From: Denis Kenzior <denkenz@gmail.com>
To: Alexander Wetzel <alexander@wetzel-home.de>, johannes@sipsolutions.net
Cc: linux-wireless@vger.kernel.org
Subject: Re: [PATCH v6 2/3] mac80211: Define new driver callback replace_key
Date: Thu, 16 Aug 2018 11:35:37 -0500 [thread overview]
Message-ID: <6b36b011-d02e-778b-d7a1-951ab8aee721@gmail.com> (raw)
In-Reply-To: <20180814104255.4183-3-alexander@wetzel-home.de>
Hi Alexander,
Just minor nitpicks:
> + * @replace_key: Replace an exiting in use key with a new one while guaranteeing
> + * to not leak clear text packets. Implementing this callback will enable
> + * mac80211 to announce NL80211_EXT_FEATURE_ATOMIC_KEY_REPLACE.
> + * Packets already queued must not be send out encrypted with the new key
send out -> sent out
> + * and packets decoded with the old key must not be handed over to mac80211
> + * when the driver is not checking IV/ICV itself once the callback has been
> + * completed.
> + * Mac80211 will log an error when asked to use replace a PTK key
> + * without replace_key but will still perform the then potentially
> + * insecure action via set_key for backward compatibility for now.
> + *
Not sure this part really belongs in the driver method description?
> * @update_tkip_key: See the section "Hardware crypto acceleration"
> * This callback will be called in the context of Rx. Called for drivers
> * which set IEEE80211_KEY_FLAG_TKIP_REQ_RX_P1_KEY.
<snip>
> diff --git a/net/mac80211/main.c b/net/mac80211/main.c
> index 4fb2709cb527..84cc8005c19a 100644
> --- a/net/mac80211/main.c
> +++ b/net/mac80211/main.c
> @@ -572,9 +572,14 @@ struct ieee80211_hw *ieee80211_alloc_hw_nm(size_t priv_data_len,
> NL80211_EXT_FEATURE_SCAN_MIN_PREQ_CONTENT);
> }
>
> + if (ops->replace_key)
> + wiphy_ext_feature_set(wiphy,
> + NL80211_EXT_FEATURE_ATOMIC_KEY_REPLACE);
> +
> if (!ops->set_key)
> wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
>
> +
Stray whitespace?
> if (ops->wake_tx_queue)
> wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_TXQS);
>
Regards,
-Denis
next prev parent reply other threads:[~2018-08-16 19:35 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-14 10:42 [PATCH v6 0/3] Fix PTK rekey freezes and cleartext leaks Alexander Wetzel
2018-08-14 10:42 ` [PATCH v6 1/3] nl80211: Add ATOMIC_KEY_REPLACE API Alexander Wetzel
2018-08-16 16:30 ` Denis Kenzior
2018-08-18 20:53 ` Alexander Wetzel
2018-08-28 8:46 ` Johannes Berg
2018-08-28 16:00 ` Alexander Wetzel
2018-08-28 8:47 ` Johannes Berg
2018-08-28 16:00 ` Alexander Wetzel
2018-08-28 16:03 ` Johannes Berg
2018-08-28 19:02 ` Alexander Wetzel
2018-08-29 7:02 ` Johannes Berg
2018-08-14 10:42 ` [PATCH v6 2/3] mac80211: Define new driver callback replace_key Alexander Wetzel
2018-08-16 16:35 ` Denis Kenzior [this message]
2018-08-18 21:01 ` Alexander Wetzel
2018-08-14 10:42 ` [PATCH v6 3/3] mac80211: Fix PTK rekey freezes and cleartext leaks Alexander Wetzel
2018-08-28 8:48 ` Johannes Berg
2018-08-28 16:27 ` Alexander Wetzel
2018-08-29 6:59 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b36b011-d02e-778b-d7a1-951ab8aee721@gmail.com \
--to=denkenz@gmail.com \
--cc=alexander@wetzel-home.de \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).