[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-wireless
Subject: Re: [PATCH] cfg80211: Random local address for Public Action frame exchange
From: IgorMitsyanko <igor.mitsyanko.os () quantenna ! com>
Date: 2016-12-30 19:55:48
Message-ID: cf228384-c98e-737e-3ba6-6c18e988210c () quantenna ! com
[Download RAW message or body]
On 12/20/2016 11:39 PM, Jouni Malinen wrote:
> From: vamsi krishna <vamsin-Rm6X0d1/PG5y9aJCnZT0Uw@public.gmane.org>
>
> Add support to use random local address (Address 2 = SA in transmit and
> the same address in receive functionality) for Public Action frames in
> order to improve privacy of WLAN clients. Applications fill the random
> source address in the frame buffer along with setting the
> NL80211_ATTR_RANDOM_SA flag when using the NL80211_CMD_FRAME command.
> This can be used only with the drivers that indicate support for random
> local address by setting the new NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA
> and/or NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA_CONNECTED in ext_features.
>
> The driver needs to configure receive behavior to accept frames to the
> specified random address during the time the frame exchange is pending
> and such frames need to be acknowledged similarly to frames sent to the
> local permanent address when this random address functionality is not
> used.
A (probably) silly question: how wireless drivers are supposed to use SA
in a frame? I think drivers are not concerned about source address, they
simply pass whatever there is already set by userspace in
cfg80211_mgmt_tx_params::buf into air on Tx.
And on Rx, they filter frames based on receiver address/BSSID, pass it
to upper layers and do not care what address is in DA (it is handled by
upper layers).
What can we use random_sa flag introduced in this patch for then?
>
> Signed-off-by: vamsi krishna <vamsin-Rm6X0d1/PG5y9aJCnZT0Uw@public.gmane.org>
> Signed-off-by: Jouni Malinen <jouni-A+ZNKFmMK5xy9aJCnZT0Uw@public.gmane.org>
> ---
> include/net/cfg80211.h | 6 ++++++
> include/uapi/linux/nl80211.h | 16 ++++++++++++++++
> net/wireless/mlme.c | 5 ++++-
> net/wireless/nl80211.c | 14 ++++++++++++++
> 4 files changed, 40 insertions(+), 1 deletion(-)
>
> diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
> index ca2ac1c..c442e4c 100644
> --- a/include/net/cfg80211.h
> +++ b/include/net/cfg80211.h
> @@ -2303,6 +2303,11 @@ struct cfg80211_update_ft_ies_params {
> * @dont_wait_for_ack: tells the low level not to wait for an ack
> * @n_csa_offsets: length of csa_offsets array
> * @csa_offsets: array of all the csa offsets in the frame
> + * @random_sa: indicates whether the source address is randomized. When this is
> + * true, the driver needs to transmit the management frame using the
> + * address specified in the SA field (Address 2) in the buffer and the
> + * driver needs to receive and acknowledge the response frame to this
> + * address instead of its permanent MAC address.
> */
> struct cfg80211_mgmt_tx_params {
> struct ieee80211_channel *chan;
> @@ -2314,6 +2319,7 @@ struct cfg80211_mgmt_tx_params {
> bool dont_wait_for_ack;
> int n_csa_offsets;
> const u16 *csa_offsets;
> + bool random_sa;
> };
>
> /**
> diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h
> index d74e10b..cffc117 100644
> --- a/include/uapi/linux/nl80211.h
> +++ b/include/uapi/linux/nl80211.h
> @@ -567,6 +567,9 @@
> * %NL80211_ATTR_CSA_C_OFFSETS_TX is an array of offsets to CSA
> * counters which will be updated to the current value. This attribute
> * is used during CSA period.
> + * When sending a Public Action frame, %NL80211_ATTR_MGMT_TX_RANDOM_SA can
> + * be used to indicate that random local address (SA) is used for the
> + * exchange.
> * @NL80211_CMD_FRAME_WAIT_CANCEL: When an off-channel TX was requested, this
> * command may be used with the corresponding cookie to cancel the wait
> * time if it is known that it is no longer necessary.
