Commit d524215f authored by Felix Fietkau's avatar Felix Fietkau Committed by John W. Linville

mac80211: use nullfunc frames for 4-addr sta detection

To detect incoming 4-addr stations, hostapd needs to receive a 4-addr
data frame from the remote station, so that it can create the AP VLAN
for it. With this patch, the mlme code emits a 4-addr nullfunc frame
immediately after assoc. On the AP side it also drops 4-addr nullfunc
frames to the cooked monitor mode interface, if the interface hasn't
been fully set up to receive 4-addr data frames yet.
Signed-off-by: default avatarFelix Fietkau <>
Signed-off-by: default avatarJohn W. Linville <>
parent 199afd9d
......@@ -282,6 +282,38 @@ void ieee80211_send_nullfunc(struct ieee80211_local *local,
ieee80211_tx_skb(sdata, skb);
static void ieee80211_send_4addr_nullfunc(struct ieee80211_local *local,
struct ieee80211_sub_if_data *sdata)
struct sk_buff *skb;
struct ieee80211_hdr *nullfunc;
__le16 fc;
if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
skb = dev_alloc_skb(local->hw.extra_tx_headroom + 30);
if (!skb) {
printk(KERN_DEBUG "%s: failed to allocate buffer for 4addr "
"nullfunc frame\n", sdata->name);
skb_reserve(skb, local->hw.extra_tx_headroom);
nullfunc = (struct ieee80211_hdr *) skb_put(skb, 30);
memset(nullfunc, 0, 30);
fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
nullfunc->frame_control = fc;
memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN);
memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
memcpy(nullfunc->addr4, sdata->vif.addr, ETH_ALEN);
IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
ieee80211_tx_skb(sdata, skb);
/* spectrum management related things */
static void ieee80211_chswitch_work(struct work_struct *work)
......@@ -1089,6 +1121,13 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
bss_conf->assoc_capability = capab_info;
ieee80211_set_associated(sdata, cbss, changed);
* If we're using 4-addr mode, let the AP know that we're
* doing so, so that it can create the STA VLAN on its side
if (ifmgd->use_4addr)
ieee80211_send_4addr_nullfunc(local, sdata);
* Start timer to probe the connection to the AP now.
* Also start the timer that will detect beacon loss.
......@@ -1111,6 +1111,18 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
if (ieee80211_is_nullfunc(hdr->frame_control) ||
ieee80211_is_qos_nullfunc(hdr->frame_control)) {
* If we receive a 4-addr nullfunc frame from a STA
* that was not moved to a 4-addr STA vlan yet, drop
* the frame to the monitor interface, to make sure
* that hostapd sees it
if (ieee80211_has_a4(hdr->frame_control) &&
(rx->sdata->vif.type == NL80211_IFTYPE_AP ||
(rx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN &&
* Update counter and free packet here to avoid
* counting this as a dropped packed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment