[remove rt2400-devel, it always annoys me]
On Fri, 2008-09-26 at 19:50 +0300, Jouni Malinen wrote:
> I believe the current version is not calling driver add_interface for
> monitor events by design.
Right.
> Whether this leaves some confusing information
> for tx() handler is an open question, though, or well, at least I did
> not go through the current code now to verify what exactly is happening
> there.
No, it does, there's a bug in that despite never telling the driver
about monitor interfaces, we still pass it the monitor interface vif
pointer in TX.
> There has been some discussion on the use of monitor interfaces for
> injecting frames in the context of how management frame protection (IEEE
> 802.11w) should work with hostapd. The current design is not ideal and
> mac80211 should really be converting the netdev from mon.wlan# to wlan#;
> it just does not have enough information to do this if there may be more
> than one virtual netdev for the radio..
Right. What I've done in
commit 166a7cfdff64211f90b9ea60ec7dc302cf39b20f
Author: Johannes Berg <johannes@xxxxxxxxxxxxxxxx>
Date: Fri Sep 12 22:52:47 2008 +0200
mac80211: fix virtual interfaces vs. injection
is that it takes the TA to match up, that is incomplete when you have
WDS or something configured but should be better than the current
behaviour.
> One option that has been
> discussed is to add a radiotap parameter to indicate the interface for
> the injected frame. This way mac80211 should be able to map it to the
> correct interface and the driver would not get into this sort of
> situation where it gets a frame from an unexpected interface.
That's what I'm aiming for.
> As far as the crash itself is concerned, this may be an issue in the
> driver. Please note that net/mac80211.h explicitly notes that vif can be
> NULL for injected frames (i.e., frame from monitor interface).
Note that this is new behaviour after the patch above, in the patch
above I fixed rt2x00 to not crash when this happens. Hence, the affected
system is most likely before the crash above.
> rt2x00
> seems to be doing some kind of mapping from vif to rt2x00_intf with
> vif_to_intf() in rt2x00queue_create_tx_descriptor(). That function
> handles the NULL case by not allocating a sequence number which itself
> seems incorrect;
That was intentionally done in my patch, people have been asking for
being able to inject sequence numbers, and when the TA is known then
mac80211 will not pass NULL.
> I'll leave the following details in for whoever is reading
> linux-wireless and may have missed the original message..
Thanks.
Based on the information, I believe that this is fixed by the patch
above.
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
