Frequent crashes have been observed on MT7916 based platforms. While the
root of these crashes are currently unknown, they happen when decoding
rate information of connected STAs in AP mode. The rate-information is
associated with a band which is not available on the PHY.
Check for this condition in order to avoid crashing the whole system.
This patch should be removed once the roout cause has been found and
fixed.
Signed-off-by: David Bauer <mail@david-bauer.net>
This patch will only force mac80211 loss detection upon ath10k by
masking the driver-specific loss-detection bit.
Ref: commit ed816f6ba8b5 ("mac80211: always use mac80211 loss detection")
Signed-off-by: David Bauer <mail@david-bauer.net>
ath10k does not report excessive loss in case of broken block-ack
sessions. The loss is communicated to the host-os, but ath10k does not
trigger a low-ack events by itself.
The mac80211 framework for loss detection however detects this
circumstance well in case of ath10k. So use it regardless of ath10k's
own loss detection mechanism.
Signed-off-by: David Bauer <mail@david-bauer.net>
Backport EMA beacon support from kernel 6.4.
It is required for MBSSID/EMA suport in ath11k that will follow.
Tested-by: Francisco G Luna <frangonlun@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
This issue was fixed in the final version of
("wifi: mac80211: fix receiving A-MSDU frames on mesh interfaces") that was
merged upstream but we have a older version that is using:
memcpy(&payload.eth.h_dest, mesh_addr, 2 * ETH_ALEN);
instead of:
memcpy(&payload.eth, mesh_addr, 2 * ETH_ALEN);
So, lets just backport the merged version of patch to fix the issue.
Signed-off-by: Robert Marko <robimarko@gmail.com>
CONFIG_MAC80211_MESH isn't defined for this package, rendering the patch
useless. Match protecting the access of sta_info.mesh with the very same
define declaring it.
Fixes 45109f69a6 "mac80211: fix compile error when mesh is disabled"
Signed-off-by: Andre Heider <a.heider@gmail.com>
This fixes following compile error seen when
building mac80211 with mesh disabled:
.../backports-5.15.58-1/net/mac80211/agg-rx.c: In function 'ieee80211_send_addba_resp':
...backports-5.15.58-1/net/mac80211/agg-rx.c:255:17: error: 'struct sta_info' has no member named 'mesh'
255 | if (!sta->mesh)
| ^~
sta_info.h shows this item as being optional based on flags:
struct mesh_sta *mesh;
Guard the check to fix this.
Fixes: f96744ba6b ("mac80211: mask nested A-MSDU support for mesh")
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
mac80211 incorrectly processes A-MSDUs contained in A-MPDU frames. This
results in dropped packets and severely impacted throughput.
As a workaround, don't indicate support for A-MSDUs contained in
A-MPDUs. This improves throughput over mesh links by factor 10.
Signed-off-by: David Bauer <mail@david-bauer.net>
* mac80211: fix HT40 mode for 6G band
The channel offset used for VHT segment calculation was missing for HT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: refresh patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add missing change for encap offload on devices with sw rate control
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath9k: owl-loader: remove obsolete AR71XX patch
this is no longer necessary as the AR71XX target
was superseded by ath79.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* mac80211: revert faulty change that was breaking broadcast tx
Fixes: 0f6887972adc ("mac80211: add missing change for encap offload on devices with sw rate control")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to backports-5.10.68
Refresh all patches.
The removed patches were integrated upstream.
This contains fixes for CVE-2020-3702
1. These patches (ath, ath9k, mac80211) were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].
Thank you Josef Schlehofer for reporting this problem.
