From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: David Bauer <mail@david-bauer.net>, Felix Fietkau <nbd@nbd.name>,
Sasha Levin <sashal@kernel.org>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org
Subject: [PATCH AUTOSEL 5.12 058/116] mt76: mt76x0: disable GTK offloading
Date: Wed, 5 May 2021 12:30:26 -0400 [thread overview]
Message-ID: <20210505163125.3460440-58-sashal@kernel.org> (raw)
In-Reply-To: <20210505163125.3460440-1-sashal@kernel.org>
From: David Bauer <mail@david-bauer.net>
[ Upstream commit 4b36cc6b390f18dbc59a45fb4141f90d7dfe2b23 ]
When operating two VAP on a MT7610 with encryption (PSK2, SAE, OWE),
only the first one to be created will transmit properly encrypteded
frames.
All subsequently created VAPs will sent out frames with the payload left
unencrypted, breaking multicast traffic (ICMP6 NDP) and potentially
disclosing information to a third party.
Disable GTK offloading and encrypt these frames in software to
circumvent this issue. THis only seems to be necessary on MT7610 chips,
as MT7612 is not affected from our testing.
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/wireless/mediatek/mt76/mt76x02_util.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
index ab671e21f882..02db5d66735d 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
@@ -447,6 +447,10 @@ int mt76x02_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
return -EOPNOTSUPP;
+ /* MT76x0 GTK offloading does not work with more than one VIF */
+ if (is_mt76x0(dev) && !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+ return -EOPNOTSUPP;
+
msta = sta ? (struct mt76x02_sta *)sta->drv_priv : NULL;
wcid = msta ? &msta->wcid : &mvif->group_wcid;
--
2.30.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-05-05 16:35 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20210505163125.3460440-1-sashal@kernel.org>
2021-05-05 16:29 ` [PATCH AUTOSEL 5.12 014/116] net: stmmac: Set FIFO sizes for ipq806x Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 036/116] iommu/arm-smmu-v3: Add a check to avoid invalid iotlb sync Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 039/116] KVM: arm64: Use BUG and BUG_ON in nVHE hyp Sasha Levin
2021-05-05 16:49 ` Marc Zyngier
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 041/116] Bluetooth: btusb: Enable quirk boolean flag for Mediatek Chip Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 047/116] coresight: Do not scan for graph if none is present Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 054/116] pinctrl: samsung: use 'int' for register masks in Exynos Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 056/116] mt76: mt7615: fix key set/delete issues Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 057/116] mt76: mt7615: support loading EEPROM for MT7613BE Sasha Levin
2021-05-05 16:30 ` Sasha Levin [this message]
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 059/116] mt76: connac: always check return value from mt76_connac_mcu_alloc_wtbl_req Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 060/116] mt76: mt7915: always check return value from mt7915_mcu_alloc_wtbl_req Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 061/116] mt76: mt7915: fix key set/delete issue Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 062/116] mt76: mt7915: fix txpower init for TSSI off chips Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 063/116] mt76: mt7921: fix key set/delete issue Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 064/116] mt76: mt7915: add wifi subsystem reset Sasha Levin
2021-05-05 16:30 ` [PATCH AUTOSEL 5.12 065/116] i2c: imx: Fix PM reference leak in i2c_imx_reg_slave() Sasha Levin
2021-05-05 16:31 ` [PATCH AUTOSEL 5.12 098/116] mt76: mt7615: fix entering driver-own state on mt7663 Sasha Levin
2021-05-05 16:31 ` [PATCH AUTOSEL 5.12 105/116] net: ethernet: mtk_eth_soc: fix RX VLAN offload Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210505163125.3460440-58-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-wireless@vger.kernel.org \
--cc=mail@david-bauer.net \
--cc=nbd@nbd.name \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).