[PATCH 1/1] macsec: handle missing macsec kernel module
michael-dev
michael-dev at fami-braun.de
Tue Aug 22 07:51:04 PDT 2017
Am 22.08.2017 10:34, schrieb Sabrina Dubroca:
> 2017-08-18, 19:30:40 +0200, Michael Braun wrote:
>> This fixes the following crash:
>>
>> 0. do not modprobe macsec
>> 1. create veth pair
>> 2. run two wpa_supplicant linux_macsec instances on both ends
>> 3. see one instance crash
>
> Wasn't that fixed by commit 5db86df6a849? (cc'ing Davide)
I used
https://github.com/michael-dev/hostapd/commits/feature/aruba-workaround
(which contains my fixes now as well now) to trigger the issue.
That already includes 5db86df6a849, so that did likely did not fix my
issue.
Looking at 5db86df6a849, it appears that it fixes a crash from
macsec_drv_create_transmit_sc, but the crash now is triggered by
macsec_drv_create_receive_sc.
> Either way, this is a cleaner fix and I had a similar patch lying
> around (see below). There's still one problem after your patch:
> ieee802_1x_kay_init isn't consistent wrt freeing ctx. Some error paths
> will return NULL and leave ctx untouched, while some (after trying to
> init CP) will call ieee802_1x_kay_deinit, which frees both kay and
> kay->ctx.
Good catch!
> (Arguably this could be split into two patches: first make
> ieee802_1x_kay_init consistent, then add error handling for
> secy_init_macsec)
Your patch looks good, so lets just apply it.
Regards,
M. Braun
More information about the Hostap
mailing list