From f561b910e8d47b4b488fd37a389c2973649a23fd Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Mon, 26 Jan 2009 00:27:49 +0000 Subject: [PATCH] madwifi: fix a race condition in the wds sta separation, which is triggered by using wpa authentication on the ap SVN-Revision: 14193 --- package/madwifi/patches/370-wdsvap.patch | 22 +++++++++---------- .../patches/392-remove_wds_nodetracking.patch | 2 +- .../madwifi/patches/393-mbss_vap_auth.patch | 6 ++--- package/madwifi/patches/394-probereq.patch | 2 +- .../patches/405-retransmit_check.patch | 2 +- 5 files changed, 17 insertions(+), 17 deletions(-) diff --git a/package/madwifi/patches/370-wdsvap.patch b/package/madwifi/patches/370-wdsvap.patch index f35e657725..94d75f0411 100644 --- a/package/madwifi/patches/370-wdsvap.patch +++ b/package/madwifi/patches/370-wdsvap.patch @@ -680,14 +680,10 @@ } break; case IEEE80211_M_IBSS: -@@ -540,16 +548,32 @@ ieee80211_input(struct ieee80211vap * va +@@ -540,16 +548,28 @@ ieee80211_input(struct ieee80211vap * va vap->iv_stats.is_rx_notassoc++; goto err; } -+ -+ /* subif isn't fully set up yet, drop the frame */ -+ if (ni->ni_subif == ni->ni_vap) -+ goto err; + /* * If we're a 4 address packet, make sure we have an entry in @@ -716,7 +712,7 @@ if (!(vap->iv_flags_ext & IEEE80211_FEXT_WDS)) { IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT, -@@ -557,7 +581,6 @@ ieee80211_input(struct ieee80211vap * va +@@ -557,7 +577,6 @@ ieee80211_input(struct ieee80211vap * va goto err; } wh4 = (struct ieee80211_frame_addr4 *)skb->data; @@ -724,7 +720,7 @@ ni_wds = ieee80211_find_wds_node(nt, wh4->i_addr4); /* Last call increments ref count if !NULL */ if ((ni_wds != NULL) && (ni_wds != ni)) { -@@ -608,6 +631,11 @@ ieee80211_input(struct ieee80211vap * va +@@ -608,6 +627,11 @@ ieee80211_input(struct ieee80211vap * va goto out; } @@ -736,7 +732,7 @@ /* * Handle privacy requirements. Note that we * must not be preempted from here until after -@@ -680,8 +708,12 @@ ieee80211_input(struct ieee80211vap * va +@@ -680,8 +704,12 @@ ieee80211_input(struct ieee80211vap * va if (! accept_data_frame(vap, ni, key, skb, eh)) goto out; @@ -751,15 +747,19 @@ IEEE80211_NODE_STAT(ni, rx_data); IEEE80211_NODE_STAT_ADD(ni, rx_bytes, skb->len); ic->ic_lastdata = jiffies; -@@ -1114,6 +1146,13 @@ ieee80211_deliver_data(struct ieee80211_ +@@ -1114,6 +1142,17 @@ ieee80211_deliver_data(struct ieee80211_ dev = vap->iv_xrvap->iv_dev; #endif + /* if the node has a wds subif, move data frames there, + * but keep EAP traffic on the master */ + if (ni->ni_subif && ((eh)->ether_type != __constant_htons(ETHERTYPE_PAE))) { -+ vap = ni->ni_subif; -+ dev = vap->iv_dev; ++ if (ni->ni_vap == ni->ni_subif) { ++ ieee80211_dev_kfree_skb(&skb); ++ } else { ++ vap = ni->ni_subif; ++ dev = vap->iv_dev; ++ } + } + /* perform as a bridge within the vap */ diff --git a/package/madwifi/patches/392-remove_wds_nodetracking.patch b/package/madwifi/patches/392-remove_wds_nodetracking.patch index d035fd6158..872a18e98f 100644 --- a/package/madwifi/patches/392-remove_wds_nodetracking.patch +++ b/package/madwifi/patches/392-remove_wds_nodetracking.patch @@ -1,6 +1,6 @@ --- a/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c -@@ -572,36 +572,6 @@ ieee80211_input(struct ieee80211vap * va +@@ -568,36 +568,6 @@ ieee80211_input(struct ieee80211vap * va } } diff --git a/package/madwifi/patches/393-mbss_vap_auth.patch b/package/madwifi/patches/393-mbss_vap_auth.patch index 3b8a522498..802f795d3b 100644 --- a/package/madwifi/patches/393-mbss_vap_auth.patch +++ b/package/madwifi/patches/393-mbss_vap_auth.patch @@ -249,7 +249,7 @@ KASSERT(skb->len >= sizeof(struct ieee80211_frame_min), ("frame length too short: %u", skb->len)); -@@ -848,10 +847,11 @@ ieee80211_input(struct ieee80211vap * va +@@ -844,10 +843,11 @@ ieee80211_input(struct ieee80211vap * va err: vap->iv_devstats.rx_errors++; out: @@ -263,7 +263,7 @@ return type; #undef HAS_SEQ } -@@ -933,16 +933,23 @@ int +@@ -929,16 +929,23 @@ int ieee80211_input_all(struct ieee80211com *ic, struct sk_buff *skb, int rssi, u_int64_t rtsf) { @@ -287,7 +287,7 @@ if (TAILQ_NEXT(vap, iv_next) != NULL) { skb1 = skb_copy(skb, GFP_ATOMIC); if (skb1 == NULL) { -@@ -954,8 +961,10 @@ ieee80211_input_all(struct ieee80211com +@@ -950,8 +957,10 @@ ieee80211_input_all(struct ieee80211com skb1 = skb; skb = NULL; } diff --git a/package/madwifi/patches/394-probereq.patch b/package/madwifi/patches/394-probereq.patch index 1dd0bcd136..6d8b7c744b 100644 --- a/package/madwifi/patches/394-probereq.patch +++ b/package/madwifi/patches/394-probereq.patch @@ -1,6 +1,6 @@ --- a/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c -@@ -3618,6 +3618,8 @@ ieee80211_recv_mgmt(struct ieee80211vap +@@ -3611,6 +3611,8 @@ ieee80211_recv_mgmt(struct ieee80211vap vap->iv_stats.is_rx_mgtdiscard++; return; } diff --git a/package/madwifi/patches/405-retransmit_check.patch b/package/madwifi/patches/405-retransmit_check.patch index dadb4239ca..11e78aba87 100644 --- a/package/madwifi/patches/405-retransmit_check.patch +++ b/package/madwifi/patches/405-retransmit_check.patch @@ -11,7 +11,7 @@ #define IEEE80211_QOS_TXOP 0x00ff --- a/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c -@@ -436,7 +436,7 @@ ieee80211_input(struct ieee80211vap * va +@@ -428,7 +428,7 @@ ieee80211_input(struct ieee80211vap * va tid = 0; rxseq = le16toh(*(__le16 *)wh->i_seq); if ((wh->i_fc[1] & IEEE80211_FC1_RETRY) &&