lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240428094916.3d1e92b8@mir>
Date: Sun, 28 Apr 2024 09:49:16 +0200
From: Stefan Lippers-Hollmann <s.l-h@....de>
To: Kalle Valo <kvalo@...nel.org>
Cc: Nikita Zhandarovich <n.zhandarovich@...tech.ru>, Wu Yunchuan
 <yunchuan@...china.com>, Johannes Berg <johannes.berg@...el.com>, "Breno
 Leitao" <leitao@...ian.org>, <linux-wireless@...r.kernel.org>,
 <linux-kernel@...r.kernel.org>, <lvc-project@...uxtesting.org>,
 <syzbot+1bc2c2afd44f820a669f@...kaller.appspotmail.com>
Subject: Re: [PATCH v2] wifi: ar5523: enable proper endpoint verification

Hi

On 2024-04-28, Stefan Lippers-Hollmann wrote:
> On 2024-04-25, Kalle Valo wrote:
> > Kalle Valo <kvalo@...nel.org> writes:
> > > Nikita Zhandarovich <n.zhandarovich@...tech.ru> wrote:
> [...]
> > > Does anyone have a real device to test this? I have had so much problems with
> > > syzbot fixes in the past that I'm hesitant to take such patches without
> > > testing.
> >
> > Actually should we just remove ar5523 driver? Has anyone heard anyone
> > using this driver still?
>
> While I'm not using it regularly, the driver does still work in plain
> v6.8.8 (and these Netgear WG111 and WG111T USB WLAN cards were quite
> common), tested against a qcn5024 AP.
>
> I'm just preparing a new kernel build with the proposed patch applied.

…and now the same with this patch applied:

$ uname -r
6.9.0-rc5-gcc1380dd1882-dirty

wireless-next-2024-04-24-2112-gcc1380dd1882 with
https://patchwork.kernel.org/project/linux-wireless/patch/20240408121425.29392-1-n.zhandarovich@fintech.ru/raw/
applied

