2010-03-29 10:17:11

by Sujith

[permalink] [raw]
Subject: [PATCH 7/7] ath9k_htc: Fix TKIP encryption

The FCS has to be stripped before the packet
is given to mac80211. Also, remove a redundant
assignment of skb length and include the FCS_LEN
when checking padding.

Fixing this issue makes TKIP work.

Signed-off-by: Sujith <[email protected]>
---
drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
index befe574..b171f8e 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
@@ -450,7 +450,7 @@ static bool ath9k_rx_prepare(struct ath9k_htc_priv *priv,
padpos = ath9k_cmn_padpos(fc);

padsize = padpos & 3;
- if (padsize && skb->len >= padpos+padsize) {
+ if (padsize && skb->len >= padpos+padsize+FCS_LEN) {
memmove(skb->data + padsize, skb->data, padpos);
skb_pull(skb, padsize);
}
@@ -537,6 +537,9 @@ static bool ath9k_rx_prepare(struct ath9k_htc_priv *priv,
rx_status->antenna = rxbuf->rxstatus.rs_antenna;
rx_status->flag |= RX_FLAG_TSFT;

+ /* Strip FCS */
+ skb_trim(skb, skb->len - FCS_LEN);
+
return true;

rx_next:
@@ -646,7 +649,6 @@ void ath9k_htc_rxep(void *drv_priv, struct sk_buff *skb,
spin_lock(&priv->rx.rxbuflock);
memcpy(&rxbuf->rxstatus, rxstatus, HTC_RX_FRAME_HEADER_SIZE);
skb_pull(skb, HTC_RX_FRAME_HEADER_SIZE);
- skb->len = rxstatus->rs_datalen;
rxbuf->skb = skb;
rxbuf->in_process = true;
spin_unlock(&priv->rx.rxbuflock);
--
1.7.0.3



2010-03-30 02:55:59

by Sujith

[permalink] [raw]
Subject: Re: [PATCH 7/7] ath9k_htc: Fix TKIP encryption

Christian Lamparter wrote:
> On Monday 29 March 2010 12:37:22 Sujith wrote:
> > The FCS has to be stripped before the packet
> > is given to mac80211. Also, remove a redundant
> > assignment of skb length and include the FCS_LEN
> > when checking padding.
> >
> > Fixing this issue makes TKIP work.
> >
> > Signed-off-by: Sujith <[email protected]>
> > ---
> you don't need to strip the FCS, mac80211 can do that if necessary.
> (Or not, if you want to operate a network sniffer)
>

I was aware of the flag - but there was some confusion about
whether the target FW strips the FCS or not. And it looks like it doesn't.
I'll send a modified patch, thanks for the review.

Sujith

2010-03-29 14:29:13

by Christian Lamparter

[permalink] [raw]
Subject: Re: [PATCH 7/7] ath9k_htc: Fix TKIP encryption

On Monday 29 March 2010 12:37:22 Sujith wrote:
> The FCS has to be stripped before the packet
> is given to mac80211. Also, remove a redundant
> assignment of skb length and include the FCS_LEN
> when checking padding.
>
> Fixing this issue makes TKIP work.
>
> Signed-off-by: Sujith <[email protected]>
> ---
you don't need to strip the FCS, mac80211 can do that if necessary.
(Or not, if you want to operate a network sniffer)

---
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_init.c b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
index 10c8760..d5e015e 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_init.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
@@ -509,6 +509,7 @@ static void ath9k_set_hw_capab(struct ath9k_htc_priv *priv,
struct ath_common *common = ath9k_hw_common(priv->ah);

hw->flags = IEEE80211_HW_SIGNAL_DBM |
+ IEEE80211_HW_RX_INCLUDES_FCS |
IEEE80211_HW_AMPDU_AGGREGATION |
IEEE80211_HW_SPECTRUM_MGMT |
IEEE80211_HW_HAS_RATE_CONTROL;


> drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 6 ++++--
> 1 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
> index befe574..b171f8e 100644
> --- a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
> +++ b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
> @@ -646,7 +649,6 @@ void ath9k_htc_rxep(void *drv_priv, struct sk_buff *skb,
> spin_lock(&priv->rx.rxbuflock);
> memcpy(&rxbuf->rxstatus, rxstatus, HTC_RX_FRAME_HEADER_SIZE);
> skb_pull(skb, HTC_RX_FRAME_HEADER_SIZE);
> - skb->len = rxstatus->rs_datalen;
> rxbuf->skb = skb;
> rxbuf->in_process = true;
> spin_unlock(&priv->rx.rxbuflock);
>
ok, this one looks odd...

BTW,