summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Berg <johannes.berg@intel.com>2023-06-19 16:26:51 +0300
committerJohannes Berg <johannes.berg@intel.com>2023-06-21 14:01:28 +0200
commit2829b2fc8910984daa89be8005adbd9fb6205024 (patch)
treeb3df572eaa1e2563ab553558388ea2e32be24d43
parentb8b80770b26c4591f20f1cde3328e5f1489c4488 (diff)
wifi: mac80211: fix CRC calculation for extended elems
For extended elements, we currently only calculate the CRC for some of them, but really we should do it also for the rest that we care about, such as EHT operation and multi- link. Also, while at it, it seems we should do it even if they aren't well-formed, so we notice if that changes. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Gregory Greenman <gregory.greenman@intel.com> Link: https://lore.kernel.org/r/20230619161906.93235d5c8651.I6615cb3c1244bc9618066baa2bdad7982e9abd1f@changeid Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-rw-r--r--net/mac80211/util.c25
1 files changed, 11 insertions, 14 deletions
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 6c52c597c187..8a6917cf63cf 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -918,6 +918,7 @@ ieee80211_parse_extension_element(u32 *crc,
struct ieee80211_elems_parse_params *params)
{
const void *data = elem->data + 1;
+ bool calc_crc = false;
u8 len;
if (!elem->datalen)
@@ -927,12 +928,9 @@ ieee80211_parse_extension_element(u32 *crc,
switch (elem->data[0]) {
case WLAN_EID_EXT_HE_MU_EDCA:
- if (len >= sizeof(*elems->mu_edca_param_set)) {
+ calc_crc = true;
+ if (len >= sizeof(*elems->mu_edca_param_set))
elems->mu_edca_param_set = data;
- if (crc)
- *crc = crc32_be(*crc, (void *)elem,
- elem->datalen + 2);
- }
break;
case WLAN_EID_EXT_HE_CAPABILITY:
if (ieee80211_he_capa_size_ok(data, len)) {
@@ -941,13 +939,10 @@ ieee80211_parse_extension_element(u32 *crc,
}
break;
case WLAN_EID_EXT_HE_OPERATION:
+ calc_crc = true;
if (len >= sizeof(*elems->he_operation) &&
- len >= ieee80211_he_oper_size(data) - 1) {
- if (crc)
- *crc = crc32_be(*crc, (void *)elem,
- elem->datalen + 2);
+ len >= ieee80211_he_oper_size(data) - 1)
elems->he_operation = data;
- }
break;
case WLAN_EID_EXT_UORA:
if (len >= 1)
@@ -981,16 +976,15 @@ ieee80211_parse_extension_element(u32 *crc,
case WLAN_EID_EXT_EHT_OPERATION:
if (ieee80211_eht_oper_size_ok(data, len))
elems->eht_operation = data;
+ calc_crc = true;
break;
case WLAN_EID_EXT_EHT_MULTI_LINK:
+ calc_crc = true;
+
if (ieee80211_mle_size_ok(data, len)) {
const struct ieee80211_multi_link_elem *mle =
(void *)data;
- if (crc)
- *crc = crc32_be(*crc, (void *)elem,
- elem->datalen + 2);
-
switch (le16_get_bits(mle->control,
IEEE80211_ML_CONTROL_TYPE)) {
case IEEE80211_ML_CONTROL_TYPE_BASIC:
@@ -1009,6 +1003,9 @@ ieee80211_parse_extension_element(u32 *crc,
}
break;
}
+
+ if (crc && calc_crc)
+ *crc = crc32_be(*crc, (void *)elem, elem->datalen + 2);
}
static u32