Linux 3.6.7

[thirdparty/kernel/stable-queue.git] / releases / 3.6.7 / mac80211-use-blacklist-for-duplicate-ie-check.patch

diff --git a/releases/3.6.7/mac80211-use-blacklist-for-duplicate-ie-check.patch b/releases/3.6.7/mac80211-use-blacklist-for-duplicate-ie-check.patch
new file mode 100644 (file)
index 0000000..51869d1
--- /dev/null
+++ b/releases/3.6.7/mac80211-use-blacklist-for-duplicate-ie-check.patch
@@ -0,0 +1,75 @@
+From 9690fb169b433a66485c808e4fc352b8a0f8d866 Mon Sep 17 00:00:00 2001
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Wed, 24 Oct 2012 14:19:53 +0200
+Subject: mac80211: use blacklist for duplicate IE check
+
+From: Johannes Berg <johannes.berg@intel.com>
+
+commit 9690fb169b433a66485c808e4fc352b8a0f8d866 upstream.
+
+Instead of the current whitelist which accepts duplicates
+only for the quiet and vendor IEs, use a blacklist of all
+IEs (that we currently parse) that can't be duplicated.
+
+This avoids detecting a beacon as corrupt in the future
+when new IEs are added that can be duplicated.
+
+Signed-off-by: Paul Stewart <pstew@chromium.org>
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/mac80211/util.c |   42 +++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 35 insertions(+), 7 deletions(-)
+
+--- a/net/mac80211/util.c
++++ b/net/mac80211/util.c
+@@ -637,13 +637,41 @@ u32 ieee802_11_parse_elems_crc(u8 *start
+                       break;
+               }
+ 
+-              if (id != WLAN_EID_VENDOR_SPECIFIC &&
+-                  id != WLAN_EID_QUIET &&
+-                  test_bit(id, seen_elems)) {
+-                      elems->parse_error = true;
+-                      left -= elen;
+-                      pos += elen;
+-                      continue;
++              switch (id) {
++              case WLAN_EID_SSID:
++              case WLAN_EID_SUPP_RATES:
++              case WLAN_EID_FH_PARAMS:
++              case WLAN_EID_DS_PARAMS:
++              case WLAN_EID_CF_PARAMS:
++              case WLAN_EID_TIM:
++              case WLAN_EID_IBSS_PARAMS:
++              case WLAN_EID_CHALLENGE:
++              case WLAN_EID_RSN:
++              case WLAN_EID_ERP_INFO:
++              case WLAN_EID_EXT_SUPP_RATES:
++              case WLAN_EID_HT_CAPABILITY:
++              case WLAN_EID_HT_OPERATION:
++              case WLAN_EID_VHT_CAPABILITY:
++              case WLAN_EID_VHT_OPERATION:
++              case WLAN_EID_MESH_ID:
++              case WLAN_EID_MESH_CONFIG:
++              case WLAN_EID_PEER_MGMT:
++              case WLAN_EID_PREQ:
++              case WLAN_EID_PREP:
++              case WLAN_EID_PERR:
++              case WLAN_EID_RANN:
++              case WLAN_EID_CHANNEL_SWITCH:
++              case WLAN_EID_EXT_CHANSWITCH_ANN:
++              case WLAN_EID_COUNTRY:
++              case WLAN_EID_PWR_CONSTRAINT:
++              case WLAN_EID_TIMEOUT_INTERVAL:
++                      if (test_bit(id, seen_elems)) {
++                              elems->parse_error = true;
++                              left -= elen;
++                              pos += elen;
++                              continue;
++                      }
++                      break;
+               }
+ 
+               if (calc_crc && id < 64 && (filter & (1ULL << id)))