Am 10.09.19 um 15:23 schrieb Kalle Valo:
Maya Erez <merez@xxxxxxxxxxxxxx> wrote:
Fix a race between cfg80211 add_key call and transmitting of 4/4 EAP
packet. In case the transmit is delayed until after the add key takes
place, message 4/4 will be encrypted with the new key, and the
receiver side (AP) will drop it due to MIC error.
Wil6210 will monitor and look for the transmitted packet 4/4 eap key.
In case add_key takes place before the transmission completed, then
wil6210 will let the FW store the key and wil6210 will notify the FW
to use the PTK key only after 4/4 eap packet transmission was
completed.
This is rather ugly but I guess still ok. Or what do people think?
I don't know anything about the driver here but in mac80211 the idea to
avoid the race is to simply flush the queues prior deleting the outgoing
key.
Now wpa_supplicant is not yet bypassing qdisks, but adding the socket
parameter PACKET_QDISC_BYPASS is basically a one-liner in wpa_supplicant
and should allow a generic way for drivers to avoid the race with a
simple queue flush...
Alexander
