On Wed, Oct 23, 2024 at 05:35:01PM +0100, Tim Small wrote: > 1. If a Linux MACsec link is set up with wpa_supplicant, then `wpa_cli > status` still shows a "bssid" of 01:80:C2:00:00:03 - because this is > hard coded. I assume it would be better to use the value of > eapol_dest_addr instead. If-so, what would be a reasonable way of > altering the code to feed the eapol_dest_addr config value through to > the macsec_linux (and other macsec) drivers? I don't think this really makes much of a difference and I would not change that value. If anything, the bssid line could be removed from any case where MACsec is used since clearly there is no BSSID involved with such session even when the internal implementation of wpa_supplicant happens to be using this for convenience. > 2. Which of the built-in tests and related code should I run and/or > modify in relation to this (and any subsequent related) patch? I haven't > as-yet attempted to run any of the tests in the code base, but instead > have just created a manual test environment whilst developing (see > below). All MACsec testing is covered within tests/hwsim/test_macsec.py. Once patch 2/2 is in acceptable state, it would be appreciated if a new test case were added there to cover a case where a different group address is used. > 3. I assume that adding an equivalent eapol_dest_addr setting to hostapd > would also be useful, but this looks like a potentially more complex > task. Again, any guidance would be welcome. I provided some comments on patch 2/2 for this. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
