From: Jouni Malinen <j@w1.fi>
To: "John W. Linville" <linville@tuxdriver.com>,
Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org, Jouni Malinen <j@w1.fi>
Subject: [PATCH 02/14] mac80211: 802.11w - CCMP for management frames
Date: Wed, 07 Jan 2009 13:23:48 +0200 [thread overview]
Message-ID: <20090107112624.923936859@atheros.com> (raw)
In-Reply-To: 20090107112346.369581673@atheros.com
Extend CCMP to support encryption and decryption of unicast management
frames.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
include/linux/ieee80211.h | 30 ++++++++++++++++++++++++++++++
net/mac80211/tx.c | 23 ++++++++++++++++++++++-
net/mac80211/wpa.c | 18 ++++++++++++------
3 files changed, 64 insertions(+), 7 deletions(-)
--- wireless-testing.orig/net/mac80211/tx.c 2008-12-31 17:33:38.000000000 +0200
+++ wireless-testing/net/mac80211/tx.c 2009-01-07 13:07:44.000000000 +0200
@@ -331,6 +331,22 @@ ieee80211_tx_h_multicast_ps_buf(struct i
return TX_CONTINUE;
}
+static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta,
+ struct sk_buff *skb)
+{
+ if (!ieee80211_is_mgmt(fc))
+ return 0;
+
+ if (sta == NULL || !test_sta_flags(sta, WLAN_STA_MFP))
+ return 0;
+
+ if (!ieee80211_is_robust_mgmt_frame((struct ieee80211_hdr *)
+ skb->data))
+ return 0;
+
+ return 1;
+}
+
static ieee80211_tx_result
ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
{
@@ -430,10 +446,15 @@ ieee80211_tx_h_select_key(struct ieee802
if (ieee80211_is_auth(hdr->frame_control))
break;
case ALG_TKIP:
- case ALG_CCMP:
if (!ieee80211_is_data_present(hdr->frame_control))
tx->key = NULL;
break;
+ case ALG_CCMP:
+ if (!ieee80211_is_data_present(hdr->frame_control) &&
+ !ieee80211_use_mfp(hdr->frame_control, tx->sta,
+ tx->skb))
+ tx->key = NULL;
+ break;
}
}
--- wireless-testing.orig/net/mac80211/wpa.c 2008-12-31 17:33:38.000000000 +0200
+++ wireless-testing/net/mac80211/wpa.c 2009-01-07 13:07:44.000000000 +0200
@@ -268,7 +268,7 @@ static void ccmp_special_blocks(struct s
int encrypted)
{
__le16 mask_fc;
- int a4_included;
+ int a4_included, mgmt;
u8 qos_tid;
u8 *b_0, *aad;
u16 data_len, len_a;
@@ -279,12 +279,15 @@ static void ccmp_special_blocks(struct s
aad = scratch + 4 * AES_BLOCK_LEN;
/*
- * Mask FC: zero subtype b4 b5 b6
+ * Mask FC: zero subtype b4 b5 b6 (if not mgmt)
* Retry, PwrMgt, MoreData; set Protected
*/
+ mgmt = ieee80211_is_mgmt(hdr->frame_control);
mask_fc = hdr->frame_control;
- mask_fc &= ~cpu_to_le16(0x0070 | IEEE80211_FCTL_RETRY |
+ mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
+ if (!mgmt)
+ mask_fc &= ~cpu_to_le16(0x0070);
mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
hdrlen = ieee80211_hdrlen(hdr->frame_control);
@@ -302,8 +305,10 @@ static void ccmp_special_blocks(struct s
/* First block, b_0 */
b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
- /* Nonce: QoS Priority | A2 | PN */
- b_0[1] = qos_tid;
+ /* Nonce: Nonce Flags | A2 | PN
+ * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7)
+ */
+ b_0[1] = qos_tid | (mgmt << 4);
memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
memcpy(&b_0[8], pn, CCMP_PN_LEN);
/* l(m) */
@@ -449,7 +454,8 @@ ieee80211_crypto_ccmp_decrypt(struct iee
hdrlen = ieee80211_hdrlen(hdr->frame_control);
- if (!ieee80211_is_data(hdr->frame_control))
+ if (!ieee80211_is_data(hdr->frame_control) &&
+ !ieee80211_is_robust_mgmt_frame(hdr))
return RX_CONTINUE;
data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
--- wireless-testing.orig/include/linux/ieee80211.h 2008-12-31 17:33:38.000000000 +0200
+++ wireless-testing/include/linux/ieee80211.h 2009-01-07 13:07:44.000000000 +0200
@@ -1030,6 +1030,7 @@ enum ieee80211_category {
WLAN_CATEGORY_QOS = 1,
WLAN_CATEGORY_DLS = 2,
WLAN_CATEGORY_BACK = 3,
+ WLAN_CATEGORY_PUBLIC = 4,
WLAN_CATEGORY_WMM = 17,
};
@@ -1186,6 +1187,35 @@ static inline u8 *ieee80211_get_DA(struc
}
/**
+ * ieee80211_is_robust_mgmt_frame - check if frame is a robust management frame
+ * @hdr: the frame (buffer must include at least the first octet of payload)
+ */
+static inline bool ieee80211_is_robust_mgmt_frame(struct ieee80211_hdr *hdr)
+{
+ if (ieee80211_is_disassoc(hdr->frame_control) ||
+ ieee80211_is_deauth(hdr->frame_control))
+ return true;
+
+ if (ieee80211_is_action(hdr->frame_control)) {
+ u8 *category;
+
+ /*
+ * Action frames, excluding Public Action frames, are Robust
+ * Management Frames. However, if we are looking at a Protected
+ * frame, skip the check since the data may be encrypted and
+ * the frame has already been found to be a Robust Management
+ * Frame (by the other end).
