openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

[MAC80211]: ratelimit some RX messages 

Many if not all of these messages can be triggered by sending
a few rogue frames which is trivially done and then we overflow
our logs.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Acked-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Johannes Berg 2007-08-28 17:01:52 -04:00 committed by David S. Miller
parent aaa92e9a74
commit 1a84f3fd14
1 changed files with 74 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
net/mac80211/rx.c
View File

@ -336,13 +336,16 @@ ieee80211_rx_h_load_key(struct ieee80211_txrx_data *rx)
if (!rx->key) { if (!rx->key) {
if (!rx->u.rx.ra_match) if (!rx->u.rx.ra_match)
return TXRX_DROP; return TXRX_DROP;
printk(KERN_DEBUG "%s: RX WEP frame with " if (net_ratelimit())
"unknown keyidx %d (A1=" MAC_FMT " A2=" printk(KERN_DEBUG "%s: RX WEP frame "
MAC_FMT " A3=" MAC_FMT ")\n", "with unknown keyidx %d "
rx->dev->name, keyidx, "(A1=" MAC_FMT
MAC_ARG(hdr->addr1), " A2=" MAC_FMT
MAC_ARG(hdr->addr2), " A3=" MAC_FMT ")\n",
MAC_ARG(hdr->addr3)); rx->dev->name, keyidx,
MAC_ARG(hdr->addr1),
MAC_ARG(hdr->addr2),
MAC_ARG(hdr->addr3));
if (!rx->local->apdev) if (!rx->local->apdev)
return TXRX_DROP; return TXRX_DROP;
ieee80211_rx_mgmt( ieee80211_rx_mgmt(
@ -526,16 +529,18 @@ ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
return TXRX_CONTINUE; return TXRX_CONTINUE;
if (!rx->key) { if (!rx->key) {
printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n", if (net_ratelimit())
rx->dev->name); printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
rx->dev->name);
return TXRX_DROP; return TXRX_DROP;
} }
if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) || if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
rx->key->force_sw_encrypt) { rx->key->force_sw_encrypt) {
if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) { if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
printk(KERN_DEBUG "%s: RX WEP frame, decrypt " if (net_ratelimit())
"failed\n", rx->dev->name); printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
"failed\n", rx->dev->name);
return TXRX_DROP; return TXRX_DROP;
} }
} else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) { } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
@ -692,12 +697,15 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
} }
rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue]; rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) { if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential" if (net_ratelimit())
" A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x " printk(KERN_DEBUG "%s: defrag: CCMP PN not "
"(expected %02x%02x%02x%02x%02x%02x)\n", "sequential A2=" MAC_FMT
rx->dev->name, MAC_ARG(hdr->addr2), " PN=%02x%02x%02x%02x%02x%02x "
rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5], "(expected %02x%02x%02x%02x%02x%02x)\n",
pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]); rx->dev->name, MAC_ARG(hdr->addr2),
rpn[0], rpn[1], rpn[2], rpn[3], rpn[4],
rpn[5], pn[0], pn[1], pn[2], pn[3],
pn[4], pn[5]);
return TXRX_DROP; return TXRX_DROP;
} }
memcpy(entry->last_pn, pn, CCMP_PN_LEN); memcpy(entry->last_pn, pn, CCMP_PN_LEN);
@ -875,8 +883,9 @@ ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
(rx->key || rx->sdata->drop_unencrypted) && (rx->key || rx->sdata->drop_unencrypted) &&
(rx->sdata->eapol == 0 || (rx->sdata->eapol == 0 ||
!ieee80211_is_eapol(rx->skb)))) { !ieee80211_is_eapol(rx->skb)))) {
printk(KERN_DEBUG "%s: RX non-WEP frame, but expected " if (net_ratelimit())
"encryption\n", rx->dev->name); printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
"encryption\n", rx->dev->name);
return TXRX_DROP; return TXRX_DROP;
} }
return TXRX_CONTINUE; return TXRX_CONTINUE;
@ -922,10 +931,15 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP && if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
sdata->type != IEEE80211_IF_TYPE_VLAN)) { sdata->type != IEEE80211_IF_TYPE_VLAN)) {
printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID=" if (net_ratelimit())
MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n", printk(KERN_DEBUG "%s: dropped ToDS frame "
dev->name, MAC_ARG(hdr->addr1), "(BSSID=" MAC_FMT
MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3)); " SA=" MAC_FMT
" DA=" MAC_FMT ")\n",
dev->name,
MAC_ARG(hdr->addr1),
MAC_ARG(hdr->addr2),
MAC_ARG(hdr->addr3));
return TXRX_DROP; return TXRX_DROP;
} }
break; break;
@ -935,12 +949,16 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
memcpy(src, hdr->addr4, ETH_ALEN); memcpy(src, hdr->addr4, ETH_ALEN);
