Received: by 2002:a05:7412:d024:b0:f9:90c9:de9f with SMTP id bd36csp105353rdb;
        Wed, 20 Dec 2023 07:24:53 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEBW17qI3CaLmT5BojZGczV6W+Y1hzoo1KSEekFKeaJb5UV45eNUQLuQ1wFOdCfYFnFrD9u
X-Received: by 2002:a17:903:1103:b0:1d3:1be6:78c3 with SMTP id n3-20020a170903110300b001d31be678c3mr10567541plh.12.1703085893351;
        Wed, 20 Dec 2023 07:24:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1703085893; cv=none;
        d=google.com; s=arc-20160816;
        b=z+sHOVV4sqt2axIW3QgbdddFtrdmVhlvds1jAHWLpzXOu6eJ31e4FCzLWUX31Xocyb
         7LLvYAqw+6izT4JkyTYMoBZnqac8u3UjfCZ9WXTDAifDRHQftzZFSZKdpIGgw68Awe9v
         t2l6mPixipRYWlI5TAuc+CRs8ht5C7qWA0EKl94gbK3Y3gekMCYlSlaEdCOxY3NCfk02
         w0FH62o05y9KmziP+rQadO48QSFYoH9iamiyyLaZhS3zT+i0Cj+v90l6rgAs+kk2HQDg
         tR4WtAU9ALkvJfmBoFtvtuCwfKXwg5WpwWnoL/L5EI/aSoF4vgykDOx7BVOUMLlskhmh
         mW1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from:dkim-signature;
        bh=+yj8VuP41eiiySVWvgWGyveaqTwxGCtRrmJYyT2kki4=;
        fh=oReA61J0tpAsmnTcyRWZIZNQORhW7lYCBhzfVslSOQM=;
        b=A0PMizE8qr0mgqAUwMGazE3S8LH+wnjm6tASgb6IlIUykM+AAtiCpJlk1PmS92d8gc
         y1vgmbaueaPcWj/YCfdhP2m8S1w00nVyxsBjzpEgFz4MOxkjsOC4Ypn4c4tf3VafphYk
         lXcURpiJ6uZuOT7J9RqBf1mqXjNfmVFQFEVvNGMXhZHKCTnKGJ7qpssBieZcL1sMkd0+
         9LR2guX/hUCav5nFeEBzx7u4Ca+xiDxdsFLjDrRS+WVpmFprX0g9GmyoWkXJSsFJ465v
         27eHOqIgzlM+ieW8D+w4JdJhOXEpFrYoRVSjx/XiBczYvJ7ZJNQpfHA/R2eIHRveMMr3
         pW/g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@sipsolutions.net header.s=mail header.b=L+YZvCoQ;
       spf=pass (google.com: domain of linux-wireless+bounces-1099-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-wireless+bounces-1099-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net
Return-Path: <linux-wireless+bounces-1099-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id r7-20020a170902be0700b001d0c205708fsi21126499pls.186.2023.12.20.07.24.53
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 20 Dec 2023 07:24:53 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-wireless+bounces-1099-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@sipsolutions.net header.s=mail header.b=L+YZvCoQ;
       spf=pass (google.com: domain of linux-wireless+bounces-1099-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-wireless+bounces-1099-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 08335281170
	for <linux.lists.archive@gmail.com>; Wed, 20 Dec 2023 15:24:53 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 11CCC46B9B;
	Wed, 20 Dec 2023 15:20:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=sipsolutions.net header.i=@sipsolutions.net header.b="L+YZvCoQ"
X-Original-To: linux-wireless@vger.kernel.org
Received: from sipsolutions.net (s3.sipsolutions.net [168.119.38.16])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 760E246533;
	Wed, 20 Dec 2023 15:20:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sipsolutions.net
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=sipsolutions.net
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=sipsolutions.net; s=mail; h=Content-Transfer-Encoding:MIME-Version:
	References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Content-Type:Sender
	:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To:
	Resent-Cc:Resent-Message-ID; bh=+yj8VuP41eiiySVWvgWGyveaqTwxGCtRrmJYyT2kki4=;
	t=1703085604; x=1704295204; b=L+YZvCoQGMy9r61lQBSa6B3olE1vo7g9DciL+mgZFgRvKD2
	FwqoJquMKRUh0Ca8kvhthIKfc1gxoNek6GYKi86kCzojPkeI/iJYDBgYhOpaMZj0ybmClRcxO3aJQ
	Ys0BsoLUJUrBQ8ox5V2aYfEOuOyHE8yMqDCbxyDpYZw+oY4ufz8ykeltDfFU+50RfMEsxDtQ/uKzk
	KG4derxx//XjPDxWXUByCd09XGHQDMq1LHZXwt0NfxIagWizPBqNjFqL5LkXUYUIBWL5NFIciXpPt
	jOZuKHIYZpOzj6OJ91E1e3JexO661crEmzZE0FmbxhXxl4zsE8L7/gmtmF0wBjiw==;
Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
	(Exim 4.97)
	(envelope-from <benjamin@sipsolutions.net>)
	id 1rFyMb-00000001WFz-3Yhn;
	Wed, 20 Dec 2023 16:20:02 +0100
From: benjamin@sipsolutions.net
To: linux-wireless@vger.kernel.org,
	linux-kselftest@vger.kernel.org,
	kunit-dev@googlegroups.com
Cc: Johannes Berg <johannes.berg@intel.com>,
	Gregory Greenman <gregory.greenman@intel.com>
Subject: [PATCH 5/6] wifi: mac80211: kunit: extend MFP tests
Date: Wed, 20 Dec 2023 16:19:51 +0100
Message-ID: <20231220151952.415232-6-benjamin@sipsolutions.net>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20231220151952.415232-1-benjamin@sipsolutions.net>
References: <20231220151952.415232-1-benjamin@sipsolutions.net>
Precedence: bulk
X-Mailing-List: linux-wireless@vger.kernel.org
List-Id: <linux-wireless.vger.kernel.org>
List-Subscribe: <mailto:linux-wireless+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-wireless+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

From: Johannes Berg <johannes.berg@intel.com>

Extend the MFP tests to handle the case of deauth/disassoc
and robust action frames (that are not protected dual of
public action frames).

