Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp5610497pxj;
        Wed, 23 Jun 2021 05:20:01 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwVCGaFsJszsAYTqDwd2Q/X+/ce1QHck85NCxiAG65LzutnBa+KpyxTLg52uqAQ0dYn4uGP
X-Received: by 2002:a05:6402:2813:: with SMTP id h19mr11840544ede.39.1624450800963;
        Wed, 23 Jun 2021 05:20:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1624450800; cv=none;
        d=google.com; s=arc-20160816;
        b=ds3Qlcfbx5ZyyErzw1x/WESeMoUrJvSTnl0/de1+nS8UBrqDbGIaP27du6CA/ej6Kj
         YiArzxVShosIRJvuzwQGJtQk0UXNoJ40EJDJL5E1R9oT3WGtHFz4eb+RqMQJBVpoBJiI
         uX+nWBPvk4AuQo20j438eTwpBCAZqbRXOr6lkjyO9YgkLkzqoWBaxbBMov4w81A0mxBl
         trFZw2eslky5lNf2a78jv8EBS8idOHiqavfQnT3xe70tZ53s3iDlO1CvQqu2KSB79yNo
         L6YZcKVqqSODooJd1YdeJo4cREZmw9viaB3dLmYE99JwHgf8DjHopKw9XJTJc1ckQ/tf
         9Mlg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:date:cc:to:from:subject
         :message-id;
        bh=CumefvbSgBBRkyiSIOnLSEZ8URANZu8MxvkGFNMG4IE=;
        b=olc5seSKIQpIfS48avBwVi7lOYsJS6vGPbcTUHj/WR4frM3MVj5hXVnhYbETW9BN+Q
         RCxpom0OkYz5nNLjSxT+WG+XJpdYezNsHD2x0X7hkiHgI7xRQNMu0LfFzS0SuzvDDWh9
         MyJRx7f4nb9PHOWVEzfKlefNMgsUKNYrY815N4K+OUwiLU+3Bocbh0E412Gin4yL2Xni
         lnAx10zWz3U/sNs9Sfw3F/PyO6nAZzCNwbgB/1oXEWpZRrAgtZpbOBI/v1zAEbSaW5P/
         Kee4agJ04DlvnaPlw5Eme/uekwbd4JmpWqLaA0kvb1VJROVXGacF/MMLm2fkIYs4wo4S
         7pfg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org
Return-Path: <linux-wireless-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id cm26si10360771edb.572.2021.06.23.05.19.32;
        Wed, 23 Jun 2021 05:20:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230202AbhFWMSh (ORCPT <rfc822;phind.uet@gmail.com> + 99 others);
        Wed, 23 Jun 2021 08:18:37 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57340 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230019AbhFWMSh (ORCPT
        <rfc822;linux-wireless@vger.kernel.org>);
        Wed, 23 Jun 2021 08:18:37 -0400
Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:191:4433::2])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B8C53C061574;
        Wed, 23 Jun 2021 05:16:19 -0700 (PDT)
Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
        (Exim 4.94.2)
        (envelope-from <johannes@sipsolutions.net>)
        id 1lw1nh-00AYdK-GJ; Wed, 23 Jun 2021 14:16:13 +0200
Message-ID: <804462f2381df5fb30fba7e186e62375352b8adc.camel@sipsolutions.net>
Subject: Re: [PATCH v2 11/12] mac80211: drop data frames without key on
 encrypted links
From:   Johannes Berg <johannes@sipsolutions.net>
To:     Pali =?ISO-8859-1?Q?Roh=E1r?= <pali@kernel.org>,
        Sasha Levin <sashal@kernel.org>
Cc:     Luca Coelho <luca@coelho.fi>, linux-wireless@vger.kernel.org,
        stable@vger.kernel.org
Date:   Wed, 23 Jun 2021 14:16:12 +0200
In-Reply-To: <20210611101046.zej2t2oc6hsc67yv@pali>
References: <iwlwifi.20200326150855.6865c7f28a14.I9fb1d911b064262d33e33dfba730cdeef83926ca@changeid>
         <20200327150342.252AF20748@mail.kernel.org>
         <20210611101046.zej2t2oc6hsc67yv@pali>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.38.4 (3.38.4-1.fc33) 
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-malware-bazaar: not-scanned
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org

On Fri, 2021-06-11 at 12:10 +0200, Pali Rohár wrote:
> 
> @@ -341,8 +341,11 @@ static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
>  	if (sta) {
>  		if (pairwise) {
>  			rcu_assign_pointer(sta->ptk[idx], new);
> -			sta->ptk_idx = idx;
> -			ieee80211_check_fast_xmit(sta);
> +			if (new) {
> +				set_sta_flag(new->sta, WLAN_STA_USES_ENCRYPTION);
> +				new->sta->ptk_idx = new->conf.keyidx;

I'm not entirely sure moving that assignment under the guard is correct.

> +				ieee80211_check_fast_xmit(new->sta);

and I'm pretty sure that moving call under the guard is incorrect,
although in the end it probably doesn't even matter if we will drop all
frames anyway (due to this patch).

So all you need under the assignment is the flag, but also only
theoretically, because the function cannot be called with old==NULL &&
new==NULL, the first time around it's called we must have old==NULL (no
key was ever installed), and so the first time it's called it must be
old==NULL && new!=NULL, and then the flag gets set and we never want to
clear it again, so I believe you don't need the "if (new)" condition at
all.

In the code as it was in (and before) my patch the condition is
necessary because we use 'new' to obtain the 'sta' and 'local' pointers,
but otherwise we don't really need it even in the current version.

johannes