Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2537144yba; Mon, 6 May 2019 07:40:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqyoAKWEX+jKY2h+8Uw7JMRg4JgmAcHX7c76ChGXVWclhLtUuFnb6E+n2Cs9lxOfMoe9mSL3 X-Received: by 2002:a63:8342:: with SMTP id h63mr32917586pge.251.1557153625838; Mon, 06 May 2019 07:40:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557153625; cv=none; d=google.com; s=arc-20160816; b=jheMHAFCIpJOuPt/pAOlMPwkemmqLEZWfuQW1zECZADg31+j+Mn6TjDxysS9Q3tPTc V1HuRC2C2sVWwMapadK9OICw+/8XmdokvcVmg8ZEPi8iyu2m8DRnd48QfCfVIQulCUmt m4HfrpTLqocHw5BsOXtOk2LAiG4+wMvDEVOJl2StGKWdWraBRY4kse6yElur9JTmTTHS 3NXUtLVEoXNN/sfqssZ+HS2Ij1b+hnNi6ccKMQOE3ERbE5eG/zZ5rkzYkpL43tU1kTI2 jTO4bKK/vXJdmpZbZvZKSupCy5fkxpY5zQEX2j34EZJ7J4nH9OxuQyvyGz4Izx/CImQ+ EtXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=c4XmyCiBQ837In+1kIHdgAtuJdyyWv9Ag8kZ5HJ/wl0=; b=Fybus0R2UAlB+G+NKfZH5+MNqRopPMlapHrULJHXUIfDppqI0UB6pQkEjW7BRE67Ku awo58KxMtK0ZkHNCZ3GZLbgdYJ1KI4KSuTK5V38J2rSOKWKtIYGMbqbQnDqcwEq7AVPz REGUNz2bCuGBxdEuS+6e+NDKWzOVapmF4TZuPa/mKxLWwLEuhXpbqoVsQOS59P2/8gYX 1Z51XX8R+nt/2lca6Yitwj+bC3whMX0vvS1JaoJX7FuPcOkMzmlFh2Nx3swh/oMLgjo9 iQXSvNZTj/LxpGUePJlMT/WTvTyvDmdtfNTyt7mDY/LSGV1VQSRIQZgRcpvG8saBDMFn F+vw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=0g3NbD0y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a9si15271184pls.395.2019.05.06.07.40.10; Mon, 06 May 2019 07:40:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=0g3NbD0y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727609AbfEFOi1 (ORCPT + 99 others); Mon, 6 May 2019 10:38:27 -0400 Received: from mail.kernel.org ([198.145.29.99]:59456 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727579AbfEFOiY (ORCPT ); Mon, 6 May 2019 10:38:24 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5BDCA20449; Mon, 6 May 2019 14:38:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1557153503; bh=AY/rr051/mQLydbuvcB38cfBT+IR5wgcnc7nCqodeyQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=0g3NbD0ypxZPfhjWbNDk2JQflH8H0qEcrMr/WEsvm5juZVhKnZO2xQoIKFo6AhniH ceaiM0dZ71Wfm4OO2RUtY5Py4sx3iWXlo/faOr0buKBivDO3LJ3X++X/pOL2oDm/k2 uGnow3GQQ18ZUBIUO0T3zHu5cXBlu9qUR8PFXpeg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Alexander Wetzel , Johannes Berg Subject: [PATCH 5.0 114/122] mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode Date: Mon, 6 May 2019 16:32:52 +0200 Message-Id: <20190506143104.667882830@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190506143054.670334917@linuxfoundation.org> References: <20190506143054.670334917@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Alexander Wetzel commit 78ad2341521d5ea96cb936244ed4c4c4ef9ec13b upstream. Restore SW_CRYPTO_CONTROL operation on AP_VLAN interfaces for unicast keys, the original override was intended to be done for group keys as those are treated specially by mac80211 and would always have been rejected. Now the situation is that AP_VLAN support must be enabled by the driver if it can support it (meaning it can support software crypto GTK TX). Thus, also simplify the code - if we get here with AP_VLAN and non- pairwise key, software crypto must be used (driver doesn't know about the interface) and can be used (driver must've advertised AP_VLAN if it also uses SW_CRYPTO_CONTROL). Fixes: db3bdcb9c3ff ("mac80211: allow AP_VLAN operation on crypto controlled devices") Signed-off-by: Alexander Wetzel [rewrite commit message] Signed-off-by: Johannes Berg Signed-off-by: Greg Kroah-Hartman --- net/mac80211/key.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) --- a/net/mac80211/key.c +++ b/net/mac80211/key.c @@ -167,8 +167,10 @@ static int ieee80211_key_enable_hw_accel * The driver doesn't know anything about VLAN interfaces. * Hence, don't send GTKs for VLAN interfaces to the driver. */ - if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) + if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { + ret = 1; goto out_unsupported; + } } ret = drv_set_key(key->local, SET_KEY, sdata, @@ -213,11 +215,8 @@ static int ieee80211_key_enable_hw_accel /* all of these we can do in software - if driver can */ if (ret == 1) return 0; - if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) { - if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) - return 0; + if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) return -EINVAL; - } return 0; default: return -EINVAL;