* [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
@ 2015-06-18 15:55 Simon Vincent
2015-06-18 17:03 ` Stefan Schmidt
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Simon Vincent @ 2015-06-18 15:55 UTC (permalink / raw)
To: alex.aring; +Cc: linux-wpan, phoebe.buckheister, Simon Vincent
802.15.4 security levels 1,2,3 provide data authenticity but
no encryption. Currently the llsec implementation hits a BUG() if these modes
are used. This is due to the scatterlist length being set to 0 when
encryption is not used. This patch fixes this issue.
Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
---
net/mac802154/llsec.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
index 5b2be12..f8081f0 100644
--- a/net/mac802154/llsec.c
+++ b/net/mac802154/llsec.c
@@ -648,7 +648,8 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
{
u8 iv[16];
unsigned char *data;
- int authlen, assoclen, datalen, rc;
+ int authlen, datalen, rc;
+ int assoclen = 0;
struct scatterlist src, assoc[2], dst[2];
struct aead_request *req;
@@ -659,26 +660,25 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
if (!req)
return -ENOMEM;
- sg_init_table(assoc, 2);
- sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
- assoclen = skb->mac_len;
-
data = skb_mac_header(skb) + skb->mac_len;
datalen = skb_tail_pointer(skb) - data;
if (hdr->sec.level & IEEE802154_SCF_SECLEVEL_ENC) {
- sg_set_buf(&assoc[1], data, 0);
+ sg_init_table(assoc, 1);
+ sg_init_table(dst, 2);
+ sg_set_buf(&dst[0], data, datalen);
+ sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
+ sg_init_one(&src, data, datalen);
} else {
+ sg_init_table(assoc, 2);
sg_set_buf(&assoc[1], data, datalen);
assoclen += datalen;
datalen = 0;
+ sg_init_one(dst, skb_put(skb, authlen), authlen);
}
- sg_init_one(&src, data, datalen);
-
- sg_init_table(dst, 2);
- sg_set_buf(&dst[0], data, datalen);
- sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
+ sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
+ assoclen += skb->mac_len;
aead_request_set_callback(req, 0, NULL, NULL);
aead_request_set_assoc(req, assoc, assoclen);
--
1.9.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
@ 2015-06-18 17:03 ` Stefan Schmidt
2015-06-18 22:36 ` Phoebe Buckheister
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Stefan Schmidt @ 2015-06-18 17:03 UTC (permalink / raw)
To: Simon Vincent, alex.aring; +Cc: linux-wpan, phoebe.buckheister
Hello.
On 18/06/15 17:55, Simon Vincent wrote:
> 802.15.4 security levels 1,2,3 provide data authenticity but
> no encryption. Currently the llsec implementation hits a BUG() if these modes
> are used. This is due to the scatterlist length being set to 0 when
> encryption is not used. This patch fixes this issue.
I have not reviewed the patch yet, but adding a comment here that Phoebe
pointed out where the problem is might be nice for credits.
regards
Stefan Schmidt
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
> ---
> net/mac802154/llsec.c | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
> index 5b2be12..f8081f0 100644
> --- a/net/mac802154/llsec.c
> +++ b/net/mac802154/llsec.c
> @@ -648,7 +648,8 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
> {
> u8 iv[16];
> unsigned char *data;
> - int authlen, assoclen, datalen, rc;
> + int authlen, datalen, rc;
> + int assoclen = 0;
> struct scatterlist src, assoc[2], dst[2];
> struct aead_request *req;
>
> @@ -659,26 +660,25 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
> if (!req)
> return -ENOMEM;
>
> - sg_init_table(assoc, 2);
> - sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> - assoclen = skb->mac_len;
> -
> data = skb_mac_header(skb) + skb->mac_len;
> datalen = skb_tail_pointer(skb) - data;
>
> if (hdr->sec.level & IEEE802154_SCF_SECLEVEL_ENC) {
> - sg_set_buf(&assoc[1], data, 0);
> + sg_init_table(assoc, 1);
> + sg_init_table(dst, 2);
> + sg_set_buf(&dst[0], data, datalen);
> + sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> + sg_init_one(&src, data, datalen);
> } else {
> + sg_init_table(assoc, 2);
> sg_set_buf(&assoc[1], data, datalen);
> assoclen += datalen;
> datalen = 0;
> + sg_init_one(dst, skb_put(skb, authlen), authlen);
> }
>
> - sg_init_one(&src, data, datalen);
> -
> - sg_init_table(dst, 2);
> - sg_set_buf(&dst[0], data, datalen);
> - sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> + sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> + assoclen += skb->mac_len;
>
> aead_request_set_callback(req, 0, NULL, NULL);
> aead_request_set_assoc(req, assoc, assoclen);
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
2015-06-18 17:03 ` Stefan Schmidt
@ 2015-06-18 22:36 ` Phoebe Buckheister
2015-06-19 7:48 ` Alexander Aring
2015-06-19 9:23 ` Marcel Holtmann
3 siblings, 0 replies; 5+ messages in thread
From: Phoebe Buckheister @ 2015-06-18 22:36 UTC (permalink / raw)
To: Simon Vincent; +Cc: alex.aring, linux-wpan, phoebe.buckheister
Reviewed-By: Phoebe Buckheister <phoebe.buckheister@itwm.fraunhofer.de>
On Thu, June 18, 2015 5:55 pm, Simon Vincent wrote:
> 802.15.4 security levels 1,2,3 provide data authenticity but
> no encryption. Currently the llsec implementation hits a BUG() if these
> modes
> are used. This is due to the scatterlist length being set to 0 when
> encryption is not used. This patch fixes this issue.
