From: "Jouni Malinen" <jkm@devicescape.com>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: netdev <netdev@vger.kernel.org>, Jiri Benc <jbenc@suse.cz>
Subject: Re: 802.11/crypto questions
Date: Mon, 7 Aug 2006 10:29:46 -0700 [thread overview]
Message-ID: <20060807172946.GI4702@instant802.com> (raw)
In-Reply-To: <1154410852.17333.4.camel@johannes.berg>
On Tue, Aug 01, 2006 at 07:40:52AM +0200, Johannes Berg wrote:
> Since there's been lots of talk about multi-STA or multi-BSSID devices
> (more than one client, more than one AP on the same PHY) and I was just
> looking into some crypto stuff on bcm43xx, it got me wondering.
>
> The bcm43xx has an elaborate group key matching thingie which will be
> useful if it's all WPA2, but if it's say just plain WEP, then that is a
> problem since you'd either need to use the same keys or disable the
> bcm43xx crypto hardware.
>
> Hence, I suppose the question really is -- does the dscape stack allow
> changing the 'sw crypto needed' flag on the fly?
Depends on what exactly you mean with "on the fly". We have indeed
changed between doing software and hardware crypto for some cases, e.g.,
when enabling another BSS while one BSS is using static WEP (which would
need default WEP keys in hwaccel) in one BSS, we may disable hwaccel for
the receive case. Not all configuration changes are yet supported with
minimal modification, i.e., hostapd may end up having to disconnect all
stations and start over with such a change, but still, the driver should
be prepared on dynamically changing the key configuration and this can
include moving some keys from hwaccel to software.
If it can be done without major effort, I would recommend making the
low-level drivers quite flexible as far as configuring keys to hardware
accelaration is concerned. Depending on the hardware design, there may
be multiple different ways of doing this and some multi-BSS
configurations are likely to require changes in how the keys are used
between hardware and software.
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2006-08-07 17:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-01 5:40 802.11/crypto questions Johannes Berg
2006-08-07 17:29 ` Jouni Malinen [this message]
2006-08-08 11:35 ` Johannes Berg
2006-08-08 15:57 ` Jouni Malinen
2006-08-08 16:09 ` Ivo van Doorn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060807172946.GI4702@instant802.com \
--to=jkm@devicescape.com \
--cc=jbenc@suse.cz \
--cc=johannes@sipsolutions.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).