lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200329195109.GA10156@jouni.qca.qualcomm.com>
Date:   Sun, 29 Mar 2020 22:51:09 +0300
From:   Jouni Malinen <jouni@...eaurora.org>
To:     Chris Clayton <chris2553@...glemail.com>
Cc:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        David Miller <davem@...emloft.net>, johannes.berg@...el.com
Subject: Re: 5.6.0-rc7+ fails to connect to wifi network

On Sun, Mar 29, 2020 at 11:54:26AM +0100, Chris Clayton wrote:
> > Let me know if I can provide any additional diagnostics and/or test any patches.

Important was the dmesg output that also identified which driver was
used..

> I've bisected this and landed at:
> 
> ce2e1ca703071723ca2dd94d492a5ab6d15050da is the first bad commit
> commit ce2e1ca703071723ca2dd94d492a5ab6d15050da
> Author: Jouni Malinen <jouni@...eaurora.org>
> Date:   Thu Mar 26 15:51:34 2020 +0100
> 
>     mac80211: Check port authorization in the ieee80211_tx_dequeue() case
> 
>     mac80211 used to check port authorization in the Data frame enqueue case
>     when going through start_xmit(). However, that authorization status may
>     change while the frame is waiting in a queue. Add a similar check in the
>     dequeue case to avoid sending previously accepted frames after
>     authorization change. This provides additional protection against
>     potential leaking of frames after a station has been disconnected and
>     the keys for it are being removed.

Thanks for finding and reporting this. The changes here were indeed
supposed to apply only to Data frames and that's what they did with the
driver I tested this with which is why this did not come up earlier.
However, this path can get Management frames (and it was indeed the
Authentication frames that were getting dropped in your case with
iwlwifi) and that needs to addressed in the conditions here.

Johannes fixed this with the following change:
https://patchwork.kernel.org/patch/11464207/

-- 
Jouni Malinen                                            PGP id EFC895FA

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