From patchwork Tue Mar 17 10:47:33 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 6030981 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: X-Original-To: patchwork-linux-wireless@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id F36259F314 for ; Tue, 17 Mar 2015 10:48:00 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 1F46820453 for ; Tue, 17 Mar 2015 10:48:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id D63B020443 for ; Tue, 17 Mar 2015 10:47:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933545AbbCQKrx (ORCPT ); Tue, 17 Mar 2015 06:47:53 -0400 Received: from sbg-il.ceva-dsp.com ([195.82.128.8]:48112 "EHLO sbg-il.ceva-dsp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933481AbbCQKrn convert rfc822-to-8bit (ORCPT ); Tue, 17 Mar 2015 06:47:43 -0400 X-AuditID: ac181808-f798d6d000000db0-3b-55080646d0e5 Received: from ilmail1.ceva-dsp.com (ilmail1.corp.local [192.168.61.16]) by sbg-il.ceva-dsp.com (CEVA eMail Gateway) with SMTP id A4.D1.03504.64608055; Tue, 17 Mar 2015 12:47:34 +0200 (IST) Received: from ILMAIL1.corp.local ([192.168.61.16]) by ILMAIL1.corp.local ([192.168.61.16]) with mapi id 14.03.0210.002; Tue, 17 Mar 2015 12:47:33 +0200 From: Cedric Izoard To: "linux-wireless@vger.kernel.org" CC: Johannes Berg Subject: [PATCH v4] mac80211: Get IV len from key conf and not cipher scheme Thread-Topic: [PATCH v4] mac80211: Get IV len from key conf and not cipher scheme Thread-Index: AdBgn8XLtouefXeYSY2xRY+ikm2jjA== Date: Tue, 17 Mar 2015 10:47:33 +0000 Message-ID: <5842EA9CC042B141995329508713AD672105BFDA@ILMAIL1.corp.local> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.168.65.5] MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrKJsWRmVeSWpSXmKPExsVyYIWtgK4bG0eowYtTQhYfN3xisXiz4g67 A5NHf+82Fo/Pm+QCmKK4bFJSczLLUov07RK4MnYcmMdScEey4um9TYwNjEdFuxg5OSQETCQu /Z7DCmGLSVy4t56ti5GLQ0hgP6PEojU/mCGcOYwSDxr/sYNUsQkYSBw8dYkZxBYRcJWYunEz mM0soCvRermXDcQWFvCRaJs0CaomWKKtby2QzQFk60m0t0mAhFkEVCVOTP7NAmLzCnhKrLt/ jBHEZgQ64vupNUwQI8Ulbj2ZzwRxnIDEkj3nmSFsUYmXj/9BHa0gsfP+P0aIeh2JBbs/sUHY 2hLLFr5mhpgvKHFy5hOWCYwis5CMnYWkZRaSlllIWhYwsqxiFC5OStfNzNFLTi1L1E0pLtBL zs/dxAiMhDUSEhw7GL/ssjrEKMDBqMTDe5OFI1SINbGsuDL3EKMlB5OSKO/dH+yhQnxJ+SmV GYnFGfFFpTmpxUpyvGeNWUOFxOHCxaXFBZnJmfmlxfGlRTmHGCU4mJVEeFNYgcbxpiRWVqUW 5UO0HmKU5mBREucV+j0lUEggPbEkNTs1tSC1CCZrz8GhJMHbDNIoWJSanlqRlplTApNWUuSt NgHaK4Usg241EwfnIUZzDh6g/TvA9hcXJOYWZ6ZDjZDltQUZIQYTRdV+itFaSpz3AEifAEhF Rmke3HYpBd4lHWyhQpJIEqi6XzGaAoNRmJcPpJ8HmNwR1srw+oKsFYUKouszB4a1CG9LOxvI vSWJJcjulQBZKgYTRdUp1cC4PKJM+ZSGmMX/ZSu2Gr/uENpX9Ktu5aPlRX89uXfHSV3fse64 9Ef++sLTp10WMv/Zdmr3z4t9nCauM8wSr0hMljqgpHa39OSctb8eqWtO+/zh074NTgFcdqtf 3Hdbc8op79k8zk6vnIbDx79fK7RTeJ+b4vVxTswJp4iEp8l/379I3bR2xeFoRiWW4oxEQy3m ouJEAFmYROLoAwAA Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP When a key is installed using a cipher scheme, a new internal flag KEY_FLAG_CIPHER_SCHEME is set. This flag is used on TX path to test for "cipher scheme" key, instead of testing for sta->cipher_scheme as sta is NULL for bcast/mcast messages. For cipher scheme key, security header length is then read from key->conf.iv_len initialized with cs->hdr_len. Signed-off-by: Cedric Izoard --- net/mac80211/key.c | 1 + net/mac80211/key.h | 1 + net/mac80211/wpa.c | 13 ++++++------- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/net/mac80211/key.c b/net/mac80211/key.c index 0825d76..2291cd7 100644 --- a/net/mac80211/key.c +++ b/net/mac80211/key.c @@ -492,6 +492,7 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, for (j = 0; j < len; j++) key->u.gen.rx_pn[i][j] = seq[len - j - 1]; + key->flags |= KEY_FLAG_CIPHER_SCHEME; } } memcpy(key->conf.key, key_data, key_len); diff --git a/net/mac80211/key.h b/net/mac80211/key.h index d57a9915..2fe2e2b 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h @@ -34,6 +34,7 @@ struct sta_info; enum ieee80211_internal_key_flags { KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0), KEY_FLAG_TAINTED = BIT(1), + KEY_FLAG_CIPHER_SCHEME = BIT(2), }; enum ieee80211_internal_tkip_state { diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 75de6fa..9d63d93 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -780,9 +780,8 @@ ieee80211_crypto_cs_encrypt(struct ieee80211_tx_data *tx, struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; struct ieee80211_key *key = tx->key; struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); - const struct ieee80211_cipher_scheme *cs = key->sta->cipher_scheme; int hdrlen; - u8 *pos; + u8 *pos, iv_len = key->conf.iv_len; if (info->control.hw_key && !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) { @@ -790,14 +789,14 @@ ieee80211_crypto_cs_encrypt(struct ieee80211_tx_data *tx, return TX_CONTINUE; } - if (unlikely(skb_headroom(skb) < cs->hdr_len && - pskb_expand_head(skb, cs->hdr_len, 0, GFP_ATOMIC))) + if (unlikely(skb_headroom(skb) < iv_len && + pskb_expand_head(skb, iv_len, 0, GFP_ATOMIC))) return TX_DROP; hdrlen = ieee80211_hdrlen(hdr->frame_control); - pos = skb_push(skb, cs->hdr_len); - memmove(pos, pos + cs->hdr_len, hdrlen); + pos = skb_push(skb, iv_len); + memmove(pos, pos + iv_len, hdrlen); return TX_CONTINUE; } @@ -1217,7 +1216,7 @@ ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx) if (!info->control.hw_key) return TX_DROP; - if (tx->key->sta->cipher_scheme) { + if (tx->key->flags & KEY_FLAG_CIPHER_SCHEME) { res = ieee80211_crypto_cs_encrypt(tx, skb); if (res != TX_CONTINUE) return res;