From: Mathy Vanhoef <vanhoefm@gmail.com>
To: Luca Coelho <luca@coelho.fi>
Cc: Kalle Valo <kvalo@codeaurora.org>,
linux-wireless <linux-wireless@vger.kernel.org>
Subject: Re: [PATCH 07/12] iwlwifi: mvm: stop supporting swcrypto and bt_coex_active module parameters
Date: Thu, 1 Sep 2022 20:43:27 +0200 [thread overview]
Message-ID: <CAFXAJYy0iocmw6EuvzrhhG=Yq0w=6u++69Q28OQUVNe34kSLpQ@mail.gmail.com> (raw)
In-Reply-To: <iwlwifi.20200424182644.674a325b008b.Ifc925ca84500fb76c7b6f926a24a34ca777b4192@changeid>
Some of my scripts to detect WPA2 key reinstallations rely on
disabling hardware encryption/decryption to detect IV reuse (with a
virtual interface in monitor mode). Otherwise the hardware may strip
away the Packet Number meaning nonce reuse can't be detected. I
realize this may not be used often in practice, but in general it
would still be very useful to have the swcrypto parameter, it's very
useful when doing Wi-Fi experiments.
Mathy
Op vr 24 apr. 2020 om 17:50 schreef Luca Coelho <luca@coelho.fi>:
>
> From: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
>
> Leave them active for iwldvm. We do not test this configuration
> and there is no reason nowadays to allow this.
>
> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
> Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
> ---
> drivers/net/wireless/intel/iwlwifi/mvm/coex.c | 7 ++--
> drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 31 ++++++--------
> .../net/wireless/intel/iwlwifi/mvm/mac80211.c | 42 ++++++++-----------
> 3 files changed, 33 insertions(+), 47 deletions(-)
>
> diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/coex.c b/drivers/net/wireless/intel/iwlwifi/mvm/coex.c
> index 3d2abbc5c76c..5ae22cd7ecdb 100644
> --- a/drivers/net/wireless/intel/iwlwifi/mvm/coex.c
> +++ b/drivers/net/wireless/intel/iwlwifi/mvm/coex.c
> @@ -5,7 +5,7 @@
> *
> * GPL LICENSE SUMMARY
> *
> - * Copyright(c) 2013 - 2014 Intel Corporation. All rights reserved.
> + * Copyright(c) 2013 - 2014, 2018 - 2020 Intel Corporation. All rights reserved.
> * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
> *
> * This program is free software; you can redistribute it and/or modify
> @@ -26,7 +26,7 @@
> *
> * BSD LICENSE
> *
> - * Copyright(c) 2013 - 2014 Intel Corporation. All rights reserved.
> + * Copyright(c) 2013 - 2014, 2018 - 2020 Intel Corporation. All rights reserved.
> * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
> * All rights reserved.
> *
> @@ -216,8 +216,7 @@ int iwl_mvm_send_bt_init_conf(struct iwl_mvm *mvm)
> goto send_cmd;
> }
>
> - mode = iwlwifi_mod_params.bt_coex_active ? BT_COEX_NW : BT_COEX_DISABLE;
> - bt_cmd.mode = cpu_to_le32(mode);
> + bt_cmd.mode = cpu_to_le32(BT_COEX_NW);
>
> if (IWL_MVM_BT_COEX_SYNC2SCO)
> bt_cmd.enabled_modules |=
> diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/d3.c b/drivers/net/wireless/intel/iwlwifi/mvm/d3.c
> index 222775714859..89096bcb053e 100644
> --- a/drivers/net/wireless/intel/iwlwifi/mvm/d3.c
> +++ b/drivers/net/wireless/intel/iwlwifi/mvm/d3.c
> @@ -5,10 +5,9 @@
> *
> * GPL LICENSE SUMMARY
> *
> - * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
> + * Copyright(c) 2012 - 2014, 2018 - 2020 Intel Corporation. All rights reserved.
> * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
> * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
> - * Copyright(c) 2018 - 2019 Intel Corporation
> *
> * This program is free software; you can redistribute it and/or modify
> * it under the terms of version 2 of the GNU General Public License as
> @@ -28,10 +27,9 @@
> *
> * BSD LICENSE
> *
> - * Copyright(c) 2012 - 2014 Intel Corporation. All rights reserved.
