Commit 761ab470 authored by Johannes Berg's avatar Johannes Berg Committed by John W. Linville
Browse files

mac80211: move WEP weak IV check 



I suspect the compiler will do this optimisation
anyway, but it seems cleaner to move this into
the WEP switch case.

Also make rx_h_decrypt use a local variable for
the frame_control so that we don't need to reload
the hdr variable for this after linearizing.

Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 6a8579d0

net/mac80211/rx.c

+16 −15
Original line number Diff line number Diff line
@@ -825,6 +825,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
	ieee80211_rx_result result = RX_DROP_UNUSABLE;

	struct ieee80211_key *stakey = NULL;

	int mmie_keyidx = -1;

	__le16 fc;



	/*

	 * Key selection 101
@@ -866,13 +867,15 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
	if (rx->sta)

		stakey = rcu_dereference(rx->sta->key);



	if (!ieee80211_has_protected(hdr->frame_control))

	fc = hdr->frame_control;



	if (!ieee80211_has_protected(fc))

		mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);



	if (!is_multicast_ether_addr(hdr->addr1) && stakey) {

		rx->key = stakey;

		/* Skip decryption if the frame is not protected. */

		if (!ieee80211_has_protected(hdr->frame_control))

		if (!ieee80211_has_protected(fc))

			return RX_CONTINUE;

	} else if (mmie_keyidx >= 0) {

		/* Broadcast/multicast robust management frame / BIP */
@@ -884,7 +887,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
		    mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)

			return RX_DROP_MONITOR; /* unexpected BIP keyidx */

		rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]);

	} else if (!ieee80211_has_protected(hdr->frame_control)) {

	} else if (!ieee80211_has_protected(fc)) {

		/*

		 * The frame was not protected, so skip decryption. However, we

		 * need to set rx->key if there is a key that could have been
@@ -892,7 +895,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
		 * have been expected.

		 */

		struct ieee80211_key *key = NULL;

		if (ieee80211_is_mgmt(hdr->frame_control) &&

		if (ieee80211_is_mgmt(fc) &&

		    is_multicast_ether_addr(hdr->addr1) &&

		    (key = rcu_dereference(rx->sdata->default_mgmt_key)))

			rx->key = key;
@@ -914,7 +917,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
		    (status->flag & RX_FLAG_IV_STRIPPED))

			return RX_CONTINUE;



		hdrlen = ieee80211_hdrlen(hdr->frame_control);

		hdrlen = ieee80211_hdrlen(fc);



		if (rx->skb->len < 8 + hdrlen)

			return RX_DROP_UNUSABLE; /* TODO: count this? */
@@ -947,19 +950,17 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 


	if (skb_linearize(rx->skb))

		return RX_DROP_UNUSABLE;

	/* the hdr variable is invalid now! */



	hdr = (struct ieee80211_hdr *)rx->skb->data;



	switch (rx->key->conf.alg) {

	case ALG_WEP:

		/* Check for weak IVs if possible */

	if (rx->sta && rx->key->conf.alg == ALG_WEP &&

	    ieee80211_is_data(hdr->frame_control) &&

		if (rx->sta && ieee80211_is_data(fc) &&

		    (!(status->flag & RX_FLAG_IV_STRIPPED) ||

		     !(status->flag & RX_FLAG_DECRYPTED)) &&

		    ieee80211_wep_is_weak_iv(rx->skb, rx->key))

			rx->sta->wep_weak_iv_count++;



	switch (rx->key->conf.alg) {

	case ALG_WEP:

		result = ieee80211_crypto_wep_decrypt(rx);

		break;

	case ALG_TKIP:

CRA Git | Maintained and supported by SUSTech CRA and CCSE