Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 10b68487 authored by Felix Fietkau's avatar Felix Fietkau Committed by Johannes Berg
Browse files

mac80211: flush keys for AP mode on ieee80211_do_stop 



Userspace can add keys to an AP mode interface before start_ap has been
called. If there have been no calls to start_ap/stop_ap in the mean
time, the keys will still be around when the interface is brought down.

Signed-off-by: default avatarFelix Fietkau <nbd@openwrt.org>
[adjust comments, fix AP_VLAN case]
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 805dbe17

net/mac80211/iface.c

+6 −5
Original line number Diff line number Diff line
@@ -898,6 +898,8 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, 
		list_del(&sdata->u.vlan.list);

		mutex_unlock(&local->mtx);

		RCU_INIT_POINTER(sdata->vif.chanctx_conf, NULL);

		/* see comment in the default case below */

		ieee80211_free_keys(sdata, true);

		/* no need to tell driver */

		break;

	case NL80211_IFTYPE_MONITOR:
@@ -923,17 +925,16 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, 
		/*

		 * When we get here, the interface is marked down.

		 * Free the remaining keys, if there are any

		 * (shouldn't be, except maybe in WDS mode?)

		 * (which can happen in AP mode if userspace sets

		 * keys before the interface is operating, and maybe

		 * also in WDS mode)

		 *

		 * Force the key freeing to always synchronize_net()

		 * to wait for the RX path in case it is using this

		 * interface enqueuing frames * at this very time on

		 * interface enqueuing frames at this very time on

		 * another CPU.

		 */

		ieee80211_free_keys(sdata, true);



		/* fall through */

	case NL80211_IFTYPE_AP:

		skb_queue_purge(&sdata->skb_queue);

	}