| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 28 Apr 2024 09:04:04 +0200 From: Stefan Lippers-Hollmann <s.l-h@....de> To: Kalle Valo <kvalo@...nel.org> Cc: Nikita Zhandarovich <n.zhandarovich@...tech.ru>, Wu Yunchuan <yunchuan@...china.com>, Johannes Berg <johannes.berg@...el.com>, "Breno Leitao" <leitao@...ian.org>, <linux-wireless@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <lvc-project@...uxtesting.org>, <syzbot+1bc2c2afd44f820a669f@...kaller.appspotmail.com> Subject: Re: [PATCH v2] wifi: ar5523: enable proper endpoint verification Hi On 2024-04-25, Kalle Valo wrote: > Kalle Valo <kvalo@...nel.org> writes: > > Nikita Zhandarovich <n.zhandarovich@...tech.ru> wrote: [...] > > Does anyone have a real device to test this? I have had so much problems with > > syzbot fixes in the past that I'm hesitant to take such patches without > > testing. > > Actually should we just remove ar5523 driver? Has anyone heard anyone > using this driver still? While I'm not using it regularly, the driver does still work in plain v6.8.8 (and these Netgear WG111 and WG111T USB WLAN cards were quite common), tested against a qcn5024 AP. I'm just preparing a new kernel build with the proposed patch applied. $ uname -r 6.8.8 [ 54.027188] usb 3-5: new high-speed USB device number 5 using xhci_hcd [ 54.154514] usb 3-5: New USB device found, idVendor=1385, idProduct=4251, bcdDevice= 0.01 [ 54.154531] usb 3-5: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.154537] usb 3-5: Product: WG111T [ 54.154541] usb 3-5: Manufacturer: Atheros Communications Inc [ 54.154545] usb 3-5: SerialNumber: 1.0 [ 54.262777] usbcore: registered new interface driver ar5523 [ 54.411417] usb 3-5: USB disconnect, device number 5 [ 54.660141] usb 3-5: new high-speed USB device number 6 using xhci_hcd [ 54.787463] usb 3-5: New USB device found, idVendor=1385, idProduct=4250, bcdDevice= 0.01 [ 54.787478] usb 3-5: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.787483] usb 3-5: Product: WG111T [ 54.787487] usb 3-5: Manufacturer: Atheros Communications Inc [ 54.787491] usb 3-5: SerialNumber: 1.0 [ 54.835897] usb 3-5: Cap: CAP_TARGET_VERSION=0x00000006 [ 54.836738] usb 3-5: Cap: CAP_TARGET_REVISION=0x00000001 [ 54.836985] usb 3-5: Cap: CAP_MAC_VERSION=0x00000008 [ 54.837269] usb 3-5: Cap: CAP_MAC_REVISION=0x00000001 [ 54.837578] usb 3-5: Cap: CAP_PHY_REVISION=0x00000046 [ 54.837828] usb 3-5: Cap: CAP_ANALOG_5GHz_REVISION=0x00000046 [ 54.838114] usb 3-5: Cap: CAP_ANALOG_2GHz_REVISION=0x00000000 [ 54.838364] usb 3-5: Cap: CAP_REG_DOMAIN=0x00000000 [ 54.838635] usb 3-5: Cap: CAP_REG_CAP_BITS=0x00000000 [ 54.838876] usb 3-5: Cap: CAP_WIRELESS_MODES=0x00000000 [ 54.839138] usb 3-5: Cap: CAP_CHAN_SPREAD_SUPPORT=0x0000001c [ 54.839446] usb 3-5: Cap: CAP_COMPRESS_SUPPORT=0x00000001 [ 54.839685] usb 3-5: Cap: CAP_BURST_SUPPORT=0x00000001 [ 54.839954] usb 3-5: Cap: CAP_FAST_FRAMES_SUPPORT=0x00000001 [ 54.840216] usb 3-5: Cap: CAP_CHAP_TUNING_SUPPORT=0x00000001 [ 54.840467] usb 3-5: Cap: CAP_TURBOG_SUPPORT=0x00000001 [ 54.840724] usb 3-5: Cap: CAP_TURBO_PRIME_SUPPORT=0x00000001 [ 54.840975] usb 3-5: Cap: CAP_DEVICE_TYPE=0x00000001 [ 54.841236] usb 3-5: Cap: CAP_WME_SUPPORT=0x00000001 [ 54.841506] usb 3-5: Cap: CAP_TOTAL_QUEUES=0x00000001 [ 54.841744] usb 3-5: Cap: CAP_CONNECTION_ID_MAX=0x0000000a [ 54.842039] usb 3-5: Cap: CAP_LOW_5GHZ_CHAN=0x00000004 [ 54.842281] usb 3-5: Cap: CAP_HIGH_5GHZ_CHAN=0x00001338 [ 54.842554] usb 3-5: Cap: CAP_LOW_2GHZ_CHAN=0x000017d4 [ 54.842788] usb 3-5: Cap: CAP_HIGH_2GHZ_CHAN=0x00000908 [ 54.843056] usb 3-5: Cap: CAP_TWICE_ANTENNAGAIN_5G=0x00000001 [ 54.843343] usb 3-5: Cap: CAP_TWICE_ANTENNAGAIN_2G=0x00000004 [ 54.843593] usb 3-5: Cap: CAP_CIPHER_AES_CCM=0x00000001 [ 54.843851] usb 3-5: Cap: CAP_CIPHER_TKIP=0x00000000 [ 54.844113] usb 3-5: Cap: CAP_MIC_TKIP=0x00000000 [ 54.844677] usb 3-5: MAC/BBP AR5523, RF AR2112 [ 54.845129] usb 3-5: Found and initialized AR5523 device [ 54.853451] ar5523 3-5:1.0 wlx<MAC>: renamed from wlan0 [ 79.311092] wlx<MAC>: 80 MHz not supported, disabling VHT [ 79.314464] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:01 (local address=0X:XX:XX:XX:XX:65) [ 79.314472] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:01 (try 1/3) [ 79.365058] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:01 (local address=0X:XX:XX:XX:XX:65) [ 79.365073] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:01 (try 1/3) [ 79.368361] wlx<MAC>: authenticated [ 79.369488] wlx<MAC>: associate with 9X:XX:XX:XX:XX:01 (try 1/3) [ 79.376783] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:01 (capab=0x1431 status=0 aid=1) [ 79.377789] wlx<MAC>: associated [ 79.412980] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:01 by local choice (Reason: 1=UNSPECIFIED) [ 79.613018] wlx<MAC>: 80 MHz not supported, disabling VHT [ 79.618057] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:53 (local address=0X:XX:XX:XX:XX:65) [ 79.618068] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:53 (try 1/3) [ 79.672878] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:53 (local address=0X:XX:XX:XX:XX:65) [ 79.672885] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:53 (try 1/3) [ 79.675745] wlx<MAC>: authenticated [ 79.676415] wlx<MAC>: associate with 9X:XX:XX:XX:XX:53 (try 1/3) [ 79.682446] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:53 (capab=0x1031 status=0 aid=1) [ 79.683079] wlx<MAC>: associated [ 79.708364] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:53 by local choice (Reason: 1=UNSPECIFIED) [ 79.913528] wlx<MAC>: 80 MHz not supported, disabling VHT [ 79.916480] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:b1 (local address=0X:XX:XX:XX:XX:65) [ 79.916489] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:b1 (try 