[PATCH v5] mac80211: do not TX injected frames when not allowed

linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH v5] mac80211: do not TX injected frames when not allowed
@ 2009-01-30 16:40 Luis R. Rodriguez
  2009-01-30 17:07 ` Luis R. Rodriguez
  0 siblings, 1 reply; 2+ messages in thread
From: Luis R. Rodriguez @ 2009-01-30 16:40 UTC (permalink / raw)
  To: johannes, Jouni.Malinen, johannes, linville
  Cc: Luis R. Rodriguez, linux-wireless

Monitor mode is able to TX by using injected frames. We should
not allow injected frames to be sent unless allowed by regulatory
rules. Since AP mode uses a monitor interfaces to transmit
management frames we have to take care to not break AP mode as
well while resolving this. We can deal with this by allowing compliant
APs solutions to inform mac80211 if their monitor interface is
intended to be used for an AP by setting a cfg80211 flag for the
monitor interface. hostapd, for example, currently does its own
checks to ensure AP mode is not used on channels which require radar
detection. Once such solutions are available it can can add this
flag for monitor interfaces.

Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
---

This v5 leaves the AP flag out, we can add it once we have radar support.

 net/mac80211/tx.c |   22 ++++++++++++++++++++++
 1 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 7b013fb..aa5ba90 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -1432,11 +1432,33 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
 int ieee80211_monitor_start_xmit(struct sk_buff *skb,
 				 struct net_device *dev)
 {
+	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
 	struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
+	struct ieee80211_channel *chan = local->hw.conf.channel;
 	struct ieee80211_radiotap_header *prthdr =
 		(struct ieee80211_radiotap_header *)skb->data;
 	u16 len_rthdr;
 
+	/*
+	 * Frame injection is not allowed if beaconing is not allowed
+	 * or if we need radar detection. Beaconing is usually not allowed when
+	 * the mode or operation (Adhoc, AP, Mesh) does not support DFS.
+	 * Passive scan is also used in world regulatory domains where
+	 * your country is not known and as such it should be treated as
+	 * NO TX unless the channel is explicitly allowed in which case
+	 * your current regulatory domain would not have the passive scan
+	 * flag.
+	 *
+	 * Since AP mode uses monitor interfaces to inject/TX management
+	 * frames we can make AP mode the exception to this rule once it
+	 * supports radar detection as its implementation can deal with
+	 * radar detection by itself. We can do that later by adding a
+	 * monitor flag interfaces used for AP support.
+	 */
+	if ((chan->flags & (IEEE80211_CHAN_NO_IBSS | IEEE80211_CHAN_RADAR |
+	     IEEE80211_CHAN_PASSIVE_SCAN)))
+		goto fail;
+
 	/* check for not even having the fixed radiotap header part */
 	if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header)))
 		goto fail; /* too short to be possibly valid */
-- 
1.6.1.2.253.ga34a


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH v5] mac80211: do not TX injected frames when not allowed
  2009-01-30 16:40 [PATCH v5] mac80211: do not TX injected frames when not allowed Luis R. Rodriguez
@ 2009-01-30 17:07 ` Luis R. Rodriguez
  0 siblings, 0 replies; 2+ messages in thread
From: Luis R. Rodriguez @ 2009-01-30 17:07 UTC (permalink / raw)
  To: Luis Rodriguez
  Cc: johannes@sipsolutions.net, Jouni Malinen, linville@tuxdriver.com,
	linux-wireless@vger.kernel.org

On Fri, Jan 30, 2009 at 08:40:36AM -0800, Luis Rodriguez wrote:
> Monitor mode is able to TX by using injected frames. We should
> not allow injected frames to be sent unless allowed by regulatory
> rules. Since AP mode uses a monitor interfaces to transmit
> management frames we have to take care to not break AP mode as
> well while resolving this. We can deal with this by allowing compliant
> APs solutions to inform mac80211 if their monitor interface is
> intended to be used for an AP by setting a cfg80211 flag for the
> monitor interface. hostapd, for example, currently does its own
> checks to ensure AP mode is not used on channels which require radar
> detection. Once such solutions are available it can can add this
> flag for monitor interfaces.
> 
> Acked-by: Johannes Berg <johannes@sipsolutions.net>
> Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
> ---
> 
> This v5 leaves the AP flag out, we can add it once we have radar support.
> 
>  net/mac80211/tx.c |   22 ++++++++++++++++++++++
>  1 files changed, 22 insertions(+), 0 deletions(-)
> 
> diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
> index 7b013fb..aa5ba90 100644
> --- a/net/mac80211/tx.c
> +++ b/net/mac80211/tx.c
> @@ -1432,11 +1432,33 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
>  int ieee80211_monitor_start_xmit(struct sk_buff *skb,
>                                  struct net_device *dev)
>  {
> +       struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);

unused variable now, bleh, sorry, will send v6.. hopefully the last heh.

  Luis

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2009-01-30 17:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-01-30 16:40 [PATCH v5] mac80211: do not TX injected frames when not allowed Luis R. Rodriguez
2009-01-30 17:07 ` Luis R. Rodriguez

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).