From patchwork Tue Aug 25 08:58:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?SsOpcsO0bWUgUG91aWxsZXI=?= X-Patchwork-Id: 259486 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.4 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER, RCVD_ILLEGAL_IP, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0388BC433E1 for ; Tue, 25 Aug 2020 09:01:01 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C32412067C for ; Tue, 25 Aug 2020 09:01:00 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=silabs.onmicrosoft.com header.i=@silabs.onmicrosoft.com header.b="QbJhjos3" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729604AbgHYI7V (ORCPT ); Tue, 25 Aug 2020 04:59:21 -0400 Received: from mail-dm6nam12on2052.outbound.protection.outlook.com ([40.107.243.52]:53959 "EHLO NAM12-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728033AbgHYI7R (ORCPT ); Tue, 25 Aug 2020 04:59:17 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vg+W7PDZBIL4SJMIN0dfTm3JFc7pV0lcbCIOXWVcwJG0WnnyjWUHg1rMonn3jjwesXiHDgL2C2FmRSp7QBxyiWidx3EOgTHY6KFve46FUn8W1F6nkhrnfCxf2gK2mByboSAR33GAIQoLx+N7WOvPa0exrIgFCgL9G3D57DvspwzBKscuza70HJqVHzlyZM0oLJOaqAQDknR1qcTqeeJuUEe1+ADC/G0nFJZ3fcofW5e5D9RbsnftDA8TEkKQUBL4ojIwuPJEGxx4BIfeqrFyRzkNyXtfZwUwgfSeUUOOyQ8wQ2ExrTx2GdQo9UAk9ID0B1LfERoR2921sh0QwleVeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6h3ZZF67h4YqACm/j8Eh1W5rXu/X68RUEDVrbinPXJ0=; b=JF6ngQGNABGxMe6SPYdiEH1O45T1SF1s0VHbwkdoBW4013Xa9ykPgI7wm+ADFRS0KSvFCsOuujdF9HvFgYjzvtoGL3iCo/FqbF4Tr6YZ/p4bz7XK14Fi3zAOugid2nPANXdXioU9d/dG7tkaX8mxmOgFemVsmP9yAJgIOPolmJzGqVG9ZkHEtY5nGgAd7cRYeRoD2cHajfHDJo+ejTr0Qbt2Ye8YnWxKMTaijkxxD+N8+cuLvStALq59crAge/4wor3XqdinmbjeiTEk3fhIuikYpokJPmI9f3Q3DwEORqj5jcmN3vSuYN4J7rwr0itDVRWahOrPLe5qXY7PK5tYGw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=silabs.com; dmarc=pass action=none header.from=silabs.com; dkim=pass header.d=silabs.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=silabs.onmicrosoft.com; s=selector2-silabs-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6h3ZZF67h4YqACm/j8Eh1W5rXu/X68RUEDVrbinPXJ0=; b=QbJhjos3c1kDix+KtOgrunykT2zf55n41QJpXBkrk3v/ZmToAY5zDLH8/S0KqBoRcawBl2a01YrSdO51eyD+4wsV2DKYFkc1E3VPbEp8dGc8umrLMZB6saTiopqOMsuSZ81Z2DNE4ic/E+InWfjNJt3T3jNTz4U9iSm8UB4Q8dc= Authentication-Results: driverdev.osuosl.org; dkim=none (message not signed) header.d=none; driverdev.osuosl.org; dmarc=none action=none header.from=silabs.com; Received: from SN6PR11MB2718.namprd11.prod.outlook.com (2603:10b6:805:63::18) by SN6PR11MB3501.namprd11.prod.outlook.com (2603:10b6:805:d4::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3305.26; Tue, 25 Aug 2020 08:59:01 +0000 Received: from SN6PR11MB2718.namprd11.prod.outlook.com ([fe80::85c9:1aa9:aeab:3fa6]) by SN6PR11MB2718.namprd11.prod.outlook.com ([fe80::85c9:1aa9:aeab:3fa6%4]) with mapi id 15.20.3305.026; Tue, 25 Aug 2020 08:59:01 +0000 From: Jerome Pouiller To: devel@driverdev.osuosl.org, linux-wireless@vger.kernel.org Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Greg Kroah-Hartman , Kalle Valo , "David S . Miller" , =?utf-8?b?SsOpcsO0bWUgUG91aWxsZXI=?= Subject: [PATCH v2 05/12] staging: wfx: fix support for cipher AES_CMAC (multicast PMF) Date: Tue, 25 Aug 2020 10:58:21 +0200 Message-Id: <20200825085828.399505-5-Jerome.Pouiller@silabs.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200825085828.399505-1-Jerome.Pouiller@silabs.com> References: <20200825085828.399505-1-Jerome.Pouiller@silabs.com> X-ClientProxiedBy: PR3P192CA0002.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:56::7) To SN6PR11MB2718.namprd11.prod.outlook.com (2603:10b6:805:63::18) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from 255.255.255.255 (255.255.255.255) by PR3P192CA0002.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:56::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3326.19 via Frontend Transport; Tue, 25 Aug 2020 08:59:00 +0000 X-Mailer: git-send-email 2.28.0 X-Originating-IP: [37.71.187.125] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f4add5ae-0310-4305-e7bc-08d848d51c58 X-MS-TrafficTypeDiagnostic: SN6PR11MB3501: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yUEghYn2mO4fW8B0Iizu+r51/1buU64U5lswJeMZrl2iZgFj5PBj37yF8tTUl7NJ8MtbdH7SmTv6VfAgf37/E6pY0CfoRoifgzZlyeMr4TPo6JXbSKRZ76hLhsbmW8Hdw0Vo8PhxP3D4Rb8a60v9a8ituUUO7iJoNwWebCGavD9S3DOnn3y7zr0jAAgnmeBN9hx4QLLmxza586tkgyu1ALOXGXv8dqzSkZDI4kXClfNN5B2VrGCKUnO4Qg5gdoVY82Sw2fVtmaMeMniFUF0Y1amCtv+YPngfXgdAgYDKyyOascX4ElOIOuh4L3uvxNmDx4qJu+SQ375xorzZKXIomg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR11MB2718.