tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ath9k: Fix hw crypto configuration for TKIP in AP mode

Incorrect Michael MIC key (RX, should have been TX) was set for the
group key in AP mode. This resulted in all broadcast frames triggering
Michael MIC errors and eventual TKIP countermeasures. The change here
sets the correct Michael MIC key based on whether the local end is the
authenticator (well, AP for now).

Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com>
Tested-by: Pat Erley <pat-lkml@erley.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

authored by

Jouni Malinen and committed by
John W. Linville 3f53dd64 998a5a7d

+13 -5
+13 -5
drivers/net/wireless/ath9k/main.c
··· 648 648 } 649 649 650 650 static int ath_setkey_tkip(struct ath_softc *sc, u16 keyix, const u8 *key, 651 - struct ath9k_keyval *hk, 652 - const u8 *addr) 651 + struct ath9k_keyval *hk, const u8 *addr, 652 + bool authenticator) 653 653 { 654 654 const u8 *key_rxmic; 655 655 const u8 *key_txmic; ··· 659 659 660 660 if (addr == NULL) { 661 661 /* Group key installation */ 662 - memcpy(hk->kv_mic, key_rxmic, sizeof(hk->kv_mic)); 662 + if (authenticator) { 663 + memcpy(hk->kv_mic, key_txmic, sizeof(hk->kv_mic)); 664 + memcpy(hk->kv_txmic, key_txmic, sizeof(hk->kv_mic)); 665 + } else { 666 + memcpy(hk->kv_mic, key_rxmic, sizeof(hk->kv_mic)); 667 + memcpy(hk->kv_txmic, key_rxmic, sizeof(hk->kv_mic)); 668 + } 663 669 return ath_keyset(sc, keyix, hk, addr); 664 670 } 665 671 if (!sc->splitmic) { ··· 775 769 } 776 770 777 771 static int ath_key_config(struct ath_softc *sc, 772 + struct ieee80211_vif *vif, 778 773 struct ieee80211_sta *sta, 779 774 struct ieee80211_key_conf *key) 780 775 { ··· 835 828 } 836 829 837 830 if (key->alg == ALG_TKIP) 838 - ret = ath_setkey_tkip(sc, idx, key->key, &hk, mac); 831 + ret = ath_setkey_tkip(sc, idx, key->key, &hk, mac, 832 + vif->type == NL80211_IFTYPE_AP); 839 833 else 840 834 ret = ath_keyset(sc, idx, &hk, mac); 841 835 ··· 2489 2481 2490 2482 switch (cmd) { 2491 2483 case SET_KEY: 2492 - ret = ath_key_config(sc, sta, key); 2484 + ret = ath_key_config(sc, vif, sta, key); 2493 2485 if (ret >= 0) { 2494 2486 key->hw_key_idx = ret; 2495 2487 /* push IV and Michael MIC generation to stack */