On Mon, Aug 08, 2011 at 08:04:50PM -0600, Felix Fietkau wrote: > On 2011-08-08 1:19 PM, Bill Jordan wrote: > > The first 4 hardware key indexes are reserved for WEP, but > > never programmed. The result was that WEP always used > > software decryption. Not really.. They have a special role receiving group addressed frames and may be used with static WEP configuration, but there is no strict reservation of them being for WEP or other key indexes not being available for WEP. > > diff --git a/drivers/net/wireless/ath/key.c b/drivers/net/wireless/ath/key.c > > @@ -501,7 +501,11 @@ int ath_key_config(struct ath_common *common, > > if (key->keylen) > > memcpy(hk.kv_val, key->key, key->keylen); > > > > - if (!(key->flags& IEEE80211_KEY_FLAG_PAIRWISE)) { > > + if (hk.kv_type == ATH_CIPHER_WEP) { > > + if (key->keyidx>= IEEE80211_WEP_NKID) > > + return -EOPNOTSUPP; > > + idx = key->keyidx; > > + } else if (!(key->flags& IEEE80211_KEY_FLAG_PAIRWISE)) { > I'm not sure this is a good idea, this would break adding pairwise WEP > keys. Also, maybe WEP keys could use the BSSID in the lookup to avoid > the first 4 keycache slots, that way it'd work properly in multi-BSSID > AP setups. Agreed, this should not be applied. As far as AP mode is concerned, there is no need to actually receive group addressed frames, so other key slots can be used regardless of the key index. Multi-BSSID AP setup with multiple BSSes that use static WEP keys is not going to work well, but then again, no one really should be using WEP anymore and I have no problems forcing that special use case to use software encryption/decryption. While dynamic WEP key setup with IEEE 802.1X is not really that much better, doing changes to improve some static WEP cases at the cost of reduced dynamic WEP functionality does not sound like a good direction. If the goal here was to improve station mode functionality in the case where a single WEP network is being used, it should be done more carefully to avoid causing problems to other cases. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html