From patchwork Wed Jul  1 15:07:05 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?SsOpcsO0bWUgUG91aWxsZXI=?=
 <Jerome.Pouiller@silabs.com>
X-Patchwork-Id: 1320611
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org
 (client-ip=23.128.96.18; helo=vger.kernel.org;
 envelope-from=netdev-owner@vger.kernel.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=none (p=none dis=none) header.from=silabs.com
Authentication-Results: ozlabs.org;
	dkim=pass (1024-bit key;
 unprotected) header.d=silabs.onmicrosoft.com header.i=@silabs.onmicrosoft.com
 header.a=rsa-sha256 header.s=selector2-silabs-onmicrosoft-com
 header.b=CCLp7rUk;
	dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by ozlabs.org (Postfix) with ESMTP id 49xl4H0Rd5z9sV6
	for <patchwork-incoming-netdev@ozlabs.org>;
 Thu,  2 Jul 2020 01:09:03 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731944AbgGAPI6 (ORCPT
        <rfc822;patchwork-incoming-netdev@ozlabs.org>);
        Wed, 1 Jul 2020 11:08:58 -0400
Received: from mail-bn8nam12on2056.outbound.protection.outlook.com
 ([40.107.237.56]:52640
        "EHLO NAM12-BN8-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1731724AbgGAPIf (ORCPT <rfc822;netdev@vger.kernel.org>);
        Wed, 1 Jul 2020 11:08:35 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=e19KJhKS8yZJ0FiTiz1TGhknut11msWmg0WVTIhe3ZuwgtqoR8iF+r/DYhRm8/iBP3XQlTk8w8Z6egP+tfrx9EXulAqafIw+pNoGa/2R35qPSU9j3AMZJDsH50+kjHKCAxruqpv6tZFwwq51pFtkH9yuZ90WHiiYfVMlzn3ipTotKCI+Zh3qz1ApYkyzEeikBgURXawIQoHp3RCfx4esfC0pYnvwGyUxY31+PTCv4vDBcvWQvgs45toqi3Y/Zgsxpa6ORuKBfViKk7sqULDF7aUmQjC07Z05H/cvzrdyXhKQ2TE2O+Q51B2L3kMiAwQZFI+zavC+Jje5Xvmeqtgg5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=p7qhSZGDaIuv3wC9nAfoolTg6r6BTwjMVpN6rCLAOHU=;
 b=Xj9z9ql1FgoxxpoFVW7Ml2ualadJgzX5JzHnJ4286sk16iQMoH7Kw2+qLmbYj/uh+CeZ65I5hWRoxbX8w6GsNlPEPe6epl8TWG0Xu3BriKILKjUYCwueXADXjbUvPlYWgglhU4U6DWS0idEOuxqzX0IRI7HvTfA0nNJVZIwHIZs/SYfCyMF/aOomVl3Hnwmzx7EBwWjrncX6aFjRa3E9YhUcuP96uu4wDE5lSxCe8+f++TNFxIBF7kGY+cZ/kG1uwXPd7ZC6qFFUSBLh6XP7yHXanNV03K0e+BrbQSTElBzzQsMEgtr1rDun2G0X/ZIFmG2aDyi6psK+iQxi1U/xUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=silabs.com; dmarc=pass action=none header.from=silabs.com;
 dkim=pass header.d=silabs.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=silabs.onmicrosoft.com; s=selector2-silabs-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=p7qhSZGDaIuv3wC9nAfoolTg6r6BTwjMVpN6rCLAOHU=;
 b=CCLp7rUkfOYZb3F45h287vTd4hY5XhJxAXF03taY1Badkto95iAj/rsjB65mGfR/XbhThcI0RuzD10c1jl2wFkfTrx1gKuhdwOkJXFCRVBChXyvDdaGmFmQUzIw+ntTDXwupJ9jLA0jW8pYVJce7qd45ny5anykGBOpN6rA6LEA=
Authentication-Results: driverdev.osuosl.org; dkim=none (message not signed)
 header.d=none;driverdev.osuosl.org; dmarc=none action=none
 header.from=silabs.com;
Received: from SN6PR11MB2718.namprd11.prod.outlook.com (2603:10b6:805:63::18)
 by SA0PR11MB4736.namprd11.prod.outlook.com (2603:10b6:806:9f::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.22; Wed, 1 Jul
 2020 15:08:22 +0000
Received: from SN6PR11MB2718.namprd11.prod.outlook.com
 ([fe80::c504:2d66:a8f7:2336]) by SN6PR11MB2718.namprd11.prod.outlook.com
 ([fe80::c504:2d66:a8f7:2336%7]) with mapi id 15.20.3131.033; Wed, 1 Jul 2020
 15:08:22 +0000
From: Jerome Pouiller <Jerome.Pouiller@silabs.com>
To: devel@driverdev.osuosl.org, linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
 Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
