From patchwork Mon Nov 27 04:38:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469052 Received: from mail-ot1-f41.google.com (mail-ot1-f41.google.com [209.85.210.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8E37010F8 for ; Mon, 27 Nov 2023 04:40:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ibeCx3YR" Received: by mail-ot1-f41.google.com with SMTP id 46e09a7af769-6d81fbfe7aaso493561a34.1 for ; Sun, 26 Nov 2023 20:40:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701060012; x=1701664812; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=kOTUEgUpIUa3xSXsm+qBrM9i2hQEQ7mS1G0rrydGMY4=; b=ibeCx3YRFdCWnbkE0gC70a1H+1+0rJH1WrFKOfP2ZOGsVBdsQfM8dRRN25tXorhW3j Ak0FjRo+ieyEe3N9ZOHPvB27CVceXCSYBJP6HfvAtOkVcNwRxee742Ykph8V8gvTEPF7 Rf7nrAvQvFJRODG2Im2XBiXHrxjPf7jei1z/Wb+2acTnsl5SfrXAS69bq/I8R4hwB9+t axmAQwS2RAR1EhCc+Zswh+XhDUtPtmntOyfbg5zngWVpG4aFld51v/wngb7SQXFD7pIm /34ZhyJsIEKk7RUGuou9B5XOqjSR/WL1Swc2NhJlFnjkRp4RTsgDk5C07QMv07u9LcqS 7uzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701060012; x=1701664812; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kOTUEgUpIUa3xSXsm+qBrM9i2hQEQ7mS1G0rrydGMY4=; b=azA0iAtJOgPI0er00DlO28g+1QqbntfNOiT4f5LlAl/GmBjLkww9E2rBhXu73g/b0i mJUdgJG5BzPwLPgAvFpio4RDwFzV/unxr3BRm1tTPbUbfa10R6o/GRn/zapdUesK1lm2 I81setrBMLdXBJPRfAnxQ5dNRQDKpaT+tDv7JWCzin94xdgWIEziZFIuNqzTkKIFUgX2 X3C79vZbdS22FrJrfOPQCV8IRZGfM+7WMO2mTb41CsN2d0RpGLVtZNcrB26urz97uuhX 3x03RJq3h290EaqUzaTC5zmVg5Gd2x9E9hJvZMt//swQy3Ov7dtDpKZni7evpVFLTBLI z+GA== X-Gm-Message-State: AOJu0YzdsTFH+krvWP33fnUrYm9wa+a2R3CH16FKE7lnP4O18QRf0aPV MtlcPpThOthYACSAk+I6p9Rbk+Wn/jw= X-Google-Smtp-Source: AGHT+IF4Csbew0DtREwn5tdNnt+vWfKZ+L4lYHZR+VsMkyMt+QnRsC14+04SSdP4coqc/qU2v3JMFg== X-Received: by 2002:a05:6870:3c0c:b0:1fa:692:f37e with SMTP id gk12-20020a0568703c0c00b001fa0692f37emr13465042oab.57.1701060012326; Sun, 26 Nov 2023 20:40:12 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id nq6-20020a056871378600b001f5d5930e85sm2110558oac.33.2023.11.26.20.40.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 20:40:11 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH v2 1/6] ie: Move AKM suite converter from netdev Date: Sun, 26 Nov 2023 22:38:41 -0600 Message-ID: <20231127043924.1328538-1-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 It is more logical to host this function inside ie.c than netdev.c. Particularly since ie_rsn_cipher_suite_to_cipher is already present in ie.c. --- src/ie.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ src/ie.h | 2 ++ src/netdev.c | 47 +---------------------------------------------- 3 files changed, 49 insertions(+), 46 deletions(-) diff --git a/src/ie.c b/src/ie.c index 6b08ce180a87..a51724aa74c8 100644 --- a/src/ie.c +++ b/src/ie.c @@ -481,6 +481,52 @@ const char *ie_rsn_cipher_suite_to_string(enum ie_rsn_cipher_suite suite) return NULL; } +uint32_t ie_rsn_akm_suite_to_akm(enum ie_rsn_akm_suite akm) +{ + switch (akm) { + case IE_RSN_AKM_SUITE_8021X: + return CRYPTO_AKM_8021X; + case IE_RSN_AKM_SUITE_PSK: + return CRYPTO_AKM_PSK; + case IE_RSN_AKM_SUITE_FT_OVER_8021X: + return CRYPTO_AKM_FT_OVER_8021X; + case IE_RSN_AKM_SUITE_FT_USING_PSK: + return CRYPTO_AKM_FT_USING_PSK; + case IE_RSN_AKM_SUITE_8021X_SHA256: + return CRYPTO_AKM_8021X_SHA256; + case IE_RSN_AKM_SUITE_PSK_SHA256: + return CRYPTO_AKM_PSK_SHA256; + case IE_RSN_AKM_SUITE_TDLS: + return CRYPTO_AKM_TDLS; + case IE_RSN_AKM_SUITE_SAE_SHA256: + return CRYPTO_AKM_SAE_SHA256; + case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256: + return CRYPTO_AKM_FT_OVER_SAE_SHA256; + case IE_RSN_AKM_SUITE_AP_PEER_KEY_SHA256: + return CRYPTO_AKM_AP_PEER_KEY_SHA256; + case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA256: + return CRYPTO_AKM_8021X_SUITE_B_SHA256; + case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA384: + return