diff options
Diffstat (limited to 'net/mac80211')
-rw-r--r-- | net/mac80211/rx.c | 62 | ||||
-rw-r--r-- | net/mac80211/tx.c | 2 |
2 files changed, 25 insertions, 39 deletions
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index 60e9ea11115f..4e9631c140a3 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c | |||
@@ -821,7 +821,7 @@ ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata, | |||
821 | 821 | ||
822 | static inline struct ieee80211_fragment_entry * | 822 | static inline struct ieee80211_fragment_entry * |
823 | ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata, | 823 | ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata, |
824 | u16 fc, unsigned int frag, unsigned int seq, | 824 | unsigned int frag, unsigned int seq, |
825 | int rx_queue, struct ieee80211_hdr *hdr) | 825 | int rx_queue, struct ieee80211_hdr *hdr) |
826 | { | 826 | { |
827 | struct ieee80211_fragment_entry *entry; | 827 | struct ieee80211_fragment_entry *entry; |
@@ -830,7 +830,6 @@ ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata, | |||
830 | idx = sdata->fragment_next; | 830 | idx = sdata->fragment_next; |
831 | for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) { | 831 | for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) { |
832 | struct ieee80211_hdr *f_hdr; | 832 | struct ieee80211_hdr *f_hdr; |
833 | u16 f_fc; | ||
834 | 833 | ||
835 | idx--; | 834 | idx--; |
836 | if (idx < 0) | 835 | if (idx < 0) |
@@ -842,10 +841,13 @@ ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata, | |||
842 | entry->last_frag + 1 != frag) | 841 | entry->last_frag + 1 != frag) |
843 | continue; | 842 | continue; |
844 | 843 | ||
845 | f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data; | 844 | f_hdr = (struct ieee80211_hdr *)entry->skb_list.next->data; |
846 | f_fc = le16_to_cpu(f_hdr->frame_control); | ||
847 | 845 | ||
848 | if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) || | 846 | /* |
847 | * Check ftype and addresses are equal, else check next fragment | ||
848 | */ | ||
849 | if (((hdr->frame_control ^ f_hdr->frame_control) & | ||
850 | cpu_to_le16(IEEE80211_FCTL_FTYPE)) || | ||
849 | compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 || | 851 | compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 || |
850 | compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0) | 852 | compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0) |
851 | continue; | 853 | continue; |
@@ -870,11 +872,11 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) | |||
870 | struct sk_buff *skb; | 872 | struct sk_buff *skb; |
871 | DECLARE_MAC_BUF(mac); | 873 | DECLARE_MAC_BUF(mac); |
872 | 874 | ||
873 | hdr = (struct ieee80211_hdr *) rx->skb->data; | 875 | hdr = (struct ieee80211_hdr *)rx->skb->data; |
874 | sc = le16_to_cpu(hdr->seq_ctrl); | 876 | sc = le16_to_cpu(hdr->seq_ctrl); |
875 | frag = sc & IEEE80211_SCTL_FRAG; | 877 | frag = sc & IEEE80211_SCTL_FRAG; |
876 | 878 | ||
877 | if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) || | 879 | if (likely((!ieee80211_has_morefrags(hdr->frame_control) && frag == 0) || |
878 | (rx->skb)->len < 24 || | 880 | (rx->skb)->len < 24 || |
879 | is_multicast_ether_addr(hdr->addr1))) { | 881 | is_multicast_ether_addr(hdr->addr1))) { |
880 | /* not fragmented */ | 882 | /* not fragmented */ |
@@ -889,7 +891,7 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) | |||
889 | entry = ieee80211_reassemble_add(rx->sdata, frag, seq, | 891 | entry = ieee80211_reassemble_add(rx->sdata, frag, seq, |
