From: Kalle Valo <kvalo@codeaurora.org>
To: "Grumbach\, Emmanuel" <emmanuel.grumbach@intel.com>
Cc: "linux-wireless\@vger.kernel.org"
<linux-wireless@vger.kernel.org>,
"jouni\@qca.qualcomm.com" <jouni@qca.qualcomm.com>,
"avinashp\@quantenna.com" <avinashp@quantenna.com>,
"smatyukevich\@quantenna.com" <smatyukevich@quantenna.com>,
"johannes\@sipsolutions.net" <johannes@sipsolutions.net>,
"imitsyanko\@quantenna.com" <imitsyanko@quantenna.com>
Subject: Re: [PATCH] nl80211: add an option to allow MFP without requiring it
Date: Tue, 15 Aug 2017 10:16:17 +0300 [thread overview]
Message-ID: <8760dpb8se.fsf@kamboji.qca.qualcomm.com> (raw)
In-Reply-To: <1502734400.3282.4.camel@intel.com> (Emmanuel Grumbach's message of "Mon, 14 Aug 2017 18:13:22 +0000")
"Grumbach, Emmanuel" <emmanuel.grumbach@intel.com> writes:
> On Mon, 2017-08-14 at 20:14 +0300, Kalle Valo wrote:
>> Emmanuel Grumbach <emmanuel.grumbach@intel.com> writes:
>>=20
>> > User space can now allow the kernel to associate to an AP
>> > that requires MFP or that doesn't have MFP enabled in the
>> > same NL80211_CMD_CONNECT command.
>> > The driver / firmware will decide whether to use it or not.
>> >=20
>> > Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
[...]
>> > --- a/net/wireless/nl80211.c
>> > +++ b/net/wireless/nl80211.c
>> > @@ -9115,6 +9115,7 @@ static int nl80211_connect(struct sk_buff
>> > *skb, struct genl_info *info)
>> > =C2=A0 if (info->attrs[NL80211_ATTR_USE_MFP]) {
>> > =C2=A0 connect.mfp =3D nla_get_u32(info-
>> > >attrs[NL80211_ATTR_USE_MFP]);
>> > =C2=A0 if (connect.mfp !=3D NL80211_MFP_REQUIRED &&
>> > + =C2=A0=C2=A0=C2=A0=C2=A0connect.mfp !=3D NL80211_MFP_OPTIONAL &&
>> > =C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0connect.mfp !=3D NL80211_MFP_NO)
>> > =C2=A0 return -EINVAL;
>> > =C2=A0 } else {
>>=20
>> I guess I'm missing something, but how is backwards compatibility
>> supposed to work from user space point of view? If user space uses
>> NL80211_MFP_OPTIONAL with an old kernel, the kernel will reject the
>> command with -EINVAL and user space will try again without
>> NL80211_MFP_OPTIONAL?
>
> No you are not. I simply forgot that point. I guess that this would be
> the behavior, yes...
I don't think that's very robust. How would user space (wpasupplicant)
know if the the EINVAL is because NL80211_MFP_OPTIONAL is not supported
by the kernel or because of some other error?
> This is relevant for ap_scan=3D2 wpa_s configuration only which makes it
> not really common, but still, you are right. Not sure how easy it will
> be to write this logic in the supplicant though... Unless we add an
> nl80211 feature bit but I feel it'd be a bit of a waste.
I don't feel that adding a feature bit is waste, I rather use a feature
flag than making ugly hacks to user space. But of course this is up to
Jouni and Johannes.
--=20
Kalle Valo
next prev parent reply other threads:[~2017-08-15 7:16 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-14 13:49 [PATCH] nl80211: add an option to allow MFP without requiring it Emmanuel Grumbach
2017-08-14 17:14 ` Kalle Valo
2017-08-14 18:13 ` Grumbach, Emmanuel
2017-08-15 7:16 ` Kalle Valo [this message]
2017-08-15 7:49 ` Grumbach, Emmanuel
2017-08-15 8:03 ` Grumbach, Emmanuel
2017-08-14 18:44 ` Igor Mitsyanko
2017-08-14 18:44 ` Igor Mitsyanko
2017-08-14 19:22 ` Arend van Spriel
2017-08-14 20:08 ` Igor Mitsyanko
2017-08-14 20:13 ` Grumbach, Emmanuel
2017-08-14 20:36 ` Igor Mitsyanko
2017-08-15 6:12 ` Grumbach, Emmanuel
2017-08-15 8:14 ` [PATCH v2] " Emmanuel Grumbach
2017-08-15 8:28 ` [PATCH v3] " Emmanuel Grumbach
2017-08-18 12:31 ` [PATCH v4 12/19] " Luca Coelho
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8760dpb8se.fsf@kamboji.qca.qualcomm.com \
--to=kvalo@codeaurora.org \
--cc=avinashp@quantenna.com \
--cc=emmanuel.grumbach@intel.com \
--cc=imitsyanko@quantenna.com \
--cc=johannes@sipsolutions.net \
--cc=jouni@qca.qualcomm.com \
--cc=linux-wireless@vger.kernel.org \
--cc=smatyukevich@quantenna.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).