[18/18] wifi: mac80211: flush STA queues on unauthorization

Message ID	20230928172905.d47f528829e7.I96903652c7ee0c5c66891f8b2364383da8e45a1f@changeid
State	New
Headers	show Return-Path: <linux-wireless-owner@vger.kernel.org> From: gregory.greenman@intel.com To: johannes@sipsolutions.net Cc: linux-wireless@vger.kernel.org, Johannes Berg <johannes.berg@intel.com>, Gregory Greenman <gregory.greenman@intel.com> Subject: [PATCH 18/18] wifi: mac80211: flush STA queues on unauthorization Date: Thu, 28 Sep 2023 17:35:39 +0300 Message-Id: <20230928172905.d47f528829e7.I96903652c7ee0c5c66891f8b2364383da8e45a1f@changeid> In-Reply-To: <20230928143539.1037500-1-gregory.greenman@intel.com> References: <20230928143539.1037500-1-gregory.greenman@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	cfg80211/mac80211 patches from our internal tree 2023-09-28 \| expand [00/18] cfg80211/mac80211 patches from our internal tree 2023-09-28 [01/18] wifi: mac80211: cleanup auth_data only if association continues [02/18] wifi: mac80211: drop robust action frames before assoc [03/18] wifi: mac80211: don't recreate driver link debugfs in reconfig [04/18] wifi: mac80211: add a driver callback to add vif debugfs [05/18] wifi: mac80211: handle debugfs when switching to/from MLO [06/18] wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE [07/18] wifi: cfg80211: Include operating class 137 in 6GHz band [08/18] wifi: mac80211: mesh: fix some kdoc warnings [09/18] wifi: cfg80211: Handle specific BSSID in 6GHz scanning [10/18] wifi: mac80211: Fix setting vif links [11/18] wifi: cfg80211: Fix typo in documentation [12/18] wifi: mac80211: Check if we had first beacon with relevant links [13/18] wifi: mac80211: add link id to mgd_prepare_tx() [14/18] wifi: mac80211: make mgd_protect_tdls_discover MLO-aware [15/18] wifi: mac80211: fix a expired vs. cancel race in roc [16/18] wifi: cfg80211: wext: convert return value to kernel-doc [17/18] wifi: mac80211: purge TX queues in flush_queues flow [18/18] wifi: mac80211: flush STA queues on unauthorization

Message ID

20230928172905.d47f528829e7.I96903652c7ee0c5c66891f8b2364383da8e45a1f@changeid

State

New

Headers

From: gregory.greenman@intel.com
To: johannes@sipsolutions.net
Cc: linux-wireless@vger.kernel.org,
        Johannes Berg <johannes.berg@intel.com>,
        Gregory Greenman <gregory.greenman@intel.com>
Subject: [PATCH 18/18] wifi: mac80211: flush STA queues on unauthorization
Date: Thu, 28 Sep 2023 17:35:39 +0300
Message-Id: 
 <20230928172905.d47f528829e7.I96903652c7ee0c5c66891f8b2364383da8e45a1f@changeid>
In-Reply-To: <20230928143539.1037500-1-gregory.greenman@intel.com>
References: <20230928143539.1037500-1-gregory.greenman@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

cfg80211/mac80211 patches from our internal tree 2023-09-28 | expand

Commit Message

Greenman, Gregory Sept. 28, 2023, 2:35 p.m. UTC

From: Johannes Berg <johannes.berg@intel.com>

When the station is marked as no longer authorized, we shouldn't
transmit to it any longer, but in particular we shouldn't be able
to transmit to it after removing keys, which might lead to frames
being sent out unencrypted depending on the exact hardware offload
mechanism. Thus, instead of flushing only on station destruction,
which covers only some cases, always flush on unauthorization.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
---
 net/mac80211/sta_info.c | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 450700173422..0ba613dd1cc4 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -1275,6 +1275,8 @@  static int _sta_info_move_state(struct sta_info *sta,
 				enum ieee80211_sta_state new_state,
 				bool recalc)
 {
+	struct ieee80211_local *local = sta->local;
+
 	might_sleep();
 
 	if (sta->sta_state == new_state)
@@ -1350,6 +1352,24 @@  static int _sta_info_move_state(struct sta_info *sta,
 		} else if (sta->sta_state == IEEE80211_STA_AUTHORIZED) {
 			ieee80211_vif_dec_num_mcast(sta->sdata);
 			clear_bit(WLAN_STA_AUTHORIZED, &sta->_flags);
+
+			/*
+			 * If we have encryption offload, flush (station) queues
+			 * (after ensuring concurrent TX completed) so we won't
+			 * transmit anything later unencrypted if/when keys are
+			 * also removed, which might otherwise happen depending
+			 * on how the hardware offload works.
+			 */
+			if (local->ops->set_key) {
+				synchronize_net();
+				if (local->ops->flush_sta)
+					drv_flush_sta(local, sta->sdata, sta);
+				else
+					ieee80211_flush_queues(local,
+							       sta->sdata,
+							       false);
+			}
+
 			ieee80211_clear_fast_xmit(sta);
 			ieee80211_clear_fast_rx(sta);
 		}
@@ -1415,18 +1435,6 @@  static void __sta_info_destroy_part2(struct sta_info *sta, bool recalc)
 		WARN_ON_ONCE(ret);
 	}
 
-	/* Flush queues before removing keys, as that might remove them
-	 * from hardware, and then depending on the offload method, any
-	 * frames sitting on hardware queues might be sent out without
-	 * any encryption at all.
-	 */
-	if (local->ops->set_key) {
-		if (local->ops->flush_sta)
-			drv_flush_sta(local, sta->sdata, sta);
-		else
-			ieee80211_flush_queues(local, sta->sdata, false);
-	}
-
 	/* now keys can no longer be reached */
 	ieee80211_free_sta_keys(local, sta);

[18/18] wifi: mac80211: flush STA queues on unauthorization

Commit Message

Patch