This is a preliminary patch set. The 802.15.4 standard contains a specification for link-layer security in compliant networks. This patch series implements the specification for the most part, with some minor changes to improve performance of the resulting system and to allow things that are not possible in the original specification.
Differences to the standard are: * Keys do not contain a list of devices that use this keys, devices contain a list of keys they use. This is done to improve performance of key lookup and key usage recording during decryption, if activated. * Added an option to restrict keys a device may use with frame counters per allowed key instead of per device. This allows for reliable key rollover in our networks, which isn't possible without compromising security in a plain 802.15.4-2011 network. As specified in the -2011 standards document, secured frames compatible with the -2003 version of the standard are treated as erroneous. -- Phoebe Buckheister (23): ieee802154: add definitions for link-layer security and header functions 6lowpan: simplify/fix payload length calculation ieee802154: change _cb handling slightly ieee802154: don't ignore "to" argument in unbound dgram sendmsg ieee802154: add types for link-layer security mac802154: update Kconfig mac802154: add llsec init/destroy and parameter access functions mac802154: add llsec key management functions mac802154: add llsec device management functions mac802154: add llsec device key management functions mac802154: add llsec security level management functions mac802154: add llsec encryption method mac802154: add llsec decryption method mac802154: integrate llsec with wpan devices ieee802154: add dgram sockopts for security control mac802154: add llsec configuration functions mac802154: propagate device address changes to llsec ieee802154: add netlink interfaces for llsec parameter configuration ieee802154: add netlink interfaces for llsec key table configuration ieee802154: add netlink interface for llsec device table configuration ieee802154: add netlink interface for llsec devkey table configuration ieee802154: add netlink interface for llsec seclevel table configuration mac802154: implement devkey record option include/linux/nl802154.h | 31 ++ include/net/af_ieee802154.h | 10 +- include/net/ieee802154.h | 9 + include/net/ieee802154_netdev.h | 187 ++++++- net/ieee802154/6lowpan_rtnl.c | 33 +- net/ieee802154/dgram.c | 88 +++- net/ieee802154/header_ops.c | 52 +- net/ieee802154/ieee802154.h | 19 + net/ieee802154/netlink.c | 20 + net/ieee802154/nl-mac.c | 791 ++++++++++++++++++++++++++++++ net/ieee802154/nl_policy.c | 16 + net/mac802154/Kconfig | 4 + net/mac802154/Makefile | 3 +- net/mac802154/llsec.c | 1022 +++++++++++++++++++++++++++++++++++++++ net/mac802154/llsec.h | 112 +++++ net/mac802154/mac802154.h | 41 ++ net/mac802154/mac_cmd.c | 42 +- net/mac802154/mib.c | 188 ++++++- net/mac802154/rx.c | 2 - net/mac802154/wpan.c | 170 +++++-- 20 files changed, 2751 insertions(+), 89 deletions(-) ------------------------------------------------------------------------------ Is your legacy SCM system holding you back? Join Perforce May 7 to find out: • 3 signs your SCM is hindering your productivity • Requirements for releasing software faster • Expert tips and advice for migrating your SCM now http://p.sf.net/sfu/perforce _______________________________________________ Linux-zigbee-devel mailing list Linux-zigbee-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-zigbee-devel