if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) { if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA=" if (net_ratelimit())
MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA=" printk(KERN_DEBUG "%s: dropped FromDS&ToDS "
MAC_FMT ")\n", "frame (RA=" MAC_FMT
rx->dev->name, MAC_ARG(hdr->addr1), " TA=" MAC_FMT " DA=" MAC_FMT
MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3), " SA=" MAC_FMT ")\n",
MAC_ARG(hdr->addr4)); rx->dev->name,
MAC_ARG(hdr->addr1),
MAC_ARG(hdr->addr2),
MAC_ARG(hdr->addr3),
MAC_ARG(hdr->addr4));
return TXRX_DROP; return TXRX_DROP;
} }
break; break;
@ -1015,15 +1033,16 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
/* send multicast frames both to higher layers in /* send multicast frames both to higher layers in
* local net stack and back to the wireless media */ * local net stack and back to the wireless media */
skb2 = skb_copy(skb, GFP_ATOMIC); skb2 = skb_copy(skb, GFP_ATOMIC);
if (!skb2) if (!skb2 && net_ratelimit())
printk(KERN_DEBUG "%s: failed to clone " printk(KERN_DEBUG "%s: failed to clone "
"multicast frame\n", dev->name); "multicast frame\n", dev->name);
} else { } else {
struct sta_info *dsta; struct sta_info *dsta;
dsta = sta_info_get(local, skb->data); dsta = sta_info_get(local, skb->data);
if (dsta && !dsta->dev) { if (dsta && !dsta->dev) {
printk(KERN_DEBUG "Station with null dev " if (net_ratelimit())
"structure!\n"); printk(KERN_DEBUG "Station with null "
"dev structure!\n");
} else if (dsta && dsta->dev == dev) { } else if (dsta && dsta->dev == dev) {
/* Destination station is associated to this /* Destination station is associated to this
* AP, so send the frame directly to it and * AP, so send the frame directly to it and
@ -1135,24 +1154,28 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
/* TODO: verify that this is not triggered by fragmented /* TODO: verify that this is not triggered by fragmented
* frames (hw does not verify MIC for them). */ * frames (hw does not verify MIC for them). */
printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC " if (net_ratelimit())
"failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n", printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx); "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1),
keyidx);
if (!sta) { if (!sta) {
/* Some hardware versions seem to generate incorrect /* Some hardware versions seem to generate incorrect
* Michael MIC reports; ignore them to avoid triggering * Michael MIC reports; ignore them to avoid triggering
* countermeasures. */ * countermeasures. */
printk(KERN_DEBUG "%s: ignored spurious Michael MIC " if (net_ratelimit())
"error for unknown address " MAC_FMT "\n", printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
dev->name, MAC_ARG(hdr->addr2)); "error for unknown address " MAC_FMT "\n",
dev->name, MAC_ARG(hdr->addr2));
goto ignore; goto ignore;
} }
if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) { if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
printk(KERN_DEBUG "%s: ignored spurious Michael MIC " if (net_ratelimit())
"error for a frame with no ISWEP flag (src " printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2)); "error for a frame with no ISWEP flag (src "
MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
goto ignore; goto ignore;
} }
@ -1164,9 +1187,11 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
* for group keys and only the AP is sending real multicast * for group keys and only the AP is sending real multicast
* frames in BSS. */ * frames in BSS. */
if (keyidx) { if (keyidx) {
printk(KERN_DEBUG "%s: ignored Michael MIC error for " if (net_ratelimit())
"a frame with non-zero keyidx (%d) (src " MAC_FMT printk(KERN_DEBUG "%s: ignored Michael MIC "
")\n", dev->name, keyidx, MAC_ARG(hdr->addr2)); "error for a frame with non-zero keyidx"
" (%d) (src " MAC_FMT ")\n", dev->name,
keyidx, MAC_ARG(hdr->addr2));
goto ignore; goto ignore;
} }
} }
@ -1174,10 +1199,11 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA && if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
(rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) { (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
printk(KERN_DEBUG "%s: ignored spurious Michael MIC " if (net_ratelimit())
"error for a frame that cannot be encrypted " printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
"(fc=0x%04x) (src " MAC_FMT ")\n", "error for a frame that cannot be encrypted "
dev->name, rx->fc, MAC_ARG(hdr->addr2)); "(fc=0x%04x) (src " MAC_FMT ")\n",
dev->name, rx->fc, MAC_ARG(hdr->addr2));
goto ignore; goto ignore;
} }