* [PATCH] mac80211: match only assigned bss in sta_info_get_bss
@ 2010-09-14 19:34 Johannes Berg
2010-11-15 20:30 ` Jouni Malinen
0 siblings, 1 reply; 3+ messages in thread
From: Johannes Berg @ 2010-09-14 19:34 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless, Ben Greear
From: Johannes Berg <johannes.berg@intel.com>
sta_info_get_bss() is used to match STA pointers
for VLAN/AP interfaces, but if the same station
is also added to multiple other interfaces it
will erroneously match because both pointers are
NULL, fix this by ignoring NULL pointers here.
Reported-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
net/mac80211/sta_info.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- wireless-testing.orig/net/mac80211/sta_info.c 2010-09-14 21:31:06.000000000 +0200
+++ wireless-testing/net/mac80211/sta_info.c 2010-09-14 21:31:24.000000000 +0200
@@ -125,7 +125,7 @@ struct sta_info *sta_info_get_bss(struct
lockdep_is_held(&local->sta_mtx));
while (sta) {
if ((sta->sdata == sdata ||
- sta->sdata->bss == sdata->bss) &&
+ (sta->sdata->bss && sta->sdata->bss == sdata->bss)) &&
memcmp(sta->sta.addr, addr, ETH_ALEN) == 0)
break;
sta = rcu_dereference_check(sta->hnext,
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] mac80211: match only assigned bss in sta_info_get_bss
2010-09-14 19:34 [PATCH] mac80211: match only assigned bss in sta_info_get_bss Johannes Berg
@ 2010-11-15 20:30 ` Jouni Malinen
2010-11-15 21:41 ` Johannes Berg
0 siblings, 1 reply; 3+ messages in thread
From: Jouni Malinen @ 2010-11-15 20:30 UTC (permalink / raw)
To: Johannes Berg; +Cc: John Linville, linux-wireless, Ben Greear
On Tue, Sep 14, 2010 at 09:34:14PM +0200, Johannes Berg wrote:
> sta_info_get_bss() is used to match STA pointers
> for VLAN/AP interfaces, but if the same station
> is also added to multiple other interfaces it
> will erroneously match because both pointers are
> NULL, fix this by ignoring NULL pointers here.
> @@ -125,7 +125,7 @@ struct sta_info *sta_info_get_bss(struct
> lockdep_is_held(&local->sta_mtx));
> while (sta) {
> if ((sta->sdata == sdata ||
> - sta->sdata->bss == sdata->bss) &&
> + (sta->sdata->bss && sta->sdata->bss == sdata->bss)) &&
This (commit a2c1e3dad516618cb0fbfb1a62c36d0b0744573a) seems to cause
some changes that may not have been intended.. I'm not sure whether to
call them all regressions, but it does break my 802.11w test setup.. ;-)
With this change in place, robust management frames injected on a cooked
monitor interface do not get protected by mac80211 in station mode
(i.e., PMF in use on wlan0 and PTK in place; use mon0 to inject a
frame) while they used to get protected before this change. Reverting
this on top of wireless-testing.git now gets the old behavior back, too.
I have not verified whether this applies to other uses of cooked monitor
(e.g., Data frames or AP mode where Shared Key auth actually expects
injected frame to get protected in normal, non-testing-only use case).
Is this a bug? Or do I need to figure out another way of getting the
frames injected on a monitor interface encrypted by mac80211?
--
Jouni Malinen PGP id EFC895FA
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] mac80211: match only assigned bss in sta_info_get_bss
2010-11-15 20:30 ` Jouni Malinen
@ 2010-11-15 21:41 ` Johannes Berg
0 siblings, 0 replies; 3+ messages in thread
From: Johannes Berg @ 2010-11-15 21:41 UTC (permalink / raw)
To: Jouni Malinen; +Cc: John Linville, linux-wireless, Ben Greear
On Mon, 15 Nov 2010 22:30:48 +0200, Jouni Malinen <j@w1.fi> wrote:
> This (commit a2c1e3dad516618cb0fbfb1a62c36d0b0744573a) seems to cause
> some changes that may not have been intended.. I'm not sure whether to
> call them all regressions, but it does break my 802.11w test setup.. ;-)
>
> With this change in place, robust management frames injected on a cooked
> monitor interface do not get protected by mac80211 in station mode
> (i.e., PMF in use on wlan0 and PTK in place; use mon0 to inject a
> frame) while they used to get protected before this change. Reverting
> this on top of wireless-testing.git now gets the old behavior back, too.
> I have not verified whether this applies to other uses of cooked monitor
> (e.g., Data frames or AP mode where Shared Key auth actually expects
> injected frame to get protected in normal, non-testing-only use case).
>
> Is this a bug? Or do I need to figure out another way of getting the
> frames injected on a monitor interface encrypted by mac80211?
It's a bug. I suspect we set up the sta pointer first, and then the
sdata pointer (when injecting) where if we do it the other way around
it should work fine.
johannes
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-11-15 21:41 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-09-14 19:34 [PATCH] mac80211: match only assigned bss in sta_info_get_bss Johannes Berg
2010-11-15 20:30 ` Jouni Malinen
2010-11-15 21:41 ` Johannes Berg
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.