mbox series

[RESEND,wpan,00/15] net: ieee802154: forbid sec params for monitors

Message ID 20210405003054.256017-1-aahringo@redhat.com (mailing list archive)
Headers show
Series net: ieee802154: forbid sec params for monitors | expand

Message

Alexander Aring April 5, 2021, 12:30 a.m. UTC 
Hi,

this patch series contains fixes to forbid various security parameters
settings for monitor types. Monitor types doesn't use the llsec security
currently and we don't support it. With this patch series the user will
be notified with a EOPNOTSUPP error that for monitor interfaces security
is not supported yet. However there might be a possibility in future
that the kernel will decrypt frames with llsec information for sniffing
frames and deliver plaintext to userspace, but this isn't supported yet.

- Alex

Alexander Aring (15):
  net: ieee802154: nl-mac: fix check on panid
  net: ieee802154: forbid monitor for set llsec params
  net: ieee802154: stop dump llsec keys for monitors
  net: ieee802154: forbid monitor for add llsec key
  net: ieee802154: forbid monitor for del llsec key
  net: ieee802154: stop dump llsec devs for monitors
  net: ieee802154: forbid monitor for add llsec dev
  net: ieee802154: forbid monitor for del llsec dev
  net: ieee802154: stop dump llsec devkeys for monitors
  net: ieee802154: forbid monitor for add llsec devkey
  net: ieee802154: forbid monitor for del llsec devkey
  net: ieee802154: stop dump llsec seclevels for monitors
  net: ieee802154: forbid monitor for add llsec seclevel
  net: ieee802154: forbid monitor for del llsec seclevel
  net: ieee802154: stop dump llsec params for monitors

 net/ieee802154/nl-mac.c   |  7 +++---
 net/ieee802154/nl802154.c | 52 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 56 insertions(+), 3 deletions(-)

Comments

Alexander Aring April 5, 2021, 11:51 a.m. UTC | #1 
Hi,

On Sun, 4 Apr 2021 at 20:31, Alexander Aring <aahringo@redhat.com> wrote:
>
> Hi,
>
> this patch series contains fixes to forbid various security parameters
> settings for monitor types. Monitor types doesn't use the llsec security
> currently and we don't support it. With this patch series the user will
> be notified with a EOPNOTSUPP error that for monitor interfaces security
> is not supported yet. However there might be a possibility in future
> that the kernel will decrypt frames with llsec information for sniffing
> frames and deliver plaintext to userspace, but this isn't supported yet.
>

cc: Du Cheng by request.

- Alex
Stefan Schmidt April 6, 2021, 8:29 p.m. UTC | #2 
Hello.

On 05.04.21 02:30, Alexander Aring wrote:
> Hi,
> 
> this patch series contains fixes to forbid various security parameters
> settings for monitor types. Monitor types doesn't use the llsec security
> currently and we don't support it. With this patch series the user will
> be notified with a EOPNOTSUPP error that for monitor interfaces security
> is not supported yet. However there might be a possibility in future
> that the kernel will decrypt frames with llsec information for sniffing
> frames and deliver plaintext to userspace, but this isn't supported yet.
> 
> - Alex
> 
> Alexander Aring (15):
>    net: ieee802154: nl-mac: fix check on panid
>    net: ieee802154: forbid monitor for set llsec params
>    net: ieee802154: stop dump llsec keys for monitors
>    net: ieee802154: forbid monitor for add llsec key
>    net: ieee802154: forbid monitor for del llsec key
>    net: ieee802154: stop dump llsec devs for monitors
>    net: ieee802154: forbid monitor for add llsec dev
>    net: ieee802154: forbid monitor for del llsec dev
>    net: ieee802154: stop dump llsec devkeys for monitors
>    net: ieee802154: forbid monitor for add llsec devkey
>    net: ieee802154: forbid monitor for del llsec devkey
>    net: ieee802154: stop dump llsec seclevels for monitors
>    net: ieee802154: forbid monitor for add llsec seclevel
>    net: ieee802154: forbid monitor for del llsec seclevel
>    net: ieee802154: stop dump llsec params for monitors
> 
>   net/ieee802154/nl-mac.c   |  7 +++---
>   net/ieee802154/nl802154.c | 52 +++++++++++++++++++++++++++++++++++++++
>   2 files changed, 56 insertions(+), 3 deletions(-)
> 

This series has been applied to the wpan tree and will be
part of the next pull request to net. Thanks!

regards
Stefan Schmidt