diff mbox series

[09/10] wifi: mt76: mt7996: let upper layer handle MGMT frame protection

Message ID 20240320110918.3488-9-shayne.chen@mediatek.com (mailing list archive)
State New
Headers show
Series [01/10] wifi: mt76: connac: use peer address for station BMC entry | expand

Commit Message

Shayne Chen March 20, 2024, 11:09 a.m. UTC 
From: Michael-CY Lee <michael-cy.lee@mediatek.com>

The firmware support for management frame protection has limitations:
- do not support cipher BIP-GMAC-128 and BIP-GMAC-256
- support cipher BIP-CMAC-128 and BIP-CMAC-256, except action frame with
  action type 'not robust'.

Therefore, to simplify the logic, do not set the IGTK to firmware and
let the encryption of management frames be handled by upper layer.

Signed-off-by: Michael-CY Lee <michael-cy.lee@mediatek.com>
Signed-off-by: Shayne Chen <shayne.chen@mediatek.com>
---
 drivers/net/wireless/mediatek/mt76/mt7996/main.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Comments

Felix Fietkau April 3, 2024, 10:56 a.m. UTC | #1 
On 20.03.24 12:09, Shayne Chen wrote:
> From: Michael-CY Lee <michael-cy.lee@mediatek.com>
> 
> The firmware support for management frame protection has limitations:
> - do not support cipher BIP-GMAC-128 and BIP-GMAC-256
> - support cipher BIP-CMAC-128 and BIP-CMAC-256, except action frame with
>    action type 'not robust'.
> 
> Therefore, to simplify the logic, do not set the IGTK to firmware and
> let the encryption of management frames be handled by upper layer.
> 
> Signed-off-by: Michael-CY Lee <michael-cy.lee@mediatek.com>
> Signed-off-by: Shayne Chen <shayne.chen@mediatek.com>
> ---
>   drivers/net/wireless/mediatek/mt76/mt7996/main.c | 8 ++++----
>   1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/net/wireless/mediatek/mt76/mt7996/main.c b/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> index 338ff10b121d..4ab4d2bcbedc 100644
> --- a/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> +++ b/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> @@ -352,10 +352,6 @@ static int mt7996_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
>   
>   	/* fall back to sw encryption for unsupported ciphers */
>   	switch (key->cipher) {
> -	case WLAN_CIPHER_SUITE_AES_CMAC:
> -		wcid_keyidx = &wcid->hw_key_idx2;

Did you intend to drop the wcid_keyidx line? If so, I don't see anything 
related to that in the patch description.

- Felix
Shayne Chen April 8, 2024, 6:07 a.m. UTC | #2 
On Wed, 2024-04-03 at 12:56 +0200, Felix Fietkau wrote:
>  	 
> External email : Please do not click links or open attachments until
> you have verified the sender or the content.
>  On 20.03.24 12:09, Shayne Chen wrote:
> > From: Michael-CY Lee <michael-cy.lee@mediatek.com>
> > 
> > The firmware support for management frame protection has
> limitations:
> > - do not support cipher BIP-GMAC-128 and BIP-GMAC-256
> > - support cipher BIP-CMAC-128 and BIP-CMAC-256, except action frame
> with
> >    action type 'not robust'.
> > 
> > Therefore, to simplify the logic, do not set the IGTK to firmware
> and
> > let the encryption of management frames be handled by upper layer.
> > 
> > Signed-off-by: Michael-CY Lee <michael-cy.lee@mediatek.com>
> > Signed-off-by: Shayne Chen <shayne.chen@mediatek.com>
> > ---
> >   drivers/net/wireless/mediatek/mt76/mt7996/main.c | 8 ++++----
> >   1 file changed, 4 insertions(+), 4 deletions(-)
> > 
> > diff --git a/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> b/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> > index 338ff10b121d..4ab4d2bcbedc 100644
> > --- a/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> > +++ b/drivers/net/wireless/mediatek/mt76/mt7996/main.c
> > @@ -352,10 +352,6 @@ static int mt7996_set_key(struct ieee80211_hw
> *hw, enum set_key_cmd cmd,
> >   
> >   /* fall back to sw encryption for unsupported ciphers */
> >   switch (key->cipher) {
> > -case WLAN_CIPHER_SUITE_AES_CMAC:
> > -wcid_keyidx = &wcid->hw_key_idx2;
> 
> Did you intend to drop the wcid_keyidx line? If so, I don't see
> anything 
> related to that in the patch description.
> 
Hi Felix,

I missed that line, will send v2 to fix it.

Thanks,
Shayne
> - Felix
diff mbox series

Patch

diff --git a/drivers/net/wireless/mediatek/mt76/mt7996/main.c b/drivers/net/wireless/mediatek/mt76/mt7996/main.c
index 338ff10b121d..4ab4d2bcbedc 100644
--- a/drivers/net/wireless/mediatek/mt76/mt7996/main.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7996/main.c
@@ -352,10 +352,6 @@  static int mt7996_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
 
 	/* fall back to sw encryption for unsupported ciphers */
 	switch (key->cipher) {
-	case WLAN_CIPHER_SUITE_AES_CMAC:
-		wcid_keyidx = &wcid->hw_key_idx2;
-		key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE;
-		break;
 	case WLAN_CIPHER_SUITE_TKIP:
 	case WLAN_CIPHER_SUITE_CCMP:
 	case WLAN_CIPHER_SUITE_CCMP_256:
@@ -363,6 +359,10 @@  static int mt7996_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
 	case WLAN_CIPHER_SUITE_GCMP_256:
 	case WLAN_CIPHER_SUITE_SMS4:
 		break;
+	case WLAN_CIPHER_SUITE_AES_CMAC:
+		key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE;
+		fallthrough;
+	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 		if (key->keyidx == 6 || key->keyidx == 7)