diff mbox series

[v2] mt76: do not pass the received frame with decryption error

Message ID 20211110025404.174080-1-xing.song@mediatek.com (mailing list archive)
State Changes Requested
Delegated to: Felix Fietkau
Headers show
Series [v2] mt76: do not pass the received frame with decryption error | expand

Commit Message

Xing Song Nov. 10, 2021, 2:54 a.m. UTC
Drop the received frame if decryption failed and mac80211 can not
handle it.

Signed-off-by: Xing Song <xing.song@mediatek.com>
---
v2: check for cipher mismatch or frame format error
---
 drivers/net/wireless/mediatek/mt76/mt7603/mac.c | 4 ++++
 drivers/net/wireless/mediatek/mt76/mt7615/mac.c | 8 +++++++-
 drivers/net/wireless/mediatek/mt76/mt7915/mac.c | 8 +++++++-
 drivers/net/wireless/mediatek/mt76/mt7921/mac.c | 8 +++++++-
 4 files changed, 25 insertions(+), 3 deletions(-)

Comments

Felix Fietkau Nov. 12, 2021, 11:52 a.m. UTC | #1
On 2021-11-10 03:54, Xing Song wrote:
> Drop the received frame if decryption failed and mac80211 can not
> handle it.
> 
> Signed-off-by: Xing Song <xing.song@mediatek.com>
What happens if decryption failed? Do we receive the encrypted packets?
If so, I think we should return -EINVAL only if we don't have any 
monitor mode interfaces. If monitor mode is active, we should probably 
just clear RX_FLAG_DECRYPTED instead.

- Felix
diff mbox series

Patch

diff --git a/drivers/net/wireless/mediatek/mt76/mt7603/mac.c b/drivers/net/wireless/mediatek/mt76/mt7603/mac.c
index fe03e31989bb..b6f2366d155e 100644
--- a/drivers/net/wireless/mediatek/mt76/mt7603/mac.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7603/mac.c
@@ -525,6 +525,10 @@  mt7603_mac_fill_rx(struct mt7603_dev *dev, struct sk_buff *skb)
 	if (rxd2 & MT_RXD2_NORMAL_TKIP_MIC_ERR)
 		status->flag |= RX_FLAG_MMIC_ERROR;
 
+	/* ICV error or CCMP/BIP/WPI MIC error */
+	if (rxd2 & MT_RXD2_NORMAL_ICV_ERR)
+		return -EINVAL;
+
 	if (FIELD_GET(MT_RXD2_NORMAL_SEC_MODE, rxd2) != 0 &&
 	    !(rxd2 & (MT_RXD2_NORMAL_CLM | MT_RXD2_NORMAL_CM))) {
 		status->flag |= RX_FLAG_DECRYPTED;
diff --git a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c
index 423f69015e3e..10896cb35dd5 100644
--- a/drivers/net/wireless/mediatek/mt76/mt7615/mac.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7615/mac.c
@@ -286,9 +286,15 @@  static int mt7615_mac_fill_rx(struct mt7615_dev *dev, struct sk_buff *skb)
 	if (rxd2 & MT_RXD2_NORMAL_AMSDU_ERR)
 		return -EINVAL;
 
+	hdr_trans = rxd1 & MT_RXD1_NORMAL_HDR_TRANS;
+
+	/* MT_RXD2_NORMAL_ICV_ERR: ICV error or CCMP/BIP/WPI MIC error */
+	if ((rxd2 & MT_RXD2_NORMAL_ICV_ERR) ||
+	    (hdr_trans && (rxd2 & (MT_RXD2_NORMAL_CLM | MT_RXD2_NORMAL_CM))))
+		return -EINVAL;
+
 	unicast = (rxd1 & MT_RXD1_NORMAL_ADDR_TYPE) == MT_RXD1_NORMAL_U2M;
 	idx = FIELD_GET(MT_RXD2_NORMAL_WLAN_IDX, rxd2);
-	hdr_trans = rxd1 & MT_RXD1_NORMAL_HDR_TRANS;
 	status->wcid = mt7615_rx_get_wcid(dev, idx, unicast);
 
 	if (status->wcid) {
diff --git a/drivers/net/wireless/mediatek/mt76/mt7915/mac.c b/drivers/net/wireless/mediatek/mt76/mt7915/mac.c
index 5fcf35f2d9fb..02e5ce4cc71d 100644
--- a/drivers/net/wireless/mediatek/mt76/mt7915/mac.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7915/mac.c
@@ -426,9 +426,15 @@  mt7915_mac_fill_rx(struct mt7915_dev *dev, struct sk_buff *skb)
 	if (rxd2 & MT_RXD2_NORMAL_AMSDU_ERR)
 		return -EINVAL;
 
+	hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS;
+
+	/* MT_RXD1_NORMAL_ICV_ERR: ICV error or CCMP/BIP/WPI MIC error */
+	if ((rxd1 & MT_RXD1_NORMAL_ICV_ERR) ||
+	    (hdr_trans && (rxd1 & (MT_RXD1_NORMAL_CLM | MT_RXD1_NORMAL_CM))))
+		return -EINVAL;
+
 	unicast = FIELD_GET(MT_RXD3_NORMAL_ADDR_TYPE, rxd3) == MT_RXD3_NORMAL_U2M;
 	idx = FIELD_GET(MT_RXD1_NORMAL_WLAN_IDX, rxd1);
-	hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS;
 	status->wcid = mt7915_rx_get_wcid(dev, idx, unicast);
 
 	if (status->wcid) {
diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/mac.c b/drivers/net/wireless/mediatek/mt76/mt7921/mac.c
index db3302b1576a..9c814ef9c0ba 100644
--- a/drivers/net/wireless/mediatek/mt76/mt7921/mac.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7921/mac.c
@@ -428,10 +428,16 @@  mt7921_mac_fill_rx(struct mt7921_dev *dev, struct sk_buff *skb)
 	if (rxd2 & MT_RXD2_NORMAL_AMSDU_ERR)
 		return -EINVAL;
 
+	hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS;
+
+	/* MT_RXD1_NORMAL_ICV_ERR: ICV error or CCMP/BIP/WPI MIC error */
+	if ((rxd1 & MT_RXD1_NORMAL_ICV_ERR) ||
+	    (hdr_trans && (rxd1 & (MT_RXD1_NORMAL_CLM | MT_RXD1_NORMAL_CM))))
+		return -EINVAL;
+
 	chfreq = FIELD_GET(MT_RXD3_NORMAL_CH_FREQ, rxd3);
 	unicast = FIELD_GET(MT_RXD3_NORMAL_ADDR_TYPE, rxd3) == MT_RXD3_NORMAL_U2M;
 	idx = FIELD_GET(MT_RXD1_NORMAL_WLAN_IDX, rxd1);
-	hdr_trans = rxd2 & MT_RXD2_NORMAL_HDR_TRANS;
 	status->wcid = mt7921_rx_get_wcid(dev, idx, unicast);
 
 	if (status->wcid) {