From nobody Fri Sep 15 14:08:35 2023
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RnGJ35mmjz4sTrD;
	Fri, 15 Sep 2023 14:08:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RnGJ35KYqz4F8T;
	Fri, 15 Sep 2023 14:08:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1694786915;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hGSZRkjHEsixmWvZERQ4FUTvqwPaekFg1PAG6ZqWnLs=;
	b=GsSZPwwihHtNXmIDKMMCabc+7whCPuJo8KpkmHZ24SXa1TJlaWsIZIHMf9bHDrNoXqfev2
	pwje8imkon2LUahhoossiMayBuGy/p/qDYIdZG5q1H8aATRs93F83XPcn7sxXXUIwtfqyb
	UHrFsMMWujuUwopTXDzebZy5ETwMLg9CwGpAMI2MbC7Jlhh62T76EeMFgrGmw+Gv/cAzih
	ChEAoOv+7bIMK77/0fxHz+Ar4aMYQzp8nWAjfr5x8C94xSa+Sa78Qu/Q+Kwp7P/gMp5lyW
	rz2zck557+EjdYTCK5z/q2e7zvqKUjMA554r0EWr7DeQj8nnExYQDb1W6ptF1A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694786915; a=rsa-sha256; cv=none;
	b=r26rtOcima+hSbnZc/ZFvqiAstX1AR5b31qVt/+JmCKZtLxLiZTO0yvM/rSj3FpgFxG+xm
	UqudVgf6aKbzXY2QWfiQBiVdhK9TUPQwyFTXHlsAnSWBXldnNo8IsxbYktTl317gv72hEe
	jxoSCPYhOPoPRn800r/OPbgvC/YDAHLJPOsZEteNJGBEbjBNSBZP6cpkGgeOFVmV5h+eIj
	9p84x4WscG5BjJ3mI8VZrrX1S3nrElmy9Iq4bVVKo9JgAjxD9FB+ztfp5kmViBzi/snYSA
	WUxoPF1VCkrj85oHs5Y4xa4cG6S7+YUIiymX5uBLgH9dLQUUelq0thSsmGrLAQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1694786915;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hGSZRkjHEsixmWvZERQ4FUTvqwPaekFg1PAG6ZqWnLs=;
	b=OIlKw/pBX5nDS9aDG6l+z18ma4lP42JWC3kj9Jp4u1Bq2LPvExmtCDxFFaSxymU9kIxjqX
	09UlDfo49jumIGhmOWEHQVl11mVJIEnq9kGe7SE+uSxx1eQSw20SjdhXNQ7LbWzn0seP/Y
	JyYLDnabBRnK+w35Dtdpqs/YwieAxXWvddykWq2/7IbvdCJNettpVICQ76D/5CWOtTpedr
	6348apbUKsNNHGYPFAXQBZrHpqm/fgd9/IQYeC4INkPYZY92Yx0dPea/tAaLyPQ9atFfTY
	AeqNH0o3oK47EGcA9S8XAKt92Oa4EwYXdVhpF4zbjSPkQtSFQ9dQpuJex8qSWw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RnGJ34BZPzBVG;
	Fri, 15 Sep 2023 14:08:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38FE8ZRk090250;
	Fri, 15 Sep 2023 14:08:35 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38FE8ZWq090247;
	Fri, 15 Sep 2023 14:08:35 GMT
	(envelope-from git)
Date: Fri, 15 Sep 2023 14:08:35 GMT
Message-Id: <202309151408.38FE8ZWq090247@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-branches@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: 0a98996fe276 - 2023Q3 - security/wpa_supplicant:
  driver_bsd.c: backout upstream IFF_ change and add logging
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-all@freebsd.org
X-BeenThere: dev-commits-ports-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: ports
X-Git-Refname: refs/heads/2023Q3
X-Git-Reftype: branch
X-Git-Commit: 0a98996fe2764c941816de09316fabc3f03a86c0
Auto-Submitted: auto-generated

The branch 2023Q3 has been updated by cy:

URL: https://cgit.FreeBSD.org/ports/commit/?id=0a98996fe2764c941816de09316fabc3f03a86c0

commit 0a98996fe2764c941816de09316fabc3f03a86c0
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2023-09-11 06:15:16 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2023-09-15 14:07:40 +0000

    security/wpa_supplicant: driver_bsd.c: backout upstream IFF_ change and add logging
    
    This reverts the state to our old supplicant logic setting or clearing
    IFF_UP if needed.  In addition this adds logging for the cases in which
    we do (not) change the interface state.
    
