mac80211: check PN correctly for GCMP-encrypted fragmented MPDUs

[ Upstream commit 9acc54beb474c81148e2946603d141cf8716b19f ] Just like for CCMP we need to check that for GCMP the fragments have PNs that increment by one; the spec was updated to fix this security issue and now has the following text: The receiver shall discard MSDUs and MMPDUs whose constituent MPDU PN values are not incrementing in steps of 1. Adapt the code for CCMP to work for GCMP as well, luckily the relevant fields already alias each other so no code duplication is needed (just check the aliasing with BUILD_BUG_ON.) Cc: stable@vger.kernel.org Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
author: Johannes Berg <johannes.berg@intel.com> 2016-02-26 22:13:40 +0100
committer: Sasha Levin <sasha.levin@oracle.com> 2016-03-22 11:10:25 -0400
commit: 87e0016ccb1f9cbe377d4af19cb840acbbdff206 (patch)
tree: 97b202a8eebc21b21aa055b1662e6cfdd4117d75 /net/mac80211/ieee80211_i.h
parent: a60ebc3d637071d56b66aac189dd3fcdfa707704 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index c0a9187bc3a9..cdf8609a6240 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -90,7 +90,7 @@ struct ieee80211_fragment_entry {
 	unsigned int last_frag;
 	unsigned int extra_len;
 	struct sk_buff_head skb_list;
-	int ccmp; /* Whether fragments were encrypted with CCMP */
+	bool check_sequential_pn; /* needed for CCMP/GCMP */
 	u8 last_pn[6]; /* PN of the last fragment if CCMP was used */
 };
author	Johannes Berg <johannes.berg@intel.com>	2016-02-26 22:13:40 +0100
committer	Sasha Levin <sasha.levin@oracle.com>	2016-03-22 11:10:25 -0400
commit	87e0016ccb1f9cbe377d4af19cb840acbbdff206 (patch)
tree	97b202a8eebc21b21aa055b1662e6cfdd4117d75 /net/mac80211/ieee80211_i.h
parent	a60ebc3d637071d56b66aac189dd3fcdfa707704 (diff)