diff options
author | domienschepers <schepers.d@northeastern.edu> | 2022-11-10 00:00:00 +0000 |
---|---|---|
committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2023-06-26 12:02:00 +0000 |
commit | 6c9bcecfb296b96a383012e02bc9582260588339 (patch) | |
tree | 7e3fbbf56d50b15dd2cc7ea200fba67ae1a62ce6 | |
parent | 992075d8f9edb9db87bc1361227bebdec7222d86 (diff) | |
download | src-6c9bcecfb296.tar.gz src-6c9bcecfb296.zip |
net80211: fail for unicast traffic without unicast key
Falling back to the multicast key may cause unicast traffic to leak.
Instead fail when no key is found.
For more information see the 'Framing Frames: Bypassing Wi-Fi Encryption
by Manipulating Transmit Queues' paper.
[ I updated the commit message to reference the paper and the code
comment to record historic behaviour as discussed in private email. ]
(cherry picked from commit 61605e0ae5d8f34b89b8e71e393f3006f511e86a)
-rw-r--r-- | sys/net80211/ieee80211_crypto.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/sys/net80211/ieee80211_crypto.c b/sys/net80211/ieee80211_crypto.c index 59760d1e7d9c..f5941392465b 100644 --- a/sys/net80211/ieee80211_crypto.c +++ b/sys/net80211/ieee80211_crypto.c @@ -560,13 +560,17 @@ ieee80211_crypto_get_txkey(struct ieee80211_node *ni, struct mbuf *m) /* * Multicast traffic always uses the multicast key. - * Otherwise if a unicast key is set we use that and - * it is always key index 0. When no unicast key is - * set we fall back to the default transmit key. + * + * Historically we would fall back to the default + * transmit key if there was no unicast key. This + * behaviour was documented up to IEEE Std 802.11-2016, + * 12.9.2.2 Per-MSDU/Per-A-MSDU Tx pseudocode, in the + * 'else' case but is no longer in later versions of + * the standard. Additionally falling back to the + * group key for unicast was a security risk. */ wh = mtod(m, struct ieee80211_frame *); - if (IEEE80211_IS_MULTICAST(wh->i_addr1) || - IEEE80211_KEY_UNDEFINED(&ni->ni_ucastkey)) { + if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { if (vap->iv_def_txkey == IEEE80211_KEYIX_NONE) { IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_CRYPTO, wh->i_addr1, @@ -578,6 +582,8 @@ ieee80211_crypto_get_txkey(struct ieee80211_node *ni, struct mbuf *m) return &vap->iv_nw_keys[vap->iv_def_txkey]; } + if (IEEE80211_KEY_UNDEFINED(&ni->ni_ucastkey)) + return NULL; return &ni->ni_ucastkey; } |