JIRA: https://issues.redhat.com/browse/RHEL-67113
commit e1a9ae3a73810c00e492485fdbae09f0dccb057e
Author: Chenming Huang <quic_chenhuan@quicinc.com>
Date: Mon Sep 23 07:46:44 2024 +0530
wifi: cfg80211: Do not create BSS entries for unsupported channels
Currently, in cfg80211_parse_ml_elem_sta_data(), when RNR element
indicates a BSS that operates in a channel that current regulatory
domain doesn't support, a NULL value is returned by
ieee80211_get_channel_khz() and assigned to this BSS entry's channel
field. Later in cfg80211_inform_single_bss_data(), the reported
BSS entry's channel will be wrongly overridden by transmitted BSS's.
This could result in connection failure that when wpa_supplicant
tries to select this reported BSS entry while it actually resides in
an unsupported channel.
Since this channel is not supported, it is reasonable to skip such
entries instead of reporting wrong information.
Signed-off-by: Chenming Huang <quic_chenhuan@quicinc.com>
Link: https://patch.msgid.link/20240923021644.12885-1-quic_chenhuan@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-67113
commit 450732abad6a75ff5a896a306be238123379e6db
Author: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Date: Wed Sep 4 08:39:17 2024 +0530
wifi: cfg80211: avoid overriding direct/MBSSID BSS with per-STA profile BSS
Avoid overriding BSS information generated from MBSSID or direct source
with BSS information generated from per-STA profile source to avoid
losing actual signal strength and information elements such as RNR and
Basic ML elements.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Link: https://patch.msgid.link/20240904030917.3602369-4-quic_vjakkam@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-67113
commit bff93c89ab19886e17f0a86ea59f2e37141f2ab6
Author: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Date: Wed Sep 4 08:39:16 2024 +0530
wifi: cfg80211: skip indicating signal for per-STA profile BSSs
Currently signal of the BSS entry generated from the per-STA profile
indicated as zero, but userspace may consider it as high signal
strength since 0 dBm is a valid RSSI value.
To avoid this don't report the signal to userspace when the BSS entry
created from a per-STA profile.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Link: https://patch.msgid.link/20240904030917.3602369-3-quic_vjakkam@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-67113
commit 0fdcc994a42cf1306bc0e9ca6c9adeec657f5f02
Author: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Date: Wed Sep 4 08:39:15 2024 +0530
wifi: cfg80211: make BSS source types public
Define public enum with BSS source types in core.h. Upcoming patches
need this to store BSS source type in struct cfg80211_internal_bss.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Link: https://patch.msgid.link/20240904030917.3602369-2-quic_vjakkam@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-67113
commit f54a1baee098170b13b624ca5ed2afdb4d29edbc
Author: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Date: Wed Sep 4 19:50:21 2024 +0530
wifi: cfg80211: Avoid RCU debug splat in __cfg80211_bss_update error paths
Replace rcu_dereference() with rcu_access_pointer() since we already
hold the lock and own the 'tmp' at this point. This is needed to avoid
suspicious rcu_dereference_check warnings in__cfg80211_bss_update error
paths.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Link: https://patch.msgid.link/20240904142021.3887360-1-quic_vjakkam@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-67113
commit a26a5107bc52922cf5f67361e307ad66547b51c7
Author: Dmitry Antipov <dmantipov@yandex.ru>
Date: Thu Sep 5 18:04:00 2024 +0300
wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan()
Looking at https://syzkaller.appspot.com/bug?extid=1a3986bbd3169c307819
and running reproducer with CONFIG_UBSAN_BOUNDS, I've noticed the
following:
[ T4985] UBSAN: array-index-out-of-bounds in net/wireless/scan.c:3479:25
[ T4985] index 164 is out of range for type 'struct ieee80211_channel *[]'
<...skipped...>
[ T4985] Call Trace:
[ T4985] <TASK>
[ T4985] dump_stack_lvl+0x1c2/0x2a0
[ T4985] ? __pfx_dump_stack_lvl+0x10/0x10
[ T4985] ? __pfx__printk+0x10/0x10
[ T4985] __ubsan_handle_out_of_bounds+0x127/0x150
[ T4985] cfg80211_wext_siwscan+0x11a4/0x1260
<...the rest is not too useful...>
Even if we do 'creq->n_channels = n_channels' before 'creq->ssids =
(void *)&creq->channels[n_channels]', UBSAN treats the latter as
off-by-one error. Fix this by using pointer arithmetic rather than
an expression with explicit array indexing and use convenient
'struct_size()' to simplify the math here and in 'kzalloc()' above.
