lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 13 Feb 2023 10:55:00 +0000
From:   Marc Bornand <dev.mbornand@...temb.ch>
To:     Johannes Berg <johannes@...solutions.net>,
        linux-wireless@...r.kernel.org
Cc:     "David S . Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, Kalle Valo <kvalo@...nel.org>,
        Marc Bornand <dev.mbornand@...temb.ch>,
        Yohan Prod'homme <kernel@...do.fr>, stable@...r.kernel.org
Subject: [PATCH v2] Set ssid when authenticating

changes since v1:
- add some informations
- test it on wireless-2023-01-18 tag
- no real code change

When a connexion was established without going through
NL80211_CMD_CONNECT, the ssid was never set in the wireless_dev struct.
Now we set it during when an NL80211_CMD_AUTHENTICATE is issued.

It may be needed to test this on some additional hardware (tested with
iwlwifi and a AX201, and iwd on the userspace side), I could not test
things like roaming and p2p.

alternatives:
1. Do the same but during association and not authentication.
2. use ieee80211_bss_get_elem in nl80211_send_iface, this would report
   the right ssid to userspace, but this would not fix the root cause,
   this alos wa the behavior prior to 7b0a0e3c3a882 when the bug was
   introduced.

This applies to v6.2-rc8 or wireless-2023-01-18,

The last linux version known to be unafected is 5.19 and the bug was
backported to the 5.19.y releases

Reported-by: Yohan Prod'homme <kernel@...do.fr>
Fixes: 7b0a0e3c3a88260b6fcb017e49f198463aa62ed1
Cc: stable@...r.kernel.org
Link: https://bugzilla.kernel.org/show_bug.cgi?id=216711
Signed-off-by: Marc Bornand <dev.mbornand@...temb.ch>
---
 net/wireless/nl80211.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 33a82ecab9d5..f1627ea542b9 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -10552,6 +10552,10 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
 		return -ENOENT;

 	wdev_lock(dev->ieee80211_ptr);
+
+	memcpy(dev->ieee80211_ptr->u.client.ssid, ssid, ssid_len);
+	dev->ieee80211_ptr->u.client.ssid_len = ssid_len;
+
 	err = cfg80211_mlme_auth(rdev, dev, &req);
 	wdev_unlock(dev->ieee80211_ptr);

@@ -11025,6 +11029,11 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
 	local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];

 	wdev_lock(dev->ieee80211_ptr);
+
+	if (reason_code == WLAN_REASON_DEAUTH_LEAVING) {
+		dev->ieee80211_ptr->u.client.ssid_len = 0;
+	}
+
 	err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
 				   local_state_change);
 	wdev_unlock(dev->ieee80211_ptr);
--
2.39.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