VLAN: Use appropriate group instead of the default VLAN group

The current implementation in the GTK rekey path refers to the default
VLAN group instead of the VLAN to which the STA is bound. For instance,
the GKeyDoneStations count is incorrectly incremented/decremented for
partner links in the default VLAN group always, even when the station
has associated on the non-zero VLAN. This can result in inconsistencies
during GTK rekey for stations connected on non-zero VLAN where the new
group keys are installed to the driver even before they could be
communicated to the stations on these VLANs through a group handshake
message 1.

At all of those places, let the correct VLAN group be referenced based
on the vlan_id to which the station is connected, instead of using the
default VLAN.

Signed-off-by: Sai Pratyusha Magam <smagam@qti.qualcomm.com>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 14ec2494d6d452ac1dfa55ef42f26c948a44e63f..f4319f394331aac8d8049d23cf71994400d4f1c3 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -119,8 +119,14 @@ static void wpa_gkeydone_sta(struct wpa_state_machine *sm)
        sm->GUpdateStationKeys = false;
 
 #ifdef CONFIG_IEEE80211BE
-       for_each_sm_auth(sm, link_id)
-               sm->mld_links[link_id].wpa_auth->group->GKeyDoneStations--;
+       for_each_sm_auth(sm, link_id) {
+               struct wpa_authenticator *partner_auth =
+                       sm->mld_links[link_id].wpa_auth;
+               struct wpa_group *partner_group =
+                       wpa_select_vlan_wpa_group(partner_auth->group,
+                                                 sm->group->vlan_id);
+               partner_group->GKeyDoneStations--;
+       }
 #endif /* CONFIG_IEEE80211BE */
 }
 
@@ -5914,11 +5920,17 @@ static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
        int link_id;
 
        for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) {
+               struct wpa_group *g;
+
                if (!sm->mld_links[link_id].valid)
                        continue;
-               if (sm->mld_links[link_id].wpa_auth &&
-                   sm->mld_links[link_id].wpa_auth->group == ctx) {
-                       group = sm->mld_links[link_id].wpa_auth->group;
+               if (!sm->mld_links[link_id].wpa_auth)
+                       continue;
+               g = wpa_select_vlan_wpa_group(
+                       sm->mld_links[link_id].wpa_auth->group,
+                       sm->group->vlan_id);
+               if (g == ctx) {
+                       group = g;
                        wpa_auth = sm->mld_links[link_id].wpa_auth;
                        break;
                }
@@ -5962,8 +5974,14 @@ static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
 
        sm->group->GKeyDoneStations++;
 #ifdef CONFIG_IEEE80211BE
-       for_each_sm_auth(sm, link_id)
-               sm->mld_links[link_id].wpa_auth->group->GKeyDoneStations++;
+       for_each_sm_auth(sm, link_id) {
+               struct wpa_authenticator *partner_auth =
+                       sm->mld_links[link_id].wpa_auth;
+               struct wpa_group *partner_group =
+                       wpa_select_vlan_wpa_group(partner_auth->group,
+                                                 sm->group->vlan_id);
+               partner_group->GKeyDoneStations++;
+       }
 #endif /* CONFIG_IEEE80211BE */
 
        sm->GUpdateStationKeys = true;
@@ -6296,12 +6314,16 @@ static void wpa_group_sm_step_links(struct wpa_state_machine *sm)
 
        if (!sm || !sm->wpa_auth)
                return;
-       wpa_group_sm_step(sm->wpa_auth, sm->wpa_auth->group);
+       wpa_group_sm_step(sm->wpa_auth, sm->group);
 
 #ifdef CONFIG_IEEE80211BE
        for_each_sm_auth(sm, link_id) {
-               wpa_group_sm_step(sm->mld_links[link_id].wpa_auth,
-                                 sm->mld_links[link_id].wpa_auth->group);
+               struct wpa_authenticator *partner_auth =
+                       sm->mld_links[link_id].wpa_auth;
+               struct wpa_group *partner_group =
+                       wpa_select_vlan_wpa_group(partner_auth->group,
+                                                 sm->group->vlan_id);
+               wpa_group_sm_step(partner_auth, partner_group);
        }
 #endif /* CONFIG_IEEE80211BE */
 }