Hello Vasanthakumar, On Fri, Dec 07, 2012 at 05:16:03PM +0530, Vasanthakumar Thiagarajan wrote: > This patch enables drivers to implement mac address based > access control in AP/P2P GO mode. There is a new flag in > nl80211_ap_sme_features (NL80211_AP_SME_FEATURE_MAC_ACL) > for drivers to advertise this capability. There are two acl > policies, white and black list under which an acl list can > be configured in the driver. Driver has to advertise the > maximum number of mac address entries in acl list through > max_acl_mac_addrs of wiphy. > > Driver can enable its ACL either with the initial list passed > through NL80211_CMD_START_AP or a list passed through > NL80211_CMD_SET_MAC_ACL. ACL information passed in these > commands is an array of acl configuration containing acl > policy and list of mac address. With the acl policy as > NL80211_ACL_POLICY_ACCEPT, driver will accept Auth request > from any client matching any one of the mac addresses in the acl list. > When acl policy is NL80211_ACL_POLICY_DENY, driver will reject any > Auth request from the clients having their mac address listed in the > acl list. Driver must make sure to clear it's acl list when doing > stop ap. > I'm curious about this feature: at the moment mac ACL is implemented and working in hostapd. What would the advantage of implementing this in the driver? I don't think this can be offloaded on the device, so the advantage is that this would move the ACL mechanism from the user to the kernel-space? Or am I missing something else? Cheers, -- Antonio Quartulli ..each of us alone is worth nothing.. Ernesto "Che" Guevara
Attachment:
pgpmIfvjQRilo.pgp
Description: PGP signature
