From patchwork Sat Feb 15 19:54:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pavel Machek X-Patchwork-Id: 11384099 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E924D930 for ; Sat, 15 Feb 2020 19:54:20 +0000 (UTC) Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8C9052083B for ; Sat, 15 Feb 2020 19:54:20 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8C9052083B Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ucw.cz Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=cip-dev-bounces@lists.cip-project.org Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 6250287143; Sat, 15 Feb 2020 19:54:20 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZeFqsyvYwE9R; Sat, 15 Feb 2020 19:54:17 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by hemlock.osuosl.org (Postfix) with ESMTP id 9109487134; Sat, 15 Feb 2020 19:54:17 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 788A6C0177; Sat, 15 Feb 2020 19:54:17 +0000 (UTC) X-Original-To: cip-dev@lists.cip-project.org Delivered-To: cip-dev@lists.linuxfoundation.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id C0B33C0177 for ; Sat, 15 Feb 2020 19:54:15 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id AF7E7865AB for ; Sat, 15 Feb 2020 19:54:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xzXA4CT9_g62 for ; Sat, 15 Feb 2020 19:54:14 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from jabberwock.ucw.cz (jabberwock.ucw.cz [46.255.230.98]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 1510B8658A for ; Sat, 15 Feb 2020 19:54:13 +0000 (UTC) Received: by jabberwock.ucw.cz (Postfix, from userid 1017) id 1B80C1C1CBB; Sat, 15 Feb 2020 20:54:10 +0100 (CET) Date: Sat, 15 Feb 2020 20:54:07 +0100 From: Pavel Machek To: cip-dev@lists.cip-project.org, Chris.Paterson2@renesas.com Message-ID: <20200215195407.GA10344@amd> MIME-Version: 1.0 User-Agent: Mutt/1.5.23 (2014-03-12) Subject: [cip-dev] [backport 4.4] mac80211: Fix TKIP replay protection immediately after key setup X-BeenThere: cip-dev@lists.cip-project.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: cip-dev-bounces@lists.cip-project.org Sender: "cip-dev" Hi! So... this is first backport patch. I'll need to reformat a changelog. The patch should pass our tests on gitlab, but I somehow don't think those tests involved wifi at all... At least it compiles. Can someone test it easily? Should I just submit it to stable explaining I did not test it? Do you have other patches that should go to 4.4/4.19? Best regards, Pavel commit 911e21ed055f6700fa80d0f7a818ba223999bb2a Author: Pavel Machek Date: Thu Feb 13 22:56:46 2020 +0100 Author: Jouni Malinen Date: Tue Jan 7 17:35:45 2020 +0200 commit fa73f24d1b119b85b32cd8f217a73d108888097e mac80211: Fix TKIP replay protection immediately after key setup TKIP replay protection was skipped for the very first frame received after a new key is configured. While this is potentially needed to avoid dropping a frame in some cases, this does leave a window for replay attacks with group-addressed frames at the station side. Any earlier frame sent by the AP using the same key would be accepted as a valid frame and the internal RSC would then be updated to the TSC from that frame. This would allow multiple previously transmitted group-addressed frames to be replayed until the next valid new group-addressed frame from the AP is received by the station. Fix this by limiting the no-replay-protection exception to apply only for the case where TSC=0, i.e., when this is for the very first frame protected using the new key, and the local RSC had not been set to a higher value when configuring the key (which may happen with GTK). Signed-off-by: Jouni Malinen Link: https://lore.kernel.org/r/20200107153545.10934-1-j@w1.fi Signed-off-by: Johannes Berg [pavel@ucw.cz: port to 4.4] Signed-off-by: Pavel Machek diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 0ae207771a58..d09d24d04f8a 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -265,10 +265,21 @@ int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, if ((keyid >> 6) != key->conf.keyidx) return TKIP_DECRYPT_INVALID_KEYIDX; - if (key->u.tkip.rx[queue].state != TKIP_STATE_NOT_INIT && - (iv32 < key->u.tkip.rx[queue].iv32 || - (iv32 == key->u.tkip.rx[queue].iv32 && - iv16 <= key->u.tkip.rx[queue].iv16))) + /* Reject replays if the received TSC is smaller than or equal to the + * last received value in a valid message, but with an exception for + * the case where a new key has been set and no valid frame using that + * key has yet received and the local RSC was initialized to 0. This + * exception allows the very first frame sent by the transmitter to be + * accepted even if that transmitter were to use TSC 0 (IEEE 802.11 + * described TSC to be initialized to 1 whenever a new key is taken into + * use). + */ + if (iv32 < key->u.tkip.rx[queue].iv32 || + (iv32 == key->u.tkip.rx[queue].iv32 && + (iv16 < key->u.tkip.rx[queue].iv16 || + (iv16 == key->u.tkip.rx[queue].iv16 && + (key->u.tkip.rx[queue].iv32 || key->u.tkip.rx[queue].iv16 || + key->u.tkip.rx[queue].state != TKIP_STATE_NOT_INIT))))) return TKIP_DECRYPT_REPLAY; if (only_iv) {