The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
disable HT when WEP or TKIP are used. Now that cfg80211 is
giving us the required information, we can set the flag
appropriately again.
Signed-off-by: Johannes Berg <[email protected]>
---
net/mac80211/cfg.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
--- wireless-testing.orig/net/mac80211/cfg.c 2009-06-30 13:25:43.000000000 +0200
+++ wireless-testing/net/mac80211/cfg.c 2009-06-30 13:25:45.000000000 +0200
@@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
struct cfg80211_assoc_request *req)
{
struct ieee80211_sub_if_data *sdata;
- int ret;
+ int ret, i;
sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -1236,6 +1236,19 @@ static int ieee80211_assoc(struct wiphy
!(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
return -ENOLINK; /* not authenticated */
+ sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
+
+ if (req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP40 ||
+ req->crypto.cipher_group == WLAN_CIPHER_SUITE_TKIP ||
+ req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP104)
+ sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
+
+ for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
+ if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
+ req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
+ req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
+ sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
+
sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
--
On Tue, 2009-06-30 at 19:22 +0530, Vasanthakumar Thiagarajan wrote:
> > I thought it was both, but I guess group doesn't actually matter. OTOH,
> > this seems to match the standard better (HT STA is not allowed to use
> > TKIP/WEP)?
>
> Section 8.1.5 of 11n draft-8.0 says
> "An HT STA shall not use either of the pairwise cipher suite
> selectors: "Use group cipher suite" or TKIP to communicate
> with another HT STA".
>
> That seems to only talk about pairwise, I'm missing something here?.
I probably misremembered, sorry. I'll send an updated patch.
johannes
On Tue, Jun 30, 2009 at 07:07:57PM +0530, Johannes Berg wrote:
> On Tue, 2009-06-30 at 18:55 +0530, Vasanthakumar Thiagarajan wrote:
> > On Tue, Jun 30, 2009 at 05:22:53PM +0530, Johannes Berg wrote:
> > > The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
> > > disable HT when WEP or TKIP are used. Now that cfg80211 is
> > > giving us the required information, we can set the flag
> > > appropriately again.
> > >
> > > Signed-off-by: Johannes Berg <[email protected]>
> > > ---
> > > net/mac80211/cfg.c | 15 ++++++++++++++-
> > > 1 file changed, 14 insertions(+), 1 deletion(-)
> > >
> > > --- wireless-testing.orig/net/mac80211/cfg.c 2009-06-30 13:25:43.000000000 +0200
> > > +++ wireless-testing/net/mac80211/cfg.c 2009-06-30 13:25:45.000000000 +0200
> > > @@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
> > > struct cfg80211_assoc_request *req)
> > > {
> > > struct ieee80211_sub_if_data *sdata;
> > > - int ret;
> > > + int ret, i;
> > >
> > > sdata = IEEE80211_DEV_TO_SUB_IF(dev);
> > >
> > > @@ -1236,6 +1236,19 @@ static int ieee80211_assoc(struct wiphy
> > > !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
> > > return -ENOLINK; /* not authenticated */
> > >
> > > + sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
> > > +
> > > + if (req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP40 ||
> > > + req->crypto.cipher_group == WLAN_CIPHER_SUITE_TKIP ||
> > > + req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP104)
> > > + sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
> >
> > No, we have to disable HT only when WEP/TKIP is used as pairwise,
> > not used as group cipher.
>
> I thought it was both, but I guess group doesn't actually matter. OTOH,
> this seems to match the standard better (HT STA is not allowed to use
> TKIP/WEP)?
Section 8.1.5 of 11n draft-8.0 says
"An HT STA shall not use either of the pairwise cipher suite
selectors: "Use group cipher suite" or TKIP to communicate
with another HT STA".
That seems to only talk about pairwise, I'm missing something here?.
Vasanth
On Tue, 2009-06-30 at 18:55 +0530, Vasanthakumar Thiagarajan wrote:
> On Tue, Jun 30, 2009 at 05:22:53PM +0530, Johannes Berg wrote:
> > The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
> > disable HT when WEP or TKIP are used. Now that cfg80211 is
> > giving us the required information, we can set the flag
> > appropriately again.
> >
> > Signed-off-by: Johannes Berg <[email protected]>
> > ---
> > net/mac80211/cfg.c | 15 ++++++++++++++-
> > 1 file changed, 14 insertions(+), 1 deletion(-)
> >
> > --- wireless-testing.orig/net/mac80211/cfg.c 2009-06-30 13:25:43.000000000 +0200
> > +++ wireless-testing/net/mac80211/cfg.c 2009-06-30 13:25:45.000000000 +0200
> > @@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
> > struct cfg80211_assoc_request *req)
> > {
> > struct ieee80211_sub_if_data *sdata;
> > - int ret;
> > + int ret, i;
> >
> > sdata = IEEE80211_DEV_TO_SUB_IF(dev);
> >
> > @@ -1236,6 +1236,19 @@ static int ieee80211_assoc(struct wiphy
> > !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
> > return -ENOLINK; /* not authenticated */
> >
> > + sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
> > +
> > + if (req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP40 ||
> > + req->crypto.cipher_group == WLAN_CIPHER_SUITE_TKIP ||
> > + req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP104)
> > + sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
>
> No, we have to disable HT only when WEP/TKIP is used as pairwise,
> not used as group cipher.
