From: Ping-Ke Shih
When using EAPOL to do a PTK rekey, there is a possible race condition.
When msg 3/4 is received, the supplicant will send msg 4/4 and install
the new key immediately; however, the driver must make sure that msg 4/4
is sent before installing the new key. We use TX report to ensure it is
sent.
Signed-off-by: Ping-Ke Shih
Signed-off-by: Larry Finger
---
drivers/net/wireless/realtek/rtlwifi/base.c| 117 ++---
drivers/net/wireless/realtek/rtlwifi/base.h| 7 ++
drivers/net/wireless/realtek/rtlwifi/core.c| 2 +
drivers/net/wireless/realtek/rtlwifi/debug.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/debug.h | 1 +
.../net/wireless/realtek/rtlwifi/rtl8192ee/fw.c| 1 +
.../net/wireless/realtek/rtlwifi/rtl8192ee/trx.c | 8 ++
.../net/wireless/realtek/rtlwifi/rtl8723be/fw.c| 1 +
.../net/wireless/realtek/rtlwifi/rtl8723be/trx.c | 8 ++
.../net/wireless/realtek/rtlwifi/rtl8723be/trx.h | 12 +++
.../net/wireless/realtek/rtlwifi/rtl8821ae/fw.c| 3 +
.../net/wireless/realtek/rtlwifi/rtl8821ae/trx.c | 8 ++
.../net/wireless/realtek/rtlwifi/rtl8821ae/trx.h | 13 +++
drivers/net/wireless/realtek/rtlwifi/wifi.h| 10 ++
14 files changed, 180 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/realtek/rtlwifi/base.c
b/drivers/net/wireless/realtek/rtlwifi/base.c
index fa2d26a..edab6ec 100644
--- a/drivers/net/wireless/realtek/rtlwifi/base.c
+++ b/drivers/net/wireless/realtek/rtlwifi/base.c
@@ -1107,6 +1107,9 @@ void rtl_get_tcb_desc(struct ieee80211_hw *hw,
if (txrate)
tcb_desc->hw_rate = txrate->hw_value;
+ if (rtl_is_tx_report_skb(hw, skb))
+ tcb_desc->use_spe_rpt = 1;
+
if (ieee80211_is_data(fc)) {
/*
*we set data rate INX 0
@@ -1315,21 +1318,13 @@ static void setup_arp_tx(struct rtl_priv *rtlpriv,
struct rtl_ps_ctl *ppsc)
ppsc->last_delaylps_stamp_jiffies = jiffies;
}
-/*should call before software enc*/
-u8 rtl_is_special_data(struct ieee80211_hw *hw, struct sk_buff *skb, u8 is_tx,
- bool is_enc)
+static const u8 *rtl_skb_ether_type_ptr(struct ieee80211_hw *hw,
+ struct sk_buff *skb, bool is_enc)
{
struct rtl_priv *rtlpriv = rtl_priv(hw);
- struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
- __le16 fc = rtl_get_fc(skb);
- u16 ether_type;
u8 mac_hdr_len = ieee80211_get_hdrlen_from_skb(skb);
u8 encrypt_header_len = 0;
u8 offset;
- const struct iphdr *ip;
-
- if (!ieee80211_is_data(fc))
- goto end;
switch (rtlpriv->sec.pairwise_enc_algorithm) {
case WEP40_ENCRYPTION:
@@ -1349,10 +1344,29 @@ u8 rtl_is_special_data(struct ieee80211_hw *hw, struct
sk_buff *skb, u8 is_tx,
offset = mac_hdr_len + SNAP_SIZE;
if (is_enc)
offset += encrypt_header_len;
- ether_type = be16_to_cpup((__be16 *)(skb->data + offset));
+
+ return skb->data + offset;
+}
+
+/*should call before software enc*/
+u8 rtl_is_special_data(struct ieee80211_hw *hw, struct sk_buff *skb, u8 is_tx,
+ bool is_enc)
+{
+ struct rtl_priv *rtlpriv = rtl_priv(hw);
+ struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
+ __le16 fc = rtl_get_fc(skb);
+ u16 ether_type;
+ const u8 *ether_type_ptr;
+ const struct iphdr *ip;
+
+ if (!ieee80211_is_data(fc))
+ goto end;
+
+ ether_type_ptr = rtl_skb_ether_type_ptr(hw, skb, is_enc);
+ ether_type = be16_to_cpup((__be16 *)ether_type_ptr);
if (ETH_P_IP == ether_type) {
- ip = (struct iphdr *)((u8 *)skb->data + offset +
+ ip = (struct iphdr *)((u8 *)ether_type_ptr +
PROTOC_TYPE_SIZE);
if (IPPROTO_UDP == ip->protocol) {
struct udphdr *udp = (struct udphdr *)((u8 *)ip +
@@ -1402,6 +1416,85 @@ u8 rtl_is_special_data(struct ieee80211_hw *hw, struct
sk_buff *skb, u8 is_tx,
}
EXPORT_SYMBOL_GPL(rtl_is_special_data);
+bool rtl_is_tx_report_skb(struct ieee80211_hw *hw, struct sk_buff *skb)
+{
+ u16 ether_type;
+ const u8 *ether_type_ptr;
+
+ ether_type_ptr = rtl_skb_ether_type_ptr(hw, skb, true);
+ ether_type = be16_to_cpup((__be16 *)ether_type_ptr);
+
+ /* EAPOL */
+ if (ether_type == ETH_P_PAE)
+ return true;
+
+ return false;
+}
+
+u16 rtl_get_tx_report_sn(struct ieee80211_hw *hw)
+{
+ struct rtl_priv *rtlpriv = rtl_priv(hw);
+ struct rtl_tx_report *tx_report = >tx_report;
+ u16 sn;
+
+ sn = atomic_inc_return(_report->sn) & 0x0FFF;
+
+ tx_report->last_sent_sn = sn;
+ tx_report->last_sent_time = jiffies;
+
+ RT_TRACE(rtlpriv, COMP_TX_REPORT, DBG_DMESG,
+