1
0

327-mac80211-accept-key-reinstall-without-changing-anyth.patch 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. From fdf7cb4185b60c68e1a75e61691c4afdc15dea0e Mon Sep 17 00:00:00 2001
  2. From: Johannes Berg <johannes.berg@intel.com>
  3. Date: Tue, 5 Sep 2017 14:54:54 +0200
  4. Subject: [PATCH] mac80211: accept key reinstall without changing anything
  5. When a key is reinstalled we can reset the replay counters
  6. etc. which can lead to nonce reuse and/or replay detection
  7. being impossible, breaking security properties, as described
  8. in the "KRACK attacks".
  9. In particular, CVE-2017-13080 applies to GTK rekeying that
  10. happened in firmware while the host is in D3, with the second
  11. part of the attack being done after the host wakes up. In
  12. this case, the wpa_supplicant mitigation isn't sufficient
  13. since wpa_supplicant doesn't know the GTK material.
  14. In case this happens, simply silently accept the new key
  15. coming from userspace but don't take any action on it since
  16. it's the same key; this keeps the PN replay counters intact.
  17. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  18. ---
  19. net/mac80211/key.c | 21 +++++++++++++++++----
  20. 1 file changed, 17 insertions(+), 4 deletions(-)
  21. diff --git a/net/mac80211/key.c b/net/mac80211/key.c
  22. index a98fc2b5e0dc..ae995c8480db 100644
  23. --- a/net/mac80211/key.c
  24. +++ b/net/mac80211/key.c
  25. @@ -4,7 +4,7 @@
  26. * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
  27. * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
  28. * Copyright 2013-2014 Intel Mobile Communications GmbH
  29. - * Copyright 2015 Intel Deutschland GmbH
  30. + * Copyright 2015-2017 Intel Deutschland GmbH
  31. *
  32. * This program is free software; you can redistribute it and/or modify
  33. * it under the terms of the GNU General Public License version 2 as
  34. @@ -620,9 +620,6 @@ int ieee80211_key_link(struct ieee80211_key *key,
  35. pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
  36. idx = key->conf.keyidx;
  37. - key->local = sdata->local;
  38. - key->sdata = sdata;
  39. - key->sta = sta;
  40. mutex_lock(&sdata->local->key_mtx);
  41. @@ -633,6 +630,21 @@ int ieee80211_key_link(struct ieee80211_key *key,
  42. else
  43. old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
  44. + /*
  45. + * Silently accept key re-installation without really installing the
  46. + * new version of the key to avoid nonce reuse or replay issues.
  47. + */
  48. + if (old_key && key->conf.keylen == old_key->conf.keylen &&
  49. + !memcmp(key->conf.key, old_key->conf.key, key->conf.keylen)) {
  50. + ieee80211_key_free_unused(key);
  51. + ret = 0;
  52. + goto out;
  53. + }
  54. +
  55. + key->local = sdata->local;
  56. + key->sdata = sdata;
  57. + key->sta = sta;
  58. +
  59. increment_tailroom_need_count(sdata);
  60. ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
  61. @@ -648,6 +660,7 @@ int ieee80211_key_link(struct ieee80211_key *key,
  62. ret = 0;
  63. }
  64. + out:
  65. mutex_unlock(&sdata->local->key_mtx);
  66. return ret;
  67. --
  68. 2.13.6