Page MenuHomeFreeBSD
Differential D30663

net80211: reject mixed plaintext/encrypted fragments
ClosedPublic
Actions

Authored by bz on Jun 6 2021, 10:36 PM.
Tags
None
Referenced Files
F102109725: D30663.id90500.diff
Thu, Nov 7, 5:49 PM
Unknown Object (File)
Wed, Nov 6, 10:13 AM
Unknown Object (File)
Sat, Nov 2, 7:35 PM
Unknown Object (File)
Fri, Oct 18, 4:37 AM
Unknown Object (File)
Oct 2 2024, 4:31 AM
Unknown Object (File)
Oct 1 2024, 7:41 PM
Unknown Object (File)
Oct 1 2024, 5:04 PM
Unknown Object (File)
Sep 29 2024, 9:01 PM
View All Files
Subscribers
emaste
imp
melifaro
secteam

Details

Reviewers
None
Group Reviewers
wireless
Commits
rG11572d7d7fb9: net80211: reject mixed plaintext/encrypted fragments
Summary

ieee80211_defrag() accepts fragmented 802.11 frames in a protected Wi-Fi
network even when some of the fragments are not encrypted.
Track whether the fragments are encrypted or not and only accept
successive ones if they match the state of the first fragment.

This relates to section 6.3 in the 2021 Usenix "FragAttacks" (Fragment
and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation)
paper.

Submitted by: Mathy Vanhoef (Mathy.Vanhoef kuleuven.be)
Security: CVE-2020-26147
PR: 256118

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bz created this revision.Jun 6 2021, 10:36 PM
Herald added subscribers: melifaro, imp. · View Herald TranscriptJun 6 2021, 10:36 PM
bz requested review of this revision.Jun 6 2021, 10:36 PM
Harbormaster completed remote builds in B39753: Diff 90500.Jun 6 2021, 10:37 PM
bz edited the summary of this revision. (Show Details)Jun 6 2021, 10:39 PM

See the PR for the original description/patch.

bz added a comment.Sep 29 2021, 1:00 PM

If no one has any (further) comments I'll commit these tomorrow morning (UTC).

emaste added a subscriber: emaste.Sep 29 2021, 1:11 PM

From the PR,

I'm not sure if I'm using the best way to track whether a fragment was encrypted, but it gets the job done with a low number of code changes.

I'm not really a fan of tracking the enc state this way, but am not familiar enough with the rest of net80211 to have a better idea and it indeed is not too intrusive. I might add an XXX comment where IEEE80211_FC1_PROTECTED is set that mentions this.

But overall no objection to this change.

sys/net80211/ieee80211_input.c
174

bool has_decrypted perhaps?

emaste mentioned this in D30664: net80211: mitigation against A-MSDU design flaw.Sep 29 2021, 1:18 PM
bz marked an inline comment as done.Sep 29 2021, 9:37 PM
In D30663#726964, @emaste wrote:

From the PR,

I'm not sure if I'm using the best way to track whether a fragment was encrypted, but it gets the job done with a low number of code changes.

I'm not really a fan of tracking the enc state this way, but am not familiar enough with the rest of net80211 to have a better idea and it indeed is not too intrusive. I might add an XXX comment where IEEE80211_FC1_PROTECTED is set that mentions this.

I am not either but adding an mtag for this and all the infrastructure to handle that seems to be overkill.
I was pondering (ab)using other mbuf fields we could at that layer (e.g., PH_loc) but then again that is not easily portable between mbuf implementations I assume.

I am open to alternate suggestions which are cleaner or if one of the two above should be used better?

sys/net80211/ieee80211_input.c
174

I think that's something for an aftermath; I'd rather not start making it all bools (as you'd also want to do the callers)...

266

temporarily

bz updated this revision to Diff 95990.Sep 29 2021, 9:40 PM
bz marked an inline comment as done.

Add an XXX to use a non packet-altering storage in the future?

Harbormaster completed remote builds in B41853: Diff 95990.Sep 29 2021, 9:40 PM
bz updated this revision to Diff 95991.Sep 29 2021, 9:43 PM

Fix spelling and punctuation.

Harbormaster completed remote builds in B41854: Diff 95991.Sep 29 2021, 9:43 PM
emaste added a comment.Sep 29 2021, 10:39 PM

This is fine with me - better to get in as is than to spend a long time trying to find an ideal implementation.

This revision was not accepted when it landed; it landed in state Needs Review.Sep 30 2021, 2:50 PM
Closed by commit rG11572d7d7fb9: net80211: reject mixed plaintext/encrypted fragments (authored by Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be>, committed by bz). · Explain Why
This revision was automatically updated to reflect the committed changes.
bz added a commit: rG11572d7d7fb9: net80211: reject mixed plaintext/encrypted fragments.

Revision Contents
Changeset List

Diff 96015

View Options

sys/net80211/ieee80211_adhoc.c

Loading...
View Options

sys/net80211/ieee80211_hostap.c

Loading...
View Options

sys/net80211/ieee80211_input.h

Loading...
View Options

sys/net80211/ieee80211_input.c

Loading...
View Options

sys/net80211/ieee80211_mesh.c

Loading...
View Options

sys/net80211/ieee80211_sta.c

Loading...
View Options

sys/net80211/ieee80211_wds.c

Loading...