From: Ivo van Doorn <ivdoorn@gmail.com>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org
Subject: Re: mac80211 hardware encryption
Date: Mon, 14 Apr 2008 18:27:50 +0200 [thread overview]
Message-ID: <200804141827.50991.IvDoorn@gmail.com> (raw)
In-Reply-To: <200804071645.43604.IvDoorn@gmail.com>
Hi,
I've implemented the steps for hardware encryption
including the part where the IV/EIV is being moved around.
I now have a different problem, the hw_key_idx is u8,
so is very limited to what can be stored in it. I am trying
to find a solution for the following problem without increasing
the size of hw_key_idx since it is also used in the ieee80211_tx_control
structure which should remain as small as possible to fix in skb->cb.
The problem is as follows:
rt61pci, rt73usb, rt2800pci and rt2800usb support both shared keys
as well as pairwise keys. When the "address" argument of set_key()
is a valid MAC address, then the key is considered to be pairwise,
otherwise it is a shared key.
rt61pci and rt73usb supports:
shared keys: 16 (4 per allowed virtual interface)
pairwise keys: 64 (16 per allowed virtual interface)
rt2800pci and rt2800usb supports:
shared keys: 32 (4 per allowed virtual interface)
pairwise keys: 256 (32 per allowed virtual interface)
This means that the hw_key_idx with rt2800 hardware is already
full when all keys are being supported. I am thinking of adding a flag
to the key structure and ieee80211_tx_control structure to indicate
if the key is shared or pairwise. This will safe 1 bit that otherwise has
to be reserved from the hw_key_idx.
Do you agree with such a flag addition, or should the driver not care
about pairwise vs. shared.
But now the fun part begins, the hardware needs the ieee80211_key_alg value
for encryption (don't ask why, the algorithm is also stored in the register
so it should be easy for the hardware to look it up directly).
What should be the best way to obtain this algorithm, should a callback
function be added, or should the driver keep a list in memory for all
added keys (which would be memory duplication since mac80211 also
has it in memory).
Thanks,
Ivo
next prev parent reply other threads:[~2008-04-14 16:25 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-05 17:31 mac80211 hardware encryption Ivo van Doorn
2008-04-06 16:44 ` Ivo van Doorn
2008-04-07 7:07 ` Jouni Malinen
2008-04-07 13:09 ` Johannes Berg
2008-04-07 13:34 ` Ivo van Doorn
2008-04-07 13:47 ` Johannes Berg
2008-04-07 14:10 ` Ivo van Doorn
2008-04-07 14:12 ` Johannes Berg
2008-04-07 14:26 ` Ivo van Doorn
2008-04-07 14:36 ` Johannes Berg
2008-04-07 14:45 ` Ivo van Doorn
2008-04-14 16:27 ` Ivo van Doorn [this message]
2008-04-14 18:39 ` Tomas Winkler
2008-04-14 21:07 ` Ivo van Doorn
2008-04-15 10:35 ` Johannes Berg
2008-04-15 15:17 ` Ivo van Doorn
2008-04-16 13:57 ` Johannes Berg
2008-04-17 10:14 ` Johannes Berg
2008-04-17 17:04 ` Ivo van Doorn
2008-04-15 15:55 ` Tomas Winkler
2008-04-16 6:15 ` Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200804141827.50991.IvDoorn@gmail.com \
--to=ivdoorn@gmail.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).