From: Sai Pratyusha Magam <sai.magam@oss.qualcomm.com>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org, quic_drohan@quicinc.com
Subject: Re: [PATCH wireless-next v2] wifi: mac80211: Fix AAD/Nonce computation for management frames with MLO
Date: Tue, 10 Feb 2026 18:30:18 +0530 [thread overview]
Message-ID: <4a7f19a4-97bf-4dae-9020-27da3297fc68@oss.qualcomm.com> (raw)
In-Reply-To: <ff9330f7e17da9c7c1ba87b9400051a9bec29aa4.camel@sipsolutions.net>
On 2/9/2026 4:57 PM, Johannes Berg wrote:
> Hi,
>
> So that looks like a huge improvement to me, nice! :-)
>
> On Sun, 2026-02-08 at 13:48 +0530, Sai Pratyusha Magam wrote:
>> The hybrid way of having both HW/driver based crypto for certain frames
>> and SW crypto for others require that the fast-xmit path be skipped
>> when the above mentioned key flag is set, since data frames still rely
>> on software based crypto
>
> I can understand this sentence in the sense of "A => B", and it
> describes why B follows from A, but ... why do you even need A? I.e. why
> do you want to do this for management frames only, it seems the encrypt
> function and having hwsim worry about it should work just as well for
> data frames?
>
> If I restrict hwsim [1] to only pairwise and CCMP/GCMP (clearly it
> doesn't handle TKIP due to Michael MIC, WEP is irrelevant, BIGTK isn't
> handled in hwsim), then it mostly works without all of that extra logic
> for me for the tests. Maybe need to think about IGTK here though, some
> tests are still failing.
>
> [1] https://p.sipsolutions.net/d101bc31582cadcf.txt
>
Hi Johannes, Thank you for [1], yes the extra logic I had added
(IEEE80211_KEY_FLAG_MGMT_TX_ENC_OFFLOAD) to prevent offload for
AES-CMAC/AES-GMAC, i.e, MMIE addition for beacons(BIGTK) and broadcast
robust management frames(IGTK) and for WEP/TKIP cases was not needed and
the correct return value in the set_key ops was all that was needed to
selectively offload encryption for CCMP/GCMP. I missed that.
Today, I tried with [1] , removed the redundant logic around the
additional key flag this patch
introduced(IEEE80211_KEY_FLAG_MGMT_TX_ENC_OFFLOAD) and data tx
encryption offload, i.e ieee80211_encrypt_tx_skb() before address
translation.
I was able to pass the existing hwsim test cases that include test cases
for beacon protection, broadcast robust mgmt, WEP/TKIP, unicast/bcast
data and encrypted Assoc (EPP)
>
> But if we do that (even if I don't like it, I'd rather fix the remaining
> issues), then you need to document reason for it.
>
sorry, I did not follow this?
> johannes
next prev parent reply other threads:[~2026-02-10 13:01 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-08 8:18 [PATCH wireless-next v2] wifi: mac80211: Fix AAD/Nonce computation for management frames with MLO Sai Pratyusha Magam
2026-02-09 11:27 ` Johannes Berg
2026-02-09 11:50 ` Johannes Berg
2026-02-10 13:00 ` Sai Pratyusha Magam [this message]
2026-02-10 13:54 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4a7f19a4-97bf-4dae-9020-27da3297fc68@oss.qualcomm.com \
--to=sai.magam@oss.qualcomm.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=quic_drohan@quicinc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox