aboutsummaryrefslogtreecommitdiffstats
path: root/package/kernel/mac80211/patches/subsys
Commit message (Collapse)AuthorAgeFilesLines
* mac80211: sync nl80211.h with upstream and backport a WPA3 related commitFelix Fietkau2021-05-265-33/+382
| | | | | | Fixes compatibility issues with the latest hostapd update Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add 6 GHz support to mac80211_hwsimFelix Fietkau2021-05-262-0/+197
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: backport upstream fixes for FragAttacksFelix Fietkau2021-05-1211-1/+963
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From the patch series description: Several security issues in the 802.11 implementations were found by Mathy Vanhoef (New York University Abu Dhabi), who has published all the details at https://papers.mathyvanhoef.com/usenix2021.pdf Specifically, the following CVEs were assigned: * CVE-2020-24586 - Fragmentation cache not cleared on reconnection * CVE-2020-24587 - Reassembling fragments encrypted under different keys * CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to payload being parsed as an L2 frame under an A-MSDU bit toggling attack * CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender * CVE-2020-26140 - Accepting plaintext data frames in protected networks * CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames * CVE-2020-26142 - Processing fragmented frames as full frames * CVE-2020-26143 - Accepting fragmented plaintext frames in protected networks * CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that start with RFC1042 header with EAPOL ethertype * CVE-2020-26145 - Accepting plaintext broadcast fragments as full frames * CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive packet numbers * CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments In general, the scope of these attacks is that they may allow an attacker to * inject L2 frames that they can more or less control (depending on the vulnerability and attack method) into an otherwise protected network; * exfiltrate (some) network data under certain conditions, this is specific to the fragmentation issues. A subset of these issues is known to apply to the Linux IEEE 802.11 implementation (mac80211). Where it is affected, the attached patches fix the issues, even if not all of them reference the exact CVE IDs. In addition, driver and/or firmware updates may be necessary, as well as potentially more fixes to mac80211, depending on how drivers are using it. Specifically, for Intel devices, firmware needs to be updated to the most recently released versions (which was done without any reference to the security issues) to address some of the vulnerabilities. To have a single set of patches, I'm also including patches for the ath10k and ath11k drivers here. We currently don't have information about how other drivers are, if at all, affected. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to version 5.10.34-1Hauke Mehrtens2021-05-048-116/+25
| | | | | | The removed patches were applied upstream and are not needed anymore. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: minstrel_ht: fix issue in calculating success probabilityFelix Fietkau2021-04-281-0/+21
| | | | | | | Missing braces in a macro were leading to badly working rates sometimes getting a success probabilty of 1.0 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add client mode connection monitor fixFelix Fietkau2021-04-111-0/+31
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: support rx timestamps for HE ratesFelix Fietkau2021-04-111-0/+134
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: merge a few pending tx related fixesFelix Fietkau2021-03-283-0/+142
| | | | | | Improve performance and fix potential mgmt tx hangs/warnings Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: backport upstream patches for driver disconnectFelix Fietkau2021-03-155-13/+585
| | | | | | Needed for an mt76 update Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to version 5.10.16-1Hauke Mehrtens2021-02-157-168/+2
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: Refresh patches againHauke Mehrtens2021-02-155-34/+38
| | | | | | | A wrong quilt configuration was used last time. Fixes: ed1e234d87fc ("mac80211: refresh patches") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: fix a regression in processing rx statsFelix Fietkau2021-02-141-0/+28
| | | | | | | A logic error caused rx rate update to be missed for any driver not using fast-rx Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: refresh patchesFelix Fietkau2021-02-143-16/+16
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add minstrel performance improvementsFelix Fietkau2021-02-142-0/+181
| | | | | | Reduce fluctuations in rate selection / statistics Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add decapsulation offload supportFelix Fietkau2021-02-143-2/+593
| | | | | | | On hardware that supports this, this will improve performance by passing 802.3 frames from the hardware to the stack Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix a corner case in encapsulation offload supportFelix Fietkau2021-02-141-0/+53
| | | | | | Fix encryption key selection with WEP Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add fq performace improvementsFelix Fietkau2021-02-144-1/+554
| | | | | | Improves performance under load Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to version 5.10-rc6-1Hauke Mehrtens2021-02-1424-3133/+25
| | | | | | | | | The removed patches were applied upstream. This adapts ath10k-ct and mt76 to changed APIs. nl80211.h in iw is updated to match the version from backports. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: Update to version 5.9.12-1Hauke Mehrtens2021-02-1440-1418/+145
| | | | | | | | | | | The removed patches were applied upstream. Remove the 300-mac80211-optimize-skb-resizing.patch. This patch was not applied upstream, but it conflicts with upstream changes and needs bigger changes. It was applied with Felix to remove this patch for now. It should be reworked and then send upstream later. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: fix station rate table updates on assocFelix Fietkau2021-02-011-0/+38
| | | | | | | | If the driver uses .sta_add, station entries are only uploaded after the sta is in assoc state. Fix early station rate table updates by deferring them until the sta has been uploaded Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix an uninitialized variable warningFelix Fietkau2021-01-265-48/+51
