diff options
Diffstat (limited to 'net/mac80211/wpa.c')
-rw-r--r-- | net/mac80211/wpa.c | 32 |
1 files changed, 10 insertions, 22 deletions
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 6db649480e8f..7aa63caf8d50 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c | |||
@@ -49,8 +49,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx) | |||
49 | !(tx->flags & IEEE80211_TX_FRAGMENTED) && | 49 | !(tx->flags & IEEE80211_TX_FRAGMENTED) && |
50 | !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) && | 50 | !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) && |
51 | !wpa_test) { | 51 | !wpa_test) { |
52 | /* hwaccel - with no need for preallocated room for Michael MIC | 52 | /* hwaccel - with no need for preallocated room for MMIC */ |
53 | */ | ||
54 | return TX_CONTINUE; | 53 | return TX_CONTINUE; |
55 | } | 54 | } |
56 | 55 | ||
@@ -67,8 +66,6 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx) | |||
67 | #else | 66 | #else |
68 | authenticator = 1; | 67 | authenticator = 1; |
69 | #endif | 68 | #endif |
70 | /* At this point we know we're using ALG_TKIP. To get the MIC key | ||
71 | * we now will rely on the offset from the ieee80211_key_conf::key */ | ||
72 | key_offset = authenticator ? | 69 | key_offset = authenticator ? |
73 | NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY : | 70 | NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY : |
74 | NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY; | 71 | NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY; |
@@ -90,11 +87,8 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) | |||
90 | u8 mic[MICHAEL_MIC_LEN]; | 87 | u8 mic[MICHAEL_MIC_LEN]; |
91 | struct sk_buff *skb = rx->skb; | 88 | struct sk_buff *skb = rx->skb; |
92 | int authenticator = 1, wpa_test = 0; | 89 | int authenticator = 1, wpa_test = 0; |
93 | DECLARE_MAC_BUF(mac); | ||
94 | 90 | ||
95 | /* | 91 | /* No way to verify the MIC if the hardware stripped it */ |
96 | * No way to verify the MIC if the hardware stripped it | ||
97 | */ | ||
98 | if (rx->status->flag & RX_FLAG_MMIC_STRIPPED) | 92 | if (rx->status->flag & RX_FLAG_MMIC_STRIPPED) |
99 | return RX_CONTINUE; | 93 | return RX_CONTINUE; |
100 | 94 | ||
@@ -116,8 +110,6 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) | |||
116 | #else | 110 | #else |
117 | authenticator = 1; | 111 | authenticator = 1; |
118 | #endif | 112 | #endif |
119 | /* At this point we know we're using ALG_TKIP. To get the MIC key | ||
120 | * we now will rely on the offset from the ieee80211_key_conf::key */ | ||
121 | key_offset = authenticator ? | 113 | key_offset = authenticator ? |
122 | NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY : | 114 | NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY : |
123 | NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY; | 115 | NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY; |
@@ -202,6 +194,7 @@ ieee80211_tx_result | |||
202 | ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx) | 194 | ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx) |
203 | { | 195 | { |
204 | struct sk_buff *skb = tx->skb; | 196 | struct sk_buff *skb = tx->skb; |
197 | int i; | ||
205 | 198 | ||
206 | ieee80211_tx_set_protected(tx); | 199 | ieee80211_tx_set_protected(tx); |
207 | 200 | ||
@@ -209,9 +202,8 @@ ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx) | |||
209 | return TX_DROP; | 202 | return TX_DROP; |
210 | 203 | ||
211 | if (tx->extra_frag) { | 204 | if (tx->extra_frag) { |
212 | int i; | ||
213 | for (i = 0; i < tx->num_extra_frag; i++) { | 205 | for (i = 0; i < tx->num_extra_frag; i++) { |
214 | if (tkip_encrypt_skb(tx, tx->extra_frag[i]) < 0) | 206 | if (tkip_encrypt_skb(tx, tx->extra_frag[i])) |
215 | return TX_DROP; | 207 | return TX_DROP; |
216 | } | 208 | } |
217 | } | 209 | } |
@@ -227,7 +219,6 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx) | |||
227 | int hdrlen, res, hwaccel = 0, wpa_test = 0; | 219 | int hdrlen, res, hwaccel = 0, wpa_test = 0; |
228 | struct ieee80211_key *key = rx->key; | 220 | struct ieee80211_key *key = rx->key; |
229 | struct sk_buff *skb = rx->skb; | 221 | struct sk_buff *skb = rx->skb; |
