lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAK-6q+iun+K8F6Mv3=WLL92iZnv-9oSnoRYtY4Zex2DZqS8ABQ@mail.gmail.com> Date: Mon, 10 Oct 2022 21:04:32 -0400 From: Alexander Aring <aahringo@...hat.com> To: Miquel Raynal <miquel.raynal@...tlin.com> Cc: Alexander Aring <alex.aring@...il.com>, Stefan Schmidt <stefan@...enfreihafen.org>, linux-wpan@...r.kernel.org, "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>, netdev@...r.kernel.org, David Girault <david.girault@...vo.com>, Romuald Despres <romuald.despres@...vo.com>, Frederic Blain <frederic.blain@...vo.com>, Nicolas Schodet <nico@...fr.eu.org>, Thomas Petazzoni <thomas.petazzoni@...tlin.com> Subject: Re: [PATCH wpan/next v4 5/8] ieee802154: hwsim: Implement address filtering Hi, On Fri, Oct 7, 2022 at 4:53 AM Miquel Raynal <miquel.raynal@...tlin.com> wrote: > > We have access to the address filters being theoretically applied, we > also have access to the actual filtering level applied, so let's add a > proper frame validation sequence in hwsim. > > Signed-off-by: Miquel Raynal <miquel.raynal@...tlin.com> > --- > drivers/net/ieee802154/mac802154_hwsim.c | 111 ++++++++++++++++++++++- > include/net/ieee802154_netdev.h | 8 ++ > 2 files changed, 117 insertions(+), 2 deletions(-) > > diff --git a/drivers/net/ieee802154/mac802154_hwsim.c b/drivers/net/ieee802154/mac802154_hwsim.c > index 458be66b5195..84ee948f35bc 100644 > --- a/drivers/net/ieee802154/mac802154_hwsim.c > +++ b/drivers/net/ieee802154/mac802154_hwsim.c > @@ -18,6 +18,7 @@ > #include <linux/netdevice.h> > #include <linux/device.h> > #include <linux/spinlock.h> > +#include <net/ieee802154_netdev.h> > #include <net/mac802154.h> > #include <net/cfg802154.h> > #include <net/genetlink.h> > @@ -139,6 +140,113 @@ static int hwsim_hw_addr_filt(struct ieee802154_hw *hw, > return 0; > } > > +static void hwsim_hw_receive(struct ieee802154_hw *hw, struct sk_buff *skb, > + u8 lqi) > +{ > + struct ieee802154_hdr hdr; > + struct hwsim_phy *phy = hw->priv; > + struct hwsim_pib *pib; > + > + rcu_read_lock(); > + pib = rcu_dereference(phy->pib); > + > + if (!pskb_may_pull(skb, 3)) { > + dev_dbg(hw->parent, "invalid frame\n"); > + goto drop; > + } > + > + memcpy(&hdr, skb->data, 3); > + > + /* Level 4 filtering: Frame fields validity */ > + if (hw->phy->filtering == IEEE802154_FILTERING_4_FRAME_FIELDS) { > + > + /* a) Drop reserved frame types */ > + switch (mac_cb(skb)->type) { > + case IEEE802154_FC_TYPE_BEACON: > + case IEEE802154_FC_TYPE_DATA: > + case IEEE802154_FC_TYPE_ACK: > + case IEEE802154_FC_TYPE_MAC_CMD: > + break; > + default: > + dev_dbg(hw->parent, "unrecognized frame type 0x%x\n", > + mac_cb(skb)->type); > + goto drop; > + } > + > + /* b) Drop reserved frame versions */ > + switch (hdr.fc.version) { > + case IEEE802154_2003_STD: > + case IEEE802154_2006_STD: > + case IEEE802154_STD: > + break; > + default: > + dev_dbg(hw->parent, > + "unrecognized frame version 0x%x\n", > + hdr.fc.version); > + goto drop; > + } > + > + /* c) PAN ID constraints */ > + if ((mac_cb(skb)->dest.mode == IEEE802154_ADDR_LONG || > + mac_cb(skb)->dest.mode == IEEE802154_ADDR_SHORT) && > + mac_cb(skb)->dest.pan_id != pib->filt.pan_id && > + mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST)) { > + dev_dbg(hw->parent, > + "unrecognized PAN ID %04x\n", > + le16_to_cpu(mac_cb(skb)->dest.pan_id)); > + goto drop; > + } > + > + /* d1) Short address constraints */ > + if (mac_cb(skb)->dest.mode == IEEE802154_ADDR_SHORT && > + mac_cb(skb)->dest.short_addr != pib->filt.short_addr && > + mac_cb(skb)->dest.short_addr != cpu_to_le16(IEEE802154_ADDR_BROADCAST)) { > + dev_dbg(hw->parent, > + "unrecognized short address %04x\n", > + le16_to_cpu(mac_cb(skb)->dest.short_addr)); > + goto drop; > + } > + > + /* d2) Extended address constraints */ > + if (mac_cb(skb)->dest.mode == IEEE802154_ADDR_LONG && > + mac_cb(skb)->dest.extended_addr != pib->filt.ieee_addr) { > + dev_dbg(hw->parent, > + "unrecognized long address 0x%016llx\n", > + mac_cb(skb)->dest.extended_addr); > + goto drop; > + } > + > + /* d4) Specific PAN coordinator case (no parent) */ > + if ((mac_cb(skb)->type == IEEE802154_FC_TYPE_DATA || > + mac_cb(skb)->type == IEEE802154_FC_TYPE_MAC_CMD) && > + mac_cb(skb)->dest.mode == IEEE802154_ADDR_NONE) { > + dev_dbg(hw->parent, > + "relaying is not supported\n"); > + goto drop; > + } > + > + /* e) Beacon frames follow specific PAN ID rules */ > + if (mac_cb(skb)->type == IEEE802154_FC_TYPE_BEACON && > + pib->filt.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST) && > + mac_cb(skb)->dest.pan_id != pib->filt.pan_id) { > + dev_dbg(hw->parent, > + "invalid beacon PAN ID %04x\n", > + le16_to_cpu(mac_cb(skb)->dest.pan_id)); > + goto drop; > + } > + } > + > + rcu_read_unlock(); > + > + ieee802154_rx_irqsafe(hw, skb, lqi); what is about if hwsim goes into promiscuous mode, then this software filtering should be skipped? - Alex
Powered by blists - more mailing lists