From: Johannes Berg <johannes@sipsolutions.net>
To: John Linville <linville@tuxdriver.com>
Cc: Michael Wu <flamingice@sourmilk.net>, linux-wireless@vger.kernel.org
Subject: [PATCH 16/21] mac80211: consolidate decryption
Date: Thu, 06 Sep 2007 01:42:25 +0200 [thread overview]
Message-ID: <20070905234629.224313000@sipsolutions.net> (raw)
In-Reply-To: 20070905234209.108005000@sipsolutions.net
Currently, we run through all three crypto algorithms for each
received frame even though we have previously determined which
key we have and as such already know which algorithm will be
used. Change it to invoke only the needed function. Also move
the WEP decrypt handler to wep.c so that fewer functions need
to be non-static.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
---
net/mac80211/rx.c | 40 +++++++++++++++++-----------------------
net/mac80211/wep.c | 34 +++++++++++++++++++++++++++++-----
net/mac80211/wep.h | 8 +++-----
net/mac80211/wpa.c | 12 ++++--------
net/mac80211/wpa.h | 4 ++--
5 files changed, 55 insertions(+), 43 deletions(-)
--- wireless-dev.orig/net/mac80211/rx.c 2007-09-06 01:35:21.734453431 +0200
+++ wireless-dev/net/mac80211/rx.c 2007-09-06 01:35:24.464453431 +0200
@@ -569,36 +569,32 @@ ieee80211_rx_h_wep_weak_iv_detection(str
}
static ieee80211_txrx_result
-ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
+ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
{
- if ((rx->key && rx->key->conf.alg != ALG_WEP) ||
- !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
- ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
- ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
- (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
+ if (!(rx->fc & IEEE80211_FCTL_PROTECTED))
return TXRX_CONTINUE;
if (!rx->key) {
if (net_ratelimit())
- printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
- rx->dev->name);
+ printk(KERN_DEBUG "%s: RX protected frame,"
+ " but have no key\n", rx->dev->name);
return TXRX_DROP;
}
- if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) {
- if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
- if (net_ratelimit())
- printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
- "failed\n", rx->dev->name);
- return TXRX_DROP;
- }
- } else if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) {
- ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
- /* remove ICV */
- skb_trim(rx->skb, rx->skb->len - 4);
+ switch (rx->key->conf.alg) {
+ case ALG_WEP:
+ return ieee80211_crypto_wep_decrypt(rx);
+ case ALG_TKIP:
+ return ieee80211_crypto_tkip_decrypt(rx);
+ case ALG_CCMP:
+ return ieee80211_crypto_ccmp_decrypt(rx);
+ case ALG_NONE:
+ return TXRX_CONTINUE;
}
- return TXRX_CONTINUE;
+ /* not reached */
+ WARN_ON(1);
+ return TXRX_DROP;
}
static inline struct ieee80211_fragment_entry *
@@ -1413,10 +1409,8 @@ ieee80211_rx_handler ieee80211_rx_handle
ieee80211_rx_h_check,
ieee80211_rx_h_load_key,
ieee80211_rx_h_sta_process,
- ieee80211_rx_h_ccmp_decrypt,
- ieee80211_rx_h_tkip_decrypt,
ieee80211_rx_h_wep_weak_iv_detection,
- ieee80211_rx_h_wep_decrypt,
+ ieee80211_rx_h_decrypt,
ieee80211_rx_h_defragment,
ieee80211_rx_h_ps_poll,
ieee80211_rx_h_michael_mic_verify,
--- wireless-dev.orig/net/mac80211/wpa.c 2007-09-06 01:34:54.424453431 +0200
+++ wireless-dev/net/mac80211/wpa.c 2007-09-06 01:35:24.464453431 +0200
@@ -417,7 +417,7 @@ ieee80211_tx_h_tkip_encrypt(struct ieee8
ieee80211_txrx_result
-ieee80211_rx_h_tkip_decrypt(struct ieee80211_txrx_data *rx)
+ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
