[PATCH 2/2] AP: wpa_auth: use new key IDs in wpa_group_ensure_init()

[Johannes Berg]

From: Johannes Berg <johannes.berg at intel.com>

During wpa_group_ensure_init() the AP is already beaconing, and
so switching the BIGTK to a new one introduces a race where the
old one is deleted (at least in mac80211 drivers) while it may
be in use for beaconing, potentially causing problems (in Intel
devices this crashes the firmware.)

In normal operation, this doesn't happen since new keys will be
installed with the other key ID, so there's no period of time
where there's no key at all to transmit beacons with.

Use wpa_group_update_gtk() in wpa_group_ensure_init() instead
of simply wpa_gtk_update() to avoid this situation and, it just
calls wpa_gtk_update() after switching the key IDs around.

To avoid issues with entropy, pass the return value through.

Signed-off-by: Johannes Berg <johannes.berg at intel.com>
---
 src/ap/wpa_auth.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index c5fdac749669..5ec7f3602198 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -76,8 +76,8 @@ static void wpa_group_put_vlan(struct wpa_authenticator *wpa_auth,
 #endif /* CONFIG_IEEE80211BE */
 static int ieee80211w_kde_len(struct wpa_state_machine *sm);
 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos);
-static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
-				 struct wpa_group *group);
+static int wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
+				struct wpa_group *group);
 
 
 static const u32 eapol_key_timeout_first = 100; /* ms */
@@ -2668,7 +2668,7 @@ static void wpa_group_ensure_init(struct wpa_authenticator *wpa_auth,
 	}
 
 	if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0 ||
-	    wpa_gtk_update(wpa_auth, group) < 0 ||
+	    wpa_group_update_gtk(wpa_auth, group) < 0 ||
 	    wpa_group_config_group_keys(wpa_auth, group) < 0) {
 		wpa_printf(MSG_INFO, "WPA: GMK/GTK setup failed");
 		group->first_sta_seen = false;
@@ -6133,8 +6133,8 @@ int wpa_wnmsleep_bigtk_subelem(struct wpa_state_machine *sm, u8 *pos)
 #endif /* CONFIG_WNM_AP */
 
 
-static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
-				 struct wpa_group *group)
+static int wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
+				struct wpa_group *group)
 {
 	int tmp;
 
@@ -6150,7 +6150,7 @@ static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
 	/* "GKeyDoneStations = GNoStations" is done in more robust way by
 	 * counting the STAs that are marked with GUpdateStationKeys instead of
 	 * including all STAs that could be in not-yet-completed state. */
-	wpa_gtk_update(wpa_auth, group);
+	return wpa_gtk_update(wpa_auth, group);
 }
 
 
-- 
2.53.0