[1/2] mac80211: Drop protected data frames that have not been decrypted

Commit Message

Benoit PAPILLAULT Feb. 14, 2010, 11:37 p.m. UTC

None

Patch

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index c9755f3..22ae6ee 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -1397,6 +1397,14 @@  ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx, __le16 fc)
 		     ieee80211_is_data(fc) &&
 		     (rx->key || rx->sdata->drop_unencrypted)))
 		return -EACCES;
+	/*
+	 * Drop encrypted frames that have not been decrypted. This
+	 * happens for frames that are sent by an AP to another STA
+	 */
+	if (ieee80211_has_protected(fc) &&
+	    !(status->flag & RX_FLAG_DECRYPTED)) {
+		return -EACCES;
+	}
 	if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) {
 		if (unlikely(ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
 			     rx->key))