From: Johannes Berg <johannes@sipsolutions.net>
To: Juuso Oikarinen <juuso.oikarinen@nokia.com>
Cc: John Linville <linville@tuxdriver.com>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Subject: Re: [PATCH 3/5] mac80211: remove unused status flag checks
Date: Wed, 11 Aug 2010 14:39:16 +0200 [thread overview]
Message-ID: <1281530356.3674.3.camel@jlt3.sipsolutions.net> (raw)
In-Reply-To: <1281528765.6475.163.camel@wimaxnb.nmp.nokia.com>
On Wed, 2010-08-11 at 15:12 +0300, Juuso Oikarinen wrote:
> > > The decryption code verifies whether or not
> > > a given frame was decrypted and verified by
> > > hardware. This is unnecessary, as the crypto
> > > RX handler already does it long before the
> > > decryption code is even invoked, so remove
> > > that code to avoid confusion.
> > >
> > > Signed-off-by: Johannes Berg <johannes.berg@intel.com>
> > > ---
> > > net/mac80211/wpa.c | 26 ++++++--------------------
> > > 1 file changed, 6 insertions(+), 20 deletions(-)
> > >
> >
> > This patch for some reason seems to break wl1271 WPA - association
> > succeeds but encrypted data transfer fails.
> >
> > I still don't know why, but I'm looking into it.
> >
>
> It appears, that in function ieee80211_rx_h_decrypt we go here:
>
> if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
> rx->key = stakey;
> /* Skip decryption if the frame is not protected. */
> if (!ieee80211_has_protected(hdr->frame_control))
> return RX_CONTINUE;
>
> And here, as the frame is protected, we go out of the if, and end up in
> tkip_decrypt, which with this patch no longer checks whether the frame
> is already decrypted.
>
> The frame then ends up dropped.
Err, you're right, sorry about that. There are too many paths here. How
about this patch?
johannes
--- wireless-testing.orig/net/mac80211/rx.c 2010-08-11 14:37:13.000000000 +0200
+++ wireless-testing/net/mac80211/rx.c 2010-08-11 14:38:13.000000000 +0200
@@ -873,6 +873,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_
if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
rx->key = stakey;
+ if ((status->flag & RX_FLAG_DECRYPTED) &&
+ (status->flag & RX_FLAG_IV_STRIPPED))
+ return RX_CONTINUE;
/* Skip decryption if the frame is not protected. */
if (!ieee80211_has_protected(fc))
return RX_CONTINUE;
next prev parent reply other threads:[~2010-08-11 12:39 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
2010-08-10 7:46 ` [PATCH 1/5] mac80211: use cipher suite selectors Johannes Berg
2010-08-10 7:46 ` [PATCH 2/5] mac80211: move key tfm setup Johannes Berg
2010-08-10 7:46 ` [PATCH 3/5] mac80211: remove unused status flag checks Johannes Berg
2010-08-11 11:51 ` Juuso Oikarinen
2010-08-11 12:12 ` Juuso Oikarinen
2010-08-11 12:39 ` Johannes Berg [this message]
2010-08-12 4:57 ` Juuso Oikarinen
2010-08-10 7:46 ` [PATCH 4/5] mac80211: dont advertise WEP if unavailable Johannes Berg
2010-08-10 7:46 ` [PATCH 5/5] cfg80211: check if WEP is available for shared key auth Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1281530356.3674.3.camel@jlt3.sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=juuso.oikarinen@nokia.com \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).