wifi: mac80211: fix key tailroom accounting leak

For keys added by ieee80211_gtk_rekey_add(), we assume that
they're already present in the hardware and set the flag
KEY_FLAG_UPLOADED_TO_HARDWARE. However, setting this flag
needs to be paired with decrementing the tailroom needed,
which was missed.

Fixes: f52a0b408ed1 ("wifi: mac80211: mark keys as uploaded when added by the driver")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://patch.msgid.link/20251019115358.c88eafb4083e.I69e9d4d78a756a133668c55b5570cf15a4b0e6a4@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index b14e9cd9713ff231774932079d6e48bb5e71baae..d5da7ccea66e0f53e7544124af4b9ed2abe0a8f1 100644 (file)
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -508,11 +508,16 @@ static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
                                ret = ieee80211_key_enable_hw_accel(new);
                }
        } else {
-               if (!new->local->wowlan)
+               if (!new->local->wowlan) {
                        ret = ieee80211_key_enable_hw_accel(new);
-               else if (link_id < 0 || !sdata->vif.active_links ||
-                        BIT(link_id) & sdata->vif.active_links)
+               } else if (link_id < 0 || !sdata->vif.active_links ||
+                        BIT(link_id) & sdata->vif.active_links) {
                        new->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
+                       if (!(new->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
+                                                IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
+                                                IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
+                               decrease_tailroom_need_count(sdata, 1);
+               }
        }
 
        if (ret)