Acasă Explorează Ajutor
Autentificare
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Răsfoiți Sursa

qcacld-3.0: Check for MLO IE presence only if STA is waiting for frame

Currently, host driver checks if MLO IE is present or not if an auth
frame is received in 11be station mode. But it's observed that some
APs send auth frame with invalid contents(e.g. missing MLO IE in the
frame) though it has already responded with a proper auth frame and
authentication is completed.

Host driver drops this frame and initiates a disconnection as the frame
contents are invalid. Auth node gpLimMlmAuthReq is accessed as part of
the cleanup. But host driver has cleaned up the auth_node when it
received the valid frame2. So, host driver can ignore the invalid frame
as authentication is already completed to avoid disconnection/access of
freed object gpLimMlmAuthReq.

Check for the MLO IE presence in auth frame only if driver is waiting for
the auth frame(auth_frame2) to avoid disconnect/invalid access of
freed auth_node.

Change-Id: I8c8f5e81331f684960f51df3f63f69e5905c05f2
CRs-Fixed: 3504684
Vinod Kumar Myadam 1 an în urmă
părinte
3e9f7d3d0e
comite
c2b848ae80
1 a modificat fișierele cu 15 adăugiri și 15 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 15 15
      core/mac/src/pe/lim/lim_process_auth_frame.c

+ 15 - 15
core/mac/src/pe/lim/lim_process_auth_frame.c
Vizualizați fișierul 

@@ -1232,6 +1232,21 @@ static void lim_process_auth_frame_type2(struct mac_context *mac_ctx,
 
 		return;
 
 	}
 
 
+	if (LIM_IS_STA_ROLE(pe_session) &&
 
+	    wlan_vdev_mlme_is_mlo_vdev(pe_session->vdev)) {
 
+		if (!rx_auth_frm_body->is_mlo_ie_present) {
 
+			pe_err("MLO IE not present in auth frame from peer, abort connection");
 
+			lim_send_deauth_mgmt_frame(
 
+				mac_ctx, REASON_UNSPEC_FAILURE,
 
+				pe_session->bssId, pe_session, false);
 
+			lim_restore_from_auth_state(mac_ctx,
 
+						    eSIR_SME_INVALID_PARAMETERS,
 
+						    REASON_UNSPEC_FAILURE,
 
+						    pe_session);
 
+			return;
 
+		}
 
+	}
 
+
 
 	if (rx_auth_frm_body->authStatusCode ==
 
 			STATUS_NOT_SUPPORTED_AUTH_ALG) {
 
 		/*
 
@@ -2052,21 +2067,6 @@ lim_process_auth_frame(struct mac_context *mac_ctx, uint8_t *rx_pkt_info,
 
 		goto free;
 
 	}
 
 
-	if (LIM_IS_STA_ROLE(pe_session) &&
 
-	    wlan_vdev_mlme_is_mlo_vdev(pe_session->vdev)) {
 
-		if (!rx_auth_frm_body->is_mlo_ie_present) {
 
-			pe_err("MLO IE not present in auth frame from peer, abort connection");
 
-			lim_send_deauth_mgmt_frame(
 
-				mac_ctx, REASON_UNSPEC_FAILURE,
 
-				pe_session->bssId, pe_session, false);
 
-			lim_restore_from_auth_state(mac_ctx,
 
-						    eSIR_SME_INVALID_PARAMETERS,
 
-						    REASON_UNSPEC_FAILURE,
 
-						    pe_session);
 
-			goto free;
 
-		}
 
-	}
 
-
 
 	/*
 
 	 * IOT Workaround: with invalid WEP key, some APs reply
 
 	 * AuthFrame 4 with invalid seqNumber. This AuthFrame