[PATCH] ieee80211: Fix TKIP MIC calculation for QoS frames
Zhu Yi [Thu, 13 Apr 2006 09:17:06 +0000 (17:17 +0800)]
Fix TKIP MIC verification failure when receiving QoS frames from AP.

Signed-off-by: Hong Liu <hong.liu@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

include/net/ieee80211.h
net/ieee80211/ieee80211_crypt_tkip.c

index 4725ff8..66dc136 100644 (file)
 #define IEEE80211_SCTL_FRAG            0x000F
 #define IEEE80211_SCTL_SEQ             0xFFF0
 
+/* QOS control */
+#define IEEE80211_QCTL_TID             0x000F
+
 /* debug macros */
 
 #ifdef CONFIG_IEEE80211_DEBUG
index 93def94..3fa5df2 100644 (file)
@@ -501,8 +501,11 @@ static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr,
 static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
 {
        struct ieee80211_hdr_4addr *hdr11;
+       u16 stype;
 
        hdr11 = (struct ieee80211_hdr_4addr *)skb->data;
+       stype  = WLAN_FC_GET_STYPE(le16_to_cpu(hdr11->frame_ctl));
+
        switch (le16_to_cpu(hdr11->frame_ctl) &
                (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
        case IEEE80211_FCTL_TODS:
@@ -523,7 +526,13 @@ static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
                break;
        }
 
-       hdr[12] = 0;            /* priority */
+       if (stype & IEEE80211_STYPE_QOS_DATA) {
+               const struct ieee80211_hdr_3addrqos *qoshdr =
+                       (struct ieee80211_hdr_3addrqos *)skb->data;
+               hdr[12] = le16_to_cpu(qoshdr->qos_ctl) & IEEE80211_QCTL_TID;
+       } else
+               hdr[12] = 0;            /* priority */
+
        hdr[13] = hdr[14] = hdr[15] = 0;        /* reserved */
 }