Commit 1a84f3fd authored by Johannes Berg's avatar Johannes Berg Committed by David S. Miller

[MAC80211]: ratelimit some RX messages

Many if not all of these messages can be triggered by sending
a few rogue frames which is trivially done and then we overflow
our logs.
Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
Acked-by: default avatarMichael Wu <flamingice@sourmilk.net>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent aaa92e9a
...@@ -336,9 +336,12 @@ ieee80211_rx_h_load_key(struct ieee80211_txrx_data *rx) ...@@ -336,9 +336,12 @@ ieee80211_rx_h_load_key(struct ieee80211_txrx_data *rx)
if (!rx->key) { if (!rx->key) {
if (!rx->u.rx.ra_match) if (!rx->u.rx.ra_match)
return TXRX_DROP; return TXRX_DROP;
printk(KERN_DEBUG "%s: RX WEP frame with " if (net_ratelimit())
"unknown keyidx %d (A1=" MAC_FMT " A2=" printk(KERN_DEBUG "%s: RX WEP frame "
MAC_FMT " A3=" MAC_FMT ")\n", "with unknown keyidx %d "
"(A1=" MAC_FMT
" A2=" MAC_FMT
" A3=" MAC_FMT ")\n",
rx->dev->name, keyidx, rx->dev->name, keyidx,
MAC_ARG(hdr->addr1), MAC_ARG(hdr->addr1),
MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr2),
...@@ -526,6 +529,7 @@ ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx) ...@@ -526,6 +529,7 @@ ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
return TXRX_CONTINUE; return TXRX_CONTINUE;
if (!rx->key) { if (!rx->key) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n", printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
rx->dev->name); rx->dev->name);
return TXRX_DROP; return TXRX_DROP;
...@@ -534,6 +538,7 @@ ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx) ...@@ -534,6 +538,7 @@ ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) || if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
rx->key->force_sw_encrypt) { rx->key->force_sw_encrypt) {
if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) { if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: RX WEP frame, decrypt " printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
"failed\n", rx->dev->name); "failed\n", rx->dev->name);
return TXRX_DROP; return TXRX_DROP;
...@@ -692,12 +697,15 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx) ...@@ -692,12 +697,15 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
} }
rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue]; rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) { if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential" if (net_ratelimit())
" A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x " printk(KERN_DEBUG "%s: defrag: CCMP PN not "
"sequential A2=" MAC_FMT
" PN=%02x%02x%02x%02x%02x%02x "
"(expected %02x%02x%02x%02x%02x%02x)\n", "(expected %02x%02x%02x%02x%02x%02x)\n",
rx->dev->name, MAC_ARG(hdr->addr2), rx->dev->name, MAC_ARG(hdr->addr2),
rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5], rpn[0], rpn[1], rpn[2], rpn[3], rpn[4],
pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]); rpn[5], pn[0], pn[1], pn[2], pn[3],
pn[4], pn[5]);
return TXRX_DROP; return TXRX_DROP;
} }
memcpy(entry->last_pn, pn, CCMP_PN_LEN); memcpy(entry->last_pn, pn, CCMP_PN_LEN);
...@@ -875,6 +883,7 @@ ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx) ...@@ -875,6 +883,7 @@ ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
(rx->key || rx->sdata->drop_unencrypted) && (rx->key || rx->sdata->drop_unencrypted) &&
(rx->sdata->eapol == 0 || (rx->sdata->eapol == 0 ||
!ieee80211_is_eapol(rx->skb)))) { !ieee80211_is_eapol(rx->skb)))) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: RX non-WEP frame, but expected " printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
"encryption\n", rx->dev->name); "encryption\n", rx->dev->name);
return TXRX_DROP; return TXRX_DROP;
...@@ -922,10 +931,15 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) ...@@ -922,10 +931,15 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP && if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
sdata->type != IEEE80211_IF_TYPE_VLAN)) { sdata->type != IEEE80211_IF_TYPE_VLAN)) {
printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID=" if (net_ratelimit())
MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n", printk(KERN_DEBUG "%s: dropped ToDS frame "
dev->name, MAC_ARG(hdr->addr1), "(BSSID=" MAC_FMT
MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3)); " SA=" MAC_FMT
" DA=" MAC_FMT ")\n",
dev->name,
MAC_ARG(hdr->addr1),
MAC_ARG(hdr->addr2),
MAC_ARG(hdr->addr3));
return TXRX_DROP; return TXRX_DROP;
} }
break; break;
...@@ -935,11 +949,15 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) ...@@ -935,11 +949,15 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
memcpy(src, hdr->addr4, ETH_ALEN); memcpy(src, hdr->addr4, ETH_ALEN);
if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) { if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA=" if (net_ratelimit())
MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA=" printk(KERN_DEBUG "%s: dropped FromDS&ToDS "
MAC_FMT ")\n", "frame (RA=" MAC_FMT
rx->dev->name, MAC_ARG(hdr->addr1), " TA=" MAC_FMT " DA=" MAC_FMT
MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3), " SA=" MAC_FMT ")\n",
rx->dev->name,
MAC_ARG(hdr->addr1),
MAC_ARG(hdr->addr2),
MAC_ARG(hdr->addr3),
MAC_ARG(hdr->addr4)); MAC_ARG(hdr->addr4));
return TXRX_DROP; return TXRX_DROP;
} }
...@@ -1015,15 +1033,16 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) ...@@ -1015,15 +1033,16 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
/* send multicast frames both to higher layers in /* send multicast frames both to higher layers in
* local net stack and back to the wireless media */ * local net stack and back to the wireless media */
skb2 = skb_copy(skb, GFP_ATOMIC); skb2 = skb_copy(skb, GFP_ATOMIC);
if (!skb2) if (!skb2 && net_ratelimit())
printk(KERN_DEBUG "%s: failed to clone " printk(KERN_DEBUG "%s: failed to clone "
"multicast frame\n", dev->name); "multicast frame\n", dev->name);
} else { } else {
struct sta_info *dsta; struct sta_info *dsta;
dsta = sta_info_get(local, skb->data); dsta = sta_info_get(local, skb->data);
if (dsta && !dsta->dev) { if (dsta && !dsta->dev) {
printk(KERN_DEBUG "Station with null dev " if (net_ratelimit())
"structure!\n"); printk(KERN_DEBUG "Station with null "
"dev structure!\n");
} else if (dsta && dsta->dev == dev) { } else if (dsta && dsta->dev == dev) {
/* Destination station is associated to this /* Destination station is associated to this
* AP, so send the frame directly to it and * AP, so send the frame directly to it and
...@@ -1135,14 +1154,17 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev, ...@@ -1135,14 +1154,17 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
/* TODO: verify that this is not triggered by fragmented /* TODO: verify that this is not triggered by fragmented
* frames (hw does not verify MIC for them). */ * frames (hw does not verify MIC for them). */
if (net_ratelimit())
printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC " printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
"failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n", "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx); dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1),
keyidx);
if (!sta) { if (!sta) {
/* Some hardware versions seem to generate incorrect /* Some hardware versions seem to generate incorrect
* Michael MIC reports; ignore them to avoid triggering * Michael MIC reports; ignore them to avoid triggering
* countermeasures. */ * countermeasures. */
if (net_ratelimit())
printk(KERN_DEBUG "%s: ignored spurious Michael MIC " printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
"error for unknown address " MAC_FMT "\n", "error for unknown address " MAC_FMT "\n",
dev->name, MAC_ARG(hdr->addr2)); dev->name, MAC_ARG(hdr->addr2));
...@@ -1150,6 +1172,7 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev, ...@@ -1150,6 +1172,7 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
} }
if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) { if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: ignored spurious Michael MIC " printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
"error for a frame with no ISWEP flag (src " "error for a frame with no ISWEP flag (src "
MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2)); MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
...@@ -1164,9 +1187,11 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev, ...@@ -1164,9 +1187,11 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
* for group keys and only the AP is sending real multicast * for group keys and only the AP is sending real multicast
* frames in BSS. */ * frames in BSS. */
if (keyidx) { if (keyidx) {
printk(KERN_DEBUG "%s: ignored Michael MIC error for " if (net_ratelimit())
"a frame with non-zero keyidx (%d) (src " MAC_FMT printk(KERN_DEBUG "%s: ignored Michael MIC "
")\n", dev->name, keyidx, MAC_ARG(hdr->addr2)); "error for a frame with non-zero keyidx"
" (%d) (src " MAC_FMT ")\n", dev->name,
keyidx, MAC_ARG(hdr->addr2));
goto ignore; goto ignore;
} }
} }
...@@ -1174,6 +1199,7 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev, ...@@ -1174,6 +1199,7 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA && if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
(rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) { (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: ignored spurious Michael MIC " printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
"error for a frame that cannot be encrypted " "error for a frame that cannot be encrypted "
"(fc=0x%04x) (src " MAC_FMT ")\n", "(fc=0x%04x) (src " MAC_FMT ")\n",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment