• Johannes Berg's avatar
    [MAC80211]: fix race conditions with keys · d4e46a3d
    Johannes Berg authored
    During receive processing, we select the key long before using it and
    because there's no locking it is possible that we kfree() the key
    after having selected it but before using it for crypto operations.
    Obviously, this is bad.
    
    Secondly, during transmit processing, there are two possible races: We
    have a similar race between select_key() and using it for encryption,
    but we also have a race here between select_key() and hardware
    encryption (both when a key is removed.)
    
    This patch solves these issues by using RCU: when a key is to be freed,
    we first remove the pointer from the appropriate places (sdata->keys,
    sdata->default_key, sta->key) using rcu_assign_pointer() and then
    synchronize_rcu(). Then, we can safely kfree() the key and remove it
    from the hardware. There's a window here where the hardware may still
    be using it for decryption, but we can't work around that without having
    two hardware callbacks, one to disable the key for RX and one to disable
    it for TX; but the worst thing that will happen is that we receive a
    packet decrypted that we don't find a key for any more and then drop it.
    
    When we add a key, we first need to upload it to the hardware and then,
    using rcu_assign_pointer() again, link it into our structures.
    
    In the code using keys (TX/RX paths) we use rcu_dereference() to get the
    key and enclose the whole tx/rx section in a rcu_read_lock() ...
    rcu_read_unlock() block. Because we've uploaded the key to hardware
    before linking it into internal structures, we can guarantee that it is
    valid once get to into tx().
    
    One possible race condition remains, however: when we have hardware
    acceleration enabled and the driver shuts down the queues, we end up
    queueing the frame. If now somebody removes the key, the key will be
    removed from hwaccel and then then driver will be asked to encrypt the
    frame with a key index that has been removed. Hence, drivers will need
    to be aware that the hw_key_index they are passed might not be under
    all circumstances. Most drivers will, however, simply ignore that
    condition and encrypt the frame with the selected key anyway, this
    only results in a frame being encrypted with a wrong key or dropped
    (rightfully) because the key was not valid. There isn't much we can
    do about it unless we want to walk the pending frame queue every time
    a key is removed and remove all frames that used it.
    
    This race condition, however, will most likely be solved once we add
    multiqueue support to mac80211 because then frames will be queued
    further up the stack instead of after being processed.
    Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
    Acked-by: default avatarMichael Wu <flamingice@sourmilk.net>
    Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    d4e46a3d
rx.c 43.3 KB