Merge tag 'mac80211-next-for-davem-2016-12-09' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
Johannes Berg says: ==================== Three fixes: * fix a logic bug introduced by a previous cleanup * fix nl80211 attribute confusing (trying to use a single attribute for two purposes) * fix a long-standing BSS leak that happens when an association attempt is abandoned ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller
@@ -410,6 +410,7 @@ void cfg80211_sme_disassoc(struct wireless_dev *wdev);
|
||||
void cfg80211_sme_deauth(struct wireless_dev *wdev);
|
||||
void cfg80211_sme_auth_timeout(struct wireless_dev *wdev);
|
||||
void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev);
|
||||
void cfg80211_sme_abandon_assoc(struct wireless_dev *wdev);
|
||||
|
||||
/* internal helpers */
|
||||
bool cfg80211_supported_cipher_suite(struct wiphy *wiphy, u32 cipher);
|
||||
|
||||
@@ -149,6 +149,18 @@ void cfg80211_assoc_timeout(struct net_device *dev, struct cfg80211_bss *bss)
|
||||
}
|
||||
EXPORT_SYMBOL(cfg80211_assoc_timeout);
|
||||
|
||||
void cfg80211_abandon_assoc(struct net_device *dev, struct cfg80211_bss *bss)
|
||||
{
|
||||
struct wireless_dev *wdev = dev->ieee80211_ptr;
|
||||
struct wiphy *wiphy = wdev->wiphy;
|
||||
|
||||
cfg80211_sme_abandon_assoc(wdev);
|
||||
|
||||
cfg80211_unhold_bss(bss_from_pub(bss));
|
||||
cfg80211_put_bss(wiphy, bss);
|
||||
}
|
||||
EXPORT_SYMBOL(cfg80211_abandon_assoc);
|
||||
|
||||
void cfg80211_tx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len)
|
||||
{
|
||||
struct wireless_dev *wdev = dev->ieee80211_ptr;
|
||||
|
||||
@@ -404,6 +404,7 @@ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
|
||||
.len = FILS_MAX_KEK_LEN },
|
||||
[NL80211_ATTR_FILS_NONCES] = { .len = 2 * FILS_NONCE_LEN },
|
||||
[NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, },
|
||||
[NL80211_ATTR_BSSID] = { .len = ETH_ALEN },
|
||||
};
|
||||
|
||||
/* policy for the key attributes */
|
||||
@@ -6703,7 +6704,20 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
|
||||
request->no_cck =
|
||||
nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
|
||||
|
||||
if (info->attrs[NL80211_ATTR_MAC])
|
||||
/* Initial implementation used NL80211_ATTR_MAC to set the specific
|
||||
* BSSID to scan for. This was problematic because that same attribute
|
||||
* was already used for another purpose (local random MAC address). The
|
||||
* NL80211_ATTR_BSSID attribute was added to fix this. For backwards
|
||||
* compatibility with older userspace components, also use the
|
||||
* NL80211_ATTR_MAC value here if it can be determined to be used for
|
||||
* the specific BSSID use case instead of the random MAC address
|
||||
* (NL80211_ATTR_SCAN_FLAGS is used to enable random MAC address use).
|
||||
*/
|
||||
if (info->attrs[NL80211_ATTR_BSSID])
|
||||
memcpy(request->bssid,
|
||||
nla_data(info->attrs[NL80211_ATTR_BSSID]), ETH_ALEN);
|
||||
else if (!(request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) &&
|
||||
info->attrs[NL80211_ATTR_MAC])
|
||||
memcpy(request->bssid, nla_data(info->attrs[NL80211_ATTR_MAC]),
|
||||
ETH_ALEN);
|
||||
else
|
||||
@@ -10628,7 +10642,7 @@ static int nl80211_start_nan(struct sk_buff *skb, struct genl_info *info)
|
||||
if (wdev->iftype != NL80211_IFTYPE_NAN)
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
if (!wdev_running(wdev))
|
||||
if (wdev_running(wdev))
|
||||
return -EEXIST;
|
||||
|
||||
if (rfkill_blocked(rdev->rfkill))
|
||||
|
||||
@@ -39,6 +39,7 @@ struct cfg80211_conn {
|
||||
CFG80211_CONN_ASSOCIATING,
|
||||
CFG80211_CONN_ASSOC_FAILED,
|
||||
CFG80211_CONN_DEAUTH,
|
||||
CFG80211_CONN_ABANDON,
|
||||
CFG80211_CONN_CONNECTED,
|
||||
} state;
|
||||
u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
|
||||
@@ -206,6 +207,8 @@ static int cfg80211_conn_do_work(struct wireless_dev *wdev)
|
||||
cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
|
||||
NULL, 0,
|
||||
WLAN_REASON_DEAUTH_LEAVING, false);
|
||||
/* fall through */
|
||||
case CFG80211_CONN_ABANDON:
|
||||
/* free directly, disconnected event already sent */
|
||||
cfg80211_sme_free(wdev);
|
||||
return 0;
|
||||
@@ -423,6 +426,17 @@ void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev)
|
||||
schedule_work(&rdev->conn_work);
|
||||
}
|
||||
|
||||
void cfg80211_sme_abandon_assoc(struct wireless_dev *wdev)
|
||||
{
|
||||
struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
|
||||
|
||||
if (!wdev->conn)
|
||||
return;
|
||||
|
||||
wdev->conn->state = CFG80211_CONN_ABANDON;
|
||||
schedule_work(&rdev->conn_work);
|
||||
}
|
||||
|
||||
static int cfg80211_sme_get_conn_ies(struct wireless_dev *wdev,
|
||||
const u8 *ies, size_t ies_len,
|
||||
const u8 **out_ies, size_t *out_ies_len)
|
||||
|
||||
Reference in New Issue
Block a user