From: Wright Feng <wright.feng@cypress.com>
To: linux-wireless@vger.kernel.org
Cc: wright.feng@cypress.com, brcm80211-dev-list@broadcom.com,
brcm80211-dev-list@cypress.com,
Arend van Spriel <arend.vanspriel@broadcom.com>,
Franky Lin <franky.lin@broadcom.com>,
Hante Meuleman <hante.meuleman@broadcom.com>,
Kalle Valo <kvalo@codeaurora.org>,
chi-hsien.lin@cypress.com, Soontak Lee <soontak.lee@cypress.com>
Subject: [PATCH 3/3] brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys
Date: Wed, 6 May 2020 08:03:21 -0500 [thread overview]
Message-ID: <1588770201-54361-4-git-send-email-wright.feng@cypress.com> (raw)
In-Reply-To: <1588770201-54361-1-git-send-email-wright.feng@cypress.com>
From: Soontak Lee <soontak.lee@cypress.com>
When plumbing rxiv for (GTK) keys, current code does not use seq/seq_len
when present nor set iv_initialized for iovar wsec_key. This could
result in missing broadcast traffic after GTK rekey. The fix is setting
iv_initialized and using seq/seq_len for iovar wsec_key.
Signed-off-by: Soontak Lee <soontak.lee@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
Signed-off-by: Wright Feng <wright.feng@cypress.com>
---
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 4c86ed2..b20ccfd 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -2468,6 +2468,17 @@ brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
if (!ext_key)
key->flags = BRCMF_PRIMARY_KEY;
+ if (params->seq && params->seq_len == 6) {
+ /* rx iv */
+ u8 *ivptr;
+
+ ivptr = (u8 *)params->seq;
+ key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
+ (ivptr[3] << 8) | ivptr[2];
+ key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
+ key->iv_initialized = true;
+ }
+
switch (params->cipher) {
case WLAN_CIPHER_SUITE_WEP40:
key->algo = CRYPTO_ALGO_WEP1;
--
2.1.0
prev parent reply other threads:[~2020-05-06 13:05 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-06 13:03 [PATCH 0/3] brcmfmac: connection and action frame change series Wright Feng
2020-05-06 13:03 ` [PATCH 1/3] brcmfmac: set security after reiniting interface Wright Feng
2020-05-12 8:51 ` Kalle Valo
2020-05-06 13:03 ` [PATCH 2/3] brcmfmac: use actframe_abort to cancel ongoing action frame Wright Feng
2020-05-06 13:03 ` Wright Feng [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1588770201-54361-4-git-send-email-wright.feng@cypress.com \
--to=wright.feng@cypress.com \
--cc=arend.vanspriel@broadcom.com \
--cc=brcm80211-dev-list@broadcom.com \
--cc=brcm80211-dev-list@cypress.com \
--cc=chi-hsien.lin@cypress.com \
--cc=franky.lin@broadcom.com \
--cc=hante.meuleman@broadcom.com \
--cc=kvalo@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
--cc=soontak.lee@cypress.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.