Commit Graph

1151 Commits

Author SHA1 Message Date
Felix Fietkau
42d542e04f mac80211: fix center freq selection for 6 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8d79915327)
2021-11-23 18:30:04 +01:00
Felix Fietkau
b535ec25eb mac80211: set hostapd op_class for 6 GHz
This is needed to disambiguate it from 5 GHz channels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit c8bcdd5619)
2021-11-23 18:30:04 +01:00
Felix Fietkau
7a2405efc6 mac80211: rework default config script
Emit the new band option instead of hwmode
Support 6 GHz band and HE options

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8504212f65)
2021-11-23 18:30:04 +01:00
Felix Fietkau
d0b33833ae mac80211: make use of the new 'band' option
Use it to look up frequencies only in the configured band to better deal
with channel number overlap

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8b8c1cb09b)
2021-11-23 18:30:04 +01:00
Hauke Mehrtens
65835e0d5f mac80211: Update to backports-5.10.68
Refresh all patches.
The removed patches were integrated upstream.

This contains fixes for CVE-2020-3702

1. These patches (ath, ath9k, mac80211)  were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].

Thank you Josef Schlehofer for reporting this problem.

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-22 22:36:15 +02:00
Bob Cantor
6f13a39035 mac80211: print an error if wifi teardown fails
drv_mac80211_teardown fails silently if the device to be torn down is
not defined.  This commit prints an error message.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit 3933e29d1b)
2021-06-30 19:24:55 +02:00
Bob Cantor
9302e63d1a mac80211: always call wireless_set_data (FS#3784)
When wifi is turned off, drv_mac80211_teardown sometimes fails (silently)
because the device to be torn down is not defined.

This situation arises if drv_mac80211_setup was called twice when
wifi was turned on.

This commit ensures that the device to be torn down is always defined
in drv_mac80211_teardown.

Steps to reproduce:

1) Use /sbin/wifi to turn on wifi.
   uci set wireless.@wifi-iface[0].disabled=0
   uci set wireless.@wifi-device[0].disabled=0
   uci commit
   wifi

2) Use /sbin/wifi to turn off wifi.
   uci set wireless.@wifi-device[0].disabled=1
   uci commit
   wifi

3) Observe that wifi is still up.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit d515f6b6cd)
2021-06-30 19:24:55 +02:00
Bob Cantor
bea9380149 mac80211: fix no_reload logic (FS#3902)
If drv_mac80211_setup is called twice with the same wifi configuration,
then the second call returns early with error HOSTAPD_START_FAILED.
(wifi works nevertheless, despite the fact that setup is incomplete.  But
"ubus call network.wireless status" erroneously reports that radio0 is down.)

The relevant part of drv_mac80211_setup is,

if [ "$no_reload" != "0" ]; then
        add_ap=1
        ubus wait_for hostapd
        local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")"
        ret="$?"
        [ "$ret" != 0 -o -z "$hostapd_res" ] && {
                wireless_setup_failed HOSTAPD_START_FAILED
                return
        }
        wireless_add_process "$(jsonfilter -s "$hostapd_res" -l 1 -e @.pid)" "/usr/sbin/hostapd" 1 1
fi

This commit sets no_reload = 0 during the second call of drv_mac80211_setup.

It is perhaps worth providing a way to reproduce the situation
where drv_mac80211_setup is called twice.

