From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.marcansoft.com (marcansoft.com [212.63.210.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD9357C for ; Tue, 14 Feb 2023 09:25:57 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: sendonly@marcansoft.com) by mail.marcansoft.com (Postfix) with ESMTPSA id 2F137423CD; Tue, 14 Feb 2023 09:25:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=marcan.st; s=default; t=1676366756; bh=sNsHpSeG7aIfT4zedGW0Q+9YV78TXq/I5hsq0+8G9b4=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=CL+9PZ+7gefzYNYYX5jBOp3LYvnPh+b01iiKTOUylbD97uMJYDtSI062VgnvVXGu6 6Cc6AUN/dxvRZN08M1HQK3KzvMiPwDxY2B8BRhS+A1+nWoLPfk0u6VFDe4SpOnx/i9 HwH83JGlw8hCdq//W4tTcVcEEYRoenZKTDx1J5l6ndqBRsXvVssogIjIV/IuSmLwmk c1PrAIpRr/XBr7F4pr/6MGxLOKKzVyqvyu+HAQwRGD4bxdj9iA4XT4B5bYKwfSFSGr 7oqNLeBIaqHfpsixeubQh3QV2e4o1362GhPicCEt2d9eCv2kfvf4UjRoAUc1wdhVp3 hgyGKNEaVOTKA== From: Hector Martin To: Arend van Spriel , Franky Lin , Hante Meuleman , Kalle Valo , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: Sven Peter , Alyssa Rosenzweig , Linus Walleij , asahi@lists.linux.dev, linux-wireless@vger.kernel.org, brcm80211-dev-list.pdl@broadcom.com, SHA-cyfmac-dev-list@infineon.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Hector Martin , Arend van Spriel Subject: [PATCH 06/10] brcmfmac: cfg80211: Pass the PMK in binary instead of hex Date: Tue, 14 Feb 2023 18:24:19 +0900 Message-Id: <20230214092423.15175-6-marcan@marcan.st> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20230214091651.10178-1-marcan@marcan.st> References: <20230214091651.10178-1-marcan@marcan.st> Precedence: bulk X-Mailing-List: asahi@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in binary all along, so use that and avoid the hexification. OpenBSD has been doing it like this from the beginning, so this should work on all chips. Also clear the structure before setting the PMK. This was leaking uninitialized stack contents to the device. Reviewed-by: Linus Walleij Reviewed-by: Arend van Spriel Signed-off-by: Hector Martin --- .../wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c index f3450b4db156..18e6699d4024 100644 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c @@ -1686,13 +1686,14 @@ static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len) { struct brcmf_pub *drvr = ifp->drvr; struct brcmf_wsec_pmk_le pmk; - int i, err; + int err; + + memset(&pmk, 0, sizeof(pmk)); - /* convert to firmware key format */ - pmk.key_len = cpu_to_le16(pmk_len << 1); - pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE); - for (i = 0; i < pmk_len; i++) - snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]); + /* pass pmk directly */ + pmk.key_len = cpu_to_le16(pmk_len); + pmk.flags = cpu_to_le16(0); + memcpy(pmk.key, pmk_data, pmk_len); /* store psk in firmware */ err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK, -- 2.35.1