aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2009-05-08 05:36:03 -0400
committerJohn W. Linville <linville@tuxdriver.com>2009-05-11 15:23:55 -0400
commitf2ca3ea484a51dc7ea5b738510fd03cb6ca7e2e2 (patch)
tree942962f754cc28b53d11e26f06ae3f0f1d3e3eb9 /net/mac80211
parent0c7c10c7cc6bc890d23c8c62b81b4feccd92124b (diff)
mac80211: MFP - Drop unprotected Action frames prior key setup
When management frame protection (IEEE 802.11w) is used, unprotected Robust Action frames are not allowed prior to key configuration. However, unprotected Deauthentication and Disassociation frames are allowed at that point, but not after key configuration. Make ieee80211_drop_unencrypted() handle the special cases for MFP by separating the basic Data frame case from Management frame processing and handle the Management frames only if MFP has been negotiated. In addition, do not use sdata->drop_unencrypted for Management frames since the decision on whether to accept the frame depends on the key being configured. Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/rx.c28
1 files changed, 19 insertions, 9 deletions
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index bf21e92a6b9..f962bd1b16e 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -1221,17 +1221,27 @@ ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx, __le16 fc)
1221 /* Drop unencrypted frames if key is set. */ 1221 /* Drop unencrypted frames if key is set. */
1222 if (unlikely(!ieee80211_has_protected(fc) && 1222 if (unlikely(!ieee80211_has_protected(fc) &&
1223 !ieee80211_is_nullfunc(fc) && 1223 !ieee80211_is_nullfunc(fc) &&
1224 (!ieee80211_is_mgmt(fc) || 1224 ieee80211_is_data(fc) &&
1225 (ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1226 rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP))) &&
1227 (rx->key || rx->sdata->drop_unencrypted)))
1228 return -EACCES;
1229 /* BIP does not use Protected field, so need to check MMIE */
1230 if (unlikely(rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP) &&
1231 ieee80211_is_multicast_robust_mgmt_frame(rx->skb) &&
1232 ieee80211_get_mmie_keyidx(rx->skb) < 0 &&
1233 (rx->key || rx->sdata->drop_unencrypted))) 1225 (rx->key || rx->sdata->drop_unencrypted)))
1234 return -EACCES; 1226 return -EACCES;
1227 if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) {
1228 if (unlikely(ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1229 rx->key))
1230 return -EACCES;
1231 /* BIP does not use Protected field, so need to check MMIE */
1232 if (unlikely(ieee80211_is_multicast_robust_mgmt_frame(rx->skb)
1233 && ieee80211_get_mmie_keyidx(rx->skb) < 0 &&
1234 rx->key))
1235 return -EACCES;
1236 /*
1237 * When using MFP, Action frames are not allowed prior to
1238 * having configured keys.
1239 */
1240 if (unlikely(ieee80211_is_action(fc) && !rx->key &&
1241 ieee80211_is_robust_mgmt_frame(
1242 (struct ieee80211_hdr *) rx->skb->data)))
1243 return -EACCES;
1244 }
1235 1245
1236 return 0; 1246 return 0;
1237} 1247}