From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: David Bauer <mail@david-bauer.net>, Felix Fietkau <nbd@nbd.name>,
Sasha Levin <sashal@kernel.org>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org
Subject: [PATCH AUTOSEL 5.11 053/104] mt76: mt76x0: disable GTK offloading
Date: Wed, 5 May 2021 12:33:22 -0400 [thread overview]
Message-ID: <20210505163413.3461611-53-sashal@kernel.org> (raw)
In-Reply-To: <20210505163413.3461611-1-sashal@kernel.org>
From: David Bauer <mail@david-bauer.net>
[ Upstream commit 4b36cc6b390f18dbc59a45fb4141f90d7dfe2b23 ]
When operating two VAP on a MT7610 with encryption (PSK2, SAE, OWE),
only the first one to be created will transmit properly encrypteded
frames.
All subsequently created VAPs will sent out frames with the payload left
unencrypted, breaking multicast traffic (ICMP6 NDP) and potentially
disclosing information to a third party.
Disable GTK offloading and encrypt these frames in software to
circumvent this issue. THis only seems to be necessary on MT7610 chips,
as MT7612 is not affected from our testing.
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/wireless/mediatek/mt76/mt76x02_util.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
index 7ac20d3c16d7..aaa597b941cd 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
@@ -447,6 +447,10 @@ int mt76x02_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
return -EOPNOTSUPP;
+ /* MT76x0 GTK offloading does not work with more than one VIF */
+ if (is_mt76x0(dev) && !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+ return -EOPNOTSUPP;
+
msta = sta ? (struct mt76x02_sta *)sta->drv_priv : NULL;
wcid = msta ? &msta->wcid : &mvif->group_wcid;
--
2.30.2
next prev parent reply other threads:[~2021-05-05 16:46 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-05 16:32 [PATCH AUTOSEL 5.11 001/104] ath11k: fix thermal temperature read Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 046/104] mac80211: Set priority and queue mapping for injected frames Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 047/104] mac80211: clear the beacon's CRC after channel switch Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 050/104] rtw88: 8822c: add LC calibration for RTL8822C Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 051/104] mt76: mt7615: fix key set/delete issues Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 052/104] mt76: mt7615: support loading EEPROM for MT7613BE Sasha Levin
2021-05-05 16:33 ` Sasha Levin [this message]
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 054/104] mt76: mt7915: always check return value from mt7915_mcu_alloc_wtbl_req Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 055/104] mt76: mt7915: fix key set/delete issue Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 056/104] mt76: mt7915: fix txpower init for TSSI off chips Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 057/104] mt76: mt7915: add wifi subsystem reset Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 062/104] iwlwifi: pcie: make cfg vs. trans_cfg more robust Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 063/104] iwlwifi: queue: avoid memory leak in reset flow Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 078/104] wilc1000: Bring MAC address setting in line with typical Linux behavior Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 079/104] mac80211: properly drop the connection in case of invalid CSA IE Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 088/104] mt76: mt7615: fix entering driver-own state on mt7663 Sasha Levin
2021-05-05 16:33 ` [PATCH AUTOSEL 5.11 090/104] wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt Sasha Levin
2021-05-05 16:34 ` [PATCH AUTOSEL 5.11 091/104] wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join Sasha Levin
2021-05-05 16:34 ` [PATCH AUTOSEL 5.11 092/104] qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210505163413.3461611-53-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-wireless@vger.kernel.org \
--cc=mail@david-bauer.net \
--cc=nbd@nbd.name \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).