230 | DECLARE_MAC_BUF(mac); | ||
231 | 222 | ||
232 | hdrlen = ieee80211_hdrlen(hdr->frame_control); | 223 | hdrlen = ieee80211_hdrlen(hdr->frame_control); |
233 | 224 | ||
@@ -350,7 +341,7 @@ static inline void ccmp_pn2hdr(u8 *hdr, u8 *pn, int key_id) | |||
350 | } | 341 | } |
351 | 342 | ||
352 | 343 | ||
353 | static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr) | 344 | static inline void ccmp_hdr2pn(u8 *pn, u8 *hdr) |
354 | { | 345 | { |
355 | pn[0] = hdr[7]; | 346 | pn[0] = hdr[7]; |
356 | pn[1] = hdr[6]; | 347 | pn[1] = hdr[6]; |
@@ -358,7 +349,6 @@ static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr) | |||
358 | pn[3] = hdr[4]; | 349 | pn[3] = hdr[4]; |
359 | pn[4] = hdr[1]; | 350 | pn[4] = hdr[1]; |
360 | pn[5] = hdr[0]; | 351 | pn[5] = hdr[0]; |
361 | return (hdr[3] >> 6) & 0x03; | ||
362 | } | 352 | } |
363 | 353 | ||
364 | 354 | ||
@@ -373,7 +363,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) | |||
373 | 363 | ||
374 | if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && | 364 | if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && |
375 | !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { | 365 | !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { |
376 | /* hwaccel - with no need for preallocated room for CCMP " | 366 | /* hwaccel - with no need for preallocated room for CCMP |
377 | * header or MIC fields */ | 367 | * header or MIC fields */ |
378 | info->control.hw_key = &tx->key->conf; | 368 | info->control.hw_key = &tx->key->conf; |
379 | return 0; | 369 | return 0; |
@@ -426,6 +416,7 @@ ieee80211_tx_result | |||
426 | ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) | 416 | ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) |
427 | { | 417 | { |
428 | struct sk_buff *skb = tx->skb; | 418 | struct sk_buff *skb = tx->skb; |
419 | int i; | ||
429 | 420 | ||
430 | ieee80211_tx_set_protected(tx); | 421 | ieee80211_tx_set_protected(tx); |
431 | 422 | ||
@@ -433,9 +424,8 @@ ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) | |||
433 | return TX_DROP; | 424 | return TX_DROP; |
434 | 425 | ||
435 | if (tx->extra_frag) { | 426 | if (tx->extra_frag) { |
436 | int i; | ||
437 | for (i = 0; i < tx->num_extra_frag; i++) { | 427 | for (i = 0; i < tx->num_extra_frag; i++) { |
438 | if (ccmp_encrypt_skb(tx, tx->extra_frag[i]) < 0) | 428 | if (ccmp_encrypt_skb(tx, tx->extra_frag[i])) |
439 | return TX_DROP; | 429 | return TX_DROP; |
440 | } | 430 | } |
441 | } | 431 | } |
@@ -453,7 +443,6 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx) | |||
453 | struct sk_buff *skb = rx->skb; | 443 | struct sk_buff *skb = rx->skb; |
454 | u8 pn[CCMP_PN_LEN]; | 444 | u8 pn[CCMP_PN_LEN]; |
455 | int data_len; | 445 | int data_len; |
456 | DECLARE_MAC_BUF(mac); | ||
457 | 446 | ||
458 | hdrlen = ieee80211_hdrlen(hdr->frame_control); | 447 | hdrlen = ieee80211_hdrlen(hdr->frame_control); |
459 | 448 | ||
@@ -468,7 +457,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx) | |||
468 | (rx->status->flag & RX_FLAG_IV_STRIPPED)) | 457 | (rx->status->flag & RX_FLAG_IV_STRIPPED)) |
469 | return RX_CONTINUE; | 458 | return RX_CONTINUE; |
470 | 459 | ||
471 | (void) ccmp_hdr2pn(pn, skb->data + hdrlen); | 460 | ccmp_hdr2pn(pn, skb->data + hdrlen); |
472 | 461 | ||
473 | if (memcmp(pn, key->u.ccmp.rx_pn[rx->queue], CCMP_PN_LEN) <= 0) { | 462 | if (memcmp(pn, key->u.ccmp.rx_pn[rx->queue], CCMP_PN_LEN) <= 0) { |
474 | key->u.ccmp.replays++; | 463 | key->u.ccmp.replays++; |
@@ -483,9 +472,8 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx) | |||
483 | key->u.ccmp.tfm, key->u.ccmp.rx_crypto_buf, | 472 | key->u.ccmp.tfm, key->u.ccmp.rx_crypto_buf, |
484 | skb->data + hdrlen + CCMP_HDR_LEN, data_len, | 473 | skb->data + hdrlen + CCMP_HDR_LEN, data_len, |
485 | skb->data + skb->len - CCMP_MIC_LEN, | 474 | skb->data + skb->len - CCMP_MIC_LEN, |
486 | skb->data + hdrlen + CCMP_HDR_LEN)) { | 475 | skb->data + hdrlen + CCMP_HDR_LEN)) |
487 | return RX_DROP_UNUSABLE; | 476 | return RX_DROP_UNUSABLE; |
488 | } | ||
489 | } | 477 | } |
490 | 478 | ||
491 | memcpy(key->u.ccmp.rx_pn[rx->queue], pn, CCMP_PN_LEN); | 479 | memcpy(key->u.ccmp.rx_pn[rx->queue], pn, CCMP_PN_LEN); |