All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
@ 2015-06-18 15:55 Simon Vincent
  2015-06-18 17:03 ` Stefan Schmidt
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Simon Vincent @ 2015-06-18 15:55 UTC (permalink / raw)
  To: alex.aring; +Cc: linux-wpan, phoebe.buckheister, Simon Vincent

 802.15.4 security levels 1,2,3 provide data authenticity but
 no encryption. Currently the llsec implementation hits a BUG() if these modes
 are used. This is due to the scatterlist length being set to 0 when
 encryption is not used. This patch fixes this issue.

Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
---
 net/mac802154/llsec.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
index 5b2be12..f8081f0 100644
--- a/net/mac802154/llsec.c
+++ b/net/mac802154/llsec.c
@@ -648,7 +648,8 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
 {
 	u8 iv[16];
 	unsigned char *data;
-	int authlen, assoclen, datalen, rc;
+	int authlen, datalen, rc;
+	int assoclen = 0;
 	struct scatterlist src, assoc[2], dst[2];
 	struct aead_request *req;
 
@@ -659,26 +660,25 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
 	if (!req)
 		return -ENOMEM;
 
-	sg_init_table(assoc, 2);
-	sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
-	assoclen = skb->mac_len;
-
 	data = skb_mac_header(skb) + skb->mac_len;
 	datalen = skb_tail_pointer(skb) - data;
 
 	if (hdr->sec.level & IEEE802154_SCF_SECLEVEL_ENC) {
-		sg_set_buf(&assoc[1], data, 0);
+		sg_init_table(assoc, 1);
+		sg_init_table(dst, 2);
+		sg_set_buf(&dst[0], data, datalen);
+		sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
+		sg_init_one(&src, data, datalen);
 	} else {
+		sg_init_table(assoc, 2);
 		sg_set_buf(&assoc[1], data, datalen);
 		assoclen += datalen;
 		datalen = 0;
+		sg_init_one(dst, skb_put(skb, authlen), authlen);
 	}
 
-	sg_init_one(&src, data, datalen);
-
-	sg_init_table(dst, 2);
-	sg_set_buf(&dst[0], data, datalen);
-	sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
+	sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
+	assoclen += skb->mac_len;
 
 	aead_request_set_callback(req, 0, NULL, NULL);
 	aead_request_set_assoc(req, assoc, assoclen);
-- 
1.9.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
  2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
@ 2015-06-18 17:03 ` Stefan Schmidt
  2015-06-18 22:36 ` Phoebe Buckheister
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: Stefan Schmidt @ 2015-06-18 17:03 UTC (permalink / raw)
  To: Simon Vincent, alex.aring; +Cc: linux-wpan, phoebe.buckheister

Hello.

On 18/06/15 17:55, Simon Vincent wrote:
>   802.15.4 security levels 1,2,3 provide data authenticity but
>   no encryption. Currently the llsec implementation hits a BUG() if these modes
>   are used. This is due to the scatterlist length being set to 0 when
>   encryption is not used. This patch fixes this issue.
I have not reviewed the patch yet, but adding a comment here that Phoebe 
pointed out where the problem is might be nice for credits.

regards
Stefan Schmidt

> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
> ---
>   net/mac802154/llsec.c | 22 +++++++++++-----------
>   1 file changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
> index 5b2be12..f8081f0 100644
> --- a/net/mac802154/llsec.c
> +++ b/net/mac802154/llsec.c
> @@ -648,7 +648,8 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
>   {
>   	u8 iv[16];
>   	unsigned char *data;
> -	int authlen, assoclen, datalen, rc;
> +	int authlen, datalen, rc;
> +	int assoclen = 0;
>   	struct scatterlist src, assoc[2], dst[2];
>   	struct aead_request *req;
>   
> @@ -659,26 +660,25 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const struct mac802154_llsec *sec,
>   	if (!req)
>   		return -ENOMEM;
>   
> -	sg_init_table(assoc, 2);
> -	sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> -	assoclen = skb->mac_len;
> -
>   	data = skb_mac_header(skb) + skb->mac_len;
>   	datalen = skb_tail_pointer(skb) - data;
>   
>   	if (hdr->sec.level & IEEE802154_SCF_SECLEVEL_ENC) {
> -		sg_set_buf(&assoc[1], data, 0);
> +		sg_init_table(assoc, 1);
> +		sg_init_table(dst, 2);
> +		sg_set_buf(&dst[0], data, datalen);
> +		sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> +		sg_init_one(&src, data, datalen);
>   	} else {
> +		sg_init_table(assoc, 2);
>   		sg_set_buf(&assoc[1], data, datalen);
>   		assoclen += datalen;
>   		datalen = 0;
> +		sg_init_one(dst, skb_put(skb, authlen), authlen);
>   	}
>   
> -	sg_init_one(&src, data, datalen);
> -
> -	sg_init_table(dst, 2);
> -	sg_set_buf(&dst[0], data, datalen);
> -	sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> +	sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> +	assoclen += skb->mac_len;
>   
>   	aead_request_set_callback(req, 0, NULL, NULL);
>   	aead_request_set_assoc(req, assoc, assoclen);