890 | rx->queue, &(rx->skb)); | 892 | rx->queue, &(rx->skb)); |
891 | if (rx->key && rx->key->conf.alg == ALG_CCMP && | 893 | if (rx->key && rx->key->conf.alg == ALG_CCMP && |
892 | (rx->fc & IEEE80211_FCTL_PROTECTED)) { | 894 | ieee80211_has_protected(hdr->frame_control)) { |
893 | /* Store CCMP PN so that we can verify that the next | 895 | /* Store CCMP PN so that we can verify that the next |
894 | * fragment has a sequential PN value. */ | 896 | * fragment has a sequential PN value. */ |
895 | entry->ccmp = 1; | 897 | entry->ccmp = 1; |
@@ -903,8 +905,7 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) | |||
903 | /* This is a fragment for a frame that should already be pending in | 905 | /* This is a fragment for a frame that should already be pending in |
904 | * fragment cache. Add this fragment to the end of the pending entry. | 906 | * fragment cache. Add this fragment to the end of the pending entry. |
905 | */ | 907 | */ |
906 | entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq, | 908 | entry = ieee80211_reassemble_find(rx->sdata, frag, seq, rx->queue, hdr); |
907 | rx->queue, hdr); | ||
908 | if (!entry) { | 909 | if (!entry) { |
909 | I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); | 910 | I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); |
910 | return RX_DROP_MONITOR; | 911 | return RX_DROP_MONITOR; |
@@ -929,7 +930,7 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) | |||
929 | memcpy(entry->last_pn, pn, CCMP_PN_LEN); | 930 | memcpy(entry->last_pn, pn, CCMP_PN_LEN); |
930 | } | 931 | } |
931 | 932 | ||
932 | skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc)); | 933 | skb_pull(rx->skb, ieee80211_hdrlen(hdr->frame_control)); |
933 | __skb_queue_tail(&entry->skb_list, rx->skb); | 934 | __skb_queue_tail(&entry->skb_list, rx->skb); |
934 | entry->last_frag = frag; | 935 | entry->last_frag = frag; |
935 | entry->extra_len += rx->skb->len; | 936 | entry->extra_len += rx->skb->len; |
@@ -1096,7 +1097,7 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx) | |||
1096 | { | 1097 | { |
1097 | struct net_device *dev = rx->dev; | 1098 | struct net_device *dev = rx->dev; |
1098 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; | 1099 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; |
1099 | u16 fc, hdrlen, ethertype; | 1100 | u16 hdrlen, ethertype; |
1100 | u8 *payload; | 1101 | u8 *payload; |
1101 | u8 dst[ETH_ALEN]; | 1102 | u8 dst[ETH_ALEN]; |
1102 | u8 src[ETH_ALEN] __aligned(2); | 1103 | u8 src[ETH_ALEN] __aligned(2); |
@@ -1107,12 +1108,10 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx) | |||
1107 | DECLARE_MAC_BUF(mac3); | 1108 | DECLARE_MAC_BUF(mac3); |
1108 | DECLARE_MAC_BUF(mac4); | 1109 | DECLARE_MAC_BUF(mac4); |
1109 | 1110 | ||
1110 | fc = rx->fc; | 1111 | if (unlikely(!ieee80211_is_data_present(hdr->frame_control))) |
1111 | |||
1112 | if (unlikely(!WLAN_FC_DATA_PRESENT(fc))) | ||
1113 | return -1; | 1112 | return -1; |
1114 | 1113 | ||
1115 | hdrlen = ieee80211_get_hdrlen(fc); | 1114 | hdrlen = ieee80211_hdrlen(hdr->frame_control); |
1116 | 1115 | ||
1117 | if (ieee80211_vif_is_mesh(&sdata->vif)) | 1116 | if (ieee80211_vif_is_mesh(&sdata->vif)) |
1118 | hdrlen += ieee80211_get_mesh_hdrlen( | 1117 | hdrlen += ieee80211_get_mesh_hdrlen( |
@@ -1127,41 +1126,28 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx) | |||
1127 | * 1 0 BSSID SA DA n/a | 1126 | * 1 0 BSSID SA DA n/a |
1128 | * 1 1 RA TA DA SA | 1127 | * 1 1 RA TA DA SA |
1129 | */ | 1128 | */ |
