6.6-stable review patch. If anyone has any objections, please let me know.
------------------
From: Michael Lo michael.lo@mediatek.com
[ Upstream commit aa566ac6b7272e7ea5359cb682bdca36d2fc7e73 ]
To avoid incorrect cipher after disconnection, we should do the key deletion process in this case.
Fixes: e6db67fa871d ("wifi: mt76: ignore key disable commands") Signed-off-by: Michael Lo michael.lo@mediatek.com Signed-off-by: Ming Yen Hsieh mingyen.hsieh@mediatek.com Tested-by: David Ruth druth@chromium.org Reviewed-by: David Ruth druth@chromium.org Link: https://patch.msgid.link/20240801024335.12981-1-mingyen.hsieh@mediatek.com Signed-off-by: Felix Fietkau nbd@nbd.name Signed-off-by: Sasha Levin sashal@kernel.org --- drivers/net/wireless/mediatek/mt76/mt7921/main.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/main.c b/drivers/net/wireless/mediatek/mt76/mt7921/main.c index 6dec54431312a..31ef58e2a3d2a 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/main.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/main.c @@ -519,7 +519,13 @@ static int mt7921_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, } else { if (idx == *wcid_keyidx) *wcid_keyidx = -1; - goto out; + + /* For security issue we don't trigger the key deletion when + * reassociating. But we should trigger the deletion process + * to avoid using incorrect cipher after disconnection, + */ + if (vif->type != NL80211_IFTYPE_STATION || vif->cfg.assoc) + goto out; }
mt76_wcid_key_setup(&dev->mt76, wcid, key);