[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20210621081928.145203-1-fbihjmeric@gmail.com>
Date: Mon, 21 Jun 2021 16:19:28 +0800
From: Jhih-Ming Huang <fbihjmeric@...il.com>
To: gregkh@...uxfoundation.org, fabioaiuto83@...il.com,
ross.schm.dev@...il.com, maqianga@...ontech.com,
marcocesati@...il.com, linux-staging@...ts.linux.dev,
linux-kernel@...r.kernel.org
Cc: Jhih-Ming Huang <fbihjmeric@...il.com>
Subject: [PATCH v5] rtw_security: fix cast to restricted __le32
This patch fixes the sparse warning of fix cast to restricted __le32.
There was a change for replacing private CRC-32 routines with in kernel
ones.
However, the author used le32_to_cpu to convert crc32_le(), and we
should cpu_to_le32.
Ths commit also fixes the payload checking by memcmp instead of checking element
by element and removes the unused variable.
Signed-off-by: Jhih-Ming Huang <fbihjmeric@...il.com>
---
drivers/staging/rtl8723bs/core/rtw_security.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
diff --git a/drivers/staging/rtl8723bs/core/rtw_security.c b/drivers/staging/rtl8723bs/core/rtw_security.c
index a99f439328f1..8dc6a976b487 100644
--- a/drivers/staging/rtl8723bs/core/rtw_security.c
+++ b/drivers/staging/rtl8723bs/core/rtw_security.c
@@ -92,7 +92,6 @@ void rtw_wep_encrypt(struct adapter *padapter, u8 *pxmitframe)
void rtw_wep_decrypt(struct adapter *padapter, u8 *precvframe)
{
/* exclude ICV */
- u8 crc[4];
signed int length;
u32 keylength;
u8 *pframe, *payload, *iv, wepkey[16];
@@ -119,10 +118,6 @@ void rtw_wep_decrypt(struct adapter *padapter, u8 *precvframe)
/* decrypt payload include icv */
arc4_setkey(ctx, wepkey, 3 + keylength);
arc4_crypt(ctx, payload, payload, length);
-
- /* calculate icv and compare the icv */
- *((u32 *)crc) = le32_to_cpu(~crc32_le(~0, payload, length - 4));
-
}
}
@@ -537,7 +532,7 @@ u32 rtw_tkip_decrypt(struct adapter *padapter, u8 *precvframe)
u32 pnh;
u8 rc4key[16];
u8 ttkey[16];
- u8 crc[4];
+ __le32 crc;
signed int length;
u8 *pframe, *payload, *iv, *prwskey;
@@ -618,10 +613,9 @@ u32 rtw_tkip_decrypt(struct adapter *padapter, u8 *precvframe)
arc4_setkey(ctx, rc4key, 16);
arc4_crypt(ctx, payload, payload, length);
- *((u32 *)crc) = le32_to_cpu(~crc32_le(~0, payload, length - 4));
+ crc = cpu_to_le32(~crc32_le(~0, payload, length - 4));
- if (crc[3] != payload[length - 1] || crc[2] != payload[length - 2] ||
- crc[1] != payload[length - 3] || crc[0] != payload[length - 4])
+ if (memcmp(&crc, payload + length - 4, 4) != 0)
res = _FAIL;
} else {
res = _FAIL;
--
2.32.0
Powered by blists - more mailing lists