4f031fa9f1
Commit7ec7c4a9a6
(mac80211: port CCMP to cryptoapi's CCM driver) introduced a regression when decrypting empty packets (data_len == 0). This will lead to backtraces like: (scatterwalk_start) from [<c01312f4>] (scatterwalk_map_and_copy+0x2c/0xa8) (scatterwalk_map_and_copy) from [<c013a5a0>] (crypto_ccm_decrypt+0x7c/0x25c) (crypto_ccm_decrypt) from [<c032886c>] (ieee80211_aes_ccm_decrypt+0x160/0x170) (ieee80211_aes_ccm_decrypt) from [<c031c628>] (ieee80211_crypto_ccmp_decrypt+0x1ac/0x238) (ieee80211_crypto_ccmp_decrypt) from [<c032ef28>] (ieee80211_rx_handlers+0x870/0x1d24) (ieee80211_rx_handlers) from [<c0330c7c>] (ieee80211_prepare_and_rx_handle+0x8a0/0x91c) (ieee80211_prepare_and_rx_handle) from [<c0331260>] (ieee80211_rx+0x568/0x730) (ieee80211_rx) from [<c01d3054>] (__carl9170_rx+0x94c/0xa20) (__carl9170_rx) from [<c01d3324>] (carl9170_rx_stream+0x1fc/0x320) (carl9170_rx_stream) from [<c01cbccc>] (carl9170_usb_tasklet+0x80/0xc8) (carl9170_usb_tasklet) from [<c00199dc>] (tasklet_hi_action+0x88/0xcc) (tasklet_hi_action) from [<c00193c8>] (__do_softirq+0xcc/0x200) (__do_softirq) from [<c0019734>] (irq_exit+0x80/0xe0) (irq_exit) from [<c0009c10>] (handle_IRQ+0x64/0x80) (handle_IRQ) from [<c000c3a0>] (__irq_svc+0x40/0x4c) (__irq_svc) from [<c0009d44>] (arch_cpu_idle+0x2c/0x34) Such packets can appear for example when using the carl9170 wireless driver because hardware sometimes generates garbage when the internal FIFO overruns. This patch adds an additional length check. Cc: stable@vger.kernel.org Fixes:7ec7c4a9a6
("mac80211: port CCMP to cryptoapi's CCM driver") Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Ronald Wahl <ronald.wahl@raritan.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
98 lines
2.6 KiB
C
98 lines
2.6 KiB
C
/*
|
|
* Copyright 2003-2004, Instant802 Networks, Inc.
|
|
* Copyright 2005-2006, Devicescape Software, Inc.
|
|
*
|
|
* Rewrite: Copyright (C) 2013 Linaro Ltd <ard.biesheuvel@linaro.org>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
* published by the Free Software Foundation.
|
|
*/
|
|
|
|
#include <linux/kernel.h>
|
|
#include <linux/types.h>
|
|
#include <linux/crypto.h>
|
|
#include <linux/err.h>
|
|
#include <crypto/aes.h>
|
|
|
|
#include <net/mac80211.h>
|
|
#include "key.h"
|
|
#include "aes_ccm.h"
|
|
|
|
void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
|
|
u8 *data, size_t data_len, u8 *mic)
|
|
{
|
|
struct scatterlist assoc, pt, ct[2];
|
|
|
|
char aead_req_data[sizeof(struct aead_request) +
|
|
crypto_aead_reqsize(tfm)]
|
|
__aligned(__alignof__(struct aead_request));
|
|
struct aead_request *aead_req = (void *) aead_req_data;
|
|
|
|
memset(aead_req, 0, sizeof(aead_req_data));
|
|
|
|
sg_init_one(&pt, data, data_len);
|
|
sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
|
|
sg_init_table(ct, 2);
|
|
sg_set_buf(&ct[0], data, data_len);
|
|
sg_set_buf(&ct[1], mic, IEEE80211_CCMP_MIC_LEN);
|
|
|
|
aead_request_set_tfm(aead_req, tfm);
|
|
aead_request_set_assoc(aead_req, &assoc, assoc.length);
|
|
aead_request_set_crypt(aead_req, &pt, ct, data_len, b_0);
|
|
|
|
crypto_aead_encrypt(aead_req);
|
|
}
|
|
|
|
int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
|
|
u8 *data, size_t data_len, u8 *mic)
|
|
{
|
|
struct scatterlist assoc, pt, ct[2];
|
|
char aead_req_data[sizeof(struct aead_request) +
|
|
crypto_aead_reqsize(tfm)]
|
|
__aligned(__alignof__(struct aead_request));
|
|
struct aead_request *aead_req = (void *) aead_req_data;
|
|
|
|
if (data_len == 0)
|
|
return -EINVAL;
|
|
|
|
memset(aead_req, 0, sizeof(aead_req_data));
|
|
|
|
sg_init_one(&pt, data, data_len);
|
|
sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
|
|
sg_init_table(ct, 2);
|
|
sg_set_buf(&ct[0], data, data_len);
|
|
sg_set_buf(&ct[1], mic, IEEE80211_CCMP_MIC_LEN);
|
|
|
|
aead_request_set_tfm(aead_req, tfm);
|
|
aead_request_set_assoc(aead_req, &assoc, assoc.length);
|
|
aead_request_set_crypt(aead_req, ct, &pt,
|
|
data_len + IEEE80211_CCMP_MIC_LEN, b_0);
|
|
|
|
return crypto_aead_decrypt(aead_req);
|
|
}
|
|
|
|
struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[])
|
|
{
|
|
struct crypto_aead *tfm;
|
|
int err;
|
|
|
|
tfm = crypto_alloc_aead("ccm(aes)", 0, CRYPTO_ALG_ASYNC);
|
|
if (IS_ERR(tfm))
|
|
return tfm;
|
|
|
|
err = crypto_aead_setkey(tfm, key, WLAN_KEY_LEN_CCMP);
|
|
if (!err)
|
|
err = crypto_aead_setauthsize(tfm, IEEE80211_CCMP_MIC_LEN);
|
|
if (!err)
|
|
return tfm;
|
|
|
|
crypto_free_aead(tfm);
|
|
return ERR_PTR(err);
|
|
}
|
|
|
|
void ieee80211_aes_key_free(struct crypto_aead *tfm)
|
|
{
|
|
crypto_free_aead(tfm);
|
|
}
|