From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Johannes Berg <johannes.berg@intel.com>,
Luca Coelho <luciano.coelho@intel.com>,
Sasha Levin <sashal@kernel.org>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 4.19 578/671] mac80211: accept deauth frames in IBSS mode
Date: Thu, 16 Jan 2020 12:03:36 -0500
Message-ID: <20200116170509.12787-315-sashal@kernel.org> (raw)
In-Reply-To: <20200116170509.12787-1-sashal@kernel.org>
From: Johannes Berg <johannes.berg@intel.com>
[ Upstream commit 95697f9907bfe3eab0ef20265a766b22e27dde64 ]
We can process deauth frames and all, but we drop them very
early in the RX path today - this could never have worked.
Fixes: 2cc59e784b54 ("mac80211: reply to AUTH with DEAUTH if sta allocation fails in IBSS")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Link: https://lore.kernel.org/r/20191004123706.15768-2-luca@coelho.fi
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/mac80211/rx.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index b12f23c996f4..02d0b22d0114 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -3391,9 +3391,18 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP):
/* process for all: mesh, mlme, ibss */
break;
+ case cpu_to_le16(IEEE80211_STYPE_DEAUTH):
+ if (is_multicast_ether_addr(mgmt->da) &&
+ !is_broadcast_ether_addr(mgmt->da))
+ return RX_DROP_MONITOR;
+
+ /* process only for station/IBSS */
+ if (sdata->vif.type != NL80211_IFTYPE_STATION &&
+ sdata->vif.type != NL80211_IFTYPE_ADHOC)
+ return RX_DROP_MONITOR;
+ break;
case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):
case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):
- case cpu_to_le16(IEEE80211_STYPE_DEAUTH):
case cpu_to_le16(IEEE80211_STYPE_DISASSOC):
if (is_multicast_ether_addr(mgmt->da) &&
!is_broadcast_ether_addr(mgmt->da))
--
2.20.1
next prev parent reply index
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20200116170509.12787-1-sashal@kernel.org>
2020-01-16 16:58 ` [PATCH AUTOSEL 4.19 290/671] brcmfmac: fix leak of mypkt on error return path Sasha Levin
2020-01-16 16:59 ` [PATCH AUTOSEL 4.19 338/671] ath10k: Fix encoding for protected management frames Sasha Levin
2020-01-16 17:01 ` [PATCH AUTOSEL 4.19 468/671] libertas_tf: Use correct channel range in lbtf_geo_init Sasha Levin
2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 503/671] mac80211: minstrel_ht: fix per-group max throughput rate initialization Sasha Levin
2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 520/671] bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA Sasha Levin
2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 525/671] ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init Sasha Levin
2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 526/671] wcn36xx: use dynamic allocation for large variables Sasha Levin
2020-01-16 17:02 ` [PATCH AUTOSEL 4.19 534/671] rtlwifi: Fix file release memory leak Sasha Levin
2020-01-16 17:03 ` [PATCH AUTOSEL 4.19 548/671] ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet Sasha Levin
2020-01-16 17:03 ` Sasha Levin [this message]
2020-01-16 17:03 ` [PATCH AUTOSEL 4.19 582/671] iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init Sasha Levin
2020-01-16 17:04 ` [PATCH AUTOSEL 4.19 611/671] mt7601u: fix bbp version check in mt7601u_wait_bbp_ready Sasha Levin
2020-01-16 17:04 ` [PATCH AUTOSEL 4.19 616/671] cw1200: Fix a signedness bug in cw1200_load_firmware() Sasha Levin
2020-01-16 17:04 ` [PATCH AUTOSEL 4.19 625/671] rtlwifi: Remove unnecessary NULL check in rtl_regd_init Sasha Levin
Reply instructions:
You may reply publically to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200116170509.12787-315-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=johannes.berg@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=luciano.coelho@intel.com \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Linux-Wireless Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lore.kernel.org/linux-wireless/0 linux-wireless/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 linux-wireless linux-wireless/ https://lore.kernel.org/linux-wireless \
linux-wireless@vger.kernel.org
public-inbox-index linux-wireless
Example config snippet for mirrors
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/org.kernel.vger.linux-wireless
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git