[ 064/117] mac80211: ignore (E)CSA in probe response frames

From: Greg Kroah-Hartman
Date: Tue Sep 24 2013 - 20:33:41 EST

Next message: Greg Kroah-Hartman: "[ 072/117] HID: kye: Add report fixup for Genius Gx Imperator Keyboard"
Previous message: Greg Kroah-Hartman: "[ 074/117] HID: Fix Speedlink VAD Cezanne support for some devices"
In reply to: Greg Kroah-Hartman: "[ 074/117] HID: Fix Speedlink VAD Cezanne support for some devices"
Next in thread: Greg Kroah-Hartman: "[ 072/117] HID: kye: Add report fixup for Genius Gx Imperator Keyboard"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.11-stable review patch. If anyone has any objections, please let me know.

------------------

From: Johannes Berg <johannes.berg@xxxxxxxxx>

commit d70b7616d9080ec9f868fbd31db5fd4341435d61 upstream.

Seth reports that some APs, notably the Netgear WNDAP360, send
invalid ECSA IEs in probe response frames with the operating
class and channel number both set to zero, even when no channel
switch is being done. As a result, any scan while connected to
such an AP results in the connection being dropped.

Fix this by ignoring any channel switch announcment in probe
response frames entirely, since we're connected to the AP we
will be receiving a beacon (and maybe even an action frame) if
a channel switch is done, which is sufficient.

Reported-by: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
Tested-by: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
net/mac80211/mlme.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)

--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -2851,14 +2851,6 @@ static void ieee80211_rx_bss_info(struct
ieee80211_rx_bss_put(local, bss);
sdata->vif.bss_conf.beacon_rate = bss->beacon_rate;
}
-
- if (!sdata->u.mgd.associated ||
- !ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid))
- return;
-
- ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
- elems, true);
-
}

@@ -3147,6 +3139,9 @@ static void ieee80211_rx_mgmt_beacon(str

ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);

+ ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
+ &elems, true);
+
if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
elems.wmm_param_len))
changed |= BSS_CHANGED_QOS;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[ 072/117] HID: kye: Add report fixup for Genius Gx Imperator Keyboard"
Previous message: Greg Kroah-Hartman: "[ 074/117] HID: Fix Speedlink VAD Cezanne support for some devices"
In reply to: Greg Kroah-Hartman: "[ 074/117] HID: Fix Speedlink VAD Cezanne support for some devices"
Next in thread: Greg Kroah-Hartman: "[ 072/117] HID: kye: Add report fixup for Genius Gx Imperator Keyboard"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]