Fixes: 5ba63533bb ("cfg80211: fix alignment problem in scan request")
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
Reviewed-by: Kees Cook <kees@kernel.org>
Link: https://patch.msgid.link/20240905150400.126386-1-dmantipov@yandex.ru
[fix coding style for multi-line calculation]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-50013
commit 6873cc4416078202882691b424fcca5b5fb1a94d
Author: Johannes Berg <johannes.berg@intel.com>
Date: Wed Jul 24 13:29:12 2024 +0200
wifi: cfg80211: correct S1G beacon length calculation
The minimum header length calculation (equivalent to the start
of the elements) for the S1G long beacon erroneously required
only up to the start of u.s1g_beacon rather than the start of
u.s1g_beacon.variable. Fix that, and also shuffle the branches
around a bit to not assign useless values that are overwritten
later.
Reported-by: syzbot+0f3afa93b91202f21939@syzkaller.appspotmail.com
Fixes: 9eaffe5078 ("cfg80211: convert S1G beacon to scan results")
Link: https://patch.msgid.link/20240724132912.9662972db7c1.I8779675b5bbda4994cc66f876b6b87a2361c3c0b@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-50013
commit 459662e83db6eb33f648213bba2c509f4d6dead9
Author: Johannes Berg <johannes.berg@intel.com>
Date: Thu May 23 12:09:47 2024 +0200
wifi: cfg80211: refactor 6 GHz AP power type parsing
Add cfg80211_get_6ghz_power_type() to parse the 6 GHz
power type from a given set of elements, which is now
only inside cfg80211_6ghz_power_type_valid().
Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Link: https://msgid.link/20240523120945.84cdffd94085.I76f434ee12552e8be91273f3b2d776179eaa62f1@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-50013
commit 7f12e26a194d0043441f870708093d9c2c3bad7d
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri Jun 7 20:17:17 2024 +0200
wifi: cfg80211: make hash table duplicates more survivable
Jiazi Li reported that they occasionally see hash table duplicates
as evidenced by the WARN_ON() in rb_insert_bss() in this code. It
isn't clear how that happens, nor have I been able to reproduce it,
but if it does happen, the kernel crashes later, when it tries to
unhash the entry that's now not hashed.
Try to make this situation more survivable by removing the BSS from
the list(s) as well, that way it's fully leaked here (as had been
the intent in the hash insert error path), and no longer reachable
through the list(s) so it shouldn't be unhashed again later.
Link: https://lore.kernel.org/r/20231026013528.GA24122@Jiazi.Li
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Link: https://msgid.link/20240607181726.36835-2-johannes@sipsolutions.net
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-50013
commit 0941772342d59e48733131ac3a202fa1a4d832e9
Author: Johannes Berg <johannes.berg@intel.com>
Date: Tue Jun 11 18:58:16 2024 +0200
wifi: cfg80211: wext: set ssids=NULL for passive scans
In nl80211, we always set the ssids of a scan request to
NULL when n_ssids==0 (passive scan). Drivers have relied
on this behaviour in the past, so we fixed it in 6 GHz
scan requests as well, and added a warning so we'd have
assurance the API would always be called that way.
syzbot found that wext doesn't ensure that, so we reach
the check and trigger the warning. Fix the wext code to
set the ssids pointer to NULL when there are none.
Reported-by: syzbot+cd6135193ba6bb9ad158@syzkaller.appspotmail.com
Fixes: f7a8b10bfd61 ("wifi: cfg80211: fix 6 GHz scan request building")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-50013
commit f7a8b10bfd614d7a9a16fbe80d28ead4f063cb00
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri May 10 11:37:38 2024 +0200
wifi: cfg80211: fix 6 GHz scan request building
The 6 GHz scan request struct allocated by cfg80211_scan_6ghz() is
meant to be formed this way:
[base struct][channels][ssids][6ghz_params]
It is allocated with [channels] as the maximum number of channels
supported by the driver in the 6 GHz band, since allocation is
before knowing how many there will be.
