Received: by 2002:a25:23cc:0:0:0:0:0 with SMTP id j195csp29002ybj; Fri, 8 May 2020 05:53:27 -0700 (PDT) X-Google-Smtp-Source: APiQypJcoQN6Xc2fDQD2Z/HYblwkGDS3yMQHfKzDkgEyluV+8FRJkiRbalZnqPHh1ZbGTuf/9QVk X-Received: by 2002:a17:907:402f:: with SMTP id nr23mr1801939ejb.240.1588942407053; Fri, 08 May 2020 05:53:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588942407; cv=none; d=google.com; s=arc-20160816; b=EZgG/MhOjH6G51VHPtVuHrhvAj+/bvEr3k42oBBJugonOdHVKEv33S4giAqLpcr7mZ nzZju9gWPz1dcV75Qr5VIAuaqsaHWupZYPpVXtiulimmJfN2j0/v8VITjKdpTwxBOZCi Y8OOajvuvjzcHEwiKJ6RTJrPp3G6s40EpiPa1GIbI/vwFbkkJPZp5keDJKND1c/yEFCd f3G46YoV3BgPYg9qG5Hn1ywm9YoKE8AhSO7SLZYP/ZuPrqZAlOLAmPuKpsyBLOGstiOr X8Kk4jKoCKKkaJVHFQB9P0ljBl7ZZuDOcyiUgcAb6Cb91JII4D1jO66WhwVaAnjZMLSc t0nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=J8KJFMBzX3wIFtAoWlHrx85Swi89B6ftAUjtcmEzg4A=; b=apbdFsze3PnS8SlzwZGQYlCguA1J3az1oATXy04TwghX1VPGyOzsbsHeRyxMzbydVa pRi4Xn7bFcf1BIE3uX66UmCySbb5awxWlwYMPvDGrPyyWMVRJUCvK8hG1KPWuRzkGmPS 3BDNV68cNEiIrqb5HlqtUckWeAN1bn/rXVqJIkEhbsTZopcOJeq8dCnOvtKwq8Kc/6UE tHhK8l//sxBo8LOooR6WXi/QwWcg3/MReeD6iugFgXEgonP412YXnNsoPIdl03cuwVP/ EZC+jmFsFTusucSHOoYOh85vXVMjgSn/cQIqtHTbe59ldDmgZDSmF6dyhLOyVusp0N8W ZSRQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=M2Gu5buD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g16si774579edr.382.2020.05.08.05.53.04; Fri, 08 May 2020 05:53:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=M2Gu5buD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729768AbgEHMtp (ORCPT + 99 others); Fri, 8 May 2020 08:49:45 -0400 Received: from mail.kernel.org ([198.145.29.99]:55844 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729471AbgEHMto (ORCPT ); Fri, 8 May 2020 08:49:44 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DB62D21473; Fri, 8 May 2020 12:49:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588942183; bh=EAKMgY6xCrZM4up5avqLeTfZ9cOLJffNlQWSPmJWuEc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=M2Gu5buDsv8aGgqbijBg657Atc0kq/ObIHoMf24XaoytszVFcMqgESaAhIzH2JoZE /tQ21LCtIUQpjoSm6DsX/aFasvxPN9VZDOq5VDsP7WNfgm/FvMT4YxnzChjy4xCk+X 2MeEllwWWqdJrXi2Yx2B8hsFzolnJnC24laY4Iyg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Thomas Pedersen , Johannes Berg Subject: [PATCH 4.9 18/18] mac80211: add ieee80211_is_any_nullfunc() Date: Fri, 8 May 2020 14:35:21 +0200 Message-Id: <20200508123034.475166325@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200508123030.497793118@linuxfoundation.org> References: <20200508123030.497793118@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Thomas Pedersen commit 30b2f0be23fb40e58d0ad2caf8702c2a44cda2e1 upstream. commit 08a5bdde3812 ("mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED") Fixed a bug where we failed to take into account a nullfunc frame can be either non-QoS or QoS. It turns out there is at least one more bug in ieee80211_sta_tx_notify(), introduced in commit 7b6ddeaf27ec ("mac80211: use QoS NDP for AP probing"), where we forgot to check for the QoS variant and so assumed the QoS nullfunc frame never went out Fix this by adding a helper ieee80211_is_any_nullfunc() which consolidates the check for non-QoS and QoS nullfunc frames. Replace existing compound conditionals and add a couple more missing checks for QoS variant. Signed-off-by: Thomas Pedersen Link: https://lore.kernel.org/r/20200114055940.18502-3-thomas@adapt-ip.com Signed-off-by: Johannes Berg Signed-off-by: Greg Kroah-Hartman --- include/linux/ieee80211.h | 9 +++++++++ net/mac80211/mlme.c | 2 +- net/mac80211/rx.c | 8 +++----- net/mac80211/status.c | 5 ++--- net/mac80211/tx.c | 2 +- 5 files changed, 16 insertions(+), 10 deletions(-) --- a/include/linux/ieee80211.h +++ b/include/linux/ieee80211.h @@ -620,6 +620,15 @@ static inline bool ieee80211_is_qos_null } /** + * ieee80211_is_any_nullfunc - check if frame is regular or QoS nullfunc frame + * @fc: frame control bytes in little-endian byteorder + */ +static inline bool ieee80211_is_any_nullfunc(__le16 fc) +{ + return (ieee80211_is_nullfunc(fc) || ieee80211_is_qos_nullfunc(fc)); +} + +/** * ieee80211_is_bufferable_mmpdu - check if frame is bufferable MMPDU * @fc: frame control field in little-endian byteorder */ --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -2277,7 +2277,7 @@ void ieee80211_sta_tx_notify(struct ieee if (!ieee80211_is_data(hdr->frame_control)) return; - if (ieee80211_is_nullfunc(hdr->frame_control) && + if (ieee80211_is_any_nullfunc(hdr->frame_control) && sdata->u.mgd.probe_send_count > 0) { if (ack) ieee80211_sta_reset_conn_monitor(sdata); --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c @@ -1231,8 +1231,7 @@ ieee80211_rx_h_check_dup(struct ieee8021 return RX_CONTINUE; if (ieee80211_is_ctl(hdr->frame_control) || - ieee80211_is_nullfunc(hdr->frame_control) || - ieee80211_is_qos_nullfunc(hdr->frame_control) || + ieee80211_is_any_nullfunc(hdr->frame_control) || is_multicast_ether_addr(hdr->addr1)) return RX_CONTINUE; @@ -1617,8 +1616,7 @@ ieee80211_rx_h_sta_process(struct ieee80 * Drop (qos-)data::nullfunc frames silently, since they * are used only to control station power saving mode. */ - if (ieee80211_is_nullfunc(hdr->frame_control) || - ieee80211_is_qos_nullfunc(hdr->frame_control)) { + if (ieee80211_is_any_nullfunc(hdr->frame_control)) { I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc); /* @@ -2112,7 +2110,7 @@ static int ieee80211_drop_unencrypted(st /* Drop unencrypted frames if key is set. */ if (unlikely(!ieee80211_has_protected(fc) && - !ieee80211_is_nullfunc(fc) && + !ieee80211_is_any_nullfunc(fc) && ieee80211_is_data(fc) && rx->key)) return -EACCES; --- a/net/mac80211/status.c +++ b/net/mac80211/status.c @@ -480,8 +480,7 @@ static void ieee80211_report_ack_skb(str rcu_read_lock(); sdata = ieee80211_sdata_from_skb(local, skb); if (sdata) { - if (ieee80211_is_nullfunc(hdr->frame_control) || - ieee80211_is_qos_nullfunc(hdr->frame_control)) + if (ieee80211_is_any_nullfunc(hdr->frame_control)) cfg80211_probe_status(sdata->dev, hdr->addr1, cookie, acked, GFP_ATOMIC); @@ -914,7 +913,7 @@ void ieee80211_tx_status(struct ieee8021 I802_DEBUG_INC(local->dot11FailedCount); } - if (ieee80211_is_nullfunc(fc) && ieee80211_has_pm(fc) && + if (ieee80211_is_any_nullfunc(fc) && ieee80211_has_pm(fc) && ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS) && !(info->flags & IEEE80211_TX_CTL_INJECTED) && local->ps_sdata && !(local->scanning)) { --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c @@ -294,7 +294,7 @@ ieee80211_tx_h_check_assoc(struct ieee80 if (unlikely(test_bit(SCAN_SW_SCANNING, &tx->local->scanning)) && test_bit(SDATA_STATE_OFFCHANNEL, &tx->sdata->state) && !ieee80211_is_probe_req(hdr->frame_control) && - !ieee80211_is_nullfunc(hdr->frame_control)) + !ieee80211_is_any_nullfunc(hdr->frame_control)) /* * When software scanning only nullfunc frames (to notify * the sleep state to the AP) and probe requests (for the