When injecting frames we should allow user to play with fields like
fragment or sequence numbers. This patch prevents mac80211 from modifying
those fields on injected frames.
Tested on 2.6.24.4 with aireplay-ng.
Signed-off-by: Alejandro Grijalba <sud@xxxxxxxxxxxx>
---
There is still a problem with some drivers (b43) that also modify seq numbers,
and i cannot find there a clean way to tell whether the frame was injected.
An alternative way would be to create a radiotap flag meaning not to modify header.
--- linux-2.6.24.4/net/mac80211/tx.c 2008-01-24 23:58:37.000000000 +0100
+++ linux-2.6.24.4-sud/net/mac80211/tx.c 2008-04-05 16:43:19.000000000 +0200
@@ -281,6 +281,9 @@ ieee80211_tx_h_sequence(struct ieee80211
{
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
+ if (unlikely(tx->flags & IEEE80211_TXRXD_TX_INJECTED))
+ return TXRX_CONTINUE;
+
if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24)
ieee80211_include_sequence(tx->sdata, hdr);
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
