12 Aug, 2013
1 commit
-
commit 6b0f32745dcfba01d7be33acd1b40306c7a914c6 upstream.
The duplicate retransmission detection code in mac80211
erroneously attempts to do the check for every frame,
even frames that don't have a sequence control field or
that don't use it (QoS-Null frames.)This is problematic because it causes the code to access
data beyond the end of the SKB and depending on the data
there will drop packets erroneously.Correct the code to not do duplicate detection for such
frames.I found this error while testing AP powersave, it lead
to retransmitted PS-Poll frames being dropped entirely
as the data beyond the end of the SKB was always zero.Signed-off-by: Johannes Berg
Signed-off-by: Greg Kroah-Hartman
17 May, 2013
1 commit
-
In AP mode, ignore frames with mis-matched BSSID that aren't
multicast or sent to the correct destination. This fixes
reporting public action frames to userspace multiple times
on multiple virtual AP interfaces.Cc: stable@vger.kernel.org
Reported-by: Jouni Malinen
Signed-off-by: Johannes Berg
22 Apr, 2013
1 commit
19 Apr, 2013
1 commit
-
There's an issue in receiving broadcast management frames
on P2P Device virtual interfaces, such frames have the RX
flag IEEE80211_RX_RA_MATCH cleared and are thus dropped
in ieee80211_rx_h_mgmt_check(). They should be let through
to make it to ieee80211_rx_h_userspace_mgmt() and then to
userspace.Signed-off-by: Johannes Berg
16 Apr, 2013
2 commits
-
Handle the (public) extended channel switch announcement
action frames. Parts of the data in these frames isn't
really in IEs, but put it into the elems struct anyway
to simplify the handling.Signed-off-by: Johannes Berg
-
CSA action frame content should be processed as variable IEs
rather than fixed to make it extensible. Unify the code and
process them just like CSA in beacons to make it easier to
extend for HT/VHT.Signed-off-by: Johannes Berg
11 Apr, 2013
1 commit
-
Otherwise forwarded frames would keep the retry bit set
from the previous link transmission.Signed-off-by: Thomas Pedersen
Signed-off-by: Johannes Berg
30 Mar, 2013
1 commit
-
Conflicts:
net/mac80211/sta_info.c
net/wireless/core.h
11 Mar, 2013
1 commit
-
If a P2P Device interface receives an unhandled action
frame, we attempt to return it. This crashes because it
doesn't have a channel context. Fix the crash by using
status->band and properly mark the return frame as an
off-channel frame.Reported-by: Ilan Peer
Reviewed-by: Ilan Peer
Signed-off-by: Johannes Berg
06 Mar, 2013
3 commits
-
Earlier mac80211 would check whether some kind of mesh
security was enabled, when the real question was "is the
MPM in userspace"?Signed-off-by: Thomas Pedersen
Signed-off-by: Johannes Berg -
Move the sequence number arithmetic code from mac80211 to
ieee80211.h so others can use it. Also rename the functions
from _seq to _sn, they operate on the sequence number, not
the sequence_control field.Also move macros to convert the sequence control to/from
the sequence number value from various drivers.Signed-off-by: Johannes Berg
-
The comment says something about __skb_push(), but that
isn't even called in the code any more. Looking at the
git history, that comment never even made sense when it
was still called, so just replace that part to note it
still works even when align isn't 0 or 2.Reported-by: Eric Dumazet
Signed-off-by: Johannes Berg
15 Feb, 2013
6 commits
-
There's various code with strange indentation,
questionable loop and locking constructs, etc.The bigger change is moving the "sdata" argument
to the first argument of all functions, like all
other mac80211 functions that have one.Signed-off-by: Johannes Berg
-
Instead of modifying the HT SMPS capability field
for stations, track the SMPS mode explicitly in a
new field in the station struct and use it in the
drivers that care about it. This simplifies the
code using it.Signed-off-by: Johannes Berg
-
Mesh interfaces will now respond to any broadcast (or
matching directed mesh) probe requests with a probe
response.Signed-off-by: Thomas Pedersen
Signed-off-by: Johannes Berg -
In beacons and association response frames an AP may include an
operating mode notification element to advertise changes in the
number of spatial streams it can receive. Handle this using the
existing function that handles the action frame, but only handle
NSS changes, not bandwidth changes which aren't allowed here.Signed-off-by: Johannes Berg
-
Handle the operating mode notification action frame.