CRYPTO_AKM_8021X_SUITE_B_SHA384; + case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384: + return CRYPTO_AKM_FT_OVER_8021X_SHA384; + case IE_RSN_AKM_SUITE_FILS_SHA256: + return CRYPTO_AKM_FILS_SHA256; + case IE_RSN_AKM_SUITE_FILS_SHA384: + return CRYPTO_AKM_FILS_SHA384; + case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256: + return CRYPTO_AKM_FT_OVER_FILS_SHA256; + case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384: + return CRYPTO_AKM_FT_OVER_FILS_SHA384; + case IE_RSN_AKM_SUITE_OWE: + return CRYPTO_AKM_OWE; + case IE_RSN_AKM_SUITE_OSEN: + return CRYPTO_AKM_OSEN; + } + + return 0; +} + /* 802.11, Section 8.4.2.27.2 */ static bool ie_parse_cipher_suite(const uint8_t *data, enum ie_rsn_cipher_suite *out) diff --git a/src/ie.h b/src/ie.h index c9a6c78324d6..9ada64bf3bd7 100644 --- a/src/ie.h +++ b/src/ie.h @@ -621,6 +621,8 @@ unsigned char *ie_tlv_builder_finalize(struct ie_tlv_builder *builder, uint32_t ie_rsn_cipher_suite_to_cipher(enum ie_rsn_cipher_suite suite); const char *ie_rsn_cipher_suite_to_string(enum ie_rsn_cipher_suite suite); +uint32_t ie_rsn_akm_suite_to_akm(enum ie_rsn_akm_suite akm); + int ie_parse_rsne(struct ie_tlv_iter *iter, struct ie_rsn_info *info); int ie_parse_rsne_from_data(const uint8_t *data, size_t len, struct ie_rsn_info *info); diff --git a/src/netdev.c b/src/netdev.c index f23ca59ea1cb..7b951a6a4797 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2445,51 +2445,6 @@ static void netdev_driver_connected(struct netdev *netdev) eapol_register(netdev->sm); } -static unsigned int ie_rsn_akm_suite_to_nl80211(enum ie_rsn_akm_suite akm) -{ - switch (akm) { - case IE_RSN_AKM_SUITE_8021X: - return CRYPTO_AKM_8021X; - case IE_RSN_AKM_SUITE_PSK: - return CRYPTO_AKM_PSK; - case IE_RSN_AKM_SUITE_FT_OVER_8021X: - return CRYPTO_AKM_FT_OVER_8021X; - case IE_RSN_AKM_SUITE_FT_USING_PSK: - return CRYPTO_AKM_FT_USING_PSK; - case IE_RSN_AKM_SUITE_8021X_SHA256: - return CRYPTO_AKM_8021X_SHA256; - case IE_RSN_AKM_SUITE_PSK_SHA256: - return CRYPTO_AKM_PSK_SHA256; - case IE_RSN_AKM_SUITE_TDLS: - return CRYPTO_AKM_TDLS; - case IE_RSN_AKM_SUITE_SAE_SHA256: - return CRYPTO_AKM_SAE_SHA256; - case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256: - return CRYPTO_AKM_FT_OVER_SAE_SHA256; - case IE_RSN_AKM_SUITE_AP_PEER_KEY_SHA256: - return CRYPTO_AKM_AP_PEER_KEY_SHA256; - case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA256: - return CRYPTO_AKM_8021X_SUITE_B_SHA256; - case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA384: - return CRYPTO_AKM_8021X_SUITE_B_SHA384; - case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384: - return CRYPTO_AKM_FT_OVER_8021X_SHA384; - case IE_RSN_AKM_SUITE_FILS_SHA256: - return CRYPTO_AKM_FILS_SHA256; - case IE_RSN_AKM_SUITE_FILS_SHA384: - return CRYPTO_AKM_FILS_SHA384; - case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256: - return CRYPTO_AKM_FT_OVER_FILS_SHA256; - case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384: - return CRYPTO_AKM_FT_OVER_FILS_SHA384; - case IE_RSN_AKM_SUITE_OWE: - return CRYPTO_AKM_OWE; - case IE_RSN_AKM_SUITE_OSEN: - return CRYPTO_AKM_OSEN; - } - - return 0; -} static void netdev_append_nl80211_rsn_attributes(struct l_genl_msg *msg, struct handshake_state *hs) @@ -2514,7 +2469,7 @@ static void netdev_append_nl80211_rsn_attributes(struct l_genl_msg *msg, l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP, 4, &use_mfp); } - nl_akm = ie_rsn_akm_suite_to_nl80211(hs->akm_suite); + nl_akm = ie_rsn_akm_suite_to_akm(hs->akm_suite); L_WARN_ON(!nl_akm); l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES, 4, &nl_akm); From patchwork Mon Nov 27 04:38:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469053 Received: from mail-oa1-f42.google.com (mail-oa1-f42.google.com [209.85.160.