From nobody Fri Aug 29 13:19:05 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cCzPQ2vDRz65W8W;
	Fri, 29 Aug 2025 13:19:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4cCzPQ065kz3VYS;
	Fri, 29 Aug 2025 13:19:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1756473546;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fKuci51vgaF5pGn1c9DcAOZxAcPlW0NpcnPF0A5+oHA=;
	b=L9s5+F7IelOuJZKkjLKQjvdNl1Q2pVRAx3Gg+ZR6dIvnTglQ0zASZI62dUBjm+kfS+yHNq
	AFVzIDoUSAwDRkdL5puRFovPHlg3EhqfsG6ldn5uTVpBuu1uhENI3o7uHSP2Rv6dyt4vyw
	T/d3Ag574924TvrXJdtdIeiL6kaSqa6n2I26vZRHOFAM2eULSjBlkxhcgqZ3R1Itny7R6H
	tbS3OBpq6bwISo/wq/OMU+s/TInlLuGQppfE7Iwy2cX/Gytxy4gYQbXaDlw05nzUXXqZDt
	7pPfTbbN+IKRMP/LLXeFgunYwkeyEUYZIKMAhtU0lbBkeBD3plHXvWPQdC92hg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1756473546;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fKuci51vgaF5pGn1c9DcAOZxAcPlW0NpcnPF0A5+oHA=;
	b=BYY0VrraPp0aYMYnj64JywCjwg2azekxA5w6T2GtZJtU75Ii0Ti4wHdRySj0ogyNTjuQ+j
	A6tkb+vxZI28qrrkQMHy5mhozvFgpWGsTHm31Qae/txoaSXYief686xqrOKA5DZ3WSj15z
	Nk22UFc4prZ7XFEoI0Z5g0qatAkVnycHIEpJWFW3F18qRvIrOtBZoZFm0J/Ifu4JnfHcop
	VF4xEOdwdCKW7k41L+kVoKHM/40D8YqcYxQpH0xlwK6OG0owgK+AHvyr9yX7roFHs6AJo/
	QM3yEqUiOs8BlOFIbOn1E58U/glda7Rwmbt+r3LoSGxaergOh77GgZ3wTkw3TQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1756473546; a=rsa-sha256; cv=none;
	b=Rv2JEGDm/QQ8W4LzDWiKjGbdAf28OXx0om5SVWU2hbGSPR1i7iV5R+yH15OZ11I9TUSZmP
	cXpjpQsSoQCLr/bdyFDoJFD7cmq7ptjOUjpBHi+16PoFNrz/gR/UuyCMU7ry/OQNxfWwO5
	JrPexxlLoUnBFRqC0EBm7SdgtwU/cH1WwLFX67xqncjgEO7Z+0nk4urABVEkJrDba+w4HL
	ptVoYT7MmqU3BQroDsfk6wKt82zzD1A+vmOulbBBCyr14XAiGVZkO6qM9jjyV4j4lEDpVk
	aejMZdoJGxjTQQQb9l+nI4uUlhHzeNpM4N0QRYGb17KjdTjoxDthTp3zsqzgVQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cCzPP6bVmzhnC;
	Fri, 29 Aug 2025 13:19:05 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 57TDJ5Je072436;
	Fri, 29 Aug 2025 13:19:05 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 57TDJ505072433;
	Fri, 29 Aug 2025 13:19:05 GMT
	(envelope-from git)
Date: Fri, 29 Aug 2025 13:19:05 GMT
Message-Id: <202508291319.57TDJ505072433@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Subject: git: 86a0941db702 - main - LinuxKPI: 802.11: do not delete
  keys while still assoc
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: bz
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 86a0941db7028a5eb4d56aaa34998b833e5de174
Auto-Submitted: auto-generated

The branch main has been updated by bz:

URL: https://cgit.FreeBSD.org/src/commit/?id=86a0941db7028a5eb4d56aaa34998b833e5de174

commit 86a0941db7028a5eb4d56aaa34998b833e5de174
Author:     Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2025-05-24 20:09:51 +0000
Commit:     Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2025-08-29 13:18:43 +0000

    LinuxKPI: 802.11: do not delete keys while still assoc
    
    While we are still associated we cannot delete the keys as packets
    may still go out and if the firmware has no more keys it will raise
    and exception.
    
    This can happen given net80211 has its own mind when to do this and
    we, in various places, unlock and re-lock the com lock, so are open
    to races.
    
    Sponsored by:   The FreeBSD Foundation
    MFC after:      3 days
---
 sys/compat/linuxkpi/common/src/linux_80211.c | 40 +++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/sys/compat/linuxkpi/common/src/linux_80211.c b/sys/compat/linuxkpi/common/src/linux_80211.c
index cf0aca4493aa..3f850653bc7c 100644
--- a/sys/compat/linuxkpi/common/src/linux_80211.c
+++ b/sys/compat/linuxkpi/common/src/linux_80211.c
@@ -1350,6 +1350,7 @@ lkpi_iv_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
 	lhw = ic->ic_softc;
 	hw = LHW_TO_HW(lhw);
 	lvif = VAP_TO_LVIF(vap);
+	vif = LVIF_TO_VIF(lvif);
 
 	/*
 	 * Make sure we do not make it here without going through
@@ -1357,6 +1358,23 @@ lkpi_iv_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
 	 */
 	lockdep_assert_wiphy(hw->wiphy);
 
+	/*
+	 * While we are assoc we may still send packets.  We cannot delete the
+	 * keys as otherwise packets could go out unencrypted.  Some firmware
+	 * does not like this and will fire an assert.
+	 * net80211 needs to drive this better but given we want the disassoc
+	 * frame out and have to unlock we are open to a race currently.
+	 * This check should prevent problems.
+	 * How to test: run 800Mbit/s UDP traffic and during that restart your
+	 * supplicant.  You want to survive that.
+	 */
+	if (vif->cfg.assoc) {
+		if (linuxkpi_debug_80211 & D80211_TRACE_HW_CRYPTO)
+			ic_printf(ic, "%d %lu %s: vif still assoc; not deleting keys\n",
+			    curthread->td_tid, jiffies, __func__);
+		return (0);
+	}
+
 	if (IEEE80211_KEY_UNDEFINED(k)) {
 		ic_printf(ic, "%s: vap %p key %p is undefined: %p %u\n",
 		    __func__, vap, k, k->wk_cipher, k->wk_keyix);
@@ -1401,7 +1419,6 @@ lkpi_iv_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
 		    kc->keyidx, kc->hw_key_idx, kc->flags, IEEE80211_KEY_FLAG_BITS);
 #endif
 
-	vif = LVIF_TO_VIF(lvif);
 	error = lkpi_80211_mo_set_key(hw, DISABLE_KEY, vif, sta, kc);
 	if (error != 0) {
 		ic_printf(ic, "%d %lu %s: set_key cmd %d(%s) for sta %6D failed: %d\n",
@@ -2831,6 +2848,14 @@ _lkpi_sta_assoc_to_down(struct ieee80211vap *vap, enum ieee80211_state nstate, i
 	bss_changed = 0;
 	bss_changed |= lkpi_disassoc(sta, vif, lhw);
 
+#ifdef LKPI_80211_HW_CRYPTO
+	/*
+	 * In theory we remove keys here but there must not exist any for this
+	 * state change until we clean them up again into small steps and no
+	 * code duplication.
+	 */
+#endif
+
 	lkpi_lsta_dump(lsta, ni, __func__, __LINE__);
 
 	/* Adjust sta and change state (from NONE) to NOTEXIST. */
@@ -3366,6 +3391,16 @@ lkpi_sta_run_to_init(struct ieee80211vap *vap, enum ieee80211_state nstate, int
 
 #ifdef LKPI_80211_HW_CRYPTO
 	if (lkpi_hwcrypto) {
+		/*
+		 * In theory we only need to do this if we changed assoc.
+		 * If we were not assoc, there should be no keys and we
+		 * should not be here.
+		 */
+#ifdef notyet
+		KASSERT((bss_changed & BSS_CHANGED_ASSOC) != 0, ("%s: "
+		    "trying to remove keys but were not assoc: %#010jx, lvif %p\n",
+		    __func__, (uintmax_t)bss_changed, lvif));
+#endif
 		error = lkpi_sta_del_keys(hw, vif, lsta);
 		if (error != 0) {
 			ic_printf(vap->iv_ic, "%s:%d: lkpi_sta_del_keys "
@@ -3427,6 +3462,9 @@ lkpi_sta_run_to_init(struct ieee80211vap *vap, enum ieee80211_state nstate, int
 	 * 4) call unassign_vif_chanctx
 	 * 5) call lkpi_hw_conf_idle
 	 * 6) call remove_chanctx
+	 *
+	 * Note: vif->driver_flags & IEEE80211_VIF_REMOVE_AP_AFTER_DISASSOC
+	 * might change this.
 	 */
 	bss_changed |= lkpi_disassoc(sta, vif, lhw);