mac80211: allow driver to disconnect after resume

In WoWLAN, devices may use crypto keys for TX/RX and could also implement GTK rekeying. If the driver isn't able to retrieve replay counters and similar information from the device upon resume, or if the device isn't responsive due to platform issues, it isn't safe to keep the connection up as GTK rekey messages from during the sleep time could be replayed against it. The only protection against that is disconnecting from the AP. Modifying mac80211 to do that while it is resuming would be very complex and invasive in the case that the driver requires a reconfig, so do it after it has resumed completely. In that case, however, packets might be replayed since it can then only happen after TX/RX are up again, so mark keys for interfaces that need to disconnect as "tainted" and drop all packets that are sent or received with those keys. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
author: Johannes Berg <johannes.berg@intel.com> 2011-07-12 06:30:59 -0400
committer: John W. Linville <linville@tuxdriver.com> 2011-07-13 14:49:43 -0400
commit: 95acac61ba66c4abd40e038dae8c1ed2e176c7b1 (patch)
tree: 8a1737bc3a2ca8af0031e1c2cda07608965ad282 /net/mac80211/util.c
parent: 2fcf282471f04f465d0368e46e973e01504292b3 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 190132063c99..5bfb80cba634 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -1334,6 +1334,33 @@ int ieee80211_reconfig(struct ieee80211_local *local)
        return 0;
 }
+void ieee80211_resume_disconnect(struct ieee80211_vif *vif)
+{
+        struct ieee80211_sub_if_data *sdata;
+        struct ieee80211_local *local;
+        struct ieee80211_key *key;
+        if (WARN_ON(!vif))
+                return;
+        sdata = vif_to_sdata(vif);
+        local = sdata->local;
+        if (WARN_ON(!local->resuming))
+                return;
+        if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
+                return;
+        sdata->flags |= IEEE80211_SDATA_DISCONNECT_RESUME;
+        mutex_lock(&local->key_mtx);
+        list_for_each_entry(key, &sdata->key_list, list)
+                key->flags |= KEY_FLAG_TAINTED;
+        mutex_unlock(&local->key_mtx);
+}
+EXPORT_SYMBOL_GPL(ieee80211_resume_disconnect);
 static int check_mgd_smps(struct ieee80211_if_managed *ifmgd,
                          enum ieee80211_smps_mode *smps_mode)
 {
author	Johannes Berg <johannes.berg@intel.com>	2011-07-12 06:30:59 -0400
committer	John W. Linville <linville@tuxdriver.com>	2011-07-13 14:49:43 -0400
commit	95acac61ba66c4abd40e038dae8c1ed2e176c7b1 (patch)
tree	8a1737bc3a2ca8af0031e1c2cda07608965ad282 /net/mac80211/util.c
parent	2fcf282471f04f465d0368e46e973e01504292b3 (diff)

diff --git a/net/mac80211/util.c b/net/mac80211/util.c index 190132063c99..5bfb80cba634 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c
@@ -1334,6 +1334,33 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1334	return 0;	1334	return 0;
1335	}	1335	}
1336		1336
		1337	void ieee80211_resume_disconnect(struct ieee80211_vif *vif)
		1338	{
		1339	struct ieee80211_sub_if_data *sdata;
		1340	struct ieee80211_local *local;
		1341	struct ieee80211_key *key;
		1342
		1343	if (WARN_ON(!vif))
		1344	return;
		1345
		1346	sdata = vif_to_sdata(vif);
		1347	local = sdata->local;
		1348
		1349	if (WARN_ON(!local->resuming))
		1350	return;
		1351
		1352	if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
		1353	return;
		1354
		1355	sdata->flags \|= IEEE80211_SDATA_DISCONNECT_RESUME;
		1356
		1357	mutex_lock(&local->key_mtx);
		1358	list_for_each_entry(key, &sdata->key_list, list)
		1359	key->flags \|= KEY_FLAG_TAINTED;
		1360	mutex_unlock(&local->key_mtx);
		1361	}
		1362	EXPORT_SYMBOL_GPL(ieee80211_resume_disconnect);
		1363
1337	static int check_mgd_smps(struct ieee80211_if_managed *ifmgd,	1364	static int check_mgd_smps(struct ieee80211_if_managed *ifmgd,
1338	enum ieee80211_smps_mode *smps_mode)	1365	enum ieee80211_smps_mode *smps_mode)
1339	{	1366	{