This is the first and still quite preliminary version of changes to introduce IEEE 802.11w (management frame protection) support into mac80211. As such, I'm mainly looking for comments on the current design to help me in finalizing and cleaning up the patches. Please note that couple of small additions to hostapd and wpa_supplicant are required to actually configure MFP and those are not yet included in the hostap git repository. Consequently, this is not yet available for real testing. Or well, if you really want to test this now, I can send an experimental patch to hostapd/wpa_supplicant to enable MFP support. The current version is relatively complete for mac80211, but there are still couple of known missing functions and I've done only very limited testing so far. I was able to send and receive both CCMP and BIP protected deauthentication frames and based on a sniffer log, the frames looked correct. All this is with mac80211_hwsim and software crypto. It is unclear whether this can be used as-is with devices that use hwaccel for crypto at least before the low-level drivers and/or firmware have been modified to cope with the possibility of CCMP being used with management frames. This patch set does not address the issues found in configuring default keys for monitor interfaces, i.e., this still needs a workaround in hostapd to set IGTK for both wlan# and mon.wlan#. In addition, the debugfs directory is left behind when the monitor interface is removed. Since IEEE 802.11w draft is still in progress and open to changes, it is also unclear whether we would actually like to introduce IEEE 802.11w support as-is into mac80211 in main line kernels at this point. Then again, IEEE 802.11w draft is quite a bit further in the standardization process than IEEE 802.11s draft and we already have some pre-standard mesh support in mac80211 at least in wireless-testing. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