 Kalle Valo <kvalo@codeaurora.org>, "David S . Miller" <davem@davemloft.net>,
	=?utf-8?b?SsOpcsO0bWUgUG91aWxsZXI=?=  <jerome.pouiller@silabs.com>
Subject: [PATCH 11/13] staging: wfx: fix CCMP/TKIP replay protection
Date: Wed,  1 Jul 2020 17:07:05 +0200
Message-Id: <20200701150707.222985-12-Jerome.Pouiller@silabs.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20200701150707.222985-1-Jerome.Pouiller@silabs.com>
References: <20200701150707.222985-1-Jerome.Pouiller@silabs.com>
X-ClientProxiedBy: DM5PR07CA0143.namprd07.prod.outlook.com
 (2603:10b6:3:13e::33) To SN6PR11MB2718.namprd11.prod.outlook.com
 (2603:10b6:805:63::18)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from pc-42.silabs.com (2a01:e35:2435:66a0:544b:f17b:7ae8:fb7) by
 DM5PR07CA0143.namprd07.prod.outlook.com (2603:10b6:3:13e::33) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.21 via Frontend
 Transport; Wed, 1 Jul 2020 15:08:20 +0000
X-Mailer: git-send-email 2.27.0
X-Originating-IP: [2a01:e35:2435:66a0:544b:f17b:7ae8:fb7]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: efa75f7b-2a47-41c3-2984-08d81dd09874
X-MS-TrafficTypeDiagnostic: SA0PR11MB4736:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <SA0PR11MB4736E759FB4BD73DC09E7C05936C0@SA0PR11MB4736.namprd11.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
X-Forefront-PRVS: 04519BA941
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 tgSxdpnY65M8YbytWEX9uZW/I2/KYKkhZKOkBQyRdKXQYAPfARzsps3JiVriiUzIWt7wdpFGrdgC/NLeWlAb+A8nWRQACRfdGsXU0z1jBtVJfsUxyPkb+7emABGtOw4mHNu/eWe+5AM1vHrPaSbQBA8i0BmFYMNdpxIdDmUNCnMTsVlbz20jGKTfqTf24d+IJPikzZCLb/0vAfxVySAs7IeZlpprnXmf+lRJPO1QSboyLD1zj0XZSWnMe3tA9NmQ9kxXAa0Gkh4XSMgf/F/+57S0qp7ipdZuXAYqLR3n/WGBP7/Gjvel8B9bdEJj0qt2RjW+70EryoPGTGW0RPv+Iw==
X-Forefront-Antispam-Report: 
 CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR11MB2718.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(39850400004)(366004)(346002)(376002)(396003)(136003)(5660300002)(6486002)(86362001)(6666004)(66574015)(36756003)(2906002)(186003)(83380400001)(16526019)(8936002)(66556008)(66476007)(107886003)(4326008)(8676002)(2616005)(1076003)(478600001)(316002)(54906003)(66946007)(52116002)(7696005);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
 ZDDlVKgCpX0L7tmz0Sf8NK7Gyv/kkYoKz5ieoyJCfHUK1urcbfdxerQKp6x2ohfd8lc4Val7UNZdLaEpXUY8kw4W7uUWk7HiXf2J4tJF7b8UUCIvVj12727piseUbikJTAteJBwRed9fG+/Ld/ImRxbQouPAN531MtzN/d73BsoOOdEjPsHVrPl+FANkPV2+Ds2VOTlNo27ppkmI3nAMAYuwmT1mD2Dvtd52ETF7O5nkbgSEZBmx+Ef+bxKPwCQTJlL6p3AGUcxXveMl94dOjL2qVkJOCISXMBRH82L221yF2Ef1+xy1mzZTA0SJlyjX4XkLdKW/pxo5LKsLKIRr9Diu3yh4o03Mm41c8hu8/V851Ot9FvJwq4clUw5d42cTfCsZ/zXvi/B35dcOuw3hGS3zOfXkgPcXOjEsRLuVWkeU5Io5TP0sfMfCJ/i0Xj4sImZMYqZdKkKM5IbEV0FJt4ZLCp5dkr1MetRYrpV3rr9HYpML0cA8DByDr+nDCbHeP+m9Ld0As5o1M+269RF4fA4cl4lMwK2ys63lCeyzWDY=
X-OriginatorOrg: silabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 efa75f7b-2a47-41c3-2984-08d81dd09874
X-MS-Exchange-CrossTenant-AuthSource: SN6PR11MB2718.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Jul 2020 15:08:22.3366
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 54dbd822-5231-4b20-944d-6f4abcd541fb
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 xUtjOB4eR+WPE6GEqNXYHTYCYSgmZxnSfKk5thReaxKWYsKqjrjdn7kJxaJOG9Hu8lFe2T87zU9UqSk5Ee92UA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR11MB4736
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Jérôme Pouiller <jerome.pouiller@silabs.com>

