Date: Fri, 27 Feb 2026 02:30:18 +0000 From: Bjoern A. Zeeb <bz@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 64af3362df76 - stable/15 - LinuxKPI: 802.11: adjust assoc check before key deletion Message-ID: <69a101ba.22800.7e7800d6@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/15 has been updated by bz: URL: https://cgit.FreeBSD.org/src/commit/?id=64af3362df76e0c7cdce5c0f64ff9ccef09bb155 commit 64af3362df76e0c7cdce5c0f64ff9ccef09bb155 Author: Bjoern A. Zeeb <bz@FreeBSD.org> AuthorDate: 2026-02-24 23:51:43 +0000 Commit: Bjoern A. Zeeb <bz@FreeBSD.org> CommitDate: 2026-02-26 23:09:34 +0000 LinuxKPI: 802.11: adjust assoc check before key deletion There is a discrepancy between the vif assoc state and the sta state (see comment in lkpi_sta_run_to_init()). Adjust the check in lkpi_iv_key_delete() and add it to lkpi_sta_del_keys() so that we can take way the keys after whatever comes first: the sta went away from AUTHORIZED (RUN) or if the vif is no longer marked assoc. This is needed as we may only take the sta down partially back to State 2 (cf. 802.11-2024, Figure 11-23) and key material is no longer valid before the vif gets cleaned up and the sta is removed entirely. Sponsored by: The FreeBSD Foundation (cherry picked from commit 96a57fc4bf4edca9a579cc47f9058253c11f8313) --- sys/compat/linuxkpi/common/src/linux_80211.c | 30 +++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/sys/compat/linuxkpi/common/src/linux_80211.c b/sys/compat/linuxkpi/common/src/linux_80211.c index e80cf9436b3a..550bd417c529 100644 --- a/sys/compat/linuxkpi/common/src/linux_80211.c +++ b/sys/compat/linuxkpi/common/src/linux_80211.c @@ -1373,6 +1373,15 @@ lkpi_sta_del_keys(struct ieee80211_hw *hw, struct ieee80211_vif *vif, return (0); lockdep_assert_wiphy(hw->wiphy); + + if (vif->cfg.assoc && lsta->state == IEEE80211_STA_AUTHORIZED) { + if (linuxkpi_debug_80211 & D80211_TRACE_HW_CRYPTO) + ic_printf(lsta->ni->ni_ic, + "%d %lu %s: vif still assoc; not deleting keys\n", + curthread->td_tid, jiffies, __func__); + return (0); + } + ieee80211_ref_node(lsta->ni); error = 0; @@ -1452,6 +1461,15 @@ lkpi_iv_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) */ lockdep_assert_wiphy(hw->wiphy); + ni = ieee80211_ref_node(vap->iv_bss); + lsta = ni->ni_drv_data; + if (lsta == NULL) { + ic_printf(ic, "%s: ni %p (%6D) with lsta NULL\n", + __func__, ni, ni->ni_bssid, ":"); + ieee80211_free_node(ni); + return (0); + } + /* * While we are assoc we may still send packets. We cannot delete the * keys as otherwise packets could go out unencrypted. Some firmware @@ -1462,30 +1480,24 @@ lkpi_iv_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) * How to test: run 800Mbit/s UDP traffic and during that restart your * supplicant. You want to survive that. */ - if (vif->cfg.assoc) { + if (vif->cfg.assoc && lsta->state == IEEE80211_STA_AUTHORIZED) { if (linuxkpi_debug_80211 & D80211_TRACE_HW_CRYPTO) ic_printf(ic, "%d %lu %s: vif still assoc; not deleting keys\n", curthread->td_tid, jiffies, __func__); + ieee80211_free_node(ni); return (0); } if (IEEE80211_KEY_UNDEFINED(k)) { ic_printf(ic, "%s: vap %p key %p is undefined: %p %u\n", __func__, vap, k, k->wk_cipher, k->wk_keyix); + ieee80211_free_node(ni); return (0); } if (vap->iv_bss == NULL) { ic_printf(ic, "%s: iv_bss %p for vap %p is NULL\n", __func__, vap->iv_bss, vap); - return (0); - } - - ni = ieee80211_ref_node(vap->iv_bss); - lsta = ni->ni_drv_data; - if (lsta == NULL) { - ic_printf(ic, "%s: ni %p (%6D) with lsta NULL\n", - __func__, ni, ni->ni_bssid, ":"); ieee80211_free_node(ni); return (0); }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69a101ba.22800.7e7800d6>