This is a preliminary patch set.
The 802.15.4 standard contains a specification for link-layer security in
compliant networks. This patch series implements the specification for the most
part, with some minor changes to improve performance of the resulting system
and to allow things that are not possible in the original specification.
Differences to the standard are:
* Keys do not contain a list of devices that use this keys, devices contain
a list of keys they use. This is done to improve performance of key lookup
and key usage recording during decryption, if activated.
* Added an option to restrict keys a device may use with frame counters per
allowed key instead of per device. This allows for reliable key rollover in
our networks, which isn't possible without compromising security in a plain
802.15.4-2011 network.
As specified in the -2011 standards document, secured frames compatible with
the -2003 version of the standard are treated as erroneous.
--
Phoebe Buckheister (23):
ieee802154: add definitions for link-layer security and header functions
6lowpan: simplify/fix payload length calculation
ieee802154: change _cb handling slightly
ieee802154: don't ignore "to" argument in unbound dgram sendmsg
ieee802154: add types for link-layer security
mac802154: update Kconfig
mac802154: add llsec init/destroy and parameter access functions
mac802154: add llsec key management functions
mac802154: add llsec device management functions
mac802154: add llsec device key management functions
mac802154: add llsec security level management functions
mac802154: add llsec encryption method
mac802154: add llsec decryption method
mac802154: integrate llsec with wpan devices
ieee802154: add dgram sockopts for security control
mac802154: add llsec configuration functions
mac802154: propagate device address changes to llsec
ieee802154: add netlink interfaces for llsec parameter configuration
ieee802154: add netlink interfaces for llsec key table configuration
ieee802154: add netlink interface for llsec device table configuration
ieee802154: add netlink interface for llsec devkey table configuration
ieee802154: add netlink interface for llsec seclevel table configuration
mac802154: implement devkey record option
include/linux/nl802154.h | 31 ++
include/net/af_ieee802154.h | 10 +-
include/net/ieee802154.h | 9 +
include/net/ieee802154_netdev.h | 187 ++++++-
net/ieee802154/6lowpan_rtnl.c | 33 +-
net/ieee802154/dgram.c | 88 +++-
net/ieee802154/header_ops.c | 52 +-
net/ieee802154/ieee802154.h | 19 +
net/ieee802154/netlink.c | 20 +
net/ieee802154/nl-mac.c | 791 ++++++++++++++++++++++++++++++
net/ieee802154/nl_policy.c | 16 +
net/mac802154/Kconfig | 4 +
net/mac802154/Makefile | 3 +-
net/mac802154/llsec.c | 1022 +++++++++++++++++++++++++++++++++++++++
net/mac802154/llsec.h | 112 +++++
net/mac802154/mac802154.h | 41 ++
net/mac802154/mac_cmd.c | 42 +-
net/mac802154/mib.c | 188 ++++++-
net/mac802154/rx.c | 2 -
net/mac802154/wpan.c | 170 +++++--
20 files changed, 2751 insertions(+), 89 deletions(-)
------------------------------------------------------------------------------
Is your legacy SCM system holding you back? Join Perforce May 7 to find out:
• 3 signs your SCM is hindering your productivity
• Requirements for releasing software faster
• Expert tips and advice for migrating your SCM now
http://p.sf.net/sfu/perforce
_______________________________________________
Linux-zigbee-devel mailing list
Linux-zigbee-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-zigbee-devel