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 096061118 for ; Mon, 27 Nov 2023 04:40:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="fzlYgMXE" Received: by mail-oa1-f42.google.com with SMTP id 586e51a60fabf-1fa21f561a1so674430fac.3 for ; Sun, 26 Nov 2023 20:40:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701060013; x=1701664813; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FfHHDyb4tRLAYb0iJOZcpiUtWFE/ruaAKATQxemdK5U=; b=fzlYgMXE6k39sgCAKJbRYBoEJ3MunxFCW9mu6VO28pcycELyUChbCzHSsoYm6kRS+l VWsCteuBfCpQYgeIi95IMekGMvLxWy92VCZFp7iqU0w25urT4ixDYcOH6Kne7BcI2e4v tMCHJ+0ibdr3tZxzuI3G6hd3K9n9cfrLTwd3/0gYnZ8yYj8T8napUWdrcZpuYF/cpd77 MrF1d37JCxDM9LAv6my1tMkCj2xxzZ/BP1gAgBPL5rQD0B7Qx7RZbmdKs8sIETnQZNK2 /q8m/1tQLklZ7X21tOD5hwBEaBmZ/8R3f2J6n2M7vSf+DOtS2tIKPNQw0SfkKQR+Qgrp aZ/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701060013; x=1701664813; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FfHHDyb4tRLAYb0iJOZcpiUtWFE/ruaAKATQxemdK5U=; b=YwfUD1id+NpWqfpklcDqO+sWON2wOoGkkMX9VBSyAlIWTIWBj6qntKPV1QlmqpSTBb g43VZN/QMAKZvyRlheUv2nx8bmi3oZmy5yMGKoVhnizORVTNW6fDD2BM+HRXhLE7QwO0 M9dgTrtPkMtVygkD2MNSGCon+A8lNkX4rXLPSb1zNfdiYLIuxaQJmEhMFjLynwoZ3W5K GkFvnBj2ITERJaVPoYtFet1D6ZCagncw1jjxOY47PkT8BYLMplF5i3pfBjaU7UqJV1IA ZeP1hpbGAXlUN7cevkjkPeGkWFp0tsMRPpKtQixgTgWgBdNFa6vZ9aS+7mK9ZKfJDv6G ZgNQ== X-Gm-Message-State: AOJu0YxkxdkRQNiONLd5m06qK8hETfK81CLsBaQOPO7ZBk6lD94XAA+h qhTr30+OKitGvHrRUlLCt1hKEhMvmQA= X-Google-Smtp-Source: AGHT+IH0vMdyTpmVZEgPjqhEB+TAfRm/ymiqDZx00n/fHzM6Ywt5dawqyfzXoEDzfGQjfB6muEgfUQ== X-Received: by 2002:a05:6871:590:b0:1f9:e76e:174e with SMTP id u16-20020a056871059000b001f9e76e174emr11660722oan.18.1701060012948; Sun, 26 Nov 2023 20:40:12 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id nq6-20020a056871378600b001f5d5930e85sm2110558oac.33.2023.11.26.20.40.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 20:40:12 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH v2 2/6] nl80211util: Move nl80211_append_rsn_attributes Date: Sun, 26 Nov 2023 22:38:42 -0600 Message-ID: <20231127043924.1328538-2-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127043924.1328538-1-denkenz@gmail.com> References: <20231127043924.1328538-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- Makefile.am | 1 + src/netdev.c | 43 ++----------------------------------------- src/nl80211util.c | 40 ++++++++++++++++++++++++++++++++++++++++ src/nl80211util.h | 4 ++++ 4 files changed, 47 insertions(+), 41 deletions(-) diff --git a/Makefile.am b/Makefile.am index d0247faf7ed5..5ed6ab37164b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -407,6 +407,7 @@ tools_hwsim_SOURCES = tools/hwsim.c src/mpdu.h \ src/storage.h src/storage.c \ src/common.h src/common.c \ src/band.h src/band.c \ + src/ie.h src/ie.c \ src/crypto.h src/crypto.c tools_hwsim_LDADD = $(ell_ldadd) diff --git a/src/netdev.c b/src/netdev.c index 7b951a6a4797..1c032b32acdc 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2445,45 +2445,6 @@ static void netdev_driver_connected(struct netdev *netdev) eapol_register(netdev->sm); } - -static void netdev_append_nl80211_rsn_attributes(struct l_genl_msg *msg, - struct handshake_state *hs) -{ - uint32_t nl_cipher; - uint32_t nl_akm; - uint32_t wpa_version; - - nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->pairwise_cipher); - L_WARN_ON(!nl_cipher); - l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, - 4, &nl_cipher); - - nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->group_cipher); - L_WARN_ON(!nl_cipher); - l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, - 4, &nl_cipher); - - if (hs->mfp) { - uint32_t use_mfp = NL80211_MFP_REQUIRED; - - l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP, 4, &use_mfp); - } - - nl_akm = ie_rsn_akm_suite_to_akm(hs->akm_suite); - L_WARN_ON(!nl_akm); - l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES, 4, &nl_akm); - - if (IE_AKM_IS_SAE(hs->akm_suite)) - wpa_version = NL80211_WPA_VERSION_3; - else if (hs->wpa_ie) - wpa_version = NL80211_WPA_VERSION_1; - else - wpa_version = NL80211_WPA_VERSION_2; - - l_genl_msg_append_attr(msg, NL80211_ATTR_WPA_VERSIONS, - 4, &wpa_version); -} - static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev, struct handshake_state *hs, const uint8_t *prev_bssid, @@ -2540,7 +2501,7 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev, l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL); if (is_rsn) { - netdev_append_nl80211_rsn_attributes(msg, hs); + nl80211_append_rsn_attributes(msg, hs); c_iov = iov_ie_append(iov, n_iov, c_iov, hs->supplicant_ie); } @@ -2888,7 +2849,7 @@ static struct l_genl_msg *netdev_build_cmd_associate_common( l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL); if (is_rsn) - netdev_append_nl80211_rsn_attributes(msg, hs); + nl80211_append_rsn_attributes(msg, hs); if (is_rsn || hs->settings_8021x) { l_genl_msg_append_attr(msg, NL80211_ATTR_CONTROL_PORT, diff --git a/src/nl80211util.c b/src/nl80211util.c index ef69cc718e04..0f45c9051330 100644 --- a/src/nl80211util.c +++ b/src/nl80211util.c @@ -32,6 +32,8 @@ #include "src/nl80211util.h" #include "src/band.h" +#include "src/ie.h" +#include "src/handshake.h" #include "src/util.h" typedef bool (*attr_handler)(const void *data, uint16_t len, void *o); @@ -687,3 +689,41 @@ int nl80211_parse_supported_frequencies(struct l_genl_attr *band_freqs, return 0; } + +void nl80211_append_rsn_attributes(struct l_genl_msg *msg, + struct handshake_state *hs) +{ + uint32_t nl_cipher; + uint32_t nl_akm; + uint32_t wpa_version; + + nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->pairwise_cipher); + L_WARN_ON(!nl_cipher); + l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, + 4, &nl_cipher); + + nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->group_cipher); + L_WARN_ON(!nl_cipher); + l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, + 4, &nl_cipher); + + if (hs->mfp) { + uint32_t use_mfp = NL80211_MFP_REQUIRED; + + l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP, 4, &use_mfp); + } + + nl_akm = ie_rsn_akm_suite_to_akm(hs->akm_suite); + L_WARN_ON(!nl_akm); + l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES, 4, &nl_akm); + + if (IE_AKM_IS_SAE(hs->akm_suite)) + wpa_version = NL80211_WPA_VERSION_3; + else if (hs->wpa_ie) + wpa_version = NL80211_WPA_VERSION_1; + else + wpa_version = NL80211_WPA_VERSION_2; + + l_genl_msg_append_attr(msg, NL80211_ATTR_WPA_VERSIONS, + 4, &wpa_version); +} diff --git a/src/nl80211util.h b/src/nl80211util.h index 9f8ae17aeaa4..6f7b9eabbc27 100644 --- a/src/nl80211util.h +++ b/src/nl80211util.h @@ -25,6 +25,7 @@ struct band_chandef; struct scan_freq_set; struct band_freq_attrs; +struct handshake_state; int nl80211_parse_attrs(struct l_genl_msg *msg, int tag, ...); @@ -90,3 +91,6 @@ int nl80211_parse_supported_frequencies(struct l_genl_attr *band_freqs, struct scan_freq_set *supported_list, struct band_freq_attrs *list, size_t num_channels); + +void nl80211_append_rsn_attributes(struct l_genl_msg *msg, + struct handshake_state *hs); From patchwork Mon Nov 27 04:38:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469054 Received: from mail-oo1-f53.google.com (mail-oo1-f53.google.com [209.85.161.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AF02C81C for ; Mon, 27 Nov 2023 04:40:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="PXfUAq2l" Received: by mail-oo1-f53.google.com with SMTP id 006d021491bc7-58d06bfadf8so2338684eaf.1 for ; Sun, 26 Nov 2023 20:40:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701060013; x=1701664813; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EXxyGLc7j7CR85/9rJLh7fxxwQry4P9sd221GusiwY8=; b=PXfUAq2lorttgiJjjcu0l/7jJyhbDSBD7G2InemPS/Edlkg9HZMLs1iyE1tLDH2l2V viMJwJhzzFvKDps6Js3rx0mcRrZPHhSDW7VUFaCQHmE3z0uQ7AzcQVUdiol+ZvNU4d4a AS1hR+XqiJJ9lZWyn8AdDCrIvHMMcehrVCC12DxTJDgIdukTxDwCz4/C9cgl5MjujDVc +tyBfKBfDzEQM4O7YJ5UWObgGyele48h5cL6yzeW61FQxApAWzAl5VPdA8NMXJhpE34y A+PTLfVRSDkY4jjYGA3nnzl9zGyspdFFIV46CbqfH90b+oKlIHD8yFbcd9vFlQFnd0Q8 Bc9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701060013; x=1701664813; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EXxyGLc7j7CR85/9rJLh7fxxwQry4P9sd221GusiwY8=; b=W+S4RGiMph2uSGHF+0cQmXWxpTtMCdt37m4ks+YuM2wP4d9EP8TJkTGA9h68sPVgGC 2s5oHY2+5XvN7vqZkfc1b1IlswRfPQgIL52TS8dujobekGLYbw8ugPYV+NXbBi2pOY0m yJtAMscLKvJ/NDhwr/0ZgN6dWv/cw9aZZ96npubIM33mUceFyKyWehJUeguE8oh9gFdB 2gBUlNhePPeSl9DtmcrNjC5msLvfjJkgXERsK5cF7H+xUVx5TcyGQ+8OO0thaCj3aOWg KcjgLfToaPU+x20X65JzJ4mH+cJsYPxbaN6R7WGX14A+ywEiCJky9zS0hTOVVZZknFWk zp+g== X-Gm-Message-State: AOJu0YxGKhojbTopNGTQ7tbZ9p38l5EXRCYUwvitBRiFiBYUg55f+nDy hiaRr9smnTcL6SmMawKEqw4T5sz/rjs= X-Google-Smtp-Source: AGHT+IF8+L9adUfVvOA+nC8HwN6JiBj7JYVo3pDoDqthrNEn87ULSMVn1CefRq3LbWc5cGnMDssg+w== X-Received: by 2002:a05:6870:9a0a:b0:1fa:a10:d016 with SMTP id fo10-20020a0568709a0a00b001fa0a10d016mr9886433oab.5.1701060013611; Sun, 26 Nov 2023 20:40:13 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id nq6-20020a056871378600b001f5d5930e85sm2110558oac.33.2023.11.26.20.40.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 20:40:13 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH v2 3/6] netdev: Don't duplicate vendor_ies Date: Sun, 26 Nov 2023 22:38:43 -0600 Message-ID: <20231127043924.1328538-3-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127043924.1328538-1-denkenz@gmail.com> References: <20231127043924.1328538-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 vendor_ies stored in handshake_state are already added as part of netdev_populate_common_ies(), which is already invoked by netdev_build_cmd_connect(). Normally vendor_ies is NULL for OWE connections, so no IEs are duplicated as a result. --- src/netdev.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index 1c032b32acdc..e7b502b1c3ba 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2561,16 +2561,11 @@ static void netdev_cmd_connect_cb(struct l_genl_msg *msg, void *user_data) static bool netdev_retry_owe(struct netdev *netdev) { - struct iovec iov; - if (!owe_next_group(netdev->owe_sm)) return false; - iov.iov_base = netdev->handshake->vendor_ies; - iov.iov_len = netdev->handshake->vendor_ies_len; - netdev->connect_cmd = netdev_build_cmd_connect(netdev, - netdev->handshake, NULL, &iov, 1); + netdev->handshake, NULL, NULL, 0); netdev->connect_cmd_id = l_genl_family_send(nl80211, netdev->connect_cmd, From patchwork Mon Nov 27 04:38:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469055 Received: from mail-oi1-f181.google.com (mail-oi1-f181.google.com [209.85.167.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3EE13137D for ; Mon, 27 Nov 2023 04:40:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="cIGlhuy3" Received: by mail-oi1-f181.google.com with SMTP id 5614622812f47-3b8672b9482so570021b6e.1 for ; Sun, 26 Nov 2023 20:40:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701060014; x=1701664814; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8+3nt6i9o0eudaWV6sZTz1qmMdElTUclhcOFjt0jYP4=; b=cIGlhuy3TrqYrAtrkX0nkuSawclw7tGgfWyEHtimLWw6qQYS233IAd+zw/NZsUWWzL 6SgSLgnrU6dbybx1b80fQj3VobG878ZL/Q/cBdSvMI8pc6/AeHF0d4LD0odTNtb5ry4/ wtAJkZzDIEMZ7+nckSd/BBeyb8jQX+1wPcZ38FBYo4AX9KOS+zWSAMblN4sLKQDGd5+T bD/rOUv3FTGwI1xcZ3H+rnoj9pHDh1OV+Dn5kuc1Qm1JZqoBShmQvimAQtoY3ojFNplC EmMj5JBh2raOMqbUsKikGCoPDz9EoO6mbcTvjVfbPSIkEDTGVwYxHC9S3W6pFAXKcs9X 8kBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701060014; x=1701664814; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8+3nt6i9o0eudaWV6sZTz1qmMdElTUclhcOFjt0jYP4=; b=UsNuUMItCUrzHL6DTVsk3kBpE8D60Vv9m8xRXj3RNXB0MIkpEPsoJ3qN2dLlq+RcSG gvSXzP25T9RdhF3jqhVcFsYjIAa9rrTCMMkGYLr5kpr0H4WcKGI5nz2dwiMZdN7jN81H SrfNjtbnb6ngd1ioHp82PHIJRVTgPXkFdiQZ2g9LWuuo2c9IWVD0sdNyM74eUYe8lzrL 