On Tue, Apr 27, 2021 at 11:32:49PM +0200, Stefan Sperling wrote:
> On Tue, Apr 27, 2021 at 06:36:32PM +0000, Mikolaj Kucharski wrote:
> > I got it again, but had official snapshot, so I don't have more info
> > than I had in the past, but I would like to share it anyway..
>
> > ddb{0}> show panic
> > ieee80211_encrypt: key unset for sw crypto: 0
>
> It would be nice to have more information about the bad key.
> Could you run with this?
Here is another shot in the dark.
The patch below ensures that we don't attempt to send data frames
to nodes that aren't in associated state anymore. The node's crypto
keys would already have been cleared which would explain the panic.
Do you ever see this new printf trigger?
diff 87962d75d1c1a416b89e927cd4ab8e3327a47509 /usr/src
blob - 58f654273f7ea0cc3c04e0a60d5e5e6a33296dc0
file + sys/net80211/ieee80211_output.c
--- sys/net80211/ieee80211_output.c
+++ sys/net80211/ieee80211_output.c
@@ -556,6 +556,16 @@ ieee80211_encap(struct ifnet *ifp, struct mbuf *m, str
goto bad;
}
+#ifndef IEEE80211_STA_ONLY
+ if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
+ ni->ni_state != IEEE80211_STA_ASSOC) {
+ printf("%s: data frame for node %s in state %d\n",
+ __func__, ether_sprintf(ni->ni_macaddr), ni->ni_state);
+ ic->ic_stats.is_tx_nonode++;
+ goto bad;
+ }
+#endif
+
if ((ic->ic_flags & IEEE80211_F_RSNON) &&
!ni->ni_port_valid &&
eh.ether_type != htons(ETHERTYPE_PAE)) {
