git: c5c914750fa6 - 2023Q3 - security/wpa_supplicant-devel: driver_bsd.c: backout upstream IFF_ change and add logging

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Cy Schubert <cy_at_FreeBSD.org>
Date: Fri, 15 Sep 2023 14:08:36 UTC
The branch 2023Q3 has been updated by cy:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c5c914750fa6801c4315c55f3504e2592e44cf1c

commit c5c914750fa6801c4315c55f3504e2592e44cf1c
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2023-09-11 06:19:26 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2023-09-15 14:07:41 +0000

    security/wpa_supplicant-devel: driver_bsd.c: backout upstream IFF_ change and add logging
    
    This reverts the state to our old supplicant logic setting or clearing
    IFF_UP if needed.  In addition this adds logging for the cases in which
    we do (not) change the interface state.
    
    Depending on testing this seems to help bringing WiFi up or not log
    any needed changes (which would be the expected wpa_supplicant logic
    now).  People should look out for ``(changed)`` log entries (at least
    if debugging the issue; this way we will at least have data points).
    
    There is a hypothesis still pondered that the entire IFF_UP toggling
    only exploits a race in net80211 (see further discssussions for more
    debugging and alternative solutions see D38508 and D38753).
    That may also explain why the changes to the rc startup script [1]
    only helped partially for some people to no longer see the
    continuous CTRL-EVENT-SCAN-FAILED.
    
    It is highly likely that we will want further changes and until
    we know for sure that people are seeing ''(changed)'' events
    this should stay local.  Should we need to upstream this we'll
    likely need #ifdef __FreeBSD__ around this code.
    
    PR:             273696
    Obtained from:  src bfb202c4554a
    
    (cherry picked from commit ba9d1c4fdcc2d0dd26af96e42aa11e5dbc0f9c7a)
---
 security/wpa_supplicant-devel/Makefile             |   1 +
 .../files/patch-src_drivers_driver__bsd.c          | 132 +++++++++++++++++++--
 2 files changed, 123 insertions(+), 10 deletions(-)

diff --git a/security/wpa_supplicant-devel/Makefile b/security/wpa_supplicant-devel/Makefile
index a00fbd1fbb56..7fc017f967bf 100644
--- a/security/wpa_supplicant-devel/Makefile
+++ b/security/wpa_supplicant-devel/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=	wpa_supplicant
 PORTVERSION=	${COMMIT_DATE}
+PORTREVISION=	1
 CATEGORIES=	security net
 PKGNAMESUFFIX=	-devel
 
diff --git a/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c b/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c
index 19470678ef08..11c7346d866b 100644
--- a/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c
+++ b/security/wpa_supplicant-devel/files/patch-src_drivers_driver__bsd.c
@@ -1,5 +1,5 @@
---- src/drivers/driver_bsd.c.orig	2022-06-20 04:39:26.000000000 -0700
-+++ src/drivers/driver_bsd.c	2022-07-03 14:15:42.260043000 -0700
+--- src/drivers/driver_bsd.c.orig	2023-09-05 10:38:47.000000000 -0700
++++ src/drivers/driver_bsd.c	2023-09-10 23:11:53.991722000 -0700
 @@ -14,6 +14,7 @@
  #include "driver.h"
  #include "eloop.h"
@@ -8,7 +8,62 @@
  #include "common/wpa_common.h"
  
  #include <ifaddrs.h>
-@@ -853,14 +854,18 @@
+@@ -293,8 +294,9 @@
+ }
+ 
+ static int
+-bsd_get_iface_flags(struct bsd_driver_data *drv)
++bsd_ctrl_iface(void *priv, int enable)
+ {
++	struct bsd_driver_data *drv = priv;
+ 	struct ifreq ifr;
+ 
+ 	os_memset(&ifr, 0, sizeof(ifr));
+@@ -306,7 +308,34 @@
+ 		return -1;
+ 	}
+ 	drv->flags = ifr.ifr_flags;
++
++
++	if (enable) {
++		if (ifr.ifr_flags & IFF_UP)
++			goto nochange;
++		ifr.ifr_flags |= IFF_UP;
++	} else {
++		if (!(ifr.ifr_flags & IFF_UP))
++			goto nochange;
++		ifr.ifr_flags &= ~IFF_UP;
++	}
++
++	if (ioctl(drv->global->sock, SIOCSIFFLAGS, &ifr) < 0) {
++		wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s",
++			   strerror(errno));
++		return -1;
++	}
++
++	wpa_printf(MSG_DEBUG, "%s: if %s (changed) enable %d IFF_UP %d ",
++	    __func__, drv->ifname, enable, ((ifr.ifr_flags & IFF_UP) != 0));
++
++	drv->flags = ifr.ifr_flags;
+ 	return 0;
++
++nochange:
++	wpa_printf(MSG_DEBUG, "%s: if %s (no change) enable %d IFF_UP %d ",
++	    __func__, drv->ifname, enable, ((ifr.ifr_flags & IFF_UP) != 0));
++	return 0;
+ }
+ 
+ static int
+@@ -525,7 +554,7 @@
+ 			   __func__);
+ 		return -1;
+ 	}
+-	return 0;
++	return bsd_ctrl_iface(priv, 1);
+ }
+ 
+ static void
+@@ -853,14 +882,18 @@
  		drv = bsd_get_drvindex(global, ifm->ifm_index);
  		if (drv == NULL)
  			return;
@@ -30,7 +85,32 @@
  			wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP",
  				   drv->ifname);
  			wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
-@@ -1197,13 +1202,41 @@
+@@ -1027,7 +1060,8 @@
+ 	if (l2_packet_get_own_addr(drv->sock_xmit, params->own_addr))
+ 		goto bad;
+ 
+-	if (bsd_get_iface_flags(drv) < 0)
++	/* mark down during setup */
++	if (bsd_ctrl_iface(drv, 0) < 0)
+ 		goto bad;
+ 
+ 	if (bsd_set_mediaopt(drv, IFM_OMASK, IFM_IEEE80211_HOSTAP) < 0) {
+@@ -1052,12 +1086,13 @@
+ {
+ 	struct bsd_driver_data *drv = priv;
+ 
++	if (drv->ifindex != 0)
++		bsd_ctrl_iface(drv, 0);
+ 	if (drv->sock_xmit != NULL)
+ 		l2_packet_deinit(drv->sock_xmit);
+ 	os_free(drv);
+ }
+ 
+-
+ static int
+ bsd_set_sta_authorized(void *priv, const u8 *addr,
+ 		       unsigned int total_flags, unsigned int flags_or,
+@@ -1199,13 +1234,41 @@
  }
  
