From: Juuso Oikarinen <juuso.oikarinen@nokia.com>
To: ext Johannes Berg <johannes@sipsolutions.net>
Cc: John Linville <linville@tuxdriver.com>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Subject: Re: [PATCH 3/5] mac80211: remove unused status flag checks
Date: Thu, 12 Aug 2010 07:57:23 +0300 [thread overview]
Message-ID: <1281589043.6475.164.camel@wimaxnb.nmp.nokia.com> (raw)
In-Reply-To: <1281530356.3674.3.camel@jlt3.sipsolutions.net>
On Wed, 2010-08-11 at 14:39 +0200, ext Johannes Berg wrote:
> On Wed, 2010-08-11 at 15:12 +0300, Juuso Oikarinen wrote:
>
> > > > The decryption code verifies whether or not
> > > > a given frame was decrypted and verified by
> > > > hardware. This is unnecessary, as the crypto
> > > > RX handler already does it long before the
> > > > decryption code is even invoked, so remove
> > > > that code to avoid confusion.
> > > >
> > > > Signed-off-by: Johannes Berg <johannes.berg@intel.com>
> > > > ---
> > > > net/mac80211/wpa.c | 26 ++++++--------------------
> > > > 1 file changed, 6 insertions(+), 20 deletions(-)
> > > >
> > >
> > > This patch for some reason seems to break wl1271 WPA - association
> > > succeeds but encrypted data transfer fails.
> > >
> > > I still don't know why, but I'm looking into it.
> > >
> >
> > It appears, that in function ieee80211_rx_h_decrypt we go here:
> >
> > if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
> > rx->key = stakey;
> > /* Skip decryption if the frame is not protected. */
> > if (!ieee80211_has_protected(hdr->frame_control))
> > return RX_CONTINUE;
> >
> > And here, as the frame is protected, we go out of the if, and end up in
> > tkip_decrypt, which with this patch no longer checks whether the frame
> > is already decrypted.
> >
> > The frame then ends up dropped.
>
> Err, you're right, sorry about that. There are too many paths here. How
> about this patch?
>
> johannes
>
> --- wireless-testing.orig/net/mac80211/rx.c 2010-08-11 14:37:13.000000000 +0200
> +++ wireless-testing/net/mac80211/rx.c 2010-08-11 14:38:13.000000000 +0200
> @@ -873,6 +873,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_
>
> if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
> rx->key = stakey;
> + if ((status->flag & RX_FLAG_DECRYPTED) &&
> + (status->flag & RX_FLAG_IV_STRIPPED))
> + return RX_CONTINUE;
> /* Skip decryption if the frame is not protected. */
> if (!ieee80211_has_protected(fc))
> return RX_CONTINUE;
>
>
This appears to work.
-Juus
next prev parent reply other threads:[~2010-08-12 4:58 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
2010-08-10 7:46 ` [PATCH 1/5] mac80211: use cipher suite selectors Johannes Berg
2010-08-10 7:46 ` [PATCH 2/5] mac80211: move key tfm setup Johannes Berg
2010-08-10 7:46 ` [PATCH 3/5] mac80211: remove unused status flag checks Johannes Berg
2010-08-11 11:51 ` Juuso Oikarinen
2010-08-11 12:12 ` Juuso Oikarinen
2010-08-11 12:39 ` Johannes Berg
2010-08-12 4:57 ` Juuso Oikarinen [this message]
2010-08-10 7:46 ` [PATCH 4/5] mac80211: dont advertise WEP if unavailable Johannes Berg
2010-08-10 7:46 ` [PATCH 5/5] cfg80211: check if WEP is available for shared key auth Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1281589043.6475.164.camel@wimaxnb.nmp.nokia.com \
--to=juuso.oikarinen@nokia.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).