>
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
> ---
> net/mac802154/llsec.c | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
> index 5b2be12..f8081f0 100644
> --- a/net/mac802154/llsec.c
> +++ b/net/mac802154/llsec.c
> @@ -648,7 +648,8 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const
> struct mac802154_llsec *sec,
> {
> u8 iv[16];
> unsigned char *data;
> - int authlen, assoclen, datalen, rc;
> + int authlen, datalen, rc;
> + int assoclen = 0;
> struct scatterlist src, assoc[2], dst[2];
> struct aead_request *req;
>
> @@ -659,26 +660,25 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const
> struct mac802154_llsec *sec,
> if (!req)
> return -ENOMEM;
>
> - sg_init_table(assoc, 2);
> - sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> - assoclen = skb->mac_len;
> -
> data = skb_mac_header(skb) + skb->mac_len;
> datalen = skb_tail_pointer(skb) - data;
>
> if (hdr->sec.level & IEEE802154_SCF_SECLEVEL_ENC) {
> - sg_set_buf(&assoc[1], data, 0);
> + sg_init_table(assoc, 1);
> + sg_init_table(dst, 2);
> + sg_set_buf(&dst[0], data, datalen);
> + sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> + sg_init_one(&src, data, datalen);
> } else {
> + sg_init_table(assoc, 2);
> sg_set_buf(&assoc[1], data, datalen);
> assoclen += datalen;
> datalen = 0;
> + sg_init_one(dst, skb_put(skb, authlen), authlen);
> }
>
> - sg_init_one(&src, data, datalen);
> -
> - sg_init_table(dst, 2);
> - sg_set_buf(&dst[0], data, datalen);
> - sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> + sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> + assoclen += skb->mac_len;
>
> aead_request_set_callback(req, 0, NULL, NULL);
> aead_request_set_assoc(req, assoc, assoclen);
> --
> 1.9.1
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
2015-06-18 17:03 ` Stefan Schmidt
2015-06-18 22:36 ` Phoebe Buckheister
@ 2015-06-19 7:48 ` Alexander Aring
2015-06-19 9:23 ` Marcel Holtmann
3 siblings, 0 replies; 5+ messages in thread
From: Alexander Aring @ 2015-06-19 7:48 UTC (permalink / raw)
To: Simon Vincent; +Cc: linux-wpan, phoebe.buckheister
On Thu, Jun 18, 2015 at 04:55:01PM +0100, Simon Vincent wrote:
> 802.15.4 security levels 1,2,3 provide data authenticity but
> no encryption. Currently the llsec implementation hits a BUG() if these modes
> are used. This is due to the scatterlist length being set to 0 when
> encryption is not used. This patch fixes this issue.
>
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
Acked-by: Alexander Aring <alex.aring@gmail.com>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
` (2 preceding siblings ...)
2015-06-19 7:48 ` Alexander Aring
@ 2015-06-19 9:23 ` Marcel Holtmann
3 siblings, 0 replies; 5+ messages in thread
From: Marcel Holtmann @ 2015-06-19 9:23 UTC (permalink / raw)
To: Simon Vincent; +Cc: Alexander Aring, linux-wpan, phoebe.buckheister
Hi Simon,
> 802.15.4 security levels 1,2,3 provide data authenticity but
> no encryption. Currently the llsec implementation hits a BUG() if these modes
> are used. This is due to the scatterlist length being set to 0 when
> encryption is not used. This patch fixes this issue.
>
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
> ---
> net/mac802154/llsec.c | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)
patch has been applied to bluetooth-next tree.
Regards
Marcel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-06-19 9:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
2015-06-18 17:03 ` Stefan Schmidt
2015-06-18 22:36 ` Phoebe Buckheister
2015-06-19 7:48 ` Alexander Aring
2015-06-19 9:23 ` Marcel Holtmann
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.