  static int
@@ -73,7 +153,7 @@
  
  	wpa_printf(MSG_DEBUG,
  		"%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u"
-@@ -1220,7 +1253,10 @@
+@@ -1222,7 +1285,10 @@
  		mode = 0 /* STA */;
  		break;
  	case IEEE80211_MODE_IBSS:
@@ -84,7 +164,7 @@
  		break;
  	case IEEE80211_MODE_AP:
  		mode = IFM_IEEE80211_HOSTAP;
-@@ -1249,24 +1285,33 @@
+@@ -1251,24 +1317,33 @@
  		ret = -1;
  	if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0)
  		ret = -1;
@@ -121,7 +201,7 @@
 +	 * NB: interface must be marked UP for association
 +	 * or scanning (ap_scan=2)
 +	 */
-+	if (bsd_get_iface_flags(drv) < 0)
++	if (bsd_ctrl_iface(drv, 1) < 0)
  		return -1;
  
 -	if (params->wpa_ie_len &&
@@ -132,7 +212,20 @@
  	os_memset(&mlme, 0, sizeof(mlme));
  	mlme.im_op = IEEE80211_MLME_ASSOC;
  	if (params->ssid != NULL)
-@@ -1485,6 +1530,17 @@
+@@ -1311,11 +1386,8 @@
+ 	}
+ 
+ 	/* NB: interface must be marked UP to do a scan */
+-	if (!(drv->flags & IFF_UP)) {
+-		wpa_printf(MSG_DEBUG, "%s: interface is not up, cannot scan",
+-			   __func__);
++	if (bsd_ctrl_iface(drv, 1) < 0)
+ 		return -1;
+-	}
+ 
+ #ifdef IEEE80211_IOC_SCAN_MAX_SSID
+ 	os_memset(&sr, 0, sizeof(sr));
+@@ -1487,6 +1559,17 @@
  	if (devcaps.dc_drivercaps & IEEE80211_C_WPA2)
  		drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
  			WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
@@ -150,7 +243,7 @@
  
  	if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP)
  		drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
-@@ -1493,6 +1549,7 @@
+@@ -1495,6 +1578,7 @@
  		drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
  	if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM)
  		drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
@@ -158,7 +251,7 @@
  
  	if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP)
  		drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
-@@ -1545,6 +1602,8 @@
+@@ -1547,6 +1631,8 @@
  		}
  		if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP)
  			return IEEE80211_M_HOSTAP;
@@ -167,3 +260,22 @@
  		if (ifmr.ifm_current & IFM_IEEE80211_MONITOR)
  			return IEEE80211_M_MONITOR;
  #ifdef IEEE80211_M_MBSS
+@@ -1607,7 +1693,7 @@
+ 		drv->capa.key_mgmt_iftype[i] = drv->capa.key_mgmt;
+ 
+ 	/* Down interface during setup. */
+-	if (bsd_get_iface_flags(drv) < 0)
++	if (bsd_ctrl_iface(drv, 0) < 0)
+ 		goto fail;
+ 
+ 	/* Proven to work, lets go! */
+@@ -1630,6 +1716,9 @@
+ 
+ 	if (drv->ifindex != 0 && !drv->if_removed) {
+ 		wpa_driver_bsd_set_wpa(drv, 0);
++
++		/* NB: mark interface down */
++		bsd_ctrl_iface(drv, 0);
+ 
+ 		wpa_driver_bsd_set_wpa_internal(drv, drv->prev_wpa,
+ 						drv->prev_privacy);