Discussion:
[ath9k-devel] Cryptography of ath9k driver
Jeon
2016-10-26 06:53:36 UTC
Permalink
I am investigating how ath9k performs cryptography.

In slide 15 of DEFCON conference 2014 (link
<https://docs.google.com/presentation/d/1CofNlbHs2bLdJuW3VACzAImqesGQoktUTXS6zKgDDKI/edit#slide=id.g371192f19_070>),
it says, ath9k performs cryptography a on software side.

On the other hand, when I look into ath9k source codes, I found somethings
like below:

ath9k/common.c:162-166:

if (ah->sw_mgmt_crypto_rx &&
(rxs->flag & RX_FLAG_DECRYPTED) &&
ieee80211_is_mgmt(fc))
/* Use software decrypt for management frames. */
rxs->flag &= ~RX_FLAG_DECRYPTED;

As I understand, ath9k can choose hw/sw cryptography for management frames.
However, what about data frames? I couldn't find any clue about
cryptography for data frames.

Can I take it as ath9k already performs software cryptography for data
frames and shifts the responsibility of cryptography to mac80211 driver?
And exceptionally for management frames, can ath9k choose hw/sw
cryptography?

Regards,
Jeon.
Janusz Dziedzic
2016-10-26 10:38:07 UTC
Permalink
Post by Jeon
I am investigating how ath9k performs cryptography.
In slide 15 of DEFCON conference 2014 (link
<https://docs.google.com/presentation/d/1CofNlbHs2bLdJuW3VACzAImqesGQoktUTXS6zKgDDKI/edit#slide=id.g371192f19_070>),
it says, ath9k performs cryptography a on software side.
On the other hand, when I look into ath9k source codes, I found somethings
if (ah->sw_mgmt_crypto_rx &&
(rxs->flag & RX_FLAG_DECRYPTED) &&
ieee80211_is_mgmt(fc))
/* Use software decrypt for management frames. */
rxs->flag &= ~RX_FLAG_DECRYPTED;
As I understand, ath9k can choose hw/sw cryptography for management
frames. However, what about data frames? I couldn't find any clue about
cryptography for data frames.
Can I take it as ath9k already performs software cryptography for data
frames and shifts the responsibility of cryptography to mac80211 driver?
And exceptionally for management frames, can ath9k choose hw/sw
cryptography?
modinfo ath9k (check nohwcrypt param)

BR
Janusz
Jeon
2016-10-26 11:10:18 UTC
Permalink
Thanks for response.

Well, I mean, are those hardware cryptography and nohwcrypt modparam
applying only to management frames (i.e., are data frames already being
en/decrypted by using software cryptography in mac/ieee80211 kernel module?)

Regards,
Jeon.
Post by Janusz Dziedzic
Post by Jeon
I am investigating how ath9k performs cryptography.
In slide 15 of DEFCON conference 2014 (link
<https://docs.google.com/presentation/d/1CofNlbHs2bLdJuW3VACzAImqesGQoktUTXS6zKgDDKI/edit#slide=id.g371192f19_070>),
it says, ath9k performs cryptography a on software side.
On the other hand, when I look into ath9k source codes, I found
if (ah->sw_mgmt_crypto_rx &&
(rxs->flag & RX_FLAG_DECRYPTED) &&
ieee80211_is_mgmt(fc))
/* Use software decrypt for management frames. */
rxs->flag &= ~RX_FLAG_DECRYPTED;
As I understand, ath9k can choose hw/sw cryptography for management
frames. However, what about data frames? I couldn't find any clue about
cryptography for data frames.
Can I take it as ath9k already performs software cryptography for data
frames and shifts the responsibility of cryptography to mac80211 driver?
And exceptionally for management frames, can ath9k choose hw/sw
cryptography?
modinfo ath9k (check nohwcrypt param)
BR
Janusz
Adrian Chadd
2016-11-05 05:08:07 UTC
Permalink
hi,

person who gave talk here :)

so the mac does do wep, tkip, ccmp encryption. the mfp frames use
another encryption type that the mac doesn't do, so it is then done in
software.

each keycache entry in mac80211 tags things as hw or sw handled.

it clears that flag so mac80211 doesn't attempt to treat it as
decrypted by hardware. it overrides whatever the RX path has already
set up in that flag word.


-a
Post by Jeon
Thanks for response.
Well, I mean, are those hardware cryptography and nohwcrypt modparam
applying only to management frames (i.e., are data frames already being
en/decrypted by using software cryptography in mac/ieee80211 kernel module?)
Regards,
Jeon.
Post by Janusz Dziedzic
Post by Jeon
I am investigating how ath9k performs cryptography.
In slide 15 of DEFCON conference 2014 (link), it says, ath9k performs
cryptography a on software side.
On the other hand, when I look into ath9k source codes, I found
if (ah->sw_mgmt_crypto_rx &&
(rxs->flag & RX_FLAG_DECRYPTED) &&
ieee80211_is_mgmt(fc))
/* Use software decrypt for management frames. */
rxs->flag &= ~RX_FLAG_DECRYPTED;
As I understand, ath9k can choose hw/sw cryptography for management
frames. However, what about data frames? I couldn't find any clue about
cryptography for data frames.
Can I take it as ath9k already performs software cryptography for data
frames and shifts the responsibility of cryptography to mac80211 driver? And
exceptionally for management frames, can ath9k choose hw/sw cryptography?
modinfo ath9k (check nohwcrypt param)
BR
Janusz
_______________________________________________
ath9k-devel mailing list
https://lists.ath9k.org/mailman/listinfo/ath9k-devel
Loading...