On Fri, 2012-09-21 at 14:41 +0200, Stanislaw Gruszka wrote: > --- a/net/mac80211/wpa.c > +++ b/net/mac80211/wpa.c > @@ -97,6 +97,14 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) > return RX_CONTINUE; > > /* > + * Some hardware seems to generate Michael MIC failure reports; even > + * though, the frame was not encrypted with TKIP and therefore has no > + * MIC. Ignore the flag them to avoid triggering countermeasures. > + */ > + if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP) > + return RX_CONTINUE; > + > + /* > * No way to verify the MIC if the hardware stripped it or > * the IV with the key index. In this case we have solely rely > * on the driver to set RX_FLAG_MMIC_ERROR in the event of a Hm, this doesn't seem _quite_ right, but I'm not sure: it seems that previously it was possible that we don't have a key pointer but the driver set all of RX_FLAG_MMIC_STRIPPED, RX_FLAG_IV_STRIPPED and RX_FLAG_MMIC_ERROR, in which case after your change the frame will be accepted rather than rejected. johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
