diff options
author | anthraxx | 2020-11-05 23:41:23 +0100 |
---|---|---|
committer | anthraxx | 2020-11-05 23:41:23 +0100 |
commit | c9822e6ff00e7933f9be037fb5a0b31ef9ee7c0a (patch) | |
tree | 6b7c67ee3066b24a8a17b56e146e4a0f25b0b58c | |
parent | 4e39b4df483933157618bd051071f7bc9f858aef (diff) | |
download | aur-c9822e6ff00e7933f9be037fb5a0b31ef9ee7c0a.tar.gz |
mac80211: fix regression where EAPOL frames were sent in plaintext
-rw-r--r-- | .SRCINFO | 3 | ||||
-rw-r--r-- | PKGBUILD | 3 | ||||
-rw-r--r-- | mac80211-fix-regression-where-EAPOL-frames-were-sent-in-plaintext.patch | 48 |
3 files changed, 52 insertions, 2 deletions
@@ -1,6 +1,6 @@ pkgbase = linux-hardened-git pkgdesc = Security-Hardened Linux - pkgver = 5.9.1.r951396.g6738ba9cd565 + pkgver = 5.9.6.r952626.gf86102e71f88 pkgrel = 1 url = https://github.com/anthraxx/linux-hardened arch = x86_64 @@ -18,6 +18,7 @@ pkgbase = linux-hardened-git source = linux-hardened::git+https://github.com/anthraxx/linux-hardened#branch=5.9?signed source = config source = sphinx-workaround.patch + source = mac80211-fix-regression-where-EAPOL-frames-were-sent-in-plaintext.patch validpgpkeys = ABAF11C65A2970B130ABE3C479BE3E4300411886 validpgpkeys = 647F28654894E3BD457199BE38DBBDC86092693E validpgpkeys = 65EEFE022108E2B708CBFCF7F9E712E59AF5F22A @@ -6,7 +6,7 @@ pkgbase=linux-hardened-git _srcname=${pkgbase/-git/} _gitbranch=5.9 -pkgver=5.9.1.r951396.g6738ba9cd565 +pkgver=5.9.6.r952626.gf86102e71f88 pkgrel=1 pkgdesc='Security-Hardened Linux' url='https://github.com/anthraxx/linux-hardened' @@ -22,6 +22,7 @@ source=( "${_srcname}::git+https://github.com/anthraxx/linux-hardened#branch=${_gitbranch}?signed" config # the main kernel config files sphinx-workaround.patch + mac80211-fix-regression-where-EAPOL-frames-were-sent-in-plaintext.patch ) validpgpkeys=( 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds diff --git a/mac80211-fix-regression-where-EAPOL-frames-were-sent-in-plaintext.patch b/mac80211-fix-regression-where-EAPOL-frames-were-sent-in-plaintext.patch new file mode 100644 index 000000000000..199ee80dc0f9 --- /dev/null +++ b/mac80211-fix-regression-where-EAPOL-frames-were-sent-in-plaintext.patch @@ -0,0 +1,48 @@ +From d30a6f983b360a08f962f5b3199b733df2e02418 Mon Sep 17 00:00:00 2001 +From: Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be> +Date: Sat, 17 Oct 2020 23:08:18 +0400 +Subject: mac80211: fix regression where EAPOL frames were sent in plaintext + +When sending EAPOL frames via NL80211 they are treated as injected +frames in mac80211. Due to commit 1df2bdba528b ("mac80211: never drop +injected frames even if normally not allowed") these injected frames +were not assigned a sta context in the function ieee80211_tx_dequeue, +causing certain wireless network cards to always send EAPOL frames in +plaintext. This may cause compatibility issues with some clients or +APs, which for instance can cause the group key handshake to fail and +in turn would cause the station to get disconnected. + +This commit fixes this regression by assigning a sta context in +ieee80211_tx_dequeue to injected frames as well. + +Note that sending EAPOL frames in plaintext is not a security issue +since they contain their own encryption and authentication protection. + +Fixes: 1df2bdba528b ("mac80211: never drop injected frames even if normally not allowed") +--- + net/mac80211/tx.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c +index 282b0bc201ee..aa486e202a57 100644 +--- a/net/mac80211/tx.c ++++ b/net/mac80211/tx.c +@@ -3613,13 +3613,14 @@ begin: + tx.skb = skb; + tx.sdata = vif_to_sdata(info->control.vif); + +- if (txq->sta && !(info->flags & IEEE80211_TX_CTL_INJECTED)) { ++ if (txq->sta) { + tx.sta = container_of(txq->sta, struct sta_info, sta); + /* + * Drop unicast frames to unauthorised stations unless they are +- * EAPOL frames from the local station. ++ * injected frames or EAPOL frames from the local station. + */ +- if (unlikely(ieee80211_is_data(hdr->frame_control) && ++ if (unlikely(!(info->flags & IEEE80211_TX_CTL_INJECTED) && ++ ieee80211_is_data(hdr->frame_control) && + !ieee80211_vif_is_mesh(&tx.sdata->vif) && + tx.sdata->vif.type != NL80211_IFTYPE_OCB && + !is_multicast_ether_addr(hdr->addr1) && +-- |