When /sbin/wifi is used to turn on wifi,
   uci set wireless.@wifi-iface[0].disabled=0
   uci set wireless.@wifi-device[0].disabled=0
   uci commit
   wifi

/sbin/wifi makes the following ubus calls,
   ubus call network reload
   ubus call network.wireless down
   ubus call network.wireless up

The first and third ubus calls both call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel.
So the call sequence becomes,

   drv_mac80211_setup
   wireless_device_setup_cancel
   drv_mac80211_setup

In contrast, when LuCI is used to turn on wifi only a single call
is made to drv_mac80211_setup.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
(cherry-picked from commit a29ab3b79a)
2021-06-30 19:24:55 +02:00
Felix Fietkau
ccbe535604 mac80211: backport fix for nl80211 control port tx (fixes FS#3857)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit de49957300)
2021-06-30 19:24:55 +02:00
Felix Fietkau
4c29ff7cb8 mac80211: add support for 802.3 encap offload with software rate control
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit f2c6d892ca)
2021-06-30 19:24:55 +02:00
Felix Fietkau
a078037ace mac80211: improve rate control performance
Call rate control handler after intermediate queueuing
Includes follow-up fixes

Signed-off-by: Felix Fietkau <nbd@nbd.name>

cherry-picked from commits:
- 7dd8829ef9
- a603e82dd3
- 8bb4437c01
2021-06-30 19:12:20 +02:00
Felix Fietkau
3d0ed7d763 mac80211: fix an issue with wds links on 802.11ax devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 89c9ccc3b2)
2021-06-19 12:17:54 +02:00
Felix Fietkau
3839a4c7e9 mac80211: fix minstrel sample time check
We need to skip sampling if the next sample time is after jiffies, not before.
This patch fixes an issue where in some cases only very little sampling (or none
at all) is performed, leading to really bad data rates

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-06-17 12:45:08 +02:00
Felix Fietkau
05a8bf04ec mac80211: sync nl80211.h with upstream and backport a WPA3 related commit
Fixes compatibility issues with the latest hostapd update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 91abeebd3b)
2021-06-17 12:44:57 +02:00
Hauke Mehrtens
00d7a459f3 mac80211: Update to backports-5.10.42
The removed patches were integrated upstream.

The brcmf_driver_work workqueue was removed in brcmfmac with kernel
5.10.42, the asynchronous call was covered to a synchronous call. There
is no need to wait any more.
This part was removed manually from this patch:
brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 04a260911c)
2021-06-06 17:54:58 +02:00
Felix Fietkau
5869423d21 mac80211: backport upstream fixes for FragAttacks
From the patch series description:

Several security issues in the 802.11 implementations were found by
Mathy Vanhoef (New York University Abu Dhabi), who has published all
the details at

	https://papers.mathyvanhoef.com/usenix2021.pdf

Specifically, the following CVEs were assigned:

 * CVE-2020-24586 - Fragmentation cache not cleared on reconnection
 * CVE-2020-24587 - Reassembling fragments encrypted under different
                    keys
 * CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to
                    payload being parsed as an L2 frame under an
                    A-MSDU bit toggling attack
 * CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender
 * CVE-2020-26140 - Accepting plaintext data frames in protected
                    networks
 * CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames
 * CVE-2020-26142 - Processing fragmented frames as full frames
 * CVE-2020-26143 - Accepting fragmented plaintext frames in
                    protected networks
 * CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that
                    start with RFC1042 header with EAPOL ethertype
 * CVE-2020-26145 - Accepting plaintext broadcast fragments as full
                    frames
 * CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive
                    packet numbers
 * CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments

In general, the scope of these attacks is that they may allow an
attacker to
 * inject L2 frames that they can more or less control (depending on the
   vulnerability and attack method) into an otherwise protected network;
 * exfiltrate (some) network data under certain conditions, this is
   specific to the fragmentation issues.

A subset of these issues is known to apply to the Linux IEEE 802.11
implementation (mac80211). Where it is affected, the attached patches
fix the issues, even if not all of them reference the exact CVE IDs.

In addition, driver and/or firmware updates may be necessary, as well
as potentially more fixes to mac80211, depending on how drivers are
using it.

Specifically, for Intel devices, firmware needs to be updated to the
most recently released versions (which was done without any reference
to the security issues) to address some of the vulnerabilities.

To have a single set of patches, I'm also including patches for the
ath10k and ath11k drivers here.

We currently don't have information about how other drivers are, if
at all, affected.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-05-16 08:48:22 +02:00
Rui Salvaterra
c99f037493 mac80211/rtl: backport a rtl8192cu AP mode fix
Running USB devices in AP mode is never a good idea. That said, fix the TIM
issue in rtl8192cu [1], allowing these devices to "work" in AP mode.

[1] https://patchwork.kernel.org/project/linux-wireless/patch/20210419065956.6085-1-pkshih@realtek.com/

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit eeda8652f1)
2021-05-14 23:32:22 +02:00
Hauke Mehrtens
ce41fc38ba mac80211: Update to version 5.10.34-1
The removed patches were applied upstream and are not needed anymore.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 17ac9849d3)
2021-05-04 22:29:34 +02:00
Felix Fietkau
f066ee2ad5 mac80211: minstrel_ht: fix issue in calculating success probability
Missing braces in a macro were leading to badly working rates sometimes
getting a success probabilty of 1.0

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 12cb52bd06)
2021-04-28 21:11:15 +02:00
Felix Fietkau
4ad1957eee mac80211: add client mode connection monitor fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit dfdb28c24a)
2021-04-11 19:45:26 +02:00
Felix Fietkau
de00033bbb mac80211: support rx timestamps for HE rates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7d8e14e44f)
2021-04-11 19:45:26 +02:00
Felix Fietkau
64ddac2c1c mac80211: merge a few pending tx related fixes
Improve performance and fix potential mgmt tx hangs/warnings

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 571aedbc6c)
2021-04-04 11:39:51 +02:00
Felix Fietkau
69794908b6 mac80211: backport upstream patches for driver disconnect
Needed for an mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 5dc5015072)
2021-04-04 11:39:51 +02:00
Hauke Mehrtens
1132340a22 mac80211: Update to version 5.10.16-1
The removed patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-02-15 22:29:42 +01:00
Hauke Mehrtens
0cde9a0a65 mac80211: Refresh patches again
A wrong quilt configuration was used last time.

Fixes: ed1e234d87 ("mac80211: refresh patches")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-02-15 22:29:42 +01:00
Felix Fietkau
f118be0712 ath9k: fix transmitting to stations in dynamic SMPS mode
When transmitting to a receiver in dynamic SMPS mode, all transmissions that
use multiple spatial streams need to be sent using CTS-to-self or RTS/CTS to
give the receiver's extra chains some time to wake up.
This fixes the tx rate getting stuck at <= MCS7 for some clients, especially
Intel ones, which make aggressive use of SMPS.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:55:45 +01:00
Felix Fietkau
9cb63f5360 mac80211: fix a regression in processing rx stats
A logic error caused rx rate update to be missed for any driver not using
fast-rx

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:41:07 +01:00
Felix Fietkau
ed1e234d87 mac80211: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:41:07 +01:00
Felix Fietkau
072bfe2113 mac80211: add minstrel performance improvements
Reduce fluctuations in rate selection / statistics

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:41:07 +01:00
Felix Fietkau
b6066846ad mac80211: add decapsulation offload support
On hardware that supports this, this will improve performance by passing
802.3 frames from the hardware to the stack

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:41:07 +01:00
Felix Fietkau
8fc2cfea87 mac80211: fix a corner case in encapsulation offload support
Fix encryption key selection with WEP

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:41:07 +01:00
Felix Fietkau
268210cec8 mac80211: add fq performace improvements
Improves performance under load

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-14 19:41:07 +01:00
Hauke Mehrtens
12424edff5 mac80211: Update to version 5.10-rc6-1
The removed patches were applied upstream.

This adapts ath10k-ct and mt76 to changed APIs.
nl80211.h in iw is updated to match the version from backports.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-02-14 15:15:29 +01:00
Hauke Mehrtens
bf6f7cf29b mac80211: Update to version 5.9.12-1
The removed patches were applied upstream.

Remove the 300-mac80211-optimize-skb-resizing.patch.
This patch was not applied upstream, but it conflicts with upstream
changes and needs bigger changes. It was applied with Felix to remove
this patch for now. It should be reworked and then send upstream later.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-02-14 15:13:40 +01:00
Paul Spooren
8286f3a3d3 treewide: unify OpenWrt hosted source via @OPENWRT
Multiple sources are hosted on OpenWrts source server only. The source
URLs to point to the server vary based on different epochs in OpenWrts
history.

Replace all by @OPENWRT which is an "empty" mirror, therefore using the
fallback servers sources.cdn.openwrt.org and sources.openwrt.org.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-02-05 12:00:24 -10:00
Felix Fietkau
84fa59b5a8 mac80211: fix station rate table updates on assoc
If the driver uses .sta_add, station entries are only uploaded after the sta
is in assoc state. Fix early station rate table updates by deferring them
until the sta has been uploaded

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-01 10:00:23 +01:00
David Bauer
8019c54d8a mac80211: fix incorrect parameter
he_mu_beamformer only accepts values of 0 and 1 according to the hostapd
documentation.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-01 00:48:37 +01:00
David Bauer
0c499f6068 mac80211: convert UniFi Outdoor+ HSR support to OF
Enable support for the Ubiquiti UniFi Outdoor+ RF filter via
device-tree. The old way of using platform data is not required anymore,
as it was only used on the now removed ar71xx target.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-01 00:47:36 +01:00
Felix Fietkau
7ca75a2d01 mac80211: fix an uninitialized variable warning
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-26 20:00:03 +01:00
Felix Fietkau
56c20f0a5a mac80211: minstrel_ht: fix regression in the max_prob_rate fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-26 16:46:45 +01:00
Felix Fietkau
1fdbb8779a mac80211: remove accidentally duplicated line in minstrel_ht patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-26 16:46:45 +01:00
Felix Fietkau
37752336bd mac80211: add significant minstrel_ht performance improvements
Completely redesign the rate sampling approach

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-25 12:19:22 +01:00
Felix Fietkau
b0ad07e9a0 mac80211: fix rounding error in minstrel_ht throughput calculation
Fixes rate selection with lower data rates

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-15 13:05:40 +01:00
Felix Fietkau
faeaf5a010 mac80211: fix an uninitialized stack variable in the minstrel update
It can lead to out-of-bounds access and invalid rates

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-14 20:12:29 +01:00
Daniel Golle
d9d6988434 mac80211: improve error handling when adding hostapd config
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-14 00:52:50 +00:00
Daniel Golle
cbd67dbdcd mac80211: use hostapd PID returned from config_add
Use PID returned from config_add instead of querying procd when adding
configuration to hostapd.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-10 19:18:29 +00:00
Robert Marko
6442b8cbc2 mac80211: Add wil6210 driver
This patch adds wil6210 driver for Wilocity/QCA based 802.11ad
PCI cards.

Driver uses cfg80211 and nl80211 but not mac80211.
Integration for UCI and LuCI will come in other patches.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-01-05 02:16:24 +00:00
Gary Cooper
d140d18990 mac80211: add 802.11ad-support
This adds logic to properly populate defaults in /etc/config/wireless.

Signed-off-by: Gary Cooper <gaco@bitmessage.de>
2021-01-05 02:16:24 +00:00
Felix Fietkau
3a12c6679e mac80211: replace legacy minstrel with minstrel_ht, improve rate selection
Legacy minstrel is essentially unmaintained and was showing poor performance
Replace it with minstrel_ht and improve rate selection and sampling behavior

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-03 12:56:40 +01:00
Felix Fietkau
e1851720f1 hostapd: do not restart hostapd instance on wireless restarts
Add the flag that prevents netifd from killing hostapd/wpa_supplicant

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-12-31 14:26:00 +01:00