> + * Copyright(c) 2012 - 2014, 2018 - 2020 Intel Corporation. All rights reserved.
> * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
> * Copyright(c) 2016 - 2017 Intel Deutschland GmbH
> - * Copyright(c) 2018 - 2019 Intel Corporation
> * All rights reserved.
> *
> * Redistribution and use in source and binary forms, with or without
> @@ -80,9 +78,6 @@ void iwl_mvm_set_rekey_data(struct ieee80211_hw *hw,
> struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw);
> struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
>
> - if (iwlwifi_mod_params.swcrypto)
> - return;
> -
> mutex_lock(&mvm->mutex);
>
> memcpy(mvmvif->rekey_data.kek, data->kek, NL80211_KEK_LEN);
> @@ -843,18 +838,16 @@ iwl_mvm_wowlan_config(struct iwl_mvm *mvm,
> return ret;
> }
>
> - if (!iwlwifi_mod_params.swcrypto) {
> - /*
> - * This needs to be unlocked due to lock ordering
> - * constraints. Since we're in the suspend path
> - * that isn't really a problem though.
> - */
> - mutex_unlock(&mvm->mutex);
> - ret = iwl_mvm_wowlan_config_key_params(mvm, vif, CMD_ASYNC);
> - mutex_lock(&mvm->mutex);
> - if (ret)
> - return ret;
> - }
> + /*
> + * This needs to be unlocked due to lock ordering
> + * constraints. Since we're in the suspend path
> + * that isn't really a problem though.
> + */
> + mutex_unlock(&mvm->mutex);
> + ret = iwl_mvm_wowlan_config_key_params(mvm, vif, CMD_ASYNC);
> + mutex_lock(&mvm->mutex);
> + if (ret)
> + return ret;
>
> ret = iwl_mvm_send_cmd_pdu(mvm, WOWLAN_CONFIGURATION, 0,
> sizeof(*wowlan_config_cmd),
> diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c b/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
> index 853ba7b8bf3f..ee3d2ff432f7 100644
> --- a/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
> +++ b/drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c
> @@ -475,23 +475,23 @@ int iwl_mvm_mac_setup_register(struct iwl_mvm *mvm)
> hw->wiphy->n_cipher_suites++;
> }
>
> - /* Enable 11w if software crypto is not enabled (as the
> - * firmware will interpret some mgmt packets, so enabling it
> - * with software crypto isn't safe).
> - */
> - if (!iwlwifi_mod_params.swcrypto) {
> - ieee80211_hw_set(hw, MFP_CAPABLE);
> + if (iwlwifi_mod_params.swcrypto)
> + IWL_ERR(mvm,
> + "iwlmvm doesn't allow to disable HW crypto, check swcrypto module parameter\n");
> + if (!iwlwifi_mod_params.bt_coex_active)
> + IWL_ERR(mvm,
> + "iwlmvm doesn't allow to disable BT Coex, check bt_coex_active module parameter\n");
> +
> + ieee80211_hw_set(hw, MFP_CAPABLE);
> + mvm->ciphers[hw->wiphy->n_cipher_suites] = WLAN_CIPHER_SUITE_AES_CMAC;
> + hw->wiphy->n_cipher_suites++;
> + if (iwl_mvm_has_new_rx_api(mvm)) {
> mvm->ciphers[hw->wiphy->n_cipher_suites] =
> - WLAN_CIPHER_SUITE_AES_CMAC;
> + WLAN_CIPHER_SUITE_BIP_GMAC_128;
> + hw->wiphy->n_cipher_suites++;
> + mvm->ciphers[hw->wiphy->n_cipher_suites] =
> + WLAN_CIPHER_SUITE_BIP_GMAC_256;
> hw->wiphy->n_cipher_suites++;
> - if (iwl_mvm_has_new_rx_api(mvm)) {
> - mvm->ciphers[hw->wiphy->n_cipher_suites] =
