Key handling in mac80211 is done based on per-interface (sub_if_data) keys and per-station keys. Since each station belongs to an interface, each station key also belongs to that interface.

Hardware acceleration is done on a best-effort basis, for each key that is eligible the hardware is asked to enable that key but if it cannot do that they key is simply kept for software encryption. There is currently no way of knowing this except by looking into debugfs.

All key operations are protected internally so you can call them at any time.

Within mac80211, key references are, just as STA structure references, protected by RCU. Note, however, that some things are unprotected, namely the key->sta dereferences within the hardware acceleration functions. This means that sta_info_destroy must flush the key todo list.

All the direct key list manipulation functions must not sleep because they can operate on STA info structs that are protected by RCU.