Linux-Wireless Archive on lore.kernel.org
 help / color / Atom feed
* Re: mac80211_hwsim: enable Beacon protection [a483e29ca07fb4eee2d7c7ee67c919d352fa4091]
       [not found] <c6de3886-1dbe-180d-d37b-ebccfba83933@ionic.de>
@ 2020-07-30 14:12 ` Johannes Berg
  0 siblings, 0 replies; only message in thread
From: Johannes Berg @ 2020-07-30 14:12 UTC (permalink / raw)
  To: Mihai Moldovan; +Cc: linux-wireless

+list

> As mentioned in the commit message, you've pulled Jouni's patch, but applied it
> to hwsim only.

Yes, intentionally.

> Unfortunately, that leaves beacon protection for any "real" driver disabled, so
> this new feature will be pretty much unusable and (apart from hwsim for testing)
> dead code (for now).

Yes, intentionally. It's just barely done with interop testing, to some
extent...

> I understand the reasoning that it's not clear that drivers can handle this
> correctly (i.e., not modify data after it has been signed), but isn't that a bit
> too conservative?

It's not that "it's not clear". We know for a fact that some drivers
(e.g. iwlwifi) cannot handle this correctly.

So the only thing we can do is have the drivers advertise when they can
do it, which is exactly what all these commits do.

> After all, BIGTK/BEACON_PROT will only be used if explicitly turned on, mostly
> by hostapd, or any other AP software. In the worst case, i.e., if drivers update
> data after the fact, the connection just wouldn't work. That might be
> unfortunate,

I wouldn't really say "that's unfortunate". That'd be a bug!

Also, the intent is that at least wpa_supplicant would automatically
enable this if available, once the feature is more mature across various
implementations.

> but I can at least confirm that ath9k seems to handle this well.

Then you should submit a patch to ath9k similar like the one for hwsim
to enable it.

> I've been using protected management frames with that driver and a patch set
> backported to 5.6.x for a few months now without obvious hiccups, so there seem
> to at least be some drivers that *do* work.

:)

> Crucially, though, I don't see any potential for regressions here. If it's
> disabled in the AP software, all of this stuff just won't be used, just like it
> always has been the case in the past. Otherwise, it *might* be buggy, but you'd
> never know. Unless people patch their kernel to enable this feature, they won't
> be able to enable and test it in the first place.

This will change...

> Would you reconsider your decision and enable the feature in net/mac80211/main.c
> as well?

No.

johannes


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <c6de3886-1dbe-180d-d37b-ebccfba83933@ionic.de>
2020-07-30 14:12 ` mac80211_hwsim: enable Beacon protection [a483e29ca07fb4eee2d7c7ee67c919d352fa4091] Johannes Berg

Linux-Wireless Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-wireless/0 linux-wireless/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-wireless linux-wireless/ https://lore.kernel.org/linux-wireless \
		linux-wireless@vger.kernel.org
	public-inbox-index linux-wireless

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-wireless


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git