| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 4 Sep 2022 13:13:51 -0400
From: Alexander Aring <aahringo@...hat.com>
To: Miquel Raynal <miquel.raynal@...tlin.com>
Cc: Alexander Aring <alex.aring@...il.com>,
Stefan Schmidt <stefan@...enfreihafen.org>,
linux-wpan - ML <linux-wpan@...r.kernel.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Eric Dumazet <edumazet@...gle.com>,
Network Development <netdev@...r.kernel.org>,
David Girault <david.girault@...vo.com>,
Romuald Despres <romuald.despres@...vo.com>,
Frederic Blain <frederic.blain@...vo.com>,
Nicolas Schodet <nico@...fr.eu.org>,
Thomas Petazzoni <thomas.petazzoni@...tlin.com>
Subject: Re: [PATCH wpan-next v2 01/11] net: mac802154: Introduce filtering levels
Hi,
On Fri, Aug 26, 2022 at 10:41 AM Miquel Raynal
<miquel.raynal@...tlin.com> wrote:
>
> The 802154 specification details several filtering levels in which the
> PHY and the MAC could be. The amount of filtering will vary if they are
> in promiscuous mode or in scanning mode. Otherwise they are expected to
> do some very basic checks, such as enforcing the frame validity. Either
> the PHY is able to do so, and the MAC has nothing to do, or the PHY has
> a lower filtering level than expected and the MAC should take over.
>
> For now we define these levels in an enumeration, we add a per-PHY
> parameter showing the PHY filtering level and we set it to a default
> value. The drivers, if they cannot reach this level of filtering, should
> overwrite this value so that it reflects what they do. Then, in the
> core, this filtering level will be used to decide whether some
> additional software processing is needed or not.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@...tlin.com>
> ---
> include/net/cfg802154.h | 3 +++
> include/net/mac802154.h | 24 ++++++++++++++++++++++++
> net/mac802154/iface.c | 2 ++
> 3 files changed, 29 insertions(+)
>
> diff --git a/include/net/cfg802154.h b/include/net/cfg802154.h
> index 04b996895fc1..2f29e95da47a 100644
> --- a/include/net/cfg802154.h
> +++ b/include/net/cfg802154.h
> @@ -223,6 +223,9 @@ struct wpan_phy {
> atomic_t hold_txs;
> wait_queue_head_t sync_txq;
>
> + /* Current filtering level on reception */
> + unsigned long filtering;
> +
enum ieee802154_filtering_level?
> char priv[] __aligned(NETDEV_ALIGN);
> };
>
> diff --git a/include/net/mac802154.h b/include/net/mac802154.h
> index 357d25ef627a..41c28118790c 100644
> --- a/include/net/mac802154.h
> +++ b/include/net/mac802154.h
> @@ -130,6 +130,30 @@ enum ieee802154_hw_flags {
> #define IEEE802154_HW_OMIT_CKSUM (IEEE802154_HW_TX_OMIT_CKSUM | \
> IEEE802154_HW_RX_OMIT_CKSUM)
>
> +/**
> + * enum ieee802154_filtering_level - Filtering levels applicable to a PHY
> + *
> + * @IEEE802154_FILTERING_NONE: No filtering at all, what is received is
> + * forwarded to the softMAC
> + * @IEEE802154_FILTERING_1_FCS: First filtering level, frames with an invalid
> + * FCS should be dropped
> + * @IEEE802154_FILTERING_2_PROMISCUOUS: Second filtering level, promiscuous
> + * mode, identical in terms of filtering to the first level at the PHY
> + * level, but no ACK should be transmitted automatically and at the MAC
> + * level the frame should be forwarded to the upper layer directly
You have no ACK back in all filtering levels except in
IEEE802154_FILTERING_4_FRAME_FIELDS. It is some kind of mixed thing
between "receive mode and filtering mode" but I am fine with it.
> + * @IEEE802154_FILTERING_3_SCAN: Third filtering level, enforced during scans,
> + * which only forwards beacons
> + * @IEEE802154_FILTERING_4_FRAME_FIELDS: Fourth filtering level actually
> + * enforcing the validity of the content of the frame with various checks
> + */
> +enum ieee802154_filtering_level {
> + IEEE802154_FILTERING_NONE,
> + IEEE802154_FILTERING_1_FCS,
> + IEEE802154_FILTERING_2_PROMISCUOUS,
> + IEEE802154_FILTERING_3_SCAN,
> + IEEE802154_FILTERING_4_FRAME_FIELDS,
> +};
> +
> /* struct ieee802154_ops - callbacks from mac802154 to the driver
> *
> * This structure contains various callbacks that the driver may
> diff --git a/net/mac802154/iface.c b/net/mac802154/iface.c
> index 500ed1b81250..4bab2807acbe 100644
> --- a/net/mac802154/iface.c
> +++ b/net/mac802154/iface.c
> @@ -587,6 +587,7 @@ ieee802154_setup_sdata(struct ieee802154_sub_if_data *sdata,
> sdata->dev->netdev_ops = &mac802154_wpan_ops;
> sdata->dev->ml_priv = &mac802154_mlme_wpan;
> wpan_dev->promiscuous_mode = false;
> + wpan_dev->wpan_phy->filtering = IEEE802154_FILTERING_4_FRAME_FIELDS;
> wpan_dev->header_ops = &ieee802154_header_ops;
>
> mutex_init(&sdata->sec_mtx);
> @@ -601,6 +602,7 @@ ieee802154_setup_sdata(struct ieee802154_sub_if_data *sdata,
> sdata->dev->needs_free_netdev = true;
> sdata->dev->netdev_ops = &mac802154_monitor_ops;
> wpan_dev->promiscuous_mode = true;
> + wpan_dev->wpan_phy->filtering = IEEE802154_FILTERING_2_PROMISCUOUS;
In my opinion this is currently IEEE802154_FILTERING_NONE ?
- Alex
Powered by blists - more mailing lists