From 5c810a8de2e59655f52ea6ef54c88ee4de68468f Mon Sep 17 00:00:00 2001
From: Ben Hutchings <benh@debian.org>
Date: Thu, 7 Jul 2022 19:10:21 +0200
Subject: [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
 CONFIG_ANDROID=y

WireGuard assumes that CONFIG_ANDROID implies Android power
management, i.e. user-space suspending the system automatically at
short intervals, and so does not clear keys after a suspend/resume
cycle.  Debian systems don't do that kind of power management but we
do set CONFIG_ANDROID on some architectures as a dependency of Binder.

Remove this test that does the wrong thing for us.
---
 debian/changelog                                   |  2 ++
 .../all/wireguard-ignore-config_android.patch      | 29 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 32 insertions(+)
 create mode 100644 debian/patches/bugfix/all/wireguard-ignore-config_android.patch

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index d36a32d48..18d24b12c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -294,6 +294,8 @@ linux (5.18.8-1) UNRELEASED; urgency=medium
     binutils 2.38.50
   * tools/perf: Fix "unused parameter" warning introduced by "tools/perf:
     pmu-events: Fix reproducibility"
+  * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
+    CONFIG_ANDROID=y
 
   [ Vincent Blut ]
   * [armhf] drivers/crypto/caam: Enable CRYPTO_DEV_FSL_CAAM as module
diff --git a/debian/patches/bugfix/all/wireguard-ignore-config_android.patch b/debian/patches/bugfix/all/wireguard-ignore-config_android.patch
new file mode 100644
index 000000000..4c1cb9491
--- /dev/null
+++ b/debian/patches/bugfix/all/wireguard-ignore-config_android.patch
@@ -0,0 +1,29 @@
+From: Ben Hutchings <benh@debian.org>
+Date: Thu, 07 Jul 2022 18:58:43 +0200
+Subject: wireguard: Clear keys after suspend despite CONFIG_ANDROID=y
+Forwarded: not-needed
+
+WireGuard assumes that CONFIG_ANDROID implies Android power
+management, i.e. user-space suspending the system automatically at
+short intervals, and so does not clear keys after a suspend/resume
+cycle.  Debian systems don't do that kind of power management but we
+do set CONFIG_ANDROID on some architectures as a dependency of Binder.
+
+In 5.20, CONFIG_PM_USERSPACE_AUTOSLEEP will be introduced to tell the
+kernel that this kind of power management is in use, and
+CONFIG_ANDROID will be removed.  For now, remove this one test that
+does the wrong thing for us.
+
+References: https://lwn.net/Articles/899743/
+---
+--- a/drivers/net/wireguard/device.c
++++ b/drivers/net/wireguard/device.c
+@@ -69,7 +69,7 @@ static int wg_pm_notification(struct not
+ 	 * its normal operation rather than as a somewhat rare event, then we
+ 	 * don't actually want to clear keys.
+ 	 */
+-	if (IS_ENABLED(CONFIG_PM_AUTOSLEEP) || IS_ENABLED(CONFIG_ANDROID))
++	if (IS_ENABLED(CONFIG_PM_AUTOSLEEP))
+ 		return 0;
+ 
+ 	if (action != PM_HIBERNATION_PREPARE && action != PM_SUSPEND_PREPARE)
diff --git a/debian/patches/series b/debian/patches/series
index d967e708b..550311549 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -79,6 +79,7 @@ features/x86/x86-make-x32-syscall-support-conditional.patch
 # Miscellaneous bug fixes
 bugfix/all/disable-some-marvell-phys.patch
 bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch
+bugfix/all/wireguard-ignore-config_android.patch
 
 # Miscellaneous features
 
-- 
cgit v1.2.3