lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 23 Sep 2022 09:11:48 +0200
From:   "Fuzzey, Martin" <martin.fuzzey@...wbird.group>
To:     Marek Vasut <marex@...x.de>
Cc:     linux-wireless@...r.kernel.org,
        Amitkumar Karwar <amit.karwar@...pinesignals.com>,
        Angus Ainslie <angus@...ea.ca>,
        Jakub Kicinski <kuba@...nel.org>,
        Kalle Valo <kvalo@...nel.org>,
        Martin Kepplinger <martink@...teo.de>,
        Prameela Rani Garnepudi <prameela.j04cs@...il.com>,
        Sebastian Krzyszkowiak <sebastian.krzyszkowiak@...i.sm>,
        Siva Rebbagondla <siva8118@...il.com>, netdev@...r.kernel.org
Subject: Re: [PATCH] wifi: rsi: Fix handling of 802.3 EAPOL frames sent via
 control port

Hi Marek,

On Thu, 22 Sept 2022 at 22:33, Marek Vasut <marex@...x.de> wrote:
>
> When using wpa_supplicant v2.10, this driver is no longer able to
> associate with any AP and fails in the EAPOL 4-way handshake while
> sending the 2/4 message to the AP. The problem is not present in
> wpa_supplicant v2.9 or older. The problem stems from HostAP commit
> 144314eaa ("wpa_supplicant: Send EAPOL frames over nl80211 where available")
> which changes the way EAPOL frames are sent, from them being send
> at L2 frames to them being sent via nl80211 control port.
...
> Therefore, to fix this problem, inspect the ETH_P_802_3 frames in
> the rsi_91x driver, check the ethertype of the encapsulated frame,
> and in case it is ETH_P_PAE, transmit the frame via high-priority
> queue just like other ETH_P_PAE frames.
>

> diff --git a/drivers/net/wireless/rsi/rsi_91x_core.c b/drivers/net/wireless/rsi/rsi_91x_core.c
> index 0f3a80f66b61c..d76c9dc99cafa 100644
> --- a/drivers/net/wireless/rsi/rsi_91x_core.c
> +++ b/drivers/net/wireless/rsi/rsi_91x_core.c
> +
>                 if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
> +                       tx_eapol = true;
> +               } else if (skb->protocol == cpu_to_be16(ETH_P_802_3)) {
> +                       hdr_len = ieee80211_get_hdrlen_from_skb(skb) +
> +                                 sizeof(rfc1042_header) - ETH_HLEN + 2;
> +                       eth_hdr = (struct ethhdr *)(skb->data + hdr_len);
> +                       if (eth_hdr->h_proto == cpu_to_be16(ETH_P_PAE))
> +                               tx_eapol = true;
> +               }
> +
> diff --git a/drivers/net/wireless/rsi/rsi_91x_hal.c b/drivers/net/wireless/rsi/rsi_91x_hal.c
> index c61f83a7333b6..d43754fff287d 100644
> @@ -168,6 +171,16 @@ int rsi_prepare_data_desc(struct rsi_common *common, struct sk_buff *skb)
> +       if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
> +               tx_eapol = true;
> +       } else if (skb->protocol == cpu_to_be16(ETH_P_802_3)) {
> +               hdr_len = ieee80211_get_hdrlen_from_skb(skb) +
> +                         sizeof(rfc1042_header) - ETH_HLEN + 2;
> +               eth_hdr = (struct ethhdr *)(skb->data + hdr_len);
> +               if (eth_hdr->h_proto == cpu_to_be16(ETH_P_PAE))
> +                       tx_eapol = true;
> +       }
> +

It looks like the same logic is being duplicated twice. Maybe create a
helper function for it, something like bool rsi_is_eapol(struct
sk_buff *skb) ?

Also I think it would be good to tag this for stable.

Martin

Powered by blists - more mailing lists