From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, "Jason A. Donenfeld" <Jason@zx2c4.com>,
Johannes Berg <johannes@sipsolutions.net>,
linux-wireless@vger.kernel.org,
Johannes Berg <johannes.berg@intel.com>
Subject: [PATCH 4.4 06/30] mac80211/wpa: use constant time memory comparison for MACs
Date: Mon, 19 Jun 2017 23:20:40 +0800 [thread overview]
Message-ID: <20170619152033.564848069@linuxfoundation.org> (raw)
In-Reply-To: <20170619152033.211450261@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jason A. Donenfeld <Jason@zx2c4.com>
commit 98c67d187db7808b1f3c95f2110dd4392d034182 upstream.
Otherwise, we enable all sorts of forgeries via timing attack.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/mac80211/wpa.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -16,6 +16,7 @@
#include <asm/unaligned.h>
#include <net/mac80211.h>
#include <crypto/aes.h>
+#include <crypto/algapi.h>
#include "ieee80211_i.h"
#include "michael.h"
@@ -152,7 +153,7 @@ ieee80211_rx_h_michael_mic_verify(struct
data_len = skb->len - hdrlen - MICHAEL_MIC_LEN;
key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY];
michael_mic(key, hdr, data, data_len, mic);
- if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0)
+ if (crypto_memneq(mic, data + data_len, MICHAEL_MIC_LEN))
goto mic_fail;
/* remove Michael MIC from payload */
@@ -1044,7 +1045,7 @@ ieee80211_crypto_aes_cmac_decrypt(struct
bip_aad(skb, aad);
ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
skb->data + 24, skb->len - 24, mic);
- if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
+ if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) {
key->u.aes_cmac.icverrors++;
return RX_DROP_UNUSABLE;
}
@@ -1094,7 +1095,7 @@ ieee80211_crypto_aes_cmac_256_decrypt(st
bip_aad(skb, aad);
ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
skb->data + 24, skb->len - 24, mic);
- if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
+ if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) {
key->u.aes_cmac.icverrors++;
return RX_DROP_UNUSABLE;
}
@@ -1198,7 +1199,7 @@ ieee80211_crypto_aes_gmac_decrypt(struct
if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
skb->data + 24, skb->len - 24,
mic) < 0 ||
- memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
+ crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) {
key->u.aes_gmac.icverrors++;
return RX_DROP_UNUSABLE;
}
next prev parent reply other threads:[~2017-06-19 15:44 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-19 15:20 [PATCH 4.4 00/30] 4.4.74-stable review Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 01/30] configfs: Fix race between create_link and configfs_rmdir Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 02/30] can: gs_usb: fix memory leak in gs_cmd_reset() Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 04/30] [media] vb2: Fix an off by one error in vb2_plane_vaddr Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 05/30] mac80211: dont look at the PM bit of BAR frames Greg Kroah-Hartman
2017-06-19 15:20 ` Greg Kroah-Hartman [this message]
2017-06-19 15:20 ` [PATCH 4.4 08/30] mac80211: fix IBSS presp allocation size Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 10/30] x86/mm/32: Set the __vmalloc_start_set flag in initmem_init() Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 11/30] mfd: omap-usb-tll: Fix inverted bit use for USB TLL mode Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 12/30] staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data() Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 13/30] iio: proximity: as3935: recalibrate RCO after resume Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 14/30] USB: hub: fix SS max number of ports Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 15/30] usb: core: fix potential memory leak in error path during hcd creation Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 16/30] [media] pvrusb2: reduce stack usage pvr2_eeprom_analyze() Greg Kroah-Hartman
2017-06-29 16:15 ` Ben Hutchings
2017-07-03 7:31 ` Greg Kroah-Hartman
2017-07-03 7:47 ` Arnd Bergmann
2017-07-03 13:37 ` Ben Hutchings
2017-07-03 14:39 ` Arnd Bergmann
2017-06-19 15:20 ` [PATCH 4.4 17/30] USB: gadget: dummy_hcd: fix hub-descriptor removable fields Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 18/30] usb: r8a66597-hcd: select a different endpoint on timeout Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 19/30] usb: r8a66597-hcd: decrease timeout Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 20/30] drivers/misc/c2port/c2port-duramar2150.c: checking for NULL instead of IS_ERR() Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 21/30] usb: xhci: ASMedia ASM1042A chipset need shorts TX quirk Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 22/30] USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks Greg Kroah-Hartman
2017-06-29 16:57 ` Ben Hutchings
2017-06-29 18:10 ` Alan Stern
2017-06-19 15:20 ` [PATCH 4.4 23/30] mm/memory-failure.c: use compound_head() flags for huge pages Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 24/30] swap: cond_resched in swap_cgroup_prepare() Greg Kroah-Hartman
2017-06-29 17:23 ` Ben Hutchings
2017-07-03 7:29 ` Greg Kroah-Hartman
2017-06-19 15:20 ` [PATCH 4.4 25/30] genirq: Release resources in __setup_irq() error path Greg Kroah-Hartman
2017-06-19 15:21 ` [PATCH 4.4 26/30] alarmtimer: Prevent overflow of relative timers Greg Kroah-Hartman
2017-06-19 15:21 ` [PATCH 4.4 27/30] usb: dwc3: exynos fix axius clock error path to do cleanup Greg Kroah-Hartman
2017-06-19 15:21 ` [PATCH 4.4 28/30] MIPS: Fix bnezc/jialc return address calculation Greg Kroah-Hartman
2017-06-19 15:21 ` [PATCH 4.4 29/30] alarmtimer: Rate limit periodic intervals Greg Kroah-Hartman
2017-06-19 15:21 ` [PATCH 4.4 30/30] mm: larger stack guard gap, between vmas Greg Kroah-Hartman
2017-06-21 5:41 ` Hugh Dickins
2017-06-24 15:00 ` Greg Kroah-Hartman
2017-06-20 0:11 ` [PATCH 4.4 00/30] 4.4.74-stable review Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170619152033.564848069@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=johannes.berg@intel.com \
--cc=johannes@sipsolutions.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox