Sorry top posting. The issues in raw mode with CCMP-256, GCMP and GCMP-256 were already known and the same was captured in the commit log. As mentioned in the commit log, raw mode with these ciphers does not work even without this particular patch and it needs some cleanup like done in the follow up patch https://patchwork.kernel.org/patch/10029099/. Vasanth ________________________________________ From: Sebastian Gottschall <s.gottschall@xxxxxxxxxx> Sent: Tuesday, October 31, 2017 8:24 PM To: Kalle Valo Cc: ath10k@xxxxxxxxxxxxxxxxxxx; linux-wireless@xxxxxxxxxxxxxxx; Vasanthakumar Thiagarajan Subject: Re: [v3] ath10k: rebuild crypto header in rx data frames the same is for the MIC + /* MIC */ + if ((status->flag & RX_FLAG_MIC_STRIPPED) && + enctype == HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2) + skb_trim(msdu, msdu->len - 8); this code looks wrong too Am 30.10.2017 um 10:32 schrieb Sebastian Gottschall: > will check it tomorrow including gcmp-256, ccmp-256. was out for > weekend :-) > > Am 30.10.2017 um 09:39 schrieb Kalle Valo: >> Kalle Valo <kvalo@xxxxxxxxxxxxxxxx> wrote: >> >>> Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and >>> HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done >>> on host (mac80211) rather than firmware. Rebuild cipher header >>> in every received data frames (that are notified through those >>> HTT interfaces) from the rx_hdr_status tlv available in the >>> rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED >>> flag for the packets which requires mac80211 PN/TSC check support >>> and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X, >>> QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the >>> rebuilding of cipher header to perform PN/TSC check for replay >>> attack. >>> >>> Please note that removing crypto tail for CCMP-256, GCMP and >>> GCMP-256 ciphers >>> in raw mode needs to be fixed. Since Rx with these ciphers in raw >>> mode does not work in the current form even without this patch and >>> removing crypto tail for these chipers needs clean up, raw mode related >>> issues in CCMP-256, GCMP and GCMP-256 can be addressed in follow up >>> patches. >>> >>> Tested-by: Manikanta Pubbisetty <mpubbise@xxxxxxxxxxxxxxxx> >>> Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@xxxxxxxxxxxxxxxx> >>> Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxxxxxxxx> >> Patch applied to ath-current branch of ath.git, thanks. >> >> 7eccb738fce5 ath10k: rebuild crypto header in rx data frames >> > -- Mit freundlichen Grüssen / Regards Sebastian Gottschall / CTO NewMedia-NET GmbH - DD-WRT Firmensitz: Stubenwaldallee 21a, 64625 Bensheim Registergericht: Amtsgericht Darmstadt, HRB 25473 Geschäftsführer: Peter Steinhäuser, Christian Scheele http://www.dd-wrt.com email: s.gottschall@xxxxxxxxxx Tel.: +496251-582650 / Fax: +496251-5826565