+ */
+ if (ieee80211_has_protected(hdr->frame_control))
+ return true;
+ category = ((u8 *) hdr) + 24;
+ return *category != WLAN_CATEGORY_PUBLIC;
+ }
+
+ return false;
+}
+
+/**
* ieee80211_fhss_chan_to_freq - get channel frequency
* @channel: the FHSS channel
*
--
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2009-01-07 11:27 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-07 11:23 [PATCH 00/14] mac80211: IEEE 802.11w (management frame protection) Jouni Malinen
2009-01-07 11:23 ` [PATCH 01/14] mac80211: 802.11w - STA flag for MFP Jouni Malinen
2009-01-07 11:23 ` Jouni Malinen [this message]
2009-01-07 11:23 ` [PATCH 03/14] mac80211: 802.11w - Add BIP (AES-128-CMAC) Jouni Malinen
2009-01-07 11:23 ` [PATCH 04/14] mac80211: 802.11w - Use " Jouni Malinen
2009-01-07 11:23 ` [PATCH 05/14] mac80211: 802.11w - WEXT parameter for setting mgmt cipher Jouni Malinen
2009-01-07 11:23 ` [PATCH 06/14] mac80211: 802.11w - WEXT configuration for IGTK Jouni Malinen
2009-01-07 11:23 ` [PATCH 07/14] mac80211: 802.11w - Configuration of MFP disabled/optional/required Jouni Malinen
2009-01-07 11:23 ` [PATCH 08/14] mac80211: 802.11w - SA Query processing Jouni Malinen
2009-01-07 11:23 ` [PATCH 09/14] mac80211: 802.11w - Do not force Action frames to disable encryption Jouni Malinen
2009-01-07 11:23 ` [PATCH 10/14] mac80211: 802.11w - Drop unprotected robust management frames if MFP is used Jouni Malinen
2009-01-07 11:23 ` [PATCH 11/14] mac80211: 802.11w - Implement Association Comeback processing Jouni Malinen
2009-01-07 11:23 ` [PATCH 12/14] mac80211: 802.11w - Optional software CCMP for management frames Jouni Malinen
2009-01-07 12:08 ` Johannes Berg
2009-01-07 12:24 ` Jouni Malinen
2009-01-07 12:47 ` Johannes Berg
2009-01-07 14:09 ` Jouni Malinen
2009-01-07 15:09 ` Johannes Berg
2009-01-07 15:30 ` Jouni Malinen
2009-01-07 15:37 ` Johannes Berg
2009-01-07 16:33 ` Jouni Malinen
2009-01-07 16:37 ` Johannes Berg
2009-01-08 9:57 ` Helmut Schaa
2009-01-08 10:48 ` Jouni Malinen
2009-01-08 12:08 ` Helmut Schaa
2009-01-08 12:18 ` Jouni Malinen
2009-01-08 12:25 ` Johannes Berg
2009-01-08 12:29 ` Helmut Schaa
[not found] ` <226823.3656.qm@web57008.mail.re3.yahoo.com>
2009-01-08 12:44 ` [patch] vif_conf.patch failed to patch git wireless-testing (07-01-2009) Jouni Malinen
2009-01-07 11:23 ` [PATCH 13/14] ath9k: Fix set_key error codes Jouni Malinen
2009-01-07 11:24 ` [PATCH 14/14] ath9k: Setup MFP options for CCMP Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090107112624.923936859@atheros.com \
--to=j@w1.fi \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).