[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20190726224758.210953-1-briannorris@chromium.org>
Date: Fri, 26 Jul 2019 15:47:58 -0700
From: Brian Norris <briannorris@...omium.org>
To: Johannes Berg <johannes@...solutions.net>
Cc: <linux-kernel@...r.kernel.org>, linux-wireless@...r.kernel.org,
Emmanuel Grumbach <emmanuel.grumbach@...el.com>,
Brian Norris <briannorris@...omium.org>
Subject: [PATCH] mac80211: don't WARN on short WMM parameters from AP
In a very similar spirit to commit c470bdc1aaf3 ("mac80211: don't WARN
on bad WMM parameters from buggy APs"), an AP may not transmit a
fully-formed WMM IE. For example, it may miss or repeat an Access
Category. The above loop won't catch that and will instead leave one of
the four ACs zeroed out. This triggers the following warning in
drv_conf_tx()
wlan0: invalid CW_min/CW_max: 0/0
and it may leave one of the hardware queues unconfigured. If we detect
such a case, let's just print a warning and fall back to the defaults.
Tested with a hacked version of hostapd, intentionally corrupting the
IEs in hostapd_eid_wmm().
Signed-off-by: Brian Norris <briannorris@...omium.org>
---
net/mac80211/mlme.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index a99ad0325309..4c888dc9bd81 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -2042,6 +2042,16 @@ ieee80211_sta_wmm_params(struct ieee80211_local *local,
ieee80211_regulatory_limit_wmm_params(sdata, ¶ms[ac], ac);
}
+ /* WMM specification requires all 4 ACIs. */
+ for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
+ if (params[ac].cw_min == 0) {
+ sdata_info(sdata,
+ "AP has invalid WMM params (missing AC %d), using defaults\n",
+ ac);
+ return false;
+ }
+ }
+
for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
mlme_dbg(sdata,
"WMM AC=%d acm=%d aifs=%d cWmin=%d cWmax=%d txop=%d uapsd=%d, downgraded=%d\n",
--
2.22.0.709.g102302147b-goog
Powered by blists - more mailing lists