staging:r8188eu: trim IV/ICV fields in validate_recv_data_frame()
authorIvan Safonov <insafonov@gmail.com>
Tue, 2 May 2017 06:01:42 +0000 (09:01 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 15 May 2017 05:41:59 +0000 (07:41 +0200)
Length of IV/ICV fields calculated here, so trim these field here too.

Signed-off-by: Ivan Safonov <insafonov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/rtl8188eu/core/rtw_recv.c
drivers/staging/rtl8188eu/os_dep/mon.c

index e8f0ff93f05a0baefd120de469f9f980d67cfd36..2c37bb548c0fa6afd17e87175140b743de0e461c 100644 (file)
@@ -1138,6 +1138,8 @@ static int validate_recv_data_frame(struct adapter *adapter,
        }
 
        if (pattrib->privacy) {
+               struct sk_buff *skb = precv_frame->pkt;
+
                RT_TRACE(_module_rtl871x_recv_c_, _drv_info_, ("validate_recv_data_frame:pattrib->privacy=%x\n", pattrib->privacy));
                RT_TRACE(_module_rtl871x_recv_c_, _drv_info_, ("\n ^^^^^^^^^^^IS_MCAST(pattrib->ra(0x%02x))=%d^^^^^^^^^^^^^^^6\n", pattrib->ra[0], IS_MCAST(pattrib->ra)));
 
@@ -1146,6 +1148,13 @@ static int validate_recv_data_frame(struct adapter *adapter,
                RT_TRACE(_module_rtl871x_recv_c_, _drv_info_, ("\n pattrib->encrypt=%d\n", pattrib->encrypt));
 
                SET_ICE_IV_LEN(pattrib->iv_len, pattrib->icv_len, pattrib->encrypt);
+
+               if (pattrib->bdecrypted == 1 && pattrib->encrypt > 0) {
+                       memmove(skb->data + pattrib->iv_len,
+                               skb->data, pattrib->hdrlen);
+                       skb_pull(skb, pattrib->iv_len);
+                       skb_trim(skb, skb->len - pattrib->icv_len);
+               }
        } else {
                pattrib->encrypt = 0;
                pattrib->iv_len = 0;
@@ -1265,14 +1274,8 @@ static int validate_recv_frame(struct adapter *adapter,
         * Hence forward the frame to the monitor anyway to preserve the order
         * in which frames were received.
         */
-       rtl88eu_mon_recv_hook(adapter->pmondev, precv_frame);
 
-       if (precv_frame->attrib.bdecrypted == 1 && precv_frame->attrib.encrypt > 0 &&
-           (adapter->securitypriv.busetkipkey == 1 || precv_frame->attrib.encrypt != _TKIP_)) {
-               memmove(precv_frame->pkt->data + precv_frame->attrib.iv_len, precv_frame->pkt->data, precv_frame->attrib.hdrlen);
-               skb_pull(precv_frame->pkt, precv_frame->attrib.iv_len);
-               skb_trim(precv_frame->pkt, precv_frame->pkt->len - precv_frame->attrib.icv_len);
-       }
+       rtl88eu_mon_recv_hook(adapter->pmondev, precv_frame);
 
 exit:
 
index 53f853f08428395164a005608c260345d41d298d..ed396619d97ad7dfc746f0abe5fbf4a7c58af6f3 100644 (file)
@@ -67,7 +67,7 @@ static void mon_recv_decrypted(struct net_device *dev, const u8 *data,
 }
 
 static void mon_recv_decrypted_recv(struct net_device *dev, const u8 *data,
-                              int data_len, int iv_len, int icv_len)
+                                   int data_len)
 {
        struct sk_buff *skb;
        struct ieee80211_hdr *hdr;
@@ -86,15 +86,8 @@ static void mon_recv_decrypted_recv(struct net_device *dev, const u8 *data,
        hdr = (struct ieee80211_hdr *)skb->data;
        hdr_len = ieee80211_hdrlen(hdr->frame_control);
 
-       if (skb->len < hdr_len + iv_len + icv_len) {
-               if (ieee80211_has_protected(hdr->frame_control)) {
-                       hdr->frame_control &= ~cpu_to_le16(IEEE80211_FCTL_PROTECTED);
-
-                       memmove(skb->data + iv_len, skb->data, hdr_len);
-                       skb_pull(skb, iv_len);
-                       skb_trim(skb, skb->len - icv_len);
-               }
-       }
+       if (ieee80211_has_protected(hdr->frame_control))
+               hdr->frame_control &= ~cpu_to_le16(IEEE80211_FCTL_PROTECTED);
 
        skb->ip_summed = CHECKSUM_UNNECESSARY;
        skb->protocol = eth_type_trans(skb, dev);
@@ -117,7 +110,6 @@ static void mon_recv_encrypted(struct net_device *dev, const u8 *data,
 void rtl88eu_mon_recv_hook(struct net_device *dev, struct recv_frame *frame)
 {
        struct rx_pkt_attrib *attr;
-       int iv_len, icv_len;
        int data_len;
        u8 *data;
 
@@ -130,11 +122,8 @@ void rtl88eu_mon_recv_hook(struct net_device *dev, struct recv_frame *frame)
        data = frame->pkt->data;
        data_len = frame->pkt->len;
 
-       /* Broadcast and multicast frames don't have attr->{iv,icv}_len set */
-       SET_ICE_IV_LEN(iv_len, icv_len, attr->encrypt);
-
        if (attr->bdecrypted)
-               mon_recv_decrypted_recv(dev, data, data_len, iv_len, icv_len);
+               mon_recv_decrypted_recv(dev, data, data_len);
        else
                mon_recv_encrypted(dev, data, data_len);
 }