mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-21 22:47:56 +00:00
0f1b5ce2f5
If we know that we have an encrypted link (based on having had a key configured for TX in the past) then drop all data frames in the key selection handler if there's no key anymore. This fixes an issue with mac80211 internal TXQs - there we can buffer frames for an encrypted link, but then if the key is no longer there when they're dequeued, the frames are sent without encryption. This happens if a station is disconnected while the frames are still on the TXQ. Detecting that a link should be encrypted based on a first key having been configured for TX is fine as there are no use cases for a connection going from with encryption to no encryption. With extended key IDs, however, there is a case of having a key configured for only decryption, so we can't just trigger this behaviour on a key being configured. Cc: stable@vger.kernel.org Reported-by: Jouni Malinen <j@w1.fi> Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Luca Coelho <luciano.coelho@intel.com> Signed-off-by: David Bauer <mail@david-bauer.net> |
||
|---|---|---|
| .. | ||
| 100-remove-cryptoapi-dependencies.patch | ||
| 110-mac80211_keep_keys_on_stop_ap.patch | ||
| 120-cfg80211_allow_perm_addr_change.patch | ||
| 130-disable-fils.patch | ||
| 131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch | ||
| 132-mac80211-remove-cmac-dependency.patch | ||
| 140-tweak-TSQ-setting.patch | ||
| 150-disable_addr_notifier.patch | ||
| 210-ap_scan.patch | ||
| 300-mac80211-optimize-skb-resizing.patch | ||
| 301-mac80211-minstrel-remove-divisions-in-tx-status-path.patch | ||
| 302-mac80211-minstrel_ht-replace-rate-stats-ewma-with-a-.patch | ||
| 303-mac80211-minstrel_ht-rename-prob_ewma-to-prob_avg-us.patch | ||
| 304-mac80211-sta-randomize-BA-session-dialog-token-alloc.patch | ||
| 305-mac80211-fix-tx-status-for-no-ack-cases.patch | ||
| 306-mac80211-move-store-skb-ack-code-to-its-own-function.patch | ||
| 307-mac80211-Shrink-the-size-of-ack_frame_id-to-make-roo.patch | ||
| 308-mac80211-Add-new-sta_info-getter-by-sta-vif-addrs.patch | ||
| 309-mac80211-Import-airtime-calculation-code-from-mt76.patch | ||
| 310-mac80211-Implement-Airtime-based-Queue-Limit-AQL.patch | ||
| 311-mac80211-Use-Airtime-based-Queue-Limits-AQL-on-packe.patch | ||
| 312-mac80211-airtime-Fix-an-off-by-one-in-ieee80211_calc.patch | ||
| 313-mac80211-Turn-AQL-into-an-NL80211_EXT_FEATURE.patch | ||
| 314-mac80211-drop-data-frames-without-key-on-encrypted-l.patch | ||
| 353-mac80211-use-more-bits-for-ack_frame_id.patch | ||
| 400-allow-ibss-mixed.patch | ||
| 500-mac80211_configure_antenna_gain.patch | ||