[PATCH AUTOSEL 4.19 1/8] wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support

From: Sasha Levin
Date: Fri Nov 18 2022 - 21:28:19 EST

Next message: Sasha Levin: "[PATCH AUTOSEL 4.19 2/8] audit: fix undefined behavior in bit shift for AUDIT_BIT"
Previous message: Sasha Levin: "[PATCH AUTOSEL 5.4 11/11] MIPS: pic32: treat port as signed integer"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 4.19 2/8] audit: fix undefined behavior in bit shift for AUDIT_BIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jonas Jelonek <jelonek.jonas@xxxxxxxxx>

[ Upstream commit 69188df5f6e4cecc6b76b958979ba363cd5240e8 ]

Fixes a warning that occurs when rc table support is enabled
(IEEE80211_HW_SUPPORTS_RC_TABLE) in mac80211_hwsim and the PS mode
is changed via the exported debugfs attribute.

When the PS mode is changed, a packet is broadcasted via
hwsim_send_nullfunc by creating and transmitting a plain skb with only
header initialized. The ieee80211 rate array in the control buffer is
zero-initialized. When ratetbl support is enabled, ieee80211_get_tx_rates
is called for the skb with sta parameter set to NULL and thus no
ratetbl can be used. The final rate array then looks like
[-1,0; 0,0; 0,0; 0,0] which causes the warning in ieee80211_get_tx_rate.

The issue is fixed by setting the count of the first rate with idx '0'
to 1 and hence ieee80211_get_tx_rates won't overwrite it with idx '-1'.

Signed-off-by: Jonas Jelonek <jelonek.jonas@xxxxxxxxx>
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/net/wireless/mac80211_hwsim.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c
index c52802adb5b2..22738ba7d65b 100644
--- a/drivers/net/wireless/mac80211_hwsim.c
+++ b/drivers/net/wireless/mac80211_hwsim.c
@@ -686,6 +686,7 @@ static void hwsim_send_nullfunc(struct mac80211_hwsim_data *data, u8 *mac,
struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
struct sk_buff *skb;
struct ieee80211_hdr *hdr;
+ struct ieee80211_tx_info *cb;

if (!vp->assoc)
return;
@@ -707,6 +708,10 @@ static void hwsim_send_nullfunc(struct mac80211_hwsim_data *data, u8 *mac,
memcpy(hdr->addr2, mac, ETH_ALEN);
memcpy(hdr->addr3, vp->bssid, ETH_ALEN);

+ cb = IEEE80211_SKB_CB(skb);
+ cb->control.rates[0].count = 1;
+ cb->control.rates[1].idx = -1;
+
rcu_read_lock();
mac80211_hwsim_tx_frame(data->hw, skb,
rcu_dereference(vif->chanctx_conf)->def.chan);
--
2.35.1

Next message: Sasha Levin: "[PATCH AUTOSEL 4.19 2/8] audit: fix undefined behavior in bit shift for AUDIT_BIT"
Previous message: Sasha Levin: "[PATCH AUTOSEL 5.4 11/11] MIPS: pic32: treat port as signed integer"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 4.19 2/8] audit: fix undefined behavior in bit shift for AUDIT_BIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]