However, the inner pointers are set incorrectly: initially, the
6 GHz scan parameters pointer is set:
[base struct][channels]
^ scan_6ghz_params
and later the SSID pointer is set to the end of the actually
_used_ channels.
[base struct][channels]
^ ssids
If many APs were to be discovered, and many channels used, and
there were many SSIDs, then the SSIDs could overlap the 6 GHz
parameters.
Additionally, the request->ssids for most of the function points
to the original request still (given the struct copy) but is used
normally, which is confusing.
Clear this up, by actually using the allocated space for 6 GHz
parameters _after_ the SSIDs, and set up the SSIDs initially so
they are used more clearly. Just like in nl80211.c, set them
only if there actually are SSIDs though.
Finally, also copy the elements (ie/ie_len) so they're part of
the same request, not pointing to the old request.
Co-developed-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Link: https://msgid.link/20240510113738.4190692ef4ee.I0cb19188be17a8abd029805e3373c0a7777c214c@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-50013
commit dc63b1d08335a6440aac916a20394531c8417683
Author: Anjaneyulu <pagadala.yesu.anjaneyulu@intel.com>
Date: Mon Mar 18 18:53:24 2024 +0200
wifi: cfg80211: handle indoor AFC/LPI AP in probe response and beacon
Mark Indoor LPI and Indoor AFC power types as valid based on channel flags.
While on it, added default case.
Signed-off-by: Anjaneyulu <pagadala.yesu.anjaneyulu@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240318184907.091cfaaa5f45.I23cfa1104a16fd4eb9751b3d0d7b158db4ff3ecd@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-48273
CVE: CVE-2024-40930
commit 4dc3a3893dae5a7f73e5809273aca0f1f3548d55
Author: Johannes Berg <johannes.berg@intel.com>
Date: Thu May 23 12:05:33 2024 +0200
wifi: cfg80211: validate HE operation element parsing
Validate that the HE operation element has the correct
length before parsing it.
Cc: stable@vger.kernel.org
Fixes: 645f3d85129d ("wifi: cfg80211: handle UHB AP and STA power type")
Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240523120533.677025eb4a92.I44c091029ef113c294e8fe8b9bf871bf5dbeeb27@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: CKI Backport Bot <cki-ci-bot+cki-gitlab-backport-bot@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit c7378d7d8be0b44d03c990a2686e64d038c694a5
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Mon Mar 18 18:53:28 2024 +0200
wifi: cfg80211: check BSSID Index against MaxBSSID
Add a verification that the BSSID Index does not exceed the maximum
number of BSSIDs in the Multiple-BSSID set.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240318184907.a7574d415adc.I02f40c2920a9f602898190679cc27d0c8ee2c67d@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 97f8df4db4c8ef50b659d8b228c1f42fe111e7c8
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Mon Mar 18 18:53:29 2024 +0200
wifi: cfg80211: ignore non-TX BSSs in per-STA profile
If a non-TX BSS is included in a per-STA profile, then we cannot set
transmitted_bss for it. Even worse, if we do things properly we should
be configuring both bssid_index and max_bssid_indicator correctly. We do
not actually have both pieces of information (and, some APs currently
do not include either).
So, ignore any per-STA profile where the RNR says that the BSS is not
transmitted. Also fix transmitted_bss to never be set for per-STA
profiles.
This fixes issues where mac80211 was setting the reference BSSID to an
incorrect value.
Fixes: 2481b5da9c6b ("wifi: cfg80211: handle BSS data contained in ML probe responses")
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240318184907.6a0babed655a.Iad447fea417c63f683da793556b97c31d07a4aab@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 8ade3356b25ab2522892a21832a709e7ad5f8168
Author: Johannes Berg <johannes.berg@intel.com>
Date: Wed Feb 28 09:55:42 2024 +0100
wifi: cfg80211: allow cfg80211_defragment_element() without output
If we just want to determine the length of the fragmented
data, we basically need the same logic, and really we want
it to be _literally_ the same logic, so it cannot be out
of sync in any way.
