package/mac80211/patches/550-ath9k_mmic_verify.patch

   1 --- a/drivers/net/wireless/ath/ath9k/recv.c
   2 +++ b/drivers/net/wireless/ath/ath9k/recv.c
   3 @@ -814,16 +814,19 @@ static bool ath9k_rx_accept(struct ath_c
   4                             struct ath_rx_status *rx_stats,
   5                             bool *decrypt_error)
   6  {
   7 -#define is_mc_or_valid_tkip_keyix ((is_mc ||                   \
   8 -               (rx_stats->rs_keyix != ATH9K_RXKEYIX_INVALID && \
   9 -               test_bit(rx_stats->rs_keyix, common->tkip_keymap))))
  10 -
  11 +       bool is_mc, is_valid_tkip, strip_mic, mic_error = false;
  12         struct ath_hw *ah = common->ah;
  13         __le16 fc;
  14         u8 rx_status_len = ah->caps.rx_status_len;
  15
  16         fc = hdr->frame_control;
  17
  18 +       is_mc = !!is_multicast_ether_addr(hdr->addr1);
  19 +       is_valid_tkip = rx_stats->rs_keyix != ATH9K_RXKEYIX_INVALID &&
  20 +               test_bit(rx_stats->rs_keyix, common->tkip_keymap);
  21 +       strip_mic = is_valid_tkip && !(rx_stats->rs_status &
  22 +               (ATH9K_RXERR_DECRYPT | ATH9K_RXERR_CRC | ATH9K_RXERR_MIC));
  23 +
  24         if (!rx_stats->rs_datalen)
  25                 return false;
  26          /*
  27 @@ -850,25 +853,9 @@ static bool ath9k_rx_accept(struct ath_c
  28                 if (rx_stats->rs_status & ATH9K_RXERR_PHY)
  29                         return false;
  30
  31 -               if (rx_stats->rs_status & ATH9K_RXERR_DECRYPT) {
  32 +               if (rx_stats->rs_status & ATH9K_RXERR_DECRYPT)
  33                         *decrypt_error = true;
  34 -               } else if (rx_stats->rs_status & ATH9K_RXERR_MIC) {
  35 -                       bool is_mc;
  36 -                       /*
  37 -                        * The MIC error bit is only valid if the frame
  38 -                        * is not a control frame or fragment, and it was
  39 -                        * decrypted using a valid TKIP key.
  40 -                        */
  41 -                       is_mc = !!is_multicast_ether_addr(hdr->addr1);
  42
  43 -                       if (!ieee80211_is_ctl(fc) &&
  44 -                           !ieee80211_has_morefrags(fc) &&
  45 -                           !(le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG) &&
  46 -                           is_mc_or_valid_tkip_keyix)
  47 -                               rxs->flag |= RX_FLAG_MMIC_ERROR;
  48 -                       else
  49 -                               rx_stats->rs_status &= ~ATH9K_RXERR_MIC;
  50 -               }
  51                 /*
  52                  * Reject error frames with the exception of
  53                  * decryption and MIC failures. For monitor mode,
  54 @@ -886,6 +873,18 @@ static bool ath9k_rx_accept(struct ath_c
  55                         }
  56                 }
  57         }
  58 +
  59 +       /*
  60 +        * For unicast frames the MIC error bit can have false positives,
  61 +        * so all MIC error reports need to be validated in software.
  62 +        * False negatives are not common, so skip software verification
  63 +        * if the hardware considers the MIC valid.
  64 +        */
  65 +       if (strip_mic)
  66 +               rxs->flag |= RX_FLAG_MMIC_STRIPPED;
  67 +       else if (is_mc && mic_error)
  68 +               rxs->flag |= RX_FLAG_MMIC_ERROR;
  69 +
  70         return true;
  71  }
  72
  73 @@ -1882,6 +1881,9 @@ int ath_rx_tasklet(struct ath_softc *sc,
  74                         ath9k_rx_skb_postprocess(common, hdr_skb, &rs,
  75                                                  rxs, decrypt_error);
  76
  77 +               if (rxs->flag & RX_FLAG_MMIC_STRIPPED)
  78 +                       skb_trim(skb, skb->len - 8);
  79 +
  80                 /* We will now give hardware our shiny new allocated skb */
  81                 bf->bf_mpdu = requeue_skb;
  82                 bf->bf_buf_addr = dma_map_single(sc->dev, requeue_skb->data,