freebsd-nq/sys
Adrian Chadd 2172664c4b [net80211] Use the unicast key when transmitting DWDS AP multicast frames.
I'm still not sure whether this is the full solution, but here goes.

I have a two node DWDS setup - a main AP with the ethernet bridge uplink
and a satellite AP in the back of the house. They're both AR9344+AR9580
dual band 11n APs.

The problem was that multicast frames was not going from the DWDS AP to
the DWDS STA. Unicast frames are fine, and multicast frames from the
DWDS STA to AP are fine.

Now, multicast and unicast frames from the STA -> AP are just transmitted
using the unicast key.  That's fine.  However, the AP -> STA multicast
frames by default are transmitted using the current default / multicast
key, the shared one between all STAs in a BSS.  Now, the DWDS implementation
ignores non WDS frames - it only allows about 4 address frames outside
of management / EAPOL frames! - so the STA side ignores the normal multicast
frames.

Instead, the AP side uses ieee80211_dwds_mcast() to send multicast frames
to each WDS VAP that was created as part of the "dynamic" part of DWDS.
This should be queuing them individually to each node instead of using
the normal multicast send path; and this is how they should get turned into
4-addr WDS frames.

HOWEVER, ieee80211_encap() was trying to use the default TX key to queue
them rather than the unicast key that's already setup.  Since this synthetic
node doesn't have the default TX key setup, transmission fails.  Things
would be fine in WEP and in open mode because in both cases you would
have static keys (or no keys) setup.  It just fails in WPA mode.

This resolves the issue.  AP DWDS multicast is now sent using the unicast
key just like in STA mode and I'm pretty sure the STA mode side will stil
work fine (as it's a STA VAP with a DWDS flag..)

Tested:

* TL-WDR3600/4300 APs
2020-05-08 17:01:33 +00:00
..
amd64 Reinitialize thread0's stack base after enabling XSAVE. 2020-05-08 14:38:48 +00:00
arm arm: Don't enable interrupts in init_secondary(). 2020-05-06 15:10:05 +00:00
arm64 Simplify arm64's pmap_bootstrap() a bit. 2020-05-06 15:01:06 +00:00
bsm bsm: add AUE_CLOSERANGE 2020-04-24 01:27:25 +00:00
cam Fix a memory leak for ENCIOC_GETSTRING I introduced in r360171. 2020-05-08 16:41:23 +00:00
cddl Avoid the GEOM topology lock recursion when we automatically expand a pool. 2020-04-25 21:45:31 +00:00
compat linuxkpi: Add pci_iomap and pci_iounmap 2020-05-07 17:00:51 +00:00
conf [PowerPC] kernel ifunc support for powerpc*, fix ppc64 relocation oddities. 2020-05-07 19:32:49 +00:00
contrib MFV: r360512 2020-05-01 01:26:36 +00:00
crypto ccp: add a new hardware ID, found on AMD Ryzen 3 3200U 2020-04-24 10:20:54 +00:00
ddb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
dev Set PCM_CAP_VIRTUAL for virtual DSP devices. 2020-05-07 18:15:35 +00:00
dts allwinner: aw_thermal: Cope with DTS changes 2020-04-14 19:05:17 +00:00
fs Remove APPLEKEXT ifndefs 2020-05-08 14:39:38 +00:00
gdb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
geom Add g_topology_locked() macro that returns true if we already hold the GEOM 2020-04-25 21:41:09 +00:00
gnu dts: Import DTS from Linux 5.6 2020-04-14 18:57:00 +00:00
i386 Remove an obsolete TODO comment from several minidump implementations. 2020-04-24 18:47:42 +00:00
isa
kern [PowerPC] kernel ifunc support for powerpc*, fix ppc64 relocation oddities. 2020-05-07 19:32:49 +00:00
kgssapi Remove support for Kernel GSS algorithms deprecated in r348875. 2020-04-10 23:08:41 +00:00
libkern Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
mips Fix a race in pmap_emulate_modified(). 2020-04-24 21:21:49 +00:00
modules Initial support for bhyve save and restore. 2020-05-05 00:02:04 +00:00
net Add rib_lookup() sockaddr lookup wrapper and make ifa_ifwithroute use it. 2020-05-07 08:11:36 +00:00
net80211 [net80211] Use the unicast key when transmitting DWDS AP multicast frames. 2020-05-08 17:01:33 +00:00
netgraph Add le_read_buffer_size command and manpage. 2020-04-28 16:00:34 +00:00
netinet When in the SYN-SENT state bbr and rack will not properly send an ACK but instead start the D-ACK timer. This 2020-05-07 20:29:38 +00:00
netinet6 Remove now-unused rt_ifp,rt_ifa,rt_gateway,rt_mtu rte fields. 2020-05-04 14:31:45 +00:00
netipsec Don't pass bogus keys down for NULL algorithms. 2020-05-02 01:00:29 +00:00
netpfil pf: Improve DIOCADDRULE validation 2020-05-03 16:09:35 +00:00
netsmb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
nfs Remove rtable dumping code from bootp. 2020-04-28 07:23:41 +00:00
nfsclient
nfsserver
nlm Make nfslockd depend on xdr. 2020-04-23 09:37:22 +00:00
ofed Convert OFED rtable interactions to the new routing KPI. 2020-04-15 13:06:55 +00:00
opencrypto Use a lookup table of algorithm types for alg_is_* helpers. 2020-05-04 22:31:38 +00:00
powerpc [PowerPC] kernel ifunc support for powerpc*, fix ppc64 relocation oddities. 2020-05-07 19:32:49 +00:00
riscv Use the HSM SBI extension to halt CPUs 2020-05-01 21:59:47 +00:00
rpc Split XDR into separate kernel module. Make krpc depend on xdr. 2020-04-17 06:04:20 +00:00
security audit_canon_path_vp: don't panic if cdir == NULL 2020-04-17 02:09:31 +00:00
sys Bump __FreeBSD_version after linuxkpi changes 2020-05-07 19:51:53 +00:00
teken
tests Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
tools
ufs Retire two unused background fsck sysctls. 2020-04-21 17:42:32 +00:00
vm Re-check for wirings after busying the page in vm_page_release_locked(). 2020-04-28 13:51:41 +00:00
x86 Fix handling of NMIs from unknown sources (BMC, hypervisor) 2020-04-26 00:41:29 +00:00
xdr Split XDR into separate kernel module. Make krpc depend on xdr. 2020-04-17 06:04:20 +00:00
xen Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (16 of many) 2020-02-25 19:04:39 +00:00
Makefile Remove sparc64 kernel support 2020-02-03 17:35:11 +00:00