When the supported streams or the bandwidth change
let the driver and rate control algorithm know.Signed-off-by: Johannes Berg
-
For VHT, many more bandwidth changes are possible. As a first
step, stop toggling the IEEE80211_HT_CAP_SUP_WIDTH_20_40 flag
in the HT capabilities and instead introduce a bandwidth field
indicating the currently usable bandwidth to transmit to the
station. Of course, make all drivers use it.To achieve this, make ieee80211_ht_cap_ie_to_sta_ht_cap() get
the station as an argument, rather than the new capabilities,
so it can set up the new bandwidth field.If the station is a VHT station and VHT bandwidth is in use,
also set the bandwidth accordingly.Doing this allows us to get rid of the supports_40mhz flag as
the HT capabilities now reflect the true capability instead of
the current setting.While at it, also fix ieee80211_ht_cap_ie_to_sta_ht_cap() to not
ignore HT cap overrides when MCS TX isn't supported (not that it
really happens...)Signed-off-by: Johannes Berg
12 Feb, 2013
1 commit
-
This patch fixes the problem which was discussed in
"mac80211: Fix PN corruption in case of multiple
virtual interface" [1].Amit Shakya reported a serious issue with my patch:
mac80211: serialize rx path workers" [2]:In case, ieee80211_rx_handlers processing is going on
for skbs received on one vif and at the same time, rx
aggregation reorder timer expires on another vif then
sta_rx_agg_reorder_timer_expired is invoked and it will
push skbs into the single queue (local->rx_skb_queue).ieee80211_rx_handlers in the while loop assumes that
the skbs are for the same sdata and sta. This assumption
doesn't hold good in this scenario and the PN gets
corrupted by PN received in other vif's skb, causing
traffic to stop due to PN mismatch."[1] Message-Id: http://mid.gmane.org/201302041844.44436.chunkeey@googlemail.com
[2] Commit-Id: 24a8fdad35835e8d71f7Reported-by: Amit Shakya
Signed-off-by: Christian Lamparter
Signed-off-by: Johannes Berg
05 Feb, 2013
1 commit
-
Add routines to
- maintain a PS mode for each peer and a non-peer PS mode
- indicate own PS mode in transmitted frames
- track neighbor STAs power modes
- buffer frames when neighbors are in PS mode
- add TIM and Awake Window IE to beacons
- release frames in Mesh Peer Service PeriodsAdd local_pm to sta_info to represent the link-specific power
mode at this station towards the remote station. When a peer
link is established, use the default power mode stored in mesh
config. Update the PS status if the peering status of a neighbor
changes.
Maintain a mesh power mode for non-peer mesh STAs. Set the
non-peer power mode to active mode during peering. Authenticated
mesh peering is currently not working when either node is
configured to be in power save mode.Indicate the current power mode in transmitted frames. Use QoS
Nulls to indicate mesh power mode transitions.
For performance reasons, calls to the function setting the frame
flags are placed in HWMP routing routines, as there the STA
pointer is already available.Add peer_pm to sta_info to represent the peer's link-specific
power mode towards the local station. Add nonpeer_pm to
represent the peer's power mode towards all non-peer stations.
Track power modes based on received frames.Add the ps_data structure to ieee80211_if_mesh (for TIM map, PS
neighbor counter and group-addressed frame buffer).Set WLAN_STA_PS flag for STA in PS mode to use the unicast frame
buffering routines in the tx path. Update num_sta_ps to buffer
and release group-addressed frames after DTIM beacons.Announce the awake window duration in beacons if in light or
deep sleep mode towards any peer or non-peer. Create a TIM IE
similarly to AP mode and add it to mesh beacons. Parse received
Awake Window IEs and check TIM IEs for buffered frames.Release frames towards peers in mesh Peer Service Periods. Use
the corresponding trigger frames and monitor the MPSP status.
Append a QoS Null as trigger frame if neccessary to properly end
the MPSP. Currently, in HT channels MPSPs behave imperfectly and
show large delay spikes and frame losses.Signed-off-by: Marco Porsch
Signed-off-by: Ivan Bezyazychnyy
Signed-off-by: Mike Krinkin
Signed-off-by: Max Filippov
Signed-off-by: Johannes Berg
03 Jan, 2013
1 commit
-
Support the HT notify channel width action frame
to update the rate scaling about the bandwidth
the peer can receive in.Signed-off-by: Johannes Berg
06 Dec, 2012
1 commit
-
Previously, mesh peering frames from a STA without a station
entry were being dropped.Mesh Peering Open and other frames (WLAN_CATEGORY_SELF_PROTECTED)
are valid mesh peering frames even if received from a yet unknown
station; the STA entry will be created in mesh_peer_init later.The problem didn't occur previously since both STAs receive each
other's beacons which created the STA entry. However, this causes
an unnecessary delay and beacons might not be received if either
node is in PS mode.Signed-off-by: Marco Porsch
[reword commit log a bit]
Signed-off-by: Johannes Berg
05 Dec, 2012
1 commit
-
The radiotap header length "needed_headroom" is only required if we're
sending the skb to a monitor interface. Hence, move the calculation a
bit later so the calculation can be skipped if no monitor interface is
present.Signed-off-by: Helmut Schaa
Signed-off-by: Johannes Berg
28 Nov, 2012
1 commit
-
Smatch complains that we could dereference skb later in the function.
