Search Linux Wireless

Re: [v3] ath10k: rebuild crypto header in rx data frames

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



the following patchlines in the v3 patch look wrong

+               /* ICV */
+               if (status->flag & RX_FLAG_ICV_STRIPPED &&
+                   enctype != HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
+                       skb_trim(msdu, msdu->len -
+                                ath10k_htt_rx_crypto_tail_len(ar, enctype));


the enctype != wpa2 isnt enough since it also belongs to ccmp-256, gcmp modes etc.

my proposal

       if (status->flag & RX_FLAG_ICV_STRIPPED) {
           switch(enctype)
           {
           case HTT_RX_MPDU_ENCRYPT_WEP40:
           case HTT_RX_MPDU_ENCRYPT_WEP104:
-         case HTT_RX_MPDU_ENCRYPT_TKIP_WITHOUT_MIC:
           case HTT_RX_MPDU_ENCRYPT_TKIP_WPA:
               skb_trim(msdu, msdu->len -
                        ath10k_htt_rx_crypto_tail_len(ar, enctype));
           break;
           default:
           break;
          }
-     }


Am 30.10.2017 um 10:32 schrieb Sebastian Gottschall:
will check it tomorrow including gcmp-256, ccmp-256. was out for weekend :-)

Am 30.10.2017 um 09:39 schrieb Kalle Valo:
Kalle Valo <kvalo@xxxxxxxxxxxxxxxx> wrote:

Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and
HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done
on host (mac80211) rather than firmware. Rebuild cipher header
in every received data frames (that are notified through those
HTT interfaces) from the rx_hdr_status tlv available in the
rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED
flag for the packets which requires mac80211 PN/TSC check support
and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X,
QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the
rebuilding of cipher header to perform PN/TSC check for replay
attack.

Please note that removing crypto tail for CCMP-256, GCMP and GCMP-256 ciphers
in raw mode needs to be fixed. Since Rx with these ciphers in raw
mode does not work in the current form even without this patch and
removing crypto tail for these chipers needs clean up, raw mode related
issues in CCMP-256, GCMP and GCMP-256 can be addressed in follow up
patches.

Tested-by: Manikanta Pubbisetty <mpubbise@xxxxxxxxxxxxxxxx>
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@xxxxxxxxxxxxxxxx>
Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxxxxxxxx>
Patch applied to ath-current branch of ath.git, thanks.

7eccb738fce5 ath10k: rebuild crypto header in rx data frames



--
Mit freundlichen Grüssen / Regards

Sebastian Gottschall / CTO

NewMedia-NET GmbH - DD-WRT
Firmensitz:  Stubenwaldallee 21a, 64625 Bensheim
Registergericht: Amtsgericht Darmstadt, HRB 25473
Geschäftsführer: Peter Steinhäuser, Christian Scheele
http://www.dd-wrt.com
email: s.gottschall@xxxxxxxxxx
Tel.: +496251-582650 / Fax: +496251-5826565




[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux