Re: iwm(4): fix ccmp decrypt edge cases

Fri, 16 Aug 2019 03:13:38 -0700 


On Thu, 15 Aug 2019, Stefan Sperling wrote:
> On Thu, Aug 15, 2019 at 03:47:02PM +1200, [email protected] wrote:
> > > I agree we should handle a missing key but suggest an alternative 
> > > approach 
> > > below.
> 
> Hmm... your patch is surprisingly simple. I like it :)
> 
> I am still a bit worried about iwm firmware failing to install the key,
> which this patch would not handle. But that's a separate question.

See below for updated diff. Nice idea to add a panic on encrypt. 
Also I've followed the existing idiom of m_freem(m0); return NULL; 

I've checked that all assignments to k_flags are to fresh keys; the new 
flag is never clobbered.

The new check will be accounted against is_rx_wepfail ("input wep/wpa 
packets failed").

Lightly tested with a download and ifconfig up/down. 

ok?

best, 
Richard. 

Index: net80211/ieee80211_crypto.c
===================================================================
RCS file: /cvs/src/sys/net80211/ieee80211_crypto.c,v
retrieving revision 1.74
diff -u -p -u -p -r1.74 ieee80211_crypto.c
--- net80211/ieee80211_crypto.c 24 Sep 2018 20:14:59 -0000      1.74
+++ net80211/ieee80211_crypto.c 16 Aug 2019 09:50:47 -0000
@@ -157,6 +157,10 @@ ieee80211_set_key(struct ieee80211com *i
                /* should not get there */
                error = EINVAL;
        }
+
+       if (error == 0)
+               k->k_flags |= IEEE80211_KEY_SWCRYPTO;
+
        return error;
 }
 
@@ -209,6 +213,9 @@ struct mbuf *
 ieee80211_encrypt(struct ieee80211com *ic, struct mbuf *m0,
     struct ieee80211_key *k)
 {
+       if ((k->k_flags & IEEE80211_KEY_SWCRYPTO) == 0)
+               panic("%s: unset key %d", __func__, k->k_id);
+
        switch (k->k_cipher) {
        case IEEE80211_CIPHER_WEP40:
        case IEEE80211_CIPHER_WEP104:
@@ -280,6 +287,12 @@ ieee80211_decrypt(struct ieee80211com *i
                }
                k = &ic->ic_nw_keys[kid];
        }
+
+       if ((k->k_flags & IEEE80211_KEY_SWCRYPTO) == 0) {
+               m_free(m0);
+               return NULL;
+       }
+
        switch (k->k_cipher) {
        case IEEE80211_CIPHER_WEP40:
        case IEEE80211_CIPHER_WEP104:
Index: net80211/ieee80211_crypto.h
===================================================================
RCS file: /cvs/src/sys/net80211/ieee80211_crypto.h,v
retrieving revision 1.25
diff -u -p -u -p -r1.25 ieee80211_crypto.h
--- net80211/ieee80211_crypto.h 18 Aug 2017 17:30:12 -0000      1.25
+++ net80211/ieee80211_crypto.h 16 Aug 2019 09:50:47 -0000
@@ -78,6 +78,7 @@ struct ieee80211_key {
 #define IEEE80211_KEY_GROUP    0x00000001      /* group data key */
 #define IEEE80211_KEY_TX       0x00000002      /* Tx+Rx */
 #define IEEE80211_KEY_IGTK     0x00000004      /* integrity group key */
+#define IEEE80211_KEY_SWCRYPTO 0x00000080      /* loaded for software crypto */
 
        u_int                   k_len;
        u_int64_t               k_rsc[IEEE80211_NUM_TID];

Reply via email to