Rate limit SA Query procedure initiation on unprotected disconnect

There is no need to trigger new SA Query procedure to check the state of
the connection immediately after having performed such a check. Limit
the impact of burst of unprotected Deauth/Disassoc frames by starting a
new SA Query procedure only once at least 10 seconds has passed from the
previous SA Query that was triggered by reception of an unprotected
disconnection. The first SA Query procedure for each association does
not follow this rule to avoid issues with test cases that expect to see
an SA Query every time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index b6b2410feb50399c94843f0c6e11faa4b4bcafb7..3d92fe71c0776fd1d77505cfec475951c2fdd0b6 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -1923,6 +1923,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
 #ifdef CONFIG_SME
        os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN);
        wpa_s->sme.prev_bssid_set = 1;
+       wpa_s->sme.last_unprot_disconnect.sec = 0;
 #endif /* CONFIG_SME */
 
        wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid));

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 82aef0d80ffb2a28efb0d083b646b5615dd78f14..81a1eded6098da63895ffbb5fce11400999ff3af 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1344,6 +1344,7 @@ void sme_event_unprot_disconnect(struct wpa_supplicant *wpa_s, const u8 *sa,
                                 const u8 *da, u16 reason_code)
 {
        struct wpa_ssid *ssid;
+       struct os_reltime now;
 
        if (wpa_s->wpa_state != WPA_COMPLETED)
                return;
@@ -1360,6 +1361,12 @@ void sme_event_unprot_disconnect(struct wpa_supplicant *wpa_s, const u8 *sa,
        if (wpa_s->sme.sa_query_count > 0)
                return;
 
+       os_get_reltime(&now);
+       if (wpa_s->sme.last_unprot_disconnect.sec &&
+           !os_reltime_expired(&now, &wpa_s->sme.last_unprot_disconnect, 10))
+               return; /* limit SA Query procedure frequency */
+       wpa_s->sme.last_unprot_disconnect = now;
+
        wpa_dbg(wpa_s, MSG_DEBUG, "SME: Unprotected disconnect dropped - "
                "possible AP/STA state mismatch - trigger SA Query");
        sme_start_sa_query(wpa_s);

diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index c51a70305b20c5b45ece0c4d8da156ec68dd1f10..1cb4e161ddc7e628042c8cc813a93a16adbd470e 100644 (file)
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -636,6 +636,7 @@ struct wpa_supplicant {
                                        * sa_query_count octets of pending
                                        * SA Query transaction identifiers */
                struct os_reltime sa_query_start;
+               struct os_reltime last_unprot_disconnect;
                u8 sched_obss_scan;
                u16 obss_scan_int;
                u16 bss_max_idle_period;