_auth_derive_ptk_ft()
2125 	const u8 *ssid = sm->wpa_auth->conf.ssid;  in wpa_auth_derive_ptk_ft()
2126 	size_t ssid_len = sm->wpa_auth->conf.ssid_len;  in wpa_auth_derive_ptk_ft()
2162 				 sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name,  in wpa_auth_derive_ptk_ft()
2172 	int psk_local = sm->wpa_auth->conf.ft_psk_generate_local;  in wpa_auth_ft_store_keys()
2173 	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;  in wpa_auth_ft_store_keys()
2182 	if (wpa_ft_get_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) {  in wpa_auth_ft_store_keys()
2188 	identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);  in wpa_auth_ft_store_keys()
2189 	radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,  in wpa_auth_ft_store_keys()
2191 	session_timeout = wpa_ft_get_session_timeout(sm->wpa_auth, sm->addr);  in wpa_auth_ft_store_keys()
2194 	wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, key_len,  in wpa_auth_ft_store_keys()
2199 	wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, key_len,  in wpa_auth_ft_store_keys()
2206 static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth,  in wpa_auth_get_seqnum()  argument
2209 	if (wpa_auth->cb->get_seqnum == NULL)  in wpa_auth_get_seqnum()
2211 	return wpa_auth->cb->get_seqnum(wpa_auth->cb_ctx, addr, idx, seq);  in wpa_auth_get_seqnum()
2218 	struct wpa_auth_config *conf = &sm->wpa_auth->conf;  in wpa_ft_gtk_subelem()
2289 	wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, subelem + 5);  in wpa_ft_gtk_subelem()
2308 	struct wpa_auth_config *conf = &sm->wpa_auth->conf;  in wpa_ft_igtk_subelem()
2324 	igtk_len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher);  in wpa_ft_igtk_subelem()
2338 	wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos);  in wpa_ft_igtk_subelem()
2369 	struct wpa_authenticator *wpa_auth = sm->wpa_auth;  in wpa_ft_bigtk_subelem()  local
2370 	struct wpa_group *gsm = wpa_auth->group;  in wpa_ft_bigtk_subelem()
2385 	bigtk_len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);  in wpa_ft_bigtk_subelem()
2399 	wpa_auth_get_seqnum(wpa_auth, NULL, gsm->GN_bigtk, pos);  in wpa_ft_bigtk_subelem()
2482 	if (parse.wmm_tspec && sm->wpa_auth->conf.ap_mlme) {  in wpa_ft_process_rdie()
2502 	if (parse.wmm_tspec && !sm->wpa_auth->conf.ap_mlme) {  in wpa_ft_process_rdie()
2505 		res = wpa_ft_add_tspec(sm->wpa_auth, sm->addr, pos,  in wpa_ft_process_rdie()
2581 	conf = &sm->wpa_auth->conf;  in wpa_sm_write_assoc_resp_ies()
2590 	    sm->wpa_auth->conf.rsne_override_ft_set) {  in wpa_sm_write_assoc_resp_ies()
2593 		rsnie = sm->wpa_auth->conf.rsne_override_ft;  in wpa_sm_write_assoc_resp_ies()
2594 		rsnie_len = sm->wpa_auth->conf.rsne_override_ft_len;  in wpa_sm_write_assoc_resp_ies()
2711 			if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {  in wpa_sm_write_assoc_resp_ies()
2754 	if (sm->wpa_auth->conf.ft_rsnxe_used) {  in wpa_sm_write_assoc_resp_ies()
2755 		rsnxe_used = sm->wpa_auth->conf.ft_rsnxe_used == 1;  in wpa_sm_write_assoc_resp_ies()
2764 	    sm->wpa_auth->cb->get_psk) {  in wpa_sm_write_assoc_resp_ies()
2767 		if (sm->wpa_auth->cb->get_psk(sm->wpa_auth->cb_ctx,  in wpa_sm_write_assoc_resp_ies()
