diff mbox series

authentication timed out by "wifi: mac80211: do link->MLD address translation on RX"

Message ID efad76dd-14ff-4a36-ec67-fe6f3b8dcc5b@quicinc.com (mailing list archive)
State Not Applicable
Delegated to: Johannes Berg
Headers show
Series authentication timed out by "wifi: mac80211: do link->MLD address translation on RX" | expand

Commit Message

Wen Gong Jan. 9, 2023, 9:48 a.m. UTC
Hi Johannes,

When the rx packet is skb_copy(), the hdr is not re-assign the new skb 
value, and lead the

operation of "translate to MLD addresses" take effect on the original 
skb, and lead

the check "if (!ether_addr_equal(ifmgd->auth_data->ap_addr, 
mgmt->bssid))" fail in ieee80211_rx_mgmt_auth(),

and thus happened "authentication timed out".

After below change, issue not happen again.

                  */


commit:

https://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git/commit/?id=42fb9148c078004d07b4c39bd7b1086b6165780c

wifi: mac80211: do link->MLD address translation on RX

Comments

Johannes Berg Jan. 9, 2023, 10:04 a.m. UTC | #1
Hi,

On Mon, 2023-01-09 at 17:48 +0800, Wen Gong wrote:
> Hi Johannes,
> 
> When the rx packet is skb_copy(), the hdr is not re-assign the new skb 
> value, and lead the
> 
> operation of "translate to MLD addresses" take effect on the original 
> skb, and lead
> 
> the check "if (!ether_addr_equal(ifmgd->auth_data->ap_addr, 
> mgmt->bssid))" fail in ieee80211_rx_mgmt_auth(),
> 
> and thus happened "authentication timed out".
> 
> After below change, issue not happen again.
> 

Yeah ... We found and fixed this, and then a few days later someone else
submitted a patch for it:


https://patchwork.kernel.org/project/linux-wireless/patch/20221208040050.25922-1-quic_srirrama@quicinc.com/

johannes
diff mbox series

Patch

--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -4854,6 +4854,8 @@  static bool ieee80211_prepare_and_rx_handle(struct 
ieee80211_rx_data *rx,
                         return true;
                 }

+               hdr = (void *)rx->skb->data;
+
                 /* skb_copy() does not copy the hw timestamps, so copy it
                  * explicitly