    Depending on testing this seems to help bringing WiFi up or not log
    any needed changes (which would be the expected wpa_supplicant logic
    now).  People should look out for ``(changed)`` log entries (at least
    if debugging the issue; this way we will at least have data points).
    
    There is a hypothesis still pondered that the entire IFF_UP toggling
    only exploits a race in net80211 (see further discssussions for more
    debugging and alternative solutions see D38508 and D38753).
    That may also explain why the changes to the rc startup script [1]
    only helped partially for some people to no longer see the
    continuous CTRL-EVENT-SCAN-FAILED.
    
    It is highly likely that we will want further changes and until
    we know for sure that people are seeing ''(changed)'' events
    this should stay local.  Should we need to upstream this we'll
    likely need #ifdef __FreeBSD__ around this code.
    
    Obtained from:  src bfb202c4554a
    PR:             273696
    
    (cherry picked from commit bf01744fb255852b2aed16b80e50cb76c35f19d4)
---
 security/wpa_supplicant/Makefile                   |   2 +-
 .../files/patch-src_drivers_driver__bsd.c          | 130 +++++++++++++++++++--
 2 files changed, 122 insertions(+), 10 deletions(-)

diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile
index b381ed0f12dc..9319bb55675e 100644
--- a/security/wpa_supplicant/Makefile
+++ b/security/wpa_supplicant/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	wpa_supplicant
 PORTVERSION=	2.10
-PORTREVISION=	6
+PORTREVISION=	7
 CATEGORIES=	security net
 MASTER_SITES=	https://w1.fi/releases/
 
diff --git a/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c b/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c
index 56df017d59d1..dd72e1710cbd 100644
--- a/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c
+++ b/security/wpa_supplicant/files/patch-src_drivers_driver__bsd.c
@@ -1,5 +1,5 @@
 --- src/drivers/driver_bsd.c.orig	2022-01-16 12:51:29.000000000 -0800
-+++ src/drivers/driver_bsd.c	2022-07-03 14:09:49.672011000 -0700
++++ src/drivers/driver_bsd.c	2023-09-10 23:07:12.329586000 -0700
 @@ -14,6 +14,7 @@
  #include "driver.h"
  #include "eloop.h"
@@ -8,7 +8,62 @@
  #include "common/wpa_common.h"
  
  #include <ifaddrs.h>
-@@ -853,14 +854,18 @@
+@@ -293,8 +294,9 @@
+ }
+ 
+ static int
+-bsd_get_iface_flags(struct bsd_driver_data *drv)
++bsd_ctrl_iface(void *priv, int enable)
+ {
++	struct bsd_driver_data *drv = priv;
+ 	struct ifreq ifr;
+ 
+ 	os_memset(&ifr, 0, sizeof(ifr));
+@@ -306,7 +308,34 @@
+ 		return -1;
+ 	}
+ 	drv->flags = ifr.ifr_flags;
++
++
++	if (enable) {
++		if (ifr.ifr_flags & IFF_UP)
++			goto nochange;
++		ifr.ifr_flags |= IFF_UP;
++	} else {
++		if (!(ifr.ifr_flags & IFF_UP))
++			goto nochange;
++		ifr.ifr_flags &= ~IFF_UP;
++	}
++
++	if (ioctl(drv->global->sock, SIOCSIFFLAGS, &ifr) < 0) {
++		wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s",
++			   strerror(errno));
++		return -1;
++	}
++
++	wpa_printf(MSG_DEBUG, "%s: if %s (changed) enable %d IFF_UP %d ",
++	    __func__, drv->ifname, enable, ((ifr.ifr_flags & IFF_UP) != 0));
++
++	drv->flags = ifr.ifr_flags;
+ 	return 0;
++
++nochange:
++	wpa_printf(MSG_DEBUG, "%s: if %s (no change) enable %d IFF_UP %d ",
++	    __func__, drv->ifname, enable, ((ifr.ifr_flags & IFF_UP) != 0));
++	return 0;
+ }
+ 
+ static int
+@@ -525,7 +554,7 @@
+ 			   __func__);
+ 		return -1;
+ 	}
+-	return 0;
++	return bsd_ctrl_iface(priv, 1);
+ }
+ 
+ static void
+@@ -853,14 +882,18 @@
  		drv = bsd_get_drvindex(global, ifm->ifm_index);
  		if (drv == NULL)
  			return;
@@ -30,7 +85,32 @@
  			wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP",
  				   drv->ifname);
  			wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
-@@ -1197,13 +1202,41 @@
+@@ -1025,7 +1058,8 @@
+ 	if (l2_packet_get_own_addr(drv->sock_xmit, params->own_addr))
+ 		goto bad;
+ 
+-	if (bsd_get_iface_flags(drv) < 0)
++	/* mark down during setup */
++	if (bsd_ctrl_iface(drv, 0) < 0)
+ 		goto bad;
+ 
+ 	if (bsd_set_mediaopt(drv, IFM_OMASK, IFM_IEEE80211_HOSTAP) < 0) {
+@@ -1050,12 +1084,13 @@
+ {
+ 	struct bsd_driver_data *drv = priv;
+ 
++	if (drv->ifindex != 0)
++		bsd_ctrl_iface(drv, 0);
+ 	if (drv->sock_xmit != NULL)
+ 		l2_packet_deinit(drv->sock_xmit);
+ 	os_free(drv);
+ }
+ 
+-
+ static int
+ bsd_set_sta_authorized(void *priv, const u8 *addr,
+ 		       unsigned int total_flags, unsigned int flags_or,
+@@ -1197,13 +1232,41 @@
  }
  
