Search Linux Wireless

Re: [PATCH 1/4 v3] mac80211: Enable mesh security from userspace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Mar 5, 2011 at 12:26 PM, Johannes Berg
<johannes@xxxxxxxxxxxxxxxx> wrote:
> On Sat, 2011-03-05 at 12:17 -0800, Javier Cardona wrote:
>> Userspace can enable mesh security by providing an RSN IE and setting
>> the MESH_SETUP_ENABLE_SECURITY flag.
>>
>> Also, rename vendor_ie to just ie to reflect that the same attribute may
>> be used to pass other IEs, like for instance RSN.
>>
>> Changes from v2: (from Johannes)
>>  - Fix API backward compatibilty of NL80211_MESH_SETUP_IE
>>  - Remove check for presence of RSN IE
>
> Should be after --- really :-)

Ah, so it stays out of the git commit message, right?  OK.

>> + * @is_secure: or not
>
> Given what we just discussed over in the other thread, should we rename
> this to "userspace_station_mgmt" or something like that?

Are you suggesting to change the name of the flag both in nl80211 and cfg80211?

Currently ENABLE_SECURITY means "let userspace manage stations", but
also "ok to accept mesh management frames from secure mesh peers".
And when the Authenticated Mesh Peering Exchange is implemented, it
will probably mean "verify mesh peering frames in userspace" and
"protect mesh peering frames".  You either do all these tasks or none,
so for nl80211 I would prefer a single flag.

For cfg80211 I have no clear opinion: two flags
(userspace_station_mgmt and is_secure)? one?.  Let me know what makes
more sense to you and we'll do it.

> Also, does it make sense to advertise support for this somehow?
> Otherwise the new tools will have strange failure cases on older
> kernels;

Ah, I see.  Older kernels would not return an error to userspace if an
attempt to set a non existing flag was made, right?
Are you suggesting to define something like an
NL80211_MESHCONF_CAPABILITIES mask?

> and I can also imagine situations where the mesh APIs are in
> firmware or so that can't cope with userspace station mgmt.

Ah mesh in firmware... who would want to do that? :)


-- 
Javier Cardona
cozybit Inc.
http://www.cozybit.com
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux