From nobody Mon Jun 26 12:09:07 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QqRTb2rxFz4k7Cg; Mon, 26 Jun 2023 12:09:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QqRTb25wwz3kVv; Mon, 26 Jun 2023 12:09:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687781347; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zjMREq/U1xZTs1jrICgiXaK4vRsxPwHOxYQJEzFo8AA=; b=crtEx97CQnq8Dzly5IIwgTqLmmAJFjYvHps088BknZNKuxmUbiXsTW3Gc+AdaI1W+g/JX9 dRI1ubXoFKRT8mzxUx1hXnrso7Y7kHVWxIRyGwIdY8HtuK3WF4j9+P9tXcYNO1B6Z57cZA mHPp2tfQ0wiCAZc4jcPnDSv61hEZFQpA8oG+73NUhc78Ln/rNDrDXFfIIRA+yor2xWpadM SDqiHe6ssQWSGjuJvWQodjndVjTIb3mtIk7a3C3pnIKCVjrcARdJZW+c3dvSgu8I+zUYv0 I79/RauYkU5Hk1eglBbr+m3zn34uGS8BTHQ/mj7cVxIFyO1oGqsjohGiBumFEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687781347; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zjMREq/U1xZTs1jrICgiXaK4vRsxPwHOxYQJEzFo8AA=; b=AX8BD7jrwjTzQuyN4OCczE1hYOAyuEVllzDqu+DYleqMjlPMizAFuSuhHSicyEhTr3xAyf 5H//IYa1xk7DxIU9a99ZJD8UcBXVUlqfB36D1UaqPXGQGegwwGpGMKIGR0WKT3vmViH77t l2AxArAD7biYDmnKc5NDphajxUpdgHH1KVXWFS+qI7TTSYDP47yn1JTuZWoikztLfeC4b5 kfk2N3KlEj49z6niPQYXos4YPSjeKJ2ftlviIrJZbBcxZDM9bDgUz0TG7nLXj9ip7bpgTy aPgbeQdfJIisXSMLfS5D9Tz1YseoPb5SoigeUK0Dow8476oyKZPaFxSnmgxZWw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687781347; a=rsa-sha256; cv=none; b=pwhiZurDeiEL9SoVSQtjMVhpVgrGiMrsQX2pF8mAE0spOqMkJgUGwX+XbtcNAIcckMvr+Q cVp97obpk885u08r+3eaiANrFiY6dQsBWoafNh5NP4KXB4+wyq6bm0XwAUVa0BHmE9Hciz fEj4/AV5zQ5SLWlpnI7oy8WHAN7OG09yeiup2MtKjwI40KSxVniz8mdbb6EdUTEK+r0sc3 IWjiqtdmQ+pGL4OK/E0movOMEq3aFPDXPi/7NXDMXx/sNVqHPZYy1y4Fso1VPHCIbPr9Qk iQ7Xgg/niC18JaOD8Itq41LHK/fcXwETdLnID3p8BvqtVMtcPmLjopH2wMfuVg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QqRTb196lz18P3; Mon, 26 Jun 2023 12:09:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35QC97cZ083671; Mon, 26 Jun 2023 12:09:07 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35QC97lQ083670; Mon, 26 Jun 2023 12:09:07 GMT (envelope-from git) Date: Mon, 26 Jun 2023 12:09:07 GMT Message-Id: <202306261209.35QC97lQ083670@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: "Bjoern A. Zeeb" Subject: git: 6c9bcecfb296 - stable/13 - net80211: fail for unicast traffic without unicast key List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bz X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 6c9bcecfb296b96a383012e02bc9582260588339 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by bz: URL: https://cgit.FreeBSD.org/src/commit/?id=6c9bcecfb296b96a383012e02bc9582260588339 commit 6c9bcecfb296b96a383012e02bc9582260588339 Author: domienschepers AuthorDate: 2022-11-10 00:00:00 +0000 Commit: Bjoern A. Zeeb CommitDate: 2023-06-26 12:02:00 +0000 net80211: fail for unicast traffic without unicast key Falling back to the multicast key may cause unicast traffic to leak. Instead fail when no key is found. For more information see the 'Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues' paper. [ I updated the commit message to reference the paper and the code comment to record historic behaviour as discussed in private email. ] (cherry picked from commit 61605e0ae5d8f34b89b8e71e393f3006f511e86a) --- sys/net80211/ieee80211_crypto.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/sys/net80211/ieee80211_crypto.c b/sys/net80211/ieee80211_crypto.c index 59760d1e7d9c..f5941392465b 100644 --- a/sys/net80211/ieee80211_crypto.c +++ b/sys/net80211/ieee80211_crypto.c @@ -560,13 +560,17 @@ ieee80211_crypto_get_txkey(struct ieee80211_node *ni, struct mbuf *m) /* * Multicast traffic always uses the multicast key. - * Otherwise if a unicast key is set we use that and - * it is always key index 0. When no unicast key is - * set we fall back to the default transmit key. + * + * Historically we would fall back to the default + * transmit key if there was no unicast key. This + * behaviour was documented up to IEEE Std 802.11-2016, + * 12.9.2.2 Per-MSDU/Per-A-MSDU Tx pseudocode, in the + * 'else' case but is no longer in later versions of + * the standard. Additionally falling back to the + * group key for unicast was a security risk. */ wh = mtod(m, struct ieee80211_frame *); - if (IEEE80211_IS_MULTICAST(wh->i_addr1) || - IEEE80211_KEY_UNDEFINED(&ni->ni_ucastkey)) { + if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { if (vap->iv_def_txkey == IEEE80211_KEYIX_NONE) { IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_CRYPTO, wh->i_addr1, @@ -578,6 +582,8 @@ ieee80211_crypto_get_txkey(struct ieee80211_node *ni, struct mbuf *m) return &vap->iv_nw_keys[vap->iv_def_txkey]; } + if (IEEE80211_KEY_UNDEFINED(&ni->ni_ucastkey)) + return NULL; return &ni->ni_ucastkey; }