aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChun-Yeow Yeoh <yeohchunyeow@gmail.com>2013-07-19 05:37:39 -0400
committerJohannes Berg <johannes.berg@intel.com>2013-07-22 09:32:47 -0400
commit40d18ff959fe8b847be4f7b03f84644a7c18211e (patch)
tree04ec94d00b4f1b654afb1946cc98bd5d65172763
parent5c9fc93bc9bc417418fc1b6366833ae6a07b804d (diff)
mac80211: prevent the buffering or frame transmission to non-assoc mesh STA
This patch is intended to avoid the buffering to non-assoc mesh STA and also to avoid the triggering of frame to non-assoc mesh STA which could cause kernel panic in specific hw. One of the examples, is kernel panic happens to ath9k if user space inserts the mesh STA and not proceed with the SAE and AMPE, and later the same mesh STA is detected again. The sta_state of the mesh STA remains at IEEE80211_STA_NONE and if the ieee80211_sta_ps_deliver_wakeup is called and subsequently the ath_tx_aggr_wakeup, the kernel panic due to ath_tx_node_init is not called before to initialize the require data structures. This issue is reported by Cedric Voncken before. http://www.spinics.net/lists/linux-wireless/msg106342.html [<831ea6b4>] ath_tx_aggr_wakeup+0x44/0xcc [ath9k] [<83084214>] ieee80211_sta_ps_deliver_wakeup+0xb8/0x208 [mac80211] [<830b9824>] ieee80211_mps_sta_status_update+0x94/0x108 [mac80211] [<83099398>] ieee80211_sta_ps_transition+0xc94/0x34d8 [mac80211] [<8022399c>] nf_iterate+0x98/0x104 [<8309bb60>] ieee80211_sta_ps_transition+0x345c/0x34d8 [mac80211] Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-rw-r--r--net/mac80211/mesh_ps.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/net/mac80211/mesh_ps.c b/net/mac80211/mesh_ps.c
index 3b7bfc01ee36..22290a929b94 100644
--- a/net/mac80211/mesh_ps.c
+++ b/net/mac80211/mesh_ps.c
@@ -229,6 +229,10 @@ void ieee80211_mps_sta_status_update(struct sta_info *sta)
229 enum nl80211_mesh_power_mode pm; 229 enum nl80211_mesh_power_mode pm;
230 bool do_buffer; 230 bool do_buffer;
231 231
232 /* For non-assoc STA, prevent buffering or frame transmission */
233 if (sta->sta_state < IEEE80211_STA_ASSOC)
234 return;
235
232 /* 236 /*
233 * use peer-specific power mode if peering is established and the 237 * use peer-specific power mode if peering is established and the
234 * peer's power mode is known 238 * peer's power mode is known