Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp3148063ybl; Mon, 19 Aug 2019 13:04:02 -0700 (PDT) X-Google-Smtp-Source: APXvYqzQEwIjob/S18Ja+kOvq2rnH4c6G2BSk9xGR4S2RJUv9+FcUqXlYQuOBNAnJYTm9B5fZ6is X-Received: by 2002:a05:6a00:c7:: with SMTP id e7mr25983242pfj.52.1566245042516; Mon, 19 Aug 2019 13:04:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566245042; cv=none; d=google.com; s=arc-20160816; b=V1MFpxnFVzShj1qaYDrTxw9G9xT/3p+Kq+Dv+/6MDwXIr+U/fp6Hm6ucLxfG8b2f8J OJvc3AUH3HGp9VFqGST331jKt5sLBIOrE7rhIUCV3j1bUex3GQYcQBecrP2uMKg3A4eC OXe/5fM0zyCJcUwMQxqv9HNMdpdvgreN8/66bQJJ5mVrT9BeEaOULbn/xWjd8T6RSvPK FZPa7Zz5QTC/myf7U8UrqrgiwAK6EAti8ISWBWDG8EyxCg5y6AP74D78fxV1R5ucErHR 2Ym/CqY0sPcWYQmHm051kb+GVmyr1omD475A51wSiQkgUa+0Iy7WusWCEk/XYKnyXniE PnPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=wPaeMMoF5uT4awuYddxby0gUKx0rgSk4ChV4FNAwK5o=; b=yiC/7cGvxUUgyg27ASQYTeMIG+l0xVYbMPHb5FkrebbH50w3Tiiu6Sqa96m5Us0CsG KIkzFObpXixN0cQ+LD+RO8jqKR3A6Tg1NkSsr8q4XtURbnHKmZQZpawgOL/CPVrKH5tN XTAqbSDgKqJoy+QM9ng1XeFpuQ/rqCdRgzFU68UI3rKzkb3Ved2OeKTudSm0vljggoVy RaRsnGIRoUAGqzU7CRKzcd1yGtuyTXosiYHh8y3F3mT0zoLaSRhNAVozbT/T6DeLPZe/ fVlyiqNDkUcWBAQJ6XdfgZFuHRZKYqbBsVg3b65q3nDTqb1N5ZlP7zY1gs+qjcnm16RQ Vx8w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p1si11135525pff.247.2019.08.19.13.03.35; Mon, 19 Aug 2019 13:04:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728117AbfHSUDb (ORCPT + 99 others); Mon, 19 Aug 2019 16:03:31 -0400 Received: from s3.sipsolutions.net ([144.76.43.62]:47150 "EHLO sipsolutions.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727970AbfHSUDb (ORCPT ); Mon, 19 Aug 2019 16:03:31 -0400 Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1hznsG-0003hB-W0; Mon, 19 Aug 2019 22:03:29 +0200 Message-ID: <52914e64663283eeff9445b8b1fb37986c15223d.camel@sipsolutions.net> Subject: Re: [PATCH] iwlwifi: Extended Key ID support for mvm and dvm From: Johannes Berg To: Alexander Wetzel , luciano.coelho@intel.com Cc: linux-wireless@vger.kernel.org, linuxwifi@intel.com Date: Mon, 19 Aug 2019 22:03:27 +0200 In-Reply-To: References: <20190819180540.2855-1-alexander@wetzel-home.de> <204c346ab9fc71865e4cb5f5c29ec33ca05050e2.camel@sipsolutions.net> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.30.5 (3.30.5-1.fc29) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org On Mon, 2019-08-19 at 21:57 +0200, Alexander Wetzel wrote: > > > + > > > + /* The new Tx API does not allow to pass the key or keyid of a MPDU to > > > + * the hw, preventing us to control which key(id) to use per MPDU. > > > + * Till that's fixed we can't use Extended Key ID for the newer cards. > > > > Technically we still don't need per MPDU, we just need to switch which > > one to use for TX after installing it for RX already. > > The Extended Key ID API we finally merged in mac80211 is not notifying > the driver when to switch the key over to the other id. Oh, right, good point. > The current API provides the key/keyid per MPDU and let's mac80211 have > the full control what's the correct key for each frame. Yeah, but as you noticed we no longer have that control per MPDU with the new TX API in iwlmvm. > That's especially critical for drivers setting > IEEE80211_KEY_FLAG_GENERATE_IV and/or supporting A-MPDU's. Allowing the > driver to override the mac80211 decision is only safe when the > driver/card generates the PNs itself and also handles the A-MPDU key > borders correctly. Sure, the device does generate the PN itself now with the new TX API too. It doesn't care about A-MPDU key borders, but it probably could when taught to care about extended key ID. > While less desirable we still could get that working: The mvm driver > would have to detect the key borders and then tell the firmware to > switch over to the other key. But we would have to make sure to not > re-enable A-MPDU aggregation till the card really has switched. I'm not entirely sure off the top of my head how it works, but it seems possible that if we just assign a new PN to retransmits of the same frame but in a new A-MPDU after key switching, it wouldn't actually matter? But then again maybe somewhere it's stated that we must use the same key for all transmit attempts of a single frame? Not sure. I'm also not sure if we could actually assign a PN from the new key for the retransmit, the hardware has to store those back into memory normally. So probably you're right, and we'd have to disable A-MPDUs until we have no outstanding old-key-retransmits, but that seems manageable. johannes