From: Johannes Berg <johannes.berg@xxxxxxxxx>
Since hostapd will remove keys this isn't usually
an issue, but we shouldn't leak keys to the next
BSS started on the same interface. For VLANs this
also fixes a bug, keys that aren't removed would
otherwise be leaked.
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
---
net/mac80211/cfg.c | 5 ++++-
net/mac80211/iface.c | 2 +-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 64da5a4..3ba614d 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -1035,9 +1035,12 @@ static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
sta_info_flush_defer(vlan);
sta_info_flush_defer(sdata);
rcu_barrier();
- list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
+ list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) {
sta_info_flush_cleanup(vlan);
+ ieee80211_free_keys(vlan);
+ }
sta_info_flush_cleanup(sdata);
+ ieee80211_free_keys(sdata);
sdata->vif.bss_conf.enable_beacon = false;
clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index feda9fb..74228d9 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -836,7 +836,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
/*
* Free all remaining keys, there shouldn't be any,
- * except maybe group keys in AP more or WDS?
+ * except maybe in WDS mode?
*/
ieee80211_free_keys(sdata);
--
1.8.0
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
