mac80211: fix monitor mode tx radiotap header handling
When an injected frame gets buffered for a powersave STA or filtered and retransmitted, mac80211 attempts to parse the radiotap header again, which doesn't work because it's gone at that point. This patch adds a new flag for checking the availability of a radiotap header, so that it only attempts to parse it once, reusing the tx info on the next call to ieee80211_tx(). This fixes severe issues with rekeying in AP mode. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Cc: stable@kernel.org Signed-off-by: John W. Linville <linville@tuxdriver.com>
This commit is contained in:
Felix Fietkau
John W. Linville
parent
4754ffd68b
commit
17ad353b8d
@ -275,6 +275,8 @@ struct ieee80211_bss_conf {
|
|||||||
* @IEEE80211_TX_INTFL_RETRANSMISSION: This frame is being retransmitted
|
* @IEEE80211_TX_INTFL_RETRANSMISSION: This frame is being retransmitted
|
||||||
* after TX status because the destination was asleep, it must not
|
* after TX status because the destination was asleep, it must not
|
||||||
* be modified again (no seqno assignment, crypto, etc.)
|
* be modified again (no seqno assignment, crypto, etc.)
|
||||||
|
* @IEEE80211_TX_INTFL_HAS_RADIOTAP: This frame was injected and still
|
||||||
|
* has a radiotap header at skb->data.
|
||||||
*/
|
*/
|
||||||
enum mac80211_tx_control_flags {
|
enum mac80211_tx_control_flags {
|
||||||
IEEE80211_TX_CTL_REQ_TX_STATUS = BIT(0),
|
IEEE80211_TX_CTL_REQ_TX_STATUS = BIT(0),
|
||||||
@ -296,6 +298,7 @@ enum mac80211_tx_control_flags {
|
|||||||
IEEE80211_TX_CTL_PSPOLL_RESPONSE = BIT(17),
|
IEEE80211_TX_CTL_PSPOLL_RESPONSE = BIT(17),
|
||||||
IEEE80211_TX_CTL_MORE_FRAMES = BIT(18),
|
IEEE80211_TX_CTL_MORE_FRAMES = BIT(18),
|
||||||
IEEE80211_TX_INTFL_RETRANSMISSION = BIT(19),
|
IEEE80211_TX_INTFL_RETRANSMISSION = BIT(19),
|
||||||
|
IEEE80211_TX_INTFL_HAS_RADIOTAP = BIT(20),
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -1108,7 +1108,7 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata,
|
|||||||
tx->flags |= IEEE80211_TX_FRAGMENTED;
|
tx->flags |= IEEE80211_TX_FRAGMENTED;
|
||||||
|
|
||||||
/* process and remove the injection radiotap header */
|
/* process and remove the injection radiotap header */
|
||||||
if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) {
|
if (unlikely(info->flags & IEEE80211_TX_INTFL_HAS_RADIOTAP)) {
|
||||||
if (!__ieee80211_parse_tx_radiotap(tx, skb))
|
if (!__ieee80211_parse_tx_radiotap(tx, skb))
|
||||||
return TX_DROP;
|
return TX_DROP;
|
||||||
|
|
||||||
@ -1117,6 +1117,7 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata,
|
|||||||
* the radiotap header that was present and pre-filled
|
* the radiotap header that was present and pre-filled
|
||||||
* 'tx' with tx control information.
|
* 'tx' with tx control information.
|
||||||
*/
|
*/
|
||||||
|
info->flags &= ~IEEE80211_TX_INTFL_HAS_RADIOTAP;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -1499,7 +1500,8 @@ static void ieee80211_xmit(struct ieee80211_sub_if_data *sdata,
|
|||||||
int hdrlen;
|
int hdrlen;
|
||||||
u16 len_rthdr;
|
u16 len_rthdr;
|
||||||
|
|
||||||
info->flags |= IEEE80211_TX_CTL_INJECTED;
|
info->flags |= IEEE80211_TX_CTL_INJECTED |
|
||||||
|
IEEE80211_TX_INTFL_HAS_RADIOTAP;
|
||||||
|
|
||||||
len_rthdr = ieee80211_get_radiotap_len(skb->data);
|
len_rthdr = ieee80211_get_radiotap_len(skb->data);
|
||||||
hdr = (struct ieee80211_hdr *)(skb->data + len_rthdr);
|
hdr = (struct ieee80211_hdr *)(skb->data + len_rthdr);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user