From: Kalle Valo <kvalo@codeaurora.org>
To: Jouni Malinen <jouni@codeaurora.org>
Cc: ath9k-devel@qca.qualcomm.com, linux-wireless@vger.kernel.org,
Jouni Malinen <jouni@codeaurora.org>
Subject: Re: [PATCH 1/5] ath: Use safer key clearing with key cache entries
Date: Thu, 17 Dec 2020 06:51:48 +0000 (UTC) [thread overview]
Message-ID: <20201217065148.188F7C433ED@smtp.codeaurora.org> (raw)
In-Reply-To: <20201214172118.18100-2-jouni@codeaurora.org>
Jouni Malinen <jouni@codeaurora.org> wrote:
> It is possible for there to be pending frames in TXQs with a reference
> to the key cache entry that is being deleted. If such a key cache entry
> is cleared, those pending frame in TXQ might get transmitted without
> proper encryption. It is safer to leave the previously used key into the
> key cache in such cases. Instead, only clear the MAC address to prevent
> RX processing from using this key cache entry.
>
> This is needed in particularly in AP mode where the TXQs cannot be
> flushed on station disconnection. This change alone may not be able to
> address all cases where the key cache entry might get reused for other
> purposes immediately (the key cache entry should be released for reuse
> only once the TXQs do not have any remaining references to them), but
> this makes it less likely to get unprotected frames and the more
> complete changes may end up being significantly more complex.
>
> Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
5 patches applied to ath-next branch of ath.git, thanks.
56c5485c9e44 ath: Use safer key clearing with key cache entries
73488cb2fa3b ath9k: Clear key cache explicitly on disabling hardware
d2d3e36498dd ath: Export ath_hw_keysetmac()
144cd24dbc36 ath: Modify ath_key_delete() to not need full key entry
ca2848022c12 ath9k: Postpone key cache entry deletion for TXQ frames reference it
--
https://patchwork.kernel.org/project/linux-wireless/patch/20201214172118.18100-2-jouni@codeaurora.org/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
next prev parent reply other threads:[~2020-12-17 6:53 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-14 17:21 [PATCH 0/5] ath9k: Safer key deletion to avoid unexpected behavior Jouni Malinen
2020-12-14 17:21 ` [PATCH 1/5] ath: Use safer key clearing with key cache entries Jouni Malinen
2020-12-17 6:51 ` Kalle Valo [this message]
2020-12-17 9:40 ` Pali Rohár
2020-12-17 16:06 ` Kalle Valo
2020-12-28 21:35 ` Pali Rohár
2021-01-11 8:01 ` Kalle Valo
2020-12-14 17:21 ` [PATCH 2/5] ath9k: Clear key cache explicitly on disabling hardware Jouni Malinen
2020-12-14 17:21 ` [PATCH 3/5] ath: Export ath_hw_keysetmac() Jouni Malinen
2020-12-14 17:21 ` [PATCH 4/5] ath: Modify ath_key_delete() to not need full key entry Jouni Malinen
2020-12-14 17:21 ` [PATCH 5/5] ath9k: Postpone key cache entry deletion for TXQ frames reference it Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201217065148.188F7C433ED@smtp.codeaurora.org \
--to=kvalo@codeaurora.org \
--cc=ath9k-devel@qca.qualcomm.com \
--cc=jouni@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).