From: Jouni Malinen <j@w1.fi>
To: "John W. Linville" <linville@tuxdriver.com>,
Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org,
Jouni Malinen <jouni.malinen@atheros.com>
Subject: [PATCHv2 12/16] mac80211: 802.11w - Optional software CCMP for management frames
Date: Thu, 08 Jan 2009 13:32:10 +0200 [thread overview]
Message-ID: <20090108113405.509040837@atheros.com> (raw)
In-Reply-To: 20090108113158.681894124@atheros.com
If driver/firmware/hardware does not support CCMP for management
frames, it can now request mac80211 to take care of encrypting and
decrypting management frames (when MFP is enabled) in software. The
will need to add this new IEEE80211_KEY_FLAG_SW_MGMT flag when a CCMP
key is being configured for TX side and return the undecrypted frames
on RX side without RX_FLAG_DECRYPTED flag to use software CCMP for
management frames (but hardware for data frames).
Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com>
---
include/net/mac80211.h | 4 ++++
net/mac80211/wpa.c | 9 +++++++--
2 files changed, 11 insertions(+), 2 deletions(-)
--- wireless-testing.orig/include/net/mac80211.h 2009-01-08 13:06:27.000000000 +0200
+++ wireless-testing/include/net/mac80211.h 2009-01-08 13:06:48.000000000 +0200
@@ -693,12 +693,16 @@ enum ieee80211_key_len {
* generation in software.
* @IEEE80211_KEY_FLAG_PAIRWISE: Set by mac80211, this flag indicates
* that the key is pairwise rather then a shared key.
+ * @IEEE80211_KEY_FLAG_SW_MGMT: This flag should be set by the driver for a
+ * CCMP key if it requires CCMP encryption of management frames (MFP) to
+ * be done in software.
*/
enum ieee80211_key_flags {
IEEE80211_KEY_FLAG_WMM_STA = 1<<0,
IEEE80211_KEY_FLAG_GENERATE_IV = 1<<1,
IEEE80211_KEY_FLAG_GENERATE_MMIC= 1<<2,
IEEE80211_KEY_FLAG_PAIRWISE = 1<<3,
+ IEEE80211_KEY_FLAG_SW_MGMT = 1<<4,
};
/**
--- wireless-testing.orig/net/mac80211/wpa.c 2009-01-08 13:06:24.000000000 +0200
+++ wireless-testing/net/mac80211/wpa.c 2009-01-08 13:06:48.000000000 +0200
@@ -369,9 +369,14 @@ static int ccmp_encrypt_skb(struct ieee8
int hdrlen, len, tail;
u8 *pos, *pn;
int i;
+ bool skip_hw;
+
+ skip_hw = (tx->key->conf.flags & IEEE80211_KEY_FLAG_SW_MGMT) &&
+ ieee80211_is_mgmt(hdr->frame_control);
if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
- !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
+ !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
+ !skip_hw) {
/* hwaccel - with no need for preallocated room for CCMP
* header or MIC fields */
info->control.hw_key = &tx->key->conf;
@@ -406,7 +411,7 @@ static int ccmp_encrypt_skb(struct ieee8
ccmp_pn2hdr(pos, pn, key->conf.keyidx);
- if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
+ if ((key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && !skip_hw) {
/* hwaccel - with preallocated room for CCMP header */
info->control.hw_key = &tx->key->conf;
return 0;
--
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2009-01-08 11:34 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-08 11:31 [PATCHv2 00/16] mac80211: IEEE 802.11w (management frame protection) Jouni Malinen
2009-01-08 11:31 ` [PATCHv2 01/16] mac80211: 802.11w - STA flag for MFP Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 02/16] mac80211: 802.11w - CCMP for management frames Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 03/16] mac80211: 802.11w - Add BIP (AES-128-CMAC) Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 04/16] mac80211: 802.11w - Use " Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 05/16] mac80211: 802.11w - WEXT parameter for setting mgmt cipher Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 06/16] mac80211: 802.11w - WEXT configuration for IGTK Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 07/16] mac80211: 802.11w - Configuration of MFP disabled/optional/required Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 08/16] mac80211: 802.11w - SA Query processing Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 09/16] mac80211: 802.11w - Do not force Action frames to disable encryption Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 10/16] mac80211: 802.11w - Drop unprotected robust management frames if MFP is used Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 11/16] mac80211: 802.11w - Implement Association Comeback processing Jouni Malinen
2009-01-08 11:32 ` Jouni Malinen [this message]
2009-01-08 11:32 ` [PATCHv2 13/16] mac80211: 802.11w - Add driver capability flag for MFP Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 14/16] ath9k: Fix set_key error codes Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 15/16] ath9k: Setup MFP options for CCMP Jouni Malinen
2009-01-08 11:32 ` [PATCHv2 16/16] mac80211_hwsim: Report driver as MFP capable Jouni Malinen
2009-01-08 12:07 ` [PATCHv2 00/16] mac80211: IEEE 802.11w (management frame protection) Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090108113405.509040837@atheros.com \
--to=j@w1.fi \
--cc=johannes@sipsolutions.net \
--cc=jouni.malinen@atheros.com \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).