1. 13 3月, 2012 8 次提交
  2. 08 3月, 2012 1 次提交
    • P
      mac80211: Filter duplicate IE ids · fcff4f10
      Paul Stewart 提交于
      mac80211 is lenient with respect to reception of corrupted beacons.
      Even if the frame is corrupted as a whole, the available IE elements
      are still passed back and accepted, sometimes replacing legitimate
      data.  It is unknown to what extent this "feature" is made use of,
      but it is clear that in some cases, this is detrimental.  One such
      case is reported in http://crosbug.com/26832 where an AP corrupts
      its beacons but not its probe responses.
      
      One approach would be to completely reject frames with invaid data
      (for example, if the last tag extends beyond the end of the enclosing
      PDU).  The enclosed approach is much more conservative: we simply
      prevent later IEs from overwriting the state from previous ones.
      This approach hopes that there might be some salient data in the
      IE stream before the corruption, and seeks to at least prevent that
      data from being overwritten.  This approach will fix the case above.
      
      Further, we flag element structures that contain data we think might
      be corrupted, so that as we fill the mac80211 BSS structure, we try
      not to replace data from an un-corrupted probe response with that
      of a corrupted beacon, for example.
      
      Short of any statistics gathering in the various forms of AP breakage,
      it's not possible to ascertain the side effects of more stringent
      discarding of data.
      Signed-off-by: NPaul Stewart <pstew@chromium.org>
      Cc: Sam Leffler <sleffler@chromium.org>
      Cc: Eliad Peller <eliad@wizery.com>
      Acked-by: NJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      fcff4f10
  3. 06 3月, 2012 2 次提交
  4. 01 3月, 2012 4 次提交
  5. 28 2月, 2012 4 次提交
  6. 07 2月, 2012 4 次提交
    • J
      mac80211: redesign auth/assoc · 66e67e41
      Johannes Berg 提交于
      This is the second part of the auth/assoc redesign,
      the mac80211 part. This moves the auth/assoc code
      out of the work abstraction and into the MLME, so
      that we don't flip channels all the time etc.
      
      The only downside is that when we are associated,
      we need to drop the association in order to create
      a connection to another AP, but for most drivers
      this is actually desirable and the ability to do
      was never used by any applications. If we want to
      implement resource reservation with FT-OTA, we'd
      probably best do it with explicit R-O-C in wpa_s.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      66e67e41
    • J
      cfg80211: stop tracking authenticated state · 95de817b
      Johannes Berg 提交于
      To track authenticated state seems to have been
      a design mistake in cfg80211. It is possible to
      have out of band authentication (FT), tracking
      multiple authentications caused more problems
      than it ever helped, and the implementation in
      mac80211 is too complex.
      
      Remove all this complexity, and let userspace
      do whatever it wants to, mac80211 can deal with
      that just fine. Association is still tracked of
      course, but authentication no longer is. Local
      auth state changes are thus no longer of value,
      so ignore them completely.
      
      This will also help implement SAE -- asking the
      driver to do an authentication is now almost
      equivalent to sending an authentication frame,
      with the exception of shared key authentication
      which is still handled completely.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      95de817b
    • J
      mac80211: remove dummy STA support · 7852e361
      Johannes Berg 提交于
      The dummy STA support was added because I didn't
      want to change the driver API at the time. Now
      that we have state transitions triggering station
      add/remove in the driver, we only call add once a
      station reaches ASSOCIATED, so we can remove the
      dummy station stuff again.
      
      While at it, tighten the RX check and accept only
      port control (EAP) frames from the AP station if
      it's not associated yet -- in other cases there's
      no race.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      7852e361
    • J
      mac80211: move managed mode station state modification · c8987876
      Johannes Berg 提交于
      Move the station state modification right before insert,
      this just makes the current code more readable (you can
      tell that it's before insertion looking at a single
      screenful of code) right now, but some upcoming changes
      will require this.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      c8987876
  7. 31 1月, 2012 1 次提交
    • J
      mac80211: station state transition error handling · 83d5cc01
      Johannes Berg 提交于
      In the future, when we start notifying drivers,
      state transitions could potentially fail. To make
      it easier to distinguish between programming bugs
      and driver failures:
       * rename sta_info_move_state() to
         sta_info_pre_move_state() which can only be
         called before the station is inserted (and
         check this with a new station flag).
       * rename sta_info_move_state_checked() to just
         plain sta_info_move_state(), as it will be
         the regular function that can fail for more
         than just one reason (bad transition or an
         error from the driver)
      
      This makes the programming model easier -- one of
      the functions can only be called before insertion
      and can't fail, the other can fail.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      83d5cc01
  8. 28 1月, 2012 2 次提交
  9. 25 1月, 2012 1 次提交
  10. 19 1月, 2012 1 次提交
    • J
      mac80211: fix work removal on deauth request · bc4934bc
      Johannes Berg 提交于
      When deauth is requested while an auth or assoc
      work item is in progress, we currently delete it
      without regard for any state it might need to
      clean up. Fix it by cleaning up for those items.
      
      In the case Pontus found, the problem manifested
      itself as such:
      
      authenticate with 00:23:69:aa:dd:7b (try 1)
      authenticated
      failed to insert Dummy STA entry for the AP (error -17)
      deauthenticating from 00:23:69:aa:dd:7b by local choice (reason=2)
      
      It could also happen differently if the driver
      uses the tx_sync callback.
      
      We can't just call the ->done() method of the work
      items because that will lock up due to the locking
      in cfg80211. This fix isn't very clean, but that
      seems acceptable since I have patches pending to
      remove this code completely.
      
      Cc: stable@vger.kernel.org
      Reported-by: NPontus Fuchs <pontus.fuchs@gmail.com>
      Tested-by: NPontus Fuchs <pontus.fuchs@gmail.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      bc4934bc
  11. 05 1月, 2012 1 次提交
  12. 20 12月, 2011 1 次提交
  13. 16 12月, 2011 3 次提交
  14. 22 11月, 2011 2 次提交
  15. 18 11月, 2011 1 次提交
  16. 10 11月, 2011 2 次提交
  17. 08 11月, 2011 1 次提交
  18. 03 11月, 2011 1 次提交