> - WLAN_CIPHER_SUITE_BIP_GMAC_128;
> - hw->wiphy->n_cipher_suites++;
> - mvm->ciphers[hw->wiphy->n_cipher_suites] =
> - WLAN_CIPHER_SUITE_BIP_GMAC_256;
> - hw->wiphy->n_cipher_suites++;
> - }
> }
>
> /* currently FW API supports only one optional cipher scheme */
> @@ -697,10 +697,9 @@ int iwl_mvm_mac_setup_register(struct iwl_mvm *mvm)
> WIPHY_WOWLAN_EAP_IDENTITY_REQ |
> WIPHY_WOWLAN_RFKILL_RELEASE |
> WIPHY_WOWLAN_NET_DETECT;
> - if (!iwlwifi_mod_params.swcrypto)
> - mvm->wowlan.flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY |
> - WIPHY_WOWLAN_GTK_REKEY_FAILURE |
> - WIPHY_WOWLAN_4WAY_HANDSHAKE;
> + mvm->wowlan.flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY |
> + WIPHY_WOWLAN_GTK_REKEY_FAILURE |
> + WIPHY_WOWLAN_4WAY_HANDSHAKE;
>
> mvm->wowlan.n_patterns = IWL_WOWLAN_MAX_PATTERNS;
> mvm->wowlan.pattern_min_len = IWL_WOWLAN_MIN_PATTERN_LEN;
> @@ -3366,11 +3365,6 @@ static int __iwl_mvm_mac_set_key(struct ieee80211_hw *hw,
> int ret, i;
> u8 key_offset;
>
> - if (iwlwifi_mod_params.swcrypto) {
> - IWL_DEBUG_MAC80211(mvm, "leave - hwcrypto disabled\n");
> - return -EOPNOTSUPP;
> - }
> -
> switch (key->cipher) {
> case WLAN_CIPHER_SUITE_TKIP:
> if (!mvm->trans->trans_cfg->gen2) {
> --
> 2.26.2
>
next prev parent reply other threads:[~2022-09-01 18:43 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-24 15:48 [PATCH 00/12] iwlwifi: updates intended for v5.8 2020-04-24 Luca Coelho
2020-04-24 15:48 ` [PATCH 01/12] iwlwifi: fw api: fix PHY data 2/3 position Luca Coelho
2020-04-24 15:48 ` [PATCH 02/12] iwlwifi: yoyo: add support for parsing SHARED_MEM_ALLOC version 4 Luca Coelho
2020-04-24 15:48 ` [PATCH 03/12] iwlwifi: yoyo: use hweight_long instead of bit manipulating Luca Coelho
2020-04-24 15:48 ` [PATCH 04/12] iwlwifi: remove antenna_coupling module parameter Luca Coelho
2020-04-24 15:48 ` [PATCH 05/12] iwlwifi: yoyo: don't access TLV before verifying len Luca Coelho
2020-04-24 15:48 ` [PATCH 06/12] iwlwifi: mvm: add support for range request command version 9 Luca Coelho
2020-04-24 15:48 ` [PATCH 07/12] iwlwifi: mvm: stop supporting swcrypto and bt_coex_active module parameters Luca Coelho
2022-09-01 18:43 ` Mathy Vanhoef [this message]
2022-09-01 19:01 ` Luca Coelho
2020-04-24 15:48 ` [PATCH 08/12] iwlwifi: mvm: remove iwlmvm's tfd_q_hang_detect module parameter Luca Coelho
2020-04-24 15:48 ` [PATCH 09/12] iwlwifi: avoid debug max amsdu config overwriting itself Luca Coelho
2020-04-24 15:48 ` [PATCH 10/12] iwlwifi: mvm: set properly station flags in STA_HE_CTXT_CMD Luca Coelho
2020-04-24 15:48 ` [PATCH 11/12] iwlwifi: yoyo: add D3 resume timepoint Luca Coelho
2020-04-24 15:48 ` [PATCH 12/12] iwlwifi: bump FW API to 55 for AX devices Luca Coelho
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFXAJYy0iocmw6EuvzrhhG=Yq0w=6u++69Q28OQUVNe34kSLpQ@mail.gmail.com' \
--to=vanhoefm@gmail.com \
--cc=kvalo@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
--cc=luca@coelho.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.