On 11/12/2015 10:14 PM, Janusz Dziedzic wrote:
On 13 November 2015 at 01:59, Ben Greear <greearb@xxxxxxxxxxxxxxx> wrote:
A certain firmware tries to do EAPOL inspection and only allow data pkts
to be sent after the 4-way M4 has been sent, for instance.
This was breaking .11r because in that case you don't do the 4-way after
roaming, so the firmware was waiting forever for an M4 to be sent and
thus all tx data was hung.
I managed to get this working by just removing all of the EAPOL inspection
from the firmware,
but I am thinking that if the stack will send data packets to the driver
before 4-way auth is completed and keys are set, then maybe I would
be opening up a race where un-encrypted frames could hit the air.
Any idea what protections, if any, the mac80211 stack provides
for this case?
Check WLAN_STA_AUTHORIZED in mac80211.
Thanks for the hint. Looks like my firmware change should
be perfectly safe in that case.
Thanks,
Ben
--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc http://www.candelatech.com
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
