mac802154: add comments for llsec issues (d58a2fa9) · Commits · 戴 / test

While doing a little test with the llsec implementation I saw these issues. We should move decryption and encruption somewhere else, otherwise while capturing with wireshark the mac header shows secuirty fields but the payload is plaintext. A complete other issue is what doing with HardMAC drivers where the payload is always plaintext. I think we need a special handling then in userspace. We currently doesn't support any HardMAC transceivers, so we should fix the first issue for SoftMAC transceivers. Signed-off-by:

Alexander Aring <alex.aring@gmail.com> Signed-off-by:

Marcel Holtmann <marcel@holtmann.org>

net/mac802154/rx.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -87,6 +87,10 @@ ieee802154_subif_frame(struct ieee802154_sub_if_data *sdata,

		skb->dev = sdata->dev;

		/* TODO this should be moved after netif_receive_skb call, otherwise
		* wireshark will show a mac header with security fields and the
		* payload is already decrypted.
		*/
		rc = mac802154_llsec_decrypt(&sdata->sec, skb);
		if (rc) {
		pr_debug("decryption failed: %i\n", rc);

net/mac802154/tx.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -129,6 +129,10 @@ ieee802154_subif_start_xmit(struct sk_buff skb, struct net_device dev)
		struct ieee802154_sub_if_data *sdata = IEEE802154_DEV_TO_SUB_IF(dev);
		int rc;

		/* TODO we should move it to wpan_dev_hard_header and dev_hard_header
		* functions. The reason is wireshark will show a mac header which is
		* with security fields but the payload is not encrypted.
		*/
		rc = mac802154_llsec_encrypt(&sdata->sec, skb);
		if (rc) {
		netdev_warn(dev, "encryption failed: %i\n", rc);

Admin message