| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Sep 2021 13:07:00 +0530
From: Youghandhar Chintala <youghand@...eaurora.org>
To: Johannes Berg <johannes@...solutions.net>
Cc: Abhishek Kumar <kuabhs@...omium.org>, Felix Fietkau <nbd@....name>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
linux-wireless <linux-wireless@...r.kernel.org>,
netdev <netdev@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
Douglas Anderson <dianders@...omium.org>,
Brian Norris <briannorris@...omium.org>,
Rakesh Pillai <pillair@...eaurora.org>,
Manikanta Pubbisetty <mpubbise@...eaurora.org>
Subject: Re: [PATCH 2/3] mac80211: Add support to trigger sta disconnect on
hardware restart
Hi Johannes and felix,
We have tested with DELBA experiment during post SSR, DUT packet seq
number and tx pn is resetting to 0 as expected but AP(Netgear R8000) is
not honoring the tx pn from DUT.
Whereas when we tested with DELBA experiment by making Linux android
device as SAP and DUT as STA with which we don’t see any issue. Ping got
resumed post SSR without disconnect.
Please find below logs collected during my test for reference.
192.168.0.15(AtherosC_12:af:af) ===> DUT IP and MAC
192.168.0.55(Netgear_d2:93:3d) ===> AP IP and MAC
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
474 22.186433 192.168.0.15 192.168.0.55 ICMP
44 37 Data is protected
0x000000000026 0
Echo (ping) request id=0x0d00, seq=256/1, ttl=64 (reply in 480)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
480 22.188371 192.168.0.55 192.168.0.15 ICMP
44 5 Data is protected
0x000000000011 6
Echo (ping) reply id=0x0d00, seq=256/1, ttl=64 (request in 474)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
483 22.246335 192.168.0.15 192.168.0.55 ICMP
44 38 Data is protected
0x000000000027 0
Echo (ping) request id=0x1258, seq=11/2816, ttl=64 (reply in 489)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
489 22.248127 192.168.0.55 192.168.0.15 ICMP
44 13 Data is protected
0x000000000012 0
Echo (ping) reply id=0x1258, seq=11/2816, ttl=64 (request in 483)
The above pings(with TID 0) are before SSR. As soon as DUT recovers
after SSR, DUT is sending DELBAs to AP.
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code
TID Info
546 26.129127 AtherosC_12:af:af Netgear_d2:93:3d
802.11 44 4 Data is not protected
Delete Block Ack
0x0 Action, SN=4, FN=0, Flags=........C
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code
TID Info
548 26.129977 AtherosC_12:af:af Netgear_d2:93:3d
802.11 44 5 Data is not protected
Delete Block Ack
0x6 Action, SN=5, FN=0, Flags=........C
After SSR, we started ping traffic with TID 7 and 0. ping is successful
for TID 7 and failed for TID 0.
For TID 0, ping requests tx PN is reset to 0 but it seems AP is not
reset its PN hence we see this ping failure for TID 0.
Whereas TID 7 ping success because we started it after SSR.
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
557 26.355256 192.168.0.15 192.168.0.55 ICMP
44 0 Data is protected
0x000000000001 0
Echo (ping) request id=0x1258, seq=15/3840, ttl=64 (no response found!)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
571 27.376895 192.168.0.15 192.168.0.55 ICMP
44 1 Data is protected
0x000000000002 0
Echo (ping) request id=0x1258, seq=16/4096, ttl=64 (no response found!)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
588 28.400946 192.168.0.15 192.168.0.55 ICMP
44 2 Data is protected
0x000000000003 0
Echo (ping) request id=0x1258, seq=17/4352, ttl=64 (no response found!)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
600 29.424881 192.168.0.15 192.168.0.55 ICMP
44 3 Data is protected
0x000000000004 0
Echo (ping) request id=0x1258, seq=18/4608, ttl=64 (no response found!)
Below ping packets are with TID 7
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
622 30.898249 192.168.0.15 192.168.0.55 ICMP
44 0 Data is protected
0x000000000006 7
Echo (ping) request id=0x1276, seq=1/256, ttl=64 (reply in 626)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
626 30.900015 192.168.0.55 192.168.0.15 ICMP
44 0 Data is protected
0x000000000013 7
Echo (ping) reply id=0x1276, seq=1/256, ttl=64 (request in 622)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
644 31.897456 192.168.0.15 192.168.0.55 ICMP
44 1 Data is protected
0x000000000008 7
Echo (ping) request id=0x1276, seq=2/512, ttl=64 (reply in 648)
No. Time Source Destination
Protocol Channel Sequence number Protected flag Block Ack Starting
Sequence Control (SSC) CCMP Ext. Initialization Vector Action code TID
Info
648 31.899266 192.168.0.55 192.168.0.15 ICMP
44 1 Data is protected
0x000000000014 7
Echo (ping) reply id=0x1276, seq=2/512, ttl=64 (request in 644)
Regards,
Youghandhar
On 2021-02-12 14:07, Johannes Berg wrote:
> On Fri, 2021-02-05 at 13:51 -0800, Abhishek Kumar wrote:
>> Since using DELBA frame to APs to re-establish BA session has a
>> dependency on APs and also some APs may not honor the DELBA frame.
>
>
> That's completely out of spec ... Can you say which AP this was?
>
> You could also try sending a BAR that updates the SN.
>
> johannes
Regards,
Youghandhar
--
QUALCOMM INDIA, on behalf of Qualcomm Innovation Center, Inc. is a
member
of Code Aurora Forum, hosted by The Linux Foundation
Powered by blists - more mailing lists