[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200329195109.GA10156@jouni.qca.qualcomm.com>
Date: Sun, 29 Mar 2020 22:51:09 +0300
From: Jouni Malinen <jouni@...eaurora.org>
To: Chris Clayton <chris2553@...glemail.com>
Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
David Miller <davem@...emloft.net>, johannes.berg@...el.com
Subject: Re: 5.6.0-rc7+ fails to connect to wifi network
On Sun, Mar 29, 2020 at 11:54:26AM +0100, Chris Clayton wrote:
> > Let me know if I can provide any additional diagnostics and/or test any patches.
Important was the dmesg output that also identified which driver was
used..
> I've bisected this and landed at:
>
> ce2e1ca703071723ca2dd94d492a5ab6d15050da is the first bad commit
> commit ce2e1ca703071723ca2dd94d492a5ab6d15050da
> Author: Jouni Malinen <jouni@...eaurora.org>
> Date: Thu Mar 26 15:51:34 2020 +0100
>
> mac80211: Check port authorization in the ieee80211_tx_dequeue() case
>
> mac80211 used to check port authorization in the Data frame enqueue case
> when going through start_xmit(). However, that authorization status may
> change while the frame is waiting in a queue. Add a similar check in the
> dequeue case to avoid sending previously accepted frames after
> authorization change. This provides additional protection against
> potential leaking of frames after a station has been disconnected and
> the keys for it are being removed.
Thanks for finding and reporting this. The changes here were indeed
supposed to apply only to Data frames and that's what they did with the
driver I tested this with which is why this did not come up earlier.
However, this path can get Management frames (and it was indeed the
Authentication frames that were getting dropped in your case with
iwlwifi) and that needs to addressed in the conditions here.
Johannes fixed this with the following change:
https://patchwork.kernel.org/patch/11464207/
--
Jouni Malinen PGP id EFC895FA
Powered by blists - more mailing lists