[   22.303440] usb 1-5: new high-speed USB device number 5 using xhci_hcd
[   22.431672] usb 1-5: New USB device found, idVendor=1385, idProduct=4251, bcdDevice= 0.01
[   22.431678] usb 1-5: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   22.431680] usb 1-5: Product: WG111T
[   22.431681] usb 1-5: Manufacturer: Atheros Communications Inc
[   22.431682] usb 1-5: SerialNumber: 1.0
[   22.537560] usbcore: registered new interface driver ar5523
[   22.686170] usb 1-5: USB disconnect, device number 5
[   22.935409] usb 1-5: new high-speed USB device number 6 using xhci_hcd
[   23.062746] usb 1-5: New USB device found, idVendor=1385, idProduct=4250, bcdDevice= 0.01
[   23.062762] usb 1-5: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   23.062767] usb 1-5: Product: WG111T
[   23.062771] usb 1-5: Manufacturer: Atheros Communications Inc
[   23.062775] usb 1-5: SerialNumber: 1.0
[   23.110548] usb 1-5: Cap: CAP_TARGET_VERSION=0x00000006
[   23.110837] usb 1-5: Cap: CAP_TARGET_REVISION=0x00000001
[   23.111146] usb 1-5: Cap: CAP_MAC_VERSION=0x00000008
[   23.111448] usb 1-5: Cap: CAP_MAC_REVISION=0x00000001
[   23.111739] usb 1-5: Cap: CAP_PHY_REVISION=0x00000046
[   23.112001] usb 1-5: Cap: CAP_ANALOG_5GHz_REVISION=0x00000046
[   23.112235] usb 1-5: Cap: CAP_ANALOG_2GHz_REVISION=0x00000000
[   23.112566] usb 1-5: Cap: CAP_REG_DOMAIN=0x00000000
[   23.112809] usb 1-5: Cap: CAP_REG_CAP_BITS=0x00000000
[   23.113120] usb 1-5: Cap: CAP_WIRELESS_MODES=0x00000000
[   23.113391] usb 1-5: Cap: CAP_CHAN_SPREAD_SUPPORT=0x0000001c
[   23.113663] usb 1-5: Cap: CAP_COMPRESS_SUPPORT=0x00000001
[   23.113912] usb 1-5: Cap: CAP_BURST_SUPPORT=0x00000001
[   23.114209] usb 1-5: Cap: CAP_FAST_FRAMES_SUPPORT=0x00000001
[   23.114480] usb 1-5: Cap: CAP_CHAP_TUNING_SUPPORT=0x00000001
[   23.114739] usb 1-5: Cap: CAP_TURBOG_SUPPORT=0x00000001
[   23.114987] usb 1-5: Cap: CAP_TURBO_PRIME_SUPPORT=0x00000001
[   23.115231] usb 1-5: Cap: CAP_DEVICE_TYPE=0x00000001
[   23.115538] usb 1-5: Cap: CAP_WME_SUPPORT=0x00000001
[   23.115804] usb 1-5: Cap: CAP_TOTAL_QUEUES=0x00000001
[   23.116081] usb 1-5: Cap: CAP_CONNECTION_ID_MAX=0x0000000a
[   23.116362] usb 1-5: Cap: CAP_LOW_5GHZ_CHAN=0x00000004
[   23.116614] usb 1-5: Cap: CAP_HIGH_5GHZ_CHAN=0x00001338
[   23.116889] usb 1-5: Cap: CAP_LOW_2GHZ_CHAN=0x000017d4
[   23.117123] usb 1-5: Cap: CAP_HIGH_2GHZ_CHAN=0x00000908
[   23.117387] usb 1-5: Cap: CAP_TWICE_ANTENNAGAIN_5G=0x00000001
[   23.117656] usb 1-5: Cap: CAP_TWICE_ANTENNAGAIN_2G=0x00000004
[   23.117906] usb 1-5: Cap: CAP_CIPHER_AES_CCM=0x00000001
[   23.118165] usb 1-5: Cap: CAP_CIPHER_TKIP=0x00000000
[   23.118429] usb 1-5: Cap: CAP_MIC_TKIP=0x00000000
[   23.118972] usb 1-5: MAC/BBP AR5523, RF AR2112
[   23.119638] usb 1-5: Found and initialized AR5523 device
[   23.127613] ar5523 1-5:1.0 wlx<MAC>: renamed from wlan0
[   79.014957] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:01 (local address=0X:XX:XX:XX:XX:65)
[   79.014962] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:01 (try 1/3)
[   79.047622] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:01 (local address=0X:XX:XX:XX:XX:65)
[   79.047635] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:01 (try 1/3)
[   79.050750] wlx<MAC>: authenticated
[   79.051329] wlx<MAC>: associate with 9X:XX:XX:XX:XX:01 (try 1/3)
[   79.066715] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:01 (capab=0x1431 status=0 aid=1)
[   79.067462] wlx<MAC>: associated
[   79.108615] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:01 by local choice (Reason: 1=UNSPECIFIED)
[   79.459937] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:53 (local address=0X:XX:XX:XX:XX:65)
[   79.459941] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:53 (try 1/3)
[   81.468858] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:53 (try 2/3)
[   81.494179] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:53 (local address=0X:XX:XX:XX:XX:65)
[   81.494191] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:53 (try 1/3)
[   81.497337] wlx<MAC>: authenticated
[   81.499344] wlx<MAC>: associate with 9X:XX:XX:XX:XX:53 (try 1/3)
[   81.505833] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:53 (capab=0x1031 status=0 aid=1)
[   81.506372] wlx<MAC>: associated
[   81.543659] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:53 by local choice (Reason: 1=UNSPECIFIED)
[   81.773371] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:b1 (local address=0X:XX:XX:XX:XX:65)
[   81.773376] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:b1 (try 1/3)
[   81.852279] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:b1 (local address=0X:XX:XX:XX:XX:65)
[   81.852302] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:b1 (try 1/3)
[   81.855407] wlx<MAC>: authenticated
[   81.857339] wlx<MAC>: associate with 9X:XX:XX:XX:XX:b1 (try 1/3)
[   81.869094] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:b1 (capab=0x1431 status=0 aid=1)
[   81.869614] wlx<MAC>: associated
[   81.910697] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:b1 by local choice (Reason: 1=UNSPECIFIED)
[   83.209701] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:b1 (local address=0X:XX:XX:XX:XX:65)
[   83.209711] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:b1 (try 1/3)
[   83.232421] wlx<MAC>: authenticated
[   83.233337] wlx<MAC>: associate with 9X:XX:XX:XX:XX:b1 (try 1/3)
[   83.240188] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:b1 (capab=0x1431 status=0 aid=1)
[   83.240731] wlx<MAC>: associated
[   83.254365] wlx<MAC>: Limiting TX power to 20 (20 - 0) dBm as advertised by 9X:XX:XX:XX:XX:b1
[   83.275542] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:b1 by local choice (Reason: 1=UNSPECIFIED)
[   84.540669] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX53 (local address=0X:XX:XX:XX:XX:65)
[   84.540680] wlx<MAC>: send auth to 9X:XX:XX:XX:XX53 (try 1/3)
[   84.616128] wlx<MAC>: authenticated
[   84.617421] wlx<MAC>: associate with 9X:XX:XX:XX:XX53 (try 1/3)
[   84.622756] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX53 (capab=0x1031 status=0 aid=6)
[   84.623413] wlx<MAC>: associated
[   84.671424] wlx<MAC>: Limiting TX power to 20 (20 - 0) dBm as advertised by 9X:XX:XX:XX:XX53

