From: Johannes Berg <johannes@sipsolutions.net>
To: Alexander Wetzel <alexander@wetzel-home.de>
Cc: linux-wireless@vger.kernel.org
Subject: Re: [PATCH v6 1/3] nl80211: Add ATOMIC_KEY_REPLACE API
Date: Tue, 28 Aug 2018 10:47:06 +0200 [thread overview]
Message-ID: <1535446026.5895.5.camel@sipsolutions.net> (raw)
In-Reply-To: <20180814104255.4183-2-alexander@wetzel-home.de>
On Tue, 2018-08-14 at 12:42 +0200, Alexander Wetzel wrote:
> Drivers able to correctly replace a in-use key should set
> NL80211_EXT_FEATURE_ATOMIC_KEY_REPLACE to allow the userspace (e.g.
> hostapd or wpa_supplicant) to rekey PTK keys.
>
> The userspace must detect a PTK rekey attempt and only go ahead with the
> rekey when the driver has set this flag. If the driver is not supporting
> the feature the userspace either must not replace the PTK key or perform
> a full re-association.
>
> Ignoring this flag and continuing to rekey the connection can still
> work but has to be considered insecure and broken. It can leak cleartext
> packets or freeze the connection and is only supported to allow the
> userspace to be updated.
>
> Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
> ---
> include/uapi/linux/nl80211.h | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
> index 7acc16f34942..b41b9ade0449 100644
> --- a/include/uapi/linux/nl80211.h
> +++ b/include/uapi/linux/nl80211.h
> @@ -5224,6 +5224,11 @@ enum nl80211_feature_flags {
> * except for supported rates from the probe request content if requested
> * by the %NL80211_SCAN_FLAG_MIN_PREQ_CONTENT flag.
> *
> + * @NL80211_EXT_FEATURE_ATOMIC_KEY_REPLACE: Driver/device confirm that they are
> + * able to rekey an in-use key correctly. Userspace must not rekey PTK keys
> + * if this flag is not set. Ignoring this can leak clear text packets and/or
> + * freeze the connection.
If you have a flag here, why say "userspace must not" rather than just
outright prevent userspace from doing it?
johannes
next prev parent reply other threads:[~2018-08-28 12:37 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-14 10:42 [PATCH v6 0/3] Fix PTK rekey freezes and cleartext leaks Alexander Wetzel
2018-08-14 10:42 ` [PATCH v6 1/3] nl80211: Add ATOMIC_KEY_REPLACE API Alexander Wetzel
2018-08-16 16:30 ` Denis Kenzior
2018-08-18 20:53 ` Alexander Wetzel
2018-08-28 8:46 ` Johannes Berg
2018-08-28 16:00 ` Alexander Wetzel
2018-08-28 8:47 ` Johannes Berg [this message]
2018-08-28 16:00 ` Alexander Wetzel
2018-08-28 16:03 ` Johannes Berg
2018-08-28 19:02 ` Alexander Wetzel
2018-08-29 7:02 ` Johannes Berg
2018-08-14 10:42 ` [PATCH v6 2/3] mac80211: Define new driver callback replace_key Alexander Wetzel
2018-08-16 16:35 ` Denis Kenzior
2018-08-18 21:01 ` Alexander Wetzel
2018-08-14 10:42 ` [PATCH v6 3/3] mac80211: Fix PTK rekey freezes and cleartext leaks Alexander Wetzel
2018-08-28 8:48 ` Johannes Berg
2018-08-28 16:27 ` Alexander Wetzel
2018-08-29 6:59 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1535446026.5895.5.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=alexander@wetzel-home.de \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).