1/3) [ 79.979005] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:b1 (local address=0X:XX:XX:XX:XX:65) [ 79.979019] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:b1 (try 1/3) [ 79.982175] wlx<MAC>: authenticated [ 79.983460] wlx<MAC>: associate with 9X:XX:XX:XX:XX:b1 (try 1/3) [ 79.990499] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:b1 (capab=0x1431 status=0 aid=1) [ 79.991150] wlx<MAC>: associated [ 80.004037] wlx<MAC>: Limiting TX power to 20 (20 - 0) dBm as advertised by 9X:XX:XX:XX:XX:b1 [ 80.017058] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:b1 by local choice (Reason: 1=UNSPECIFIED) [ 81.031824] wlx<MAC>: 80 MHz not supported, disabling VHT [ 81.036498] wlx<MAC>: authenticate with 9X:XX:XX:XX:XX:b1 (local address=0X:XX:XX:XX:XX:65) [ 81.036506] wlx<MAC>: send auth to 9X:XX:XX:XX:XX:b1 (try 1/3) [ 81.039194] wlx<MAC>: authenticated [ 81.040489] wlx<MAC>: associate with 9X:XX:XX:XX:XX:b1 (try 1/3) [ 81.047244] wlx<MAC>: RX AssocResp from 9X:XX:XX:XX:XX:b1 (capab=0x1431 status=0 aid=1) [ 81.047905] wlx<MAC>: associated [ 81.088917] wlx<MAC>: deauthenticating from 9X:XX:XX:XX:XX:b1 by local choice (Reason: 1=UNSPECIFIED) [ 82.086878] wlx<MAC>: 80 MHz not supported, disabling VHT [ 82.091343] wlx<MAC>: authenticate with aX:XX:XX:XX:XX:01 (local address=0X:XX:XX:XX:XX:65) [ 82.091351] wlx<MAC>: send auth to aX:XX:XX:XX:XX:01 (try 1/3) [ 82.101245] wlx<MAC>: authenticated [ 82.102400] wlx<MAC>: associate with aX:XX:XX:XX:XX:01 (try 1/3) [ 82.107565] wlx<MAC>: RX AssocResp from aX:XX:XX:XX:XX:01 (capab=0x1431 status=0 aid=2) [ 82.108175] wlx<MAC>: associated [ 82.196524] wlx<MAC>: Limiting TX power to 20 (20 - 0) dBm as advertised by aX:XX:XX:XX:XX:01 # wpa_cli -i wlx<MAC> status bssid=aX:XX:XX:XX:XX:01 freq=2437 ssid=XXX id=2 id_str=XXX mode=station pairwise_cipher=CCMP group_cipher=CCMP key_mgmt=WPA2-PSK wpa_state=COMPLETED address=0X:XX:XX:XX:XX:65 uuid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX $ iperf3 -c <remote_server_ipv6> Connecting to host <remote_server_ipv6>, port 5201 [ 5] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 47110 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 384 KBytes 3.14 Mbits/sec 14 13.9 KBytes [ 5] 1.00-2.00 sec 256 KBytes 2.10 Mbits/sec 8 13.9 KBytes [ 5] 2.00-3.00 sec 0.00 Bytes 0.00 bits/sec 0 1.39 KBytes [ 5] 3.00-4.00 sec 0.00 Bytes 0.00 bits/sec 1 18.1 KBytes [ 5] 4.00-5.00 sec 0.00 Bytes 0.00 bits/sec 0 18.1 KBytes [ 5] 5.00-6.00 sec 0.00 Bytes 0.00 bits/sec 0 23.7 KBytes [ 5] 6.00-7.00 sec 128 KBytes 1.05 Mbits/sec 0 23.7 KBytes [ 5] 7.00-8.00 sec 0.00 Bytes 0.00 bits/sec 0 23.7 KBytes [ 5] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec 0 23.7 KBytes [ 5] 9.00-10.00 sec 0.00 Bytes 0.00 bits/sec 0 23.7 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 768 KBytes 629 Kbits/sec 23 sender [ 5] 0.00-10.19 sec 512 KBytes 411 