mac80211: add a number of pending fixes
authorFelix Fietkau <nbd@openwrt.org>
Wed, 2 Mar 2016 14:56:48 +0000 (14:56 +0000)
committerFelix Fietkau <nbd@openwrt.org>
Wed, 2 Mar 2016 14:56:48 +0000 (14:56 +0000)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48883

package/kernel/mac80211/patches/338-mac80211-Fix-Public-Action-frame-RX-in-AP-mode.patch [new file with mode: 0644]
package/kernel/mac80211/patches/339-cfg80211-add-radiotap-VHT-info-to-rtap_namespace_siz.patch [new file with mode: 0644]
package/kernel/mac80211/patches/340-mac80211-fix-parsing-of-40Mhz-in-injected-radiotap-h.patch [new file with mode: 0644]
package/kernel/mac80211/patches/341-mac80211-parse-VHT-info-in-injected-frames.patch [new file with mode: 0644]
package/kernel/mac80211/patches/342-mac80211-do-not-pass-injected-frames-without-a-valid.patch [new file with mode: 0644]

diff --git a/package/kernel/mac80211/patches/338-mac80211-Fix-Public-Action-frame-RX-in-AP-mode.patch b/package/kernel/mac80211/patches/338-mac80211-Fix-Public-Action-frame-RX-in-AP-mode.patch
new file mode 100644 (file)
index 0000000..56cd94a
--- /dev/null
@@ -0,0 +1,35 @@
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Tue, 1 Mar 2016 00:29:00 +0200
+Subject: [PATCH] mac80211: Fix Public Action frame RX in AP mode
+
+Public Action frames use special rules for how the BSSID field (Address
+3) is set. A wildcard BSSID is used in cases where the transmitter and
+recipient are not members of the same BSS. As such, we need to accept
+Public Action frames with wildcard BSSID.
+
+Commit db8e17324553 ("mac80211: ignore frames between TDLS peers when
+operating as AP") added a rule that drops Action frames to TDLS-peers
+based on an Action frame having different DA (Address 1) and BSSID
+(Address 3) values. This is not correct since it misses the possibility
+of BSSID being a wildcard BSSID in which case the Address 1 would not
+necessarily match.
+
+Fix this by allowing mac80211 to accept wildcard BSSID in an Action
+frame when in AP mode.
+
+Fixes: db8e17324553 ("mac80211: ignore frames between TDLS peers when operating as AP")
+Cc: stable@vger.kernel.org
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/net/mac80211/rx.c
++++ b/net/mac80211/rx.c
+@@ -3374,6 +3374,7 @@ static bool ieee80211_accept_frame(struc
+                               return false;
+                       /* ignore action frames to TDLS-peers */
+                       if (ieee80211_is_action(hdr->frame_control) &&
++                          !is_broadcast_ether_addr(bssid) &&
+                           !ether_addr_equal(bssid, hdr->addr1))
+                               return false;
+               }
diff --git a/package/kernel/mac80211/patches/339-cfg80211-add-radiotap-VHT-info-to-rtap_namespace_siz.patch b/package/kernel/mac80211/patches/339-cfg80211-add-radiotap-VHT-info-to-rtap_namespace_siz.patch
new file mode 100644 (file)
index 0000000..15d6cd0
--- /dev/null
@@ -0,0 +1,21 @@
+From: Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>
+Date: Fri, 19 Feb 2016 11:43:04 +0100
+Subject: [PATCH] cfg80211: add radiotap VHT info to rtap_namespace_sizes
+
+Add IEEE80211_RADIOTAP_VHT entry to rtap_namespace_sizes array in order to
+define alignment and size of VHT info in tx radiotap
+
+Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+---
+
+--- a/net/wireless/radiotap.c
++++ b/net/wireless/radiotap.c
+@@ -43,6 +43,7 @@ static const struct radiotap_align_size
+       [IEEE80211_RADIOTAP_DATA_RETRIES] = { .align = 1, .size = 1, },
+       [IEEE80211_RADIOTAP_MCS] = { .align = 1, .size = 3, },
+       [IEEE80211_RADIOTAP_AMPDU_STATUS] = { .align = 4, .size = 8, },
++      [IEEE80211_RADIOTAP_VHT] = { .align = 2, .size = 12, },
+       /*
+        * add more here as they are defined in radiotap.h
+        */
diff --git a/package/kernel/mac80211/patches/340-mac80211-fix-parsing-of-40Mhz-in-injected-radiotap-h.patch b/package/kernel/mac80211/patches/340-mac80211-fix-parsing-of-40Mhz-in-injected-radiotap-h.patch
new file mode 100644 (file)
index 0000000..de1b386
--- /dev/null
@@ -0,0 +1,36 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Wed, 24 Feb 2016 16:25:49 +0100
+Subject: [PATCH] mac80211: fix parsing of 40Mhz in injected radiotap
+ header
+
+The MCS bandwidth part of the radiotap header is 2 bits wide. The full 2
+bit have to compared against IEEE80211_RADIOTAP_MCS_BW_40 and not only if
+the first bit is set. Otherwise IEEE80211_RADIOTAP_MCS_BW_40 can be
+confused with IEEE80211_RADIOTAP_MCS_BW_20U.
+
+Fixes: 5ec3aed9ba4c ("mac80211: Parse legacy and HT rate in injected frames")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+---
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -1689,7 +1689,7 @@ static bool ieee80211_parse_tx_radiotap(
+       bool rate_found = false;
+       u8 rate_retries = 0;
+       u16 rate_flags = 0;
+-      u8 mcs_known, mcs_flags;
++      u8 mcs_known, mcs_flags, mcs_bw;
+       int i;
+       info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
+@@ -1765,8 +1765,9 @@ static bool ieee80211_parse_tx_radiotap(
+                           mcs_flags & IEEE80211_RADIOTAP_MCS_SGI)
+                               rate_flags |= IEEE80211_TX_RC_SHORT_GI;
++                      mcs_bw = mcs_flags & IEEE80211_RADIOTAP_MCS_BW_MASK;
+                       if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_BW &&
+-                          mcs_flags & IEEE80211_RADIOTAP_MCS_BW_40)
++                          mcs_bw == IEEE80211_RADIOTAP_MCS_BW_40)
+                               rate_flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
+                       break;
diff --git a/package/kernel/mac80211/patches/341-mac80211-parse-VHT-info-in-injected-frames.patch b/package/kernel/mac80211/patches/341-mac80211-parse-VHT-info-in-injected-frames.patch
new file mode 100644 (file)
index 0000000..ac1f251
--- /dev/null
@@ -0,0 +1,65 @@
+From: Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>
+Date: Tue, 23 Feb 2016 15:43:35 +0100
+Subject: [PATCH] mac80211: parse VHT info in injected frames
+
+Add VHT radiotap parsing support to ieee80211_parse_tx_radiotap().
+That capability has been tested using a d-link dir-860l rev b1 running
+OpenWrt trunk and mt76 driver
+
+Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>
+---
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -1690,6 +1690,8 @@ static bool ieee80211_parse_tx_radiotap(
+       u8 rate_retries = 0;
+       u16 rate_flags = 0;
+       u8 mcs_known, mcs_flags, mcs_bw;
++      u16 vht_known;
++      u8 vht_mcs = 0, vht_nss = 0;
+       int i;
+       info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
+@@ -1771,6 +1773,32 @@ static bool ieee80211_parse_tx_radiotap(
+                               rate_flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
+                       break;
++              case IEEE80211_RADIOTAP_VHT:
++                      vht_known = get_unaligned_le16(iterator.this_arg);
++                      rate_found = true;
++
++                      rate_flags = IEEE80211_TX_RC_VHT_MCS;
++                      if ((vht_known & IEEE80211_RADIOTAP_VHT_KNOWN_GI) &&
++                          (iterator.this_arg[2] &
++                           IEEE80211_RADIOTAP_VHT_FLAG_SGI))
++                              rate_flags |= IEEE80211_TX_RC_SHORT_GI;
++                      if (vht_known &
++                          IEEE80211_RADIOTAP_VHT_KNOWN_BANDWIDTH) {
++                              if (iterator.this_arg[3] == 1)
++                                      rate_flags |=
++                                              IEEE80211_TX_RC_40_MHZ_WIDTH;
++                              else if (iterator.this_arg[3] == 4)
++                                      rate_flags |=
++                                              IEEE80211_TX_RC_80_MHZ_WIDTH;
++                              else if (iterator.this_arg[3] == 11)
++                                      rate_flags |=
++                                              IEEE80211_TX_RC_160_MHZ_WIDTH;
++                      }
++
++                      vht_mcs = iterator.this_arg[4] >> 4;
++                      vht_nss = iterator.this_arg[4] & 0xF;
++                      break;
++
+               /*
+                * Please update the file
+                * Documentation/networking/mac80211-injection.txt
+@@ -1796,6 +1824,9 @@ static bool ieee80211_parse_tx_radiotap(
+               if (rate_flags & IEEE80211_TX_RC_MCS) {
+                       info->control.rates[0].idx = rate;
++              } else if (rate_flags & IEEE80211_TX_RC_VHT_MCS) {
++                      ieee80211_rate_set_vht(info->control.rates, vht_mcs,
++                                             vht_nss);
+               } else {
+                       for (i = 0; i < sband->n_bitrates; i++) {
+                               if (rate * 5 != sband->bitrates[i].bitrate)
diff --git a/package/kernel/mac80211/patches/342-mac80211-do-not-pass-injected-frames-without-a-valid.patch b/package/kernel/mac80211/patches/342-mac80211-do-not-pass-injected-frames-without-a-valid.patch
new file mode 100644 (file)
index 0000000..d7452c2
--- /dev/null
@@ -0,0 +1,23 @@
+From: Felix Fietkau <nbd@openwrt.org>
+Date: Wed, 2 Mar 2016 15:51:40 +0100
+Subject: [PATCH] mac80211: do not pass injected frames without a valid rate to
+ the driver
+
+Fall back to rate control if the requested bitrate was not found.
+
+Fixes: dfdfc2beb0dd ("mac80211: Parse legacy and HT rate in injected frames")
+Signed-off-by: Felix Fietkau <nbd@openwrt.org>
+---
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -1837,6 +1837,9 @@ static bool ieee80211_parse_tx_radiotap(
+                       }
+               }
++              if (info->control.rates[0].idx < 0)
++                      info->control.flags &= ~IEEE80211_TX_CTRL_RATE_INJECT;
++
+               info->control.rates[0].flags = rate_flags;
+               info->control.rates[0].count = min_t(u8, rate_retries + 1,
+                                                    local->hw.max_rate_tries);