From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: David Bauer <mail@david-bauer.net>, Felix Fietkau <nbd@nbd.name>,
Sasha Levin <sashal@kernel.org>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org
Subject: [PATCH AUTOSEL 5.4 21/46] mt76: mt76x0: disable GTK offloading
Date: Wed, 5 May 2021 12:38:31 -0400 [thread overview]
Message-ID: <20210505163856.3463279-21-sashal@kernel.org> (raw)
In-Reply-To: <20210505163856.3463279-1-sashal@kernel.org>
From: David Bauer <mail@david-bauer.net>
[ Upstream commit 4b36cc6b390f18dbc59a45fb4141f90d7dfe2b23 ]
When operating two VAP on a MT7610 with encryption (PSK2, SAE, OWE),
only the first one to be created will transmit properly encrypteded
frames.
All subsequently created VAPs will sent out frames with the payload left
unencrypted, breaking multicast traffic (ICMP6 NDP) and potentially
disclosing information to a third party.
Disable GTK offloading and encrypt these frames in software to
circumvent this issue. THis only seems to be necessary on MT7610 chips,
as MT7612 is not affected from our testing.
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/wireless/mediatek/mt76/mt76x02_util.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
index de0d6f21c621..075871f52bad 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
@@ -450,6 +450,10 @@ int mt76x02_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
return -EOPNOTSUPP;
+ /* MT76x0 GTK offloading does not work with more than one VIF */
+ if (is_mt76x0(dev) && !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+ return -EOPNOTSUPP;
+
msta = sta ? (struct mt76x02_sta *)sta->drv_priv : NULL;
wcid = msta ? &msta->wcid : &mvif->group_wcid;
--
2.30.2
next prev parent reply other threads:[~2021-05-05 17:05 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20210505163856.3463279-1-sashal@kernel.org>
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 02/46] tipc: convert dest node's address to network order Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 04/46] net: stmmac: Set FIFO sizes for ipq806x Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 11/46] Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 12/46] Bluetooth: verify AMP hci_chan before amp_destroy Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 13/46] Bluetooth: initialize skb_queue_head at l2cap_chan_create() Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 14/46] net: bridge: when suppression is enabled exclude RARP packets Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 15/46] Bluetooth: check for zapped sk before connecting Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 16/46] ip6_vti: proper dev_{hold|put} in ndo_[un]init methods Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 19/46] mac80211: clear the beacon's CRC after channel switch Sasha Levin
2021-05-05 16:38 ` Sasha Levin [this message]
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 27/46] selftests: Set CC to clang in lib.mk if LLVM is set Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 30/46] sctp: Fix out-of-bounds warning in sctp_process_asconf_param() Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 31/46] flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target() Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 34/46] ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 35/46] net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 36/46] samples/bpf: Fix broken tracex1 due to kprobe argument change Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 39/46] wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 40/46] wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 41/46] qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 43/46] iavf: remove duplicate free resources calls Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 44/46] net: ethernet: mtk_eth_soc: fix RX VLAN offload Sasha Levin
2021-05-05 16:38 ` [PATCH AUTOSEL 5.4 45/46] bnxt_en: Add PCI IDs for Hyper-V VF devices Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210505163856.3463279-21-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-wireless@vger.kernel.org \
--cc=mail@david-bauer.net \
--cc=nbd@nbd.name \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).