From patchwork Sun Sep 15 20:08:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 1162534 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=wetzel-home.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="aPewxt6z"; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=wetzel-home.de header.i=@wetzel-home.de header.b="ciIhD5Iy"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46WgT04gfFz9sNx for ; Mon, 16 Sep 2019 06:09:38 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=FTXGgWrO0Ep+lp4UFxxUfQsAppEgaryefvEqdcDUR1Y=; b=aPewxt6zxXSF/p IyITI5HrTy2iptHmH4n5RkKI5LC/Fet7VIe0N4MdiwTYxb9Dhbj6l1HSdfKE4Ai1Fd1+BRuuc1FmX VC66zABA7JvIOgH8vD9Fg8Tp0OP/52Kk7B096bMDb8PbJGbVspY6c2CXAz5uvou7ZESPnY+GecJHv SFXov5CFNnJC+pT3FuHHhtXQVwF6XYH3eV7WtSonBxht3CL9MANbVpZyrWilWujzPzz8SbC35ryhD HzQ+vMt6CmJ9tqdteEeQN1G1Im9j9W2ilstFvkbTDezBqQTOSxqUDGckfMePlcxYABlQcozKiQWvT yTaX06NXNWdsdNdQpvuQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.2 #3 (Red Hat Linux)) id 1i9apy-0006R8-Ii; Sun, 15 Sep 2019 20:09:34 +0000 Received: from 5.mo3.mail-out.ovh.net ([87.98.178.36]) by bombadil.infradead.org with esmtps (Exim 4.92.2 #3 (Red Hat Linux)) id 1i9apt-0006N1-NW for hostap@lists.infradead.org; Sun, 15 Sep 2019 20:09:31 +0000 Received: from player696.ha.ovh.net (unknown [10.108.35.215]) by mo3.mail-out.ovh.net (Postfix) with ESMTP id 994D2225CD6 for ; Sun, 15 Sep 2019 22:09:19 +0200 (CEST) Received: from awhome.eu (p57B7E67F.dip0.t-ipconnect.de [87.183.230.127]) (Authenticated sender: postmaster@awhome.eu) by player696.ha.ovh.net (Postfix) with ESMTPSA id F2DCE9E2E05D; Sun, 15 Sep 2019 20:09:15 +0000 (UTC) From: Alexander Wetzel DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wetzel-home.de; s=wetzel-home; t=1568578151; bh=VyZugFCZ+BWYnrwWFFTcaBn9+rx4VtzUktOzvm9UUEY=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=ciIhD5IyXY12M/r8YOG0eXbVqn6981KcUfwTyA33ZXjBFMu0jS8gkCa8YoJpN4wW6 RWhptIDP+nQ/CZIHPbDMpY3118qxROQxuRCID6Q813KdLq7Y246dQSt+hVRiycDvsM qHDojhhuPDAGb7mpPAlECM78dojxPcCrWo+doy1c= To: j@w1.fi Subject: [PATCH v6 08/17] nl80211: Switch to the new key_type API & cleanup Date: Sun, 15 Sep 2019 22:08:28 +0200 Message-Id: <20190915200837.196283-9-alexander@wetzel-home.de> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190915200837.196283-1-alexander@wetzel-home.de> References: <20190915200837.196283-1-alexander@wetzel-home.de> MIME-Version: 1.0 X-Ovh-Tracer-Id: 11128113208307162364 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedufedruddugddugeejucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenuc X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190915_130930_048293_DB00BD4C X-CRM114-Status: GOOD ( 16.77 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [87.98.178.36 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Wetzel , hostap@lists.infradead.org, luca@coelho.fi, johannes@sipsolutions.net Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Installing WEP and broadcast keys requires an additional netlink call (NL80211_CMD_SET_KEY) after the key install. wpa_driver_nl80211_set_key() had a overly complex and not always correct method to detect that, heavily depending on set_tx. Stop using set_tx and cleanup the driver. This also stops useless NL80211_CMD_SET_KEY calls when installing unicast keys with wpa_supplicant. Signed-off-by: Alexander Wetzel --- This simply is too big to for the patch migrating the other drivers to use key_type. Nl80211 is the driver supporting the most features and also using the strangest hacks... So this patch is not only migrating to key_type, it's a general overhaul of the key install logic. The new logic works fine for all test cases and to my understanding