On Wed, Jan 07, 2009 at 01:08:38PM +0100, Johannes Berg wrote: > On Wed, 2009-01-07 at 13:23 +0200, Jouni Malinen wrote: > > plain text document attachment (ieee80211w-sw-mgmt-ccmp.patch) > > If driver/firmware/hardware does not support CCMP for management > > frames, it can now request mac80211 to take care of encryption and > > decryption of management frames (when MFP is enabled) in software. The > > driver will need to add this new IEEE80211_KEY_FLAG_SW_MGMT flag when a > > CCMP key is being configured for TX side and return the encrypted frames > > on RX side without RX_FLAG_DECRYPTED flag to use software CCMP for > > management frames (but hardware for data frames). > > Wouldn't it be better to invert the meaning of the flag so we don't have > to update all drivers now? It's likely that people won't test CCMP hw > encryption and also that it won't work, I'd think, no? I did consider this, but could not convince myself that drivers would be expected to work without some testing and likely changes.. I do not care that much which way this is, so if you want this to be inverted, that's fine, too. I might even go as far as adding an explicit capability flag that drivers will need to set to claim MFP support and export this to userspace so that hostapd/wpa_supplicant could refuse the configuration early. With that kind of flag, inverting this key flag does not get much since the drivers would need to be changed anyway for MFP to work in every case. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
