cfg80211: Configure PMK lifetime and reauth threshold for PMKSA entries

 * @cache_id: 2-octet cache identifier advertized by a FILS AP identifying the

 *	scope of PMKSA. This is valid only if @ssid_len is non-zero (may be

 *	%NULL).

 * @pmk_lifetime: Maximum lifetime for PMKSA in seconds

 *	(dot11RSNAConfigPMKLifetime) or 0 if not specified.

 *	The configured PMKSA must not be used for PMKSA caching after

 *	expiration and any keys derived from this PMK become invalid on

 *	expiration, i.e., the current association must be dropped if the PMK

 *	used for it expires.

 * @pmk_reauth_threshold: Threshold time for reauthentication (percentage of

 *	PMK lifetime, dot11RSNAConfigPMKReauthThreshold) or 0 if not specified.

 *	Drivers are expected to trigger a full authentication instead of using

 *	this PMKSA for caching when reassociating to a new BSS after this

 *	threshold to generate a new PMK before the current one expires.

 */

struct cfg80211_pmksa {

	const u8 *bssid;

	const u8 *ssid;

	size_t ssid_len;

	const u8 *cache_id;

	u32 pmk_lifetime;

	u8 pmk_reauth_threshold;

};

/**

 * @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH: disable preauth frame rx on control

 *	port in order to forward/receive them as ordinary data frames.

 *

 * @NL80211_ATTR_PMK_LIFETIME: Maximum lifetime for PMKSA in seconds (u32,

 *	dot11RSNAConfigPMKReauthThreshold; 0 is not a valid value).

 *	An optional parameter configured through %NL80211_CMD_SET_PMKSA.

 *	Drivers that trigger roaming need to know the lifetime of the

 *	configured PMKSA for triggering the full vs. PMKSA caching based

 *	authentication. This timeout helps authentication methods like SAE,

 *	where PMK gets updated only by going through a full (new SAE)

 *	authentication instead of getting updated during an association for EAP

 *	authentication. No new full authentication within the PMK expiry shall

 *	result in a disassociation at the end of the lifetime.

 *

 * @NL80211_ATTR_PMK_REAUTH_THRESHOLD: Reauthentication threshold time, in

 *	terms of percentage of %NL80211_ATTR_PMK_LIFETIME

 *	(u8, dot11RSNAConfigPMKReauthThreshold, 1..100). This is an optional

 *	parameter configured through %NL80211_CMD_SET_PMKSA. Requests the

 *	driver to trigger a full authentication roam (without PMKSA caching)

 *	after the reauthentication threshold time, but before the PMK lifetime

 *	has expired.

 *

 *	Authentication methods like SAE need to be able to generate a new PMKSA

 *	entry without having to force a disconnection after the PMK timeout. If

 *	no roaming occurs between the reauth threshold and PMK expiration,

 *	disassociation is still forced.

 *

 * @NUM_NL80211_ATTR: total number of nl80211_attrs available

 * @NL80211_ATTR_MAX: highest attribute number currently defined

 * @__NL80211_ATTR_AFTER_LAST: internal use

	NL80211_ATTR_CONTROL_PORT_NO_PREAUTH,

	NL80211_ATTR_PMK_LIFETIME,

	NL80211_ATTR_PMK_REAUTH_THRESHOLD,

	/* add attributes here, update the policy in nl80211.c */

	__NL80211_ATTR_AFTER_LAST,

	[NL80211_ATTR_TID_CONFIG] =

		NLA_POLICY_NESTED_ARRAY(nl80211_tid_config_attr_policy),

	[NL80211_ATTR_CONTROL_PORT_NO_PREAUTH] = { .type = NLA_FLAG },

	[NL80211_ATTR_PMK_LIFETIME] = NLA_POLICY_MIN(NLA_U32, 1),

	[NL80211_ATTR_PMK_REAUTH_THRESHOLD] = NLA_POLICY_RANGE(NLA_U8, 1, 100),

};

/* policy for the key attributes */

		pmksa.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);

	}

	if (info->attrs[NL80211_ATTR_PMK_LIFETIME])

		pmksa.pmk_lifetime =

			nla_get_u32(info->attrs[NL80211_ATTR_PMK_LIFETIME]);

	if (info->attrs[NL80211_ATTR_PMK_REAUTH_THRESHOLD])

		pmksa.pmk_reauth_threshold =

			nla_get_u8(

				info->attrs[NL80211_ATTR_PMK_REAUTH_THRESHOLD]);

	if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&

	    dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&

	    !(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_AP &&