On Sat, Mar 5, 2011 at 12:26 PM, Johannes Berg <johannes@xxxxxxxxxxxxxxxx> wrote: > On Sat, 2011-03-05 at 12:17 -0800, Javier Cardona wrote: >> Userspace can enable mesh security by providing an RSN IE and setting >> the MESH_SETUP_ENABLE_SECURITY flag. >> >> Also, rename vendor_ie to just ie to reflect that the same attribute may >> be used to pass other IEs, like for instance RSN. >> >> Changes from v2: (from Johannes) >> - Fix API backward compatibilty of NL80211_MESH_SETUP_IE >> - Remove check for presence of RSN IE > > Should be after --- really :-) Ah, so it stays out of the git commit message, right? OK. >> + * @is_secure: or not > > Given what we just discussed over in the other thread, should we rename > this to "userspace_station_mgmt" or something like that? Are you suggesting to change the name of the flag both in nl80211 and cfg80211? Currently ENABLE_SECURITY means "let userspace manage stations", but also "ok to accept mesh management frames from secure mesh peers". And when the Authenticated Mesh Peering Exchange is implemented, it will probably mean "verify mesh peering frames in userspace" and "protect mesh peering frames". You either do all these tasks or none, so for nl80211 I would prefer a single flag. For cfg80211 I have no clear opinion: two flags (userspace_station_mgmt and is_secure)? one?. Let me know what makes more sense to you and we'll do it. > Also, does it make sense to advertise support for this somehow? > Otherwise the new tools will have strange failure cases on older > kernels; Ah, I see. Older kernels would not return an error to userspace if an attempt to set a non existing flag was made, right? Are you suggesting to define something like an NL80211_MESHCONF_CAPABILITIES mask? > and I can also imagine situations where the mesh APIs are in > firmware or so that can't cope with userspace station mgmt. Ah mesh in firmware... who would want to do that? :) -- Javier Cardona cozybit Inc. http://www.cozybit.com -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