Allow calling cfg80211_defragment_element() without an output
buffer, where it then just returns the required output size.
Also add this to the tests, just to exercise it, using the
pre-calculated length to really do the defragmentation, which
checks that this is sufficient.
Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com>
Reviewed-by: Benjamin Berg <benjamin.berg@intel.com>
Link: https://msgid.link/20240228095718.6d6565b9e3f2.Ib441903f4b8644ba04b1c766f90580ee6f54fc66@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 22667035e5ddb7b68c7d473693b321fb9e20a397
Author: Johannes Berg <johannes.berg@intel.com>
Date: Wed Feb 28 09:55:41 2024 +0100
wifi: cfg80211: expose cfg80211_iter_rnr() to drivers
In mac80211 we'll need to look at reduced neighbor report
entries for channel switch purposes, so export the iteration
function to make that simpler.
Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240228095718.0954809964ef.I53e95c017aa71f14e8d1057afbbc75982ddb43df@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 894dd84e49ec114a2dde7b312ae4cada40d15bdb
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri Feb 16 13:54:32 2024 +0200
wifi: cfg80211: use ML element parsing helpers
Use the existing ML element parsing helpers and add a new
one for this (ieee80211_mle_get_mld_id).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240216135047.4da47b1f035b.I437a5570ac456449facb0b147851ef24a1e473c2@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 6b756efcd9f01a7f972c0aa0da1c4f84658ba156
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri Feb 16 13:54:30 2024 +0200
wifi: cfg80211: refactor RNR parsing
We'll need more parsing of the reduced neighbor report element,
and we already have two places doing pretty much the same.
Combine by refactoring the parsing into a separate function
with a callback for each item found.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Reviewed-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240216135047.cfff14b692fc.Ibe25be88a769eab29ebb17b9d19af666df6a2227@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 7e899c1d6f0da2a98ebf6629274ef912d4c83359
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri Feb 16 13:54:29 2024 +0200
wifi: cfg80211: clean up cfg80211_inform_bss_frame_data()
Make cfg80211_inform_bss_frame_data() call the existing
cfg80211_inform_bss_data() after parsing the frame in the
appropriate way, so we have less code duplication. This
required introducing a new CFG80211_BSS_FTYPE_S1G_BEACON,
but that can be used by other drivers as well.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240216135047.874aed1eff5f.Ib7d88d126eec50c64763251a78cb432bb5df14df@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 317bad4c3b61eaf14a7f5c65521a3aa8b0b6f1bc
Author: Johannes Berg <johannes.berg@intel.com>
Date: Fri Feb 16 13:54:28 2024 +0200
wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data()
This function pretty much does what cfg80211_inform_single_bss_data()
already does, except on a frame data. But we can call the other one,
after populating the inform_data more completely, so we don't need to
do everything twice.
This also uncovered a few bugs:
* the 6 GHz power type checks were only done in this function, move
(and rename from 'uhb') those;
* the chains/chain_signal information wasn't used in the latter,
add that
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240216135047.f3f864f94c78.I2192adb32ab10713e71f395a9d203386264f6ed5@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit f8599d634094b1257054a8d0815785d658cbdb74
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Fri Feb 16 13:54:27 2024 +0200
wifi: cfg80211: set correct param change count in ML element
The ML element generation code to create a BSS entry from a per-STA
profile was not overwriting the BSS parameter change count. This meant
that the incorrect parameter change count would be reported within the
multi-link element.
Fix this by returning the BSS parameter change count from the function
and placing it into the ML element. The returned tbtt info was never
used, so just drop that to simplify the code.
Fixes: 5f478adf1f99 ("wifi: cfg80211: generate an ML element for per-STA profiles")
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240216135047.f2a507634692.I06b122c7a319a38b4e970f5e0bd3d3ef9cac4cbe@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 7b5e25b8baebc02db728bfbdc3080be863144c7b
Author: Johannes Berg <johannes.berg@intel.com>
Date: Tue Feb 6 16:54:07 2024 +0200
wifi: cfg80211: rename UHB to 6 GHz
UHB stands for "Ultra High Band", but this term doesn't really
exist in the spec. Rename all occurrences to "6 GHz", but keep
a few defines for userspace API compatibility.
Link: https://msgid.link/20240206164849.c9cfb9400839.I153db3b951934a1d84409c17fbe1f1d1782543fa@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 679dd27b4ef33d4f596cbf450a3b2742fc54962a
Author: Johannes Berg <johannes.berg@intel.com>
Date: Sun Feb 4 11:03:39 2024 +0100
wifi: cfg80211: fix kunit exports
These can only be exported if cfg80211's kunit is enabled,
since they're otherwise static. kunit itself can be enabled
even if cfg80211's kunit isn't. Fix that by using the right
macro.
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202402040534.6AEKtZ7Y-lkp@intel.com/
Fixes: 45d43937a44c ("wifi: cfg80211: add a kunit test for 6 GHz colocated AP parsing")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 45d43937a44c806b8649323b8f5d9f42ae838b0e
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Mon Jan 29 22:09:19 2024 +0100
wifi: cfg80211: add a kunit test for 6 GHz colocated AP parsing
Test a few things around parsing of 6 GHz colocated APs to e.g. ensure
that we are not going to scan for a disabled (affiliated) AP.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Link: https://msgid.link/20240129220918.079dc50ab43b.Ide898d9f1d4c26d7e774d6fd0ec57766967d6572@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-34696
commit 4d1d6b3f45999b1ddde53831d639a67e2655285f
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Tue Jan 2 21:35:32 2024 +0200
wifi: cfg80211: add RNR with reporting AP information
If the reporting AP is part of the same MLD, then an entry in the RNR is
required in order to discover it again from the BSS generated from the
per-STA profile in the Multi-Link Probe Response.
We need this because we do not have a direct concept of an MLD AP and
just do the lookup from one to the other on the fly if needed. As such,
we need to ensure that this lookup will work both ways.
Fixes: 2481b5da9c6b ("wifi: cfg80211: handle BSS data contained in ML probe responses")
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240102213313.4cb3dbb1d84f.I7c74edec83c5d7598cdd578929fd0876d67aef7f@changeid
[roll in off-by-one fix and test updates from Benjamin]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit 177fbbcb4ed6b306c1626a277fac3fb1c495a4c7
Author: Johannes Berg <johannes.berg@intel.com>
Date: Mon Jan 29 13:14:13 2024 +0100
wifi: cfg80211: detect stuck ECSA element in probe resp
We recently added some validation that we don't try to
connect to an AP that is currently in a channel switch
process, since that might want the channel to be quiet
or we might not be able to connect in time to hear the
switching in a beacon. This was in commit c09c4f31998b
("wifi: mac80211: don't connect to an AP while it's in
a CSA process").
However, we promptly got a report that this caused new
connection failures, and it turns out that the AP that
we now cannot connect to is permanently advertising an
extended channel switch announcement, even with quiet.
The AP in question was an Asus RT-AC53, with firmware
3.0.0.4.380_10760-g21a5898.
As a first step, attempt to detect that we're dealing
with such a situation, so mac80211 can use this later.
Reported-by: coldolt <andypalmadi@gmail.com>
Closes: https://lore.kernel.org/linux-wireless/CAJvGw+DQhBk_mHXeu6RTOds5iramMW2FbMB01VbKRA4YbHHDTA@mail.gmail.com/
Fixes: c09c4f31998b ("wifi: mac80211: don't connect to an AP while it's in a CSA process")
Reviewed-by: Miriam Rachel Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240129131413.246972c8775e.Ibf834d7f52f9951a353b6872383da710a7358338@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit 9d027a35a52a4ea9400390ef4414e4e9dcd54193
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Wed Dec 20 16:19:52 2023 +0100
wifi: cfg80211: tests: add some scanning related tests
This adds some scanning related tests, mainly exercising the ML element
parsing and inheritance.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Link: https://msgid.link/20231220151952.415232-7-benjamin@sipsolutions.net
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit 1184950e341c11b6f82bc5b59564411d9537ab27
Author: Edward Adam Davis <eadavis@qq.com>
Date: Wed Jan 3 20:13:51 2024 +0800
wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
Replace rcu_dereference() with rcu_access_pointer() since we hold
the lock here (and aren't in an RCU critical section).
