On 2011-08-16 2:31 PM, Bill Jordan wrote:
I'm not quite sure what the correct fix is for this. Ath9k in AP mode with a TKIP security: If a connected station sends a management packet, the packet is truncated by 8 bytes before being delivered to hostapd. This prevents the station from reauthenticating or connecting to a different SSID on the same radio. In ath9k_rx_accept, for management packets, strip_mic will be true, and RX_FLAG_MMIC_STRIPPED will be set in rxs->flag. In ath9k_rx_skb_postprocess, if ah->sw_mgmt_crypto is set, RX_FLAG_DECRYPTED will be cleared. However, RX_FLAG_MMIC_STRIPPED will still be set, so, in ath_rx_tasklet, 8 bytes will be trimmed off the end of the skb. I'm thinking that in ath9k_rx_accept, is_valid_tkip should also consider ieee80211_is_mgmt(fc). But this wouldn't take into consideration ah->sw_mgmt_crypto. Alternatively, RX_FLAG_MMIC_STRIPPED could be cleared in ath9k_rx_skb_postprocess when RX_FLAG_DECRYPTED is cleared. I'm looking for input from someone who understands this code better.
We should probably just keep strip_mic set to false for mgmt frames. - Felix -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
