AP: Use monotonic time for MMIC failure/TKIP countermeasures

Wall time jumps shouldn't affect MMIC failure/TKIP countermeasures,
so use monotonic time. Change the michael_mic_failure variable to
struct os_reltime for type-safety.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>

diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h
index 84468de002375d50824c607f14545acf48cb01ba..6f786a8f66dd505d52e46c32baf86f9a4eea8976 100644 (file)
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -146,7 +146,7 @@ struct hostapd_data {
        struct eapol_authenticator *eapol_auth;
 
        struct rsn_preauth_interface *preauth_iface;
-       time_t michael_mic_failure;
+       struct os_reltime michael_mic_failure;
        int michael_mic_failures;
        int tkip_countermeasures;
 

diff --git a/src/ap/tkip_countermeasures.c b/src/ap/tkip_countermeasures.c
index 4a2ea0665d886bed1efc87388a851fb3cb4b9a2d..4725e2b3e8f1eb24c502df8f00dad3a7b5e5dafa 100644 (file)
--- a/src/ap/tkip_countermeasures.c
+++ b/src/ap/tkip_countermeasures.c
@@ -68,7 +68,7 @@ void ieee80211_tkip_countermeasures_deinit(struct hostapd_data *hapd)
 
 int michael_mic_failure(struct hostapd_data *hapd, const u8 *addr, int local)
 {
-       struct os_time now;
+       struct os_reltime now;
        int ret = 0;
 
        if (addr && local) {
@@ -89,8 +89,8 @@ int michael_mic_failure(struct hostapd_data *hapd, const u8 *addr, int local)
                }
        }
 
-       os_get_time(&now);
-       if (now.sec > hapd->michael_mic_failure + 60) {
+       os_get_reltime(&now);
+       if (os_reltime_expired(&now, &hapd->michael_mic_failure, 60)) {
                hapd->michael_mic_failures = 1;
        } else {
                hapd->michael_mic_failures++;
@@ -99,7 +99,7 @@ int michael_mic_failure(struct hostapd_data *hapd, const u8 *addr, int local)
                        ret = 1;
                }
        }
-       hapd->michael_mic_failure = now.sec;
+       hapd->michael_mic_failure = now;
 
        return ret;
 }