From: Johannes Berg <johannes.berg@xxxxxxxxx>
To be able to more easily understand the code, drop robust
action frames before being associated, even if there's no
MFP in the end, as they are Class 3 Frames and shouldn't
be transmitted in the first place.
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Gregory Greenman <gregory.greenman@xxxxxxxxx>
---
v2: rebase adjustments, for c419d884551f
("wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value")
---
net/mac80211/rx.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 051db97a92b4..f2ea15d31c31 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2474,6 +2474,15 @@ ieee80211_drop_unencrypted_mgmt(struct ieee80211_rx_data *rx)
return RX_DROP_U_UNPROT_UNICAST_PUB_ACTION;
}
+ /*
+ * Drop robust action frames before assoc regardless of MFP state,
+ * after assoc we also have decided on MFP or not.
+ */
+ if (ieee80211_is_action(fc) &&
+ ieee80211_is_robust_mgmt_frame(rx->skb) &&
+ (!rx->sta || !test_sta_flag(rx->sta, WLAN_STA_ASSOC)))
+ return -EACCES;
+
return RX_CONTINUE;
}
--
2.38.1
