Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 39184b15 authored by Zhu Yi's avatar Zhu Yi Committed by John W. Linville
Browse files

mac80211: delay skb linearising in rx decryption 



We delay the skb linearising in ieee80211_rx_h_decrypt so that
frames do not require software decryption are not linearized. We
are safe to do this because ieee80211_get_mmie_keyidx() only
requires to touch nonlinear data for management frames, which are
already linearized before getting here.

Cc: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarZhu Yi <yi.zhu@intel.com>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 1805a34f

net/mac80211/rx.c

+9 −7
Original line number Original line Diff line number Diff line
@@ -820,7 +820,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
{

{

	struct sk_buff *skb = rx->skb;

	struct sk_buff *skb = rx->skb;

	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);

	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);

	struct ieee80211_hdr *hdr;

	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;

	int keyidx;

	int keyidx;

	int hdrlen;

	int hdrlen;

	ieee80211_rx_result result = RX_DROP_UNUSABLE;

	ieee80211_rx_result result = RX_DROP_UNUSABLE;
@@ -861,11 +861,6 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
	if (!(rx->flags & IEEE80211_RX_RA_MATCH))

	if (!(rx->flags & IEEE80211_RX_RA_MATCH))

		return RX_CONTINUE;

		return RX_CONTINUE;





	if (skb_linearize(rx->skb))

		return RX_DROP_UNUSABLE;



	hdr = (struct ieee80211_hdr *)skb->data;



	/* start without a key */

	/* start without a key */

	rx->key = NULL;

	rx->key = NULL;
@@ -906,6 +901,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
			rx->key = key;

			rx->key = key;

		return RX_CONTINUE;

		return RX_CONTINUE;

	} else {

	} else {

		u8 keyid;

		/*

		/*

		 * The device doesn't give us the IV so we won't be

		 * The device doesn't give us the IV so we won't be

		 * able to look up the key. That's ok though, we

		 * able to look up the key. That's ok though, we
@@ -928,7 +924,8 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
		 * no need to call ieee80211_wep_get_keyidx,

		 * no need to call ieee80211_wep_get_keyidx,

		 * it verifies a bunch of things we've done already

		 * it verifies a bunch of things we've done already

		 */

		 */

		keyidx = rx->skb->data[hdrlen + 3] >> 6;

		skb_copy_bits(rx->skb, hdrlen + 3, &keyid, 1);

		keyidx = keyid >> 6;





		rx->key = rcu_dereference(rx->sdata->keys[keyidx]);

		rx->key = rcu_dereference(rx->sdata->keys[keyidx]);
@@ -949,6 +946,11 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) 
		return RX_DROP_MONITOR;

		return RX_DROP_MONITOR;

	}

	}





	if (skb_linearize(rx->skb))

		return RX_DROP_UNUSABLE;



	hdr = (struct ieee80211_hdr *)rx->skb->data;



	/* Check for weak IVs if possible */

	/* Check for weak IVs if possible */

	if (rx->sta && rx->key->conf.alg == ALG_WEP &&

	if (rx->sta && rx->key->conf.alg == ALG_WEP &&

	    ieee80211_is_data(hdr->frame_control) &&

	    ieee80211_is_data(hdr->frame_control) &&