Commit 5d1dbacd authored by David S. Miller's avatar David S. Miller
Browse files

Merge tag 'ieee802154-for-davem-2021-04-07' of... 

Merge tag 'ieee802154-for-davem-2021-04-07' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan



Stefan Schmidt says:

====================
pull-request: ieee802154 for net 2021-04-07

An update from ieee802154 for your *net* tree.

Most of these are coming from the flood of syzkaller reports
lately got for the ieee802154 subsystem. There are likely to
come more for this, but this is a good batch to get out for now.

Alexander Aring created a patchset to avoid llsec handling on a
monitor interface, which we do not support.
Alex Shi removed a unused macro.
Pavel Skripkin fixed another protection fault found by syzkaller.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 107adc69 1165affd

net/ieee802154/nl-mac.c

+4 −3
Original line number Diff line number Diff line
@@ -551,9 +551,7 @@ ieee802154_llsec_parse_key_id(struct genl_info *info, 
	desc->mode = nla_get_u8(info->attrs[IEEE802154_ATTR_LLSEC_KEY_MODE]);



	if (desc->mode == IEEE802154_SCF_KEY_IMPLICIT) {

		if (!info->attrs[IEEE802154_ATTR_PAN_ID] &&

		    !(info->attrs[IEEE802154_ATTR_SHORT_ADDR] ||

		      info->attrs[IEEE802154_ATTR_HW_ADDR]))

		if (!info->attrs[IEEE802154_ATTR_PAN_ID])

			return -EINVAL;



		desc->device_addr.pan_id = nla_get_shortaddr(info->attrs[IEEE802154_ATTR_PAN_ID]);
@@ -562,6 +560,9 @@ ieee802154_llsec_parse_key_id(struct genl_info *info, 
			desc->device_addr.mode = IEEE802154_ADDR_SHORT;

			desc->device_addr.short_addr = nla_get_shortaddr(info->attrs[IEEE802154_ATTR_SHORT_ADDR]);

		} else {

			if (!info->attrs[IEEE802154_ATTR_HW_ADDR])

				return -EINVAL;



			desc->device_addr.mode = IEEE802154_ADDR_LONG;

			desc->device_addr.extended_addr = nla_get_hwaddr(info->attrs[IEEE802154_ATTR_HW_ADDR]);

		}

net/ieee802154/nl802154.c

+60 −8
Original line number Diff line number Diff line
@@ -820,8 +820,13 @@ nl802154_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags, 
		goto nla_put_failure;



#ifdef CONFIG_IEEE802154_NL802154_EXPERIMENTAL

	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		goto out;



	if (nl802154_get_llsec_params(msg, rdev, wpan_dev) < 0)

		goto nla_put_failure;



out:

#endif /* CONFIG_IEEE802154_NL802154_EXPERIMENTAL */



	genlmsg_end(msg, hdr);
@@ -1384,6 +1389,9 @@ static int nl802154_set_llsec_params(struct sk_buff *skb, 
	u32 changed = 0;

	int ret;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (info->attrs[NL802154_ATTR_SEC_ENABLED]) {

		u8 enabled;
@@ -1490,6 +1498,11 @@ nl802154_dump_llsec_key(struct sk_buff *skb, struct netlink_callback *cb) 
	if (err)

		return err;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR) {

		err = skb->len;

		goto out_err;

	}



	if (!wpan_dev->netdev) {

		err = -EINVAL;

		goto out_err;
@@ -1544,7 +1557,11 @@ static int nl802154_add_llsec_key(struct sk_buff *skb, struct genl_info *info) 
	struct ieee802154_llsec_key_id id = { };

	u32 commands[NL802154_CMD_FRAME_NR_IDS / 32] = { };



	if (nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))

	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (!info->attrs[NL802154_ATTR_SEC_KEY] ||

	    nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))

		return -EINVAL;



	if (!attrs[NL802154_KEY_ATTR_USAGE_FRAMES] ||
@@ -1592,7 +1609,11 @@ static int nl802154_del_llsec_key(struct sk_buff *skb, struct genl_info *info) 
	struct nlattr *attrs[NL802154_KEY_ATTR_MAX + 1];

	struct ieee802154_llsec_key_id id;



	if (nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))

	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (!info->attrs[NL802154_ATTR_SEC_KEY] ||

	    nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))

		return -EINVAL;



	if (ieee802154_llsec_parse_key_id(attrs[NL802154_KEY_ATTR_ID], &id) < 0)
@@ -1656,6 +1677,11 @@ nl802154_dump_llsec_dev(struct sk_buff *skb, struct netlink_callback *cb) 
	if (err)

		return err;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR) {

		err = skb->len;

		goto out_err;

	}



	if (!wpan_dev->netdev) {

		err = -EINVAL;

		goto out_err;
@@ -1742,6 +1768,9 @@ static int nl802154_add_llsec_dev(struct sk_buff *skb, struct genl_info *info) 
	struct wpan_dev *wpan_dev = dev->ieee802154_ptr;

	struct ieee802154_llsec_device dev_desc;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (ieee802154_llsec_parse_device(info->attrs[NL802154_ATTR_SEC_DEVICE],

					  &dev_desc) < 0)

		return -EINVAL;
@@ -1757,7 +1786,11 @@ static int nl802154_del_llsec_dev(struct sk_buff *skb, struct genl_info *info) 
	struct nlattr *attrs[NL802154_DEV_ATTR_MAX + 1];

	__le64 extended_addr;



	if (nla_parse_nested_deprecated(attrs, NL802154_DEV_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVICE], nl802154_dev_policy, info->extack))

	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (!info->attrs[NL802154_ATTR_SEC_DEVICE] ||

	    nla_parse_nested_deprecated(attrs, NL802154_DEV_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVICE], nl802154_dev_policy, info->extack))

		return -EINVAL;



	if (!attrs[NL802154_DEV_ATTR_EXTENDED_ADDR])
@@ -1825,6 +1858,11 @@ nl802154_dump_llsec_devkey(struct sk_buff *skb, struct netlink_callback *cb) 
	if (err)

		return err;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR) {

		err = skb->len;

		goto out_err;

	}



	if (!wpan_dev->netdev) {

		err = -EINVAL;

		goto out_err;
@@ -1882,6 +1920,9 @@ static int nl802154_add_llsec_devkey(struct sk_buff *skb, struct genl_info *info 
	struct ieee802154_llsec_device_key key;

	__le64 extended_addr;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (!info->attrs[NL802154_ATTR_SEC_DEVKEY] ||

	    nla_parse_nested_deprecated(attrs, NL802154_DEVKEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVKEY], nl802154_devkey_policy, info->extack) < 0)

		return -EINVAL;
@@ -1913,7 +1954,11 @@ static int nl802154_del_llsec_devkey(struct sk_buff *skb, struct genl_info *info 
	struct ieee802154_llsec_device_key key;

	__le64 extended_addr;



	if (nla_parse_nested_deprecated(attrs, NL802154_DEVKEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVKEY], nl802154_devkey_policy, info->extack))

	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (!info->attrs[NL802154_ATTR_SEC_DEVKEY] ||

	    nla_parse_nested_deprecated(attrs, NL802154_DEVKEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVKEY], nl802154_devkey_policy, info->extack))

		return -EINVAL;



	if (!attrs[NL802154_DEVKEY_ATTR_EXTENDED_ADDR])
@@ -1986,6 +2031,11 @@ nl802154_dump_llsec_seclevel(struct sk_buff *skb, struct netlink_callback *cb) 
	if (err)

		return err;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR) {

		err = skb->len;

		goto out_err;

	}



	if (!wpan_dev->netdev) {

		err = -EINVAL;

		goto out_err;
@@ -2070,6 +2120,9 @@ static int nl802154_add_llsec_seclevel(struct sk_buff *skb, 
	struct wpan_dev *wpan_dev = dev->ieee802154_ptr;

	struct ieee802154_llsec_seclevel sl;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (llsec_parse_seclevel(info->attrs[NL802154_ATTR_SEC_LEVEL],

				 &sl) < 0)

		return -EINVAL;
@@ -2085,6 +2138,9 @@ static int nl802154_del_llsec_seclevel(struct sk_buff *skb, 
	struct wpan_dev *wpan_dev = dev->ieee802154_ptr;

	struct ieee802154_llsec_seclevel sl;



	if (wpan_dev->iftype == NL802154_IFTYPE_MONITOR)

		return -EOPNOTSUPP;



	if (!info->attrs[NL802154_ATTR_SEC_LEVEL] ||

	    llsec_parse_seclevel(info->attrs[NL802154_ATTR_SEC_LEVEL],

				 &sl) < 0)
@@ -2098,11 +2154,7 @@ static int nl802154_del_llsec_seclevel(struct sk_buff *skb, 
#define NL802154_FLAG_NEED_NETDEV	0x02

#define NL802154_FLAG_NEED_RTNL		0x04

#define NL802154_FLAG_CHECK_NETDEV_UP	0x08

#define NL802154_FLAG_NEED_NETDEV_UP	(NL802154_FLAG_NEED_NETDEV |\

					 NL802154_FLAG_CHECK_NETDEV_UP)

#define NL802154_FLAG_NEED_WPAN_DEV	0x10

#define NL802154_FLAG_NEED_WPAN_DEV_UP	(NL802154_FLAG_NEED_WPAN_DEV |\

					 NL802154_FLAG_CHECK_NETDEV_UP)



static int nl802154_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,

			     struct genl_info *info)

net/mac802154/llsec.c

+1 −1
Original line number Diff line number Diff line
@@ -152,7 +152,7 @@ llsec_key_alloc(const struct ieee802154_llsec_key *template) 
	crypto_free_sync_skcipher(key->tfm0);

err_tfm:

	for (i = 0; i < ARRAY_SIZE(key->tfm); i++)

		if (key->tfm[i])

		if (!IS_ERR_OR_NULL(key->tfm[i]))

			crypto_free_aead(key->tfm[i]);



	kfree_sensitive(key);