On Tue, May 26, 2020 at 10:37:09AM +0200, Stefan Sperling wrote:
>
> I don't yet have a definite idea what could cause this.
> I did however notice a problem which may be related. Could you try this diff?
I'm running below diff, with small change:
if (rekeysta == 0) {
printf("XXX %s() [%s|%d] rekeysta == 0\n", __FUNCTION__,
__FILE__, __LINE__);
ieee80211_setkeysdone(ic);
}
Access point has a bit over 1 hour of uptime and so far no XXX entries
in dmesg nor in /var/log/messages.
I will leave it for couple of days. If you want me to run your vanilla
diff and to remove above printf I can do that, no problem.
> diff 3247d7f3b53b75bbaf4356f06f34208638ba213d /usr/src
> blob - b44405af41448849059a4558c55bd182f823c1df
> file + sys/net80211/ieee80211_proto.c
> --- sys/net80211/ieee80211_proto.c
> +++ sys/net80211/ieee80211_proto.c
> @@ -433,6 +433,7 @@ ieee80211_setkeys(struct ieee80211com *ic)
> {
> struct ieee80211_key *k;
> u_int8_t kid;
> + int rekeysta;
>
> /* Swap(GM, GN) */
> kid = (ic->ic_def_txkey == 1) ? 2 : 1;
> @@ -457,6 +458,9 @@ ieee80211_setkeys(struct ieee80211com *ic)
> }
>
> ieee80211_iterate_nodes(ic, ieee80211_node_gtk_rekey, ic);
> + ieee80211_iterate_nodes(ic, ieee80211_count_rekeysta, &rekeysta);
> + if (rekeysta == 0)
> + ieee80211_setkeysdone(ic);
> }
>
> /*
> @@ -466,6 +470,12 @@ void
> ieee80211_setkeysdone(struct ieee80211com *ic)
> {
> u_int8_t kid;
> +
> + /*
> + * Discard frames buffered for power-saving which were encrypted with
> + * the old group key. Clients are no longer able to decrypt them.
> + */
> + mq_purge(&ic->ic_bss->ni_savedq);
>
> /* install GTK */
> kid = (ic->ic_def_txkey == 1) ? 2 : 1;
--
Regards,
Mikolaj
