On Fri, Sep 21, 2012 at 02:59:40PM +0200, Johannes Berg wrote: > On Fri, 2012-09-21 at 14:41 +0200, Stanislaw Gruszka wrote: > > > --- a/net/mac80211/wpa.c > > +++ b/net/mac80211/wpa.c > > @@ -97,6 +97,14 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) > > return RX_CONTINUE; > > > > /* > > + * Some hardware seems to generate Michael MIC failure reports; even > > + * though, the frame was not encrypted with TKIP and therefore has no > > + * MIC. Ignore the flag them to avoid triggering countermeasures. > > + */ > > + if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP) > > + return RX_CONTINUE; > > + > > + /* > > * No way to verify the MIC if the hardware stripped it or > > * the IV with the key index. In this case we have solely rely > > * on the driver to set RX_FLAG_MMIC_ERROR in the event of a > > Hm, this doesn't seem _quite_ right, but I'm not sure: it seems that > previously it was possible that we don't have a key pointer but the > driver set all of RX_FLAG_MMIC_STRIPPED, RX_FLAG_IV_STRIPPED and > RX_FLAG_MMIC_ERROR, in which case after your change the frame will be > accepted rather than rejected. I wanted to cleanup stuff, but yeah, that seem to be wrong. I guess I can just add check before rx->key->u.tkip.rx usage to fix the problem. Eventually fix flags setting in driver. Stanislaw -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