Fixes: 32af9a9e1069 ("wifi: cfg80211: free beacon_ies when overridden from hidden BSS")
Reported-and-tested-by: syzbot+864a269c27ee06b58374@syzkaller.appspotmail.com
Signed-off-by: Edward Adam Davis <eadavis@qq.com>
Link: https://msgid.link/tencent_BF8F0DF0258C8DBF124CDDE4DD8D992DCF07@qq.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit acc44cbd7727115f9381c35c2898b1b5af665ec8
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Wed Dec 20 13:41:43 2023 +0200
wifi: cfg80211: avoid double free if updating BSS fails
cfg80211_update_known_bss will always consume the passed IEs. As such,
cfg80211_update_assoc_bss_entry also needs to always set the pointers to
NULL so that no double free can occur.
Note that hitting this would probably require being connected to a
hidden BSS which is then doing a channel switch while also switching to
be not hidden anymore at the same time.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231220133549.8891edb28d51.Id09c5145363e990ff5237decd58296302e2d53c8@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit 31c5e92be5936adde55e783c0380264afc7218b0
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Wed Dec 20 13:41:42 2023 +0200
wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error
cfg80211_bss_update is expected to consume the IEs that are passed into
it in the temporary internal BSS. This did not happen in some error
cases (which are also WARN_ON paths), so change the code to use a common
label and use that everywhere.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231220133549.8e72ea105e17.Ic81e9431e980419360e97502ce8c75c58793f05a@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit 32af9a9e1069e55bc02741fb00ac9d0ca1a2eaef
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Wed Dec 20 13:41:41 2023 +0200
wifi: cfg80211: free beacon_ies when overridden from hidden BSS
This is a more of a cosmetic fix. The branch will only be taken if
proberesp_ies is set, which implies that beacon_ies is not set unless we
are connected to an AP that just did a channel switch. And, in that case
we should have found the BSS in the internal storage to begin with.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231220133549.b898e22dadff.Id8c4c10aedd176ef2e18a4cad747b299f150f9df@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit 645f3d85129d8aac3b896ba685fbc20a31c2c036
Author: Mukesh Sisodiya <mukesh.sisodiya@intel.com>
Date: Wed Dec 20 13:41:38 2023 +0200
wifi: cfg80211: handle UHB AP and STA power type
UHB AP send supported power type(LPI, SP, VLP)
in beacon and probe response IE and STA should
connect to these AP only if their regulatory support
the AP power type.
Beacon/Probe response are reported to userspace
with reason "STA regulatory not supporting to connect to AP
based on transmitted power type" and it should
not connect to AP.
Signed-off-by: Mukesh Sisodiya <mukesh.sisodiya@intel.com>
Reviewed-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231220133549.cbfbef9170a9.I432f78438de18aa9f5c9006be12e41dc34cc47c5@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
commit f510bcc21ed97911b811c5bf36ed43a0e94ab702
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Mon Dec 11 09:05:28 2023 +0200
wifi: cfg80211: consume both probe response and beacon IEs
When doing a channel switch, cfg80211_update_known_bss may be called
with a BSS where both proberesp_ies and beacon_ies is set. If that
happens, both need to be consumed.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231211085121.07a88656d7df.I0fe9fc599382de0eccf96455617e377d9c231966@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
Conflicts:
- net/wireless/scan.c
Context diff because 2481b5da9c6b2 was already applied.
commit 5f478adf1f992d4a680c341d49122224286c805f
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Mon Dec 11 09:05:27 2023 +0200
wifi: cfg80211: generate an ML element for per-STA profiles
The specification says that this information should not be explicitly
included in the per-STA profile. However, we need this information
readily available in the BSS for userspace and also internally when
associating. As such, append the appropriate element before
adding/updating the BSS.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231211085121.abde63d9cc6d.I3d346be0f84f51dccf4f4f92a3e997e6102b9456@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-28754
Conflicts:
- net/wireless/scan.c
Context diff because d18125b64030 was already backported.
commit d02a12b8e4bbd188f38321849791af02d494c7fd
Author: Johannes Berg <johannes.berg@intel.com>
Date: Mon Dec 11 09:05:20 2023 +0200
wifi: cfg80211: add BSS usage reporting
Sometimes there may be reasons for which a BSS that's
actually found in scan cannot be used to connect to,
for example a nonprimary link of an NSTR mobile AP MLD
cannot be used for normal direct connections to it.
