Emmanuel Grumbach <emmanuel.grumbach@xxxxxxxxx> writes:
> User space can now allow the kernel to associate to an AP
> that requires MFP or that doesn't have MFP enabled in the
> same NL80211_CMD_CONNECT command.
> The driver / firmware will decide whether to use it or not.
>
> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@xxxxxxxxx>
[...]
> @@ -4086,10 +4090,12 @@ enum nl80211_key_type {
> * enum nl80211_mfp - Management frame protection state
> * @NL80211_MFP_NO: Management frame protection not used
> * @NL80211_MFP_REQUIRED: Management frame protection required
> + * @NL80211_MFP_OPTIONAL: Management frame is optional
> */
> enum nl80211_mfp {
> NL80211_MFP_NO,
> NL80211_MFP_REQUIRED,
> + NL80211_MFP_OPTIONAL,
> };
>
> enum nl80211_wpa_versions {
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index 8f035d9868d1..829867132326 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -9115,6 +9115,7 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
> if (info->attrs[NL80211_ATTR_USE_MFP]) {
> connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
> if (connect.mfp != NL80211_MFP_REQUIRED &&
> + connect.mfp != NL80211_MFP_OPTIONAL &&
> connect.mfp != NL80211_MFP_NO)
> return -EINVAL;
> } else {
I guess I'm missing something, but how is backwards compatibility
supposed to work from user space point of view? If user space uses
NL80211_MFP_OPTIONAL with an old kernel, the kernel will reject the
command with -EINVAL and user space will try again without
NL80211_MFP_OPTIONAL?
--
Kalle Valo
