tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

wifi: mac80211: check SSID in beacon

Check that the SSID in beacons is correct, if it's not hidden
and beacon protection is enabled (otherwise there's no value).
If it doesn't match, disconnect.

Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://patch.msgid.link/20240612143809.8b24a3d26a3d.I3e3ef31dbd2ec606be74d502a9d00dd9514c6885@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

Johannes Berg 9cc88678 0b2d9d9a

+32
+32
net/mac80211/mlme.c
··· 6667 6667 } 6668 6668 } 6669 6669 6670 + static bool ieee80211_mgd_ssid_mismatch(struct ieee80211_sub_if_data *sdata, 6671 + const struct ieee802_11_elems *elems) 6672 + { 6673 + struct ieee80211_vif_cfg *cfg = &sdata->vif.cfg; 6674 + static u8 zero_ssid[IEEE80211_MAX_SSID_LEN]; 6675 + 6676 + if (!elems->ssid) 6677 + return false; 6678 + 6679 + /* hidden SSID: zero length */ 6680 + if (elems->ssid_len == 0) 6681 + return false; 6682 + 6683 + if (elems->ssid_len != cfg->ssid_len) 6684 + return true; 6685 + 6686 + /* hidden SSID: zeroed out */ 6687 + if (memcmp(elems->ssid, zero_ssid, elems->ssid_len)) 6688 + return false; 6689 + 6690 + return memcmp(elems->ssid, cfg->ssid, cfg->ssid_len); 6691 + } 6692 + 6670 6693 static void ieee80211_rx_mgmt_beacon(struct ieee80211_link_data *link, 6671 6694 struct ieee80211_hdr *hdr, size_t len, 6672 6695 struct ieee80211_rx_status *rx_status) ··· 6831 6808 elems = ieee802_11_parse_elems_full(&parse_params); 6832 6809 if (!elems) 6833 6810 return; 6811 + 6812 + if (rx_status->flag & RX_FLAG_DECRYPTED && 6813 + ieee80211_mgd_ssid_mismatch(sdata, elems)) { 6814 + sdata_info(sdata, "SSID mismatch for AP %pM, disconnect\n", 6815 + sdata->vif.cfg.ap_addr); 6816 + __ieee80211_disconnect(sdata); 6817 + return; 6818 + } 6819 + 6834 6820 ncrc = elems->crc; 6835 6821 6836 6822 if (ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK) &&