On Sat, Apr 11, 2020 at 12:25:17PM +0200, Markus Theil wrote: > Before Linux 5.7 all pre-auth frames are forwared over the nl80211 ctrl > port, if it is registered. hostap and wpa_supplicant currently do not assume > this behavior, as pre-auth frames should be handled as ordinary data frames > in the kernel. Checking against the NL80211_EXT_FEATURE_CONTROL_PORT_NO_PREAUTH > feature flag allows us to disable this behavior later on ctrl port registration. > > No new capa->flags value is introduced, instead WPA_DRIVER_FLAGS_CONTROL_PORT is > only set now, if this feature is present. Without this feature, only control > port tx is possible without breaking pre-auth features. Wouldn't this break the currently working EAPOL TX over control port with older kernel versions? > diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c > @@ -439,7 +439,9 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info, > if (ext_feature_isset(ext_features, len, > - NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211)) > + NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211) && > + ext_feature_isset(ext_features, len, > + NL80211_EXT_FEATURE_CONTROL_PORT_NO_PREAUTH)) > capa->flags |= WPA_DRIVER_FLAGS_CONTROL_PORT; I was expecting the older capability NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211 to enable TX-only and then add RX on top of that if NL80211_EXT_FEATURE_CONTROL_PORT_NO_PREAUTH is present. Is there a reason for not doing that? There have been two years of kernel releases with NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211 while this new NL80211_EXT_FEATURE_CONTROL_PORT_NO_PREAUTH was added just now, so it would seem that this patch would push out deployment of this capability for couple of years.. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
