1. 31 7月, 2019 2 次提交
  2. 29 7月, 2019 2 次提交
  3. 20 6月, 2019 1 次提交
  4. 19 6月, 2019 1 次提交
  5. 14 6月, 2019 2 次提交
  6. 24 5月, 2019 1 次提交
    • Y
      mac80211: handle deauthentication/disassociation from TDLS peer · 79c92ca4
      Yu Wang 提交于
      When receiving a deauthentication/disassociation frame from a TDLS
      peer, a station should not disconnect the current AP, but only
      disable the current TDLS link if it's enabled.
      
      Without this change, a TDLS issue can be reproduced by following the
      steps as below:
      
      1. STA-1 and STA-2 are connected to AP, bidirection traffic is running
         between STA-1 and STA-2.
      2. Set up TDLS link between STA-1 and STA-2, stay for a while, then
         teardown TDLS link.
      3. Repeat step #2 and monitor the connection between STA and AP.
      
      During the test, one STA may send a deauthentication/disassociation
      frame to another, after TDLS teardown, with reason code 6/7, which
      means: Class 2/3 frame received from nonassociated STA.
      
      On receive this frame, the receiver STA will disconnect the current
      AP and then reconnect. It's not a expected behavior, purpose of this
      frame should be disabling the TDLS link, not the link with AP.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NYu Wang <yyuwang@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      79c92ca4
  7. 26 4月, 2019 1 次提交
    • S
      mac80211/cfg80211: update bss channel on channel switch · 5dc8cdce
      Sergey Matyukevich 提交于
      FullMAC STAs have no way to update bss channel after CSA channel switch
      completion. As a result, user-space tools may provide inconsistent
      channel info. For instance, consider the following two commands:
      $ sudo iw dev wlan0 link
      $ sudo iw dev wlan0 info
      The latter command gets channel info from the hardware, so most probably
      its output will be correct. However the former command gets channel info
      from scan cache, so its output will contain outdated channel info.
      In fact, current bss channel info will not be updated until the
      next [re-]connect.
      
      Note that mac80211 STAs have a workaround for this, but it requires
      access to internal cfg80211 data, see ieee80211_chswitch_work:
      
      	/* XXX: shouldn't really modify cfg80211-owned data! */
      	ifmgd->associated->channel = sdata->csa_chandef.chan;
      
      This patch suggests to convert mac80211 workaround into cfg80211 behavior
      and to update current bss channel in cfg80211_ch_switch_notify.
      Signed-off-by: NSergey Matyukevich <sergey.matyukevich.os@quantenna.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      5dc8cdce
  8. 22 2月, 2019 6 次提交
  9. 08 2月, 2019 3 次提交
  10. 18 12月, 2018 4 次提交
  11. 09 11月, 2018 1 次提交
  12. 11 10月, 2018 3 次提交
    • J
      mac80211: Extend SAE authentication in infra BSS STA mode · efb543e6
      Jouni Malinen 提交于
      Previous implementation of SAE authentication in infrastructure BSS was
      somewhat restricting and not exactly clean way of handling the two
      auth() operations. This ended up removing and re-adding the STA entry
      for the AP in the middle of authentication and also messing up
      authentication state tracking through the sequence of four
      Authentication frames. Furthermore, this did not work if the AP ended up
      sending out SAE Confirm (auth trans #2) immediately after SAE Commit
      (auth trans #1) before the station had time to transmit its SAE Confirm.
      
      Clean up authentication state handling for the SAE case to allow two
      rounds of auth() calls without dropping all state between those
      operations. Track peer Confirmed status and mark authentication
      completed only once both ends have confirmed.
      
      ieee80211_mgd_auth() check for EBUSY cases is now handling only the
      pending association (ifmgd->assoc_data) while all pending authentication
      (ifmgd->auth_data) cases are allowed to proceed to allow user space to
      start a new connection attempt from scratch even if the previously
      requested authentication is still waiting completion. This is needed to
      avoid making SAE error cases with retries take excessive amount of time
      with no means for the user space to stop that (apart from setting the
      netdev down).
      
      As an extra bonus, the end of ieee80211_rx_mgmt_auth() can be cleaned up
      to avoid the extra copy of the cfg80211_rx_mlme_mgmt() call for ongoing
      SAE authentication since the new ieee80211_mark_sta_auth() helper
      function can handle both completion of authentication and updates to the
      STA entry under the same condition and there is no need to return from
      the function between those operations.
      Signed-off-by: NJouni Malinen <jouni@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      efb543e6
    • J
      mac80211: Move ieee80211_mgd_auth() EBUSY check to be before allocation · 8d7432a2
      Jouni Malinen 提交于
      This makes it easier to conditionally replace full allocation of
      auth_data to use reallocation for the case of continuing SAE
      authentication. Furthermore, there was not really any point in having
      this check done so late in the function after having already completed
      number of steps that cannot be used anyway in the error case.
      Signed-off-by: NJouni Malinen <jouni@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      8d7432a2
    • J
      mac80211: Helper function for marking STA authenticated · fc107a93
      Jouni Malinen 提交于
      Authentication exchange can be completed in both TX and RX paths for
      SAE, so move this common functionality into a helper function to avoid
      having to implement practically the same operations in two places when
      extending SAE implementation in the following commits.
      Signed-off-by: NJouni Malinen <jouni@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      fc107a93
  13. 05 9月, 2018 2 次提交
  14. 03 9月, 2018 2 次提交
  15. 29 6月, 2018 2 次提交
    • J
      mac80211: remove unnecessary NULL check · f0c0407d
      Johannes Berg 提交于
      We don't need to check if he_oper is NULL before calling
      ieee80211_verify_sta_he_mcs_support() as it - now - will
      correctly check this itself. Remove the redundant check.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      f0c0407d
    • G
      mac80211: fix potential null pointer dereference · 47aa7861
      Gustavo A. R. Silva 提交于
      he_op is being dereferenced before it is null checked, hence there
      is a potential null pointer dereference.
      
      Fix this by moving the pointer dereference after he_op has been
      properly null checked.
      
      Notice that, currently, he_op is already being null checked before
      calling this function at 4593:
      
      4593	if (!he_oper ||
      4594	    !ieee80211_verify_sta_he_mcs_support(sband, he_oper))
      4595		ifmgd->flags |= IEEE80211_STA_DISABLE_HE;
      
      but in case ieee80211_verify_sta_he_mcs_support is ever called
      without verifying he_oper is not null, we will end up having a
      null pointer dereference. So, we better don't take any chances.
      
      Addresses-Coverity-ID: 1470068 ("Dereference before null check")
      Signed-off-by: NGustavo A. R. Silva <gustavo@embeddedor.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      47aa7861
  16. 19 6月, 2018 1 次提交
  17. 15 6月, 2018 2 次提交
  18. 23 5月, 2018 1 次提交
  19. 07 5月, 2018 1 次提交
  20. 19 4月, 2018 1 次提交
  21. 29 3月, 2018 1 次提交