Kbits/sec receiver iperf Done. $ iperf3 -c <remote_server_ipv6> --reverse Connecting to host <remote_server_ipv6>, port 5201 Reverse mode, remote host <remote_server_ipv6> is sending [ 5] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 39628 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 768 KBytes 6.28 Mbits/sec [ 5] 1.00-2.00 sec 1.12 MBytes 9.44 Mbits/sec [ 5] 2.00-3.00 sec 1.12 MBytes 9.43 Mbits/sec [ 5] 3.00-4.00 sec 1.12 MBytes 9.45 Mbits/sec [ 5] 4.00-5.00 sec 896 KBytes 7.34 Mbits/sec [ 5] 5.00-6.00 sec 1.12 MBytes 9.43 Mbits/sec [ 5] 6.00-7.00 sec 1.38 MBytes 11.5 Mbits/sec [ 5] 7.00-8.00 sec 1.12 MBytes 9.44 Mbits/sec [ 5] 8.00-9.00 sec 1.25 MBytes 10.5 Mbits/sec [ 5] 9.00-10.00 sec 1.50 MBytes 12.6 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.10 sec 13.6 MBytes 11.3 Mbits/sec 0 sender [ 5] 0.00-10.00 sec 11.4 MBytes 9.54 Mbits/sec receiver iperf Done. $ iperf3 -c <remote_server_ipv6> --bidir Connecting to host <remote_server_ipv6>, port 5201 [ 5] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 38430 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201 [ 7] local 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX65 port 38446 connected to 2aXX:XXX:XXXX:XXXX:XXXX:XXXX:XXX:XX01 port 5201 [ ID][Role] Interval Transfer Bitrate Retr Cwnd [ 5][TX-C] 0.00-1.00 sec 128 KBytes 1.05 Mbits/sec 6 4.18 KBytes [ 7][RX-C] 0.00-1.00 sec 768 KBytes 6.28 Mbits/sec [ 5][TX-C] 1.00-2.00 sec 0.00 Bytes 0.00 bits/sec 7 1.39 KBytes [ 7][RX-C] 1.00-2.00 sec 1.00 MBytes 8.39 Mbits/sec [ 5][TX-C] 2.00-3.00 sec 0.00 Bytes 0.00 bits/sec 3 1.39 KBytes [ 7][RX-C] 2.00-3.00 sec 896 KBytes 7.35 Mbits/sec [ 5][TX-C] 3.00-4.00 sec 128 KBytes 1.05 Mbits/sec 2 2.79 KBytes [ 7][RX-C] 3.00-4.00 sec 896 KBytes 7.34 Mbits/sec [ 5][TX-C] 4.00-5.00 sec 0.00 Bytes 0.00 bits/sec 3 2.79 KBytes [ 7][RX-C] 4.00-5.00 sec 1.12 MBytes 9.43 Mbits/sec [ 5][TX-C] 5.00-6.00 sec 0.00 Bytes 0.00 bits/sec 3 1.39 KBytes [ 7][RX-C] 5.00-6.00 sec 1.38 MBytes 11.5 Mbits/sec [ 5][TX-C] 6.00-7.00 sec 0.00 Bytes 0.00 bits/sec 3 2.79 KBytes [ 7][RX-C] 6.00-7.00 sec 1.25 MBytes 10.5 Mbits/sec [ 5][TX-C] 7.00-8.00 sec 0.00 Bytes 0.00 bits/sec 3 2.79 KBytes [ 7][RX-C] 7.00-8.00 sec 1.38 MBytes 11.5 Mbits/sec [ 5][TX-C] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec 2 2.79 KBytes [ 7][RX-C] 8.00-9.00 sec 1.50 MBytes 12.6 Mbits/sec [ 5][TX-C] 9.00-10.00 sec 0.00 Bytes 0.00 bits/sec 1 4.18 KBytes [ 7][RX-C] 9.00-10.00 sec 1.50 MBytes 12.6 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID][Role] Interval Transfer Bitrate Retr [ 5][TX-C] 0.00-10.00 sec 256 KBytes 210 Kbits/sec 33 sender [ 5][TX-C] 0.00-10.06 sec 128 KBytes 104 Kbits/sec receiver [ 7][RX-C] 0.00-10.00 sec 13.8 MBytes 11.5 Mbits/sec 0 sender [ 7][RX-C] 0.00-10.06 sec 11.6 MBytes 9.70 Mbits/sec receiver iperf Done. Regards Stefan Lippers-Hollmann
Powered by blists - more mailing lists