lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20240830-mwifiex-check-channel-v1-1-b04e075c9184@pengutronix.de>
Date: Fri, 30 Aug 2024 08:56:40 +0200
From: Sascha Hauer <s.hauer@...gutronix.de>
To: Brian Norris <briannorris@...omium.org>, 
 Francesco Dolcini <francesco@...cini.it>, Kalle Valo <kvalo@...nel.org>
Cc: linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org, 
 Sascha Hauer <s.hauer@...gutronix.de>, stable@...r.kernel.org
Subject: [PATCH] wifi: mwifiex: Ensure all STA and AP use the same channel

The mwifiex chips support simultaneous Accesspoint and station mode,
but this only works when all are using the same channel. The downstream
driver uses ECSA which makes the Accesspoint automatically switch to the
channel the station is going to use.  Until this is implemented in the
mwifiex driver at least catch this situation and bail out with an error.
Userspace doesn't have a meaningful way to figure out what went wrong,
so print an error message to give the user a clue.

Without this patch the driver would timeout on the
HostCmd_CMD_802_11_ASSOCIATE command when creating a station with a
channel different from the one that an existing accesspoint uses.

Signed-off-by: Sascha Hauer <s.hauer@...gutronix.de>
Cc: stable@...r.kernel.org
---
 drivers/net/wireless/marvell/mwifiex/cfg80211.c  | 52 ++++++++++++++++++++++++
 drivers/net/wireless/marvell/mwifiex/main.h      |  1 +
 drivers/net/wireless/marvell/mwifiex/sta_ioctl.c |  3 ++
 3 files changed, 56 insertions(+)

diff --git a/drivers/net/wireless/marvell/mwifiex/cfg80211.c b/drivers/net/wireless/marvell/mwifiex/cfg80211.c
index 5697a02e6b8d3..0d3bf624cd3de 100644
--- a/drivers/net/wireless/marvell/mwifiex/cfg80211.c
+++ b/drivers/net/wireless/marvell/mwifiex/cfg80211.c
@@ -2054,6 +2054,55 @@ static int mwifiex_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *dev,
 	return 0;
 }
 
+bool mwifiex_channel_conflict(struct mwifiex_private *priv, struct ieee80211_channel *ch)
+{
+	struct mwifiex_adapter *adapter = priv->adapter;
+	struct mwifiex_current_bss_params *bss_params;
+	u8 band;
+	int freq, i;
+
+	for (i = 0; i < adapter->priv_num; i++) {
+		struct mwifiex_private *p = adapter->priv[i];
+		struct ieee80211_channel *used = NULL;
+
+		if (p == priv)
+			continue;
+
+		switch (GET_BSS_ROLE(p)) {
+		case MWIFIEX_BSS_ROLE_UAP:
+			if (!netif_carrier_ok(p->netdev))
+				break;
+
+			if (!cfg80211_chandef_valid(&p->bss_chandef))
+				break;
+
+			used = p->bss_chandef.chan;
+
+			break;
+		case MWIFIEX_BSS_ROLE_STA:
+			if (!p->media_connected)
+				break;
+
+			bss_params = &p->curr_bss_params;
+			band = mwifiex_band_to_radio_type(bss_params->band);
+			freq = ieee80211_channel_to_frequency(bss_params->bss_descriptor.channel,
+							      band);
+
+			used = ieee80211_get_channel(priv->wdev.wiphy, freq);
+
+			break;
+		}
+
+		if (used && !ieee80211_channel_equal(used, ch)) {
+			mwifiex_dbg(priv->adapter, MSG,
+				    "all AP and STA must operate on same channel\n");
+			return false;
+		}
+	}
+
+	return true;
+}
+
 /* cfg80211 operation handler for start_ap.
  * Function sets beacon period, DTIM period, SSID and security into
  * AP config structure.
@@ -2069,6 +2118,9 @@ static int mwifiex_cfg80211_start_ap(struct wiphy *wiphy,
 	if (GET_BSS_ROLE(priv) != MWIFIEX_BSS_ROLE_UAP)
 		return -1;
 
+	if (!mwifiex_channel_conflict(priv, params->chandef.chan))
+		return -EBUSY;
+
 	bss_cfg = kzalloc(sizeof(struct mwifiex_uap_bss_param), GFP_KERNEL);
 	if (!bss_cfg)
 		return -ENOMEM;
diff --git a/drivers/net/wireless/marvell/mwifiex/main.h b/drivers/net/wireless/marvell/mwifiex/main.h
index 529863edd7a25..b68dbf884156b 100644
--- a/drivers/net/wireless/marvell/mwifiex/main.h
+++ b/drivers/net/wireless/marvell/mwifiex/main.h
@@ -1697,6 +1697,7 @@ int mwifiex_set_mac_address(struct mwifiex_private *priv,
 			    struct net_device *dev,
 			    bool external, u8 *new_mac);
 void mwifiex_devdump_tmo_func(unsigned long function_context);
+bool mwifiex_channel_conflict(struct mwifiex_private *priv, struct ieee80211_channel *ch);
 
 #ifdef CONFIG_DEBUG_FS
 void mwifiex_debugfs_init(void);
diff --git a/drivers/net/wireless/marvell/mwifiex/sta_ioctl.c b/drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
index d3cba6895f8ce..9794816d8a0c6 100644
--- a/drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
+++ b/drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
@@ -291,6 +291,9 @@ int mwifiex_bss_start(struct mwifiex_private *priv, struct cfg80211_bss *bss,
 		if (!bss_desc)
 			return -1;
 
+		if (!mwifiex_channel_conflict(priv, bss->channel))
+			return -EBUSY;
+
 		if (mwifiex_band_to_radio_type(bss_desc->bss_band) ==
 						HostCmd_SCAN_RADIO_TYPE_BG) {
 			config_bands = BAND_B | BAND_G | BAND_GN;

---
base-commit: 67a72043aa2e6f60f7bbe7bfa598ba168f16d04f
change-id: 20240830-mwifiex-check-channel-f411a156bbe0

Best regards,
-- 
Sascha Hauer <s.hauer@...gutronix.de>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