On Fri, 2018-05-04 at 12:20 +0530, Manikanta Pubbisetty wrote:
> Johannes,
>
> It seems like commit db3bdcb9c3ff ("mac80211: allow AP_VLAN operation on
> crypto controlled devices") has broken 4-addr operation on crypto
> controlled devices as reported by sebastian.
> The commit was mainly focused in addressing the problem in supporting
> VLANs on crypto controlled devices but since 4-addr mode is also
> dependent on AP_VLAN interface, this commit breaks the 4-addr AP mode.
Ok.
Do you know why it actually broke it? I mean, we should've turned off
the strict requirement for sw crypto control only for the GTK, and that
shouldn't matter so much?
> I have couple of ideas on how to address the problem,
>
> 1) Add a new hw_flag and based on the hardware flag, allow/disallow the
> creation of AP_VLAN interface.
>
> + * @IEEE80211_HW_SUPPORTS_SW_ENCRYPT: Device is capable of transmitting
> + * frames encrypted in software, only valid when SW_CRYPTO_CONTROL
> + * is enabled. Based on this flag, mac80211 can allow/disallow VLAN
> + * operations in the BSS.
Based on the name and initial description, this sounds equivalent to
just turning off SW_CRYPTO_CONTROL. I think that's not the intent, but
would need some renaming.
> 2) Allow mac80211 to call set_key for GTKs on AP_VLAN interfaces for
> crypto controlled devices, let the driver decide whether to return '1'
> or some error code based on their support for transmitting sw encrypted
> frames. I am little skeptical with this approach as drivers are totally
> unaware of AP_VLAN interfaces.
No, that won't work.
I'm unsure how 4-addr VLAN can work with ath10k either way?
Maybe it just doesn't normally need a GTK, so nothing broke before, but
your other patch changed things to remove VLAN and then of course it's
no longer available?
But then I don't understand the complaint that
So maybe the solution should be to add a separate flag for whether or
not 4-addr VLAN is supported?
johannes
