From: Jerome Pouiller <Jerome.Pouiller@silabs.com>
To: devel@driverdev.osuosl.org, linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Kalle Valo" <kvalo@codeaurora.org>,
"David S . Miller" <davem@davemloft.net>,
"Jérôme Pouiller" <jerome.pouiller@silabs.com>
Subject: [PATCH 05/12] staging: wfx: fix support for cipher AES_CMAC (multicast PMF)
Date: Thu, 20 Aug 2020 17:58:51 +0200 [thread overview]
Message-ID: <20200820155858.351292-5-Jerome.Pouiller@silabs.com> (raw)
In-Reply-To: <20200820155858.351292-1-Jerome.Pouiller@silabs.com>
From: Jérôme Pouiller <jerome.pouiller@silabs.com>
When MFP is enabled, the multicast management frames are not protected,
in fact. Instead, but they should include an IE containing the MMIC of
the frames (i.e. a cryptographic signature).
Until now, the driver didn't correctly detect this kind of frames (they
are not marked protected but they are associated to a key) and didn't
ask to the device to encrypt them.
In add, the device is not able to generate the IE itself. Mac80211 has
to generate the IE and let the device compute the MMIC.
Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com>
---
drivers/staging/wfx/data_tx.c | 5 +++--
drivers/staging/wfx/key.c | 4 ++--
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/wfx/data_tx.c b/drivers/staging/wfx/data_tx.c
index 41f9afd41e14..d16b516ad7cf 100644
--- a/drivers/staging/wfx/data_tx.c
+++ b/drivers/staging/wfx/data_tx.c
@@ -325,6 +325,8 @@ static int wfx_tx_get_icv_len(struct ieee80211_key_conf *hw_key)
if (!hw_key)
return 0;
+ if (hw_key->cipher == WLAN_CIPHER_SUITE_AES_CMAC)
+ return 0;
mic_space = (hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) ? 8 : 0;
return hw_key->icv_len + mic_space;
}
@@ -350,8 +352,7 @@ static int wfx_tx_inner(struct wfx_vif *wvif, struct ieee80211_sta *sta,
memset(tx_info->rate_driver_data, 0, sizeof(struct wfx_tx_priv));
// Fill tx_priv
tx_priv = (struct wfx_tx_priv *)tx_info->rate_driver_data;
- if (ieee80211_has_protected(hdr->frame_control))
- tx_priv->hw_key = hw_key;
+ tx_priv->hw_key = hw_key;
// Fill hif_msg
WARN(skb_headroom(skb) < wmsg_len, "not enough space in skb");
diff --git a/drivers/staging/wfx/key.c b/drivers/staging/wfx/key.c
index 6165df59ecf9..728e5f8d3b7c 100644
--- a/drivers/staging/wfx/key.c
+++ b/drivers/staging/wfx/key.c
@@ -198,8 +198,8 @@ static int wfx_add_key(struct wfx_vif *wvif, struct ieee80211_sta *sta,
else
k.type = fill_sms4_group(&k.key.wapi_group_key, key);
} else if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
- k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key,
- &seq);
+ k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key, &seq);
+ key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE;
} else {
dev_warn(wdev->dev, "unsupported key type %d\n", key->cipher);
wfx_free_key(wdev, idx);
--
2.28.0
next prev parent reply other threads:[~2020-08-20 16:02 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-20 15:58 [PATCH 01/12] staging: wfx: fix BA when device is AP and MFP is enabled Jerome Pouiller
2020-08-20 15:58 ` [PATCH 02/12] staging: wfx: improve usage of hif_map_link() Jerome Pouiller
2020-08-20 15:58 ` [PATCH 03/12] staging: wfx: fix BA when MFP is disabled but BSS is MFP capable Jerome Pouiller
2020-08-20 15:58 ` [PATCH 04/12] staging: wfx: fix spaces around binary operators Jerome Pouiller
2020-08-20 15:58 ` Jerome Pouiller [this message]
2020-08-20 15:58 ` [PATCH 06/12] staging: wfx: drop useless field from struct wfx_tx_priv Jerome Pouiller
2020-08-20 15:58 ` [PATCH 07/12] staging: wfx: fix frame reordering Jerome Pouiller
2020-08-20 15:58 ` [PATCH 08/12] staging: wfx: fix potential use before init Jerome Pouiller
2020-08-20 15:58 ` [PATCH 09/12] staging: wfx: scan while AP is supported Jerome Pouiller
2020-08-20 15:58 ` [PATCH 10/12] staging: wfx: enable powersave on probe Jerome Pouiller
2020-08-20 15:58 ` [PATCH 11/12] staging: wfx: remove useless extra jiffy Jerome Pouiller
2020-08-20 15:58 ` [PATCH 12/12] staging: wfx: add workaround for 'timeout while wake up chip' Jerome Pouiller
2020-08-24 9:50 ` [PATCH 01/12] staging: wfx: fix BA when device is AP and MFP is enabled Dan Carpenter
2020-08-24 12:03 ` Jérôme Pouiller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200820155858.351292-5-Jerome.Pouiller@silabs.com \
--to=jerome.pouiller@silabs.com \
--cc=davem@davemloft.net \
--cc=devel@driverdev.osuosl.org \
--cc=gregkh@linuxfoundation.org \
--cc=kvalo@codeaurora.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).