]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/patches/linux/linux-5.15-wifi-security-patches-11.patch
projects / people / pmueller / ipfire-2.x.git / blob
? search:


ae639c6965492fd69380938b9fed7fa18c5ce689
[people/pmueller/ipfire-2.x.git] / src / patches / linux / linux-5.15-wifi-security-patches-11.patch
1 From 630060f1175676b9cb3a032767f20dbce93616c9 Mon Sep 17 00:00:00 2001
2 From: Johannes Berg <johannes.berg@intel.com>
3 Date: Thu, 13 Oct 2022 20:15:58 +0200
4 Subject: [PATCH] mac80211: mlme: find auth challenge directly
5
6 commit 49a765d6785e99157ff5091cc37485732496864e upstream.
7
8 There's no need to parse all elements etc. just to find the
9 authentication challenge - use cfg80211_find_elem() instead.
10 This also allows us to remove WLAN_EID_CHALLENGE handling
11 from the element parsing entirely.
12
13 Link: https://lore.kernel.org/r/20210920154009.45f9b3a15722.Ice3159ffad03a007d6154cbf1fb3a8c48489e86f@changeid
14 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
15 Cc: Felix Fietkau <nbd@nbd.name>
16 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
17 ---
18 net/mac80211/ieee80211_i.h | 2 --
19 net/mac80211/mlme.c | 11 ++++++-----
20 net/mac80211/util.c | 4 ----
21 3 files changed, 6 insertions(+), 11 deletions(-)
22
23 diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
24 index 5ea38ae65809..c5f0ff805010 100644
25 --- a/net/mac80211/ieee80211_i.h
26 +++ b/net/mac80211/ieee80211_i.h
27 @@ -1542,7 +1542,6 @@ struct ieee802_11_elems {
28 const u8 *supp_rates;
29 const u8 *ds_params;
30 const struct ieee80211_tim_ie *tim;
31 - const u8 *challenge;
32 const u8 *rsn;
33 const u8 *rsnx;
34 const u8 *erp_info;
35 @@ -1596,7 +1595,6 @@ struct ieee802_11_elems {
36 u8 ssid_len;
37 u8 supp_rates_len;
38 u8 tim_len;
39 - u8 challenge_len;
40 u8 rsn_len;
41 u8 rsnx_len;
42 u8 ext_supp_rates_len;
43 diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
44 index 4414e82e71d1..548cd14c5503 100644
45 --- a/net/mac80211/mlme.c
46 +++ b/net/mac80211/mlme.c
47 @@ -2889,17 +2889,17 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
48 {
49 struct ieee80211_local *local = sdata->local;
50 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
51 + const struct element *challenge;
52 u8 *pos;
53 - struct ieee802_11_elems elems;
54 u32 tx_flags = 0;
55 struct ieee80211_prep_tx_info info = {
56 .subtype = IEEE80211_STYPE_AUTH,
57 };
58
59 pos = mgmt->u.auth.variable;
60 - ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, &elems,
61 - mgmt->bssid, auth_data->bss->bssid);
62 - if (!elems.challenge)
63 + challenge = cfg80211_find_elem(WLAN_EID_CHALLENGE, pos,
64 + len - (pos - (u8 *)mgmt));
65 + if (!challenge)
66 return;
67 auth_data->expected_transaction = 4;
68 drv_mgd_prepare_tx(sdata->local, sdata, &info);
69 @@ -2907,7 +2907,8 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
70 tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS |
71 IEEE80211_TX_INTFL_MLME_CONN_TX;
72 ieee80211_send_auth(sdata, 3, auth_data->algorithm, 0,
73 - elems.challenge - 2, elems.challenge_len + 2,
74 + (void *)challenge,
75 + challenge->datalen + sizeof(*challenge),
76 auth_data->bss->bssid, auth_data->bss->bssid,
77 auth_data->key, auth_data->key_len,
78 auth_data->key_idx, tx_flags);
79 diff --git a/net/mac80211/util.c b/net/mac80211/util.c
80 index ceb6894381e4..664c32b6db19 100644
81 --- a/net/mac80211/util.c
82 +++ b/net/mac80211/util.c
83 @@ -1117,10 +1117,6 @@ _ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,
84 } else
85 elem_parse_failed = true;
86 break;
87 - case WLAN_EID_CHALLENGE:
88 - elems->challenge = pos;
89 - elems->challenge_len = elen;
90 - break;
91 case WLAN_EID_VENDOR_SPECIFIC:
92 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
93 pos[2] == 0xf2) {
94 --
95 2.30.2
96
Peter's tree of IPFire 2.x