Not indicating these to userspace as we do now of course
avoids being able to connect to them, but it's better if
they're shown to userspace and it can make an appropriate
decision, without e.g. doing an additional ML probe.
Thus add an indication of what a BSS can be used for,
currently "normal" and "MLD link", including a reason
bitmap for it being not usable.
The latter can be extended later for certain BSSes if there
are other reasons they cannot be used.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Reviewed-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231211085121.0464f25e0b1d.I9f70ca9f1440565ad9a5207d0f4d00a20cca67e7@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-19746
commit d18125b640309e925441ce49559be33867ae6b29
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Tue Jan 2 21:35:31 2024 +0200
wifi: cfg80211: parse all ML elements in an ML probe response
A probe response from a transmitting AP in an Multi-BSSID setup will
contain more than one Multi-Link element. Most likely, only one of these
elements contains per-STA profiles.
Fixes: 2481b5da9c6b ("wifi: cfg80211: handle BSS data contained in ML probe responses")
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240102213313.6635eb152735.I94289002d4a2f7b6b44dfa428344854e37b0b29c@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-19746
commit 2a0698f86d4dfc43cc0c1703efb7ba6b1506a4e2
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Tue Jan 2 21:35:30 2024 +0200
wifi: cfg80211: correct comment about MLD ID
The comment was referencing the wrong section of the documentation and
was also subtly wrong as it assumed the rules that apply when sending
probe requests directly to a nontransmitted AP. However, in that case
the response comes from the transmitting AP and the AP MLD ID will be
included.
Fixes: 2481b5da9c6b ("wifi: cfg80211: handle BSS data contained in ML probe responses")
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20240102213313.0917ab4b5d7f.I76aff0e261a5de44ffb467e591a46597a30d7c0a@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-19746
commit 0fca7784b7a14d4ede64f479662afb98876ec7f8
Author: Ilan Peer <ilan.peer@intel.com>
Date: Thu Sep 28 17:35:30 2023 +0300
wifi: cfg80211: Handle specific BSSID in 6GHz scanning
When the scan parameters for a 6GHz scan specify a unicast
BSSID address, and the corresponding AP is found in the scan
list, add a corresponding entry in the collocated AP list,
so this AP would be directly probed even if it was not
advertised as a collocated AP.
This is needed for handling a scan request that is intended
for a ML probe flow, where user space can requests a scan
to retrieve information for other links in the AP MLD.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230928172905.54b954bc02ad.I1c072793d3d77a4c8fbbc64b4db5cce1bbb00382@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-19746
commit 5add321c329b1746589b51359259666ca3dbe219
Author: Johannes Berg <johannes.berg@intel.com>
Date: Tue Aug 29 12:17:43 2023 +0200
wifi: cfg80211: remove scan_width support
There really isn't any support for scanning at different
channel widths than 20 MHz since there's no way to set it.
Remove this support for now, if somebody wants to maintain
this whole thing later we can revisit how it should work.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-19746
commit 22446b7ee2bb44fe7a61d8eda6d83bdc726bbbd9
Author: Dmitry Antipov <dmantipov@yandex.ru>
Date: Tue Sep 12 06:55:16 2023 +0300
wifi: wext: avoid extra calls to strlen() in ieee80211_bss()
Since 'sprintf()' returns the number of characters emitted, an
extra calls to 'strlen()' in 'ieee80211_bss()' may be dropped.
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
Link: https://lore.kernel.org/r/20230912035522.15947-1-dmantipov@yandex.ru
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-19746
commit 43125539fc69c6aa63d34b516939431391bddeac
Author: Johannes Berg <johannes.berg@intel.com>
Date: Sun Aug 27 14:05:19 2023 +0300
wifi: cfg80211: fix off-by-one in element defrag
If a fragment is the last element, it's erroneously not
accepted. Fix that.
