summaryrefslogtreecommitdiff
path: root/drivers/net/wireless/iwlwifi/iwl-tx.c
diff options
context:
space:
mode:
authorEmmanuel Grumbach <emmanuel.grumbach@intel.com>2008-05-15 13:54:09 +0800
committerJohn W. Linville <linville@tuxdriver.com>2008-05-21 21:48:01 -0400
commitccc038abe4cb00cf56aeae5b1df47fcc4ed4136c (patch)
tree0c35fec8a1c9e7179f9b756d30c3f8af02d9bfa5 /drivers/net/wireless/iwlwifi/iwl-tx.c
parenta98410139a2ef6553ae5d73bf12bb9a68d0b38b9 (diff)
downloadlwn-ccc038abe4cb00cf56aeae5b1df47fcc4ed4136c.tar.gz
lwn-ccc038abe4cb00cf56aeae5b1df47fcc4ed4136c.zip
iwlwifi: clean up and bug fix for security
This patch cleans up code in security. 1) uses the new pointer to ieee80211_key_conf passed with the tx_control. 2) resolves bug reported by Mirco Tischler (sends ADD_STA in ASYNC mode) 3) resolves bug reported by Volker Braun regarding dynamic WEP 4) drops a WEP packet which has been garbaged by firmware. This can happen upon rekeying. Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'drivers/net/wireless/iwlwifi/iwl-tx.c')
-rw-r--r--drivers/net/wireless/iwlwifi/iwl-tx.c41
1 files changed, 12 insertions, 29 deletions
diff --git a/drivers/net/wireless/iwlwifi/iwl-tx.c b/drivers/net/wireless/iwlwifi/iwl-tx.c
index a37ced58c661..f32cddabdf64 100644
--- a/drivers/net/wireless/iwlwifi/iwl-tx.c
+++ b/drivers/net/wireless/iwlwifi/iwl-tx.c
@@ -639,16 +639,12 @@ static void iwl_tx_cmd_build_hwcrypto(struct iwl_priv *priv,
struct sk_buff *skb_frag,
int sta_id)
{
- struct iwl_hw_key *keyinfo = &priv->stations[sta_id].keyinfo;
- struct iwl_wep_key *wepkey;
- int keyidx = 0;
+ struct ieee80211_key_conf *keyconf = ctl->hw_key;
- BUG_ON(ctl->hw_key->hw_key_idx > 3);
-
- switch (keyinfo->alg) {
+ switch (keyconf->alg) {
case ALG_CCMP:
tx_cmd->sec_ctl = TX_CMD_SEC_CCM;
- memcpy(tx_cmd->key, keyinfo->key, keyinfo->keylen);
+ memcpy(tx_cmd->key, keyconf->key, keyconf->keylen);
if (ctl->flags & IEEE80211_TXCTL_AMPDU)
tx_cmd->tx_flags |= TX_CMD_FLG_AGG_CCMP_MSK;
IWL_DEBUG_TX("tx_cmd with aes hwcrypto\n");
@@ -656,39 +652,26 @@ static void iwl_tx_cmd_build_hwcrypto(struct iwl_priv *priv,
case ALG_TKIP:
tx_cmd->sec_ctl = TX_CMD_SEC_TKIP;
- ieee80211_get_tkip_key(keyinfo->conf, skb_frag,
+ ieee80211_get_tkip_key(keyconf, skb_frag,
IEEE80211_TKIP_P2_KEY, tx_cmd->key);
IWL_DEBUG_TX("tx_cmd with tkip hwcrypto\n");
break;
case ALG_WEP:
- wepkey = &priv->wep_keys[ctl->hw_key->hw_key_idx];
- tx_cmd->sec_ctl = 0;
- if (priv->default_wep_key) {
- /* the WEP key was sent as static */
- keyidx = ctl->hw_key->hw_key_idx;
- memcpy(&tx_cmd->key[3], wepkey->key,
- wepkey->key_size);
- if (wepkey->key_size == WEP_KEY_LEN_128)
- tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
- } else {
- /* the WEP key was sent as dynamic */
- keyidx = keyinfo->keyidx;
- memcpy(&tx_cmd->key[3], keyinfo->key,
- keyinfo->keylen);
- if (keyinfo->keylen == WEP_KEY_LEN_128)
- tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
- }
-
tx_cmd->sec_ctl |= (TX_CMD_SEC_WEP |
- (keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT);
+ (keyconf->keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT);
+
+ if (keyconf->keylen == WEP_KEY_LEN_128)
+ tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
+
+ memcpy(&tx_cmd->key[3], keyconf->key, keyconf->keylen);
IWL_DEBUG_TX("Configuring packet for WEP encryption "
- "with key %d\n", keyidx);
+ "with key %d\n", keyconf->keyidx);
break;
default:
- printk(KERN_ERR "Unknown encode alg %d\n", keyinfo->alg);
+ printk(KERN_ERR "Unknown encode alg %d\n", keyconf->alg);
break;
}
}