Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3751868pxj; Tue, 11 May 2021 11:04:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxfL1jRrPATRErvF3xGaERrYk8WoNPtDYHkwKGfkaZ/pN1RzluSQ2vXM5ebZx+BP/UAUbaK X-Received: by 2002:a19:f617:: with SMTP id x23mr20917940lfe.97.1620756268592; Tue, 11 May 2021 11:04:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620756268; cv=none; d=google.com; s=arc-20160816; b=n7EcuyPq5AKuwpwHyJQnBzYBXhyCm9L3a7OtYuqGCj9G9E6rstiHfCX9V4XvEl5U4G QSac2+AitpiaHYeq13jnfee1tbKhz5bR4JxFzQlBNqNMMhyp2/D7V+CQAxkm4q6+Gd+/ rsEZsXNMBoJeHC6Fk53EpQ3mZHOC3CUNYwfpPuZR61EqH6L9/ahOzx0ZWcyt6Hpzs/G0 ynnMvIa6tuyPUI45kbX2PvKLSQ57qd1Xn90PSm1nv33Y8xK6yW0e3dtKLdVcXw4Twud6 AoxbuC5/LJvrmIB+Fgvz2ulkRNmDTZr/L6rcrd8wHGITXsO2Kdcm/GW1fhXxryJgYV7h mt0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=6Tuj0Ci/Ax8vZEC3MnIHRyJ5SWOM6UPqtGLLOHrRvlc=; b=Z/+9Vd65f5bpjYDpDBwrvZka9LumiGGdV3sSRFJ3Xwt05ZAVqFWsUMo1F9lJ6F8sd+ wK6GORgcnnFUNPxqizSEadzsJ8on5MEePx4FpROXvBmyOscW3Nbr+1wWQE3MSaO0/voE SvvE/zybWunz1c4cJstugI4hvX1GWgahn40hmLQ3rK7BU6an2vVlngNXHg6xqQLzToky G525I/lU+mrfbPCEAMrYvcYEqJ6bPtfs0jD375+44hu9tN0HsI3K66mioPidlCL/s4S4 uUKmi9UM1JFeVUmRb8fU6U1BGzWZDZAGMwTVceZwPzpRw2Y3TqiO59N6VGyniOP0tate I5CA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n22si10185192lfu.234.2021.05.11.11.03.57; Tue, 11 May 2021 11:04:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231956AbhEKSEa (ORCPT + 99 others); Tue, 11 May 2021 14:04:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41176 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231793AbhEKSEW (ORCPT ); Tue, 11 May 2021 14:04:22 -0400 Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:191:4433::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7AFDC06138B; Tue, 11 May 2021 11:03:12 -0700 (PDT) Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.94.2) (envelope-from ) id 1lgWis-007aAS-O0; Tue, 11 May 2021 20:03:10 +0200 From: Johannes Berg To: linux-wireless@vger.kernel.org Cc: Johannes Berg , stable@vger.kernel.org Subject: [PATCH 08/18] mac80211: prevent attacks on TKIP/WEP as well Date: Tue, 11 May 2021 20:02:49 +0200 Message-Id: <20210511200110.430e8c202313.Ia37e4e5b6b3eaab1a5ae050e015f6c92859dbe27@changeid> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210511180259.159598-1-johannes@sipsolutions.net> References: <20210511180259.159598-1-johannes@sipsolutions.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org From: Johannes Berg Similar to the issues fixed in previous patches, TKIP and WEP should be protected even if for TKIP we have the Michael MIC protecting it, and WEP is broken anyway. However, this also somewhat protects potential other algorithms that drivers might implement. Cc: stable@vger.kernel.org Signed-off-by: Johannes Berg --- net/mac80211/rx.c | 12 ++++++++++++ net/mac80211/sta_info.h | 3 ++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index b619c47e1d12..4454ec47283f 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c @@ -2274,6 +2274,7 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) * next fragment has a sequential PN value. */ entry->check_sequential_pn = true; + entry->is_protected = true; entry->key_color = rx->key->color; memcpy(entry->last_pn, rx->key->u.ccmp.rx_pn[queue], @@ -2286,6 +2287,9 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) sizeof(rx->key->u.gcmp.rx_pn[queue])); BUILD_BUG_ON(IEEE80211_CCMP_PN_LEN != IEEE80211_GCMP_PN_LEN); + } else if (rx->key && ieee80211_has_protected(fc)) { + entry->is_protected = true; + entry->key_color = rx->key->color; } return RX_QUEUED; } @@ -2327,6 +2331,14 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) if (memcmp(pn, rpn, IEEE80211_CCMP_PN_LEN)) return RX_DROP_UNUSABLE; memcpy(entry->last_pn, pn, IEEE80211_CCMP_PN_LEN); + } else if (entry->is_protected && + (!rx->key || !ieee80211_has_protected(fc) || + rx->key->color != entry->key_color)) { + /* Drop this as a mixed key or fragment cache attack, even + * if for TKIP Michael MIC should protect us, and WEP is a + * lost cause anyway. + */ + return RX_DROP_UNUSABLE; } skb_pull(rx->skb, ieee80211_hdrlen(fc)); diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h index 5c56d29a619e..0333072ebd98 100644 --- a/net/mac80211/sta_info.h +++ b/net/mac80211/sta_info.h @@ -455,7 +455,8 @@ struct ieee80211_fragment_entry { u16 extra_len; u16 last_frag; u8 rx_queue; - bool check_sequential_pn; /* needed for CCMP/GCMP */ + u8 check_sequential_pn:1, /* needed for CCMP/GCMP */ + is_protected:1; u8 last_pn[6]; /* PN of the last fragment if CCMP was used */ unsigned int key_color; }; -- 2.30.2