tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'wireless-2023-10-24' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless

Johannes Berg says:

====================
Three more fixes:
- don't drop all unprotected public action frames since
some don't have a protected dual
- fix pointer confusion in scanning code
- fix warning in some connections with multiple links

* tag 'wireless-2023-10-24' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless:
wifi: mac80211: don't drop all unprotected public action frames
wifi: cfg80211: fix assoc response warning on failed links
wifi: cfg80211: pass correct pointer to rdev_inform_bss()
====================

Link: https://lore.kernel.org/r/20231024103540.19198-2-johannes@sipsolutions.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Jakub Kicinski 00d67093 cd8892c0

+33 -4
+29
include/linux/ieee80211.h
··· 4356 4356 } 4357 4357 4358 4358 /** 4359 + * ieee80211_is_protected_dual_of_public_action - check if skb contains a 4360 + * protected dual of public action management frame 4361 + * @skb: the skb containing the frame, length will be checked 4362 + * 4363 + * Return: true if the skb contains a protected dual of public action 4364 + * management frame, false otherwise. 4365 + */ 4366 + static inline bool 4367 + ieee80211_is_protected_dual_of_public_action(struct sk_buff *skb) 4368 + { 4369 + u8 action; 4370 + 4371 + if (!ieee80211_is_public_action((void *)skb->data, skb->len) || 4372 + skb->len < IEEE80211_MIN_ACTION_SIZE + 1) 4373 + return false; 4374 + 4375 + action = *(u8 *)(skb->data + IEEE80211_MIN_ACTION_SIZE); 4376 + 4377 + return action != WLAN_PUB_ACTION_20_40_BSS_COEX && 4378 + action != WLAN_PUB_ACTION_DSE_REG_LOC_ANN && 4379 + action != WLAN_PUB_ACTION_MSMT_PILOT && 4380 + action != WLAN_PUB_ACTION_TDLS_DISCOVER_RES && 4381 + action != WLAN_PUB_ACTION_LOC_TRACK_NOTI && 4382 + action != WLAN_PUB_ACTION_FTM_REQUEST && 4383 + action != WLAN_PUB_ACTION_FTM_RESPONSE && 4384 + action != WLAN_PUB_ACTION_FILS_DISCOVERY; 4385 + } 4386 + 4387 + /** 4359 4388 * _ieee80211_is_group_privacy_action - check if frame is a group addressed 4360 4389 * privacy action frame 4361 4390 * @hdr: the frame
+1 -2
net/mac80211/rx.c
··· 2468 2468 2469 2469 /* drop unicast public action frames when using MPF */ 2470 2470 if (is_unicast_ether_addr(mgmt->da) && 2471 - ieee80211_is_public_action((void *)rx->skb->data, 2472 - rx->skb->len)) 2471 + ieee80211_is_protected_dual_of_public_action(rx->skb)) 2473 2472 return -EACCES; 2474 2473 } 2475 2474
+2 -1
net/wireless/mlme.c
··· 43 43 44 44 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) { 45 45 cr.links[link_id].status = data->links[link_id].status; 46 + cr.links[link_id].bss = data->links[link_id].bss; 47 + 46 48 WARN_ON_ONCE(cr.links[link_id].status != WLAN_STATUS_SUCCESS && 47 49 (!cr.ap_mld_addr || !cr.links[link_id].bss)); 48 50 49 - cr.links[link_id].bss = data->links[link_id].bss; 50 51 if (!cr.links[link_id].bss) 51 52 continue; 52 53 cr.links[link_id].bssid = data->links[link_id].bss->bssid;
+1 -1
net/wireless/scan.c
··· 2125 2125 if (!res) 2126 2126 goto drop; 2127 2127 2128 - rdev_inform_bss(rdev, &res->pub, ies, data->drv_data); 2128 + rdev_inform_bss(rdev, &res->pub, ies, drv_data->drv_data); 2129 2129 2130 2130 if (data->bss_source == BSS_SOURCE_MBSSID) { 2131 2131 /* this is a nontransmitting bss, we need to add it to