Today I hit one of my new WARN_ONs in the mac80211 code because
a key wasn't being freed correctly. After wondering for a while
I finally tracked it to the fact that STA keys aren't added to
the per-sdata key list correctly, they are supposed to always be
on that list, not just for default keys. This patch fixes that.
Signed-off-by: Johannes Berg <[email protected]>
---
John, please merge soon, the ultimate consequence of this bug is that
when trying to delete everything mac80211 segfaults with an access to
already freed memory because the key is freed but still thought to
belong to a STA.
net/mac80211/key.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- everything.orig/net/mac80211/key.c 2008-03-01 19:28:56.000000000 +0100
+++ everything/net/mac80211/key.c 2008-03-01 19:29:00.000000000 +0100
@@ -174,6 +174,9 @@ static void __ieee80211_key_replace(stru
{
int idx, defkey;
+ if (new)
+ list_add(&new->list, &sdata->key_list);
+
if (sta) {
rcu_assign_pointer(sta->key, new);
} else {
@@ -190,9 +193,6 @@ static void __ieee80211_key_replace(stru
ieee80211_set_default_key(sdata, -1);
rcu_assign_pointer(sdata->keys[idx], new);
- if (new)
- list_add(&new->list, &sdata->key_list);
-
if (defkey && new)
ieee80211_set_default_key(sdata, new->conf.keyidx);
}
On Sat, Mar 1, 2008 at 7:32 PM, Johannes Berg <[email protected]> wrote:
> Today I hit one of my new WARN_ONs in the mac80211 code because
> a key wasn't being freed correctly. After wondering for a while
> I finally tracked it to the fact that STA keys aren't added to
> the per-sdata key list correctly, they are supposed to always be
> on that list, not just for default keys. This patch fixes that.
can this be somehow related to the "wep decrypt failed" message that I
get when using dynamic wep?
(I didn't have time to create any additional debug info for it yet ...)
On Sat, 2008-03-01 at 19:57 +0100, drago01 wrote:
> On Sat, Mar 1, 2008 at 7:32 PM, Johannes Berg <[email protected]> wrote:
> > Today I hit one of my new WARN_ONs in the mac80211 code because
> > a key wasn't being freed correctly. After wondering for a while
> > I finally tracked it to the fact that STA keys aren't added to
> > the per-sdata key list correctly, they are supposed to always be
> > on that list, not just for default keys. This patch fixes that.
>
> can this be somehow related to the "wep decrypt failed" message that I
> get when using dynamic wep?
> (I didn't have time to create any additional debug info for it yet ...)
No, not at all.
johannes