{
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
u16 fc;
@@ -428,9 +428,7 @@ ieee80211_rx_h_tkip_decrypt(struct ieee8
fc = le16_to_cpu(hdr->frame_control);
hdrlen = ieee80211_get_hdrlen(fc);
- if (!rx->key || rx->key->conf.alg != ALG_TKIP ||
- !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
- (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
+ if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
return TXRX_CONTINUE;
if (!rx->sta || skb->len - hdrlen < 12)
@@ -720,7 +718,7 @@ ieee80211_tx_h_ccmp_encrypt(struct ieee8
ieee80211_txrx_result
-ieee80211_rx_h_ccmp_decrypt(struct ieee80211_txrx_data *rx)
+ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
{
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
u16 fc;
@@ -733,9 +731,7 @@ ieee80211_rx_h_ccmp_decrypt(struct ieee8
fc = le16_to_cpu(hdr->frame_control);
hdrlen = ieee80211_get_hdrlen(fc);
- if (!key || key->conf.alg != ALG_CCMP ||
- !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
- (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
+ if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
return TXRX_CONTINUE;
data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
--- wireless-dev.orig/net/mac80211/wpa.h 2007-09-06 01:34:54.454453431 +0200
+++ wireless-dev/net/mac80211/wpa.h 2007-09-06 01:35:24.464453431 +0200
@@ -21,11 +21,11 @@ ieee80211_rx_h_michael_mic_verify(struct
ieee80211_txrx_result
ieee80211_tx_h_tkip_encrypt(struct ieee80211_txrx_data *tx);
ieee80211_txrx_result
-ieee80211_rx_h_tkip_decrypt(struct ieee80211_txrx_data *rx);
+ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx);
ieee80211_txrx_result
ieee80211_tx_h_ccmp_encrypt(struct ieee80211_txrx_data *tx);
ieee80211_txrx_result
-ieee80211_rx_h_ccmp_decrypt(struct ieee80211_txrx_data *rx);
+ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx);
#endif /* WPA_H */
--- wireless-dev.orig/net/mac80211/wep.c 2007-09-06 01:34:54.504453431 +0200
+++ wireless-dev/net/mac80211/wep.c 2007-09-06 01:35:24.474453431 +0200
@@ -63,8 +63,8 @@ static inline int ieee80211_wep_weak_iv(
}
-void ieee80211_wep_get_iv(struct ieee80211_local *local,
- struct ieee80211_key *key, u8 *iv)
+static void ieee80211_wep_get_iv(struct ieee80211_local *local,
+ struct ieee80211_key *key, u8 *iv)
{
local->wep_iv++;
if (ieee80211_wep_weak_iv(local->wep_iv, key->conf.keylen))
@@ -109,9 +109,9 @@ u8 * ieee80211_wep_add_iv(struct ieee802
}
-void ieee80211_wep_remove_iv(struct ieee80211_local *local,
- struct sk_buff *skb,
- struct ieee80211_key *key)
+static void ieee80211_wep_remove_iv(struct ieee80211_local *local,
+ struct sk_buff *skb,
+ struct ieee80211_key *key)
{
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
u16 fc;
@@ -326,3 +326,27 @@ u8 * ieee80211_wep_is_weak_iv(struct sk_
return NULL;
}
+
+ieee80211_txrx_result
+ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx)
+{
+ if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
+ ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
+ (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH))
+ return TXRX_CONTINUE;
+
+ if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) {
+ if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
+ if (net_ratelimit())
+ printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
+ "failed\n", rx->dev->name);
+ return TXRX_DROP;
+ }
+ } else if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) {
+ ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
+ /* remove ICV */
+ skb_trim(rx->skb, rx->skb->len - 4);
+ }
+
+ return TXRX_CONTINUE;
+}
--- wireless-dev.orig/net/mac80211/wep.h 2007-09-06 01:34:54.614453431 +0200
+++ wireless-dev/net/mac80211/wep.h 2007-09-06 01:35:24.474453431 +0200
@@ -18,14 +18,9 @@
int ieee80211_wep_init(struct ieee80211_local *local);
void ieee80211_wep_free(struct ieee80211_local *local);
-void ieee80211_wep_get_iv(struct ieee80211_local *local,
- struct ieee80211_key *key, u8 *iv);
u8 * ieee80211_wep_add_iv(struct ieee80211_local *local,
struct sk_buff *skb,
struct ieee80211_key *key);
-void ieee80211_wep_remove_iv(struct ieee80211_local *local,
- struct sk_buff *skb,
- struct ieee80211_key *key);
void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
size_t klen, u8 *data, size_t data_len);
int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
@@ -37,4 +32,7 @@ int ieee80211_wep_decrypt(struct ieee802
int ieee80211_wep_get_keyidx(struct sk_buff *skb);
u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
+ieee80211_txrx_result
+ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx);
+
#endif /* WEP_H */
--
next prev parent reply other threads:[~2007-09-06 13:46 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-05 23:42 [PATCH 00/21] more mac80211 updates Johannes Berg
2007-09-05 23:42 ` [PATCH 01/21] mac80211: get STA after tx radiotap snipped Johannes Berg
2007-09-05 23:42 ` [PATCH 02/21] mac80211: allow drivers to indicate failed FCS/PLCP checksum Johannes Berg
2007-09-05 23:42 ` [PATCH 03/21] mac80211: revamp interface and filter configuration Johannes Berg
2007-09-06 14:28 ` Michael Buesch
2007-09-06 14:46 ` Johannes Berg
2007-09-06 17:05 ` Ivo van Doorn
2007-09-07 13:23 ` Johannes Berg
2007-09-07 17:56 ` Ivo van Doorn
2007-09-14 3:50 ` Michael Wu
2007-09-14 12:06 ` Johannes Berg
2007-09-05 23:42 ` [PATCH 04/21] mac80211: validate VLAN interfaces better Johannes Berg
2007-09-05 23:42 ` [PATCH 05/21] mac80211: remove key threshold stuff Johannes Berg
2007-09-05 23:42 ` [PATCH 06/21] mac80211: remove IEEE80211_CONF_SSID_HIDDEN and PRISM2_PARAM_BROADCAST_SSID Johannes Berg
2007-09-05 23:42 ` [PATCH 07/21] mac80211: renumber and document the hardware flags Johannes Berg
2007-09-05 23:42 ` [PATCH 08/21] mac80211: document a lot more Johannes Berg
2007-09-05 23:42 ` [PATCH 09/21] wireless networking: move frame inline functions to generic header Johannes Berg
2007-09-05 23:42 ` [PATCH 10/21] mac80211: yet more documentation Johannes Berg
2007-09-05 23:42 ` [PATCH 11/21] mac80211: fix warnings introduced by the doc patches Johannes Berg
2007-09-05 23:42 ` [PATCH 12/21] mac80211: remove tx info sw_retry_attempt member Johannes Berg
2007-09-05 23:42 ` [PATCH 13/21] mac80211: print out wiphy name instead of master device Johannes Berg
2007-09-05 23:42 ` [PATCH 14/21] mac80211 maintainership Johannes Berg
2007-09-05 23:42 ` [PATCH 15/21] mac80211: rename ieee80211_cfg.c to cfg.c Johannes Berg
2007-09-05 23:42 ` Johannes Berg [this message]
2007-09-05 23:42 ` [PATCH 17/21] mac80211: consolidate encryption Johannes Berg
2007-09-05 23:42 ` [PATCH 18/21] mac80211: remove ieee80211_wep_get_keyidx Johannes Berg
2007-09-05 23:42 ` [PATCH 19/21] mac80211: remove crypto algorithm typedef Johannes Berg
2007-09-05 23:42 ` [PATCH 20/21] mac80211: kill IE parse typedef Johannes Berg
2007-09-05 23:42 ` [PATCH 21/21] mac80211: kill vlan_id Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070905234629.224313000@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=flamingice@sourmilk.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).