net80211: fix TKIP trailer trimming w/ no rx parameters given
ClosedPublic
Actions

Authored by adrian on Jun 2 2025, 12:15 AM.

Details

Reviewers

Group Reviewers

Commits

rG950343a170f0: net80211: fix TKIP trailer trimming w/ no rx parameters given
rG36fcd52c2bd5: net80211: fix TKIP trailer trimming w/ no rx parameters given

Summary

Previous work made trimming the TKIP trailer an optional thing
based on what the driver indicated it did with the received
frame. However, for drivers that aren't populating an RX frame
with an rx status - notably iwn(4) - exposed this bug.

If the driver doesn't expose any RX status then just restore
the previous behaviour.

This should be considered a temporary (ish) workaround until we've
figured out a longer term approach to checking RX status information
from drivers and what the default (if any) behaviour should be.

Locally tested:

iwn(4), STA mode, CCMP + TKIP groupwise network

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

adrian created this revision.Jun 2 2025, 12:15 AM

Herald added subscribers: glebius, melifaro, imp. · View Herald TranscriptJun 2 2025, 12:15 AM

adrian requested review of this revision.Jun 2 2025, 12:15 AM

Harbormaster completed remote builds in B64581: Diff 156393.Jun 2 2025, 12:15 AM

adrian added a reviewer: wireless.Jun 2 2025, 12:17 AM

adrian added a project: wireless.

Need to check all the other places which may have changed implicit behaviour too and they all need the same comment,

sys/net80211/ieee80211_crypto_tkip.c
375	What about? /* Code implicit legacy behavior until all drivers are converted. */ if (rxs == NULL \|\| (rxs->c_pktflags & IEEE80211_RX_F_ICV_STRIP) == 0) ?

This revision now requires changes to proceed.Jun 2 2025, 1:13 AM

update from bz; matches what's in CCMP

Harbormaster completed remote builds in B64585: Diff 156397.Jun 2 2025, 2:08 AM

In D50638#1156017, @bz wrote:

Need to check all the other places which may have changed implicit behaviour too and they all need the same comment,

it looks like ccmp and gcmp are OK. CCMP actually has the suggested fix from you here. :-)

adrian added a child revision: D50642: net80211: create ieee80211_vap_printf() / ieee80211_ic_printf() for printing.Jun 2 2025, 2:12 AM

Important:

Please add:

Fixes:     731ff40069d28
MFC after: 3 days

I can do the MFC and handle the possible errata notice if you want me to given it's my bug; added re@ to this review.

Thankfully it seems all the other changes were indeed new or not changing the status quo. Cannot find any others matching
git diff 1eb3f15c149b.. sys/net80211 | grep 'rxs != NULL' | grep ==

bz accepted this revision.Jun 2 2025, 1:19 PM

This revision is now accepted and ready to land.Jun 2 2025, 1:19 PM

emaste added a subscriber: emaste.Jun 2 2025, 11:04 PM