2823 		res = wpa_write_rsnxe(&sm->wpa_auth->conf, rsnxe,  in wpa_sm_write_assoc_resp_ies()
2833 	    sm->wpa_auth->conf.rsnxe_override_ft_set) {  in wpa_sm_write_assoc_resp_ies()
2836 		rsnxe = sm->wpa_auth->conf.rsnxe_override_ft;  in wpa_sm_write_assoc_resp_ies()
2837 		rsnxe_len = sm->wpa_auth->conf.rsnxe_override_ft_len;  in wpa_sm_write_assoc_resp_ies()
2852 		       sm->addr, sm->wpa_auth->addr, 6,  in wpa_sm_write_assoc_resp_ies()
2878 static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth,  in wpa_auth_set_key()  argument
2884 	if (wpa_auth->cb->set_key == NULL)  in wpa_auth_set_key()
2886 	return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx,  in wpa_auth_set_key()
2892 static inline int wpa_auth_set_ltf_keyseed(struct wpa_authenticator *wpa_auth,  in wpa_auth_set_ltf_keyseed()  argument
2897 	if (!wpa_auth->cb->set_ltf_keyseed)  in wpa_auth_set_ltf_keyseed()
2899 	return wpa_auth->cb->set_ltf_keyseed(wpa_auth->cb_ctx, peer_addr,  in wpa_auth_set_ltf_keyseed()
2905 static inline int wpa_auth_add_sta_ft(struct wpa_authenticator *wpa_auth,  in wpa_auth_add_sta_ft()  argument
2908 	if (!wpa_auth->cb->add_sta_ft)  in wpa_auth_add_sta_ft()
2910 	return wpa_auth->cb->add_sta_ft(wpa_auth->cb_ctx, addr);  in wpa_auth_add_sta_ft()
2937 		wpa_auth_add_sta_ft(sm->wpa_auth, sm->addr);  in wpa_ft_install_ptk()
2945 	if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, sm->keyidx_active,  in wpa_ft_install_ptk()
2950 	if (sm->wpa_auth->conf.secure_ltf &&  in wpa_ft_install_ptk()
2952 	    wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,  in wpa_ft_install_ptk()
2965 	wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,  in wpa_ft_install_ptk()
2983 	struct wpa_authenticator *wpa_auth = sm->wpa_auth;  in wpa_ft_psk_pmk_r1()  local
2984 	const u8 *mdid = wpa_auth->conf.mobility_domain;  in wpa_ft_psk_pmk_r1()
2987 	const u8 *r1kh = wpa_auth->conf.r1_key_holder;  in wpa_ft_psk_pmk_r1()
2988 	const u8 *ssid = wpa_auth->conf.ssid;  in wpa_ft_psk_pmk_r1()
2989 	size_t ssid_len = wpa_auth->conf.ssid_len;  in wpa_ft_psk_pmk_r1()
2995 		pmk = wpa_ft_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr,  in wpa_ft_psk_pmk_r1()
3019 		    wpa_ft_get_vlan(sm->wpa_auth, sm->addr, out_vlan) < 0) {  in wpa_ft_psk_pmk_r1()
3027 				sm->wpa_auth, sm->addr, out_identity);  in wpa_ft_psk_pmk_r1()
3032 				sm->wpa_auth, sm->addr, out_radius_cui);  in wpa_ft_psk_pmk_r1()
3037 				sm->wpa_auth, sm->addr);  in wpa_ft_psk_pmk_r1()
3060 	key_mgmt = parse->key_mgmt & sm->wpa_auth->conf.wpa_key_mgmt;  in wpa_ft_set_key_mgmt()
3080 	ciphers = parse->pairwise_cipher & sm->wpa_auth->conf.rsn_pairwise;  in wpa_ft_set_key_mgmt()
3093 static int wpa_ft_local_derive_pmk_r1(struct wpa_authenticator *wpa_auth,  in wpa_ft_local_derive_pmk_r1()  argument
3106 	struct wpa_auth_config *conf = &wpa_auth->conf;  in wpa_ft_local_derive_pmk_r1()
3118 	if (wpa_ft_fetch_pmk_r0(sm->wpa_auth, sm->addr, req_pmk_r0_name, &r0) <  in wpa_ft_local_derive_pmk_r1()
3136 	wpa_ft_store_pmk_r1(wpa_auth, sm->addr, out_pmk_r1, r0->pmk_r0_len,  in wpa_ft_local_derive_pmk_r1()
3191 	conf = &sm->wpa_auth->conf;  in wpa_ft_process_auth_req()
3204 		      sm->wpa_auth->conf.mobility_domain,  in wpa_ft_process_auth_req()
