Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp3928999imm;
        Mon, 8 Oct 2018 11:51:08 -0700 (PDT)
X-Google-Smtp-Source: ACcGV634Jw5pum5DQmWvKbkk/alGjpRWnoASOIyxDPxYxgAX/HsHLjAoAll6+//UVdadlY9KRMMy
X-Received: by 2002:a17:902:2808:: with SMTP id e8-v6mr24517297plb.327.1539024668691;
        Mon, 08 Oct 2018 11:51:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1539024668; cv=none;
        d=google.com; s=arc-20160816;
        b=VM7/9i1TVJV5w9re6PalJOs4IIMYDxANZVkPAoXHfPcrOi22cXRMkPqV7K//Id2QJz
         Ux/H4dOOMVMt3JVfBbIJIFYs5exUXXftNzvYB3n34JrAQ8BYCkt+/AHNCqhyrF+gO8nA
         U1IAufBOAF2aE6znK9QQp/ayWZDRpge6eDpg2mmA/zYczKgqJsTskDhZe8jiWrCLJw/e
         rYXIaALHZb+vS1HHPsx/7GafJbGh/rJovSe+LUsctJnpt/OdhgUjN/PexyPojVMt+4Pc
         2/HZA6RyPQU8JqFCMBEKS4A33B4P78XxBJ5r06jL6wEnXKgEIwZ+bEYttYCIAB9ZIbOq
         fpsQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=7dSOfKSmFfZmyoTDrXWJXVESzwi0ZFRTeEFU3j21UPU=;
        b=fOeCpzvnchn4NPS2IkdXAc4rOCQmjBIN7hboEcMgYNTDf4NoyL/hTxy77LUX89eY5W
         g5r4XSdsKP1Ib+6EqojsZVq66m+au6Gl9q/s1hIywoxRqR1QxQ4QDmyvKUcw50GJx1co
         612KKOVd5QO8L1ssvJjnBpU6NgrWcS8xbAvb7wRqG1Mt2uWtdRKLbt5goEZiz4rwq1iI
         ULjAwsG+TP4rbiegqy51JkqquGCPkts7W0oKs0twNhgI+c7HpmGgoVcakRc/+QxzoBn7
         PXwaObA+P8FMZHggVlwQF9hU2qVNVFSDhRLf8rMOVZpaMpVTUbqL0bp8e4yUGsFZ5zF9
         f3cw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b="egW1st/k";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q10-v6si21205496pli.202.2018.10.08.11.50.53;
        Mon, 08 Oct 2018 11:51:08 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b="egW1st/k";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731915AbeJICCo (ORCPT <rfc822;jandrusk@gmail.com> + 99 others);
        Mon, 8 Oct 2018 22:02:44 -0400
Received: from mail.kernel.org ([198.145.29.99]:52076 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1730559AbeJICCn (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 8 Oct 2018 22:02:43 -0400
Received: from localhost (ip-213-127-77-176.ip.prioritytelecom.net [213.127.77.176])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id B7B6E204FD;
        Mon,  8 Oct 2018 18:49:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1539024576;
        bh=5vNiUffUODmrcfALlOdbjsG7mMsFu0VHy3Q1kIgx0Sk=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=egW1st/kEc9ahk+qX32DLAO/Sjqw/f48OQUndsmUyWhCV75XZPn19AkLBWsUVG3s3
         fgwA/ncARI2HXqi6uV+vrgD4YyEAwc9eVpKQR76CMbbnRfCAAio6SqWr+FNIXX7cSV
         CvAexqUWwWhXFWbNd1uuKcTuHmj4FdalR9feKdys=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        Emmanuel Grumbach <emmanuel.grumbach@intel.com>,
        Luca Coelho <luciano.coelho@intel.com>,
        Johannes Berg <johannes.berg@intel.com>,
        Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 4.18 062/168] mac80211: dont Tx a deauth frame if the AP forbade Tx
Date:   Mon,  8 Oct 2018 20:30:42 +0200
Message-Id: <20181008175622.410258690@linuxfoundation.org>
X-Mailer: git-send-email 2.19.0
In-Reply-To: <20181008175620.043587728@linuxfoundation.org>
References: <20181008175620.043587728@linuxfoundation.org>
User-Agent: quilt/0.65
X-stable: review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

4.18-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Emmanuel Grumbach <emmanuel.grumbach@intel.com>

[ Upstream commit 6c18b27d6e5c6a7206364eae2b47bc8d8b2fa68f ]

If the driver fails to properly prepare for the channel
switch, mac80211 will disconnect. If the CSA IE had mode
set to 1, it means that the clients are not allowed to send
any Tx on the current channel, and that includes the
deauthentication frame.

Make sure that we don't send the deauthentication frame in
this case.

In iwlwifi, this caused a failure to flush queues since the
firmware already closed the queues after having parsed the
CSA IE. Then mac80211 would wait until the deauthentication
frame would go out (drv_flush(drop=false)) and that would
never happen.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/mac80211/mlme.c |   17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1270,6 +1270,16 @@ ieee80211_sta_process_chanswitch(struct
 					 cbss->beacon_interval));
 	return;
  drop_connection:
+	/*
+	 * This is just so that the disconnect flow will know that
+	 * we were trying to switch channel and failed. In case the
+	 * mode is 1 (we are not allowed to Tx), we will know not to
+	 * send a deauthentication frame. Those two fields will be
+	 * reset when the disconnection worker runs.
+	 */
+	sdata->vif.csa_active = true;
+	sdata->csa_block_tx = csa_ie.mode;
+
 	ieee80211_queue_work(&local->hw, &ifmgd->csa_connection_drop_work);
 	mutex_unlock(&local->chanctx_mtx);
 	mutex_unlock(&local->mtx);
@@ -2453,6 +2463,7 @@ static void __ieee80211_disconnect(struc
 	struct ieee80211_local *local = sdata->local;
 	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
 	u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
+	bool tx;
 
 	sdata_lock(sdata);
 	if (!ifmgd->associated) {
@@ -2460,6 +2471,8 @@ static void __ieee80211_disconnect(struc
 		return;
 	}
 
+	tx = !sdata->csa_block_tx;
+
 	/* AP is probably out of range (or not reachable for another reason) so
 	 * remove the bss struct for that AP.
 	 */
@@ -2467,7 +2480,7 @@ static void __ieee80211_disconnect(struc
 
 	ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
 			       WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
-			       true, frame_buf);
+			       tx, frame_buf);
 	mutex_lock(&local->mtx);
 	sdata->vif.csa_active = false;
 	ifmgd->csa_waiting_bcn = false;
@@ -2478,7 +2491,7 @@ static void __ieee80211_disconnect(struc
 	}
 	mutex_unlock(&local->mtx);
 
-	ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), true,
+	ieee80211_report_disconnect(sdata, frame_buf, sizeof(frame_buf), tx,
 				    WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY);
 
 	sdata_unlock(sdata);