From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 3/3] netdev: support handling NL80211_CMD_ASSOC_COMEBACK
Date: Thu, 22 May 2025 11:41:52 -0700 [thread overview]
Message-ID: <20250522184152.29950-3-prestwoj@gmail.com> (raw)
In-Reply-To: <20250522184152.29950-1-prestwoj@gmail.com>
A BSS can temporarily reject associations and provide a delay that
the station should wait for before retrying. This is useful when
sane values are used, but taking it to the extreme an AP could
potentially request the client wait UINT32_MAX TU's which equates
to 49 days.
Either due to a bug, or worse by design, the kernel will wait for
however long that timeout is. Luckily the kernel also sends an event
to userspace with the amount of time it will be waiting. To guard
against excessive timeouts IWD will now handle this event and enforce
a maximum allowed value. If the timeout exceeds this IWD will
deauthenticate.
---
src/netdev.c | 36 ++++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/src/netdev.c b/src/netdev.c
index a26a484e..3bdc3e69 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -5451,6 +5451,39 @@ static void netdev_michael_mic_failure(struct l_genl_msg *msg,
l_debug("ifindex=%u key_idx=%u type=%u", netdev->index, idx, type);
}
+#define MAX_COMEBACK_DELAY 1200
+
+static void netdev_assoc_comeback(struct l_genl_msg *msg,
+ struct netdev *netdev)
+{
+ const uint8_t *mac;
+ uint32_t timeout;
+
+ if (L_WARN_ON(!netdev->connected))
+ return;
+
+ if (nl80211_parse_attrs(msg, NL80211_ATTR_MAC, &mac,
+ NL80211_ATTR_TIMEOUT, &timeout,
+ NL80211_ATTR_UNSPEC) < 0)
+ return;
+
+ if (L_WARN_ON(memcmp(mac, netdev->handshake->aa, ETH_ALEN)))
+ return;
+
+ if (timeout <= MAX_COMEBACK_DELAY) {
+ l_debug(MAC" requested an association comeback delay of %u TU",
+ MAC_STR(netdev->handshake->aa), timeout);
+ return;
+ }
+
+ l_debug("Comeback delay of %u exceeded maximum of %u, deauthenticating",
+ timeout, MAX_COMEBACK_DELAY);
+
+ netdev_deauth_and_fail_connection(netdev,
+ NETDEV_RESULT_ASSOCIATION_FAILED,
+ MMPDU_STATUS_CODE_REFUSED_TEMPORARILY);
+}
+
static void netdev_mlme_notify(struct l_genl_msg *msg, void *user_data)
{
struct netdev *netdev = NULL;
@@ -5504,6 +5537,9 @@ static void netdev_mlme_notify(struct l_genl_msg *msg, void *user_data)
case NL80211_CMD_MICHAEL_MIC_FAILURE:
netdev_michael_mic_failure(msg, netdev);
break;
+ case NL80211_CMD_ASSOC_COMEBACK:
+ netdev_assoc_comeback(msg, netdev);
+ break;
}
}
--
2.34.1
next prev parent reply other threads:[~2025-05-22 18:41 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-22 18:41 [PATCH 1/3] nl80211cmd: add NL80211_CMD_ASSOC_COMEBACK James Prestwood
2025-05-22 18:41 ` [PATCH 2/3] nl80211util: support parsing NL80211_ATTR_TIMEOUT James Prestwood
2025-05-22 18:41 ` James Prestwood [this message]
2025-05-28 17:08 ` [PATCH 1/3] nl80211cmd: add NL80211_CMD_ASSOC_COMEBACK Denis Kenzior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250522184152.29950-3-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=iwd@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox