PAE: Use be16/be32 instead of u16/u32 for spartse

This converts some of the PAE code to use a design that gets rid unnecessary warnings from sparse and allows more thorough validation of byte order operations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
8 years ago · 4e7f5a4a2a
parent ac36b133aa
commit 4e7f5a4a2a
4 changed files with 29 additions and 24 deletions
--- a/src/common/eapol_common.h
+++ b/src/common/eapol_common.h
@ -25,7 +25,7 @@ struct ieee802_1x_hdr {
 struct ieee8023_hdr {
 	u8 dest[ETH_ALEN];
 	u8 src[ETH_ALEN];
-	u16 ethertype;
+	be16 ethertype;
 } STRUCT_PACKED;

 #ifdef _MSC_VER
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@ -148,7 +148,7 @@ ieee802_1x_mka_dump_peer_body(struct ieee802_1x_mka_peer_body *body)
 	size_t body_len;
 	size_t i;
 	u8 *mi;
-	u32 mn;
+	be32 mn;

 	if (body == NULL)
 		return;
@ -918,6 +918,7 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
 	size_t left_len;
 	int body_type;
 	u32 peer_mn;
+	be32 _peer_mn;
 	const u8 *peer_mi;
 	const u8 *pos;
 	size_t i;
@ -953,8 +954,9 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,

 		for (i = 0; i < body_len; i += MI_LEN + sizeof(peer_mn)) {
 			peer_mi = MKA_HDR_LEN + pos + i;
-			os_memcpy(&peer_mn, peer_mi + MI_LEN, sizeof(peer_mn));
-			peer_mn = be_to_host32(peer_mn);
+			os_memcpy(&_peer_mn, peer_mi + MI_LEN,
+				  sizeof(_peer_mn));
+			peer_mn = be_to_host32(_peer_mn);
 			if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0 &&
 			    peer_mn == participant->mn) {
 				included = TRUE;
@ -985,6 +987,7 @@ static int ieee802_1x_mka_decode_live_peer_body(
 	struct ieee802_1x_kay_peer *peer;
 	size_t body_len;
 	u32 peer_mn;
+	be32 _peer_mn;
 	const u8 *peer_mi;
 	size_t i;
 	Boolean is_included;
@ -997,8 +1000,8 @@ static int ieee802_1x_mka_decode_live_peer_body(

 	for (i = 0; i < body_len; i += MI_LEN + sizeof(peer_mn)) {
 		peer_mi = MKA_HDR_LEN + peer_msg + i;
-		os_memcpy(&peer_mn, peer_mi + MI_LEN, sizeof(peer_mn));
-		peer_mn = be_to_host32(peer_mn);
+		os_memcpy(&_peer_mn, peer_mi + MI_LEN, sizeof(_peer_mn));
+		peer_mn = be_to_host32(_peer_mn);

 		/* it is myself */
 		if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) {
@ -1042,6 +1045,7 @@ ieee802_1x_mka_decode_potential_peer_body(
 	struct ieee802_1x_mka_hdr *hdr;
 	size_t body_len;
 	u32 peer_mn;
+	be32 _peer_mn;
 	const u8 *peer_mi;
 	size_t i;

@ -1050,8 +1054,8 @@ ieee802_1x_mka_decode_potential_peer_body(

 	for (i = 0; i < body_len; i += MI_LEN + sizeof(peer_mn)) {
 		peer_mi = MKA_HDR_LEN + peer_msg + i;
-		os_memcpy(&peer_mn, peer_mi + MI_LEN, sizeof(peer_mn));
-		peer_mn = be_to_host32(peer_mn);
+		os_memcpy(&_peer_mn, peer_mi + MI_LEN, sizeof(_peer_mn));
+		peer_mn = be_to_host32(_peer_mn);

 		/* it is myself */
 		if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) {
@ -1290,7 +1294,7 @@ ieee802_1x_mka_decode_sak_use_body(
 	if (body->ltx || body->lrx) {
 		founded = FALSE;
 		os_memcpy(ki.mi, body->lsrv_mi, sizeof(ki.mi));
-		ki.kn = ntohl(body->lkn);
+		ki.kn = be_to_host32(body->lkn);
 		dl_list_for_each(sa_key, &participant->sak_list,
 				 struct data_key, list) {
 			if (is_ki_equal(&sa_key->key_identifier, &ki)) {
@ -1304,7 +1308,7 @@ ieee802_1x_mka_decode_sak_use_body(
 		}
 		if (os_memcmp(participant->lki.mi, body->lsrv_mi,
 			      sizeof(participant->lki.mi)) == 0 &&
-		    ntohl(body->lkn) == participant->lki.kn &&
+		    be_to_host32(body->lkn) == participant->lki.kn &&
 		    body->lan == participant->lan) {
 			peer->sak_used = TRUE;
 		}
@ -1319,7 +1323,7 @@ ieee802_1x_mka_decode_sak_use_body(
 	if (body->otx || body->orx) {
 		if (os_memcmp(participant->oki.mi, body->osrv_mi,
 			      sizeof(participant->oki.mi)) != 0 ||
-		    ntohl(body->okn) != participant->oki.kn ||
+		    be_to_host32(body->okn) != participant->oki.kn ||
 		    body->oan != participant->oan) {
 			wpa_printf(MSG_WARNING, "KaY: Old key is invalid");
 			return -1;
@ -1327,7 +1331,8 @@ ieee802_1x_mka_decode_sak_use_body(
 	}

 	/* TODO: how to set the MACsec hardware when delay_protect is true */
-	if (body->delay_protect && (!ntohl(body->llpn) || !ntohl(body->olpn))) {
+	if (body->delay_protect &&
+	    (!be_to_host32(body->llpn) || !be_to_host32(body->olpn))) {
 		wpa_printf(MSG_WARNING,
 			   "KaY: Lowest packet number should greater than 0 when delay_protect is TRUE");
 		return -1;
@ -1349,7 +1354,7 @@ ieee802_1x_mka_decode_sak_use_body(
 	}

 	/* if i'm key server, and detects peer member pn exhaustion, rekey.*/
-	lpn = ntohl(body->llpn);
+	lpn = be_to_host32(body->llpn);
 	if (lpn > participant->kay->pn_exhaustion) {
 		if (participant->is_key_server) {
 			participant->new_sak = TRUE;
@ -3094,10 +3099,10 @@ static void kay_l2_receive(void *ctx, const u8 *src_addr, const u8 *buf,
 	eth_hdr = (struct ieee8023_hdr *) buf;
 	eapol_hdr = (struct ieee802_1x_hdr *) (eth_hdr + 1);
 	if (len != sizeof(*eth_hdr) + sizeof(*eapol_hdr) +
-	    ntohs(eapol_hdr->length)) {
+	    be_to_host16(eapol_hdr->length)) {
 		wpa_printf(MSG_MSGDUMP, "KAY: EAPOL MPDU is invalid: (%lu-%lu)",
 			   (unsigned long) len,
-			   (unsigned long) ntohs(eapol_hdr->length));
+			   (unsigned long) be_to_host16(eapol_hdr->length));
 		return;
 	}

@ -3106,7 +3111,7 @@ static void kay_l2_receive(void *ctx, const u8 *src_addr, const u8 *buf,
 			   eapol_hdr->version);
 		return;
 	}
-	if (ntohs(eth_hdr->ethertype) != ETH_P_PAE ||
+	if (be_to_host16(eth_hdr->ethertype) != ETH_P_PAE ||
 	    eapol_hdr->type != IEEE802_1X_TYPE_EAPOL_MKA)
 		return;

--- a/src/pae/ieee802_1x_kay.h
+++ b/src/pae/ieee802_1x_kay.h
@ -32,7 +32,7 @@ struct ieee802_1x_mka_ki {

 struct ieee802_1x_mka_sci {
 	u8 addr[ETH_ALEN];
-	u16 port;
+	be16 port;
 };

 struct mka_key {
--- a/src/pae/ieee802_1x_kay_i.h
+++ b/src/pae/ieee802_1x_kay_i.h
@ -38,7 +38,7 @@ struct ieee802_1x_kay;

 struct ieee802_1x_mka_peer_id {
 	u8 mi[MI_LEN];
-	u32 mn;
+	be32 mn;
 };

 struct ieee802_1x_kay_peer {
@ -282,7 +282,7 @@ struct ieee802_1x_mka_basic_body {

 	struct ieee802_1x_mka_sci actor_sci;
 	u8 actor_mi[MI_LEN];
-	u32 actor_mn;
+	be32 actor_mn;
 	u8 algo_agility[4];

 	/* followed by CAK Name*/
@ -350,16 +350,16 @@ struct ieee802_1x_mka_sak_use_body {
 	/* octet 5 - 16 */
 	u8 lsrv_mi[MI_LEN];
 	/* octet 17 - 20 */
-	u32 lkn;
+	be32 lkn;
 	/* octet 21 - 24 */
-	u32 llpn;
+	be32 llpn;

 	/* octet 25 - 36 */
 	u8 osrv_mi[MI_LEN];
 	/* octet 37 - 40 */
-	u32 okn;
+	be32 okn;
 	/* octet 41 - 44 */
-	u32 olpn;
+	be32 olpn;
 };


@ -387,7 +387,7 @@ struct ieee802_1x_mka_dist_sak_body {
 	/* octet 4 */
 	u32 length1:8;
 	/* octet 5 - 8 */
-	u32 kn;
+	be32 kn;

 	/* for GCM-AES-128: octet 9-32: SAK
 	 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK