mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-07 13:43:51 +00:00
[MAC80211]: move sta_process rx handler later
This moves the sta_process RX handler to after decryption so that frames that cannot be decrypted don't influence statistics, it is likely that they were injected or something else is totally wrong. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
f9d540ee5f
commit
70f0876579
@ -512,6 +512,53 @@ ieee80211_rx_h_load_key(struct ieee80211_txrx_data *rx)
|
||||
return TXRX_CONTINUE;
|
||||
}
|
||||
|
||||
static ieee80211_txrx_result
|
||||
ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
|
||||
{
|
||||
if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
|
||||
(rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
|
||||
!rx->key || rx->key->conf.alg != ALG_WEP ||
|
||||
!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH))
|
||||
return TXRX_CONTINUE;
|
||||
|
||||
/* Check for weak IVs, if hwaccel did not remove IV from the frame */
|
||||
if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) ||
|
||||
!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED))
|
||||
if (ieee80211_wep_is_weak_iv(rx->skb, rx->key))
|
||||
rx->sta->wep_weak_iv_count++;
|
||||
|
||||
return TXRX_CONTINUE;
|
||||
}
|
||||
|
||||
static ieee80211_txrx_result
|
||||
ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
|
||||
{
|
||||
if (!(rx->fc & IEEE80211_FCTL_PROTECTED))
|
||||
return TXRX_CONTINUE;
|
||||
|
||||
if (!rx->key) {
|
||||
if (net_ratelimit())
|
||||
printk(KERN_DEBUG "%s: RX protected frame,"
|
||||
" but have no key\n", rx->dev->name);
|
||||
return TXRX_DROP;
|
||||
}
|
||||
|
||||
switch (rx->key->conf.alg) {
|
||||
case ALG_WEP:
|
||||
return ieee80211_crypto_wep_decrypt(rx);
|
||||
case ALG_TKIP:
|
||||
return ieee80211_crypto_tkip_decrypt(rx);
|
||||
case ALG_CCMP:
|
||||
return ieee80211_crypto_ccmp_decrypt(rx);
|
||||
case ALG_NONE:
|
||||
return TXRX_CONTINUE;
|
||||
}
|
||||
|
||||
/* not reached */
|
||||
WARN_ON(1);
|
||||
return TXRX_DROP;
|
||||
}
|
||||
|
||||
static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
|
||||
{
|
||||
struct ieee80211_sub_if_data *sdata;
|
||||
@ -637,53 +684,6 @@ ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
|
||||
return TXRX_CONTINUE;
|
||||
} /* ieee80211_rx_h_sta_process */
|
||||
|
||||
static ieee80211_txrx_result
|
||||
ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
|
||||
{
|
||||
if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
|
||||
(rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
|
||||
!rx->key || rx->key->conf.alg != ALG_WEP ||
|
||||
!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH))
|
||||
return TXRX_CONTINUE;
|
||||
|
||||
/* Check for weak IVs, if hwaccel did not remove IV from the frame */
|
||||
if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) ||
|
||||
!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED))
|
||||
if (ieee80211_wep_is_weak_iv(rx->skb, rx->key))
|
||||
rx->sta->wep_weak_iv_count++;
|
||||
|
||||
return TXRX_CONTINUE;
|
||||
}
|
||||
|
||||
static ieee80211_txrx_result
|
||||
ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
|
||||
{
|
||||
if (!(rx->fc & IEEE80211_FCTL_PROTECTED))
|
||||
return TXRX_CONTINUE;
|
||||
|
||||
if (!rx->key) {
|
||||
if (net_ratelimit())
|
||||
printk(KERN_DEBUG "%s: RX protected frame,"
|
||||
" but have no key\n", rx->dev->name);
|
||||
return TXRX_DROP;
|
||||
}
|
||||
|
||||
switch (rx->key->conf.alg) {
|
||||
case ALG_WEP:
|
||||
return ieee80211_crypto_wep_decrypt(rx);
|
||||
case ALG_TKIP:
|
||||
return ieee80211_crypto_tkip_decrypt(rx);
|
||||
case ALG_CCMP:
|
||||
return ieee80211_crypto_ccmp_decrypt(rx);
|
||||
case ALG_NONE:
|
||||
return TXRX_CONTINUE;
|
||||
}
|
||||
|
||||
/* not reached */
|
||||
WARN_ON(1);
|
||||
return TXRX_DROP;
|
||||
}
|
||||
|
||||
static inline struct ieee80211_fragment_entry *
|
||||
ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
|
||||
unsigned int frag, unsigned int seq, int rx_queue,
|
||||
@ -1349,9 +1349,9 @@ ieee80211_rx_handler ieee80211_rx_handlers[] =
|
||||
ieee80211_rx_h_passive_scan,
|
||||
ieee80211_rx_h_check,
|
||||
ieee80211_rx_h_load_key,
|
||||
ieee80211_rx_h_sta_process,
|
||||
ieee80211_rx_h_wep_weak_iv_detection,
|
||||
ieee80211_rx_h_decrypt,
|
||||
ieee80211_rx_h_sta_process,
|
||||
ieee80211_rx_h_defragment,
|
||||
ieee80211_rx_h_ps_poll,
|
||||
ieee80211_rx_h_michael_mic_verify,
|
||||
|
Loading…
Reference in New Issue
Block a user