Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 7b1f4ffab73d9319b8132bbf5f4a0e2110a98bde^! / . / net / mac80211 / mlme.c
commit7b1f4ffab73d9319b8132bbf5f4a0e2110a98bde[log] [tgz]
authorYu Wang <yyuwang@codeaurora.org>Fri May 10 17:04:52 2019 +0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Sat Oct 05 12:30:09 2019 +0200
treeb8af5c08d52e2ee16649de11172b11ebe894d878
parent2b81ffa863713a123679a329a189fc33c89b7d8b [diff] [blame]
mac80211: handle deauthentication/disassociation from TDLS peer

[ Upstream commit 79c92ca42b5a3e0ea172ea2ce8df8e125af237da ]

When receiving a deauthentication/disassociation frame from a TDLS
peer, a station should not disconnect the current AP, but only
disable the current TDLS link if it's enabled.

Without this change, a TDLS issue can be reproduced by following the
steps as below:

1. STA-1 and STA-2 are connected to AP, bidirection traffic is running
   between STA-1 and STA-2.
2. Set up TDLS link between STA-1 and STA-2, stay for a while, then
   teardown TDLS link.
3. Repeat step #2 and monitor the connection between STA and AP.

During the test, one STA may send a deauthentication/disassociation
frame to another, after TDLS teardown, with reason code 6/7, which
means: Class 2/3 frame received from nonassociated STA.

On receive this frame, the receiver STA will disconnect the current
AP and then reconnect. It's not a expected behavior, purpose of this
frame should be disabling the TDLS link, not the link with AP.

Cc: stable@vger.kernel.org
Signed-off-by: Yu Wang <yyuwang@codeaurora.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 090e2aa..c75594a 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c

@@ -2755,7 +2755,7 @@
 #define case_WLAN(type) \
 	case WLAN_REASON_##type: return #type
 
-static const char *ieee80211_get_reason_code_string(u16 reason_code)
+const char *ieee80211_get_reason_code_string(u16 reason_code)
 {
 	switch (reason_code) {
 	case_WLAN(UNSPECIFIED);
@@ -2820,6 +2820,11 @@
 	if (len < 24 + 2)
 		return;
 
+	if (!ether_addr_equal(mgmt->bssid, mgmt->sa)) {
+		ieee80211_tdls_handle_disconnect(sdata, mgmt->sa, reason_code);
+		return;
+	}
+
 	if (ifmgd->associated &&
 	    ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) {
 		const u8 *bssid = ifmgd->associated->bssid;
@@ -2869,6 +2874,11 @@
 
 	reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
 
+	if (!ether_addr_equal(mgmt->bssid, mgmt->sa)) {
+		ieee80211_tdls_handle_disconnect(sdata, mgmt->sa, reason_code);
+		return;
+	}
+
 	sdata_info(sdata, "disassociated from %pM (Reason: %u=%s)\n",
 		   mgmt->sa, reason_code,
 		   ieee80211_get_reason_code_string(reason_code));