It's probably unlikely, but we may as well return here and avoid it.Signed-off-by: Dan Carpenter
[change summary]
Signed-off-by: Johannes Berg
27 Nov, 2012
1 commit
-
Add some information that we have about VHT to radiotap.
This at least lets one see the MCS and NSS information.Signed-off-by: Johannes Berg
26 Nov, 2012
2 commits
-
Add support to mac80211 for having drivers report
received VHT MCS information.Signed-off-by: Johannes Berg
-
It does not make sense to keep a station alive if it is not authorised
at all. If IBSS/RSN is used it could also be the case that something
went wrong during the keys exchange and the stations ended up in a not
recoverable state.By not updating last_rx we are giving the station a chance to be
deleted and to start the key exchange once again from scratch.Signed-off-by: Antonio Quartulli
Signed-off-by: Johannes Berg
23 Nov, 2012
1 commit
-
The radiotap vendor area in the skb head must be skipped
and accounted for in a few functions until it is removed.
I missed this in my patch, so a few places use this data
as though it was the 802.11 header, fix these places.Reported-by: Wojciech Dubowik
Tested-by: Wojciech Dubowik
Signed-off-by: Johannes Berg
19 Nov, 2012
2 commits
-
In some cases, in particular for experimentation, it
can be useful to be able to add vendor namespace data
to received frames in addition to the normal radiotap
data.Allow doing this through mac80211 by adding fields to
the RX status descriptor that describe the data while
the data itself is prepended to the frame.Also add some example code to hwsim, but don't enable
it because it doesn't use a proper OUI identifier.Signed-off-by: Johannes Berg
-
Introduce IEEE80211_NUM_TIDS in the generic 802.11
header file and use it in place of STA_TID_NUM and
NUM_RX_DATA_QUEUES which are both really the number
of TIDs.Signed-off-by: Johannes Berg
14 Nov, 2012
1 commit
-
Allow drivers to indicate their mactime is at RX completion and adjust
for this in mac80211. Also rename the existing RX_FLAG_MACTIME_MPDU to
RX_FLAG_MACTIME_START to clarify its intent. Based on similar code by
Johannes Berg.Signed-off-by: Thomas Pedersen
[fix docs, atheros drivers]
Signed-off-by: Johannes Berg
05 Nov, 2012
1 commit
-
The commit:
commit 5e760230e42cf759bd923457ca2753aacf2e656e
Author: Johannes Berg
Date: Fri Nov 4 11:18:17 2011 +0100cfg80211: allow registering to beacons
allowed only a single process to register for beacon events
per wiphy. This breaks cases where a user may want two or
more VIFs on a wiphy and run a seperate hostapd process on
each vif.This patch allows multiple beacon listeners, fixing the
regression.Signed-off-by: Ben Greear
Signed-off-by: Johannes Berg
30 Oct, 2012
2 commits
-
Conflicts:
drivers/net/wireless/mwifiex/cfg80211.c
27 Oct, 2012
3 commits
-
The code to allow EAPOL frames even when the station
isn't yet marked associated needs to check that the
incoming frame is long enough and due to paged RX it
also can't assume skb->data contains the right data,
it must use skb_copy_bits(). Fix this to avoid using
data that doesn't really exist.Cc: stable@vger.kernel.org
Signed-off-by: Johannes Berg -
A number of places in the mesh code don't check that
the frame data is present and in the skb header when
trying to access. Add those checks and the necessary
pskb_may_pull() calls. This prevents accessing data
that doesn't actually exist.To do this, export ieee80211_get_mesh_hdrlen() to be
able to use it in mac80211.Cc: stable@vger.kernel.org
Signed-off-by: Johannes Berg -
Due to pskb_may_pull() checking the skb length, all
non-management frames are checked on input whether
their 802.11 header is fully present. Also add that
check for management frames and remove a check that
is now duplicate. This prevents accessing skb data
beyond the frame end.Cc: stable@vger.kernel.org
Signed-off-by: Johannes Berg
26 Oct, 2012
2 commits
-
Fix a few code formatting issues in the RX code.
Signed-off-by: Johannes Berg
-
Per IEEE Std. 802.11-2012, Sec 8.2.4.4.1, the sequence Control field is
not present in control frames. We noticed this problem when processing
Block Ack Requests.Cc: stable@vger.kernel.org
Signed-off-by: Javier Cardona
Signed-off-by: Javier Lopez
Signed-off-by: Johannes Berg
25 Oct, 2012
1 commit
-
Prior this fix, those frames were not received, nor forwarded. Fix
this to receive and not forward.Signed-off-by: Javier Cardona
Signed-off-by: Johannes Berg