Received: by 2002:a25:2c96:0:0:0:0:0 with SMTP id s144csp929917ybs; Mon, 25 May 2020 02:52:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx7aEN1bNsjO/E1rtdyybIzzHWm1NX9jZA07V8T/sfVJrVE1W0KSnYhTzXVHJuDhxdvmqyV X-Received: by 2002:a50:a7e3:: with SMTP id i90mr14862334edc.6.1590400374700; Mon, 25 May 2020 02:52:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590400374; cv=none; d=google.com; s=arc-20160816; b=GyKCcEw0nKa6MzH8+87mGomqrmCPkJFfihHvVbgXMH1iZE9N3Q6GYzlHVTjl7MStJw cg020L4VRGtoKIRuYbRJ9jV7UE93DytxGkJCloTxyihSCOBPdG5NcJ/3ViZpFvz8/uoZ KH88cVIZicxL6BXyjBw0qfuPnB5QRPIxJWzlbCIFoWIx4BCmcrKe/xVU1TCcdwJNaZqO 46/eHHWe4W2JoMSnOlWOE/ih6c6zqaR5YAkj8P9Ug7mOPqUSNoLhDjFomtj0NYGBvLgh jFOl507C5hwOr10BbC/9ttUQmCalUDBlrhPDMalKxVF3mBnKxUbuvxGWk/s3gCqkBcvY XV9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=WivblEJdfdbNlRjq9ZUOxXIz5RZG3/LQxwsxte0K9B0=; b=RYvFFhfSiEhLBG6/hVu/+FgT+sv5NoT00NQniPII/4HKTPEd+/usurn5yOIWFVRsh6 j4O8K+SQv89RKu0Wb9ql/BuCLnzcQjTG7Ji+fb2kAlHC5JyQnRaJ7vmVme7Uf7oNykVb kSZ4piSNqoWonMd+WXLPMJ4OLyPzs6aj58BKhIfpAoSYy5lkxZoMzxI4uDx2c2nlOses 2XvJ5rAbl96z1+2DZlwzRdQRGSiCQUvebZ7qTb76aGy/3ONrORJAMU2PLRAikOXzqINV i5mT8YhQ/hv1dzfNHay9fLcAuoSBNExV0A8Gb2O1vBk3fyyvCKZcX8QqEIdFIpKSfek/ yNKA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q3si9654586edc.174.2020.05.25.02.52.31; Mon, 25 May 2020 02:52:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389421AbgEYJuG (ORCPT + 99 others); Mon, 25 May 2020 05:50:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58898 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389356AbgEYJuF (ORCPT ); Mon, 25 May 2020 05:50:05 -0400 Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:191:4433::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8347AC061A0E for ; Mon, 25 May 2020 02:50:05 -0700 (PDT) Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) (envelope-from ) id 1jd9k5-002cQr-Ec; Mon, 25 May 2020 11:49:57 +0200 Message-ID: <9a8da74898b68fb63f65567068de0fcb2b5a57b0.camel@sipsolutions.net> Subject: Re: [RFC PATCH] rt2800lib: unconditionally enable MFP From: Johannes Berg To: Stanislaw Gruszka Cc: Julian Calaby , Rui Salvaterra , Kalle Valo , Larry Finger , linux-wireless@vger.kernel.org Date: Mon, 25 May 2020 11:49:56 +0200 In-Reply-To: <20200525093142.GA926004@wp.pl> References: <20200524094730.2684-1-rsalvaterra@gmail.com> <20200524111751.GA914918@wp.pl> <20200524123931.GA915983@wp.pl> <640c254edb9fdaec2fd8987d1f2d345bd1d9276c.camel@sipsolutions.net> <20200525093142.GA926004@wp.pl> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.36.2 (3.36.2-1.fc32) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org On Mon, 2020-05-25 at 11:31 +0200, Stanislaw Gruszka wrote: > On Mon, May 25, 2020 at 11:15:29AM +0200, Johannes Berg wrote: > > On Sun, 2020-05-24 at 14:39 +0200, Stanislaw Gruszka wrote: > > > > And once mac80211 is smart enough to make those decisions, couldn't we > > > > just enable MFP by default? > > > > For the record, I don't think we'd really want to add such a thing to > > mac80211 ... easier done in the driver. > > > > > If we will have indicator from mac80211 that MFP is configured, we can > > > just return -EOPNOTSUPP from rt2x00mac_set_key() for CCMP and that will > > > make MFP work without specifying nohwcrypt module parameter - software > > > encryption will be used anyway. > > > > Not sure mac80211 really knows? Hmm. > > After looking at this a bit more, seems we have indicator of MFP being > used in ieee80211_sta structure. Yeah, where's my head ... sorry. > So maybe adding check like below > will allow to remove nohwcrypt rt2x00 requirement for MFP ? Seems reasonable, but will still do _everything_ in software for such connections. Still better than not connecting, I guess. johannes