wifi: mac80211: reject address change while connecting

While connecting, the MAC address can already no longer be
changed. The change is already rejected if netif_carrier_ok(),
but of course that's not true yet while connecting. Check for
auth_data or assoc_data, so the MAC address cannot be changed.

Also more comprehensively check that there are no stations on
the interface being changed - if any peer station is added it
will know about our address already, so we cannot change it.

Cc: stable@vger.kernel.org
Fixes: 3c06e91b40db ("wifi: mac80211: Support POWERED_ADDR_CHANGE feature")
Link: https://patch.msgid.link/20251105154119.f9f6c1df81bb.I9bb3760ede650fb96588be0d09a5a7bdec21b217@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index a7873832d4fa68792ee1503a4c780d3bf46327f6..0ca55b9655a7fc4c45185fba6f52cbb8761dd58b 100644 (file)
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -223,6 +223,10 @@ static int ieee80211_can_powered_addr_change(struct ieee80211_sub_if_data *sdata
        if (netif_carrier_ok(sdata->dev))
                return -EBUSY;
 
+       /* if any stations are set known (so they know this vif too), reject */
+       if (sta_info_get_by_idx(sdata, 0))
+               return -EBUSY;
+
        /* First check no ROC work is happening on this iface */
        list_for_each_entry(roc, &local->roc_list, list) {
                if (roc->sdata != sdata)
@@ -242,12 +246,16 @@ static int ieee80211_can_powered_addr_change(struct ieee80211_sub_if_data *sdata
                        ret = -EBUSY;
        }
 
+       /*
+        * More interface types could be added here but changing the
+        * address while powered makes the most sense in client modes.
+        */
        switch (sdata->vif.type) {
        case NL80211_IFTYPE_STATION:
        case NL80211_IFTYPE_P2P_CLIENT:
-               /* More interface types could be added here but changing the
-                * address while powered makes the most sense in client modes.
-                */
+               /* refuse while connecting */
+               if (sdata->u.mgd.auth_data || sdata->u.mgd.assoc_data)
+                       return -EBUSY;
                break;
        default:
                ret = -EOPNOTSUPP;