From: Johannes Berg <johannes@sipsolutions.net>
To: Amitkumar Karwar <akarwar@marvell.com>,
linux-wireless@vger.kernel.org, hostap@lists.shmoo.com,
Jouni Malinen <j@w1.fi>
Cc: yangzy@marvell.com, Cathy Luo <cluo@marvell.com>,
Nishant Sarmukadam <nishants@marvell.com>,
lihz <lihz@marvell.com>
Subject: Re: [PATCH] cfg80211: add key management offload feature
Date: Wed, 26 Oct 2016 14:11:22 +0200 [thread overview]
Message-ID: <1477483882.4059.34.camel@sipsolutions.net> (raw)
In-Reply-To: <1474973796-1873-1-git-send-email-akarwar@marvell.com> (sfid-20160927_125737_815734_5AE7ADB1)
Getting back to this ... as I was preparing my patch.
> @@ -3687,6 +3692,9 @@ enum nl80211_key_attributes {
> NL80211_KEY_DEFAULT_MGMT,
> NL80211_KEY_TYPE,
> NL80211_KEY_DEFAULT_TYPES,
> + NL80211_KEY_REPLAY_CTR,
> + NL80211_KEY_KCK,
> + NL80211_KEY_KEK,
You made those key attributes, but ...
> nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len,
> resp_ie)))
> goto nla_put_failure;
>
> + if (wiphy_ext_feature_isset(&rdev->wiphy,
> + NL80211_EXT_FEATURE_KEY_MGMT_OFF
> LOAD) &&
> + (nla_put_u8(msg, NL80211_ATTR_AUTHORIZED, authorized) ||
> + (key_replay_ctr && nla_put(msg, NL80211_KEY_REPLAY_CTR,
> + NL80211_REPLAY_CTR_LEN, key_replay_ctr)) ||
> + (key_kck &&
> + nla_put(msg, NL80211_KEY_KCK, NL80211_KCK_LEN,
> key_kck)) ||
> + (key_kek &&
> + nla_put(msg, NL80211_KEY_KEK, NL80211_KEK_LEN,
> key_kek))))
> + goto nla_put_failure;
Used them at a top level here! That can't possibly have worked.
Anyway, I checked and we can transport these without adding new
attributes, but adding the NL80211_ATTR_REKEY_DATA attribute with its
nested KEK, KCK and REPLAY_CTR.
That leaves the authorized attribute, I guess nesting a whole bunch of
station info etc. doesn't make a lot of sense.
I also fail to see how the data is actually configured down, since you
just pass it through. I'll send our patch for configuring the PMK/PSK
via the PMKSA cache separately in a few minutes.
johannes
next prev parent reply other threads:[~2016-10-26 12:11 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-27 10:56 [PATCH] cfg80211: add key management offload feature Amitkumar Karwar
2016-09-27 10:56 ` [PATCH] nl80211: " Amitkumar Karwar
2016-09-27 11:24 ` Arend Van Spriel
2016-10-14 13:38 ` Jouni Malinen
2016-09-27 11:27 ` Arend Van Spriel
2016-09-27 11:14 ` [PATCH] cfg80211: " Kalle Valo
2016-09-27 12:36 ` Johannes Berg
2016-10-14 13:52 ` Jouni Malinen
2016-10-20 12:53 ` Johannes Berg
2016-10-26 12:11 ` Johannes Berg [this message]
2016-10-26 12:26 ` [RFC] cfg80211: support 4-way-handshake offload with PSK and 802.1X Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1477483882.4059.34.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=akarwar@marvell.com \
--cc=cluo@marvell.com \
--cc=hostap@lists.shmoo.com \
--cc=j@w1.fi \
--cc=lihz@marvell.com \
--cc=linux-wireless@vger.kernel.org \
--cc=nishants@marvell.com \
--cc=yangzy@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.