nl802154: add support for security layer
This patch adds support for accessing mac802154 llsec implementation
over nl802154. I added for a new Kconfig entry to provide this
functionality CONFIG_IEEE802154_NL802154_EXPERIMENTAL. This interface is
still in development. It provides to change security parameters and
add/del/dump entries of security tables. Later we can add also a get to
get an entry by unique identifier.
Cc: Phoebe Buckheister <phoebe.buckheister@itwm.fraunhofer.de>
Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
diff --git a/include/net/nl802154.h b/include/net/nl802154.h
index cf2713d..32cb3e5 100644
--- a/include/net/nl802154.h
+++ b/include/net/nl802154.h
@@ -56,6 +56,22 @@
/* add new commands above here */
+#ifdef CONFIG_IEEE802154_NL802154_EXPERIMENTAL
+ NL802154_CMD_SET_SEC_PARAMS,
+ NL802154_CMD_GET_SEC_KEY, /* can dump */
+ NL802154_CMD_NEW_SEC_KEY,
+ NL802154_CMD_DEL_SEC_KEY,
+ NL802154_CMD_GET_SEC_DEV, /* can dump */
+ NL802154_CMD_NEW_SEC_DEV,
+ NL802154_CMD_DEL_SEC_DEV,
+ NL802154_CMD_GET_SEC_DEVKEY, /* can dump */
+ NL802154_CMD_NEW_SEC_DEVKEY,
+ NL802154_CMD_DEL_SEC_DEVKEY,
+ NL802154_CMD_GET_SEC_LEVEL, /* can dump */
+ NL802154_CMD_NEW_SEC_LEVEL,
+ NL802154_CMD_DEL_SEC_LEVEL,
+#endif /* CONFIG_IEEE802154_NL802154_EXPERIMENTAL */
+
/* used to define NL802154_CMD_MAX below */
__NL802154_CMD_AFTER_LAST,
NL802154_CMD_MAX = __NL802154_CMD_AFTER_LAST - 1
@@ -110,6 +126,18 @@
/* add attributes here, update the policy in nl802154.c */
+#ifdef CONFIG_IEEE802154_NL802154_EXPERIMENTAL
+ NL802154_ATTR_SEC_ENABLED,
+ NL802154_ATTR_SEC_OUT_LEVEL,
+ NL802154_ATTR_SEC_OUT_KEY_ID,
+ NL802154_ATTR_SEC_FRAME_COUNTER,
+
+ NL802154_ATTR_SEC_LEVEL,
+ NL802154_ATTR_SEC_DEVICE,
+ NL802154_ATTR_SEC_DEVKEY,
+ NL802154_ATTR_SEC_KEY,
+#endif /* CONFIG_IEEE802154_NL802154_EXPERIMENTAL */
+
__NL802154_ATTR_AFTER_LAST,
NL802154_ATTR_MAX = __NL802154_ATTR_AFTER_LAST - 1
};
@@ -247,4 +275,167 @@
NL802154_SUPPORTED_BOOL_MAX = __NL802154_SUPPORTED_BOOL_AFTER_LAST - 1
};
+#ifdef CONFIG_IEEE802154_NL802154_EXPERIMENTAL
+
+enum nl802154_dev_addr_modes {
+ NL802154_DEV_ADDR_NONE,
+ __NL802154_DEV_ADDR_INVALID,
+ NL802154_DEV_ADDR_SHORT,
+ NL802154_DEV_ADDR_EXTENDED,
+
+ /* keep last */
+ __NL802154_DEV_ADDR_AFTER_LAST,
+ NL802154_DEV_ADDR_MAX = __NL802154_DEV_ADDR_AFTER_LAST - 1
+};
+
+enum nl802154_dev_addr_attrs {
+ NL802154_DEV_ADDR_ATTR_UNSPEC,
+
+ NL802154_DEV_ADDR_ATTR_PAN_ID,
+ NL802154_DEV_ADDR_ATTR_MODE,
+ NL802154_DEV_ADDR_ATTR_SHORT,
+ NL802154_DEV_ADDR_ATTR_EXTENDED,
+
+ /* keep last */
+ __NL802154_DEV_ADDR_ATTR_AFTER_LAST,
+ NL802154_DEV_ADDR_ATTR_MAX = __NL802154_DEV_ADDR_ATTR_AFTER_LAST - 1
+};
+
+enum nl802154_key_id_modes {
+ NL802154_KEY_ID_MODE_IMPLICIT,
+ NL802154_KEY_ID_MODE_INDEX,
+ NL802154_KEY_ID_MODE_INDEX_SHORT,
+ NL802154_KEY_ID_MODE_INDEX_EXTENDED,
+
+ /* keep last */
+ __NL802154_KEY_ID_MODE_AFTER_LAST,
+ NL802154_KEY_ID_MODE_MAX = __NL802154_KEY_ID_MODE_AFTER_LAST - 1
+};
+
+enum nl802154_key_id_attrs {
+ NL802154_KEY_ID_ATTR_UNSPEC,
+
+ NL802154_KEY_ID_ATTR_MODE,
+ NL802154_KEY_ID_ATTR_INDEX,
+ NL802154_KEY_ID_ATTR_IMPLICIT,
+ NL802154_KEY_ID_ATTR_SOURCE_SHORT,
+ NL802154_KEY_ID_ATTR_SOURCE_EXTENDED,
+
+ /* keep last */
+ __NL802154_KEY_ID_ATTR_AFTER_LAST,
+ NL802154_KEY_ID_ATTR_MAX = __NL802154_KEY_ID_ATTR_AFTER_LAST - 1
+};
+
+enum nl802154_seclevels {
+ NL802154_SECLEVEL_NONE,
+ NL802154_SECLEVEL_MIC32,
+ NL802154_SECLEVEL_MIC64,
+ NL802154_SECLEVEL_MIC128,
+ NL802154_SECLEVEL_ENC,
+ NL802154_SECLEVEL_ENC_MIC32,
+ NL802154_SECLEVEL_ENC_MIC64,
+ NL802154_SECLEVEL_ENC_MIC128,
+
+ /* keep last */
+ __NL802154_SECLEVEL_AFTER_LAST,
+ NL802154_SECLEVEL_MAX = __NL802154_SECLEVEL_AFTER_LAST - 1
+};
+
+enum nl802154_frames {
+ NL802154_FRAME_BEACON,
+ NL802154_FRAME_DATA,
+ NL802154_FRAME_ACK,
+ NL802154_FRAME_CMD,
+
+ /* keep last */
+ __NL802154_FRAME_AFTER_LAST,
+ NL802154_FRAME_MAX = __NL802154_FRAME_AFTER_LAST - 1
+};
+
+enum nl802154_cmd_frames {
+ __NL802154_CMD_FRAME_INVALID,
+ NL802154_CMD_FRAME_ASSOC_REQUEST,
+ NL802154_CMD_FRAME_ASSOC_RESPONSE,
+ NL802154_CMD_FRAME_DISASSOC_NOTIFY,
+ NL802154_CMD_FRAME_DATA_REQUEST,
+ NL802154_CMD_FRAME_PAN_ID_CONFLICT_NOTIFY,
+ NL802154_CMD_FRAME_ORPHAN_NOTIFY,
+ NL802154_CMD_FRAME_BEACON_REQUEST,
+ NL802154_CMD_FRAME_COORD_REALIGNMENT,
+ NL802154_CMD_FRAME_GTS_REQUEST,
+
+ /* keep last */
+ __NL802154_CMD_FRAME_AFTER_LAST,
+ NL802154_CMD_FRAME_MAX = __NL802154_CMD_FRAME_AFTER_LAST - 1
+};
+
+enum nl802154_seclevel_attrs {
+ NL802154_SECLEVEL_ATTR_UNSPEC,
+
+ NL802154_SECLEVEL_ATTR_LEVELS,
+ NL802154_SECLEVEL_ATTR_FRAME,
+ NL802154_SECLEVEL_ATTR_CMD_FRAME,
+ NL802154_SECLEVEL_ATTR_DEV_OVERRIDE,
+
+ /* keep last */
+ __NL802154_SECLEVEL_ATTR_AFTER_LAST,
+ NL802154_SECLEVEL_ATTR_MAX = __NL802154_SECLEVEL_ATTR_AFTER_LAST - 1
+};
+
+/* TODO what is this? couldn't find in mib */
+enum {
+ NL802154_DEVKEY_IGNORE,
+ NL802154_DEVKEY_RESTRICT,
+ NL802154_DEVKEY_RECORD,
+
+ /* keep last */
+ __NL802154_DEVKEY_AFTER_LAST,
+ NL802154_DEVKEY_MAX = __NL802154_DEVKEY_AFTER_LAST - 1
+};
+
+enum nl802154_dev {
+ NL802154_DEV_ATTR_UNSPEC,
+
+ NL802154_DEV_ATTR_FRAME_COUNTER,
+ NL802154_DEV_ATTR_PAN_ID,
+ NL802154_DEV_ATTR_SHORT_ADDR,
+ NL802154_DEV_ATTR_EXTENDED_ADDR,
+ NL802154_DEV_ATTR_SECLEVEL_EXEMPT,
+ NL802154_DEV_ATTR_KEY_MODE,
+
+ /* keep last */
+ __NL802154_DEV_ATTR_AFTER_LAST,
+ NL802154_DEV_ATTR_MAX = __NL802154_DEV_ATTR_AFTER_LAST - 1
+};
+
+enum nl802154_devkey {
+ NL802154_DEVKEY_ATTR_UNSPEC,
+
+ NL802154_DEVKEY_ATTR_FRAME_COUNTER,
+ NL802154_DEVKEY_ATTR_EXTENDED_ADDR,
+ NL802154_DEVKEY_ATTR_ID,
+
+ /* keep last */
+ __NL802154_DEVKEY_ATTR_AFTER_LAST,
+ NL802154_DEVKEY_ATTR_MAX = __NL802154_DEVKEY_ATTR_AFTER_LAST - 1
+};
+
+enum nl802154_key {
+ NL802154_KEY_ATTR_UNSPEC,
+
+ NL802154_KEY_ATTR_ID,
+ NL802154_KEY_ATTR_USAGE_FRAMES,
+ NL802154_KEY_ATTR_USAGE_CMDS,
+ NL802154_KEY_ATTR_BYTES,
+
+ /* keep last */
+ __NL802154_KEY_ATTR_AFTER_LAST,
+ NL802154_KEY_ATTR_MAX = __NL802154_KEY_ATTR_AFTER_LAST - 1
+};
+
+#define NL802154_KEY_SIZE 16
+#define NL802154_CMD_FRAME_NR_IDS 256
+
+#endif /* CONFIG_IEEE802154_NL802154_EXPERIMENTAL */
+
#endif /* __NL802154_H */