To enable the TKIP/CCMP replay protection, the frames has to be
processed in the right order. However, the device is not able to
re-order the frames during BlockAck sessions.

Mac80211 is able to reorder the frames, but it need the information
about the BlockAck sessions start and stop. Unfortunately, since the
BlockAck is fully handled by the hardware, these frames were not
forwarded to the host. So, if the driver ask to mac80211 to apply the
replay protection, it drop all misordered frames.

So, until now, the driver explicitly asked to mac80211 to not apply
the CCMP/TKIP replay protection.

The situation has changed with the API 3.4 of the device firmware. The
firmware forward the BlockAck information. Mac80211 is now able to
correctly reorder the frames. There is no more reasons to drop
cryptographic data.

This patch also impact the older firmwares. There will be a performance
impact on these firmware (since the misordered frames will dropped).
However, we can't keep the replay protection disabled.

Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com>
---
 drivers/staging/wfx/data_rx.c | 31 ++++++++++++++++++++++++++-----
 drivers/staging/wfx/data_tx.c |  3 ++-
 2 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/drivers/staging/wfx/data_rx.c b/drivers/staging/wfx/data_rx.c
index 60e2e5cb4656a..6fb0788807426 100644
--- a/drivers/staging/wfx/data_rx.c
+++ b/drivers/staging/wfx/data_rx.c
@@ -13,6 +13,24 @@
 #include "bh.h"
 #include "sta.h"
 
+static void wfx_rx_handle_ba(struct wfx_vif *wvif, struct ieee80211_mgmt *mgmt)
+{
+	int params, tid;
+
+	switch (mgmt->u.action.u.addba_req.action_code) {
+	case WLAN_ACTION_ADDBA_REQ:
+		params = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
+		tid = (params & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
+		ieee80211_start_rx_ba_session_offl(wvif->vif, mgmt->sa, tid);
+		break;
+	case WLAN_ACTION_DELBA:
+		params = le16_to_cpu(mgmt->u.action.u.delba.params);
+		tid = (params &  IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
+		ieee80211_stop_rx_ba_session_offl(wvif->vif, mgmt->sa, tid);
+		break;
+	}
+}
+
 void wfx_rx_cb(struct wfx_vif *wvif,
 	       const struct hif_ind_rx *arg, struct sk_buff *skb)
 {
@@ -53,15 +71,18 @@ void wfx_rx_cb(struct wfx_vif *wvif,
 	hdr->antenna = 0;
 
 	if (arg->rx_flags.encryp)
-		hdr->flag |= RX_FLAG_DECRYPTED | RX_FLAG_PN_VALIDATED;
+		hdr->flag |= RX_FLAG_DECRYPTED;
 
-	/* Filter block ACK negotiation: fully controlled by firmware */
+	// Block ack negociation is offloaded by the firmware. However,
+	// re-ordering must be done by the mac80211.
 	if (ieee80211_is_action(frame->frame_control) &&
-	    arg->rx_flags.match_uc_addr &&
-	    mgmt->u.action.category == WLAN_CATEGORY_BACK)
+	    mgmt->u.action.category == WLAN_CATEGORY_BACK &&
+	    skb->len > IEEE80211_MIN_ACTION_SIZE) {
+		wfx_rx_handle_ba(wvif, mgmt);
 		goto drop;
+	}
+
 	ieee80211_rx_irqsafe(wvif->wdev->hw, skb);
-
 	return;
 
 drop:
diff --git a/drivers/staging/wfx/data_tx.c b/drivers/staging/wfx/data_tx.c
index 5c744d9c8c114..3acf4eb0214dc 100644
--- a/drivers/staging/wfx/data_tx.c
+++ b/drivers/staging/wfx/data_tx.c
@@ -418,7 +418,8 @@ void wfx_tx(struct ieee80211_hw *hw, struct ieee80211_tx_control *control,
 		wvif = wvif_iterate(wdev, NULL);
 	if (WARN_ON(!wvif))
 		goto drop;
-	// FIXME: why?
+	// Because of TX_AMPDU_SETUP_IN_HW, mac80211 does not try to send any
+	// BlockAck session management frame. The check below exist just in case.
 	if (ieee80211_is_action_back(hdr)) {
 		dev_info(wdev->dev, "drop BA action\n");
 		goto drop;