github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 22:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
8fffdba301
linux/net
History
Emmanuel Grumbach c7e0dd289a mac80211: don't parse encrypted management frames in ieee80211_frame_acked 
[ Upstream commit cf147085fd ]

ieee80211_frame_acked is called when a frame is acked by
the peer. In case this is a management frame, we check
if this an SMPS frame, in which case we can update our
antenna configuration.

When we parse the management frame we look at the category
in case it is an action frame. That byte sits after the IV
in case the frame was encrypted. This means that if the
frame was encrypted, we basically look at the IV instead
of looking at the category. It is then theorically
possible that we think that an SMPS action frame was acked
where really we had another frame that was encrypted.

Since the only management frame whose ack needs to be
tracked is the SMPS action frame, and that frame is not
a robust management frame, it will never be encrypted.
The easiest way to fix this problem is then to not look
at frames that were encrypted.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-24 10:58:44 +01:00
..
6lowpan
9p net/9p: Switch to wait_event_killable() 2017-11-30 08:37:25 +00:00
802
8021q net/8021q: create device with all possible features in wanted_features 2018-03-22 09:23:21 +01:00
appletalk
atm
ax25 ax25: Fix segfault after sock connection timeout 2017-02-04 09:45:09 +01:00
batman-adv batman-adv: handle race condition for claims between gateways 2018-03-22 09:23:21 +01:00
bluetooth Bluetooth: Prevent stack info leak from the EFS element. 2018-01-17 09:35:32 +01:00
bridge netfilter: bridge: ebt_among: add missing match size checks 2018-03-18 11:17:51 +01:00
caif net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx 2017-07-05 14:37:14 +02:00
can can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once 2018-01-31 12:06:08 +01:00
ceph libceph: force GFP_NOIO for socket allocations 2017-04-08 09:53:30 +02:00
core net: fix race on decreasing number of TX queues 2018-03-11 16:19:46 +01:00
dcb
dccp dccp: CVE-2017-8824: use-after-free in DCCP code 2018-02-16 20:09:40 +01:00
decnet dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock 2018-02-25 11:03:38 +01:00
dns_resolver KEYS: Fix race between updating and finding a negative key 2017-10-27 10:23:18 +02:00
dsa net: dsa: select NET_SWITCHDEV 2017-11-15 17:13:11 +01:00
ethernet net: introduce device min_header_len 2017-02-18 16:39:27 +01:00
hsr net/hsr: fix a warning message 2015-11-23 14:56:15 -05:00
ieee802154 Revert "net: fix percpu memory leaks" 2017-09-27 11:00:11 +02:00
ipv4 tcp: remove poll() flakes with FastOpen 2018-03-24 10:58:42 +01:00
ipv6 net: ipv6: send unsolicited NA on admin up 2018-03-24 10:58:41 +01:00
ipx ipx: call ipxitf_put() in ioctl error path 2017-05-25 14:30:13 +02:00
irda irda: do not leak initialized list.dev to userspace 2017-08-30 10:19:21 +02:00
iucv af_iucv: Validate socket address length in iucv_sock_bind() 2016-03-03 15:07:03 -08:00
key af_key: fix buffer overread in parse_exthdrs() 2018-01-23 19:50:14 +01:00
l2tp l2tp: cleanup l2tp_tunnel_delete calls 2017-12-20 10:04:59 +01:00
l3mdev
lapb
llc net/llc: avoid BUG_ON() in skb_orphan() 2017-02-26 11:07:49 +01:00
mac80211 mac80211: don't parse encrypted management frames in ieee80211_frame_acked 2018-03-24 10:58:44 +01:00
mac802154
mpls mpls, nospec: Sanitize array index in mpls_label_ok() 2018-03-11 16:19:47 +01:00
netfilter netfilter: xt_CT: fix refcnt leak on error path 2018-03-24 10:58:43 +01:00
netlabel netlabel: add address family checks to netlbl_{sock,req}_delattr() 2016-08-20 18:09:22 +02:00
netlink netlink: ensure to loop over all netns in genlmsg_multicast_allns() 2018-03-11 16:19:46 +01:00
netrom
nfc NFC: fix device-allocation error return 2017-11-30 08:37:23 +00:00
openvswitch openvswitch: Delete conntrack entry clashing with an expectation. 2018-03-24 10:58:43 +01:00
packet net/packet: fix a race in packet_bind() and packet_notifier() 2017-12-16 10:33:56 +01:00
phonet phonet: properly unshare skbs in phonet_rcv() 2016-01-31 11:29:00 -08:00
rds RDS: null pointer dereference in rds_atomic_free_op 2018-01-17 09:35:29 +01:00
rfkill rfkill: fix rfkill_fop_read wait_event usage 2016-03-03 15:07:26 -08:00
rose
rxrpc rxrpc: Fix several cases where a padded len isn't checked in ticket decode 2017-06-29 12:48:52 +02:00
sched sched: act_csum: don't mangle TCP and UDP GSO packets 2018-03-22 09:23:22 +01:00
sctp fixup: sctp: verify size of a new chunk in _sctp_make_chunk() 2018-03-18 11:17:54 +01:00
sunrpc SUNRPC: Allow connect to return EHOSTUNREACH 2018-02-03 17:04:28 +01:00
switchdev switchdev: pass pointer to fib_info instead of copy 2016-06-24 10:18:16 -07:00
tipc tipc: fix memory leak in tipc_accept_from_sock() 2017-12-16 10:33:56 +01:00
unix net/unix: don't show information about sockets from other namespaces 2017-11-18 11:11:06 +01:00
vmw_vsock vsock: use new wait API for vsock_stream_sendmsg() 2017-11-30 08:37:19 +00:00
wimax
wireless nl80211: Sanitize array index in parse_txq_params 2018-02-25 11:03:53 +01:00
x25 net: fix a kernel infoleak in x25 module 2016-05-18 17:06:43 -07:00
xfrm net: xfrm: allow clearing socket xfrm policies. 2018-03-22 09:23:28 +01:00
compat.c audit: log 32-bit socketcalls 2017-10-08 10:14:18 +02:00
Kconfig Make DST_CACHE a silent config option 2018-02-25 11:03:37 +01:00
Makefile
socket.c bpf: introduce BPF_JIT_ALWAYS_ON config 2018-02-03 17:04:24 +01:00
sysctl_net.c net: Use ns_capable_noaudit() when determining net sysctl permissions 2016-09-15 08:27:50 +02:00