wiphy: handle FILS AKMs

wiphy_select_akm needed to be updated to take a flag, which can be
set to true if there are known reauth keys for this connection. If
we have reauth keys, and FILS is available we will choose it.

src/station.c

@@ -507,7 +507,7 @@ static int station_build_handshake_rsn(struct handshake_state *hs,
 	memset(&bss_info, 0, sizeof(bss_info));
 	scan_bss_get_rsn_info(bss, &bss_info);
 
-	info.akm_suites = wiphy_select_akm(wiphy, bss);
+	info.akm_suites = wiphy_select_akm(wiphy, bss, false);
 
 	/*
 	 * Special case for OWE. With OWE we still need to build up the

src/wiphy.c

@@ -95,7 +95,8 @@ enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy, uint16_t mask)
 }
 
 enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy,
-					struct scan_bss *bss)
+					struct scan_bss *bss,
+					bool fils_capable_hint)
 {
 	struct ie_rsn_info info;
 	enum security security;
@@ -110,6 +111,15 @@ enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy,
 	 * for fast transitions.  Otherwise use SHA256 version if present.
 	 */
 	if (security == SECURITY_8021X) {
+		if (wiphy_has_feature(wiphy, NL80211_EXT_FEATURE_FILS_STA) &&
+				fils_capable_hint) {
+			if (info.akm_suites & IE_RSN_AKM_SUITE_FILS_SHA384)
+				return IE_RSN_AKM_SUITE_FILS_SHA384;
+
+			if (info.akm_suites & IE_RSN_AKM_SUITE_FILS_SHA256)
+				return IE_RSN_AKM_SUITE_FILS_SHA256;
+		}
+
 		if ((info.akm_suites & IE_RSN_AKM_SUITE_FT_OVER_8021X) &&
 				bss->rsne && bss->mde_present)
 			return IE_RSN_AKM_SUITE_FT_OVER_8021X;

src/wiphy.h

@@ -40,7 +40,8 @@ typedef void (*wiphy_destroy_func_t)(void *user_data);
 enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy,
 							uint16_t mask);
 enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy,
-					struct scan_bss *bss);
+					struct scan_bss *bss,
+					bool fils_capable_hint);
 
 bool wiphy_parse_id_and_name(struct l_genl_attr *attr, uint32_t *out_id,
 				const char **out_name);