Date: Tue, 29 Apr 2025 11:41:40 GMT From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 28c5a37f07b3 - stable/14 - net80211; LinuxKPI 802.11: introduce IEEE80211_RX_F_ICV_STRIP Message-ID: <202504291141.53TBfeYF045842@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by bz: URL: https://cgit.FreeBSD.org/src/commit/?id=28c5a37f07b39ec7ff0e1be95d0b23db6f671fe6 commit 28c5a37f07b39ec7ff0e1be95d0b23db6f671fe6 Author: Bjoern A. Zeeb <bz@FreeBSD.org> AuthorDate: 2025-04-17 19:33:59 +0000 Commit: Bjoern A. Zeeb <bz@FreeBSD.org> CommitDate: 2025-04-29 10:49:28 +0000 net80211; LinuxKPI 802.11: introduce IEEE80211_RX_F_ICV_STRIP For TKIP with iwlwifi we are seeing DECRYPTED | ICV_STRIPPED | MMIC_STRIPPED. In tkip_decap() we however unconditionally stripped the ICV which resulted in a short frame and Gtk handshake never finished. Add IEEE80211_RX_F_ICV_STRIP to net80211. Add the extra check to the TKIP code. While there correct a comment and leave another about contiguous data assumptions. In LinuxKPI 802.11 translate the new flag and sort them into STRIP and FAIL while here. Sponsored by: The FreeBSD Foundation Reviewed by: adrian Differential Revision: https://reviews.freebsd.org/D49880 (cherry picked from commit 731ff40069d28ddab206dee276fbbdf0f28a2124) --- sys/compat/linuxkpi/common/src/linux_80211.c | 10 ++++++---- sys/net80211/_ieee80211.h | 1 + sys/net80211/ieee80211_crypto_tkip.c | 9 +++++---- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/sys/compat/linuxkpi/common/src/linux_80211.c b/sys/compat/linuxkpi/common/src/linux_80211.c index 85c0945cb9d3..84241c2dd89f 100644 --- a/sys/compat/linuxkpi/common/src/linux_80211.c +++ b/sys/compat/linuxkpi/common/src/linux_80211.c @@ -6467,14 +6467,16 @@ lkpi_convert_rx_status(struct ieee80211_hw *hw, struct lkpi_sta *lsta, if (rx_status->flag & RX_FLAG_PN_VALIDATED) rx_stats->c_pktflags |= IEEE80211_RX_F_PN_VALIDATED; } + if (rx_status->flag & RX_FLAG_IV_STRIPPED) + rx_stats->c_pktflags |= IEEE80211_RX_F_IV_STRIP; + if (rx_status->flag & RX_FLAG_ICV_STRIPPED) + rx_stats->c_pktflags |= IEEE80211_RX_F_ICV_STRIP; + if (rx_status->flag & RX_FLAG_MIC_STRIPPED) + rx_stats->c_pktflags |= IEEE80211_RX_F_MIC_STRIP; if (rx_status->flag & RX_FLAG_MMIC_STRIPPED) rx_stats->c_pktflags |= IEEE80211_RX_F_MMIC_STRIP; if (rx_status->flag & RX_FLAG_MMIC_ERROR) rx_stats->c_pktflags |= IEEE80211_RX_F_FAIL_MMIC; - if (rx_status->flag & RX_FLAG_MIC_STRIPPED) - rx_stats->c_pktflags |= IEEE80211_RX_F_MIC_STRIP; - if (rx_status->flag & RX_FLAG_IV_STRIPPED) - rx_stats->c_pktflags |= IEEE80211_RX_F_IV_STRIP; if (rx_status->flag & RX_FLAG_FAILED_FCS_CRC) rx_stats->c_pktflags |= IEEE80211_RX_F_FAIL_FCSCRC; #endif diff --git a/sys/net80211/_ieee80211.h b/sys/net80211/_ieee80211.h index 798dde6fe08a..40e542e7372a 100644 --- a/sys/net80211/_ieee80211.h +++ b/sys/net80211/_ieee80211.h @@ -575,6 +575,7 @@ struct ieee80211_mimo_info { #define IEEE80211_RX_F_VHT 0x00008000 #define IEEE80211_RX_F_PN_VALIDATED 0x00010000 /* Decrypted; PN validated */ #define IEEE80211_RX_F_MIC_STRIP 0x00020000 /* Decrypted; MIC stripped */ +#define IEEE80211_RX_F_ICV_STRIP 0x00040000 /* Decrypted: ICV (ic_trailer) stripped */ /* Channel width */ #define IEEE80211_RX_FW_20MHZ 1 diff --git a/sys/net80211/ieee80211_crypto_tkip.c b/sys/net80211/ieee80211_crypto_tkip.c index 4b5cf73e1065..ca474b504fff 100644 --- a/sys/net80211/ieee80211_crypto_tkip.c +++ b/sys/net80211/ieee80211_crypto_tkip.c @@ -361,16 +361,17 @@ finish: * are required to. */ if (! ((rxs != NULL) && (rxs->c_pktflags & IEEE80211_RX_F_IV_STRIP))) { + /* XXX this assumes the header + IV are contiguous in an mbuf. */ memmove(mtod(m, uint8_t *) + tkip.ic_header, mtod(m, void *), hdrlen); m_adj(m, tkip.ic_header); } /* - * XXX TODO: do we need an option to potentially not strip the - * WEP trailer? Does "MMIC_STRIP" also mean this? Or? + * Strip the ICV if hardware has not done so already. */ - m_adj(m, -tkip.ic_trailer); + if (rxs != NULL && (rxs->c_pktflags & IEEE80211_RX_F_ICV_STRIP) == 0) + m_adj(m, -tkip.ic_trailer); return 1; } @@ -403,7 +404,7 @@ tkip_demic(struct ieee80211_key *k, struct mbuf *m, int force) } /* - * If IV has been stripped, we skip most of the below. + * If MMIC has been stripped, we skip most of the below. */ if ((rxs != NULL) && (rxs->c_pktflags & IEEE80211_RX_F_MMIC_STRIP)) goto finish;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202504291141.53TBfeYF045842>