Re: [PATCH 5.3] mwifiex: fix 802.11n/WPA detection

Takashi Iwai <tiwai@xxxxxxx> · Mon, 29 Jul 2019 18:01:45 +0200

On Wed, 24 Jul 2019 21:46:34 +0200,
Brian Norris wrote:
> 
> Commit 63d7ef36103d ("mwifiex: Don't abort on small, spec-compliant
> vendor IEs") adjusted the ieee_types_vendor_header struct, which
> inadvertently messed up the offsets used in
> mwifiex_is_wpa_oui_present(). Add that offset back in, mirroring
> mwifiex_is_rsn_oui_present().
> 
> As it stands, commit 63d7ef36103d breaks compatibility with WPA (not
> WPA2) 802.11n networks, since we hit the "info: Disable 11n if AES is
> not supported by AP" case in mwifiex_is_network_compatible().
> 
> Fixes: 63d7ef36103d ("mwifiex: Don't abort on small, spec-compliant vendor IEs")
> Cc: <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Brian Norris <briannorris@xxxxxxxxxxxx>

This isn't seen in linux-next yet.  Still pending review?

In anyway,
  Reviewed-by: Takashi Iwai <tiwai@xxxxxxx>

Thanks!

Takashi

> ---
>  drivers/net/wireless/marvell/mwifiex/main.h | 1 +
>  drivers/net/wireless/marvell/mwifiex/scan.c | 3 ++-
>  2 files changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/net/wireless/marvell/mwifiex/main.h b/drivers/net/wireless/marvell/mwifiex/main.h
> index 3e442c7f7882..095837fba300 100644
> --- a/drivers/net/wireless/marvell/mwifiex/main.h
> +++ b/drivers/net/wireless/marvell/mwifiex/main.h
> @@ -124,6 +124,7 @@ enum {
>  
>  #define MWIFIEX_MAX_TOTAL_SCAN_TIME	(MWIFIEX_TIMER_10S - MWIFIEX_TIMER_1S)
>  
> +#define WPA_GTK_OUI_OFFSET				2
>  #define RSN_GTK_OUI_OFFSET				2
>  
>  #define MWIFIEX_OUI_NOT_PRESENT			0
> diff --git a/drivers/net/wireless/marvell/mwifiex/scan.c b/drivers/net/wireless/marvell/mwifiex/scan.c
> index 0d6d41727037..21dda385f6c6 100644
> --- a/drivers/net/wireless/marvell/mwifiex/scan.c
> +++ b/drivers/net/wireless/marvell/mwifiex/scan.c
> @@ -181,7 +181,8 @@ mwifiex_is_wpa_oui_present(struct mwifiex_bssdescriptor *bss_desc, u32 cipher)
>  	u8 ret = MWIFIEX_OUI_NOT_PRESENT;
>  
>  	if (has_vendor_hdr(bss_desc->bcn_wpa_ie, WLAN_EID_VENDOR_SPECIFIC)) {
> -		iebody = (struct ie_body *) bss_desc->bcn_wpa_ie->data;
> +		iebody = (struct ie_body *)((u8 *)bss_desc->bcn_wpa_ie->data +
> +					    WPA_GTK_OUI_OFFSET);
>  		oui = &mwifiex_wpa_oui[cipher][0];
>  		ret = mwifiex_search_oui_in_ie(iebody, oui);
>  		if (ret)
> -- 
> 2.22.0.657.g960e92d24f-goog
> 