1129 | memcpy(dst, ieee80211_get_DA(hdr), ETH_ALEN); | ||
1130 | memcpy(src, ieee80211_get_SA(hdr), ETH_ALEN); | ||
1130 | 1131 | ||
1131 | switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) { | 1132 | switch (hdr->frame_control & |
1132 | case IEEE80211_FCTL_TODS: | 1133 | cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) { |
1133 | /* BSSID SA DA */ | 1134 | case __constant_cpu_to_le16(IEEE80211_FCTL_TODS): |
1134 | memcpy(dst, hdr->addr3, ETH_ALEN); | ||
1135 | memcpy(src, hdr->addr2, ETH_ALEN); | ||
1136 | |||
1137 | if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_AP && | 1135 | if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_AP && |
1138 | sdata->vif.type != IEEE80211_IF_TYPE_VLAN)) | 1136 | sdata->vif.type != IEEE80211_IF_TYPE_VLAN)) |
1139 | return -1; | 1137 | return -1; |
1140 | break; | 1138 | break; |
1141 | case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS): | 1139 | case __constant_cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS): |
1142 | /* RA TA DA SA */ | 1140 | if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_WDS && |
1143 | memcpy(dst, hdr->addr3, ETH_ALEN); | ||
1144 | memcpy(src, hdr->addr4, ETH_ALEN); | ||
1145 | |||
1146 | if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_WDS && | ||
1147 | sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)) | 1141 | sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)) |
1148 | return -1; | 1142 | return -1; |
1149 | break; | 1143 | break; |
1150 | case IEEE80211_FCTL_FROMDS: | 1144 | case __constant_cpu_to_le16(IEEE80211_FCTL_FROMDS): |
1151 | /* DA BSSID SA */ | ||
1152 | memcpy(dst, hdr->addr1, ETH_ALEN); | ||
1153 | memcpy(src, hdr->addr3, ETH_ALEN); | ||
1154 | |||
1155 | if (sdata->vif.type != IEEE80211_IF_TYPE_STA || | 1145 | if (sdata->vif.type != IEEE80211_IF_TYPE_STA || |
1156 | (is_multicast_ether_addr(dst) && | 1146 | (is_multicast_ether_addr(dst) && |
1157 | !compare_ether_addr(src, dev->dev_addr))) | 1147 | !compare_ether_addr(src, dev->dev_addr))) |
1158 | return -1; | 1148 | return -1; |
1159 | break; | 1149 | break; |
1160 | case 0: | 1150 | case __constant_cpu_to_le16(0): |
1161 | /* DA SA BSSID */ | ||
1162 | memcpy(dst, hdr->addr1, ETH_ALEN); | ||
1163 | memcpy(src, hdr->addr2, ETH_ALEN); | ||
1164 | |||
1165 | if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS) | 1151 | if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS) |
1166 | return -1; | 1152 | return -1; |
1167 | break; | 1153 | break; |
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index 4788f7b91f49..24146f3387a7 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c | |||
@@ -1025,7 +1025,7 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx, | |||
1025 | else if (test_and_clear_sta_flags(tx->sta, WLAN_STA_CLEAR_PS_FILT)) | 1025 | else if (test_and_clear_sta_flags(tx->sta, WLAN_STA_CLEAR_PS_FILT)) |
1026 | info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT; | 1026 | info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT; |
1027 | 1027 | ||
1028 | hdrlen = ieee80211_get_hdrlen(tx->fc); | 1028 | hdrlen = ieee80211_hdrlen(hdr->frame_control); |
1029 | if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) { | 1029 | if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) { |
1030 | u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)]; | 1030 | u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)]; |
1031 | tx->ethertype = (pos[0] << 8) | pos[1]; | 1031 | tx->ethertype = (pos[0] << 8) | pos[1]; |