brain-hackers_pepepper-mirror/linux-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/linux-brain.git synced 2024-06-09 23:36:23 +09:00
Code Issues Projects Releases Wiki Activity
4.14-2.3.x-imx
linux-brain/net/mac80211
History
Jouni Malinen 0a4b3ef53f mac80211: Fix TKIP replay protection immediately after key setup 
[ Upstream commit 6f601265215a421f425ba3a4850a35861d024643 ]

TKIP replay protection was skipped for the very first frame received
after a new key is configured. While this is potentially needed to avoid
dropping a frame in some cases, this does leave a window for replay
attacks with group-addressed frames at the station side. Any earlier
frame sent by the AP using the same key would be accepted as a valid
frame and the internal RSC would then be updated to the TSC from that
frame. This would allow multiple previously transmitted group-addressed
frames to be replayed until the next valid new group-addressed frame
from the AP is received by the station.

Fix this by limiting the no-replay-protection exception to apply only
for the case where TSC=0, i.e., when this is for the very first frame
protected using the new key, and the local RSC had not been set to a
higher value when configuring the key (which may happen with GTK).

Signed-off-by: Jouni Malinen <j@w1.fi>
Link: https://lore.kernel.org/r/20200107153545.10934-1-j@w1.fi
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-02-05 14:18:21 +00:00
..
aes_ccm.c mac80211: move struct aead_req off the stack 2016-10-17 16:14:04 +02:00
aes_ccm.h mac80211: move struct aead_req off the stack 2016-10-17 16:14:04 +02:00
aes_cmac.c mac80211: aes-cmac: switch to shash CMAC driver 2017-02-08 09:19:33 +01:00
aes_cmac.h mac80211: aes-cmac: switch to shash CMAC driver 2017-02-08 09:19:33 +01:00
aes_gcm.c mac80211: move struct aead_req off the stack 2016-10-17 16:14:04 +02:00
aes_gcm.h mac80211: move struct aead_req off the stack 2016-10-17 16:14:04 +02:00
aes_gmac.c mac80211: move struct aead_req off the stack 2016-10-17 16:14:04 +02:00
aes_gmac.h mac80211: move struct aead_req off the stack 2016-10-17 16:14:04 +02:00
agg-rx.c mac80211: Fix sending ADDBA response for an ongoing session 2018-05-30 07:51:58 +02:00
agg-tx.c mac80211: Fix Tx aggregation session tear down with ITXQs 2019-03-23 14:35:12 +01:00
cfg.c cfg80211: Fix radar event during another phy CAC 2020-02-05 14:18:21 +00:00
chan.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-17 15:19:37 -05:00
debug.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_key.c mac80211: move TKIP TX IVs to public part of key struct 2016-02-24 09:04:38 +01:00
debugfs_key.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_netdev.c mac80211: fix txq null pointer dereference 2019-10-29 09:16:57 +01:00
debugfs_netdev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_sta.c mac80211: Dynamically set CoDel parameters per station 2017-05-17 16:03:40 +02:00
debugfs_sta.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs.c mac80211: check for allocation failure in debugfs code 2017-02-08 10:05:07 +01:00
debugfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
driver-ops.c mac80211: don't warn about CW params when not using them 2019-08-16 10:13:51 +02:00
driver-ops.h mac80211: do not call driver wake_tx_queue op during reconfig 2019-04-27 09:35:38 +02:00
ethtool.c mac80211: move station statistics into sub-structs 2015-10-21 10:08:22 +02:00
fils_aead.c Some more updates: 2017-02-10 14:31:51 -05:00
fils_aead.h mac80211: FILS AEAD protection for station mode association frames 2016-10-27 16:03:25 +02:00
ht.c mac80211: fix deadlock in driver-managed RX BA session start 2017-09-06 15:22:02 +02:00
ibss.c mac80211: shorten the IBSS debug messages 2018-10-10 08:54:22 +02:00
ieee80211_i.h mac80211: only warn once on chanctx_conf being NULL 2019-07-21 09:04:25 +02:00
iface.c mac80211: Fix kernel panic due to use of txq after free 2019-05-25 18:25:35 +02:00
Kconfig mac80211: fils_aead: Use crypto api CMAC shash rather than bare cipher 2017-02-08 09:19:17 +01:00
key.c mac80211: restrict delayed tailroom needed decrement 2018-09-26 08:38:03 +02:00
key.h mac80211: aes-cmac: switch to shash CMAC driver 2017-02-08 09:19:33 +01:00
led.c mac80211: fix throughput LED trigger 2015-05-11 19:16:04 +02:00
led.h mac80211: make LED triggering depend on activation 2015-05-05 14:21:56 +02:00
main.c mac80211: fix a race between restart and CSA flows 2018-10-10 08:54:21 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mesh_hwmp.c mac80211: mesh: restrict airtime metric to peered established plinks 2020-02-05 14:18:18 +00:00
mesh_pathtbl.c mac80211: fix unaligned access in mesh table hash function 2019-05-16 19:42:20 +02:00
mesh_plink.c networking: convert many more places to skb_put_zero() 2017-06-16 11:48:35 -04:00
mesh_ps.c networking: make skb_put & friends return void pointers 2017-06-16 11:48:39 -04:00
mesh_sync.c mac80211: Use appropriate name for functions and messages 2016-12-13 16:22:27 +01:00
mesh.c mac80211: free peer keys before vif down in mesh 2019-07-21 09:04:19 +02:00
mesh.h mac80211: fix TX status reporting for ieee80211s 2018-11-04 14:52:37 +01:00
michael.c
michael.h mac80211: fix some missing includes 2014-04-09 14:49:43 +02:00
mlme.c mac80211: Reject malformed SSID elements 2019-10-29 09:17:35 +01:00
ocb.c mac80211: remove rx_stats.last_rx update after sta alloc 2016-04-06 13:18:15 +02:00
offchannel.c mac80211: flush hw_roc_start work before cancelling the ROC 2017-09-05 16:25:07 +02:00
pm.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rate.c mac80211: Dynamically set CoDel parameters per station 2017-05-17 16:03:40 +02:00
rate.h mac80211: make rate control tx status API more extensible 2017-04-28 10:57:33 +02:00
rc80211_minstrel_debugfs.c mac80211: minstrel: store probability variance instead of standard deviation 2016-12-15 11:07:52 +01:00
rc80211_minstrel_ht_debugfs.c mac80211: minstrel: store probability variance instead of standard deviation 2016-12-15 11:07:52 +01:00
rc80211_minstrel_ht.c mac80211: minstrel_ht: fix per-group max throughput rate initialization 2020-01-27 14:46:43 +01:00
rc80211_minstrel_ht.h mac80211: minstrel_ht: move supported bitrate mask out of group data 2016-12-15 11:07:52 +01:00
rc80211_minstrel.c mac80211: make rate control tx status API more extensible 2017-04-28 10:57:33 +02:00
rc80211_minstrel.h mac80211: minstrel: make prob_ewma u16 instead of u32 2016-12-15 11:07:53 +01:00
rx.c mac80211: accept deauth frames in IBSS mode 2020-01-27 14:46:49 +01:00
scan.c cfg80211: add request id to cfg80211_sched_scan_*() api 2017-04-28 14:51:43 +02:00
spectmgmt.c mac80211: Do not disconnect on invalid operating class 2018-05-30 07:51:58 +02:00
sta_info.c mac80211: Do not send Layer 2 Update frame before authorization 2020-01-17 19:45:42 +01:00
sta_info.h mac80211: manage RX BA session offload without SKB queue 2017-06-08 14:16:29 +02:00
status.c mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED 2019-12-31 12:37:49 +01:00
tdls.c mac80211: handle deauthentication/disassociation from TDLS peer 2019-06-25 11:36:55 +08:00
tkip.c mac80211: Fix TKIP replay protection immediately after key setup 2020-02-05 14:18:21 +00:00
tkip.h mac80211: move TKIP TX IVs to public part of key struct 2016-02-24 09:04:38 +01:00
trace_msg.h mac80211: Increase MAX_MSG_LEN 2019-05-16 19:42:21 +02:00
trace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tx.c mac80211: fix memory accounting with A-MSDU aggregation 2019-05-16 19:42:21 +02:00
util.c mac80211: add stations tied to AP_VLANs during hw reconfig 2018-09-05 09:26:23 +02:00
vht.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-17 15:19:37 -05:00
wep.c mac80211: Add RX flag to indicate ICV stripped 2017-01-12 10:15:18 +01:00
wep.h
wme.c mac80211: preserve more bits when building QoS header 2016-10-12 14:17:13 +02:00
wme.h mac80211: add WMM admission control support 2014-10-22 10:42:09 +02:00
wpa.c mac80211: Do not use stack memory with scatterlist for GMAC 2019-06-25 11:36:55 +08:00
wpa.h mac80111: Add BIP-GMAC-128 and BIP-GMAC-256 ciphers 2015-01-27 11:10:13 +01:00