all dropped code pieces could not have had any function. (Verified against the kernel code.) src/drivers/driver_nl80211.c | 56 +++++++++++++++--------------------- 1 file changed, 23 insertions(+), 33 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index e92e48ba5..f168769f8 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3014,8 +3014,9 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, int ifindex; struct nl_msg *msg; struct nl_msg *key_msg; + struct nlattr *types; + int need_set_key = 0; int ret; - int tdls = 0; /* Ignore for P2P Device */ if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) @@ -3023,13 +3024,12 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, ifindex = if_nametoindex(ifname); wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " - "set_tx=%d seq_len=%lu key_len=%lu", + "set_tx=%d seq_len=%lu key_len=%lu key_type=%d", __func__, ifindex, ifname, alg, addr, key_idx, set_tx, - (unsigned long) seq_len, (unsigned long) key_len); + (unsigned long) seq_len, (unsigned long) key_len, key_type); #ifdef CONFIG_TDLS if (key_idx == -1) { key_idx = 0; - tdls = 1; } #endif /* CONFIG_TDLS */ @@ -3081,22 +3081,18 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) goto fail; - if (alg != WPA_ALG_WEP && key_idx && !set_tx) { + if (alg != WPA_ALG_WEP && key_type != KEY_TYPE_PAIRWISE) { wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK"); if (nla_put_u32(key_msg, NL80211_KEY_TYPE, NL80211_KEYTYPE_GROUP)) goto fail; } - } else if (addr && is_broadcast_ether_addr(addr)) { - struct nlattr *types; - - wpa_printf(MSG_DEBUG, " broadcast key"); - - types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); - if (!types || - nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) - goto fail; - nla_nest_end(key_msg, types); + } else if (alg != WPA_ALG_NONE) { + /* Default (WEP, GTK or IGTK) key */ + if (alg != WPA_ALG_WEP || key_type == KEY_TYPE_DEFAULT) { + wpa_printf(MSG_DEBUG, " require SET_KEY"); + need_set_key = 1; + } } if (nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) || nla_put_nested(msg, NL80211_ATTR_KEY, key_msg)) @@ -3110,13 +3106,10 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, ret, strerror(-ret)); /* - * If we failed or don't need to set the default TX key (below), + * If we failed or don't need to set the key as default (below), * we're done here. */ - if (ret || !set_tx || alg == WPA_ALG_NONE || tdls) - return ret; - if (is_ap_interface(drv->nlmode) && addr && - !is_broadcast_ether_addr(addr)) + if (ret || !need_set_key) return ret; key_msg = nlmsg_alloc(); @@ -3136,29 +3129,26 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, NL80211_KEY_DEFAULT)) goto fail; if (addr && is_broadcast_ether_addr(addr)) { - struct nlattr *types; - + wpa_printf(MSG_DEBUG, " broadcast key"); types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); if (!types || nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) goto fail; nla_nest_end(key_msg, types); - } else if (addr) { - struct nlattr *types; - - types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); - if (!types || - nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_UNICAST)) - goto fail; - nla_nest_end(key_msg, types); + } else if (!addr) { + wpa_printf(MSG_DEBUG, " WEP key"); + } else { + /* need_set_key must only be set for + * zero or broadcast addresses + */ + wpa_printf(MSG_ERROR, + "Unicast key when not expecting one, abort!"); + goto fail; } if (nla_put_nested(msg, NL80211_ATTR_KEY, key_msg)) goto fail; - ret = send_and_recv_msgs(drv, msg, NULL, NULL); - if (ret == -ENOENT) - ret = 0; if (ret) wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; " "err=%d %s)", ret, strerror(-ret));