[OEM-B][SRU][PATCH 1/3] Revert "UBUNTU: SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN"
Shrirang Bagul
shrirang.bagul at canonical.com
Fri Jun 1 09:23:39 UTC 2018
BugLink: http://bugs.launchpad.net/bugs/1774606
This reverts commit d2d621b15b31f91a2e05ca56b77bf30db78ea276.
Signed-off-by: Shrirang Bagul <shrirang.bagul at canonical.com>
---
drivers/net/wireless/rsi/rsi_91x_mac80211.c | 166 ++------------------
drivers/net/wireless/rsi/rsi_main.h | 3 -
2 files changed, 9 insertions(+), 160 deletions(-)
diff --git a/drivers/net/wireless/rsi/rsi_91x_mac80211.c b/drivers/net/wireless/rsi/rsi_91x_mac80211.c
index 6171c6bdf7f6..e38cbaf12f87 100644
--- a/drivers/net/wireless/rsi/rsi_91x_mac80211.c
+++ b/drivers/net/wireless/rsi/rsi_91x_mac80211.c
@@ -547,9 +547,6 @@ static int rsi_mac80211_add_interface(struct ieee80211_hw *hw,
mutex_unlock(&common->mutex);
return -EINVAL;
}
- memset(vif_info->rx_bcmc_pn, 0, IEEE80211_CCMP_PN_LEN);
- vif_info->rx_pn_valid = false;
- vif_info->key = NULL;
if ((vif->type == NL80211_IFTYPE_AP) ||
(vif->type == NL80211_IFTYPE_P2P_GO)) {
@@ -1064,8 +1061,6 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw,
struct rsi_hw *adapter = hw->priv;
struct rsi_common *common = adapter->priv;
struct security_info *secinfo = &common->secinfo;
- struct vif_priv *vif_info = (struct vif_priv *)vif->drv_priv;
- struct ieee80211_key_seq seq;
int status;
mutex_lock(&common->mutex);
@@ -1078,41 +1073,10 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw,
return status;
}
- if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
+ if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
secinfo->ptk_cipher = key->cipher;
- } else {
+ else
secinfo->gtk_cipher = key->cipher;
- ieee80211_get_key_rx_seq(key, 0, &seq);
- switch (key->cipher) {
- case WLAN_CIPHER_SUITE_CCMP:
- case WLAN_CIPHER_SUITE_CCMP_256:
- memcpy(vif_info->rx_bcmc_pn, seq.ccmp.pn,
- IEEE80211_CCMP_PN_LEN);
- vif_info->rx_pn_valid = true;
- vif_info->key = key;
- break;
- case WLAN_CIPHER_SUITE_TKIP:
- vif_info->rx_bcmc_pn[0] = seq.tkip.iv16 & 0xff;
- vif_info->rx_bcmc_pn[1] =
- (seq.tkip.iv16 >> 8) & 0xff;
- vif_info->rx_bcmc_pn[2] = seq.tkip.iv32 & 0xff;
- vif_info->rx_bcmc_pn[3] =
- (seq.tkip.iv32 >> 8) & 0xff;
- vif_info->rx_bcmc_pn[4] =
- (seq.tkip.iv32 >> 16) & 0xff;
- vif_info->rx_bcmc_pn[5] =
- (seq.tkip.iv32 >> 24) & 0xff;
- vif_info->rx_pn_valid = true;
- vif_info->key = key;
- break;
- case WLAN_CIPHER_SUITE_AES_CMAC:
- memcpy(vif_info->rx_bcmc_pn,
- seq.aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
- vif_info->rx_pn_valid = true;
- vif_info->key = key;
- break;
- }
- }
key->hw_key_idx = key->keyidx;
key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
@@ -1125,9 +1089,6 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw,
secinfo->security_enable = false;
rsi_dbg(ERR_ZONE, "%s: RSI del key\n", __func__);
memset(key, 0, sizeof(struct ieee80211_key_conf));
- memset(vif_info->rx_bcmc_pn, 0, IEEE80211_CCMP_PN_LEN);
- vif_info->rx_pn_valid = false;
- vif_info->key = NULL;
status = rsi_hal_key_config(hw, vif, key, sta);
break;
@@ -1342,103 +1303,6 @@ static void rsi_perform_cqm(struct rsi_common *common,
return;
}
-struct dot11_ccmp_hdr {
- u8 pn0;
- u8 pn1;
- u8 reserved;
- u8 keyid_info;
- u8 pn2;
- u8 pn3;
- u8 pn4;
- u8 pn5;
-};
-
-struct dot11_tkip_hdr {
- u8 tsc1;
- u8 wep_seed;
- u8 tsc0;
- u8 keyid_info;
- u8 tsc2;
- u8 tsc3;
- u8 tsc4;
- u8 tsc5;
-};
-
-static int rsi_validate_pn(struct rsi_hw *adapter, struct ieee80211_hdr *hdr)
-{
- struct ieee80211_vif *vif;
- struct ieee80211_bss_conf *bss;
- struct vif_priv *vif_info = NULL;
- u8 cur_pn[IEEE80211_CCMP_PN_LEN];
- u8 *last_pn;
- int i, hdrlen;
-
- if (!is_broadcast_ether_addr(hdr->addr1) &&
- !is_multicast_ether_addr(hdr->addr1))
- return 1;
-
- hdrlen = ieee80211_hdrlen(hdr->frame_control);
- for (i = 0; i < adapter->sc_nvifs; i++) {
- vif = adapter->vifs[i];
-
- if (!vif)
- continue;
- if (vif->type != NL80211_IFTYPE_STATION &&
- vif->type != NL80211_IFTYPE_P2P_CLIENT)
- continue;
- bss = &vif->bss_conf;
- if (!bss->assoc)
- continue;
- if (!ether_addr_equal(bss->bssid, hdr->addr2))
- continue;
- vif_info = (struct vif_priv *)vif->drv_priv;
- if (!vif_info->key) {
- vif_info = NULL;
- continue;
- }
- if (!vif_info->rx_pn_valid) {
- vif_info = NULL;
- continue;
- }
- }
- if (!vif_info)
- return 1;
- last_pn = vif_info->rx_bcmc_pn;
- if (vif_info->key->cipher == WLAN_CIPHER_SUITE_CCMP) {
- struct dot11_ccmp_hdr *ccmp =
- (struct dot11_ccmp_hdr *)&((u8 *)hdr)[hdrlen];
-
- cur_pn[0] = ccmp->pn0;
- cur_pn[1] = ccmp->pn1;
- cur_pn[2] = ccmp->pn2;
- cur_pn[3] = ccmp->pn3;
- cur_pn[4] = ccmp->pn4;
- cur_pn[5] = ccmp->pn5;
- } else {
- struct dot11_tkip_hdr *tkip =
- (struct dot11_tkip_hdr *)&((u8 *)hdr)[hdrlen];
-
- cur_pn[0] = tkip->tsc0;
- cur_pn[1] = tkip->tsc1;
- cur_pn[2] = tkip->tsc2;
- cur_pn[3] = tkip->tsc3;
- cur_pn[4] = tkip->tsc4;
- cur_pn[5] = tkip->tsc5;
- }
- for (i = (IEEE80211_CCMP_PN_LEN - 1); i >= 0; i--)
- if (last_pn[i] ^ cur_pn[i])
- break;
- if (i < 0)
- return -1;
-
- if (last_pn[i] >= cur_pn[i])
- return -1;
-
- memcpy(vif_info->rx_bcmc_pn, cur_pn, IEEE80211_CCMP_PN_LEN);
-
- return 0;
-}
-
/**
* rsi_fill_rx_status() - This function fills rx status in
* ieee80211_rx_status structure.
@@ -1449,10 +1313,10 @@ static int rsi_validate_pn(struct rsi_hw *adapter, struct ieee80211_hdr *hdr)
*
* Return: None.
*/
-static int rsi_fill_rx_status(struct ieee80211_hw *hw,
- struct sk_buff *skb,
- struct rsi_common *common,
- struct ieee80211_rx_status *rxs)
+static void rsi_fill_rx_status(struct ieee80211_hw *hw,
+ struct sk_buff *skb,
+ struct rsi_common *common,
+ struct ieee80211_rx_status *rxs)
{
struct rsi_hw *adapter = common->priv;
struct ieee80211_vif *vif;
@@ -1485,17 +1349,6 @@ static int rsi_fill_rx_status(struct ieee80211_hw *hw,
memmove(skb->data + 4, skb->data, hdrlen);
skb_pull(skb, 4);
} else {
- if (skb->len < (hdrlen + IEEE80211_CCMP_HDR_LEN)) {
- rsi_dbg(ERR_ZONE, "Invalid encrypted packet\n");
- dev_kfree_skb(skb);
- return -EINVAL;
- }
- if (rsi_validate_pn(adapter, hdr) < 0) {
- rsi_dbg(INFO_ZONE,
- "Invalid RX PN; Dropping\n");
- dev_kfree_skb(skb);
- return -EINVAL;
- }
memmove(skb->data + 8, skb->data, hdrlen);
skb_pull(skb, 8);
rxs->flag |= RX_FLAG_MMIC_STRIPPED;
@@ -1514,14 +1367,14 @@ static int rsi_fill_rx_status(struct ieee80211_hw *hw,
}
}
if (!bss)
- return -1;
+ return;
/* CQM only for connected AP beacons, the RSSI is a weighted avg */
if (bss->assoc && !(memcmp(bss->bssid, hdr->addr2, ETH_ALEN))) {
if (ieee80211_is_beacon(hdr->frame_control))
rsi_perform_cqm(common, hdr->addr2, rxs->signal, vif);
}
- return 0;
+ return;
}
/**
@@ -1544,8 +1397,7 @@ void rsi_indicate_pkt_to_os(struct rsi_common *common,
}
/* filling in the ieee80211_rx_status flags */
- if (rsi_fill_rx_status(hw, skb, common, rx_status))
- return;
+ rsi_fill_rx_status(hw, skb, common, rx_status);
ieee80211_rx_irqsafe(hw, skb);
}
diff --git a/drivers/net/wireless/rsi/rsi_main.h b/drivers/net/wireless/rsi/rsi_main.h
index 00c49abea010..cb8a51cacea1 100644
--- a/drivers/net/wireless/rsi/rsi_main.h
+++ b/drivers/net/wireless/rsi/rsi_main.h
@@ -191,9 +191,6 @@ struct vif_priv {
bool sgi;
u16 seq_start;
int vap_id;
- struct ieee80211_key_conf *key;
- u8 rx_bcmc_pn[IEEE80211_CCMP_PN_LEN];
- bool rx_pn_valid;
};
struct rsi_event {
--
2.17.0
More information about the kernel-team
mailing list