  static int
@@ -73,7 +153,7 @@
  
  	wpa_printf(MSG_DEBUG,
  		"%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u"
-@@ -1220,7 +1253,10 @@
+@@ -1220,7 +1283,10 @@
  		mode = 0 /* STA */;
  		break;
  	case IEEE80211_MODE_IBSS:
@@ -84,7 +164,7 @@
  		break;
  	case IEEE80211_MODE_AP:
  		mode = IFM_IEEE80211_HOSTAP;
-@@ -1249,24 +1285,33 @@
+@@ -1249,24 +1315,33 @@
  		ret = -1;
  	if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0)
  		ret = -1;
@@ -121,7 +201,7 @@
 +	 * NB: interface must be marked UP for association
 +	 * or scanning (ap_scan=2)
 +	 */
-+	if (bsd_get_iface_flags(drv) < 0)
++	if (bsd_ctrl_iface(drv, 1) < 0)
  		return -1;
  
 -	if (params->wpa_ie_len &&
@@ -132,7 +212,20 @@
  	os_memset(&mlme, 0, sizeof(mlme));
  	mlme.im_op = IEEE80211_MLME_ASSOC;
  	if (params->ssid != NULL)
-@@ -1485,6 +1530,17 @@
+@@ -1309,11 +1384,8 @@
+ 	}
+ 
+ 	/* NB: interface must be marked UP to do a scan */
+-	if (!(drv->flags & IFF_UP)) {
+-		wpa_printf(MSG_DEBUG, "%s: interface is not up, cannot scan",
+-			   __func__);
++	if (bsd_ctrl_iface(drv, 1) < 0)
+ 		return -1;
+-	}
+ 
+ #ifdef IEEE80211_IOC_SCAN_MAX_SSID
+ 	os_memset(&sr, 0, sizeof(sr));
+@@ -1485,6 +1557,17 @@
  	if (devcaps.dc_drivercaps & IEEE80211_C_WPA2)
  		drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
  			WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
@@ -150,7 +243,7 @@
  
  	if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP)
  		drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
-@@ -1493,6 +1549,7 @@
+@@ -1493,6 +1576,7 @@
  		drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
  	if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM)
  		drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
@@ -158,7 +251,7 @@
  
  	if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP)
  		drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
-@@ -1545,6 +1602,8 @@
+@@ -1545,6 +1629,8 @@
  		}
  		if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP)
  			return IEEE80211_M_HOSTAP;
@@ -167,3 +260,22 @@
  		if (ifmr.ifm_current & IFM_IEEE80211_MONITOR)
  			return IEEE80211_M_MONITOR;
  #ifdef IEEE80211_M_MBSS
+@@ -1605,7 +1691,7 @@
+ 		drv->capa.key_mgmt_iftype[i] = drv->capa.key_mgmt;
+ 
+ 	/* Down interface during setup. */
+-	if (bsd_get_iface_flags(drv) < 0)
++	if (bsd_ctrl_iface(drv, 0) < 0)
+ 		goto fail;
+ 
+ 	/* Proven to work, lets go! */
+@@ -1628,6 +1714,9 @@
+ 
+ 	if (drv->ifindex != 0 && !drv->if_removed) {
+ 		wpa_driver_bsd_set_wpa(drv, 0);
++
++		/* NB: mark interface down */
++		bsd_ctrl_iface(drv, 0);
+ 
+ 		wpa_driver_bsd_set_wpa_internal(drv, drv->prev_wpa,
+ 						drv->prev_privacy);