Differential D57551

net80211: add IGTK key slots needed for later MFP support
Needs ReviewPublic
Actions

Authored by adrian on Fri, Jun 12, 8:23 PM.

Tags

Referenced Files

	F160246672: D57551.diff
	Mon, Jun 22, 1:12 PM

	F160245190: D57551.id179657.diff
	Mon, Jun 22, 12:55 PM

	F160185872: D57551.id179850.diff
	Mon, Jun 22, 12:13 AM

	Unknown Object (File)
	Sun, Jun 21, 4:12 AM

	Unknown Object (File)
	Sun, Jun 21, 3:13 AM

	Unknown Object (File)
	Sat, Jun 20, 5:55 PM

	Unknown Object (File)
	Fri, Jun 19, 6:03 AM

	Unknown Object (File)
	Thu, Jun 18, 3:18 AM

View All 16 Files

Subscribers

Details

Reviewers

None

Group Reviewers

Summary

802.11w / MFP (management frame protection) - also called PMF
(protected management frames) - requires two more key slots
for the broadcast keys. The broadcast management traffic
isn't encrypted - instead each frame has an MMIC IE at the
end which verifies the frame.

This commit extends the number of keys from 4 to 6 and
adds separate functions for the IGTK key type and index.

Notably the 802.11 frame format only allows four key IDs
(0..3) and unicast management traffic is just normally
encrypted - the broadcast frames will have the actual key
index (4, 5) in the MMIC IE.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 73901
Build 70784: arc lint + arc unit

Event Timeline

adrian created this revision.Fri, Jun 12, 8:23 PM

Herald added subscribers: glebius, melifaro, imp. · View Herald TranscriptFri, Jun 12, 8:23 PM

adrian requested review of this revision.Fri, Jun 12, 8:23 PM

Harbormaster completed remote builds in B73842: Diff 179656.Fri, Jun 12, 8:23 PM

adrian added a parent revision: D46498: ifconfig: add IEEE80211_NODE_MFP flag printing..Fri, Jun 12, 8:23 PM

add the driver bits too

Harbormaster completed remote builds in B73843: Diff 179657.Fri, Jun 12, 8:27 PM

adrian edited parent revisions, added: D57538: net80211: add MFP flag plumbing for CCMP; removed: D46498: ifconfig: add IEEE80211_NODE_MFP flag printing..Fri, Jun 12, 8:49 PM

adrian edited parent revisions, added: D57556: net80211: add node to the crypto encap/decap functions; removed: D57538: net80211: add MFP flag plumbing for CCMP.Fri, Jun 12, 11:53 PM

adrian added inline comments.Sat, Jun 13, 6:32 PM

sys/dev/ath/if_ath_keycache.c
480	TODO: this is wrong; i need to re-do this to set them to -1 and return 0 / mark as software handled key entries!

update!

Harbormaster completed remote builds in B73901: Diff 179850.Tue, Jun 16, 4:51 AM

adrian added a reviewer: wireless.Tue, Jun 16, 5:01 AM

adrian added a project: wireless.

Revision Contents
Changeset List

Path

Size

sys/

dev/

ath/

if_ath_keycache.c

36 lines

iwx/

4 lines

rtwn/

15 lines

usb/

wlan/

10 lines

10 lines

wpi/

6 lines

net80211/

4 lines

19 lines

ieee80211_crypto.h

5 lines

ieee80211_crypto.c

66 lines

ieee80211_ddb.c

2 lines

ieee80211_ioctl.c

6 lines

ieee80211_var.h

4 lines

Diff 179850

sys/dev/ath/if_ath_keycache.c

Loading...

sys/dev/iwx/if_iwx.c

Loading...

sys/dev/rtwn/if_rtwn_cam.c

Loading...

sys/dev/usb/wlan/if_rsu.c

Loading...

sys/dev/usb/wlan/if_rum.c

Loading...

sys/dev/wpi/if_wpi.c

Loading...

sys/net80211/ieee80211.h

Loading...

sys/net80211/ieee80211.c

Loading...

sys/net80211/ieee80211_crypto.h

Loading...

sys/net80211/ieee80211_crypto.c

Loading...

sys/net80211/ieee80211_ddb.c

Loading...

sys/net80211/ieee80211_ioctl.c

Loading...

sys/net80211/ieee80211_var.h

Loading...