From: Javier Cardona <javier@cozybit.com>
To: "John W. Linville" <linville@tuxdriver.com>
Cc: Javier Cardona <javier@cozybit.com>,
Thomas Pedersen <thomas@cozybit.com>,
devel@lists.open80211s.org,
Johannes Berg <johannes@sipsolutions.net>,
linux-wireless@vger.kernel.org
Subject: [PATCH 1/5 v4] mac80211: Enable mesh security from userspace
Date: Fri, 18 Mar 2011 13:22:08 -0700 [thread overview]
Message-ID: <1300479732-25920-2-git-send-email-javier@cozybit.com> (raw)
In-Reply-To: <1299288252-28314-1-git-send-email-thomas@cozybit.com>
Userspace can enable mesh security by providing an RSN IE and setting
the MESH_SETUP_ENABLE_SECURITY flag.
Also, rename vendor_ie to just ie to reflect that the same attribute may
be used to pass other IEs, like for instance RSN.
Signed-off-by: Javier Cardona <javier@cozybit.com>
Tested-by: Thomas Pedersen <thomas@cozybit.com>
---
include/linux/nl80211.h | 13 +++++++++----
include/net/cfg80211.h | 10 ++++++----
net/mac80211/cfg.c | 16 ++++++++--------
net/mac80211/ieee80211_i.h | 5 +++--
net/mac80211/mesh.c | 6 +++---
net/mac80211/mesh_plink.c | 2 +-
net/mac80211/tx.c | 2 +-
net/wireless/mesh.c | 5 +++--
net/wireless/nl80211.c | 13 ++++++++-----
9 files changed, 42 insertions(+), 30 deletions(-)
diff --git a/include/linux/nl80211.h b/include/linux/nl80211.h
index 3002218..f1bfa88 100644
--- a/include/linux/nl80211.h
+++ b/include/linux/nl80211.h
@@ -545,6 +545,7 @@ enum nl80211_commands {
/* source-level API compatibility */
#define NL80211_CMD_GET_MESH_PARAMS NL80211_CMD_GET_MESH_CONFIG
#define NL80211_CMD_SET_MESH_PARAMS NL80211_CMD_SET_MESH_CONFIG
+#define NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE NL80211_MESH_SETUP_IE
/**
* enum nl80211_attrs - nl80211 netlink attributes
@@ -1686,9 +1687,12 @@ enum nl80211_meshconf_params {
* vendor specific path metric or disable it to use the default Airtime
* metric.
*
- * @NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE: A vendor specific information
- * element that vendors will use to identify the path selection methods and
- * metrics in use.
+ * @NL80211_MESH_SETUP_IE: Information elements for this mesh, for instance, a
+ * robust security network ie, or a vendor specific information element that
+ * vendors will use to identify the path selection methods and metrics in use.
+ *
+ * @NL80211_MESH_SETUP_ENABLE_SECURITY: Enable this option if an authentication
+ * daemon will be authenticating mesh candidates.
*
* @NL80211_MESH_SETUP_ATTR_MAX: highest possible mesh setup attribute number
* @__NL80211_MESH_SETUP_ATTR_AFTER_LAST: Internal use
@@ -1697,7 +1701,8 @@ enum nl80211_mesh_setup_params {
__NL80211_MESH_SETUP_INVALID,
NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL,
NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC,
- NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE,
+ NL80211_MESH_SETUP_IE,
+ NL80211_MESH_SETUP_ENABLE_SECURITY,
/* keep last */
__NL80211_MESH_SETUP_ATTR_AFTER_LAST,
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 60f7876..2334985 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -654,8 +654,9 @@ struct mesh_config {
* @mesh_id_len: length of the mesh ID, at least 1 and at most 32 bytes
* @path_sel_proto: which path selection protocol to use
* @path_metric: which metric to use
- * @vendor_ie: vendor information elements (optional)
- * @vendor_ie_len: length of vendor information elements
+ * @ie: vendor information elements (optional)
+ * @ie_len: length of vendor information elements
+ * @is_secure: or not
*
* These parameters are fixed when the mesh is created.
*/
@@ -664,8 +665,9 @@ struct mesh_setup {
u8 mesh_id_len;
u8 path_sel_proto;
u8 path_metric;
- const u8 *vendor_ie;
- u8 vendor_ie_len;
+ const u8 *ie;
+ u8 ie_len;
+ bool is_secure;
};
/**
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 3342135..4f73085 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -1023,26 +1023,26 @@ static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
u8 *new_ie;
const u8 *old_ie;
- /* first allocate the new vendor information element */
+ /* allocate information elements */
new_ie = NULL;
- old_ie = ifmsh->vendor_ie;
+ old_ie = ifmsh->ie;
- ifmsh->vendor_ie_len = setup->vendor_ie_len;
- if (setup->vendor_ie_len) {
- new_ie = kmemdup(setup->vendor_ie, setup->vendor_ie_len,
+ ifmsh->ie_len = setup->ie_len;
+ if (setup->ie_len) {
+ new_ie = kmemdup(setup->ie, setup->ie_len,
GFP_KERNEL);
if (!new_ie)
return -ENOMEM;
}
+ ifmsh->ie = new_ie;
+ kfree(old_ie);
/* now copy the rest of the setup parameters */
ifmsh->mesh_id_len = setup->mesh_id_len;
memcpy(ifmsh->mesh_id, setup->mesh_id, ifmsh->mesh_id_len);
ifmsh->mesh_pp_id = setup->path_sel_proto;
ifmsh->mesh_pm_id = setup->path_metric;
- ifmsh->vendor_ie = new_ie;
-
- kfree(old_ie);
+ ifmsh->is_secure = setup->is_secure;
return 0;
}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index a404017..7d1cb36 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -488,8 +488,9 @@ struct ieee80211_if_mesh {
struct mesh_config mshcfg;
u32 mesh_seqnum;
bool accepting_plinks;
- const u8 *vendor_ie;
- u8 vendor_ie_len;
+ const u8 *ie;
+ u8 ie_len;
+ bool is_secure;
};
#ifdef CONFIG_MAC80211_MESH
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 2a57cc0..1c244c0 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -279,9 +279,9 @@ void mesh_mgmt_ies_add(struct sk_buff *skb, struct ieee80211_sub_if_data *sdata)
MESHCONF_CAPAB_ACCEPT_PLINKS : 0x00;
*pos++ = 0x00;
- if (sdata->u.mesh.vendor_ie) {
- int len = sdata->u.mesh.vendor_ie_len;
- const u8 *data = sdata->u.mesh.vendor_ie;
+ if (sdata->u.mesh.ie) {
+ int len = sdata->u.mesh.ie_len;
+ const u8 *data = sdata->u.mesh.ie;
if (skb_tailroom(skb) > len)
memcpy(skb_put(skb, len), data, len);
}
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 44b5393..c705b20 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -161,7 +161,7 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
__le16 reason) {
struct ieee80211_local *local = sdata->local;
struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400 +
- sdata->u.mesh.vendor_ie_len);
+ sdata->u.mesh.ie_len);
struct ieee80211_mgmt *mgmt;
bool include_plid = false;
static const u8 meshpeeringproto[] = { 0x00, 0x0F, 0xAC, 0x2A };
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 081dcaf..38f6c2d 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -2262,7 +2262,7 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
/* headroom, head length, tail length and maximum TIM length */
skb = dev_alloc_skb(local->tx_headroom + 400 +
- sdata->u.mesh.vendor_ie_len);
+ sdata->u.mesh.ie_len);
if (!skb)
goto out;
diff --git a/net/wireless/mesh.c b/net/wireless/mesh.c
index 73e39c1..c51e3c5 100644
--- a/net/wireless/mesh.c
+++ b/net/wireless/mesh.c
@@ -53,8 +53,9 @@ const struct mesh_config default_mesh_config = {
const struct mesh_setup default_mesh_setup = {
.path_sel_proto = IEEE80211_PATH_PROTOCOL_HWMP,
.path_metric = IEEE80211_PATH_METRIC_AIRTIME,
- .vendor_ie = NULL,
- .vendor_ie_len = 0,
+ .ie = NULL,
+ .ie_len = 0,
+ .is_secure = false,
};