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Reviewed-by: Gregory Greenman <gregory.greenman@intel.com>
---
 net/mac80211/tests/mfp.c | 74 +++++++++++++++++++++++++++++++++++++---
 1 file changed, 70 insertions(+), 4 deletions(-)

diff --git a/net/mac80211/tests/mfp.c b/net/mac80211/tests/mfp.c
index 6ec31386c0df..a8dc1601da60 100644
--- a/net/mac80211/tests/mfp.c
+++ b/net/mac80211/tests/mfp.c
@@ -13,7 +13,7 @@ MODULE_IMPORT_NS(EXPORTED_FOR_KUNIT_TESTING);
 
 static const struct mfp_test_case {
 	const char *desc;
-	bool sta, mfp, decrypted, unicast;
+	bool sta, mfp, decrypted, unicast, assoc;
 	u8 category;
 	u8 stype;
 	u8 action;
@@ -151,13 +151,67 @@ static const struct mfp_test_case {
 		.mfp = true,
 		.result = RX_CONTINUE,
 	},
+	/* deauth/disassoc before keys are set */
+	{
+		.desc = "deauth: accept unicast with MFP but w/o key",
+		.stype = IEEE80211_STYPE_DEAUTH,
+		.sta = true,
+		.mfp = true,
+		.unicast = true,
+		.result = RX_CONTINUE,
+	},
+	{
+		.desc = "disassoc: accept unicast with MFP but w/o key",
+		.stype = IEEE80211_STYPE_DEAUTH,
+		.sta = true,
+		.mfp = true,
+		.unicast = true,
+		.result = RX_CONTINUE,
+	},
+	/* non-public robust action frame ... */
+	{
+		.desc = "BA action: drop unicast before assoc",
+		.stype = IEEE80211_STYPE_ACTION,
+		.category = WLAN_CATEGORY_BACK,
+		.unicast = true,
+		.sta = true,
+		.result = RX_DROP_U_UNPROT_ROBUST_ACTION,
+	},
+	{
+		.desc = "BA action: drop unprotected after assoc",
+		.stype = IEEE80211_STYPE_ACTION,
+		.category = WLAN_CATEGORY_BACK,
+		.unicast = true,
+		.sta = true,
+		.mfp = true,
+		.result = RX_DROP_U_UNPROT_UCAST_MGMT,
+	},
+	{
+		.desc = "BA action: accept unprotected without MFP",
+		.stype = IEEE80211_STYPE_ACTION,
+		.category = WLAN_CATEGORY_BACK,
+		.unicast = true,
+		.sta = true,
+		.assoc = true,
+		.mfp = false,
+		.result = RX_CONTINUE,
+	},
+	{
+		.desc = "BA action: drop unprotected with MFP",
+		.stype = IEEE80211_STYPE_ACTION,
+		.category = WLAN_CATEGORY_BACK,
+		.unicast = true,
+		.sta = true,
+		.mfp = true,
+		.result = RX_DROP_U_UNPROT_UCAST_MGMT,
+	},
 };
 
 KUNIT_ARRAY_PARAM_DESC(accept_mfp, accept_mfp_cases, desc);
 
 static void accept_mfp(struct kunit *test)
 {
-	static struct sta_info sta = {};
+	static struct sta_info sta;
 	const struct mfp_test_case *params = test->param_value;
 	struct ieee80211_rx_data rx = {
 		.sta = params->sta ? &sta : NULL,
@@ -171,6 +225,8 @@ static void accept_mfp(struct kunit *test)
 		/* A3/BSSID doesn't matter here */
 	};
 
+	memset(&sta, 0, sizeof(sta));
+
 	if (!params->sta) {
 		KUNIT_ASSERT_FALSE(test, params->mfp);
 		KUNIT_ASSERT_FALSE(test, params->decrypted);
@@ -179,6 +235,9 @@ static void accept_mfp(struct kunit *test)
 	if (params->mfp)
 		set_sta_flag(&sta, WLAN_STA_MFP);
 
+	if (params->assoc)
+		set_bit(WLAN_STA_ASSOC, &sta._flags);
+
 	rx.skb = kunit_zalloc_skb(test, 128, GFP_KERNEL);
 	KUNIT_ASSERT_NOT_NULL(test, rx.skb);
 	status = IEEE80211_SKB_RXCB(rx.skb);
@@ -200,11 +259,18 @@ static void accept_mfp(struct kunit *test)
 		skb_put_u8(rx.skb, params->category);
 		skb_put_u8(rx.skb, params->action);
 		break;
+	case IEEE80211_STYPE_DEAUTH:
+	case IEEE80211_STYPE_DISASSOC: {
+		__le16 reason = cpu_to_le16(WLAN_REASON_UNSPECIFIED);
+
+		skb_put_data(rx.skb, &reason, sizeof(reason));
+		}
+		break;
 	}
 
 	KUNIT_EXPECT_EQ(test,
-			ieee80211_drop_unencrypted_mgmt(&rx),
-			params->result);
+			(__force u32)ieee80211_drop_unencrypted_mgmt(&rx),
+			(__force u32)params->result);
 }
 
 static struct kunit_case mfp_test_cases[] = {
-- 
2.43.0