]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
projects / mirror_ubuntu-kernels.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bbc409e) | patch
staging: wfx: fix CCMP/TKIP replay protection
authorJérôme Pouiller <jerome.pouiller@silabs.com>
Wed, 1 Jul 2020 15:07:05 +0000 (17:07 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 3 Jul 2020 08:33:07 +0000 (10:33 +0200)
commite5da5fbd7741162c51a70ffad4316be12e1bb010
tree92e8337a1ccbd1aa35301cb2ab17579f21728383tree
parentbbc409e276c948a7acda32cab5d8f26335c34ac0commit | diff
staging: wfx: fix CCMP/TKIP replay protection

To enable the TKIP/CCMP replay protection, the frames has to be
processed in the right order. However, the device is not able to
re-order the frames during BlockAck sessions.

Mac80211 is able to reorder the frames, but it need the information
about the BlockAck sessions start and stop. Unfortunately, since the
BlockAck is fully handled by the hardware, these frames were not
forwarded to the host. So, if the driver ask to mac80211 to apply the
replay protection, it drop all misordered frames.

So, until now, the driver explicitly asked to mac80211 to not apply
the CCMP/TKIP replay protection.

The situation has changed with the API 3.4 of the device firmware. The
firmware forward the BlockAck information. Mac80211 is now able to
correctly reorder the frames. There is no more reasons to drop
cryptographic data.

This patch also impact the older firmwares. There will be a performance
impact on these firmware (since the misordered frames will dropped).
However, we can't keep the replay protection disabled.

Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com>
Link: https://lore.kernel.org/r/20200701150707.222985-12-Jerome.Pouiller@silabs.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/wfx/data_rx.c diff | blob | blame | history
drivers/staging/wfx/data_tx.c diff | blob | blame | history
Ubuntu combined Linux kernel mirror