#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/etherdevice.h>
+#include <linux/rcupdate.h>
#include <net/mac80211.h>
#include <net/ieee80211_radiotap.h>
* 1 usec = 1/8 * (1080 / 10) = 13.5 */
if (mode->mode == MODE_IEEE80211A ||
- mode->mode == MODE_ATHEROS_TURBO ||
- mode->mode == MODE_ATHEROS_TURBOG ||
(mode->mode == MODE_IEEE80211G &&
rate->flags & IEEE80211_RATE_ERP))
hdrtime = CHAN_UTIL_HDR_SHORT;
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
int keyidx;
int hdrlen;
+ struct ieee80211_key *stakey = NULL;
/*
* Key selection 101
* frames can also use key indizes like GTKs. Hence, if we don't
* have a PTK/STK we check the key index for a WEP key.
*
+ * Note that in a regular BSS, multicast frames are sent by the
+ * AP only, associated stations unicast the frame to the AP first
+ * which then multicasts it on their behalf.
+ *
* There is also a slight problem in IBSS mode: GTKs are negotiated
* with each station, that is something we don't currently handle.
+ * The spec seems to expect that one negotiates the same key with
+ * every station but there's no such requirement; VLANs could be
+ * possible.
*/
if (!(rx->fc & IEEE80211_FCTL_PROTECTED))
if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH))
return TXRX_CONTINUE;
- if (!is_multicast_ether_addr(hdr->addr1) && rx->sta && rx->sta->key) {
- rx->key = rx->sta->key;
+ if (rx->sta)
+ stakey = rcu_dereference(rx->sta->key);
+
+ if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
+ rx->key = stakey;
} else {
/*
* The device doesn't give us the IV so we won't be
* we somehow allow the driver to tell us which key
* the hardware used if this flag is set?
*/
- if (!(rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV))
+ if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
+ (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED))
return TXRX_CONTINUE;
hdrlen = ieee80211_get_hdrlen(rx->fc);
*/
keyidx = rx->skb->data[hdrlen + 3] >> 6;
- rx->key = rx->sdata->keys[keyidx];
+ rx->key = rcu_dereference(rx->sdata->keys[keyidx]);
/*
* RSNA-protected unicast frames should always be sent with
sta->rx_fragments++;
sta->rx_bytes += rx->skb->len;
- sta->last_rssi = (sta->last_rssi * 15 +
- rx->u.rx.status->ssi) / 16;
- sta->last_signal = (sta->last_signal * 15 +
- rx->u.rx.status->signal) / 16;
- sta->last_noise = (sta->last_noise * 15 +
- rx->u.rx.status->noise) / 16;
+ sta->last_rssi = rx->u.rx.status->ssi;
+ sta->last_signal = rx->u.rx.status->signal;
+ sta->last_noise = rx->u.rx.status->noise;
if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
/* Change STA power saving mode only in the end of a frame
return TXRX_CONTINUE;
/* Check for weak IVs, if hwaccel did not remove IV from the frame */
- if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) ||
- !(rx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
+ if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) ||
+ !(rx->u.rx.status->flag & RX_FLAG_DECRYPTED))
if (ieee80211_wep_is_weak_iv(rx->skb, rx->key))
rx->sta->wep_weak_iv_count++;
return TXRX_DROP;
}
- if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
- !(rx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
+ if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) {
if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
"failed\n", rx->dev->name);
return TXRX_DROP;
}
- } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
+ } else if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) {
ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
/* remove ICV */
skb_trim(rx->skb, rx->skb->len - 4);
ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
{
/*
- * Pass through unencrypted frames if the hardware might have
- * decrypted them already without telling us, but that can only
- * be true if we either didn't find a key or the found key is
- * uploaded to the hardware.
+ * Pass through unencrypted frames if the hardware has
+ * decrypted them already.
*/
- if ((rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) &&
- (!rx->key || (rx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)))
+ if (rx->u.rx.status->flag & RX_FLAG_DECRYPTED)
return TXRX_CONTINUE;
/* Drop unencrypted frames if key is set. */
memcpy(dst, hdr->addr1, ETH_ALEN);
memcpy(src, hdr->addr3, ETH_ALEN);
- if (sdata->type != IEEE80211_IF_TYPE_STA) {
+ if (sdata->type != IEEE80211_IF_TYPE_STA ||
+ (is_multicast_ether_addr(dst) &&
+ !compare_ether_addr(src, dev->dev_addr)))
return TXRX_DROP;
- }
break;
case 0:
/* DA SA BSSID */
goto ignore;
}
- if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
- rx->sdata->type == IEEE80211_IF_TYPE_AP && keyidx) {
+ if (rx->sdata->type == IEEE80211_IF_TYPE_AP && keyidx) {
/* AP with Pairwise keys support should never receive Michael
* MIC errors for non-zero keyidx because these are reserved
* for group keys and only the AP is sending real multicast
skb_pull(skb, radiotap_len);
}
+ /*
+ * key references are protected using RCU and this requires that
+ * we are in a read-site RCU section during receive processing
+ */
+ rcu_read_lock();
+
hdr = (struct ieee80211_hdr *) skb->data;
memset(&rx, 0, sizeof(rx));
rx.skb = skb;
skb = rx.skb;
skb_push(skb, radiotap_len);
- if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) &&
+ if (sta && !(sta->flags & (WLAN_STA_WDS | WLAN_STA_ASSOC_AP)) &&
!local->iff_promiscs && !is_multicast_ether_addr(hdr->addr1)) {
rx.flags |= IEEE80211_TXRXD_RXRA_MATCH;
ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
rx.sta);
sta_info_put(sta);
+ rcu_read_unlock();
return;
}
read_unlock(&local->sub_if_lock);
end:
+ rcu_read_unlock();
+
if (sta)
sta_info_put(sta);
}