linux/net/mac80211
Jouni Malinen 0c7c10c7cc mac80211: Drop unencrypted frames based on key setup
When using nl80211, we do not have a mechanism to set
sdata->drop_unencrypted. Currently, this breaks code that is supposed
to drop unencrypted frames when protection is expected since
ieee80211_rx_h_decrypt() is optimized to not set rx->key when the
frame is not protected.

This patch modifies ieee80211_rx_h_decrypt() to set rx->key for all
frames and only skip decryption if the frame is not protected. This
allows ieee80211_drop_unencrypted() to correctly drop frames even if
drop_unencrypted is not set.

The changes here are not enough to handle all cases, though. Additional
patches will be needed to implement proper IEEE 802.1X PAE for station
mode (currently, this is only used for AP mode) and some additional
rules are needed for MFP to drop unprotected Robust Action frames prior
to having PTK and IGTK configured.

In theory, the unprotected frames could and should be dropped in
ieee80211_rx_h_decrypt(). However, due to the special case with EAPOL
frames that have to be allowed to be received unprotected even when
keys are set, it is simpler to only set rx->key and allow the
ieee80211_frame_allowed() function to handle the actual dropping of
data frames after 802.11->802.3 header conversion. In addition,
unprotected robust management frames are dropped before they are
processed.

Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2009-05-11 15:23:55 -04:00
..
aes_ccm.c mac80211: aes_ccm.c remove crypto wrapper and extra args 2008-07-08 14:16:02 -04:00
aes_ccm.h mac80211: pass scratch buffer directly, remove additional pointers 2008-07-08 14:16:02 -04:00
aes_cmac.c mac80211: 802.11w - Add BIP (AES-128-CMAC) 2009-01-29 16:00:02 -05:00
aes_cmac.h mac80211: 802.11w - Add BIP (AES-128-CMAC) 2009-01-29 16:00:02 -05:00
agg-rx.c mac80211: Add a timeout for frames in the RX reorder buffer 2009-05-06 15:15:04 -04:00
agg-tx.c mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
cfg.c nl80211 : Add support for configuring MFP 2009-05-11 15:23:54 -04:00
cfg.h [MAC80211]: rename ieee80211_cfg.h to cfg.h 2007-10-10 16:52:34 -07:00
debugfs_key.c mac80211: 802.11w - Use BIP (AES-128-CMAC) 2009-01-29 16:00:03 -05:00
debugfs_key.h mac80211: 802.11w - Use BIP (AES-128-CMAC) 2009-01-29 16:00:03 -05:00
debugfs_netdev.c mac80211: split IBSS/managed code 2009-02-27 14:51:42 -05:00
debugfs_netdev.h mac80211: revamp virtual interface handling 2008-07-14 14:30:07 -04:00
debugfs_sta.c mac80211: 802.11w - STA flag for MFP 2009-01-29 16:00:00 -05:00
debugfs_sta.h mac80211: RCU-ify STA info structure access 2008-03-06 15:30:46 -05:00
debugfs.c mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
debugfs.h
driver-ops.h mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
event.c nl80211: Add Michael MIC failure event 2009-04-22 16:54:28 -04:00
ht.c cfg80211: clean up includes 2009-04-22 16:57:17 -04:00
ibss.c mac80211: tell driver when idle 2009-05-06 15:14:51 -04:00
ieee80211_i.h mac80211: tell driver when idle 2009-05-06 15:14:51 -04:00
iface.c mac80211: fix scan channel race 2009-05-11 15:23:54 -04:00
Kconfig mac80211: enable PS by default 2009-04-22 16:57:16 -04:00
key.c mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
key.h mac80211: 802.11w - Use BIP (AES-128-CMAC) 2009-01-29 16:00:03 -05:00
led.c mac80211: rename files 2008-04-08 16:44:45 -04:00
led.h mac80211: rename files 2008-04-08 16:44:45 -04:00
main.c mac80211: fix scan channel race 2009-05-11 15:23:54 -04:00
Makefile mac80211: split IBSS/managed code 2009-02-27 14:51:42 -05:00
mesh_hwmp.c mac80211: fix RX aggregation timeouts 2009-02-13 13:45:32 -05:00
mesh_pathtbl.c mac80211: mesh portal functionality support 2008-09-24 16:18:02 -04:00
mesh_plink.c wireless: restrict to 32 legacy rates 2009-01-29 16:01:09 -05:00
mesh.c mac80211: unify config_interface and bss_info_changed 2009-05-06 15:14:36 -04:00
mesh.h mac80211: use cfg80211s BSS infrastructure 2009-02-13 13:45:58 -05:00
michael.c mac80211: remove ieee80211_get_hdr_info 2008-07-08 14:16:01 -04:00
michael.h mac80211: remove ieee80211_get_hdr_info 2008-07-08 14:16:01 -04:00
mlme.c mac80211: set default QoS values according to spec 2009-05-11 15:23:54 -04:00
pm.c mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
rate.c mac80211: rate control status only for controlled packets 2009-03-27 20:13:15 -04:00
rate.h mac80211: rate control status only for controlled packets 2009-03-27 20:13:15 -04:00
rc80211_minstrel_debugfs.c mac80211: correct warnings in minstrel rate control algorithm 2008-10-27 17:46:11 -04:00
rc80211_minstrel.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 2009-05-08 12:46:17 -07:00
rc80211_minstrel.h minstrel: improve performance for non-MRR drivers 2008-10-31 19:00:36 -04:00
rc80211_pid_algo.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 2009-05-08 12:46:17 -07:00
rc80211_pid_debugfs.c mac80211/drivers: rewrite the rate control API 2008-10-31 19:00:23 -04:00
rc80211_pid.h mac80211/drivers: rewrite the rate control API 2008-10-31 19:00:23 -04:00
rx.c mac80211: Drop unencrypted frames based on key setup 2009-05-11 15:23:55 -04:00
scan.c mac80211: fix scan channel race 2009-05-11 15:23:54 -04:00
spectmgmt.c cfg80211: clean up includes 2009-04-22 16:57:17 -04:00
sta_info.c mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
sta_info.h mac80211: Add a timeout for frames in the RX reorder buffer 2009-05-06 15:15:04 -04:00
tkip.c mac80211: add driver ops wrappers 2009-05-06 15:14:37 -04:00
tkip.h mac80211: tkip.c consolidate tkip IV writing in helper 2008-06-14 12:18:13 -04:00
tx.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 2009-05-08 12:46:17 -07:00
util.c mac80211: set default QoS values according to spec 2009-05-11 15:23:54 -04:00
wep.c mac80211: rewrite fragmentation 2009-03-27 20:13:21 -04:00
wep.h mac80211: minor code cleanups 2008-10-31 18:05:59 -04:00
wext.c mac80211: report operating frequency rather than current 2009-05-06 15:15:02 -04:00
wme.c mac80211: Fix WMM ACM parsing and AC downgrade operation 2009-03-16 18:09:27 -04:00
wme.h mac80211: fix aggregation for hardware with ampdu queues 2009-02-27 14:51:42 -05:00
wpa.c nl80211: Add Michael MIC failure event 2009-04-22 16:54:28 -04:00
wpa.h mac80211: 802.11w - Add BIP (AES-128-CMAC) 2009-01-29 16:00:02 -05:00