9pgJ/25oKI5B0WgWMUnOOYUWwXF9xGAM6QkOUekC/doencpqgBlqMDFQ7RqJR8M8FPtv vLbtY2hg/ujri6ijYGLAR0JdtM8T6Dr/cim2qbQL+qb6uSL4DGZ+JtAPHtYUfTbTj9Wu ZULw== X-Gm-Message-State: AOJu0Yx++cL3+O5pN0+kjB94Kt8tPdRFApKgFQK+uAHOfPPC/Ubd8qLP 8pLTWFK69aP6iIIW2UT9Bgi177RtDd8= X-Google-Smtp-Source: AGHT+IEPsOlv1ZdPChthlN5aIiX9IMmAlbfX9Vx4Mv6aSySjZruduRdqilE750ZV7BtnJFI0Tuyhdg== X-Received: by 2002:a05:6870:d628:b0:1fa:cd2:5942 with SMTP id a40-20020a056870d62800b001fa0cd25942mr10203762oaq.58.1701060014294; Sun, 26 Nov 2023 20:40:14 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id nq6-20020a056871378600b001f5d5930e85sm2110558oac.33.2023.11.26.20.40.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 20:40:14 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH v2 4/6] netdev: Do not leak l_genl_msg on error Date: Sun, 26 Nov 2023 22:38:44 -0600 Message-ID: <20231127043924.1328538-4-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127043924.1328538-1-denkenz@gmail.com> References: <20231127043924.1328538-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In netdev_retry_owe, if l_gen_family_send fails, the connect_cmd is never freed or reset. Fix that. While here, use a stack variable instead of netdev member, since the use of such a member is unnecessary and confusing. --- src/netdev.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index e7b502b1c3ba..901a41900350 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2561,23 +2561,23 @@ static void netdev_cmd_connect_cb(struct l_genl_msg *msg, void *user_data) static bool netdev_retry_owe(struct netdev *netdev) { + struct l_genl_msg *connect_cmd; + if (!owe_next_group(netdev->owe_sm)) return false; - netdev->connect_cmd = netdev_build_cmd_connect(netdev, + connect_cmd = netdev_build_cmd_connect(netdev, netdev->handshake, NULL, NULL, 0); - netdev->connect_cmd_id = l_genl_family_send(nl80211, - netdev->connect_cmd, + netdev->connect_cmd_id = l_genl_family_send(nl80211, connect_cmd, netdev_cmd_connect_cb, netdev, NULL); - if (!netdev->connect_cmd_id) - return false; - - netdev->connect_cmd = NULL; + if (netdev->connect_cmd_id > 0) + return true; - return true; + l_genl_msg_unref(connect_cmd); + return false; } static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev) From patchwork Mon Nov 27 04:38:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469056 Received: from mail-oa1-f46.google.com (mail-oa1-f46.google.com [209.85.160.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07BFE2105 for ; Mon, 27 Nov 2023 04:40:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="EtJvr2HN" Received: by mail-oa1-f46.google.com with SMTP id 586e51a60fabf-1fa289a35e7so604629fac.1 for ; Sun, 26 Nov 2023 20:40:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701060015; x=1701664815; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5f1jMX0lZlEOnRQYzptaMmMzdCkeL/i+ATY5nPyEl4k=; b=EtJvr2HNRkqF278ce/buUkRNebTeVN6gdHfikSxLEaIuznM0pa7NYTdRWTEc2KMh81 wCccswJnAYR/siGFw6RrtMftzRoQGuHzi4mi4Mg+188HYZ0mw83u19lr5C1fFEVDy2Hi GntscSUslmjRTsTRRrROxSTauB8AhLHuYIJs0pMBad/AIllrU/s6WRpGRMIxM02GJIQQ vPLSFQshYC5aZt9kBDW5fM52Q7DUqGK+2rAdoRlURULBDXNclzqaRzuB8C9jdqW0sfVI 4xZ8Eohs41caIkcY56LT0bG2m+k5nbwTbjc6DwYbLuAvScEIOafGBG6xJlsKHSxLTyC6 bseg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701060015; x=1701664815; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5f1jMX0lZlEOnRQYzptaMmMzdCkeL/i+ATY5nPyEl4k=; b=SapCa5Krc7Hyzldt9O6408b21nEojk4WpBlZ6VMJ/oxuA+hreGIHlpz64x/XaF2y3C YtbtcL0E9d4HCOKN/6hClNHbspv4SeR2ahwh+W6oDeei2MFbbPdPo3Lptuql61+ktyp/ 4U0+qpgj86Kba/JJq06Ccp9TmE22/Tt1Tewp8zcqZ2uh8NveFc42gBjiJZWByuA2LTkY TBmjLYUEpPshnessf/O8kxXjuME+d2QPMyAklnwwMNOlDIg1/k9O//5/ngfEncN7Vymu pDN/13N1sJIvZ8f7g0mn2SVqvEmqad6xAtsX9XuI9FKlasvoqliwO63JxSWuRPa0pXqk x2zg== X-Gm-Message-State: AOJu0YwxplmjJ69Xq2THfSmE65mlqOSy7smAyRTm2fEfUE00mAZcunZT e+PDhUd+1ePyjK2s84kFSBLJ0aA5F5M= X-Google-Smtp-Source: AGHT+IHXOiOKJiGQBxnQdF/0tpKmwCTxQNXsUWs3pQSOWZ/Q3KI14TQgzynC00o0L0DmnoRjPw0R+g== X-Received: by 2002:a05:6871:3a2c:b0:1fa:3685:1cae with SMTP id pu44-20020a0568713a2c00b001fa36851caemr4109332oac.6.1701060014905; Sun, 26 Nov 2023 20:40:14 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id nq6-20020a056871378600b001f5d5930e85sm2110558oac.33.2023.11.26.20.40.