Mathy Vanhoef 94034c40ab mac80211: prevent mixed key and fragment cache attacks ... Simultaneously prevent mixed key attacks (CVE-2020-24587) and fragment cache attacks (CVE-2020-24586). This is accomplished by assigning a unique color to every key (per interface) and using this to track which key was used to decrypt a fragment. When reassembling frames, it is now checked whether all fragments were decrypted using the same key. To assure that fragment cache attacks are also prevented, the ID that is assigned to keys is unique even over (re)associations and (re)connects. This means fragments separated by a (re)association or (re)connect will not be reassembled. Because mac80211 now also prevents the reassembly of mixed encrypted and plaintext fragments, all cache attacks are prevented. Cc: stable@vger.kernel.org Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be> Link: https://lore.kernel.org/r/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid Signed-off-by: Johannes Berg <johannes.berg@intel.com>		2021-05-11 20:12:51 +02:00
..
6lowpan	6lowpan: Fix some typos in nhc_udp.c	2021-03-24 17:52:11 -07:00
9p	net: 9p: Correct function names in the kerneldoc comments	2021-03-28 17:56:56 -07:00
802
8021q	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-04-26 12:00:00 -07:00
appletalk
atm
ax25	net/ax25: Delete obsolete TODO file	2021-03-30 16:54:50 -07:00
batman-adv	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-04-09 20:48:35 -07:00
bluetooth	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
bpf	bpf: selftests: Add kfunc_call test	2021-03-26 20:41:52 -07:00
bpfilter
bridge	bridge: Fix possible races between assigning rx_handler_data and setting IFF_BRIDGE_PORT bit	2021-04-29 15:33:17 -07:00
caif
can	can: proc: fix rcvlist_* header alignment on 64-bit system	2021-04-25 19:43:00 +02:00
ceph	Notable items here are a series to take advantage of David Howells'	2021-05-06 10:27:02 -07:00
core	net: page_pool: use alloc_pages_bulk in refill code path	2021-04-30 11:20:43 -07:00
dcb
dccp	net: dccp: use net_generic storage	2021-04-09 16:34:56 -07:00
decnet	net/decnet: Delete obsolete TODO file	2021-03-30 16:54:50 -07:00
dns_resolver
dsa	net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count	2021-05-10 14:36:59 -07:00
ethernet	of: net: pass the dst buffer to of_get_mac_address()	2021-04-13 14:35:02 -07:00
ethtool	ethtool: fix missing NLM_F_MULTI flag when dumping	2021-05-05 12:41:10 -07:00
hsr	net: hsr: check skb can contain struct hsr_ethhdr in fill_frame_info	2021-05-03 13:33:54 -07:00
ieee802154	net: remove the new_ifindex argument from dev_change_net_namespace	2021-04-07 14:43:28 -07:00
ife
ipv4	Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf	2021-05-07 16:10:12 -07:00
ipv6	net: Remove redundant assignment to err	2021-04-29 15:34:15 -07:00
iucv	iucv: af_iucv.c: Couple of typo fixes	2021-03-28 17:31:13 -07:00
kcm	kcm: kcmsock.c: Couple of typo fixes	2021-03-28 17:31:13 -07:00
key
l2tp	net: fix a concurrency bug in l2tp_tunnel_register()	2021-04-27 14:23:13 -07:00
l3mdev	l3mdev: Correct function names in the kerneldoc comments	2021-03-28 17:56:55 -07:00
lapb	net: lapb: Make "lapb_t1timer_running" able to detect an already running timer	2021-03-23 14:14:50 -07:00
llc	llc2: Remove redundant assignment to rc	2021-04-27 14:16:14 -07:00
mac80211	mac80211: prevent mixed key and fragment cache attacks	2021-05-11 20:12:51 +02:00
mac802154	net: mac802154: Fix general protection fault	2021-04-06 22:42:16 +02:00
mpls	mpls: Remove redundant assignment to err	2021-04-27 14:17:00 -07:00
mptcp	mptcp: fix splat when closing unaccepted socket	2021-05-07 15:53:40 -07:00
ncsi	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-04-09 20:48:35 -07:00
netfilter	netfilter: nftables: avoid potential overflows on 32bit arches	2021-05-07 10:01:39 +02:00
netlabel	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
netlink	netlink: don't call ->netlink_bind with table lock held	2021-04-16 17:01:04 -07:00
netrom	net: netrom: nr_in: Remove redundant assignment to ns	2021-04-28 13:59:08 -07:00
nfc	net/nfc/rawsock.c: fix a permission check bug	2021-05-10 14:21:02 -07:00
nsh
openvswitch	openvswitch: fix stack OOB read while fragmenting IPv4 packets	2021-04-29 15:31:53 -07:00
packet	net/packet: remove data races in fanout operations	2021-04-14 14:34:38 -07:00
phonet
psample	psample: Add additional metadata attributes	2021-03-14 15:00:43 -07:00
qrtr	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-04-26 12:00:00 -07:00
rds	RDMA merge window pull request	2021-05-01 09:15:05 -07:00
rfkill	Another set of updates, all over the map:	2021-04-20 16:44:04 -07:00
rose	net: rose: Fix fall-through warnings for Clang	2021-03-10 12:45:15 -08:00
rxrpc	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
sched	net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets	2021-04-29 15:31:53 -07:00
sctp	sctp: delay auto_asconf init until binding the first addr	2021-05-03 13:36:21 -07:00
smc	smc: disallow TCP_ULP in smc_setsockopt()	2021-05-05 12:52:45 -07:00
strparser
sunrpc	NFS client updates for Linux 5.13	2021-05-07 11:23:41 -07:00
switchdev
tipc	tipc: make node link identity publish thread safe	2021-05-10 14:41:30 -07:00
tls	net/tls: Remove redundant initialization of record	2021-04-27 14:15:19 -07:00
unix
vmw_vsock	vsock/vmci: Remove redundant assignment to err	2021-04-30 15:00:59 -07:00
wireless	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
x25	af_x25.c: Fix a spello	2021-03-28 17:31:13 -07:00
xdp	xsk: Fix for xp_aligned_validate_desc() when len == chunk_size	2021-05-04 00:28:06 +02:00
xfrm	xfrm: ipcomp: remove unnecessary get_cpu()	2021-04-19 12:49:29 +02:00
compat.c
devres.c
Kconfig	net: selftest: fix build issue if INET is disabled	2021-04-28 14:06:45 -07:00
Makefile
socket.c	net: Fix a misspell in socket.c	2021-03-25 16:56:27 -07:00
sysctl_net.c	net: Ensure net namespace isolation of sysctls	2021-04-12 13:27:11 -07:00