^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
  2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
  2015-06-18 17:03 ` Stefan Schmidt
@ 2015-06-18 22:36 ` Phoebe Buckheister
  2015-06-19  7:48 ` Alexander Aring
  2015-06-19  9:23 ` Marcel Holtmann
  3 siblings, 0 replies; 5+ messages in thread
From: Phoebe Buckheister @ 2015-06-18 22:36 UTC (permalink / raw)
  To: Simon Vincent; +Cc: alex.aring, linux-wpan, phoebe.buckheister

Reviewed-By: Phoebe Buckheister <phoebe.buckheister@itwm.fraunhofer.de>

On Thu, June 18, 2015 5:55 pm, Simon Vincent wrote:
>  802.15.4 security levels 1,2,3 provide data authenticity but
>  no encryption. Currently the llsec implementation hits a BUG() if these
> modes
>  are used. This is due to the scatterlist length being set to 0 when
>  encryption is not used. This patch fixes this issue.
>
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
> ---
>  net/mac802154/llsec.c | 22 +++++++++++-----------
>  1 file changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
> index 5b2be12..f8081f0 100644
> --- a/net/mac802154/llsec.c
> +++ b/net/mac802154/llsec.c
> @@ -648,7 +648,8 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const
> struct mac802154_llsec *sec,
>  {
>  	u8 iv[16];
>  	unsigned char *data;
> -	int authlen, assoclen, datalen, rc;
> +	int authlen, datalen, rc;
> +	int assoclen = 0;
>  	struct scatterlist src, assoc[2], dst[2];
>  	struct aead_request *req;
>
> @@ -659,26 +660,25 @@ llsec_do_encrypt_auth(struct sk_buff *skb, const
> struct mac802154_llsec *sec,
>  	if (!req)
>  		return -ENOMEM;
>
> -	sg_init_table(assoc, 2);
> -	sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> -	assoclen = skb->mac_len;
> -
>  	data = skb_mac_header(skb) + skb->mac_len;
>  	datalen = skb_tail_pointer(skb) - data;
>
>  	if (hdr->sec.level & IEEE802154_SCF_SECLEVEL_ENC) {
> -		sg_set_buf(&assoc[1], data, 0);
> +		sg_init_table(assoc, 1);
> +		sg_init_table(dst, 2);
> +		sg_set_buf(&dst[0], data, datalen);
> +		sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> +		sg_init_one(&src, data, datalen);
>  	} else {
> +		sg_init_table(assoc, 2);
>  		sg_set_buf(&assoc[1], data, datalen);
>  		assoclen += datalen;
>  		datalen = 0;
> +		sg_init_one(dst, skb_put(skb, authlen), authlen);
>  	}
>
> -	sg_init_one(&src, data, datalen);
> -
> -	sg_init_table(dst, 2);
> -	sg_set_buf(&dst[0], data, datalen);
> -	sg_set_buf(&dst[1], skb_put(skb, authlen), authlen);
> +	sg_set_buf(&assoc[0], skb_mac_header(skb), skb->mac_len);
> +	assoclen += skb->mac_len;
>
>  	aead_request_set_callback(req, 0, NULL, NULL);
>  	aead_request_set_assoc(req, assoc, assoclen);
> --
> 1.9.1
>
>



^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
  2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
  2015-06-18 17:03 ` Stefan Schmidt
  2015-06-18 22:36 ` Phoebe Buckheister
@ 2015-06-19  7:48 ` Alexander Aring
  2015-06-19  9:23 ` Marcel Holtmann
  3 siblings, 0 replies; 5+ messages in thread
From: Alexander Aring @ 2015-06-19  7:48 UTC (permalink / raw)
  To: Simon Vincent; +Cc: linux-wpan, phoebe.buckheister

On Thu, Jun 18, 2015 at 04:55:01PM +0100, Simon Vincent wrote:
>  802.15.4 security levels 1,2,3 provide data authenticity but
>  no encryption. Currently the llsec implementation hits a BUG() if these modes
>  are used. This is due to the scatterlist length being set to 0 when
>  encryption is not used. This patch fixes this issue.
> 
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>

Acked-by: Alexander Aring <alex.aring@gmail.com>

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG
  2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
                   ` (2 preceding siblings ...)
  2015-06-19  7:48 ` Alexander Aring
@ 2015-06-19  9:23 ` Marcel Holtmann
  3 siblings, 0 replies; 5+ messages in thread
From: Marcel Holtmann @ 2015-06-19  9:23 UTC (permalink / raw)
  To: Simon Vincent; +Cc: Alexander Aring, linux-wpan, phoebe.buckheister

Hi Simon,

> 802.15.4 security levels 1,2,3 provide data authenticity but
> no encryption. Currently the llsec implementation hits a BUG() if these modes
> are used. This is due to the scatterlist length being set to 0 when
> encryption is not used. This patch fixes this issue.
> 
> Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
> ---
> net/mac802154/llsec.c | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)

patch has been applied to bluetooth-next tree.

Regards

Marcel


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-06-19  9:23 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-18 15:55 [PATCH bluetooth-next] mac802154: fix llsec authentication without encryption BUG Simon Vincent
2015-06-18 17:03 ` Stefan Schmidt
2015-06-18 22:36 ` Phoebe Buckheister
2015-06-19  7:48 ` Alexander Aring
2015-06-19  9:23 ` Marcel Holtmann

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.