3243 					   sm->wpa_auth->conf.r1_key_holder,  in wpa_ft_process_auth_req()
3270 					   sm->wpa_auth->conf.r1_key_holder,  in wpa_ft_process_auth_req()
3274 		if (wpa_ft_fetch_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1_name,  in wpa_ft_process_auth_req()
3288 	if (wpa_ft_local_derive_pmk_r1(sm->wpa_auth, sm,  in wpa_ft_process_auth_req()
3365 	if (sm->wpa_auth->conf.force_kdk_derivation ||  in wpa_ft_process_auth_req()
3366 	    (sm->wpa_auth->conf.secure_ltf &&  in wpa_ft_process_auth_req()
3373 			      sm->addr, sm->wpa_auth->addr, pmk_r1_name,  in wpa_ft_process_auth_req()
3379 	if (sm->wpa_auth->conf.secure_ltf &&  in wpa_ft_process_auth_req()
3392 	if (wpa_ft_set_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) {  in wpa_ft_process_auth_req()
3396 	if (wpa_ft_set_identity(sm->wpa_auth, sm->addr,  in wpa_ft_process_auth_req()
3398 	    wpa_ft_set_radius_cui(sm->wpa_auth, sm->addr,  in wpa_ft_process_auth_req()
3403 	wpa_ft_set_session_timeout(sm->wpa_auth, sm->addr, session_timeout);  in wpa_ft_process_auth_req()
3465 		   MAC2STR(sm->addr), MAC2STR(sm->wpa_auth->addr),  in wpa_ft_process_auth()
3470 	sm->ft_pending_pull_left_retries = sm->wpa_auth->conf.rkh_pull_retries;  in wpa_ft_process_auth()
3505 	conf = &sm->wpa_auth->conf;  in wpa_ft_validate_reassoc()
3648 		       sm->addr, sm->wpa_auth->addr, 5,  in wpa_ft_validate_reassoc()
3664 			   MAC2STR(sm->addr), MAC2STR(sm->wpa_auth->addr));  in wpa_ft_validate_reassoc()
3698 		if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {  in wpa_ft_validate_reassoc()
3719 			if (sm->wpa_auth->conf.msg_ctx)  in wpa_ft_validate_reassoc()
3720 				wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO,  in wpa_ft_validate_reassoc()
3782 	    ether_addr_equal(target_ap, sm->wpa_auth->addr)) {  in wpa_ft_action_rx()
3790 	if (!sm->wpa_auth->conf.ft_over_ds) {  in wpa_ft_action_rx()
3802 	os_memcpy(frame->ap_address, sm->wpa_auth->addr, ETH_ALEN);  in wpa_ft_action_rx()
3805 	wpa_ft_rrb_send(sm->wpa_auth, target_ap, (u8 *) frame,  in wpa_ft_action_rx()
3825 static int wpa_ft_rrb_rx_request(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_request()  argument
3835 	sm = wpa_ft_add_sta(wpa_auth, sta_addr);  in wpa_ft_rrb_rx_request()
3847 	sm->ft_pending_pull_left_retries = sm->wpa_auth->conf.rkh_pull_retries;  in wpa_ft_rrb_rx_request()
3868 	struct wpa_authenticator *wpa_auth = sm->wpa_auth;  in wpa_ft_send_rrb_auth_resp()  local
3893 	os_memcpy(frame->ap_address, wpa_auth->addr, ETH_ALEN);  in wpa_ft_send_rrb_auth_resp()
3899 	os_memcpy(pos, wpa_auth->addr, ETH_ALEN);  in wpa_ft_send_rrb_auth_resp()
3906 	wpa_ft_rrb_send(wpa_auth, current_ap, (u8 *) frame,  in wpa_ft_send_rrb_auth_resp()
3985 static int wpa_ft_rrb_rx_pull(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_pull()  argument
4012 	if (wpa_ft_rrb_check_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len)) {  in wpa_ft_rrb_rx_pull()
4020 	wpa_ft_rrb_lookup_r1kh(wpa_auth, f_r1kh_id, &r1kh, &r1kh_wildcard);  in wpa_ft_rrb_rx_pull()
4054 		r1kh = wpa_ft_rrb_add_r1kh(wpa_auth, r1kh_wildcard, src_addr,  in wpa_ft_rrb_rx_pull()
4056 					   wpa_auth->conf.rkh_pos_timeout);  in wpa_ft_rrb_rx_pull()
4061 		wpa_ft_rrb_seq_req(wpa_auth, r1kh->seq, src_addr, f_r0kh_id,  in wpa_ft_rrb_rx_pull()
4068 	wpa_ft_rrb_seq_accept(wpa_auth, r1kh->seq, src_addr, auth, auth_len,  in wpa_ft_rrb_rx_pull()
4070 	wpa_ft_rrb_r1kh_replenish(wpa_auth, r1kh,  in wpa_ft_rrb_rx_pull()
4071 				  wpa_auth->conf.rkh_pos_timeout);  in wpa_ft_rrb_rx_pull()
4087 		   MAC2STR(wpa_auth->addr), MAC2STR(src_addr));  in wpa_ft_rrb_rx_pull()
4112 	if (wpa_ft_fetch_pmk_r0(wpa_auth, f_s1kh_id, f_pmk_r0_name, &r0) < 0) {  in wpa_ft_rrb_rx_pull()
4115 				       NULL, wpa_auth->addr,  in wpa_ft_rrb_rx_pull()
4120 					  f_s1kh_id, resp_auth, wpa_auth->addr,  in wpa_ft_rrb_rx_pull()
4126 		wpa_ft_rrb_oui_send(wpa_auth, src_addr,  in wpa_ft_rrb_rx_pull()
4142 static int wpa_ft_rrb_rx_r1(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_r1()  argument
4147 			    int (*cb)(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_r1()  argument
4182 	if (wpa_ft_rrb_check_r1kh(wpa_auth, f_r1kh_id)) {  in wpa_ft_rrb_rx_r1()
4187 	wpa_ft_rrb_lookup_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len, &r0kh,  in wpa_ft_rrb_rx_r1()
4220 		r0kh = wpa_ft_rrb_add_r0kh(wpa_auth, r0kh_wildcard, src_addr,  in wpa_ft_rrb_rx_r1()
4222 					   wpa_auth->conf.rkh_pos_timeout);  in wpa_ft_rrb_rx_r1()
4227 		wpa_ft_rrb_seq_req(wpa_auth, r0kh->seq, src_addr, f_r0kh_id,  in wpa_ft_rrb_rx_r1()
4233 	wpa_ft_rrb_seq_accept(wpa_auth, r0kh->seq, src_addr, auth, auth_len,  in wpa_ft_rrb_rx_r1()
4235 	wpa_ft_rrb_r0kh_replenish(wpa_auth, r0kh,  in wpa_ft_rrb_rx_r1()
4236 				  wpa_auth->conf.rkh_pos_timeout);  in wpa_ft_rrb_rx_r1()
4301 	if (wpa_ft_store_pmk_r1(wpa_auth, f_s1kh_id, f_pmk_r1, pmk_r1_len,  in wpa_ft_rrb_rx_r1()
4373 static int wpa_ft_rrb_rx_resp(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_resp()  argument
4393 	if (!wpa_auth_for_each_sta(wpa_auth, ft_get_sta_cb, &ctx)) {  in wpa_ft_rrb_rx_resp()
4399 	ret = wpa_ft_rrb_rx_r1(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_RESP,  in wpa_ft_rrb_rx_resp()
4412 	if (wpa_auth_for_each_sta(wpa_auth, ft_get_sta_cb, &ctx)) {  in wpa_ft_rrb_rx_resp()
4427 static int wpa_ft_rrb_rx_push(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_push()  argument
4436 	if (wpa_ft_rrb_rx_r1(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_PUSH,  in wpa_ft_rrb_rx_push()
4445 static int wpa_ft_rrb_rx_seq(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_seq()  argument
4469 	to_r0kh = !wpa_ft_rrb_check_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len);  in wpa_ft_rrb_rx_seq()
4470 	to_r1kh = !wpa_ft_rrb_check_r1kh(wpa_auth, f_r1kh_id);  in wpa_ft_rrb_rx_seq()
4483 		wpa_ft_rrb_lookup_r0kh(wpa_auth, f_r0kh_id, f_r0kh_id_len,  in wpa_ft_rrb_rx_seq()
4501 		wpa_ft_rrb_lookup_r1kh(wpa_auth, f_r1kh_id, &r1kh,  in wpa_ft_rrb_rx_seq()
4526 			r0kh = wpa_ft_rrb_add_r0kh(wpa_auth, r0kh_wildcard,  in wpa_ft_rrb_rx_seq()
4533 		wpa_ft_rrb_r0kh_replenish(wpa_auth, r0kh, ftRRBseqTimeout);  in wpa_ft_rrb_rx_seq()
4543 			r1kh = wpa_ft_rrb_add_r1kh(wpa_auth, r1kh_wildcard,  in wpa_ft_rrb_rx_seq()
4549 		wpa_ft_rrb_r1kh_replenish(wpa_auth, r1kh, ftRRBseqTimeout);  in wpa_ft_rrb_rx_seq()
4563 static int wpa_ft_rrb_rx_seq_req(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_seq_req()  argument
