In AP mode hardware encryption for WEP was not used on the RX side because there was a mismatch in the key indices. The key index in the WLAN header is 0-3 while the hardware key cache was configured for key indices >= 4. This is ok for transmit but received packets were not decrypted in HW and therefore mac80211 had to decrypt them in SW - this can be easily seen by adding some debug prints in mac80211/wep.c (around line 296). I have noticed it by watching the system CPU load under high traffic. This patch configures WEP keys into the "standard" key indices 0-4 which were reserved for that. Tested with ath5k on a 600MHz mips board the difference is ~15% CPU load (with this patch) vs. ~45% CPU load (before) when the AP receives 28Mbps of WEP encrypted data. Signed-off-by: Bruno Randolf <br1@xxxxxxxxxxx> --- drivers/net/wireless/ath/key.c | 14 +++++++++++--- 1 files changed, 11 insertions(+), 3 deletions(-) diff --git a/drivers/net/wireless/ath/key.c b/drivers/net/wireless/ath/key.c index 5d465e5..5748dae 100644 --- a/drivers/net/wireless/ath/key.c +++ b/drivers/net/wireless/ath/key.c @@ -465,6 +465,16 @@ int ath_key_config(struct ath_common *common, hk.kv_len = key->keylen; memcpy(hk.kv_val, key->key, key->keylen); + /* set WEP keys directly to index */ + if ((key->cipher == WLAN_CIPHER_SUITE_WEP40 || + key->cipher == WLAN_CIPHER_SUITE_WEP104) && key->keyidx < 4) { + ret = ath_hw_set_keycache_entry(common, key->keyidx, &hk, NULL); + if (!ret) + return -EIO; + set_bit(key->keyidx, common->keymap); + return key->keyidx; + } + if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) { switch (vif->type) { case NL80211_IFTYPE_AP: @@ -541,10 +551,8 @@ EXPORT_SYMBOL(ath_key_config); void ath_key_delete(struct ath_common *common, struct ieee80211_key_conf *key) { ath_hw_keyreset(common, key->hw_key_idx); - if (key->hw_key_idx < IEEE80211_WEP_NKID) - return; - clear_bit(key->hw_key_idx, common->keymap); + if (key->cipher != WLAN_CIPHER_SUITE_TKIP) return; -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html