mac80211: linearize SKBs as needed for crypto

Not linearizing every SKB will help actually pass non-linear SKBs all the way up when on an encrypted connection. For now, linearize TKIP completely as it is lower performance and I don't quite grok all the details. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
author: Johannes Berg <johannes.berg@intel.com> 2012-03-12 08:49:14 -0400
committer: John W. Linville <linville@tuxdriver.com> 2012-03-13 14:54:17 -0400
commit: a8286911881948c7a2ecc63ee4224c258cce2da3 (patch)
tree: a35566503b81c654db55857f42fe9664d0aab3af /net/mac80211/wpa.c
parent: 617bbde878604adfcd557fc2a8952f77ab4ebd95 (diff)
1 files changed, 21 insertions, 1 deletions
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index b758350919ff..0ae23c60968c 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -138,6 +138,10 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
        if (skb->len < hdrlen + MICHAEL_MIC_LEN)
                return RX_DROP_UNUSABLE;
+        if (skb_linearize(rx->skb))
+                return RX_DROP_UNUSABLE;
+        hdr = (void *)skb->data;
        data = skb->data + hdrlen;
        data_len = skb->len - hdrlen - MICHAEL_MIC_LEN;
        key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY];
@@ -253,6 +257,11 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx)
        if (!rx->sta || skb->len - hdrlen < 12)
                return RX_DROP_UNUSABLE;
+        /* it may be possible to optimize this a bit more */
+        if (skb_linearize(rx->skb))
+                return RX_DROP_UNUSABLE;
+        hdr = (void *)skb->data;
        /*
         * Let TKIP code verify IV, but skip decryption.
         * In the case where hardware checks the IV as well,
@@ -484,6 +493,14 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
        if (!rx->sta || data_len < 0)
                return RX_DROP_UNUSABLE;
+        if (status->flag & RX_FLAG_DECRYPTED) {
+                if (!pskb_may_pull(rx->skb, hdrlen + CCMP_HDR_LEN))
+                        return RX_DROP_UNUSABLE;
+        } else {
+                if (skb_linearize(rx->skb))
+                        return RX_DROP_UNUSABLE;
+        }
        ccmp_hdr2pn(pn, skb->data + hdrlen);
        queue = rx->security_idx;
@@ -509,7 +526,8 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
        memcpy(key->u.ccmp.rx_pn[queue], pn, CCMP_PN_LEN);
        /* Remove CCMP header and MIC */
-        skb_trim(skb, skb->len - CCMP_MIC_LEN);
+        if (pskb_trim(skb, skb->len - CCMP_MIC_LEN))
+                return RX_DROP_UNUSABLE;
        memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen);
        skb_pull(skb, CCMP_HDR_LEN);
@@ -609,6 +627,8 @@ ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
        if (!ieee80211_is_mgmt(hdr->frame_control))
                return RX_CONTINUE;
+        /* management frames are already linear */
        if (skb->len < 24 + sizeof(*mmie))
                return RX_DROP_UNUSABLE;
author	Johannes Berg <johannes.berg@intel.com>	2012-03-12 08:49:14 -0400
committer	John W. Linville <linville@tuxdriver.com>	2012-03-13 14:54:17 -0400
commit	a8286911881948c7a2ecc63ee4224c258cce2da3 (patch)
tree	a35566503b81c654db55857f42fe9664d0aab3af /net/mac80211/wpa.c
parent	617bbde878604adfcd557fc2a8952f77ab4ebd95 (diff)