> @@ -1915,6 +1918,11 @@ enum nl80211_commands {
> * %NL80211_ATTR_IFTYPE, %NL80211_ATTR_EXT_CAPA,
> * %NL80211_ATTR_EXT_CAPA_MASK, to specify the extended capabilities per
> * interface type.
> + * @NL80211_ATTR_MGMT_TX_RANDOM_SA: A flag attribute indicating whether the
> + * source address is randomized in frames sent using %NL80211_CMD_FRAME.
> + * If this flag is not set, the source address field is verified to match
> + * local MAC address. Random SA can be used only with Public Action frames
> + * (e.g., GAS/ANQP).
> *
> * @NL80211_ATTR_MU_MIMO_GROUP_DATA: array of 24 bytes that defines a MU-MIMO
> * groupID for monitor mode.
> @@ -2386,6 +2394,8 @@ enum nl80211_attrs {
>
> NL80211_ATTR_BSSID,
>
> + NL80211_ATTR_MGMT_TX_RANDOM_SA,
> +
> /* add attributes here, update the policy in nl80211.c */
>
> __NL80211_ATTR_AFTER_LAST,
> @@ -4697,6 +4707,10 @@ enum nl80211_feature_flags {
> * configuration (AP/mesh) with VHT rates.
> * @NL80211_EXT_FEATURE_FILS_STA: This driver supports Fast Initial Link Setup
> * with user space SME (NL80211_CMD_AUTHENTICATE) in station mode.
> + * @NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA: This driver supports randomized SA
> + * in @NL80211_CMD_FRAME while not associated.
> + * @NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA_CONNECTED: This driver supports
> + * randomized SA in @NL80211_CMD_FRAME while associated.
> *
> * @NUM_NL80211_EXT_FEATURES: number of extended features.
> * @MAX_NL80211_EXT_FEATURES: highest extended feature index.
> @@ -4712,6 +4726,8 @@ enum nl80211_ext_feature_index {
> NL80211_EXT_FEATURE_BEACON_RATE_HT,
> NL80211_EXT_FEATURE_BEACON_RATE_VHT,
> NL80211_EXT_FEATURE_FILS_STA,
> + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA,
> + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA_CONNECTED,
>
> /* add new features before the definition below */
> NUM_NL80211_EXT_FEATURES,
> diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
> index 4646cf5..9568a72 100644
> --- a/net/wireless/mlme.c
> +++ b/net/wireless/mlme.c
> @@ -657,7 +657,10 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
> return err;
> }
>
> - if (!ether_addr_equal(mgmt->sa, wdev_address(wdev)))
> + if (!(params->random_sa &&
> + (ieee80211_is_action(mgmt->frame_control) &&
> + mgmt->u.action.category == WLAN_CATEGORY_PUBLIC)) &&
> + !ether_addr_equal(mgmt->sa, wdev_address(wdev)))
> return -EINVAL;
>
> /* Transmit the Action frame as requested by user space */
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index 2369265..efced76 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -405,6 +405,7 @@ enum nl80211_multicast_groups {
> [NL80211_ATTR_FILS_NONCES] = { .len = 2 * FILS_NONCE_LEN },
> [NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, },
> [NL80211_ATTR_BSSID] = { .len = ETH_ALEN },
> + [NL80211_ATTR_MGMT_TX_RANDOM_SA] = { .type = NLA_FLAG },
> };
>
> /* policy for the key attributes */
> @@ -9209,6 +9210,19 @@ static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
> }
> }
>
> + params.random_sa = nla_get_flag(
> + info->attrs[NL80211_ATTR_MGMT_TX_RANDOM_SA]);
> + if (params.random_sa &&
> + ((!wdev->current_bss &&
> + !wiphy_ext_feature_isset(
> + &rdev->wiphy,
> + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA)) ||
> + (wdev->current_bss &&
> + !wiphy_ext_feature_isset(
> + &rdev->wiphy,
> + NL80211_EXT_FEATURE_MGMT_TX_RANDOM_SA_CONNECTED))))
> + return -EINVAL;
> +
> if (!params.dont_wait_for_ack) {
> msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
> if (!msg)
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic