Thanks Chun-Yeow,
with the same idea in mind I just added the following code to cfg.c:
@@ -126,11 +126,24 @@
break;
}
+
key = ieee80211_key_alloc(params->cipher, key_idx, params->key_len,
params->key, params->seq_len, params->seq);
if (IS_ERR(key))
return PTR_ERR(key);
+
+ if (!mac_addr && (dev->ieee80211_ptr->iftype
+ == NL80211_IFTYPE_MESH_POINT)){
+
+ struct ieee80211_key *old_key =
+ key_mtx_dereference(sdata->local, sdata->keys[ key_idx]);
+
+ if(old_key)
+ return 0;
+ }
+
+
if (pairwise)
key->conf.flags |= IEEE80211_KEY_FLAG_PAIRWISE;
This also prevents reinstalling the broadcast tx keys.
We can also approach the problem in a different way.
We could look into the code that uses these keys, and make sure that any
change is taken into account.
This way, even reinstalling the keys should not have any consequence.
Comments, ideas?
--Fabrice
On 12/9/2011 6:16 AM, Yeoh Chun-Yeow wrote:
> Hi, Frabrice,
>
> I try to solve this problem by avoiding the duplicate key installation
> by authsae daemon. My experimental shows that the key for:
>
> key to protect integrity of multicast mgmt frames tx
> key to encrypt multicast data traffic
>
> will not re-installed again after applying this patch.
>
> You can try out if you want. I observe that broadcasting PREQ frame is
> decoded correctly even with new node coming in and thus the existing
> path link is maintained.
>
> Hi, Javier and Thomas
>
> Please comment on this patch whether it is considered correctly done
> or not.
>
> Thanks
>
> Regards,
> Chun-Yeow
>
> From 094378e09944e9193d46fe03a18c86f57dcb9bbf Mon Sep 17 00:00:00 2001
> From: Chun-Yeow Yeoh <[email protected]
> <mailto:[email protected]>>
> Date: Sat, 10 Dec 2011 04:06:03 +0800
> Subject: [PATCH] {cfg,nl}80211 Avoid duplicate keys installation for
> Multicast frame in Secured Mesh
>
> Signed-off-by: Chun-Yeow Yeoh <[email protected]
> <mailto:[email protected]>>
> ---
> include/net/cfg80211.h | 4 ++++
> net/wireless/nl80211.c | 20 ++++++++++++++++++++
> 2 files changed, 24 insertions(+), 0 deletions(-)
>
> diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
> index 3de1c39..dcd0879 100644
> --- a/include/net/cfg80211.h
> +++ b/include/net/cfg80211.h
> @@ -2219,6 +2219,8 @@ struct cfg80211_cached_keys;
> * @cleanup_work: work struct used for cleanup that can't be done
> directly
> * @beacon_interval: beacon interval used on this device for transmitting
> * beacons, 0 when not valid
> + * @mesh_mcast_key: the number of installed multicast/broadcast's
> keys used
> + * in secured mesh setup
> */
> struct wireless_dev {
> struct wiphy *wiphy;
> @@ -2261,6 +2263,8 @@ struct wireless_dev {
>
> int beacon_interval;
>
> + int mesh_mcast_key;
> +
> u32 ap_unexpected_nlpid;
>
> #ifdef CONFIG_CFG80211_WEXT
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index ba43966..c717356 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -1747,6 +1747,13 @@ static int nl80211_new_interface(struct sk_buff
> *skb, struct genl_info *info)
> wdev_unlock(wdev);
> }
>
> + if (type == NL80211_IFTYPE_MESH_POINT) {
> + struct wireless_dev *wdev = dev->ieee80211_ptr;
> + wdev_lock(wdev);
> + wdev->mesh_mcast_key = 0;
> + wdev_unlock(wdev);
> + }
> +
> return 0;
> }
>
> @@ -1910,6 +1917,10 @@ static int nl80211_set_key(struct sk_buff *skb,
> struct genl_info *info)
> int err;
> struct net_device *dev = info->user_ptr[1];
>
> + if ((dev->ieee80211_ptr->iftype == NL80211_IFTYPE_MESH_POINT) &&
> + (dev->ieee80211_ptr->mesh_mcast_key >= 3))
> + return 0;
> +
> err = nl80211_parse_key(info, &key);
> if (err)
> return err;
> @@ -1991,6 +2003,16 @@ static int nl80211_new_key(struct sk_buff *skb,
> struct genl_info *info)
> if (info->attrs[NL80211_ATTR_MAC])
> mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
>
> + if (!mac_addr && (dev->ieee80211_ptr->iftype
> + == NL80211_IFTYPE_MESH_POINT)){
> + wdev_lock(dev->ieee80211_ptr);
> + dev->ieee80211_ptr->mesh_mcast_key++;
> + wdev_unlock(dev->ieee80211_ptr);
> +
> + if (dev->ieee80211_ptr->mesh_mcast_key >= 3)
> + return 0;
> + }
> +
> if (key.type == -1) {
> if (mac_addr)
> key.type = NL80211_KEYTYPE_PAIRWISE;
> --
> 1.7.0.4
>
>
_______________________________________________
Devel mailing list
[email protected]
http://open80211s.com/mailman/listinfo/devel