[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: backport support for BSS color changes
This is needed for an upcoming mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Christian Lamparter <chunkeey@gmail.com>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: fix HT40 mode for 6G band
The channel offset used for VHT segment calculation was missing for HT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: refresh patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add missing change for encap offload on devices with sw rate control
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
* mac80211: merge the virtual time based airtime scheduler
Improves airtime fairness, especially for devices with larger firmware buffers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: merge a 4-addr client mode fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: backport SAR power limit support
Needed for an upcoming mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mt76: update to the latest version
624c681ef0c6 mt76: mt7921: enable VHT BFee capability
a27dfcb63ccf mt76: connac: fix UC entry is being overwritten
6b691e62470e mt76: connac: add mt76_connac_power_save_sched in mt76_connac_pm_unref
b14365bea586 mt76: mt7921: wake the device before dumping power table
82af16bddfc0 mt76: mt7921: make mt7921_set_channel static
b24598b1c1a9 mt76: connac: add mt76_connac_mcu_get_nic_capability utility routine
5954e3381ff9 mt76: testmode: move chip-specific stats dump before common stats
fd5b612f9aa4 mt76: mt7915: fix rx fcs error count in testmode
d9d26a294f7b mt76: connac: fix the maximum interval schedule scan can support
ed39c882f388 mt76: reduce rx buffer size to 2048
60f3d3adbba6 mt76: move mt76_get_next_pkt_id in mt76.h
67ed4d902c84 mt76: connac: check band caps in mt76_connac_mcu_set_rate_txpower
23c6ec49c000 mt76: make mt76_update_survey() per phy
5ca602fb9455 mt76: mt7915: introduce mt7915_mcu_set_txbf()
c13df42282e9 mt76: mt7915: improve MU stability
dee7dcddcaa0 mt76: use SPDX header file comment style
6fbd47153b3d mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode
1b97dd1762ca mt76: mt7921: fix sta_state incorrect implementation
1b89053b5a6f mt76: mt7921: improve code readability for mt7921_update_txs
126649816785 mt76: mt7921: limit txpower according to userlevel power
a5163ac09be2 mt76: mt7921: introduce dedicated control for deep_sleep
e47c04db4d7e mt76: mt7921: fix kernel warning when reset on vif is not sta
063d3611662c mt76: mt7921: fix the coredump is being truncated
12bf28feba7c mt76: fix iv and CCMP header insertion
949327e76ee4 mt76: disable TWT capabilities for the moment
3530254c1bc9 mt76: mt7921: enable HE BFee capability
599e35f5d9b8 mt76: sdio: do not run mt76_txq_schedule directly
3b6d30c28946 mt76: mt7663s: rely on pm reference counting
529d55a79088 mt76: mt7663s: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path
ef44ff116ee2 mt76: mt7663s: enable runtime-pm
3a71e71a555e mt76: mt7615: set macwork timeout according to runtime-pm
925d96e443a4 mt76: mt7921: allow chip reset during device restart
63b114d84361 mt76: mt76x0e: fix device hang during suspend/resume
7f5ea5e2fd10 mt7915: check return code of sysfs_create_link
ca64a36908b7 mt76: fix mt76_rates for the multiple devices
f517116bf14c mt76: add mt76_default_basic_rate more devices can rely on
6c70b0100513 mt76: mt7921: fix mgmt frame using unexpected bitrate
c00a9a6b52af mt76: mt7915: fix mgmt frame using unexpected bitrate
0e4089949565 mt76: mt7921: fix endianness in mt7921_mcu_tx_done_event
55f314120ef2 mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in mt7921_mcu_tx_done_event
541cd3276488 mt76: mt7915: fix endianness warning in mt7915_mac_add_txs_skb
817761e87c4f mt76: mt7921: fix endianness warning in mt7921_update_txs
b8eca74bbd7b mt76: mt7615: fix endianness warning in mt7615_mac_write_txwi
5e5e07f0def3 mt76: mt7915: fix potential overflow of eeprom page index
abda4cded420 mt76: mt7915: fix info leak in mt7915_mcu_set_pre_cal()
535899f81a46 mt76: mt7915: fix calling mt76_wcid_alloc with incorrect parameter
adfa1b9a3ca0 mt76: connac: fix mt76_connac_gtk_rekey_tlv usage
2a65b105ea4a mt76: mt7921: enable aspm by default
c57158c82804 mt76: fix build error implicit enumeration conversion
41f607cab83c mt76: mt7921: fix survey-dump reporting
25b4f885a937 mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
e63fadb87fe1 mt76: mt7915: report HE MU radiotap
135ef3e9827a mt76: mt7915: adapt new firmware to update BA winsize for Rx session