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 20:40:14 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH v2 5/6] netdev: Fix buffer overflow with 32 character ssids Date: Sun, 26 Nov 2023 22:38:45 -0600 Message-ID: <20231127043924.1328538-5-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127043924.1328538-1-denkenz@gmail.com> References: <20231127043924.1328538-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 ssid is declared as a 32 byte field in handshake_state, hence using it as a string which is assumed to be nul-terminated will fail for SSIDs that are 32 bytes long. Fixes: 1f1478285725 ("wiphy: add _generate_address_from_ssid") Fixes: 5a1b1184fca6 ("netdev: support per-network MAC addresses") --- src/netdev.c | 3 ++- src/wiphy.c | 5 +++-- src/wiphy.h | 3 ++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index 901a41900350..208a15b94507 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -3526,7 +3526,8 @@ static int netdev_start_powered_mac_change(struct netdev *netdev) /* No address set in handshake, use per-network MAC generation */ if (l_memeqzero(netdev->handshake->spa, ETH_ALEN)) wiphy_generate_address_from_ssid(netdev->wiphy, - (const char *)netdev->handshake->ssid, + netdev->handshake->ssid, + netdev->handshake->ssid_len, new_addr); else memcpy(new_addr, netdev->handshake->spa, ETH_ALEN); diff --git a/src/wiphy.c b/src/wiphy.c index 570f54155717..766df348754f 100644 --- a/src/wiphy.c +++ b/src/wiphy.c @@ -796,12 +796,13 @@ void wiphy_generate_random_address(struct wiphy *wiphy, uint8_t addr[static 6]) wiphy_address_constrain(wiphy, addr); } -void wiphy_generate_address_from_ssid(struct wiphy *wiphy, const char *ssid, +void wiphy_generate_address_from_ssid(struct wiphy *wiphy, + const uint8_t *ssid, size_t ssid_len, uint8_t addr[static 6]) { struct l_checksum *sha = l_checksum_new(L_CHECKSUM_SHA256); - l_checksum_update(sha, ssid, strlen(ssid)); + l_checksum_update(sha, ssid, ssid_len); l_checksum_update(sha, wiphy->permanent_addr, sizeof(wiphy->permanent_addr)); l_checksum_get_digest(sha, addr, mac_randomize_bytes); diff --git a/src/wiphy.h b/src/wiphy.h index 999d0c57a926..bc82a00721e7 100644 --- a/src/wiphy.h +++ b/src/wiphy.h @@ -146,7 +146,8 @@ const uint8_t *wiphy_get_ht_capabilities(const struct wiphy *wiphy, enum band_freq band, size_t *size); void wiphy_generate_random_address(struct wiphy *wiphy, uint8_t addr[static 6]); -void wiphy_generate_address_from_ssid(struct wiphy *wiphy, const char *ssid, +void wiphy_generate_address_from_ssid(struct wiphy *wiphy, + const uint8_t *ssid, size_t ssid_len, uint8_t addr[static 6]); int wiphy_estimate_data_rate(struct wiphy *wiphy, From patchwork Mon Nov 27 04:38:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469057 Received: from mail-oa1-f49.google.com (mail-oa1-f49.google.com [209.85.160.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E73AF81C for ; Mon, 27 Nov 2023 04:40:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="XUxxprYd" Received: by mail-oa1-f49.google.com with SMTP id 586e51a60fabf-1fa289a35e7so604635fac.1 for ; Sun, 26 Nov 2023 20:40:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701060016; x=1701664816; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hKDgGHMrWORPgBvpnyVLaY7eQykmoBEiF76/XPWnxp8=; b=XUxxprYd1Y4JkPm0+JhAQTFBCWVlEcqabcMNilaNG16lQfwdWv8Kmt14deF8ddeMhS n4ZjOsyJO5emhnzo3BrJ0U9UEFx3VKJeYCH3bt5Zo1ZX8XEX2rfyPWI/ZF3gXMX0lied