wifi: mac80211: fix control port frame addressing

For an AP interface, when userspace specifieds the link ID to transmit the control port frame on (in particular for the initial 4-way-HS), due to the logic in ieee80211_build_hdr() for a frame transmitted from/to an MLD, we currently build a header with A1 = DA = MLD address of the peer MLD A2 = local link address (!) A3 = SA = local MLD address This clearly makes no sense, and leads to two problems: - if the frame were encrypted (not true for the initial 4-way-HS) the AAD would be calculated incorrectly - if iTXQs are used, the frame is dropped by logic in ieee80211_tx_dequeue() Fix the addressing, which fixes the first bullet, and the second bullet for peer MLDs, I'll fix the second one for non-MLD peers separately. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2022-08-24 12:30:16 +02:00 · 2022-08-24 12:30:16 +02:00 · a6ba64d0b1
commit a6ba64d0b1
parent 8b06d13ed2
1 changed files with 2 additions and 1 deletions
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@ -2676,7 +2676,8 @@ static struct sk_buff *ieee80211_build_hdr(struct ieee80211_sub_if_data *sdata,
 				goto free;
 			}
 			memcpy(hdr.addr2, link->conf->addr, ETH_ALEN);
-		} else if (link_id == IEEE80211_LINK_UNSPECIFIED) {
+		} else if (link_id == IEEE80211_LINK_UNSPECIFIED ||
+			   (sta && sta->sta.mlo)) {
 			memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN);
 		} else {
 			struct ieee80211_bss_conf *conf;