wifi: mac80211: don't connect to an AP while it's in a CSA process

author Ayala Beker <ayala.beker@intel.com>

Wed, 20 Sep 2023 18:25:14 +0000 (21:25 +0300)

committer Johannes Berg <johannes.berg@intel.com>

Mon, 25 Sep 2023 07:12:32 +0000 (09:12 +0200)
author Ayala Beker <ayala.beker@intel.com>
Wed, 20 Sep 2023 18:25:14 +0000 (21:25 +0300)
committer Johannes Berg <johannes.berg@intel.com>
Mon, 25 Sep 2023 07:12:32 +0000 (09:12 +0200)
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c

index a211f594f25adeacb02ed0daf9003a1429a785b9..a85873f305bfad0705e7038396a7bf77c5139420 100644 (file)
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -7015,6 +7015,7 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
         struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
         struct ieee80211_mgd_auth_data *auth_data;
         struct ieee80211_link_data *link;
+       const struct element *csa_elem, *ecsa_elem;
         u16 auth_alg;
         int err;
         bool cont_auth;
@@ -7057,6 +7058,22 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
         if (ifmgd->assoc_data)
                 return -EBUSY;
  
+       rcu_read_lock();
+       csa_elem = ieee80211_bss_get_elem(req->bss, WLAN_EID_CHANNEL_SWITCH);
+       ecsa_elem = ieee80211_bss_get_elem(req->bss,
+                                          WLAN_EID_EXT_CHANSWITCH_ANN);
+       if ((csa_elem &&
+            csa_elem->datalen == sizeof(struct ieee80211_channel_sw_ie) &&
+            ((struct ieee80211_channel_sw_ie *)csa_elem->data)->count != 0) ||
+           (ecsa_elem &&
+            ecsa_elem->datalen == sizeof(struct ieee80211_ext_chansw_ie) &&
+            ((struct ieee80211_ext_chansw_ie *)ecsa_elem->data)->count != 0)) {
+               rcu_read_unlock();
+               sdata_info(sdata, "AP is in CSA process, reject auth\n");
+               return -EINVAL;
+       }
+       rcu_read_unlock();
+
         auth_data = kzalloc(sizeof(*auth_data) + req->auth_data_len +
                             req->ie_len, GFP_KERNEL);
         if (!auth_data)
@@ -7364,7 +7381,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
         struct ieee80211_local *local = sdata->local;
         struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
         struct ieee80211_mgd_assoc_data *assoc_data;
-       const struct element *ssid_elem;
+       const struct element *ssid_elem, *csa_elem, *ecsa_elem;
         struct ieee80211_vif_cfg *vif_cfg = &sdata->vif.cfg;
         ieee80211_conn_flags_t conn_flags = 0;
         struct ieee80211_link_data *link;
@@ -7394,6 +7411,21 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
                 kfree(assoc_data);
                 return -EINVAL;
         }
+
+       csa_elem = ieee80211_bss_get_elem(cbss, WLAN_EID_CHANNEL_SWITCH);
+       ecsa_elem = ieee80211_bss_get_elem(cbss, WLAN_EID_EXT_CHANSWITCH_ANN);
+       if ((csa_elem &&
+            csa_elem->datalen == sizeof(struct ieee80211_channel_sw_ie) &&
+            ((struct ieee80211_channel_sw_ie *)csa_elem->data)->count != 0) ||
+           (ecsa_elem &&
+            ecsa_elem->datalen == sizeof(struct ieee80211_ext_chansw_ie) &&
+            ((struct ieee80211_ext_chansw_ie *)ecsa_elem->data)->count != 0)) {
+               sdata_info(sdata, "AP is in CSA process, reject assoc\n");
+               rcu_read_unlock();
+               kfree(assoc_data);
+               return -EINVAL;
+       }
+
         memcpy(assoc_data->ssid, ssid_elem->data, ssid_elem->datalen);
         assoc_data->ssid_len = ssid_elem->datalen;
         memcpy(vif_cfg->ssid, assoc_data->ssid, assoc_data->ssid_len);
author	Ayala Beker <ayala.beker@intel.com>
	Wed, 20 Sep 2023 18:25:14 +0000 (21:25 +0300)
committer	Johannes Berg <johannes.berg@intel.com>
	Mon, 25 Sep 2023 07:12:32 +0000 (09:12 +0200)