net80211: document the crypto enmic/demic functions.
Needs ReviewPublic
Actions

Authored by adrian on Sun, Mar 16, 6:16 PM.

Details

Reviewers

None

Group Reviewers

Summary

These functions implement what's needed for TKIP Michael MIC - which
is performed over the entire unencrypted MSDU. Each potential
fragmented MPDU is encrypted and has its own ICV/MIC.

CCMP/GCMP encrypts each MPDU separately (including the MPDUs that make
up an A-MPDU), so they'll implement null functions here and instead do
the MIC/ICV insertion inline in the crypto functions themselves.

Hopefully this makes it a bit clearer on how things should behave, and
will help figure out and clean up what further hardware offload
features we need.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 62937
Build 59821: arc lint + arc unit

Event Timeline

adrian created this revision.Sun, Mar 16, 6:16 PM

Herald added subscribers: glebius, melifaro, imp. · View Herald TranscriptSun, Mar 16, 6:16 PM

adrian requested review of this revision.Sun, Mar 16, 6:16 PM

Harbormaster completed remote builds in B62937: Diff 152331.Sun, Mar 16, 6:16 PM

adrian added a parent revision: D49370: uath: add support for GCMP-128 encryption.Sun, Mar 16, 6:17 PM

adrian added a reviewer: wireless.

adrian added a project: wireless.

adrian added a child revision: D49393: net80211: fail setting a key if the cipher isn't HW/SW supported.Mon, Mar 17, 3:25 AM

If both are TKIP-only I keep contemplating if they should be called mmic and we are done ;-)

bz added inline comments.Tue, Mar 18, 11:05 AM

sys/net80211/ieee80211_crypto.h
219	Can we add a comment here above the two: /* See ieee80211_crypto_enmic() / ieee80211_crypto_demic() for description. / Just to make it clearer if we don't rename them to mmic. Or: / Currently only used by TKIP. See ieee80211_crypto_enmic() / ieee80211_crypto_demic() for description. */