提交 a78c3898 编写于 作者: A Alexander Wetzel 提交者: Greg Kroah-Hartman

mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode

commit 78ad2341521d5ea96cb936244ed4c4c4ef9ec13b upstream.

Restore SW_CRYPTO_CONTROL operation on AP_VLAN interfaces for unicast
keys, the original override was intended to be done for group keys as
those are treated specially by mac80211 and would always have been
rejected.

Now the situation is that AP_VLAN support must be enabled by the driver
if it can support it (meaning it can support software crypto GTK TX).

Thus, also simplify the code - if we get here with AP_VLAN and non-
pairwise key, software crypto must be used (driver doesn't know about
the interface) and can be used (driver must've advertised AP_VLAN if
it also uses SW_CRYPTO_CONTROL).

Fixes: db3bdcb9 ("mac80211: allow AP_VLAN operation on crypto controlled devices")
Signed-off-by: NAlexander Wetzel <alexander@wetzel-home.de>
[rewrite commit message]
Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
上级 574be221
...@@ -167,9 +167,11 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) ...@@ -167,9 +167,11 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
* The driver doesn't know anything about VLAN interfaces. * The driver doesn't know anything about VLAN interfaces.
* Hence, don't send GTKs for VLAN interfaces to the driver. * Hence, don't send GTKs for VLAN interfaces to the driver.
*/ */
if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
ret = 1;
goto out_unsupported; goto out_unsupported;
} }
}
ret = drv_set_key(key->local, SET_KEY, sdata, ret = drv_set_key(key->local, SET_KEY, sdata,
sta ? &sta->sta : NULL, &key->conf); sta ? &sta->sta : NULL, &key->conf);
...@@ -213,11 +215,8 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) ...@@ -213,11 +215,8 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
/* all of these we can do in software - if driver can */ /* all of these we can do in software - if driver can */
if (ret == 1) if (ret == 1)
return 0; return 0;
if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) { if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
return 0;
return -EINVAL; return -EINVAL;
}
return 0; return 0;
default: default:
return -EINVAL; return -EINVAL;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册