lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <8701dbe48fae509bc8cb6d8ce5e6f96f75ad57af.1751057146.git.repk@triplefau.lt>
Date: Fri, 27 Jun 2025 22:46:47 +0200
From: Remi Pommarel <repk@...plefau.lt>
To: linux-wireless@...r.kernel.org,
	linux-kernel@...r.kernel.org
Cc: Johannes Berg <johannes@...solutions.net>,
 Remi Pommarel <repk@...plefau.lt>
Subject: [PATCH wireless-next 1/3] wifi: mac80211: Do not set link_id for
 received management frame

A non-MLD sta could want to send offchannel management frame (e.g. to
do a offchannel scan). Because ieee80211_rx_for_interface() fills the
link_id information with the link the sta is currently using; hostapd
would send back management frame responses through wrong link causing
the sta to miss them.

To fix that, do not fill link_id indication for management frames,
relying on hostapd instead to infer the proper link from the received
frame frequency.

Signed-off-by: Remi Pommarel <repk@...plefau.lt>
---
 net/mac80211/rx.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index e73431549ce7..deebdce6d9c7 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -5112,9 +5112,14 @@ static bool ieee80211_rx_for_interface(struct ieee80211_rx_data *rx,
 	 * have the link information if needed.
 	 */
 	link_sta = link_sta_info_get_bss(rx->sdata, hdr->addr2);
+
 	if (link_sta) {
 		sta = link_sta->sta;
-		link_id = link_sta->link_id;
+		/* Do no use sta link id information on management frames to allow for
+		 * offchannel scan, roaming, etc.
+		 */
+		if (!ieee80211_is_mgmt(hdr->frame_control))
+			link_id = link_sta->link_id;
 	} else {
 		struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 
-- 
2.40.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