I thought it was both, but I guess group doesn't actually matter. OTOH,
this seems to match the standard better (HT STA is not allowed to use
TKIP/WEP)?
johannes
On Tue, Jun 30, 2009 at 05:22:53PM +0530, Johannes Berg wrote:
> The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
> disable HT when WEP or TKIP are used. Now that cfg80211 is
> giving us the required information, we can set the flag
> appropriately again.
>
> Signed-off-by: Johannes Berg <[email protected]>
> ---
> net/mac80211/cfg.c | 15 ++++++++++++++-
> 1 file changed, 14 insertions(+), 1 deletion(-)
>
> --- wireless-testing.orig/net/mac80211/cfg.c 2009-06-30 13:25:43.000000000 +0200
> +++ wireless-testing/net/mac80211/cfg.c 2009-06-30 13:25:45.000000000 +0200
> @@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
> struct cfg80211_assoc_request *req)
> {
> struct ieee80211_sub_if_data *sdata;
> - int ret;
> + int ret, i;
>
> sdata = IEEE80211_DEV_TO_SUB_IF(dev);
>
> @@ -1236,6 +1236,19 @@ static int ieee80211_assoc(struct wiphy
> !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
> return -ENOLINK; /* not authenticated */
>
> + sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
> +
> + if (req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP40 ||
> + req->crypto.cipher_group == WLAN_CIPHER_SUITE_TKIP ||
> + req->crypto.cipher_group == WLAN_CIPHER_SUITE_WEP104)
> + sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
No, we have to disable HT only when WEP/TKIP is used as pairwise,
not used as group cipher.
Vasanth
On Wed, Jul 01, 2009 at 12:42:39PM +0200, Johannes Berg wrote:
> On Wed, 2009-07-01 at 15:43 +0530, Vasanthakumar Thiagarajan wrote:
> > On Wed, Jul 01, 2009 at 01:09:16PM +0530, Johannes Berg wrote:
> > > @@ -1236,6 +1236,14 @@ static int ieee80211_assoc(struct wiphy
> > > + for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
> > > + if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
> > for..loop does not seem to be necessary here as it is very unlikely that
> > an assoc req will have more than one cipher suite.
> True, but so far we've defined the API that way. Should we redefine the
> API? I keep forgetting what is valid where. Jouni?
The (re)association request is only allowed to list one pairwise cipher
suite (see IEEE 802.11, 8.4.3). Various other use cases for RSN IE
support multiple cipher suites, but this one does not.
--
Jouni Malinen PGP id EFC895FA
On Thu, Jul 02, 2009 at 11:53:17AM +0200, Johannes Berg wrote:
> So we have to support multiple for connect() to allow the card/driver to
> choose, but a single one for associate()?
Sounds reasonable.. Many drivers might not be able to handle multiple
options for connect(), though, so even with that, it may be reasonable
to just pass in a single option. Anyway, it would be nice if the
multiple options case could be supported.
--
Jouni Malinen PGP id EFC895FA
The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
disable HT when WEP or TKIP are used. Now that cfg80211 is
giving us the required information, we can set the flag
appropriately again.
Signed-off-by: Johannes Berg <[email protected]>
---
net/mac80211/cfg.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
--- wireless-testing.orig/net/mac80211/cfg.c 2009-07-01 09:01:25.000000000 +0200
+++ wireless-testing/net/mac80211/cfg.c 2009-07-01 09:09:01.000000000 +0200
@@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
struct cfg80211_assoc_request *req)
{
struct ieee80211_sub_if_data *sdata;
- int ret;
+ int ret, i;
sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -1236,6 +1236,14 @@ static int ieee80211_assoc(struct wiphy
!(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
return -ENOLINK; /* not authenticated */
+ sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
+
+ for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
+ if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
+ req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
+ req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
+ sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
+
sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
On Thu, 2009-07-02 at 12:51 +0300, Jouni Malinen wrote:
> On Wed, Jul 01, 2009 at 12:42:39PM +0200, Johannes Berg wrote:
> > On Wed, 2009-07-01 at 15:43 +0530, Vasanthakumar Thiagarajan wrote:
> > > On Wed, Jul 01, 2009 at 01:09:16PM +0530, Johannes Berg wrote:
> > > > @@ -1236,6 +1236,14 @@ static int ieee80211_assoc(struct wiphy
> > > > + for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
> > > > + if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
>
> > > for..loop does not seem to be necessary here as it is very unlikely that
> > > an assoc req will have more than one cipher suite.
