From: Sasha Levin <sashal@kernel.org> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Johannes Berg <johannes.berg@intel.com>, Luca Coelho <luciano.coelho@intel.com>, Sasha Levin <sashal@kernel.org>, linux-wireless@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH AUTOSEL 4.19 578/671] mac80211: accept deauth frames in IBSS mode Date: Thu, 16 Jan 2020 12:03:36 -0500 Message-ID: <20200116170509.12787-315-sashal@kernel.org> (raw) In-Reply-To: <20200116170509.12787-1-sashal@kernel.org> From: Johannes Berg <johannes.berg@intel.com> [ Upstream commit 95697f9907bfe3eab0ef20265a766b22e27dde64 ] We can process deauth frames and all, but we drop them very early in the RX path today - this could never have worked. Fixes: 2cc59e784b54 ("mac80211: reply to AUTH with DEAUTH if sta allocation fails in IBSS") Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Luca Coelho <luciano.coelho@intel.com> Link: https://lore.kernel.org/r/20191004123706.15768-2-luca@coelho.fi Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Sasha Levin <sashal@kernel.org> --- net/mac80211/rx.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index b12f23c996f4..02d0b22d0114 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c @@ -3391,9 +3391,18 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx) case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP): /* process for all: mesh, mlme, ibss */ break; + case cpu_to_le16(IEEE80211_STYPE_DEAUTH): + if (is_multicast_ether_addr(mgmt->da) && + !is_broadcast_ether_addr(mgmt->da)) + return RX_DROP_MONITOR; + + /* process only for station/IBSS */ + if (sdata->vif.type != NL80211_IFTYPE_STATION && + sdata->vif.type != NL80211_IFTYPE_ADHOC) + return RX_DROP_MONITOR; + break; case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP): case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP): - case cpu_to_le16(IEEE80211_STYPE_DEAUTH): case cpu_to_le16(IEEE80211_STYPE_DISASSOC): if (is_multicast_ether_addr(mgmt->da) && !is_broadcast_ether_addr(mgmt->da)) -- 2.20.1
next prev parent reply index Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top [not found] <20200116170509.12787-1-sashal@kernel.org> 2020-01-16 16:58 ` [PATCH AUTOSEL 4.19 290/671] brcmfmac: fix leak of mypkt on error return path Sasha Levin 2020-01-16 16:59 ` [PATCH AUTOSEL 4.19 338/671] ath10k: Fix encoding for protected management frames Sasha Levin 2020-01-16 17:01 ` [PATCH AUTOSEL 4.19 468/671] libertas_tf: Use correct channel range in lbtf_geo_init Sasha Levin 2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 503/671] mac80211: minstrel_ht: fix per-group max throughput rate initialization Sasha Levin 2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 520/671] bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA Sasha Levin 2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 525/671] ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init Sasha Levin 2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 526/671] wcn36xx: use dynamic allocation for large variables Sasha Levin 2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 534/671] rtlwifi: Fix file release memory leak Sasha Levin 2020-01-16 17:03 ` [PATCH AUTOSEL 4.19 548/671] ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet Sasha Levin 2020-01-16 17:03 ` Sasha Levin [this message] 2020-01-16 17:03 ` [PATCH AUTOSEL 4.19 582/671] iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init Sasha Levin 2020-01-16 17:04 ` [PATCH AUTOSEL 4.19 611/671] mt7601u: fix bbp version check in mt7601u_wait_bbp_ready Sasha Levin 2020-01-16 17:04 ` [PATCH AUTOSEL 4.19 616/671] cw1200: Fix a signedness bug in cw1200_load_firmware() Sasha Levin 2020-01-16 17:04 ` [PATCH AUTOSEL 4.19 625/671] rtlwifi: Remove unnecessary NULL check in rtl_regd_init Sasha Levin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200116170509.12787-315-sashal@kernel.org \ --to=sashal@kernel.org \ --cc=johannes.berg@intel.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-wireless@vger.kernel.org \ --cc=luciano.coelho@intel.com \ --cc=netdev@vger.kernel.org \ --cc=stable@vger.kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux-Wireless Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/linux-wireless/0 linux-wireless/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 linux-wireless linux-wireless/ https://lore.kernel.org/linux-wireless \ linux-wireless@vger.kernel.org public-inbox-index linux-wireless Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-wireless AGPL code for this site: git clone https://public-inbox.org/public-inbox.git