From patchwork Tue Aug 1 22:43:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Skeffington X-Patchwork-Id: 9875647 X-Patchwork-Delegate: kvalo@adurom.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id D069860390 for ; Tue, 1 Aug 2017 22:43:56 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C37BB2873A for ; Tue, 1 Aug 2017 22:43:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B86482874C; Tue, 1 Aug 2017 22:43:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.4 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CB9D828749 for ; Tue, 1 Aug 2017 22:43:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751779AbdHAWnf (ORCPT ); Tue, 1 Aug 2017 18:43:35 -0400 Received: from mail-qk0-f179.google.com ([209.85.220.179]:34389 "EHLO mail-qk0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751049AbdHAWne (ORCPT ); Tue, 1 Aug 2017 18:43:34 -0400 Received: by mail-qk0-f179.google.com with SMTP id u139so17725034qka.1 for ; Tue, 01 Aug 2017 15:43:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=astro-ai.20150623.gappssmtp.com; s=20150623; h=mime-version:reply-to:from:date:message-id:subject:to; bh=oaKNevRxh+8yJOXWHc3BNfCfgjoSFmJ3R+zkb6VKYM0=; b=Ngw1EE/7m0WbKKlt/X541tJpGmej+Uw3J+zjxJycj7QHixGlXXBzvh+B3N4s5zckEU Aktsz6km5kifLl1cZ2Wp7drvdkqTND3YWtZb7VRO7iMzqf6t0XXLbFk/5YmpFkU5vcxG Ds5kWQrQnKxEIdtLvFKBzO/lDqiEt1gXZyxABP4dGMRUROBef3v+Eh9jnYwLgXkWztdb 8XeITi5Pb+Nyjbp2h0H7c+yqksIQ80T90p4l01hFGo72d7EgffMp+gHxUgVhGpX8GVbJ HJskNdjmIWtD3KN6THmmzQXft31y2WFF42/6zfUT/y17FQBPZqWQ7OGyHpXS0ABzNZHG KuEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:from:date:message-id :subject:to; bh=oaKNevRxh+8yJOXWHc3BNfCfgjoSFmJ3R+zkb6VKYM0=; b=VnayboxYcJY875IqoKjX1DXEiTAClfvQscMj71/L+xsIYg/eempae7K0QMIAkT6vsw aMbAfYJ5x37Mi2gCnl0X9/0g5FfLTBJFOH5qA86EvRGcVt5kZspHYaaOTmwPjhh21pb6 79FZdT5LTtbYDQlb5K+BHTLXIsrEurD890QVWlouaJ4R9VTq6r7n7geoxx9cbYFMH5z5 7aPv7QGlXkzwiLWAHalzyr6sSKBL7DkzyvXJNE7Lzq5cpe4RpxLdDv4NyWnvOhYWO9fg FKUDnNqMGvYJRLr5jvyaHVibv0Von/3RzZJZKsnkZUZBqfFmTM6Je/ITKMMZqbs5bYfv 6rUQ== X-Gm-Message-State: AIVw1125ofaGF7kF0gv9IbVbQuH4ziKSrv2oMrAGhhX4f7dQNMDzPM7Y OQ7ZzJVS+8d8WT+P0T2EJKDUevn5JpLLn/17lA== X-Received: by 10.55.15.34 with SMTP id z34mr26491520qkg.19.1501627413738; Tue, 01 Aug 2017 15:43:33 -0700 (PDT) MIME-Version: 1.0 Received: by 10.237.46.197 with HTTP; Tue, 1 Aug 2017 15:43:33 -0700 (PDT) Reply-To: mike@hellotwist.com From: Michael Skeffington Date: Tue, 1 Aug 2017 18:43:33 -0400 Message-ID: Subject: [PATCH] rt2x00: Fix MMIC countermeasures. To: linux-wireless@vger.kernel.org, Kalle Valo Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Mac80211 doesnt check MMIC failure until after falling through the check for whether the packet is decrypted. Therefore, this driver never causes MMIC countermeasures to be initiated. This change may (or may not) be relevant for rt2500usb, rt73usb, and rt61pci as well but I don't have any of those devices to test with. Signed-off-by: Michael Skeffington --- + } } if (rt2x00_get_field32(word, RXD_W0_MY_BSS)) diff --git a/drivers/net/wireless/ralink/rt2x00/rt2800mmio.c b/drivers/net/wireless/ralink/rt2x00/rt2800mmio.c index ee5276e233fa..ace91a2db756 100644 --- a/drivers/net/wireless/ralink/rt2x00/rt2800mmio.c +++ b/drivers/net/wireless/ralink/rt2x00/rt2800mmio.c @@ -136,10 +136,19 @@ void rt2800mmio_fill_rxdone(struct queue_entry *entry, */ rxdesc->flags |= RX_FLAG_MMIC_STRIPPED; - if (rxdesc->cipher_status == RX_CRYPTO_SUCCESS) + if (rxdesc->cipher_status == RX_CRYPTO_SUCCESS) { rxdesc->flags |= RX_FLAG_DECRYPTED; - else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC) + } else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC) { + /* + * In order to check the Michael Mic, the packet must have + * been decrypted. Mac80211 doesnt check the MMIC failure + * flag to initiate MMIC countermeasures if the decoded flag + * has not been set. + */ + rxdesc->flags |= RX_FLAG_DECRYPTED; + rxdesc->flags |= RX_FLAG_MMIC_ERROR; + } } if (rt2x00_get_field32(word, RXD_W3_MY_BSS)) diff --git a/drivers/net/wireless/ralink/rt2x00/rt2800usb.c b/drivers/net/wireless/ralink/rt2x00/rt2800usb.c index 685b8e0cd67d..7e5f397c37f9 100644 --- a/drivers/net/wireless/ralink/rt2x00/rt2800usb.c +++ b/drivers/net/wireless/ralink/rt2x00/rt2800usb.c @@ -697,11 +697,20 @@ static void rt2800usb_fill_rxdone(struct queue_entry *entry, * stripped it from the frame. Signal this to mac80211. */ rxdesc->flags |= RX_FLAG_MMIC_STRIPPED; - - if (rxdesc->cipher_status == RX_CRYPTO_SUCCESS) + + if (rxdesc->cipher_status == RX_CRYPTO_SUCCESS) { + rxdesc->flags |= RX_FLAG_DECRYPTED; + } else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC) { + /* + * In order to check the Michael Mic, the packet must have + * been decrypted. Mac80211 doesnt check the MMIC failure + * flag to initiate MMIC countermeasures if the decoded flag + * has not been set. + */ rxdesc->flags |= RX_FLAG_DECRYPTED; - else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC) + rxdesc->flags |= RX_FLAG_MMIC_ERROR;