staging: wfx: fix BA when MFP is disabled but BSS is MFP capable

The protection of the management frames is mainly done by mac80211. However, frames for the management of the BlockAck sessions are directly sent by the device. These frames have to be protected if MFP is in use. So the driver has to pass the MFP configuration to the device. Until now, the driver directly read the RSN IE of the BSS. However, it didn't work when the BSS was MFP capable (ieee80211w=1) and the local device has disabled MFP (ieee80211w=0). This patch read the MFP information directly from the struct ieee80211_sta. This information take into account the MFP negotiated during the association. In addition, the code is far simpler. Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com> Link: https://lore.kernel.org/r/20200825085828.399505-3-Jerome.Pouiller@silabs.comSigned-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

staging: wfx: fix BA when MFP is disabled but BSS is MFP capable
The protection of the management frames is mainly done by mac80211. However, frames for the management of the BlockAck sessions are directly sent by the device. These frames have to be protected if MFP is in use. So the driver has to pass the MFP configuration to the device. Until now, the driver directly read the RSN IE of the BSS. However, it didn't work when the BSS was MFP capable (ieee80211w=1) and the local device has disabled MFP (ieee80211w=0). This patch read the MFP information directly from the struct ieee80211_sta. This information take into account the MFP negotiated during the association. In addition, the code is far simpler. Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com> Link: https://lore.kernel.org/r/20200825085828.399505-3-Jerome.Pouiller@silabs.comSigned-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
d1e0de31 · Jérôme Pouiller · Greg Kroah-Hartman · c566f1c7 · d1e0de31
Commit d1e0de31 authored Aug 25, 2020 by Jérôme Pouiller Committed by Greg Kroah-Hartman Aug 28, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 31 deletions

drivers/staging/wfx/sta.c drivers/staging/wfx/sta.c +3 -31

No files found.
--- a/drivers/staging/wfx/sta.c
+++ b/drivers/staging/wfx/sta.c
@@ -323,36 +323,6 @@ void wfx_set_default_unicast_key(struct ieee80211_hw *hw,
 	hif_wep_default_key_id(wvif, idx);
 }

-static void wfx_set_mfp(struct wfx_vif *wvif,
-			struct cfg80211_bss *bss)
-{
-	const int pairwise_cipher_suite_count_offset = 8 / sizeof(u16);
-	const int pairwise_cipher_suite_size = 4 / sizeof(u16);
-	const int akm_suite_size = 4 / sizeof(u16);
-	const u16 *ptr = NULL;
-	bool mfpc = false;
-	bool mfpr = false;
-
-	/* 802.11w protected mgmt frames */
-
-	/* retrieve MFPC and MFPR flags from beacon or PBRSP */
-
-	rcu_read_lock();
-	if (bss)
-		ptr = (const u16 *)ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
-
-	if (ptr) {
-		ptr += pairwise_cipher_suite_count_offset;
-		ptr += 1 + pairwise_cipher_suite_size * *ptr;
-		ptr += 1 + akm_suite_size * *ptr;
-		mfpr = *ptr & BIT(6);
-		mfpc = *ptr & BIT(7);
-	}
-	rcu_read_unlock();
-
-	hif_set_mfp(wvif, mfpc, mfpr);
-}
-
 void wfx_reset(struct wfx_vif *wvif)
 {
 	struct wfx_dev *wdev = wvif->wdev;
@@ -400,7 +370,6 @@ static void wfx_do_join(struct wfx_vif *wvif)
 	}
 	rcu_read_unlock();

-	wfx_set_mfp(wvif, bss);
 	cfg80211_put_bss(wvif->wdev->hw->wiphy, bss);

 	wvif->join_in_progress = true;
@@ -427,6 +396,9 @@ int wfx_sta_add(struct ieee80211_hw *hw, struct ieee80211_vif *vif,

 	sta_priv->vif_id = wvif->id;

+	if (vif->type == NL80211_IFTYPE_STATION)
+		hif_set_mfp(wvif, sta->mfp, sta->mfp);
+
 	// In station mode, the firmware interprets new link-id as a TDLS peer.
 	if (vif->type == NL80211_IFTYPE_STATION && !sta->tdls)
 		return 0;