Patch "wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex" has been added to the 6.1-stable tree

[Sasha Levin <sashal@xxxxxxxxxx>]

This is a note to let you know that I've just added the patch titled

    wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     wifi-brcmfmac-cfg80211-pass-the-pmk-in-binary-instea.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit aa7d0b048706b54b2fbdf45d405f91fb7db50eb1
Author: Hector Martin <marcan@xxxxxxxxx>
Date:   Tue Feb 14 18:24:19 2023 +0900

    wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
    
    [ Upstream commit 89b89e52153fda2733562776c7c9d9d3ebf8dd6d ]
    
    Apparently the hex passphrase mechanism does not work on newer
    chips/firmware (e.g. BCM4387). It seems there was a simple way of
    passing it in binary all along, so use that and avoid the hexification.
    
    OpenBSD has been doing it like this from the beginning, so this should
    work on all chips.
    
    Also clear the structure before setting the PMK. This was leaking
    uninitialized stack contents to the device.
    
    Reviewed-by: Linus Walleij <linus.walleij@xxxxxxxxxx>
    Reviewed-by: Arend van Spriel <arend.vanspriel@xxxxxxxxxxxx>
    Signed-off-by: Hector Martin <marcan@xxxxxxxxx>
    Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxx>
    Link: https://lore.kernel.org/r/20230214092423.15175-6-marcan@xxxxxxxxx
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 2cc913acfc2d7..ad5a8d61d9385 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -1351,13 +1351,14 @@ static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
 {
 	struct brcmf_pub *drvr = ifp->drvr;
 	struct brcmf_wsec_pmk_le pmk;
-	int i, err;
+	int err;
+
+	memset(&pmk, 0, sizeof(pmk));
 
-	/* convert to firmware key format */
-	pmk.key_len = cpu_to_le16(pmk_len << 1);
-	pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
-	for (i = 0; i < pmk_len; i++)
-		snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
+	/* pass pmk directly */
+	pmk.key_len = cpu_to_le16(pmk_len);
+	pmk.flags = cpu_to_le16(0);
+	memcpy(pmk.key, pmk_data, pmk_len);
 
 	/* store psk in firmware */
 	err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,