summarylogtreecommitdiffstats
path: root/0002-mac80211-fix-regression-where-EAPOL-frames-were-sent.patch
diff options
context:
space:
mode:
Diffstat (limited to '0002-mac80211-fix-regression-where-EAPOL-frames-were-sent.patch')
-rw-r--r--0002-mac80211-fix-regression-where-EAPOL-frames-were-sent.patch54
1 files changed, 0 insertions, 54 deletions
diff --git a/0002-mac80211-fix-regression-where-EAPOL-frames-were-sent.patch b/0002-mac80211-fix-regression-where-EAPOL-frames-were-sent.patch
deleted file mode 100644
index 6e0f2eb501f..00000000000
--- a/0002-mac80211-fix-regression-where-EAPOL-frames-were-sent.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 5fbf98ceb5b2218ec764dd0d187953393732a5ef Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be>
-Date: Sat, 17 Oct 2020 23:08:18 +0400
-Subject: [PATCH 2/3] mac80211: fix regression where EAPOL frames were sent in
- plaintext
-
-I've managed to reproduce the issue, or at least a related issue. Can
-you try the draft patch below and see if that fixes it?
-
-When sending EAPOL frames via NL80211 they are treated as injected
-frames in mac80211. Due to commit 1df2bdba528b ("mac80211: never drop
-injected frames even if normally not allowed") these injected frames
-were not assigned a sta context in the function ieee80211_tx_dequeue,
-causing certain wireless network cards to always send EAPOL frames in
-plaintext. This may cause compatibility issues with some clients or
-APs, which for instance can cause the group key handshake to fail and
-in turn would cause the station to get disconnected.
-
-This commit fixes this regression by assigning a sta context in
-ieee80211_tx_dequeue to injected frames as well.
-
-Note that sending EAPOL frames in plaintext is not a security issue
-since they contain their own encryption and authentication protection.
-
-Fixes: 1df2bdba528b ("mac80211: never drop injected frames even if normally not allowed")
----
- net/mac80211/tx.c | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
-index dca01d7e6e3e..2a0725b548f6 100644
---- a/net/mac80211/tx.c
-+++ b/net/mac80211/tx.c
-@@ -3613,13 +3613,14 @@ struct sk_buff *ieee80211_tx_dequeue(struct ieee80211_hw *hw,
- tx.skb = skb;
- tx.sdata = vif_to_sdata(info->control.vif);
-
-- if (txq->sta && !(info->flags & IEEE80211_TX_CTL_INJECTED)) {
-+ if (txq->sta) {
- tx.sta = container_of(txq->sta, struct sta_info, sta);
- /*
- * Drop unicast frames to unauthorised stations unless they are
-- * EAPOL frames from the local station.
-+ * injected frames or EAPOL frames from the local station.
- */
-- if (unlikely(ieee80211_is_data(hdr->frame_control) &&
-+ if (unlikely(!(info->flags & IEEE80211_TX_CTL_INJECTED) &&
-+ ieee80211_is_data(hdr->frame_control) &&
- !ieee80211_vif_is_mesh(&tx.sdata->vif) &&
- tx.sdata->vif.type != NL80211_IFTYPE_OCB &&
- !is_multicast_ether_addr(hdr->addr1) &&
---
-2.29.1
-