brcmfmac: Use seq/seq_len and set iv_initialize when plumbing of rxiv in (GTK) keys

When plumbing rxiv for (GTK) keys, current code does not use seq/seq_len
when present nor set iv_initialized for iovar wsec_key. This could
result in missing broadcast traffic after GTK rekey. The fix is setting
iv_initialized and using seq/seq_len for iovar wsec_key.

Signed-off-by: Soontak Lee <soontak.lee@cypress.com>
Signed-off-by: Chi-Hsien Lin <chi-hsien.lin@cypress.com>
Signed-off-by: Wright Feng <wright.feng@cypress.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/1588770201-54361-4-git-send-email-wright.feng@cypress.com

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 181f4df798667d798a79aede9ddc07594c057102..579b9306f5338caef09da86a8ce686bee62d43e5 100644 (file)
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -2469,6 +2469,17 @@ brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
        if (!ext_key)
                key->flags = BRCMF_PRIMARY_KEY;
 
+       if (params->seq && params->seq_len == 6) {
+               /* rx iv */
+               u8 *ivptr;
+
+               ivptr = (u8 *)params->seq;
+               key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
+                       (ivptr[3] << 8) | ivptr[2];
+               key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
+               key->iv_initialized = true;
+       }
+
        switch (params->cipher) {
        case WLAN_CIPHER_SUITE_WEP40:
                key->algo = CRYPTO_ALGO_WEP1;