7118eacb7ce4 mt76: mt7921: add .set_sar_specs support
f1f6569da408 mt76: mt7915: fix an off-by-one bound check
f7da39467965 mt76 mt7915: take RCU read lock when calling ieee80211_bss_get_elem()
87af8e5c72b1 mt76: mt7915: cleanup -Wunused-but-set-variable
8e2d383fbd92 mt76: mt7915: report tx rate directly from tx status
ddce30977591 mt76: mt7915: remove mt7915_sta_stats
4ccd42029519 mt76: mt7921: introduce testmode support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
* mac80211: allow VHT on 2.4GHz
Allow VHT rate on 2.4GHz in order to use 256-QAM
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* ath10k: allow VHT on 2.4GHz
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* hostapd: add vendor_vht option
hostapd has vendor_vht option to enable VHT (256-QAM) on 2.4GHz
Add this option to hostapd.sh so users can enable it via uci
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* mac80211: ath.mk: typo fixes
Co-authored-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* mac80211: remove patches stripping down crypto support
Use of WPA3 and things like FILS is getting much more common, and platforms
that can't affort the extra kilobytes for this code are fading away.
Let's not hold back modern authentication methods any longer
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: make cryptoapi support needed by mac80211 built-in
This reduces the flash space impact, since built-in code is much smaller
than a bunch of kernel modules on squashfs
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: remove extra patch accidentally added during rebase
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
We need to skip sampling if the next sample time is after jiffies, not before.
This patch fixes an issue where in some cases only very little sampling (or none
at all) is performed, leading to really bad data rates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
From the patch series description:
Several security issues in the 802.11 implementations were found by
Mathy Vanhoef (New York University Abu Dhabi), who has published all
the details at
https://papers.mathyvanhoef.com/usenix2021.pdf
Specifically, the following CVEs were assigned:
* CVE-2020-24586 - Fragmentation cache not cleared on reconnection
* CVE-2020-24587 - Reassembling fragments encrypted under different
keys
* CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to
payload being parsed as an L2 frame under an
A-MSDU bit toggling attack
* CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender
* CVE-2020-26140 - Accepting plaintext data frames in protected
networks
* CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames
* CVE-2020-26142 - Processing fragmented frames as full frames
* CVE-2020-26143 - Accepting fragmented plaintext frames in
protected networks
* CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that
start with RFC1042 header with EAPOL ethertype
* CVE-2020-26145 - Accepting plaintext broadcast fragments as full
frames
* CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive
packet numbers
* CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments
In general, the scope of these attacks is that they may allow an
attacker to
* inject L2 frames that they can more or less control (depending on the
vulnerability and attack method) into an otherwise protected network;
* exfiltrate (some) network data under certain conditions, this is
specific to the fragmentation issues.
A subset of these issues is known to apply to the Linux IEEE 802.11
implementation (mac80211). Where it is affected, the attached patches
fix the issues, even if not all of them reference the exact CVE IDs.
In addition, driver and/or firmware updates may be necessary, as well
as potentially more fixes to mac80211, depending on how drivers are
using it.
Specifically, for Intel devices, firmware needs to be updated to the
most recently released versions (which was done without any reference
to the security issues) to address some of the vulnerabilities.
To have a single set of patches, I'm also including patches for the
ath10k and ath11k drivers here.
We currently don't have information about how other drivers are, if
at all, affected.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
[mac80211]
5b29614 mac80211: another fix for the sta connection monitor
1ed6eb1 mac80211: backport sched_set_fifo_low
cba4120 mac80211: add support for specifying a per-device scan list
e0d482f rt2x00: mt7620: differentiate based on SoC's CHIP_VER
[package]
amd64-microcode/intel-microcode/linux-firmware: update version