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: minstrel_ht: fix regression in the max_prob_rate fixFelix Fietkau2021-01-261-0/+23
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: remove accidentally duplicated line in minstrel_ht patchFelix Fietkau2021-01-261-2/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add significant minstrel_ht performance improvementsFelix Fietkau2021-01-256-0/+1670
| | | | | | Completely redesign the rate sampling approach Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix rounding error in minstrel_ht throughput calculationFelix Fietkau2021-01-151-0/+34
| | | | | | Fixes rate selection with lower data rates Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix an uninitialized stack variable in the minstrel updateFelix Fietkau2021-01-142-3/+11
| | | | | | It can lead to out-of-bounds access and invalid rates Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: replace legacy minstrel with minstrel_ht, improve rate selectionFelix Fietkau2021-01-038-0/+2586
| | | | | | | Legacy minstrel is essentially unmaintained and was showing poor performance Replace it with minstrel_ht and improve rate selection and sampling behavior Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: do not drop tx nulldata packets on encrypted linksFelix Fietkau2020-12-181-0/+25
| | | | | | Fixes sending out nulldata probing frames Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to version 5.8.18-1Hauke Mehrtens2020-12-1613-205/+24
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: add minstrel fixes that fix mt76 issues in legacy modeFelix Fietkau2020-11-122-0/+122
| | | | | | | | Remove deferred sampling code which does not work well with rate tables + probing. Fix tx status handling if the first invalid rate idx is not set to -1 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: backport the new tasklet APIFelix Fietkau2020-11-121-0/+35
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix memory leak on filtered powersave framesFelix Fietkau2020-10-171-0/+55
| | | | | | | | | | After the status rework, ieee80211_tx_status_ext is leaking un-acknowledged packets for stations in powersave mode. To fix this, move the code handling those packets from __ieee80211_tx_status into ieee80211_tx_status_ext Reported-by: Tobias Waldvogel <tobias.waldvogel@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: backport sched_set_fifo_lowFelix Fietkau2020-09-291-0/+32
| | | | | | This is needed for newer mt76 updates Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: another fix for the sta connection monitorFelix Fietkau2020-09-291-5/+37
| | | | | | Make the code more closely match the original behavior Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: update sta connection monitor regression fixFelix Fietkau2020-09-231-15/+27
| | | | | | Reset the connection monitor on all acked frames Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix regression in station connection monitor optimizationFelix Fietkau2020-09-211-0/+26
| | | | | | | | | When the nulldata frame was acked, the probe send count needs to be reset, otherwise it will keep increasing until the connection is considered dead, even though it fine. Reported-by: Georgi Valkov <gvalkov@abv.bg> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: do not allow bigger VHT MPDUs than the hardware supportsFelix Fietkau2020-09-171-0/+34
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: allow bigger A-MSDU sizes in VHT, even if HT is limitedFelix Fietkau2020-09-161-0/+26
| | | | | | Improves tx throughput when connecting to some APs (e.g. Asus RT-AC88U) Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: update encap offload patches to the latest versionFelix Fietkau2020-09-0917-149/+1199
| | | | | | | Minor cleanup and code reorganization, along with a change to not disable offload anymore when a tkip or sw crypto key is added Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: remove an obsolete patch that is no longer doing anything usefulFelix Fietkau2020-09-018-32/+17
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add more AQL fixes/improvementsFelix Fietkau2020-09-012-0/+72
| | | | | | Fix aggregation length estimation, add HE and VHT160 support Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Fix potential endless loopHauke Mehrtens2020-08-301-0/+31
| | | | | | Backport a fix from kernel 5.8.3. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: rework encapsulation offload supportFelix Fietkau2020-08-2214-3/+1921
| | | | | | Fix a number of deficiencies in the existing API Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add missing return code checks in AQL improvementsFelix Fietkau2020-08-212-6/+8
| | | | | | Fixes throughput issues with some drivers (e.g. ath10k) Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add missing backports for building with 4.14 kernelsFelix Fietkau2020-08-142-0/+54
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add AQL improvementsFelix Fietkau2020-08-133-0/+403
| | | | | | | Add AQL support for HE drivers. Improve assumed aggregation length based on tx rate Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Update to version 5.8Hauke Mehrtens2020-08-108-109/+14
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: fix spurious disconnect issues with disassoc_low_ack=1 (default)Felix Fietkau2020-08-091-0/+116
| | | | | | | | | | mac80211 reports a packet loss event to user space when 50 consecutive packets were not acked. On a high throughput link with long aggregates and sudden link changes, this can trigger way too easily. Mitigate false positives by only triggering the event on a packet loss if no ACK was received for at least a second Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: exchange mesh 6GHz IE patch for upstream acceptedDavid Bauer2020-08-082-28/+64
| | | | | | | | | | Exchange the patch fixing the kernel ringbuffer WARNING flood for the one accepted upstream. Fixes commit a956c14d6aa4 ("mac80211: util: don't warn on missing sband iftype data") Signed-off-by: David Bauer <mail@david-bauer.net>
* mac80211: merge performance improvement patchesFelix Fietkau2020-08-063-0/+260
| | | | | | | Fix fq_codel performance issues Add a new rx function for batch processing Signed-off-by: Felix Fietkau <nbd@nbd.name>