mac80211: fix skb size calculation in 4addr mode (FS#24)

The PDU length of incoming LLC frames is set to the total skb payload size
in __ieee80211_data_to_8023() of net/wireless/util.c which incorrectly
includes the length of the IEEE 802.11 header.

The resulting LLC frame header has a too large PDU length, causing the
llc_fixup_skb() function of net/llc/llc_input.c to reject the incoming
skb, effectively breaking STP.

Solve the problem by properly substracting the IEEE 802.11 frame header size
from the PDU length, allowing the LLC processor to pick up the incoming
control messages.

Special thanks to Gerry Rozema for tracking down the regression and proposing
a suitable patch.

Fixes FS#24.

References:
https://bugs.lede-project.org/index.php?do=details&task_id=24

Reported-by: Gerry Rozema <gerryr@rozeware.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/package/kernel/mac80211/patches/533-mac80211_correct_4addr_skbsize.patch b/package/kernel/mac80211/patches/533-mac80211_correct_4addr_skbsize.patch
new file mode 100644 (file)
index 0000000..afd8cca
--- /dev/null
+++ b/package/kernel/mac80211/patches/533-mac80211_correct_4addr_skbsize.patch
@@ -0,0 +1,11 @@
+--- a/net/wireless/util.c
++++ b/net/wireless/util.c
+@@ -509,7 +509,7 @@ static int __ieee80211_data_to_8023(stru
+                * replace EtherType */
+               hdrlen += ETH_ALEN + 2;
+       else
+-              tmp.h_proto = htons(skb->len);
++              tmp.h_proto = htons(skb->len - hdrlen);
+ 
+       pskb_pull(skb, hdrlen);
+