Pull bugzilla-9535 into release branch

[powerpc.git] / net / mac80211 / rx.c

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 4c046af..a7263fc 100644 (file)
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -424,6 +424,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
        int keyidx;
        int hdrlen;
+       ieee80211_txrx_result result = TXRX_DROP;
        struct ieee80211_key *stakey = NULL;
 
        /*
@@ -508,9 +509,11 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
                rx->key->tx_rx_count++;
                /* TODO: add threshold stuff again */
        } else {
+#ifdef CONFIG_MAC80211_DEBUG
                if (net_ratelimit())
                        printk(KERN_DEBUG "%s: RX protected frame,"
                               " but have no key\n", rx->dev->name);
+#endif /* CONFIG_MAC80211_DEBUG */
                return TXRX_DROP;
        }
 
@@ -522,21 +525,22 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
            ieee80211_wep_is_weak_iv(rx->skb, rx->key))
                rx->sta->wep_weak_iv_count++;
 
-       /* either the frame will be decrypted or dropped */
-       rx->u.rx.status->flag |= RX_FLAG_DECRYPTED;
-
        switch (rx->key->conf.alg) {
        case ALG_WEP:
-               return ieee80211_crypto_wep_decrypt(rx);
+               result = ieee80211_crypto_wep_decrypt(rx);
+               break;
        case ALG_TKIP:
-               return ieee80211_crypto_tkip_decrypt(rx);
+               result = ieee80211_crypto_tkip_decrypt(rx);
+               break;
        case ALG_CCMP:
-               return ieee80211_crypto_ccmp_decrypt(rx);
+               result = ieee80211_crypto_ccmp_decrypt(rx);
+               break;
        }
 
-       /* not reached */
-       WARN_ON(1);
-       return TXRX_DROP;
+       /* either the frame has been decrypted or will be dropped */
+       rx->u.rx.status->flag |= RX_FLAG_DECRYPTED;
+
+       return result;
 }
 
 static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
@@ -993,7 +997,7 @@ ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
        if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
                     (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
                     (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
-                    rx->sdata->drop_unencrypted &&
+                    (rx->key || rx->sdata->drop_unencrypted) &&
                     (rx->sdata->eapol == 0 || !ieee80211_is_eapol(rx->skb)))) {
                if (net_ratelimit())
                        printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
@@ -1439,6 +1443,7 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
        struct ieee80211_sub_if_data *prev = NULL;
        struct sk_buff *skb_new;
        u8 *bssid;
+       int hdrlen;
 
        /*
         * key references and virtual interfaces are protected using RCU
@@ -1468,6 +1473,18 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
        rx.fc = le16_to_cpu(hdr->frame_control);
        type = rx.fc & IEEE80211_FCTL_FTYPE;
 
+       /*
+        * Drivers are required to align the payload data to a four-byte
+        * boundary, so the last two bits of the address where it starts
+        * may not be set. The header is required to be directly before
+        * the payload data, padding like atheros hardware adds which is
+        * inbetween the 802.11 header and the payload is not supported,
+        * the driver is required to move the 802.11 header further back
+        * in that case.
+        */
+       hdrlen = ieee80211_get_hdrlen(rx.fc);
+       WARN_ON_ONCE(((unsigned long)(skb->data + hdrlen)) & 3);
+
        if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
                local->dot11ReceivedFragmentCount++;