diff options
| author | Masashi Honma <masashi.honma@gmail.com> | 2016-06-22 19:55:20 +0900 |
|---|---|---|
| committer | Johannes Berg <johannes@sipsolutions.net> | 2016-06-30 12:06:20 +0200 |
| commit | 46f6b06050b736dab4d41494dae27b883cddc365 (patch) | |
| tree | 0b612258ff5ac72ab953494b0bccac7780e4da50 /net/mac80211/rx.c | |
| parent | 49708e3772ce648be425778702a266b207e89d4e (diff) | |
| download | blackbird-op-linux-46f6b06050b736dab4d41494dae27b883cddc365.tar.gz blackbird-op-linux-46f6b06050b736dab4d41494dae27b883cddc365.zip | |
mac80211: Encrypt "Group addressed privacy" action frames
Previously, the action frames to group address was not encrypted. But
[1] "Table 8-38 Category values" indicates "Mesh" and "Multihop" category
action frames should be encrypted (Group addressed privacy == yes). And the
encyption key should be MGTK ([1] 10.13 Group addressed robust management frame
procedures). So this patch modifies the code to make it suitable for spec.
[1] IEEE Std 802.11-2012
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Diffstat (limited to 'net/mac80211/rx.c')
| -rw-r--r-- | net/mac80211/rx.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index 9a1eb70cb120..2e8a9024625a 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c @@ -1624,8 +1624,13 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) if (mmie_keyidx < NUM_DEFAULT_KEYS || mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) return RX_DROP_MONITOR; /* unexpected BIP keyidx */ - if (rx->sta) + if (rx->sta) { + if (ieee80211_is_group_privacy_action(skb) && + test_sta_flag(rx->sta, WLAN_STA_MFP)) + return RX_DROP_MONITOR; + rx->key = rcu_dereference(rx->sta->gtk[mmie_keyidx]); + } if (!rx->key) rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]); } else if (!ieee80211_has_protected(fc)) { |