>
> > True, but so far we've defined the API that way. Should we redefine the
> > API? I keep forgetting what is valid where. Jouni?
>
> The (re)association request is only allowed to list one pairwise cipher
> suite (see IEEE 802.11, 8.4.3). Various other use cases for RSN IE
> support multiple cipher suites, but this one does not.
So we have to support multiple for connect() to allow the card/driver to
choose, but a single one for associate()?
johannes
On Thu, 2009-07-02 at 14:43 +0300, Jouni Malinen wrote:
> On Thu, Jul 02, 2009 at 11:53:17AM +0200, Johannes Berg wrote:
>
> > So we have to support multiple for connect() to allow the card/driver to
> > choose, but a single one for associate()?
>
> Sounds reasonable.. Many drivers might not be able to handle multiple
> options for connect(), though, so even with that, it may be reasonable
> to just pass in a single option.
That's something the driver would have to refuse then, I guess.
I'll send a patch to limit it to 1 for assoc()
johannes
On Wed, Jul 01, 2009 at 01:09:16PM +0530, Johannes Berg wrote:
> The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
> disable HT when WEP or TKIP are used. Now that cfg80211 is
> giving us the required information, we can set the flag
> appropriately again.
>
> Signed-off-by: Johannes Berg <[email protected]>
> ---
> net/mac80211/cfg.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> --- wireless-testing.orig/net/mac80211/cfg.c 2009-07-01 09:01:25.000000000 +0200
> +++ wireless-testing/net/mac80211/cfg.c 2009-07-01 09:09:01.000000000 +0200
> @@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
> struct cfg80211_assoc_request *req)
> {
> struct ieee80211_sub_if_data *sdata;
> - int ret;
> + int ret, i;
>
> sdata = IEEE80211_DEV_TO_SUB_IF(dev);
>
> @@ -1236,6 +1236,14 @@ static int ieee80211_assoc(struct wiphy
> !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
> return -ENOLINK; /* not authenticated */
>
> + sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
> +
> + for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
> + if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
> + req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
> + req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
> + sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
> +
for..loop does not seem to be necessary here as it is very unlikely that
an assoc req will have more than one cipher suite.
I'm not sure if this patch series will get into 2.6.31-rc, if it
does not, we may need a variant of this patch to fix
http://bugzilla.kernel.org/show_bug.cgi?id=13630, I'll work on it.
Thanks!.
Vasanth
On Wed, 2009-07-01 at 15:43 +0530, Vasanthakumar Thiagarajan wrote:
> On Wed, Jul 01, 2009 at 01:09:16PM +0530, Johannes Berg wrote:
> > The IEEE80211_STA_TKIP_WEP_USED flag is used internally to
> > disable HT when WEP or TKIP are used. Now that cfg80211 is
> > giving us the required information, we can set the flag
> > appropriately again.
> >
> > Signed-off-by: Johannes Berg <[email protected]>
> > ---
> > net/mac80211/cfg.c | 10 +++++++++-
> > 1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > --- wireless-testing.orig/net/mac80211/cfg.c 2009-07-01 09:01:25.000000000 +0200
> > +++ wireless-testing/net/mac80211/cfg.c 2009-07-01 09:09:01.000000000 +0200
> > @@ -1228,7 +1228,7 @@ static int ieee80211_assoc(struct wiphy
> > struct cfg80211_assoc_request *req)
> > {
> > struct ieee80211_sub_if_data *sdata;
> > - int ret;
> > + int ret, i;
> >
> > sdata = IEEE80211_DEV_TO_SUB_IF(dev);
> >
> > @@ -1236,6 +1236,14 @@ static int ieee80211_assoc(struct wiphy
> > !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
> > return -ENOLINK; /* not authenticated */
> >
> > + sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
> > +
> > + for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
> > + if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
> > + req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
> > + req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
> > + sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
> > +
>
> for..loop does not seem to be necessary here as it is very unlikely that
> an assoc req will have more than one cipher suite.
True, but so far we've defined the API that way. Should we redefine the
API? I keep forgetting what is valid where. Jouni?
> I'm not sure if this patch series will get into 2.6.31-rc, if it
> does not, we may need a variant of this patch to fix
> http://bugzilla.kernel.org/show_bug.cgi?id=13630, I'll work on it.
> Thanks!.
I don't think we can. Even the above patch relies on wpa_supplicant to
pass us the correct information. Otherwise we would have to parse the
IEs, which is somewhat ugly.
johannes