On Mon, Aug 16, 2021 at 03:44:24PM +0200, Pali Rohár wrote:
From: Johannes Berg johannes.berg@intel.com
commit a0761a301746ec2d92d7fcb82af69c0a6a4339aa upstream.
If we know that we have an encrypted link (based on having had a key configured for TX in the past) then drop all data frames in the key selection handler if there's no key anymore.
This fixes an issue with mac80211 internal TXQs - there we can buffer frames for an encrypted link, but then if the key is no longer there when they're dequeued, the frames are sent without encryption. This happens if a station is disconnected while the frames are still on the TXQ.
Detecting that a link should be encrypted based on a first key having been configured for TX is fine as there are no use cases for a connection going from with encryption to no encryption. With extended key IDs, however, there is a case of having a key configured for only decryption, so we can't just trigger this behaviour on a key being configured.
Cc: stable@vger.kernel.org Reported-by: Jouni Malinen j@w1.fi Signed-off-by: Johannes Berg johannes.berg@intel.com Signed-off-by: Luca Coelho luciano.coelho@intel.com Link: https://lore.kernel.org/r/iwlwifi.20200326150855.6865c7f28a14.I9fb1d911b0642... Signed-off-by: Johannes Berg johannes.berg@intel.com [pali: Backported to 4.19 and older versions] Signed-off-by: Pali Rohár pali@kernel.org
Now queued up, thanks!
Did not apply to 4.4.y, don't know if you want it there or not...
thanks,
greg k-h