Fixes: f837a653a097 ("wifi: cfg80211: add element defragmentation helper")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230827135854.adca9fbd3317.I6b2df45eb71513f3e48efd196ae3cddec362dc1c@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
commit 3e3929ef889e650dd585dc0f4f7f18240688811a
Author: Ben Greear <greearb@candelatech.com>
Date: Sat Oct 21 08:48:27 2023 -0700
wifi: cfg80211: pass correct pointer to rdev_inform_bss()
Confusing struct member names here resulted in passing
the wrong pointer, causing crashes. Pass the correct one.
Fixes: eb142608e2c4 ("wifi: cfg80211: use a struct for inform_single_bss data")
Signed-off-by: Ben Greear <greearb@candelatech.com>
Link: https://lore.kernel.org/r/20231021154827.1142734-1-greearb@candelatech.com
[rewrite commit message, add fixes]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
commit 0914468adf92296c4cba8a2134e06e3dea150f2e
Author: Ilan Peer <ilan.peer@intel.com>
Date: Mon Sep 18 14:10:54 2023 +0300
wifi: cfg80211: Fix 6GHz scan configuration
When the scan request includes a non broadcast BSSID, when adding the
scan parameters for 6GHz collocated scanning, do not include entries
that do not match the given BSSID.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230918140607.6d31d2a96baf.I6c4e3e3075d1d1878ee41f45190fdc6b86f18708@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
commit 4ef2f53e50cba9780057b51357ef45cb5f49859d
Author: Ilan Peer <ilan.peer@intel.com>
Date: Mon Jun 19 16:26:52 2023 +0300
wifi: cfg80211: Retrieve PSD information from RNR AP information
Retrieve the Power Spectral Density (PSD) value from RNR AP
information entry and store it so it could be used by the drivers.
PSD value is explained in Section 9.4.2.170 of Draft
P802.11Revme_D2.0.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230619161906.067ded2b8fc3.I9f407ab5800cbb07045a0537a513012960ced740@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
Conflicts:
- net/wireless/scan.c
fd7f08d92fcd was already applied
commit 5461707a529c94f6f556847c25c21da5990488ba
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Sun Jun 18 21:50:01 2023 +0300
wifi: cfg80211: search all RNR elements for colocated APs
An AP reporting colocated APs may send more than one reduced neighbor
report element. As such, iterate all elements instead of only parsing
the first one when looking for colocated APs.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230618214436.ffe2c014f478.I372a4f96c88f7ea28ac39e94e0abfc465b5330d4@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
commit 8dcc91c446687727f88997a2e177cdab740ef092
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Sun Jun 18 21:50:00 2023 +0300
wifi: cfg80211: stop parsing after allocation failure
The error handling code would break out of the loop incorrectly,
causing the rest of the message to be misinterpreted. Fix this by
also jumping out of the surrounding while loop, which will trigger
the error detection code.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230618214436.0ffac98475cf.I6f5c08a09f5c9fced01497b95a9841ffd1b039f8@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
commit a0ed50112b98fa8e9bc85dbeafc82fd97ee06716
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Sun Jun 18 21:49:54 2023 +0300
wifi: cfg80211: do not scan disabled links on 6GHz
If a link is disabled on 6GHz, we should not send a probe request on the
channel to resolve it. Simply skip such RNR entries so that the link is
ignored.
Userspace can still see the link in the RNR and may generate an ML probe
request in order to associate to the (currently) disabled link.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230618214436.4f7384006471.Iff8f1081e76a298bd25f9468abb3a586372cddaa@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-2907
commit 2481b5da9c6b2ee1fde55a1c29eb2ca377145a10
Author: Benjamin Berg <benjamin.berg@intel.com>
Date: Sun Jun 18 21:49:53 2023 +0300
wifi: cfg80211: handle BSS data contained in ML probe responses
The basic multi-link element within an multi-link probe response will
contain full information about BSSes that are part of an MLD AP. This
BSS information may be used to associate with a link of an MLD AP
without having received a beacon from the BSS itself.
This patch adds parsing of the data and adding/updating the BSS using
the received elements. Doing this means that userspace can discover the
BSSes using an ML probe request and request association on these links.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230618214436.29593bd0ae1f.Ic9a67b8f022360aa202b870a932897a389171b14@changeid
[swap loop conditions smatch complained about]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
Jose Ignacio Tornos Martinez
CKI Backport Bot