lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20160725203521.531990039@linuxfoundation.org>
Date:	Mon, 25 Jul 2016 13:54:19 -0700
From:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:	linux-kernel@...r.kernel.org
Cc:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	stable@...r.kernel.org, Jouni Malinen <j@...fi>,
	Johannes Berg <johannes@...solutions.net>
Subject: [PATCH 4.4 004/146] mac80211: Fix mesh estab_plinks counting in STA removal case

4.4-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Jouni Malinen <j@...fi>

commit 126e7557328a1cd576be4fca95b133a2695283ff upstream.

If a user space program (e.g., wpa_supplicant) deletes a STA entry that
is currently in NL80211_PLINK_ESTAB state, the number of established
plinks counter was not decremented and this could result in rejecting
new plink establishment before really hitting the real maximum plink
limit. For !user_mpm case, this decrementation is handled by
mesh_plink_deactive().

Fix this by decrementing estab_plinks on STA deletion
(mesh_sta_cleanup() gets called from there) so that the counter has a
correct value and the Beacon frame advertisement in Mesh Configuration
element shows the proper value for capability to accept additional
peers.

Signed-off-by: Jouni Malinen <j@...fi>
Signed-off-by: Johannes Berg <johannes@...solutions.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>

---
 net/mac80211/mesh.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -151,14 +151,17 @@ u32 mesh_accept_plinks_update(struct iee
 void mesh_sta_cleanup(struct sta_info *sta)
 {
 	struct ieee80211_sub_if_data *sdata = sta->sdata;
-	u32 changed;
+	u32 changed = 0;
 
 	/*
 	 * maybe userspace handles peer allocation and peering, but in either
 	 * case the beacon is still generated by the kernel and we might need
 	 * an update.
 	 */
-	changed = mesh_accept_plinks_update(sdata);
+	if (sdata->u.mesh.user_mpm &&
+	    sta->mesh->plink_state == NL80211_PLINK_ESTAB)
+		changed |= mesh_plink_dec_estab_count(sdata);
+	changed |= mesh_accept_plinks_update(sdata);
 	if (!sdata->u.mesh.user_mpm) {
 		changed |= mesh_plink_deactivate(sta);
 		del_timer_sync(&sta->mesh->plink_timer);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