2019-11-13 23:56:29

by Ming Chen

[permalink] [raw]
Subject: [PATCH] mac80211: Drop the packets whose source or destination mac address is empty

We occasionally found ath9k could receive some packets from Linux IP stack
with empty source and destination mac address,which will result in the
driver cannot find the station node in TX complete. And thus, the driver
will complete this buffer but without updating the block ack window.

To fix this issue, we should drop this kind of error packet before it
goes into the driver.
---
net/mac80211/tx.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)

diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index db38be1b75fa..0668123e8e85 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -2481,6 +2481,7 @@ static struct sk_buff *ieee80211_build_hdr(struct ieee80211_sub_if_data *sdata,
bool tdls_peer;
bool multicast;
u16 info_id = 0;
+ const int empty_mac[ETH_ALEN] = {0};
struct ieee80211_chanctx_conf *chanctx_conf;
struct ieee80211_sub_if_data *ap_sdata;
enum nl80211_band band;
@@ -2489,6 +2490,13 @@ static struct sk_buff *ieee80211_build_hdr(struct ieee80211_sub_if_data *sdata,
if (IS_ERR(sta))
sta = NULL;

+ /* drop this skb when source mac or destination mac is empty */
+ if (!memcmp(skb->data, empty_mac, ETH_ALEN) ||
+ !memcmp(skb->data + ETH_ALEN, empty_mac, ETH_ALEN)) {
+ ret = -ENOTCONN;
+ goto free;
+ }
+
#ifdef CONFIG_MAC80211_DEBUGFS
if (local->force_tx_status)
info_flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
@@ -3414,6 +3422,7 @@ static bool ieee80211_xmit_fast(struct ieee80211_sub_if_data *sdata,
struct ieee80211_local *local = sdata->local;
u16 ethertype = (skb->data[12] << 8) | skb->data[13];
int extra_head = fast_tx->hdr_len - (ETH_HLEN - 2);
+ const int empty_mac[ETH_ALEN] = {0};
int hw_headroom = sdata->local->hw.extra_tx_headroom;
struct ethhdr eth;
struct ieee80211_tx_info *info;
@@ -3435,6 +3444,12 @@ static bool ieee80211_xmit_fast(struct ieee80211_sub_if_data *sdata,
if (skb->sk && skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS)
return false;

+ /* drop this skb when source mac or destination mac is empty */
+ if (!memcmp(skb->data, empty_mac, ETH_ALEN) ||
+ !memcmp(skb->data + ETH_ALEN, empty_mac, ETH_ALEN)) {
+ return false;
+ }
+
if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) {
tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
--
2.17.1