4580 	if (wpa_ft_rrb_rx_seq(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_SEQ_REQ,  in wpa_ft_rrb_rx_seq_req()
4598 		   MAC2STR(wpa_auth->addr), MAC2STR(src_addr));  in wpa_ft_rrb_rx_seq_req()
4617 			     wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_RESP,  in wpa_ft_rrb_rx_seq_req()
4621 	wpa_ft_rrb_oui_send(wpa_auth, src_addr,  in wpa_ft_rrb_rx_seq_req()
4632 static int wpa_ft_rrb_rx_seq_resp(struct wpa_authenticator *wpa_auth,  in wpa_ft_rrb_rx_seq_resp()  argument
4653 	if (wpa_ft_rrb_rx_seq(wpa_auth, src_addr, FT_PACKET_R0KH_R1KH_SEQ_RESP,  in wpa_ft_rrb_rx_seq_resp()
4681 		wpa_ft_rrb_r0kh_replenish(wpa_auth, r0kh,  in wpa_ft_rrb_rx_seq_resp()
4682 					  wpa_auth->conf.rkh_pos_timeout);  in wpa_ft_rrb_rx_seq_resp()
4688 		wpa_ft_rrb_r1kh_replenish(wpa_auth, r1kh,  in wpa_ft_rrb_rx_seq_resp()
4689 					  wpa_auth->conf.rkh_pos_timeout);  in wpa_ft_rrb_rx_seq_resp()
4698 		wpa_ft_rrb_seq_accept(wpa_auth, rkh_seq, src_addr, auth,  in wpa_ft_rrb_rx_seq_resp()
4725 	wpa_ft_rrb_seq_flush(wpa_auth, rkh_seq, 1);  in wpa_ft_rrb_rx_seq_resp()
4733 int wpa_ft_rrb_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,  in wpa_ft_rrb_rx()  argument
4810 		if (!ether_addr_equal(target_ap_addr, wpa_auth->addr)) {  in wpa_ft_rrb_rx()
4817 		if (wpa_ft_rrb_rx_request(wpa_auth, frame->ap_address,  in wpa_ft_rrb_rx()
4833 		if (wpa_ft_action_send(wpa_auth, sta_addr, start, alen) < 0)  in wpa_ft_rrb_rx()
4845 void wpa_ft_rrb_oui_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,  in wpa_ft_rrb_oui_rx()  argument
4856 		   MAC2STR(wpa_auth->addr), MAC2STR(src_addr), oui_suffix,  in wpa_ft_rrb_oui_rx()
4889 		wpa_ft_rrb_rx_pull(wpa_auth, src_addr, enc, elen, auth, alen,  in wpa_ft_rrb_oui_rx()
4893 		wpa_ft_rrb_rx_resp(wpa_auth, src_addr, enc, elen, auth, alen,  in wpa_ft_rrb_oui_rx()
4897 		wpa_ft_rrb_rx_push(wpa_auth, src_addr, enc, elen, auth, alen,  in wpa_ft_rrb_oui_rx()
4901 		wpa_ft_rrb_rx_seq_req(wpa_auth, src_addr, enc, elen, auth, alen,  in wpa_ft_rrb_oui_rx()
4905 		wpa_ft_rrb_rx_seq_resp(wpa_auth, src_addr, enc, elen, auth,  in wpa_ft_rrb_oui_rx()
4912 static int wpa_ft_generate_pmk_r1(struct wpa_authenticator *wpa_auth,  in wpa_ft_generate_pmk_r1()  argument
4931 		  .len = wpa_auth->conf.r0_key_holder_len,  in wpa_ft_generate_pmk_r1()
4932 		  .data = wpa_auth->conf.r0_key_holder },  in wpa_ft_generate_pmk_r1()
4945 		   MAC2STR(wpa_auth->addr), MAC2STR(r1kh->addr));  in wpa_ft_generate_pmk_r1()
4948 				r1kh->id, s1kh_id, push_auth, wpa_auth->addr,  in wpa_ft_generate_pmk_r1()
4953 	wpa_ft_rrb_oui_send(wpa_auth, r1kh->addr, FT_PACKET_R0KH_R1KH_PUSH,  in wpa_ft_generate_pmk_r1()
4961 void wpa_ft_push_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *addr)  in wpa_ft_push_pmk_r1()  argument
4963 	struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;  in wpa_ft_push_pmk_r1()
4967 	if (!wpa_auth->conf.pmk_r1_push)  in wpa_ft_push_pmk_r1()
4969 	if (!wpa_auth->conf.r1kh_list)  in wpa_ft_push_pmk_r1()
4987 	for (r1kh = *wpa_auth->conf.r1kh_list; r1kh; r1kh = r1kh->next) {  in wpa_ft_push_pmk_r1()
4993 		wpa_ft_generate_pmk_r1(wpa_auth, r0, r1kh, addr);  in wpa_ft_push_pmk_r1()