From: Johannes Berg <johannes@sipsolutions.net>
To: Jouni Malinen <jouni@qca.qualcomm.com>
Cc: linux-wireless@vger.kernel.org
Subject: Re: [PATCH 7/8] mac80211: FILS AEAD protection for station mode association frames
Date: Wed, 26 Oct 2016 07:49:59 +0200 [thread overview]
Message-ID: <1477460999.4059.13.camel@sipsolutions.net> (raw)
In-Reply-To: <1477435489-8555-3-git-send-email-jouni@qca.qualcomm.com>
> +static u8 *fils_find_session(u8 *pos, u8 *end)
> +{
> + while (end - pos > 2 && end - pos >= 2 + pos[1]) {
> + if (pos[0] == 255 && pos[1] == 1 + 8 && pos[2] == 4)
> + return pos;
> + pos += 2 + pos[1];
> + }
> +
> + return NULL;
> +}
Hmm. I think we should try to write this in terms of cfg80211_find_ie,
or perhaps cfg80211_find_ie_match, maybe we need to extend those but
this won't be the only one using the 255 escape.
Perhaps just making the eid passed there be a u16, and extending the
EID definitions appropriately?
The code would probably be shorter as is for now, but still ...
> + if (!session) {
> + sdata_info(sdata,
> + "No FILS Session element in
> (Re)Association Response frame from %pM",
> + mgmt->sa);
> + return -EINVAL;
Should we really print the message this prominently? It seems like an
error case that we may not want to log at all, in case somebody tries
to flood us with such frames?
> + crypt_len = frame + *frame_len - encr;
> + if (crypt_len < AES_BLOCK_SIZE) {
> + sdata_info(sdata,
> + "Not enough room for AES-SIV data after
> FILS Session element in (Re)Association Response frame from %pM",
> + mgmt->sa);
> + return -EINVAL;
> + }
> + res = aes_siv_decrypt(assoc_data->fils_kek, assoc_data-
> >fils_kek_len,
> + encr, crypt_len, 5, addr, len, encr);
> + if (res != 0) {
> + sdata_info(sdata,
> + "AES-SIV decryption of (Re)Association
> Response frame from %pM failed",
> + mgmt->sa);
> + return res;
> + }
Likewise here. Perhaps make these mlme_dbg() or so instead?
> + if (req->fils_nonces)
> + assoc_data_len += 2 * FILS_NONCE_LEN;
Is this really correct? It seems like a bit of an artifact of initially
having had the nonces in a variable part of the struct?
Or perhaps they have to go into the frame in some place that I missed?
Please add a comment if so.
Also, you're never checking req->fils_nonces_set, so you can get rid of
that.
johannes
next prev parent reply other threads:[~2016-10-26 5:50 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-25 22:44 [PATCH 5/8] cfg80211: Add KEK/nonces for FILS association frames Jouni Malinen
2016-10-25 22:44 ` [PATCH 6/8] mac80211: Add FILS auth alg mapping Jouni Malinen
2016-10-25 22:44 ` [PATCH 7/8] mac80211: FILS AEAD protection for station mode association frames Jouni Malinen
2016-10-26 5:49 ` Johannes Berg [this message]
2016-10-26 21:04 ` Malinen, Jouni
2016-10-25 22:44 ` [PATCH 8/8] mac80211: Claim Fast Initial Link Setup (FILS) support Jouni Malinen
2016-10-26 5:50 ` Johannes Berg
2016-10-26 9:23 ` Malinen, Jouni
2016-10-26 9:26 ` Johannes Berg
2016-10-26 5:36 ` [PATCH 5/8] cfg80211: Add KEK/nonces for FILS association frames Johannes Berg
2016-10-26 9:18 ` Malinen, Jouni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1477460999.4059.13.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=jouni@qca.qualcomm.com \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).