From: Kalle Valo <kvalo@codeaurora.org>
To: Jouni Malinen <jouni@codeaurora.org>
Cc: ath9k-devel@qca.qualcomm.com, linux-wireless@vger.kernel.org,
Jouni Malinen <jouni@codeaurora.org>
Subject: Re: [PATCH 1/5] ath: Use safer key clearing with key cache entries
Date: Thu, 17 Dec 2020 06:51:48 +0000 (UTC) [thread overview]
Message-ID: <20201217065148.188F7C433ED@smtp.codeaurora.org> (raw)
In-Reply-To: <20201214172118.18100-2-jouni@codeaurora.org>
Jouni Malinen <jouni@codeaurora.org> wrote:
> It is possible for there to be pending frames in TXQs with a reference
> to the key cache entry that is being deleted. If such a key cache entry
> is cleared, those pending frame in TXQ might get transmitted without
> proper encryption. It is safer to leave the previously used key into the
> key cache in such cases. Instead, only clear the MAC address to prevent
> RX processing from using this key cache entry.
>
> This is needed in particularly in AP mode where the TXQs cannot be
> flushed on station disconnection. This change alone may not be able to
> address all cases where the key cache entry might get reused for other
> purposes immediately (the key cache entry should be released for reuse
> only once the TXQs do not have any remaining references to them), but
> this makes it less likely to get unprotected frames and the more
> complete changes may end up being significantly more complex.
>
> Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
5 patches applied to ath-next branch of ath.git, thanks.
56c5485c9e44 ath: Use safer key clearing with key cache entries
73488cb2fa3b ath9k: Clear key cache explicitly on disabling hardware
d2d3e36498dd ath: Export ath_hw_keysetmac()
144cd24dbc36 ath: Modify ath_key_delete() to not need full key entry
ca2848022c12 ath9k: Postpone key cache entry deletion for TXQ frames reference it
--
https://patchwork.kernel.org/project/linux-wireless/patch/20201214172118.18100-2-jouni@codeaurora.org/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
next prev parent reply other threads:[~2020-12-17 6:53 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-14 17:21 [PATCH 0/5] ath9k: Safer key deletion to avoid unexpected behavior Jouni Malinen
2020-12-14 17:21 ` [PATCH 1/5] ath: Use safer key clearing with key cache entries Jouni Malinen
2020-12-17 6:51 ` Kalle Valo [this message]
2020-12-17 9:40 ` Pali Rohár
2020-12-17 16:06 ` Kalle Valo
2020-12-28 21:35 ` Pali Rohár
2021-01-11 8:01 ` Kalle Valo
2020-12-14 17:21 ` [PATCH 2/5] ath9k: Clear key cache explicitly on disabling hardware Jouni Malinen
2020-12-14 17:21 ` [PATCH 3/5] ath: Export ath_hw_keysetmac() Jouni Malinen
2020-12-14 17:21 ` [PATCH 4/5] ath: Modify ath_key_delete() to not need full key entry Jouni Malinen
2020-12-14 17:21 ` [PATCH 5/5] ath9k: Postpone key cache entry deletion for TXQ frames reference it Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201217065148.188F7C433ED@smtp.codeaurora.org \
--to=kvalo@codeaurora.org \
--cc=ath9k-devel@qca.qualcomm.com \
--cc=jouni@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.