ath10k: fix protected flag stripping

This prevents protected flag being stripped from undecrypted raw sniffed frames when monitor interface is active. Reported-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com> Tested-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com> Signed-off-by: Michal Kazior <michal.kazior@tieto.com> Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
author: Michal Kazior <michal.kazior@tieto.com> 2014-05-23 04:33:18 -0400
committer: Kalle Valo <kvalo@qca.qualcomm.com> 2014-05-26 05:43:12 -0400
commit: c071dcb2802a0349b05817010000082c6c105453 (patch)
tree: 1852318887091111009f92ebe8de8711d8cfcf4d /drivers/net/wireless
parent: aecdc89fb4664c76baa4bbd46008f220532309ff (diff)
1 files changed, 24 insertions, 9 deletions
diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c b/drivers/net/wireless/ath/ath10k/htt_rx.c
index f744e355c70a..08b5718cdbf1 100644
--- a/drivers/net/wireless/ath/ath10k/htt_rx.c
+++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
@@ -778,17 +778,30 @@ static void ath10k_htt_rx_h_rates(struct ath10k *ar,
 static void ath10k_htt_rx_h_protected(struct ath10k_htt *htt,
                                      struct ieee80211_rx_status *rx_status,
                                      struct sk_buff *skb,
-                                      enum htt_rx_mpdu_encrypt_type enctype)
+                                      enum htt_rx_mpdu_encrypt_type enctype,
+                                      enum rx_msdu_decap_format fmt,
+                                      bool dot11frag)
 {
        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
+        rx_status->flag &= ~(RX_FLAG_DECRYPTED |
+                             RX_FLAG_IV_STRIPPED |
+                             RX_FLAG_MMIC_STRIPPED);
-        if (enctype == HTT_RX_MPDU_ENCRYPT_NONE) {
+        if (enctype == HTT_RX_MPDU_ENCRYPT_NONE)
-                rx_status->flag &= ~(RX_FLAG_DECRYPTED |
+                return;
-                                     RX_FLAG_IV_STRIPPED |
-                                     RX_FLAG_MMIC_STRIPPED);
+        /*
+         * There's no explicit rx descriptor flag to indicate whether a given
+         * frame has been decrypted or not. We're forced to use the decap
+         * format as an implicit indication. However fragmentation rx is always
+         * raw and it probably never reports undecrypted raws.
+         *
+         * This makes sure sniffed frames are reported as-is without stripping
+         * the protected flag.
+         */
+        if (fmt == RX_MSDU_DECAP_RAW && !dot11frag)
                return;
-        }
        rx_status->flag |= RX_FLAG_DECRYPTED |
                           RX_FLAG_IV_STRIPPED |
@@ -942,7 +955,8 @@ static void ath10k_htt_rx_amsdu(struct ath10k_htt *htt,
                }
                skb_in = skb;
-                ath10k_htt_rx_h_protected(htt, rx_status, skb_in, enctype);
+                ath10k_htt_rx_h_protected(htt, rx_status, skb_in, enctype, fmt,
+                                          false);
                skb = skb->next;
                skb_in->next = NULL;
@@ -1024,7 +1038,7 @@ static void ath10k_htt_rx_msdu(struct ath10k_htt *htt,
                break;
        }
-        ath10k_htt_rx_h_protected(htt, rx_status, skb, enctype);
+        ath10k_htt_rx_h_protected(htt, rx_status, skb, enctype, fmt, false);
        ath10k_process_rx(htt->ar, rx_status, skb);
 }
@@ -1330,7 +1344,8 @@ static void ath10k_htt_rx_frag_handler(struct ath10k_htt *htt,
        enctype = MS(__le32_to_cpu(rxd->mpdu_start.info0),
                     RX_MPDU_START_INFO0_ENCRYPT_TYPE);
-        ath10k_htt_rx_h_protected(htt, rx_status, msdu_head, enctype);
+        ath10k_htt_rx_h_protected(htt, rx_status, msdu_head, enctype, fmt,
+                                  true);
        msdu_head->ip_summed = ath10k_htt_rx_get_csum_state(msdu_head);
        if (tkip_mic_err)
author	Michal Kazior <michal.kazior@tieto.com>	2014-05-23 04:33:18 -0400
committer	Kalle Valo <kvalo@qca.qualcomm.com>	2014-05-26 05:43:12 -0400
commit	c071dcb2802a0349b05817010000082c6c105453 (patch)
tree	1852318887091111009f92ebe8de8711d8cfcf4d /drivers/net/wireless
parent	aecdc89fb4664c76baa4bbd46008f220532309ff (diff)

diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c b/drivers/net/wireless/ath/ath10k/htt_rx.c index f744e355c70a..08b5718cdbf1 100644 --- a/drivers/net/wireless/ath/ath10k/htt_rx.c +++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
@@ -778,17 +778,30 @@ static void ath10k_htt_rx_h_rates(struct ath10k *ar,
778	static void ath10k_htt_rx_h_protected(struct ath10k_htt *htt,	778	static void ath10k_htt_rx_h_protected(struct ath10k_htt *htt,
779	struct ieee80211_rx_status *rx_status,	779	struct ieee80211_rx_status *rx_status,
780	struct sk_buff *skb,	780	struct sk_buff *skb,
781	enum htt_rx_mpdu_encrypt_type enctype)	781	enum htt_rx_mpdu_encrypt_type enctype,
		782	enum rx_msdu_decap_format fmt,
		783	bool dot11frag)
782	{	784	{
783	struct ieee80211_hdr hdr = (struct ieee80211_hdr )skb->data;	785	struct ieee80211_hdr hdr = (struct ieee80211_hdr )skb->data;
784		786
		787	rx_status->flag &= ~(RX_FLAG_DECRYPTED \|
		788	RX_FLAG_IV_STRIPPED \|
		789	RX_FLAG_MMIC_STRIPPED);
785		790
786	if (enctype == HTT_RX_MPDU_ENCRYPT_NONE) {	791	if (enctype == HTT_RX_MPDU_ENCRYPT_NONE)
787	rx_status->flag &= ~(RX_FLAG_DECRYPTED \|	792	return;
788	RX_FLAG_IV_STRIPPED \|	793
789	RX_FLAG_MMIC_STRIPPED);	794	/*
		795	* There's no explicit rx descriptor flag to indicate whether a given
		796	* frame has been decrypted or not. We're forced to use the decap
		797	* format as an implicit indication. However fragmentation rx is always
		798	* raw and it probably never reports undecrypted raws.
		799	*
		800	* This makes sure sniffed frames are reported as-is without stripping
		801	* the protected flag.
		802	*/
		803	if (fmt == RX_MSDU_DECAP_RAW && !dot11frag)
790	return;	804	return;
791	}
792		805
793	rx_status->flag \|= RX_FLAG_DECRYPTED \|	806	rx_status->flag \|= RX_FLAG_DECRYPTED \|
794	RX_FLAG_IV_STRIPPED \|	807	RX_FLAG_IV_STRIPPED \|
@@ -942,7 +955,8 @@ static void ath10k_htt_rx_amsdu(struct ath10k_htt *htt,
942	}	955	}
943		956
944	skb_in = skb;	957	skb_in = skb;
945	ath10k_htt_rx_h_protected(htt, rx_status, skb_in, enctype);	958	ath10k_htt_rx_h_protected(htt, rx_status, skb_in, enctype, fmt,
		959	false);
946	skb = skb->next;	960	skb = skb->next;
947	skb_in->next = NULL;	961	skb_in->next = NULL;
948		962
@@ -1024,7 +1038,7 @@ static void ath10k_htt_rx_msdu(struct ath10k_htt *htt,
1024	break;	1038	break;
1025	}	1039	}
1026		1040
1027	ath10k_htt_rx_h_protected(htt, rx_status, skb, enctype);	1041	ath10k_htt_rx_h_protected(htt, rx_status, skb, enctype, fmt, false);
1028		1042
1029	ath10k_process_rx(htt->ar, rx_status, skb);	1043	ath10k_process_rx(htt->ar, rx_status, skb);
1030	}	1044	}
@@ -1330,7 +1344,8 @@ static void ath10k_htt_rx_frag_handler(struct ath10k_htt *htt,
1330		1344
1331	enctype = MS(__le32_to_cpu(rxd->mpdu_start.info0),	1345	enctype = MS(__le32_to_cpu(rxd->mpdu_start.info0),
1332	RX_MPDU_START_INFO0_ENCRYPT_TYPE);	1346	RX_MPDU_START_INFO0_ENCRYPT_TYPE);
1333	ath10k_htt_rx_h_protected(htt, rx_status, msdu_head, enctype);	1347	ath10k_htt_rx_h_protected(htt, rx_status, msdu_head, enctype, fmt,
		1348	true);
1334	msdu_head->ip_summed = ath10k_htt_rx_get_csum_state(msdu_head);	1349	msdu_head->ip_summed = ath10k_htt_rx_get_csum_state(msdu_head);
1335		1350
1336	if (tkip_mic_err)	1351	if (tkip_mic_err)