[patch] net80211: reject STA frames not destined to the current STA VAP MAC address

Adrian Chadd adrian at freebsd.org
Wed Oct 26 14:28:40 UTC 2011 

Hi,

This patch rejects frames that are sent to a STA with an incorrect
destination MAC.
This is to fix an issue with the AR9160 in STA mode where it
occasionally leaks frames destined to other stations. This then
updates the crypto IV state and last received sequence number, causing
subsequent frames from the correct MAC to be dropped inside net80211.

It's also needed if we decide (eventually) to support >1 STA VAP.

I'd like to merge this to -9 and -8, in case there are other AR9160 STA users.

Thanks,


Adrian


Index: ieee80211_sta.c
===================================================================
--- ieee80211_sta.c     (.../head/sys/net80211) (revision 226789)
+++ ieee80211_sta.c     (.../user/adrian/if_ath_tx/sys/net80211)
 (revision 226789)
@@ -50,6 +50,8 @@
 #include <net/if.h>
 #include <net/if_media.h>
 #include <net/if_llc.h>
+#include <net/if_dl.h>
+#include <net/if_var.h>
 #include <net/ethernet.h>

 #include <net/bpf.h>
@@ -584,6 +584,30 @@
                        vap->iv_stats.is_rx_wrongbss++;
                        goto out;
                }
+
+               /*
+                * Some devices may be in a promiscuous mode
+                * where they receive frames for multiple station
+                * addresses.
+                *
+                * If we receive a data frame that isn't
+                * destined to our VAP MAC, drop it.
+                *
+                * XXX TODO: This is only enforced when not scanning;
+                * XXX it assumes a software-driven scan will put the NIC
+                * XXX into a "no data frames" mode before setting this
+                * XXX flag. Otherwise it may be possible that we'll still
+                * XXX process data frames whilst scanning.
+                */
+               if ((! IEEE80211_IS_MULTICAST(wh->i_addr1))
+                   && (! IEEE80211_ADDR_EQ(wh->i_addr1, IF_LLADDR(ifp)))) {
+                       IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
+                           bssid, NULL, "not to cur sta: lladdr=%6D,
addr1=%6D",
+                           IF_LLADDR(ifp), ":", wh->i_addr1, ":");
+                       vap->iv_stats.is_rx_wrongbss++;
+                       goto out;
+               }
+
                IEEE80211_RSSI_LPF(ni->ni_avgrssi, rssi);
                ni->ni_noise = nf;
                if (HAS_SEQ(type) && !IEEE80211_IS_MULTICAST(wh->i_addr1)) {

More information about the freebsd-wireless mailing list