diff options
Diffstat (limited to 'package/mac80211')
-rw-r--r-- | package/mac80211/patches/420-mac80211_ignore_invalid_ccmp_rx_pn.patch | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/package/mac80211/patches/420-mac80211_ignore_invalid_ccmp_rx_pn.patch b/package/mac80211/patches/420-mac80211_ignore_invalid_ccmp_rx_pn.patch deleted file mode 100644 index 0222f54b6..000000000 --- a/package/mac80211/patches/420-mac80211_ignore_invalid_ccmp_rx_pn.patch +++ /dev/null @@ -1,46 +0,0 @@ ---- a/net/mac80211/key.h -+++ b/net/mac80211/key.h -@@ -90,6 +90,7 @@ struct ieee80211_key { - * Management frames. - */ - u8 rx_pn[NUM_RX_DATA_QUEUES + 1][6]; -+ u8 rx_invalid_pn[NUM_RX_DATA_QUEUES + 1]; - struct crypto_cipher *tfm; - u32 replays; /* dot11RSNAStatsCCMPReplays */ - #ifndef AES_BLOCK_LEN ---- a/net/mac80211/wpa.c -+++ b/net/mac80211/wpa.c -@@ -457,6 +457,13 @@ ieee80211_crypto_ccmp_encrypt(struct iee - return TX_CONTINUE; - } - -+static inline u64 pn_to_u64(u8 *data) -+{ -+ u64 pn = get_unaligned_be32(data + 2); -+ pn |= ((u64) get_unaligned_be16(data)) << 32; -+ return pn; -+} -+ - - ieee80211_rx_result - ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx) -@@ -469,6 +476,7 @@ ieee80211_crypto_ccmp_decrypt(struct iee - u8 pn[CCMP_PN_LEN]; - int data_len; - int queue; -+ u64 diff; - - hdrlen = ieee80211_hdrlen(hdr->frame_control); - -@@ -503,6 +511,11 @@ ieee80211_crypto_ccmp_decrypt(struct iee - return RX_DROP_UNUSABLE; - } - -+ diff = pn_to_u64(pn) - pn_to_u64(key->u.ccmp.rx_pn[queue]); -+ if (diff > 1000 && key->u.ccmp.rx_invalid_pn[queue]++ < 10) -+ return RX_DROP_UNUSABLE; -+ -+ key->u.ccmp.rx_invalid_pn[queue] = 0; - memcpy(key->u.ccmp.rx_pn[queue], pn, CCMP_PN_LEN); - - /* Remove CCMP header and MIC */ |