diff mbox series

[13/20] wifi: cfg80211: ignore invalid TBTT info field types

Message ID 20230616094949.7865606ffe94.I7ff28afb875d1b4c39acd497df8490a7d3628e3f@changeid
State New
Headers show
Series cfg80211/mac80211 patches from our internal tree 2023-06-16 | expand

Commit Message

Greenman, Gregory June 16, 2023, 6:54 a.m. UTC 
From: Benjamin Berg <benjamin.berg@intel.com>

The TBTT information field type must be zero. This is only changed in
the 802.11be draft specification where the value 1 is used to indicate
that only the MLD parameters are included.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
---
 include/linux/ieee80211.h | 2 ++
 net/wireless/scan.c       | 7 +++++++
 2 files changed, 9 insertions(+)
diff mbox series

Patch

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index 5dfed1a6625c..47ddc65b443b 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -4481,6 +4481,8 @@  static inline bool for_each_element_completed(const struct element *element,
 #define IEEE80211_AP_INFO_TBTT_HDR_FILTERED			0x04
 #define IEEE80211_AP_INFO_TBTT_HDR_COLOC			0x08
 #define IEEE80211_AP_INFO_TBTT_HDR_COUNT			0xF0
+#define IEEE80211_TBTT_INFO_TYPE_TBTT				0
+#define IEEE80211_TBTT_INFO_TYPE_MLD				1
 #define IEEE80211_TBTT_INFO_OFFSET_BSSID_BSS_PARAM		9
 #define IEEE80211_TBTT_INFO_OFFSET_BSSID_SSSID_BSS_PARAM	13
 
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index d9abbf123ad1..2212e6d24204 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -629,6 +629,13 @@  static int cfg80211_parse_colocated_ap(const struct cfg80211_bss_ies *ies,
 		if (end - pos < count * length)
 			break;
 
+		if (u8_get_bits(ap_info->tbtt_info_hdr,
+				IEEE80211_AP_INFO_TBTT_HDR_TYPE) !=
+		    IEEE80211_TBTT_INFO_TYPE_TBTT) {
+			pos += count * length;
+			continue;
+		}
+
 		/*
 		 * TBTT info must include bss param + BSSID +
 		 * (short SSID or same_ssid bit to be set).