Commit a17fd2cf authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge tag 'mac80211-for-davem-2019-10-08' of... 

Merge tag 'mac80211-for-davem-2019-10-08' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211



Johannes Berg says:

====================
A number of fixes:
 * allow scanning when operating on radar channels in
   ETSI regdomains
 * accept deauth frames in IBSS - we have code to parse
   and handle them, but were dropping them early
 * fix an allocation failure path in hwsim
 * fix a failure path memory leak in nl80211 FTM code
 * fix RCU handling & locking in multi-BSSID parsing
 * reject malformed SSID in mac80211 (this shouldn't
   really be able to happen, but defense in depth)
 * avoid userspace buffer overrun in ancient wext code
   if SSID was too long
====================

Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
parents b82316d2 dc0c18ed

drivers/net/wireless/mac80211_hwsim.c

+1 −1
Original line number Diff line number Diff line
@@ -4026,7 +4026,7 @@ static int __init init_mac80211_hwsim(void) 
	err = dev_alloc_name(hwsim_mon, hwsim_mon->name);

	if (err < 0) {

		rtnl_unlock();

		goto out_free_radios;

		goto out_free_mon;

	}



	err = register_netdevice(hwsim_mon);

include/net/cfg80211.h

+8 −0
Original line number Diff line number Diff line
@@ -5549,6 +5549,14 @@ const struct ieee80211_reg_rule *freq_reg_info(struct wiphy *wiphy, 
 */

const char *reg_initiator_name(enum nl80211_reg_initiator initiator);



/**

 * regulatory_pre_cac_allowed - check if pre-CAC allowed in the current regdom

 * @wiphy: wiphy for which pre-CAC capability is checked.

 *

 * Pre-CAC is allowed only in some regdomains (notable ETSI).

 */

bool regulatory_pre_cac_allowed(struct wiphy *wiphy);



/**

 * DOC: Internal regulatory db functions

 *

net/mac80211/mlme.c

+3 −2
Original line number Diff line number Diff line
@@ -2633,7 +2633,8 @@ struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 


	rcu_read_lock();

	ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID);

	if (WARN_ON_ONCE(ssid == NULL))

	if (WARN_ONCE(!ssid || ssid[1] > IEEE80211_MAX_SSID_LEN,

		      "invalid SSID element (len=%d)", ssid ? ssid[1] : -1))

		ssid_len = 0;

	else

		ssid_len = ssid[1];
@@ -5233,7 +5234,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata, 


	rcu_read_lock();

	ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);

	if (!ssidie) {

	if (!ssidie || ssidie[1] > sizeof(assoc_data->ssid)) {

		rcu_read_unlock();

		kfree(assoc_data);

		return -EINVAL;

net/mac80211/rx.c

+10 −1
Original line number Diff line number Diff line
@@ -3467,9 +3467,18 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx) 
	case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP):

		/* process for all: mesh, mlme, ibss */

		break;

	case cpu_to_le16(IEEE80211_STYPE_DEAUTH):

		if (is_multicast_ether_addr(mgmt->da) &&

		    !is_broadcast_ether_addr(mgmt->da))

			return RX_DROP_MONITOR;



		/* process only for station/IBSS */

		if (sdata->vif.type != NL80211_IFTYPE_STATION &&

		    sdata->vif.type != NL80211_IFTYPE_ADHOC)

			return RX_DROP_MONITOR;

		break;

	case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):

	case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):

	case cpu_to_le16(IEEE80211_STYPE_DEAUTH):

	case cpu_to_le16(IEEE80211_STYPE_DISASSOC):

		if (is_multicast_ether_addr(mgmt->da) &&

		    !is_broadcast_ether_addr(mgmt->da))

net/mac80211/scan.c

+28 −2
Original line number Diff line number Diff line
@@ -520,10 +520,33 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local, 
	return 0;

}



static bool __ieee80211_can_leave_ch(struct ieee80211_sub_if_data *sdata)

{

	struct ieee80211_local *local = sdata->local;

	struct ieee80211_sub_if_data *sdata_iter;



	if (!ieee80211_is_radar_required(local))

		return true;



	if (!regulatory_pre_cac_allowed(local->hw.wiphy))

		return false;



	mutex_lock(&local->iflist_mtx);

	list_for_each_entry(sdata_iter, &local->interfaces, list) {

		if (sdata_iter->wdev.cac_started) {

			mutex_unlock(&local->iflist_mtx);

			return false;

		}

	}

	mutex_unlock(&local->iflist_mtx);



	return true;

}



static bool ieee80211_can_scan(struct ieee80211_local *local,

			       struct ieee80211_sub_if_data *sdata)

{

	if (ieee80211_is_radar_required(local))

	if (!__ieee80211_can_leave_ch(sdata))

		return false;



	if (!list_empty(&local->roc_list))
@@ -630,7 +653,10 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata, 


	lockdep_assert_held(&local->mtx);



	if (local->scan_req || ieee80211_is_radar_required(local))

	if (local->scan_req)

		return -EBUSY;



	if (!__ieee80211_can_leave_ch(sdata))

		return -EBUSY;



	if (!ieee80211_can_scan(local, sdata)) {

CRA Git | Maintained and supported by SUSTech CRA and CCSE