Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp1088533pxu; Thu, 17 Dec 2020 01:42:20 -0800 (PST) X-Google-Smtp-Source: ABdhPJwhsldgaBfqg6+fnV79ZSISnXTh6+VrEb4PHk/BjlWkoBcPLpFRljUez+nGX0nLTKh18qRc X-Received: by 2002:a50:b223:: with SMTP id o32mr2653667edd.79.1608198140424; Thu, 17 Dec 2020 01:42:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608198140; cv=none; d=google.com; s=arc-20160816; b=HK3yI3JogrmMEk8GwOufdjwFRq/fJ+slktmEp/NC9IArCykWbXhTKwDSZGjNkM4PHp MuTZ/CJqoaDexGjzR5ERD1PA8NDsQrv/im/toj1Kqk8//XSouN/d1wxb2wst5LxHpMKc zzRz1RozM/OMKeI5u8doz5O7PU6SOb5w2pb/LYxtQBpfsJnKs0fcHrpn5UhaWApHEBSE 1HwwbrlxiO49tdTTYxI0MRZDRz8BrpcpcyTCdLhNO/7oyj1m13XVWz0rJuUMPaUj1IwD TY4kMfvJN8OX4x2Ujo9tAlwaFfgA/2GjgUo5AgCzvmrfPcgmFlbCn3Y2RHzfkKyjJUOK Jxzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from :dkim-signature:date; bh=PyUllJXe6kYUHZKCoKkwNQT3GM49TYU7WqJoQHPOXx4=; b=AMpj67Kod4gccfjQCEZ1ksMqHiJ6KhgKBj4oYSu8XX3Clcvsh+ez31Wz7t03gnZWPA ULUN2VUHqb6jWgpnCNsFgWazFhyigDdmqVYWtITwRG7pJtSIRi/8SYzNjlKs+oZ6lfVX eOYsarljdzM747m4yGD1LVSykSCeLq3sBXuWWvZHOl1lPG08ioNrFu7NuFIxBWk2J4qk OqHQhBmf9ABEdT4IcV1FU/N7fTEw7FTlYX8a59viW2pSAwH5iEfFxIIJV/aKUodlXY+h H2YW+lx8zv6mF8xULQm5QblVjX+hJdFWQrwCIP8B2nuKOozYQ2UgmF4m3yINK+GfVEr9 UZWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=iv2Ke4P2; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a20si4050922edn.43.2020.12.17.01.41.57; Thu, 17 Dec 2020 01:42:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=iv2Ke4P2; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726354AbgLQJlo (ORCPT + 99 others); Thu, 17 Dec 2020 04:41:44 -0500 Received: from mail.kernel.org ([198.145.29.99]:41802 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726155AbgLQJln (ORCPT ); Thu, 17 Dec 2020 04:41:43 -0500 Date: Thu, 17 Dec 2020 10:40:59 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1608198062; bh=k9VsqX5zgs+qa4UGHl7EKWy6DX64SQa2wvRJvdVKswg=; h=From:To:Cc:Subject:References:In-Reply-To:From; b=iv2Ke4P2qqYmxyQVijmbu2ZzpZexfRQJIOvwn4IlpFGLtTQ1PEMSLdx8fKn0MKBLo 8fREXOwBmRJgzbKOLG1OnjUXM+aJbXJqhAxYGOekwIkRdLb/5GdSOYAStZjn8GE317 Ttc6mK44FIEBycJ/vofDDnxHYl9oo3EVe00H0Tp5G8/4a22gz43pxfNXpaSJbwqyRN AEIbGFMh1PNkwctCZoFjrgPDbbweSmCvnVtvTOa2J7tz5z6ZmKae75sQ8/ObsL0maw uoT3bz8otEifilxSo32BF6+wDxzJl07SiL3Qhyn3XYf6WG97xpt0mcYmsp9LR+KX+z gNU0zG/C/MZMg== From: Pali =?utf-8?B?Um9ow6Fy?= To: Kalle Valo Cc: Jouni Malinen , ath9k-devel@qca.qualcomm.com, linux-wireless@vger.kernel.org Subject: Re: [PATCH 1/5] ath: Use safer key clearing with key cache entries Message-ID: <20201217094059.zxyaiskfdypc7q47@pali> References: <20201214172118.18100-2-jouni@codeaurora.org> <20201217065148.188F7C433ED@smtp.codeaurora.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201217065148.188F7C433ED@smtp.codeaurora.org> User-Agent: NeoMutt/20180716 Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org On Thursday 17 December 2020 06:51:48 Kalle Valo wrote: > Jouni Malinen wrote: > > > It is possible for there to be pending frames in TXQs with a reference > > to the key cache entry that is being deleted. If such a key cache entry > > is cleared, those pending frame in TXQ might get transmitted without > > proper encryption. It is safer to leave the previously used key into the > > key cache in such cases. Instead, only clear the MAC address to prevent > > RX processing from using this key cache entry. > > > > This is needed in particularly in AP mode where the TXQs cannot be > > flushed on station disconnection. This change alone may not be able to > > address all cases where the key cache entry might get reused for other > > purposes immediately (the key cache entry should be released for reuse > > only once the TXQs do not have any remaining references to them), but > > this makes it less likely to get unprotected frames and the more > > complete changes may end up being significantly more complex. > > > > Signed-off-by: Jouni Malinen > > Signed-off-by: Kalle Valo > > 5 patches applied to ath-next branch of ath.git, thanks. > > 56c5485c9e44 ath: Use safer key clearing with key cache entries > 73488cb2fa3b ath9k: Clear key cache explicitly on disabling hardware > d2d3e36498dd ath: Export ath_hw_keysetmac() > 144cd24dbc36 ath: Modify ath_key_delete() to not need full key entry > ca2848022c12 ath9k: Postpone key cache entry deletion for TXQ frames reference it Hello! Should not these patches be suitable for backporting into stable kernels (via CC: stable@ commit message line) as they are related to security issue CVE-2020-3702?