Search Linux Wireless

Re: [PATCH v2] mac80211: tx: do not drop non-robust mgmt to non-MFP stas.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 04, 2012 at 03:00:03PM +0200, Nicolas Cavallari wrote:
> From what i understand, data frames to unauthorized stations are dropped
> well before selecting the encryption key. as stations are authorized
> after or at the same time their encryption key are set, it somewhat
> works. But for MFP, i'm not sure. I think that drop_unencrypted is
> mistaken for "drop_unencrypted_management" there.
> But i'm not an MFP expert.

drop_unencrypted was originally (i.e., way before MFP) added as an extra
protection for some corner cases where keys may not have been set. In
theory, the PAE (authorized vs. unauthorized) should have covered those
cases, but there were some multi-SSID AP cases that were not obviously
clear. Consequently, it felt safer to add an extra protection for BSSes
that are known to use encryption for data frames.

As far as MFP is concerned, we have the WLAN_STA_MFP flag that should be
more reliable way of determining whether robust management frames have
to be protected.

> I'm not sure if we should just add a separate
> drop_unencrypted_management, or just replace drop_unencrypted with
> drop_unencrypted_management.

I hope that neither of those would be needed.

> But in a IBSS with RSN, if wpa_supplicant
> isn't recent enough, stations are always authorized by default. so
> drop_encrypted is required in this case.

For a BSS that uses RSN, we could maintain a new flag that indicates
that (non-nullfunc) Data frames are not to be transmitted or received
without protected. Though, this would be quite similar to
drop_unencrypted in practice.


As far as the new patch is concerned, it would look like this is
extending the fix in commit e0463f501fb945c1fde536d98eefc5ba156ff497.
The commit log for that change seems to claim that the goal was to avoid
dropping any management frames to a STA that does not use MFP, but the
change does not seem to do that.

As far as drop_unencrypted not being used in AP/managed mode is
concerned, that sounds like an additional bug.. This code is supposed to
drop Action frames from STA/AP before 4-way handshake. If we want to get
rid of drop_unencrypted, this function may need another condition to
drop the frame based on WLAN_STA_MFP flag. I have clearly assumed that
drop_unencrypted was set here (and maybe that was indeed the case in
early 2009 or maybe I did testing with WEXT at the time based on commit
0c7c10c7cc6bc890d23c8c62b81b4feccd92124b).

-- 
Jouni Malinen                                            PGP id EFC895FA
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux