diff mbox

[v2,1/2] cfg80211: Userspace may inform kernel of mesh auth method.

Message ID 1367884164-15953-1-git-send-email-colleen@cozybit.com (mailing list archive)
State Not Applicable, archived
Headers show

Commit Message

Colleen Twitty May 6, 2013, 11:49 p.m. UTC 
Authentication takes place in userspace, but the beacon is
generated in the kernel.  Allow userspace to inform the
kernel of the authentication method so the appropriate
mesh config IE can be set prior to beacon generation when
joining the MBSS.

Signed-off-by: Colleen Twitty <colleen@cozybit.com>
---
    Check userspace is handling MPM instead of checking if setup is secure and
    authenticated.  (Johannes)
	
 include/linux/ieee80211.h    |   20 ++++++++++++++++++++
 include/net/cfg80211.h       |    2 ++
 include/uapi/linux/nl80211.h |    4 ++++
 net/wireless/mesh.c          |    1 +
 net/wireless/nl80211.c       |   16 ++++++++++++++++
 5 files changed, 43 insertions(+)

Comments

Johannes Berg May 7, 2013, 1:57 p.m. UTC | #1 
On Mon, 2013-05-06 at 16:49 -0700, Colleen Twitty wrote:

> +	if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
> +		if (!setup->user_mpm)
> +			return -EINVAL;
> +		switch (nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL])) {
> +		case NL80211_AUTHTYPE_SAE:
> +			setup->auth_id = IEEE80211_AUTH_PROTO_SAE;
> +			break;
> +		case NL80211_AUTHTYPE_OPEN_SYSTEM:
> +			setup->auth_id = IEEE80211_AUTH_PROTO_NONE;
> +			break;
> +		default:
> +			return -EINVAL;
> +		}
> +	}

Ok one more question. Does it actually make sense to check the auth
protocol?

From what I see, the entire auth protocol (e.g. SAE) is handled entirely
in userspace, so if somebody invents a new protocol (e.g. number 3), or
wants to use 802.1X (number 2) they should also be able to implement
that completely in userspace. As such, why validate it? It could be a
valid protocol?

Or am I missing something and there's some kernel part involved in
handling the auth protocol, so we need to check that the kernel code
actually supports it?

johannes

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Jaroslav Fojtik May 8, 2013, 7:24 a.m. UTC | #2 
Dears,

In Linux 2.6.22 the RSSI was measured properly for CM9 device.

Afrer upgrading to 3.0.75, the RSSI measure is offseted. I even remember, that this 
problem has been introduced somewhere before 2.6.34.

You could look at the following chart:
   http://78.108.103.11/cgi-bin/rodga_1month_big.cgi
This is not signal drop, but a kernel change instead.

(the chart is generated by parsing of iwconfig output:
wlan1     IEEE 802.11abg  ESSID:"dvrmn.heaven-czfree.net"
          Mode:Managed  Frequency:5.64 GHz  Access Point: 00:27:22:64:C3:02
          Bit Rate=54 Mb/s   Tx-Power=8 dBm
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=36/70  Signal level=-74 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:20  Invalid misc:59452   Missed beacon:0)


I guess that this problem has been fixed one time and that there are two generations of 
CM9 devices that reports RSSI differently.

best regards
    Jara

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index 06b0ed0..e3b9509 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -1899,6 +1899,26 @@  enum {
 };
 
 /**
+ * enum mesh_config_auth_proto - mesh authentication protocol identifier
+ *
+ * Ref IEEE 802.11-2012 8.4.2.100.6 Authentication Protocol Identifier
+ *
+ * This field indicates the type of authentication protocol used to secure the
+ * MBSS.
+ *
+ * @IEEE80211_AUTH_PROTO_NONE: the default mesh authentication protocol,
+ *	no authentication is required to establish peering within the MBSS
+ * @IEEE80211_AUTH_PROTO_SAE: SAE authentication
+ * @IEEE80211_AUTH_PROTO_8021X : IEEE 802.1X authentication
+ *
+ */
+enum mesh_config_auth_proto {
+	IEEE80211_AUTH_PROTO_NONE =		0x0,
+	IEEE80211_AUTH_PROTO_SAE =		0x1,
+	IEEE80211_AUTH_PROTO_8021X =		0x2,
+};
+
+/**
  * enum ieee80211_root_mode_identifier - root mesh STA mode identifier
  *
  * These attribute are used by dot11MeshHWMPRootMode to set root mesh STA mode
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 26e9113..072e424 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -1161,6 +1161,7 @@  struct mesh_config {
  * @sync_method: which synchronization method to use
  * @path_sel_proto: which path selection protocol to use
  * @path_metric: which metric to use
+ * @auth_id: which authentication method this mesh is using
  * @ie: vendor information elements (optional)
  * @ie_len: length of vendor information elements
  * @is_authenticated: this mesh requires authentication
@@ -1179,6 +1180,7 @@  struct mesh_setup {
 	u8 sync_method;
 	u8 path_sel_proto;
 	u8 path_metric;
+	enum mesh_config_auth_proto auth_id;
 	const u8 *ie;
 	u8 ie_len;
 	bool is_authenticated;
diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
index b484307..408bb56 100644
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
@@ -2645,6 +2645,9 @@  enum nl80211_meshconf_params {
  * @NL80211_MESH_SETUP_USERSPACE_MPM: Enable this option if userspace will
  *	implement an MPM which handles peer allocation and state.
  *
+ * @NL80211_MESH_SETUP_AUTH_PROTOCOL: Inform the kernel of the authentication
+ *	method.
+ *
  * @NL80211_MESH_SETUP_ATTR_MAX: highest possible mesh setup attribute number
  *
  * @__NL80211_MESH_SETUP_ATTR_AFTER_LAST: Internal use
@@ -2658,6 +2661,7 @@  enum nl80211_mesh_setup_params {
 	NL80211_MESH_SETUP_USERSPACE_AMPE,
 	NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC,
 	NL80211_MESH_SETUP_USERSPACE_MPM,
+	NL80211_MESH_SETUP_AUTH_PROTOCOL,
 
 	/* keep last */
 	__NL80211_MESH_SETUP_ATTR_AFTER_LAST,
diff --git a/net/wireless/mesh.c b/net/wireless/mesh.c
index 0bb93f3..53bfe0e 100644
--- a/net/wireless/mesh.c
+++ b/net/wireless/mesh.c
@@ -82,6 +82,7 @@  const struct mesh_setup default_mesh_setup = {
 	.sync_method = IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET,
 	.path_sel_proto = IEEE80211_PATH_PROTOCOL_HWMP,
 	.path_metric = IEEE80211_PATH_METRIC_AIRTIME,
+	.auth_id = IEEE80211_AUTH_PROTO_NONE,
 	.ie = NULL,
 	.ie_len = 0,
 	.is_secure = false,
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 9cdcd9e..5795617 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -4672,6 +4672,7 @@  static const struct nla_policy
 	[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
 	[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
 	[NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
+	[NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 },
 	[NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG },
 	[NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY,
 				    .len = IEEE80211_MAX_DATA_LEN },
@@ -4857,6 +4858,21 @@  static int nl80211_parse_mesh_setup(struct genl_info *info,
 	if (setup->is_secure)
 		setup->user_mpm = true;
 
+	if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
+		if (!setup->user_mpm)
+			return -EINVAL;
+		switch (nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL])) {
+		case NL80211_AUTHTYPE_SAE:
+			setup->auth_id = IEEE80211_AUTH_PROTO_SAE;
+			break;
+		case NL80211_AUTHTYPE_OPEN_SYSTEM:
+			setup->auth_id = IEEE80211_AUTH_PROTO_NONE;
+			break;
+		default:
+			return -EINVAL;
+		}
+	}
+
 	return 0;
 }