lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Dec 2020 21:24:13 -0500 From: Sasha Levin <sashal@...nel.org> To: linux-kernel@...r.kernel.org, stable@...r.kernel.org Cc: Emmanuel Grumbach <emmanuel.grumbach@...el.com>, Luca Coelho <luciano.coelho@...el.com>, Johannes Berg <johannes.berg@...el.com>, Sasha Levin <sashal@...nel.org>, linux-wireless@...r.kernel.org, netdev@...r.kernel.org Subject: [PATCH AUTOSEL 4.9 45/48] mac80211: don't filter out beacons once we start CSA From: Emmanuel Grumbach <emmanuel.grumbach@...el.com> [ Upstream commit 189a164d0fc6c59a22c4486d641d0a0a0d33387a ] I hit a bug in which we started a CSA with an action frame, but the AP changed its mind and didn't change the beacon. The CSA wasn't cancelled and we lost the connection. The beacons were ignored because they never changed: they never contained any CSA IE. Because they never changed, the CRC of the beacon didn't change either which made us ignore the beacons instead of processing them. Now what happens is: 1) beacon has CRC X and it is valid. No CSA IE in the beacon 2) as long as beacon's CRC X, don't process their IEs 3) rx action frame with CSA 4) invalidate the beacon's CRC 5) rx beacon, CRC is still X, but now it is invalid 6) process the beacon, detect there is no CSA IE 7) abort CSA Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@...el.com> Signed-off-by: Luca Coelho <luciano.coelho@...el.com> Link: https://lore.kernel.org/r/iwlwifi.20201206145305.83470b8407e6.I739b907598001362744692744be15335436b8351@changeid Signed-off-by: Johannes Berg <johannes.berg@...el.com> Signed-off-by: Sasha Levin <sashal@...nel.org> --- net/mac80211/mlme.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 7b9c02d5590c0..cebaf9a1a9ef4 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -1264,6 +1264,7 @@ ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata, sdata->csa_chandef = csa_ie.chandef; sdata->csa_block_tx = csa_ie.mode; ifmgd->csa_ignored_same_chan = false; + ifmgd->beacon_crc_valid = false; if (sdata->csa_block_tx) ieee80211_stop_vif_queues(local, sdata, -- 2.27.0
Powered by blists - more mailing lists