[v3] ath10k: rebuild crypto header in rx data frames

Vasanthakumar Thiagarajan vthiagar at qti.qualcomm.com
Tue Oct 31 08:00:14 PDT 2017

Sorry top posting.

The issues in raw mode with CCMP-256, GCMP and GCMP-256 were already known and
the same was captured in the commit log. As mentioned in the commit log, raw mode
with these ciphers does not work even without this particular patch and it needs some cleanup
like done in the follow up patch https://patchwork.kernel.org/patch/10029099/.

From: Sebastian Gottschall <s.gottschall at dd-wrt.com>
Sent: Tuesday, October 31, 2017 8:24 PM
To: Kalle Valo
Cc: ath10k at lists.infradead.org; linux-wireless at vger.kernel.org; Vasanthakumar Thiagarajan
Subject: Re: [v3] ath10k: rebuild crypto header in rx data frames

the same is for the MIC

+               /* MIC */
+               if ((status->flag & RX_FLAG_MIC_STRIPPED) &&
+                   enctype == HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
+                       skb_trim(msdu, msdu->len - 8);

this code looks wrong too

Am 30.10.2017 um 10:32 schrieb Sebastian Gottschall:
> will check it tomorrow including gcmp-256, ccmp-256. was out for
> weekend :-)
> Am 30.10.2017 um 09:39 schrieb Kalle Valo:
>> Kalle Valo <kvalo at qca.qualcomm.com> wrote:
>>> Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and
>>> HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done
>>> on host (mac80211) rather than firmware. Rebuild cipher header
>>> in every received data frames (that are notified through those
>>> HTT interfaces) from the rx_hdr_status tlv available in the
>>> rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED
>>> flag for the packets which requires mac80211 PN/TSC check support
>>> and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X,
>>> QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the
>>> rebuilding of cipher header to perform PN/TSC check for replay
>>> attack.
>>> Please note that removing crypto tail for CCMP-256, GCMP and
>>> GCMP-256 ciphers
>>> in raw mode needs to be fixed. Since Rx with these ciphers in raw
>>> mode does not work in the current form even without this patch and
>>> removing crypto tail for these chipers needs clean up, raw mode related
>>> issues in CCMP-256, GCMP and GCMP-256 can be addressed in follow up
>>> patches.
>>> Tested-by: Manikanta Pubbisetty <mpubbise at qti.qualcomm.com>
>>> Signed-off-by: Vasanthakumar Thiagarajan <vthiagar at qti.qualcomm.com>
>>> Signed-off-by: Kalle Valo <kvalo at qca.qualcomm.com>
>> Patch applied to ath-current branch of ath.git, thanks.
>> 7eccb738fce5 ath10k: rebuild crypto header in rx data frames

Mit freundlichen Grüssen / Regards

Sebastian Gottschall / CTO

NewMedia-NET GmbH - DD-WRT
Firmensitz:  Stubenwaldallee 21a, 64625 Bensheim
Registergericht: Amtsgericht Darmstadt, HRB 25473
Geschäftsführer: Peter Steinhäuser, Christian Scheele
email: s.gottschall at dd-wrt.com
Tel.: +496251-582650 / Fax: +496251-5826565

More information about the ath10k mailing list