Home Home > GIT Browse > SLE12-SP4-AZURE
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTakashi Iwai <tiwai@suse.de>2019-02-20 09:27:50 +0100
committerTakashi Iwai <tiwai@suse.de>2019-02-20 09:27:51 +0100
commit2673f1e2e840156937ec78c57c29684adea36ec8 (patch)
tree415ba47337a03c5226200ef9d1e27aec55707563
parente503a7e91989c9d7445ad987dbc5facc3a7b3bca (diff)
mac80211: ensure that mgmt tx skbs have tailroom for encryption
(bsc#1051510).
-rw-r--r--patches.fixes/mac80211-ensure-that-mgmt-tx-skbs-have-tailroom-for-.patch61
-rw-r--r--series.conf1
2 files changed, 62 insertions, 0 deletions
diff --git a/patches.fixes/mac80211-ensure-that-mgmt-tx-skbs-have-tailroom-for-.patch b/patches.fixes/mac80211-ensure-that-mgmt-tx-skbs-have-tailroom-for-.patch
new file mode 100644
index 0000000000..613522517e
--- /dev/null
+++ b/patches.fixes/mac80211-ensure-that-mgmt-tx-skbs-have-tailroom-for-.patch
@@ -0,0 +1,61 @@
+From 9d0f50b80222dc273e67e4e14410fcfa4130a90c Mon Sep 17 00:00:00 2001
+From: Felix Fietkau <nbd@nbd.name>
+Date: Tue, 29 Jan 2019 11:10:57 +0100
+Subject: [PATCH] mac80211: ensure that mgmt tx skbs have tailroom for encryption
+Git-commit: 9d0f50b80222dc273e67e4e14410fcfa4130a90c
+Patch-mainline: v5.0-rc6
+References: bsc#1051510
+
+Some drivers use IEEE80211_KEY_FLAG_SW_MGMT_TX to indicate that management
+frames need to be software encrypted. Since normal data packets are still
+encrypted by the hardware, crypto_tx_tailroom_needed_cnt gets decremented
+after key upload to hw. This can lead to passing skbs to ccmp_encrypt_skb,
+which don't have the necessary tailroom for software encryption.
+
+Change the code to add tailroom for encrypted management packets, even if
+crypto_tx_tailroom_needed_cnt is 0.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Acked-by: Takashi Iwai <tiwai@suse.de>
+
+---
+ net/mac80211/tx.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
+index f170d6c6629a..928f13a208b0 100644
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -1938,9 +1938,16 @@ static int ieee80211_skb_resize(struct ieee80211_sub_if_data *sdata,
+ int head_need, bool may_encrypt)
+ {
+ struct ieee80211_local *local = sdata->local;
++ struct ieee80211_hdr *hdr;
++ bool enc_tailroom;
+ int tail_need = 0;
+
+- if (may_encrypt && sdata->crypto_tx_tailroom_needed_cnt) {
++ hdr = (struct ieee80211_hdr *) skb->data;
++ enc_tailroom = may_encrypt &&
++ (sdata->crypto_tx_tailroom_needed_cnt ||
++ ieee80211_is_mgmt(hdr->frame_control));
++
++ if (enc_tailroom) {
+ tail_need = IEEE80211_ENCRYPT_TAILROOM;
+ tail_need -= skb_tailroom(skb);
+ tail_need = max_t(int, tail_need, 0);
+@@ -1948,8 +1955,7 @@ static int ieee80211_skb_resize(struct ieee80211_sub_if_data *sdata,
+
+ if (skb_cloned(skb) &&
+ (!ieee80211_hw_check(&local->hw, SUPPORTS_CLONED_SKBS) ||
+- !skb_clone_writable(skb, ETH_HLEN) ||
+- (may_encrypt && sdata->crypto_tx_tailroom_needed_cnt)))
++ !skb_clone_writable(skb, ETH_HLEN) || enc_tailroom))
+ I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
+ else if (head_need || tail_need)
+ I802_DEBUG_INC(local->tx_expand_skb_head);
+--
+2.16.4
+
diff --git a/series.conf b/series.conf
index d1292a376d..ce7c4649d4 100644
--- a/series.conf
+++ b/series.conf
@@ -20339,6 +20339,7 @@
patches.drivers/usb-phy-am335x-fix-race-condition-in-_probe.patch
patches.drivers/serial-fix-race-between-flush_to_ldisc-and-tty_open.patch
patches.drivers/iio-chemical-atlas-ph-sensor-correct-IIO_TEMP-values.patch
+ patches.fixes/mac80211-ensure-that-mgmt-tx-skbs-have-tailroom-for-.patch
patches.drivers/batman-adv-Avoid-WARN-on-net_device-without-parent-i.patch
patches.drivers/batman-adv-Force-mac-header-to-start-of-data-on-xmit.patch
patches.fixes/bpf-fix-lockdep-false-positive-in-percpu_freelist.patch