dtvHisAa9HrCzHKiN2PwF171eRGezNz3k47eiSQE1Fl7qyQbvTH88Cb0dn8Z2c1e/NIb 60a7Qkl90N8GnYSday4FI8zZ/buJgYCtd0pRZNClbQo9bz5j7E++fNdP3zCetzBQrtaz 8f30YRTybj0qfbzPf6IyDG0iPsPdV6YORK4ifV3GYMNlZ8m4Tyroe7V+Up/xvd8kJb3p 5/JA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701060016; x=1701664816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hKDgGHMrWORPgBvpnyVLaY7eQykmoBEiF76/XPWnxp8=; b=bOK9IHn2FDwyS8n9jk72PfpEW90qPwU7gJaer2huAm2TEv6Cub+25eJifHpzFONb31 eUGMWVDwidKgpwCliGgF01HVCYtNSDi2/GxfCXzWu6fHfXqDRTCefJyq//khnwEDCVhY hDJq0owBdNTCHi0A/l4gGMn8WSRpWJYtb3NFMNP8nseo5aKSmRrxU+DL2/nJk7FlOv5U oDMzKAzpW2AUm8bkLXWr0Oe+pluirLD6w8uaL3T1FxyWfiGWs8yLfC444abeBRY1njkt OT0UusGSUYSuKvWrep5NaciZh8JXcZ4qkZBXCZYP0DnKBRSSMOZ5dMsG4fdZk1SLsjTE Qp2w== X-Gm-Message-State: AOJu0YxjFBRwqg0blpjxHHbVF557qn/jU4uRZ18Y3VzWqXTdSMCGq7V7 e8Lgvu43YavQJat/5excFXvJg9MY5Yc= X-Google-Smtp-Source: AGHT+IG8XvIfle9lG0KQdRrYEY9fhs+rlVvvFIcv140aOGFYlhSYDjtIM/eHoRhXQVPLHW2eQfc8yQ== X-Received: by 2002:a05:6870:be8b:b0:1ea:2447:5181 with SMTP id nx11-20020a056870be8b00b001ea24475181mr12895990oab.9.1701060015746; Sun, 26 Nov 2023 20:40:15 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id nq6-20020a056871378600b001f5d5930e85sm2110558oac.33.2023.11.26.20.40.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 20:40:15 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH v2 6/6] erp: Fix buffer overflow for 32 byte SSIDs Date: Sun, 26 Nov 2023 22:38:46 -0600 Message-ID: <20231127043924.1328538-6-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127043924.1328538-1-denkenz@gmail.com> References: <20231127043924.1328538-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 ssid is declared as a 32 byte field in handshake_state, hence using it as a string which is assumed to be nul-terminated will fail for SSIDs that are 32 bytes long. Fixes: d938d362b212 ("erp: ERP implementation and key cache move") Fixes: 433373fe28a4 ("eapol: cache ERP keys on EAP success") --- src/eapol.c | 2 +- src/erp.c | 10 ++++++++-- src/erp.h | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/eapol.c b/src/eapol.c index 6fb2f3068f0b..3d7b3d38fbcd 100644 --- a/src/eapol.c +++ b/src/eapol.c @@ -2531,7 +2531,7 @@ static void eapol_eap_results_cb(const uint8_t *msk_data, size_t msk_len, if (sm->handshake->support_fils && emsk_data && session_id) erp_cache_add(eap_get_identity(sm->eap), session_id, session_len, emsk_data, emsk_len, - (const char *)sm->handshake->ssid); + sm->handshake->ssid, sm->handshake->ssid_len); return; diff --git a/src/erp.c b/src/erp.c index 2729cfc874b4..859233465e8b 100644 --- a/src/erp.c +++ b/src/erp.c @@ -160,13 +160,19 @@ static void erp_cache_entry_destroy(void *data) void erp_cache_add(const char *id, const void *session_id, size_t session_len, const void *emsk, size_t emsk_len, - const char *ssid) + const uint8_t *ssid, size_t ssid_len) { struct erp_cache_entry *entry; if (!unlikely(id || session_id || emsk)) return; + if (!util_ssid_is_utf8(ssid_len, ssid)) + return; + + if (util_ssid_is_hidden(ssid_len, ssid)) + return; + entry = l_new(struct erp_cache_entry, 1); entry->id = l_strdup(id); @@ -174,7 +180,7 @@ void erp_cache_add(const char *id, const void *session_id, entry->emsk_len = emsk_len; entry->session_id = l_memdup(session_id, session_len); entry->session_len = session_len; - entry->ssid = l_strdup(ssid); + entry->ssid = l_strndup((char *) ssid, ssid_len); entry->expire_time = l_time_offset(l_time_now(), ERP_DEFAULT_KEY_LIFETIME_US); diff --git a/src/erp.h b/src/erp.h index d2c9da9624a8..e844aa8ebf90 100644 --- a/src/erp.h +++ b/src/erp.h @@ -43,7 +43,7 @@ const void *erp_get_rmsk(struct erp_state *erp, size_t *rmsk_len); void erp_cache_add(const char *id, const void *session_id, size_t session_len, const void *emsk, size_t emsk_len, - const char *ssid); + const uint8_t *ssid, size_t ssid_len); void erp_cache_remove(const char *id);