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(39830400003)(396003)(346002)(376002)(366004)(316002)(5660300002)(478600001)(107886003)(1076003)(8936002)(83380400001)(16576012)(956004)(66556008)(66476007)(26005)(2616005)(186003)(8676002)(86362001)(66946007)(6486002)(54906003)(6666004)(36756003)(4326008)(66574015)(2906002)(52116002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: 4z+Ej5NhPi6vJmTVvVqPKIb2cyfPO5OrSwIEI+eLPkuHtRExMgjGei6s+lEwfNZegpmFoj55J84i0gSqU54YNyq3/NudhRkQp8WPT640wcp0jtgwrqfPrlT5g54sttQ8zCj3pz6wwB4zB5g46HTFe+g5SRnW2zRgc8Cg+gPZNsdx50v9CLyLQzeuQvNB5824Wx7E1IHjcQgMghF4PhnM9VcA8XT05eBEbUu4t7RhdCdkUbjtixC9CqDfS68tJrGszD2eZUuMj9Gi4JY5OS2AclncY54IvVLDMnMtelCiHudosbkRKHdrCSPwjcT86Jyhbs3VVC9fregCjV5QtsF0OrnZcGi480GJjXCWmcAJweih25n8VrzdgeZZWkNDKQtL/d2fLnVSeYiElVHqygIppnFnRvwTJzaDO10pb7ghQF0lGvOwERHP6W7SXHVytviCnGDHhZ4gH4RZtny0OCKwxsjpGzCRG6RBjrGDKWNyKS9lgMaEcddF+8jebM3Is8hBQORmGhfdl21aBkP/H8dEAhULnm3y0OpieU/STUl4MRT4v1KuIEgkPLNBDwOiBcgDRlnxgtq/7zCLfvQ91Z2OtKz0FFHhkNkCnqw5QKNjrCgw2uBAZDuOPDHjrguP0uH1EsmaHIQaIEXHBmbujADouA== X-OriginatorOrg: silabs.com X-MS-Exchange-CrossTenant-Network-Message-Id: f4add5ae-0310-4305-e7bc-08d848d51c58 X-MS-Exchange-CrossTenant-AuthSource: SN6PR11MB2718.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Aug 2020 08:59:01.6226 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 54dbd822-5231-4b20-944d-6f4abcd541fb X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 1FqIuQ9CIT05aPMsNT4OMf6OgtCJ7JerLxKnYGSgoizy1W61/5EGOhAqL2HAkvjOzuUhf5uKCQt7ScsTo9qDcQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB3501 Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org From: Jérôme Pouiller When MFP is enabled, the multicast management frames are not protected, in fact. Instead, but they should include an IE containing the MMIC of the frames (i.e. a cryptographic signature). Until now, the driver didn't correctly detect this kind of frames (they are not marked protected but they are associated to a key) and didn't ask to the device to encrypt them. In add, the device is not able to generate the IE itself. Mac80211 has to generate the IE and let the device compute the MMIC. Signed-off-by: Jérôme Pouiller --- drivers/staging/wfx/data_tx.c | 5 +++-- drivers/staging/wfx/key.c | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/staging/wfx/data_tx.c b/drivers/staging/wfx/data_tx.c index 41f9afd41e14..d16b516ad7cf 100644 --- a/drivers/staging/wfx/data_tx.c +++ b/drivers/staging/wfx/data_tx.c @@ -325,6 +325,8 @@ static int wfx_tx_get_icv_len(struct ieee80211_key_conf *hw_key) if (!hw_key) return 0; + if (hw_key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) + return 0; mic_space = (hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) ? 8 : 0; return hw_key->icv_len + mic_space; } @@ -350,8 +352,7 @@ static int wfx_tx_inner(struct wfx_vif *wvif, struct ieee80211_sta *sta, memset(tx_info->rate_driver_data, 0, sizeof(struct wfx_tx_priv)); // Fill tx_priv tx_priv = (struct wfx_tx_priv *)tx_info->rate_driver_data; - if (ieee80211_has_protected(hdr->frame_control)) - tx_priv->hw_key = hw_key; + tx_priv->hw_key = hw_key; // Fill hif_msg WARN(skb_headroom(skb) < wmsg_len, "not enough space in skb"); diff --git a/drivers/staging/wfx/key.c b/drivers/staging/wfx/key.c index 6165df59ecf9..728e5f8d3b7c 100644 --- a/drivers/staging/wfx/key.c +++ b/drivers/staging/wfx/key.c @@ -198,8 +198,8 @@ static int wfx_add_key(struct wfx_vif *wvif, struct ieee80211_sta *sta, else k.type = fill_sms4_group(&k.key.wapi_group_key, key); } else if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) { - k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key, - &seq); + k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key, &seq); + key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE; } else { dev_warn(wdev->dev, "unsupported key type %d\n", key->cipher); wfx_free_key(wdev, idx);