Re: mac80211 hardware encryption

linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Ivo van Doorn <ivdoorn@gmail.com>
To: "Tomas Winkler" <tomasw@gmail.com>
Cc: "Johannes Berg" <johannes@sipsolutions.net>,
	linux-wireless@vger.kernel.org
Subject: Re: mac80211 hardware encryption
Date: Mon, 14 Apr 2008 23:07:48 +0200	[thread overview]
Message-ID: <200804142307.48550.IvDoorn@gmail.com> (raw)
In-Reply-To: <1ba2fa240804141139ua5f6f26k6920001ceb59443e@mail.gmail.com>

On Monday 14 April 2008, Tomas Winkler wrote:
> On Mon, Apr 14, 2008 at 7:27 PM, Ivo van Doorn <ivdoorn@gmail.com> wrote:
> > Hi,
> >
> > I've implemented the steps for hardware encryption
> > including the part where the IV/EIV is being moved around.
> >
> > I now have a different problem, the hw_key_idx is u8,
> > so is very limited to what can be stored in it. I am trying
> > to find a solution for the following problem without increasing
> > the size of hw_key_idx since it is also used in the ieee80211_tx_control
> > structure which should remain as small as possible to fix in skb->cb.
> >
> > The problem is as follows:
> > rt61pci, rt73usb, rt2800pci and rt2800usb support both shared keys
> > as well as pairwise keys. When the "address" argument of set_key()
> > is a valid MAC address, then the key is considered to be pairwise,
> > otherwise it is a shared key.
> >
> > rt61pci and rt73usb supports:
> > shared keys: 16 (4 per allowed virtual interface)
> > pairwise keys: 64 (16 per allowed virtual interface)
> >
> > rt2800pci and rt2800usb supports:
> > shared keys: 32 (4 per allowed virtual interface)
> > pairwise keys: 256 (32 per allowed virtual interface)
> >
> > This means that the hw_key_idx with rt2800 hardware is already
> > full when all keys are being supported. I am thinking of adding a flag
> > to the key structure and ieee80211_tx_control structure to indicate
> > if the key is shared or pairwise. This will safe 1 bit that otherwise has
> > to be reserved from the hw_key_idx.
> > Do you agree with such a flag addition, or should the driver not care
> > about pairwise vs. shared.
> >
> > But now the fun part begins, the hardware needs the ieee80211_key_alg value
> > for encryption (don't ask why, the algorithm is also stored in the register
> > so it should be easy for the hardware to look it up directly).
> > What should be the best way to obtain this algorithm, should a callback
> > function be added, or should the driver keep a list in memory for all
> > added keys (which would be memory duplication since mac80211 also
> > has it in memory).
> >
> > Thanks,
> >
> >
> Not sure what was intention for hw_key_idx but currently there are assignment
> from key->conf.keyidx to hw_key_idx and visa versa.  keyidx is used
> for 802.11 key index [1..4]
> So it's quit risky to use it for something else

That souds like a bug in mac80211 then. hw_key_idx is for internal use for the driver,
and mac80211 should never expect the driver to set it to a particular value.
Otherwise drivers won't be able to differentiate between keys for particular interfaces,
or pairwise keys, which should be supported since mac80211 passes the address argument
for a reason ;)

Ivo

next prev parent reply	other threads:[~2008-04-14 21:05 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-04-05 17:31 mac80211 hardware encryption Ivo van Doorn
2008-04-06 16:44 ` Ivo van Doorn
2008-04-07  7:07   ` Jouni Malinen
2008-04-07 13:09 ` Johannes Berg
2008-04-07 13:34   ` Ivo van Doorn
2008-04-07 13:47     ` Johannes Berg
2008-04-07 14:10       ` Ivo van Doorn
2008-04-07 14:12         ` Johannes Berg
2008-04-07 14:26           ` Ivo van Doorn
2008-04-07 14:36             ` Johannes Berg
2008-04-07 14:45               ` Ivo van Doorn
2008-04-14 16:27                 ` Ivo van Doorn
2008-04-14 18:39                   ` Tomas Winkler
2008-04-14 21:07                     ` Ivo van Doorn [this message]
2008-04-15 10:35                       ` Johannes Berg
2008-04-15 15:17                         ` Ivo van Doorn
2008-04-16 13:57                           ` Johannes Berg
2008-04-17 10:14                           ` Johannes Berg
2008-04-17 17:04                             ` Ivo van Doorn
2008-04-15 15:55                         ` Tomas Winkler
2008-04-16  6:15                     ` Jouni Malinen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200804142307.48550.IvDoorn@gmail.com \
    --to=ivdoorn@gmail.com \
    --cc=johannes@sipsolutions.net \
    --cc=linux-wireless@vger.kernel.org \
    --cc=tomasw@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).