On Mon, 2012-09-03 at 00:53 +0200, Christian Lamparter wrote: > > > While the documentation hints that there's some > > > hardware support for offloading MFP "decryption", > > > this simple implementation relies on the mac80211 > > > stack to do the actual crypto operations. > > > > Maybe we need to clarify the documentation... > > Something like a special section about converting > drivers of legacy devices like this one, or more > general? Sorry, I got confused. I was thinking of clarifying the *mac80211* documentation about why the flag exists and what the caveats are that I described below. > > You should verify that unicast management frames are properly encrypted > > and decrypted by the hardware (or punted to software on RX like you do > > on TX). The danger is that the hardware corrupts CCMP encrypted RX mgmt > > frames and software can't recover. > At least for AR9170, there's a bit which tells the > hardware not do decrypt any management frames: > AR9170_MAC_ENCRYPTION_MGMT_RX_SOFTWARE > > Of course, this 'very' patch sets it. Also, > in case of carl9170, it was easy to verify as > the device can easily establish BA sessions with > the 11w ap and the action mgmt frames are > properly encrypted on both sides. Ok, cool! Just making sure ... :-) johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
