Search Linux Wireless

RE: [PATCH 5/9] mwifiex: cfg80211 set_default_mgmt_key handler

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Jouni,

> From: Jouni Malinen [mailto:j@xxxxx]
> Sent: Friday, July 22, 2016 10:25 PM
> To: Amitkumar Karwar
> Cc: Kalle Valo; linux-wireless@xxxxxxxxxxxxxxx; Cathy Luo; Nishant
> Sarmukadam
> Subject: Re: [PATCH 5/9] mwifiex: cfg80211 set_default_mgmt_key handler
> 
> On Fri, Jul 22, 2016 at 03:59:47PM +0000, Amitkumar Karwar wrote:
> > I am trying to understand the problem you mentioned during IGTK
> rekeying. Today I ran tests with two stations connecting an AP. MFP is
> enabled on all of them.
> >
> > On hostapd side, my observation is add_key() is always called followed
> by set_default_mgmt_key(). set_default_mgmt_key() sets the key added by
> add_key() as default key.
> >
> > We are ignoring set_default_mgmt_key() and updating Tx key index
> during add_key() itself.
> >
> > Your concerns is we should not update Tx key index during add_key().
> Reason is IGTK rekeying is not yet completed with all stations. Right?
> 
> Correct. set_default_mgmt_key() does not have much effect for the very
> first IGTK configuration, but whenever doing IGTK rekeying, hostapd
> behaves just like it does with GTK rekeying. In other words, a different
> Key ID is selected (alternating between 4 and 5), a random new IGTK is
> generated, the new IGTK is configured to the local driver (but the old
> IGTK is still supposed to be used for TX), each associated STA is
> notified of the new IGTK, the new IGTK is taken into use once the group
> key handshake has completed with each associated STA. It is that last
> operation that needs set_default_mgmt_key() to allow this rekeying to
> work correctly. If you update the TX Key ID on add_key(), you'll risk
> sending out frames that some of the associated STAs do not yet have a
> key to validate.
> 

Got it. We will implement set_default_mgmt_key() and check if any firmware changes required.

Regards,
Amitkumar
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux