cfg80211: don't put kek/kck/replay counter on the stack
There's no need to put the values on the stack, just pass a pointer to the data in the nl80211 message. This reduces stack usage and avoids potential issues with putting sensitive data on the stack. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
parent
538c9eb8b3
commit
78f686cae0
@ -1980,14 +1980,12 @@ struct cfg80211_wowlan_wakeup {
|
||||
|
||||
/**
|
||||
* struct cfg80211_gtk_rekey_data - rekey data
|
||||
* @kek: key encryption key
|
||||
* @kck: key confirmation key
|
||||
* @replay_ctr: replay counter
|
||||
* @kek: key encryption key (NL80211_KEK_LEN bytes)
|
||||
* @kck: key confirmation key (NL80211_KCK_LEN bytes)
|
||||
* @replay_ctr: replay counter (NL80211_REPLAY_CTR_LEN bytes)
|
||||
*/
|
||||
struct cfg80211_gtk_rekey_data {
|
||||
u8 kek[NL80211_KEK_LEN];
|
||||
u8 kck[NL80211_KCK_LEN];
|
||||
u8 replay_ctr[NL80211_REPLAY_CTR_LEN];
|
||||
const u8 *kek, *kck, *replay_ctr;
|
||||
};
|
||||
|
||||
/**
|
||||
|
@ -8959,13 +8959,9 @@ static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
|
||||
if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN)
|
||||
return -ERANGE;
|
||||
|
||||
memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]),
|
||||
NL80211_KEK_LEN);
|
||||
memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]),
|
||||
NL80211_KCK_LEN);
|
||||
memcpy(rekey_data.replay_ctr,
|
||||
nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]),
|
||||
NL80211_REPLAY_CTR_LEN);
|
||||
rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]);
|
||||
rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]);
|
||||
rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]);
|
||||
|
||||
wdev_lock(wdev);
|
||||
if (!wdev->current_bss) {
|
||||
|
Loading…
Reference in New Issue
Block a user