ath9k: improve reliability of MIC error detection
authorFelix Fietkau <nbd@openwrt.org>
Wed, 13 Jul 2011 15:35:05 +0000 (23:35 +0800)
committerJohn W. Linville <linville@tuxdriver.com>
Fri, 15 Jul 2011 17:38:32 +0000 (13:38 -0400)
For unicast the hardware sometimes reports MIC errors even though the
frame that it received actually contains a valid MIC - on some chips this
can happen frequently enough to trigger TKIP countermeasures.
Fix this issue by not reporting MIC errors for unicast frames with a
valid key, letting mac80211 validate the MIC instead.

Additionally, strip the MIC for all frames that the hardware considers
valid to avoid wasting CPU cycles re-validating it.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
drivers/net/wireless/ath/ath9k/recv.c

index 80bb04f950ebb52c9b1ed96d17615f02c45e2342..d32e82ff92838a2d60b7ac7565cf3a3fac45e264 100644 (file)
@@ -814,16 +814,19 @@ static bool ath9k_rx_accept(struct ath_common *common,
                            struct ath_rx_status *rx_stats,
                            bool *decrypt_error)
 {
-#define is_mc_or_valid_tkip_keyix ((is_mc ||                   \
-               (rx_stats->rs_keyix != ATH9K_RXKEYIX_INVALID && \
-               test_bit(rx_stats->rs_keyix, common->tkip_keymap))))
-
+       bool is_mc, is_valid_tkip, strip_mic, mic_error;
        struct ath_hw *ah = common->ah;
        __le16 fc;
        u8 rx_status_len = ah->caps.rx_status_len;
 
        fc = hdr->frame_control;
 
+       is_mc = !!is_multicast_ether_addr(hdr->addr1);
+       is_valid_tkip = rx_stats->rs_keyix != ATH9K_RXKEYIX_INVALID &&
+               test_bit(rx_stats->rs_keyix, common->tkip_keymap);
+       strip_mic = is_valid_tkip && !(rx_stats->rs_status &
+               (ATH9K_RXERR_DECRYPT | ATH9K_RXERR_CRC | ATH9K_RXERR_MIC));
+
        if (!rx_stats->rs_datalen)
                return false;
         /*
@@ -838,6 +841,11 @@ static bool ath9k_rx_accept(struct ath_common *common,
        if (rx_stats->rs_more)
                return true;
 
+       mic_error = is_valid_tkip && !ieee80211_is_ctl(fc) &&
+               !ieee80211_has_morefrags(fc) &&
+               !(le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG) &&
+               (rx_stats->rs_status & ATH9K_RXERR_MIC);
+
        /*
         * The rx_stats->rs_status will not be set until the end of the
         * chained descriptors so it can be ignored if rs_more is set. The
@@ -845,30 +853,18 @@ static bool ath9k_rx_accept(struct ath_common *common,
         * descriptors.
         */
        if (rx_stats->rs_status != 0) {
-               if (rx_stats->rs_status & ATH9K_RXERR_CRC)
+               if (rx_stats->rs_status & ATH9K_RXERR_CRC) {
                        rxs->flag |= RX_FLAG_FAILED_FCS_CRC;
+                       mic_error = false;
+               }
                if (rx_stats->rs_status & ATH9K_RXERR_PHY)
                        return false;
 
                if (rx_stats->rs_status & ATH9K_RXERR_DECRYPT) {
                        *decrypt_error = true;
-               } else if (rx_stats->rs_status & ATH9K_RXERR_MIC) {
-                       bool is_mc;
-                       /*
-                        * The MIC error bit is only valid if the frame
-                        * is not a control frame or fragment, and it was
-                        * decrypted using a valid TKIP key.
-                        */
-                       is_mc = !!is_multicast_ether_addr(hdr->addr1);
-
-                       if (!ieee80211_is_ctl(fc) &&
-                           !ieee80211_has_morefrags(fc) &&
-                           !(le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG) &&
-                           is_mc_or_valid_tkip_keyix)
-                               rxs->flag |= RX_FLAG_MMIC_ERROR;
-                       else
-                               rx_stats->rs_status &= ~ATH9K_RXERR_MIC;
+                       mic_error = false;
                }
+
                /*
                 * Reject error frames with the exception of
                 * decryption and MIC failures. For monitor mode,
@@ -886,6 +882,18 @@ static bool ath9k_rx_accept(struct ath_common *common,
                        }
                }
        }
+
+       /*
+        * For unicast frames the MIC error bit can have false positives,
+        * so all MIC error reports need to be validated in software.
+        * False negatives are not common, so skip software verification
+        * if the hardware considers the MIC valid.
+        */
+       if (strip_mic)
+               rxs->flag |= RX_FLAG_MMIC_STRIPPED;
+       else if (is_mc && mic_error)
+               rxs->flag |= RX_FLAG_MMIC_ERROR;
+
        return true;
 }
 
@@ -1938,6 +1946,9 @@ int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
                        sc->rx.rxotherant = 0;
                }
 
+               if (rxs->flag & RX_FLAG_MMIC_STRIPPED)
+                       skb_trim(skb, skb->len - 8);
+
                spin_lock_irqsave(&sc->sc_pm_lock, flags);
 
                if ((sc->ps_flags & (PS_WAIT_FOR_BEACON |