mirror of
https://github.com/torvalds/linux.git
synced 2024-12-14 15:13:52 +00:00
staging: wfx: fix CCMP/TKIP replay protection
To enable the TKIP/CCMP replay protection, the frames has to be processed in the right order. However, the device is not able to re-order the frames during BlockAck sessions. Mac80211 is able to reorder the frames, but it need the information about the BlockAck sessions start and stop. Unfortunately, since the BlockAck is fully handled by the hardware, these frames were not forwarded to the host. So, if the driver ask to mac80211 to apply the replay protection, it drop all misordered frames. So, until now, the driver explicitly asked to mac80211 to not apply the CCMP/TKIP replay protection. The situation has changed with the API 3.4 of the device firmware. The firmware forward the BlockAck information. Mac80211 is now able to correctly reorder the frames. There is no more reasons to drop cryptographic data. This patch also impact the older firmwares. There will be a performance impact on these firmware (since the misordered frames will dropped). However, we can't keep the replay protection disabled. Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com> Link: https://lore.kernel.org/r/20200701150707.222985-12-Jerome.Pouiller@silabs.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
bbc409e276
commit
e5da5fbd77
@ -13,6 +13,24 @@
|
||||
#include "bh.h"
|
||||
#include "sta.h"
|
||||
|
||||
static void wfx_rx_handle_ba(struct wfx_vif *wvif, struct ieee80211_mgmt *mgmt)
|
||||
{
|
||||
int params, tid;
|
||||
|
||||
switch (mgmt->u.action.u.addba_req.action_code) {
|
||||
case WLAN_ACTION_ADDBA_REQ:
|
||||
params = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
|
||||
tid = (params & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
|
||||
ieee80211_start_rx_ba_session_offl(wvif->vif, mgmt->sa, tid);
|
||||
break;
|
||||
case WLAN_ACTION_DELBA:
|
||||
params = le16_to_cpu(mgmt->u.action.u.delba.params);
|
||||
tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
|
||||
ieee80211_stop_rx_ba_session_offl(wvif->vif, mgmt->sa, tid);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
void wfx_rx_cb(struct wfx_vif *wvif,
|
||||
const struct hif_ind_rx *arg, struct sk_buff *skb)
|
||||
{
|
||||
@ -53,15 +71,18 @@ void wfx_rx_cb(struct wfx_vif *wvif,
|
||||
hdr->antenna = 0;
|
||||
|
||||
if (arg->rx_flags.encryp)
|
||||
hdr->flag |= RX_FLAG_DECRYPTED | RX_FLAG_PN_VALIDATED;
|
||||
hdr->flag |= RX_FLAG_DECRYPTED;
|
||||
|
||||
/* Filter block ACK negotiation: fully controlled by firmware */
|
||||
// Block ack negociation is offloaded by the firmware. However,
|
||||
// re-ordering must be done by the mac80211.
|
||||
if (ieee80211_is_action(frame->frame_control) &&
|
||||
arg->rx_flags.match_uc_addr &&
|
||||
mgmt->u.action.category == WLAN_CATEGORY_BACK)
|
||||
mgmt->u.action.category == WLAN_CATEGORY_BACK &&
|
||||
skb->len > IEEE80211_MIN_ACTION_SIZE) {
|
||||
wfx_rx_handle_ba(wvif, mgmt);
|
||||
goto drop;
|
||||
ieee80211_rx_irqsafe(wvif->wdev->hw, skb);
|
||||
}
|
||||
|
||||
ieee80211_rx_irqsafe(wvif->wdev->hw, skb);
|
||||
return;
|
||||
|
||||
drop:
|
||||
|
@ -418,7 +418,8 @@ void wfx_tx(struct ieee80211_hw *hw, struct ieee80211_tx_control *control,
|
||||
wvif = wvif_iterate(wdev, NULL);
|
||||
if (WARN_ON(!wvif))
|
||||
goto drop;
|
||||
// FIXME: why?
|
||||
// Because of TX_AMPDU_SETUP_IN_HW, mac80211 does not try to send any
|
||||
// BlockAck session management frame. The check below exist just in case.
|
||||
if (ieee80211_is_action_back(hdr)) {
|
||||
dev_info(wdev->dev, "drop BA action\n");
|
||||
goto drop;
|
||||
|
Loading…
Reference in New Issue
Block a user