int __cfg80211_join_mesh(struct cfg80211_registered_device *rdev,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 4ebce42..a45c12c 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -2804,7 +2804,8 @@ static const struct nla_policy
nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
- [NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE] = { .type = NLA_BINARY,
+ [NL80211_MESH_SETUP_ENABLE_SECURITY] = { .type = NLA_FLAG },
+ [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY,
.len = IEEE80211_MAX_DATA_LEN },
};
@@ -2906,14 +2907,16 @@ static int nl80211_parse_mesh_setup(struct genl_info *info,
IEEE80211_PATH_METRIC_VENDOR :
IEEE80211_PATH_METRIC_AIRTIME;
- if (tb[NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE]) {
+
+ if (tb[NL80211_MESH_SETUP_IE]) {
struct nlattr *ieattr =
- tb[NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE];
+ tb[NL80211_MESH_SETUP_IE];
if (!is_valid_ie_attr(ieattr))
return -EINVAL;
- setup->vendor_ie = nla_data(ieattr);
- setup->vendor_ie_len = nla_len(ieattr);
+ setup->ie = nla_data(ieattr);
+ setup->ie_len = nla_len(ieattr);
}
+ setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_ENABLE_SECURITY]);
return 0;
}
--
1.7.1
next prev parent reply other threads:[~2011-03-18 20:23 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-05 1:24 [PATCH 0/4 v2] {mac|nl}80211: Support for SAE mesh authentication in userspace Thomas Pedersen
2011-03-05 1:24 ` [PATCH 1/4 v2] mac80211: Enable mesh security from userspace Thomas Pedersen
2011-03-05 14:05 ` Johannes Berg
2011-03-05 19:34 ` Javier Cardona
2011-03-05 19:42 ` Johannes Berg
2011-03-05 20:17 ` [PATCH 1/4 v3] " Javier Cardona
2011-03-05 20:26 ` Johannes Berg
2011-03-07 18:47 ` Javier Cardona
2011-03-07 19:03 ` Johannes Berg
2011-03-05 1:24 ` [PATCH 2/4 v2] mac80211: Let user space receive and send mesh auth/deauth frames Thomas Pedersen
2011-03-05 1:24 ` [PATCH 3/4 v2] mac80211: Accept mesh auth frames before a peer link has been established Thomas Pedersen
2011-03-05 1:24 ` [PATCH 4/4 v2] mac80211: Let userspace create stations when mesh security is enabled Thomas Pedersen
2011-03-05 14:01 ` Johannes Berg
2011-03-05 19:13 ` Javier Cardona
2011-03-05 14:06 ` [PATCH 0/4 v2] {mac|nl}80211: Support for SAE mesh authentication in userspace Johannes Berg
2011-03-05 19:40 ` Javier Cardona
2011-03-05 19:50 ` Johannes Berg
2011-03-05 20:01 ` Javier Cardona
2011-03-05 20:23 ` Johannes Berg
2011-03-08 2:11 ` Javier Cardona
2011-03-08 2:11 ` [RFC] mac80211: New notification to discover mesh peer candidates Javier Cardona
2011-03-08 15:10 ` Johannes Berg
2011-03-08 18:56 ` Javier Cardona
2011-03-08 19:18 ` Johannes Berg
2011-03-18 20:22 ` [PATCH 0/5 v4] {mac|nl}80211: Support for SAE mesh authentication in userspace Javier Cardona
2011-03-18 20:22 ` Javier Cardona [this message]
2011-03-22 21:39 ` [PATCH 1/5 v4] mac80211: Enable mesh security from userspace Johannes Berg
2011-03-18 20:22 ` [PATCH 2/5 v4] mac80211: Let user space receive and send mesh auth/deauth frames Javier Cardona
2011-03-18 20:22 ` [PATCH 3/5 v4] mac80211: Accept mesh auth frames before a peer link has been established Javier Cardona
2011-03-18 20:22 ` [PATCH 4/5 v4] mac80211: Let userspace create stations when mesh security is enabled Javier Cardona
2011-03-18 20:22 ` [PATCH 5/5 v4] mac80211: New notification to discover mesh peer candidates Javier Cardona
2011-03-22 21:42 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1300479732-25920-2-git-send-email-javier@cozybit.com \
--to=javier@cozybit.com \
--cc=devel@lists.open80211s.org \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
--cc=thomas@cozybit.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).