mac80211: clear vif private data in order to fix accidental reuse

Fixes potential issues when bringing an interface down and then up again

Signed-off-by: Felix Fietkau <[email protected]>

package/kernel/mac80211/patches/subsys/306-wifi-mac80211-clear-vif-drv_priv-after-calling-remov.patch

@@ -0,0 +1,29 @@
+From: Felix Fietkau <[email protected]>
+Date: Wed, 3 Jul 2024 12:10:01 +0200
+Subject: [PATCH] wifi: mac80211: clear vif drv_priv after calling
+ remove_interface
+
+Avoid reusing stale driver data when an interface is brought down and up
+again. In order to avoid having to duplicate the memset in every single
+driver, do it here.
+
+Signed-off-by: Felix Fietkau <[email protected]>
+---
+
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -684,8 +684,12 @@ static void ieee80211_do_stop(struct iee
+ 
+ 		fallthrough;
+ 	default:
+-		if (going_down)
+-			drv_remove_interface(local, sdata);
++		if (!going_down)
++			break;
++		drv_remove_interface(local, sdata);
++
++		/* Clear private driver data to prevent reuse */
++		memset(sdata->vif.drv_priv, 0, local->hw.vif_data_size);
+ 	}
+ 
+ 	ieee80211_recalc_ps(local);

package/kernel/mac80211/patches/subsys/333-wifi-mac80211-extend-IEEE80211_KEY_FLAG_GENERATE_MMI.patch

@@ -15,7 +15,7 @@ Signed-off-by: Johannes Berg <[email protected]>
 
 --- a/include/net/mac80211.h
 +++ b/include/net/mac80211.h
-@@ -2032,8 +2032,8 @@ static inline bool lockdep_vif_mutex_hel
+@@ -2037,8 +2037,8 @@ static inline bool lockdep_vif_mutex_hel
   *	@IEEE80211_KEY_FLAG_GENERATE_MMIC on the same key.
   * @IEEE80211_KEY_FLAG_NO_AUTO_TX: Key needs explicit Tx activation.
   * @IEEE80211_KEY_FLAG_GENERATE_MMIE: This flag should be set by the driver