# wpa_cli -i wlx<MAC> status
bssid=9X:XX:XX:XX:XX53
freq=2437
ssid=XXX
id=2
id_str=XXX
mode=station
pairwise_cipher=CCMP
group_cipher=CCMP
key_mgmt=WPA2-PSK
wpa_state=COMPLETED
address=0X:XX:XX:XX:XX:65
uuid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

$ iperf3 -c sawfly
Connecting to host sawfly, port 5201
[  5] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 39288 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   128 KBytes  1.05 Mbits/sec    2   1.39 KBytes
[  5]   1.00-2.00   sec  0.00 Bytes  0.00 bits/sec    8   1.39 KBytes
[  5]   2.00-3.00   sec   128 KBytes  1.05 Mbits/sec    1   11.2 KBytes
[  5]   3.00-4.00   sec  0.00 Bytes  0.00 bits/sec    0   13.9 KBytes
[  5]   4.00-5.00   sec  0.00 Bytes  0.00 bits/sec    0   15.3 KBytes
[  5]   5.00-6.00   sec  0.00 Bytes  0.00 bits/sec    0   22.3 KBytes
[  5]   6.00-7.00   sec  0.00 Bytes  0.00 bits/sec    0   29.3 KBytes
[  5]   7.00-8.00   sec   128 KBytes  1.05 Mbits/sec    0   34.9 KBytes
[  5]   8.00-9.00   sec  0.00 Bytes  0.00 bits/sec    0   34.9 KBytes
[  5]   9.00-10.00  sec  0.00 Bytes  0.00 bits/sec    0   16.7 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   384 KBytes   315 Kbits/sec   11             sender
[  5]   0.00-10.00  sec   128 KBytes   105 Kbits/sec                  receiver

iperf Done.

$ iperf3 -c sawfly --reverse
Connecting to host sawfly, port 5201
Reverse mode, remote host sawfly is sending
[  5] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 54102 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-1.00   sec   640 KBytes  5.24 Mbits/sec
[  5]   1.00-2.00   sec   768 KBytes  6.29 Mbits/sec
[  5]   2.00-3.00   sec  1.00 MBytes  8.39 Mbits/sec
[  5]   3.00-4.00   sec   896 KBytes  7.34 Mbits/sec
[  5]   4.00-5.00   sec  1.00 MBytes  8.39 Mbits/sec
[  5]   5.00-6.00   sec  1.12 MBytes  9.44 Mbits/sec
[  5]   6.00-7.00   sec  1.25 MBytes  10.5 Mbits/sec
[  5]   7.00-8.00   sec   896 KBytes  7.34 Mbits/sec
[  5]   8.00-9.00   sec  1.00 MBytes  8.38 Mbits/sec
[  5]   9.00-10.00  sec  1.12 MBytes  9.44 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.21  sec  11.8 MBytes  9.66 Mbits/sec    0             sender
[  5]   0.00-10.00  sec  9.62 MBytes  8.07 Mbits/sec                  receiver

iperf Done.

$ iperf3 -c sawfly --bidir
Connecting to host sawfly, port 5201
[  5] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 38694 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201
[  7] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 38704 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201
[ ID][Role] Interval           Transfer     Bitrate         Retr  Cwnd
[  5][TX-C]   0.00-1.00   sec  0.00 Bytes  0.00 bits/sec    5   2.79 KBytes
[  7][RX-C]   0.00-1.00   sec  0.00 Bytes  0.00 bits/sec
[  5][TX-C]   1.00-2.00   sec  0.00 Bytes  0.00 bits/sec    4   2.79 KBytes
[  7][RX-C]   1.00-2.00   sec   512 KBytes  4.20 Mbits/sec
[  5][TX-C]   2.00-3.00   sec  0.00 Bytes  0.00 bits/sec    5   1.39 KBytes
[  7][RX-C]   2.00-3.00   sec   640 KBytes  5.24 Mbits/sec
[  5][TX-C]   3.00-4.00   sec   128 KBytes  1.05 Mbits/sec    3   1.39 KBytes
[  7][RX-C]   3.00-4.00   sec  1.12 MBytes  9.44 Mbits/sec
[  5][TX-C]   4.00-5.00   sec  0.00 Bytes  0.00 bits/sec    2   4.18 KBytes
[  7][RX-C]   4.00-5.00   sec  1.00 MBytes  8.39 Mbits/sec
[  5][TX-C]   5.00-6.00   sec  0.00 Bytes  0.00 bits/sec    4   1.39 KBytes
[  7][RX-C]   5.00-6.00   sec  1.25 MBytes  10.5 Mbits/sec
[  5][TX-C]   6.00-7.00   sec  0.00 Bytes  0.00 bits/sec    2   2.79 KBytes
[  7][RX-C]   6.00-7.00   sec   768 KBytes  6.29 Mbits/sec
[  5][TX-C]   7.00-8.00   sec  0.00 Bytes  0.00 bits/sec    2   2.79 KBytes
[  7][RX-C]   7.00-8.00   sec  1.25 MBytes  10.5 Mbits/sec
[  5][TX-C]   8.00-9.00   sec  0.00 Bytes  0.00 bits/sec    2   1.39 KBytes
[  7][RX-C]   8.00-9.00   sec  1.25 MBytes  10.5 Mbits/sec
[  5][TX-C]   9.00-10.00  sec  0.00 Bytes  0.00 bits/sec    1   2.79 KBytes
[  7][RX-C]   9.00-10.00  sec  1.50 MBytes  12.6 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID][Role] Interval           Transfer     Bitrate         Retr
[  5][TX-C]   0.00-10.00  sec   128 KBytes   105 Kbits/sec   30             sender
[  5][TX-C]   0.00-10.13  sec   128 KBytes   104 Kbits/sec                  receiver
[  7][RX-C]   0.00-10.00  sec  11.8 MBytes  9.86 Mbits/sec    0             sender
[  7][RX-C]   0.00-10.13  sec  9.25 MBytes  7.66 Mbits/sec                  receiver

iperf Done.


Regards
	Stefan Lippers-Hollmann

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