diff mbox series

[04/21] wifi: mac80211: check key taint for beacon protection

Message ID 20230223114629.a08041eab67c.I2f19b3e04e31c99bed3c9dc71935bf513b2cd177@changeid
State Superseded
Headers show
Series cfg80211/mac80211 patches from our internal tree 2023-02-21 | expand

Commit Message

Greenman, Gregory Feb. 23, 2023, 10:09 a.m. UTC
From: Johannes Berg <johannes.berg@intel.com>

This will likely never happen, but for completeness check
the key taint flag before using a key for beacon protection.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
---
 net/mac80211/tx.c | 6 ++++++
 1 file changed, 6 insertions(+)
diff mbox series

Patch

diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 7699fb410670..1f9294f5baa4 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -5115,6 +5115,12 @@  static int ieee80211_beacon_protect(struct sk_buff *skb,
 	tx.key = rcu_dereference(link->default_beacon_key);
 	if (!tx.key)
 		return 0;
+
+	if (unlikely(tx.key->flags & KEY_FLAG_TAINTED)) {
+		tx.key = NULL;
+		return -EINVAL;
+	}
+
 	tx.local = local;
 	tx.sdata = sdata;
 	__skb_queue_head_init(&tx.skbs);