On Wed, Jun 15, 2016 at 02:38:32PM +0900, Masashi Honma wrote: > Previously, the action frames to group address was not encrypted. But > [1] "Table 8-38 Category values" indicates "Mesh" and "Multihop" category > action frames should be encrypted (Group addressed privacy == yes). And the > encyption key should be MGTK ([1] 10.13 Group addressed robust management frame > procedures). So this patch modifies the code to make it suitable for spec. > net/mac80211/tx.c | 20 ++++++++++++++++++++ > 1 file changed, 20 insertions(+) What about RX side? Shouldn't there be a matching change there to enforce use of group addressed privacy for the specific Action categories? This will make devices using fixed implementation not interoperate with devices using older version, I'd assume, but it looks like the current use of mesh with RSN is pretty hopelessly broken as far as no PMF case is concerned at least when using the wpa_supplicant implementation (sets IGTK incorrectly and ends up using BIP even when PMF was not enabled), so there does not seem to be any convenient way of addressing this apart from requiring all devices in the MBSS to get updated to the fixed versions. > diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c > +static bool debug_noinline > +ieee80211_is_group_privacy_action(struct ieee80211_hdr *hdr) And this helper should likely be in some more generic location so that it could be shared for TX and RX.. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
