1. 12 5月, 2009 2 次提交
    • J
      mac80211: MFP - Drop unprotected Action frames prior key setup · f2ca3ea4
      Jouni Malinen 提交于
      When management frame protection (IEEE 802.11w) is used, unprotected
      Robust Action frames are not allowed prior to key configuration.
      However, unprotected Deauthentication and Disassociation frames are
      allowed at that point, but not after key configuration.
      
      Make ieee80211_drop_unencrypted() handle the special cases for MFP by
      separating the basic Data frame case from Management frame processing
      and handle the Management frames only if MFP has been negotiated. In
      addition, do not use sdata->drop_unencrypted for Management frames
      since the decision on whether to accept the frame depends on the key
      being configured.
      Signed-off-by: NJouni Malinen <jouni.malinen@atheros.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      f2ca3ea4
    • J
      mac80211: Drop unencrypted frames based on key setup · 0c7c10c7
      Jouni Malinen 提交于
      When using nl80211, we do not have a mechanism to set
      sdata->drop_unencrypted. Currently, this breaks code that is supposed
      to drop unencrypted frames when protection is expected since
      ieee80211_rx_h_decrypt() is optimized to not set rx->key when the
      frame is not protected.
      
      This patch modifies ieee80211_rx_h_decrypt() to set rx->key for all
      frames and only skip decryption if the frame is not protected. This
      allows ieee80211_drop_unencrypted() to correctly drop frames even if
      drop_unencrypted is not set.
      
      The changes here are not enough to handle all cases, though. Additional
      patches will be needed to implement proper IEEE 802.1X PAE for station
      mode (currently, this is only used for AP mode) and some additional
      rules are needed for MFP to drop unprotected Robust Action frames prior
      to having PTK and IGTK configured.
      
      In theory, the unprotected frames could and should be dropped in
      ieee80211_rx_h_decrypt(). However, due to the special case with EAPOL
      frames that have to be allowed to be received unprotected even when
      keys are set, it is simpler to only set rx->key and allow the
      ieee80211_frame_allowed() function to handle the actual dropping of
      data frames after 802.11->802.3 header conversion. In addition,
      unprotected robust management frames are dropped before they are
      processed.
      Signed-off-by: NJouni Malinen <jouni.malinen@atheros.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      0c7c10c7
  2. 07 5月, 2009 4 次提交
  3. 23 4月, 2009 1 次提交
    • J
      nl80211: Add Michael MIC failure event · a3b8b056
      Jouni Malinen 提交于
      Define a new nl80211 event, NL80211_CMD_MICHAEL_MIC_FAILURE, to be
      used to notify user space about locally detected Michael MIC failures.
      This matches with the MLME-MICHAELMICFAILURE.indication() primitive.
      
      Since we do not actually have TSC in the skb anymore when
      mac80211_ev_michael_mic_failure() is called, that function is changed
      to take in the TSC as an optional parameter instead of as a
      requirement to include the TSC after the hdr field (which we did not
      really follow). For now, TSC is not included in the events from
      mac80211, but it could be added at some point.
      Signed-off-by: NJouni Malinen <j@w1.fi>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      a3b8b056
  4. 22 4月, 2009 1 次提交
  5. 16 4月, 2009 1 次提交
  6. 28 3月, 2009 5 次提交
  7. 28 2月, 2009 1 次提交
    • J
      mac80211: split IBSS/managed code · 46900298
      Johannes Berg 提交于
      This patch splits out the ibss code and data from managed (station) mode.
      The reason to do this is to better separate the state machines, and have
      the code be contained better so it gets easier to determine what exactly
      a given change will affect, that in turn makes it easier to understand.
      
      This is quite some churn, especially because I split sdata->u.sta into
      sdata->u.mgd and sdata->u.ibss, but I think it's easier to maintain that
      way. I've also shuffled around some code -- null function sending is only
      applicable to managed interfaces so put that into that file, some other
      functions are needed from various places so put them into util, and also
      rearranged the prototypes in ieee80211_i.h accordingly.
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      46900298
  8. 14 2月, 2009 4 次提交
  9. 10 2月, 2009 2 次提交
  10. 30 1月, 2009 7 次提交
  11. 20 12月, 2008 2 次提交
  12. 13 12月, 2008 2 次提交
  13. 05 12月, 2008 2 次提交
  14. 01 11月, 2008 3 次提交
  15. 28 10月, 2008 1 次提交
  16. 13 10月, 2008 1 次提交
    • I
      net/mac80211/rx.c: fix build error · bf94e17b
      Ingo Molnar 提交于
      older versions of gcc do not recognize that ieee80211_rx_h_mesh_fwding()
      is unused when CONFIG_MAC80211_MESH is disabled:
      
        net/built-in.o: In function `ieee80211_rx_h_mesh_fwding':
        rx.c:(.text+0xd89af): undefined reference to `mpp_path_lookup'
        rx.c:(.text+0xd89c6): undefined reference to `mpp_path_add'
      
      as this code construct:
      
              if (ieee80211_vif_is_mesh(&sdata->vif))
                      CALL_RXH(ieee80211_rx_h_mesh_fwding);
      
      still causes ieee80211_rx_h_mesh_fwding() to be linked in.
      
      Protect these places with an #ifdef.
      
      commit b0dee578 ("Fix modpost failure when rx handlers are not inlined.")
      solved part of this problem - this patch is still needed.
      Signed-off-by: NIngo Molnar <mingo@elte.hu>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      bf94e17b
  17. 01 10月, 2008 1 次提交