kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/net
History
Michael Braun 72f15d53f3 mac80211: filter multicast data packets on AP / AP_VLAN 
This patch adds filtering for multicast data packets on AP_VLAN
interfaces that have no authorized station connected and changes
filtering on AP interfaces to not count stations assigned to
AP_VLAN interfaces.

This saves airtime and avoids waking up other stations currently
authorized in this BSS. When using WPA, the packets dropped could
not be decrypted by any station.

The behaviour when there are no AP_VLAN interfaces is left unchanged.

When there are AP_VLAN interfaces, this patch
1. adds filtering multicast data packets sent on AP_VLAN interfaces
   that have no authorized station connected.
   No filtering happens on 4addr AP_VLAN interfaces.
2. makes filtering of multicast data packets sent on AP interfaces
   depend on the number of authorized stations in this bss not
   assigned to an AP_VLAN interface.

Therefore, a new num_mcast_sta counter is added for AP_VLAN interfaces.
The existing one for AP interfaces is altered to not track stations
assigned to an AP_VLAN interface.

The new counter is exposed in debugfs.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
[reformat commit message a bit, unline ieee80211_vif_{inc,dec}_num_mcast]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-10-12 11:33:29 +02:00
..
6lowpan 6lowpan: ndisc: no overreact if no short address is available 2016-09-19 20:19:34 +02:00
9p IB/core: add support to create a unsafe global rkey to ib_create_pd 2016-09-23 13:47:44 -04:00
802
8021q net: remove type_check from dev_get_nest_level() 2016-08-13 15:15:54 -07:00
appletalk appletalk: use IS_ENABLED() instead of checking for built-in or module 2016-09-10 21:19:10 -07:00
atm lec: use IS_ENABLED() instead of checking for built-in or module 2016-09-10 21:19:10 -07:00
ax25
batman-adv treewide: remove redundant #include <linux/kconfig.h> 2016-10-11 15:06:33 -07:00
bluetooth Bluetooth: Refactor append name and appearance 2016-10-06 11:52:29 +02:00
bridge netfilter: bridge: clarify bridge/netfilter message 2016-10-02 22:44:03 -04:00
caif caif: Remove unneeded header file 2016-06-28 05:26:14 -04:00
can
ceph crush: remove redundant local variable 2016-10-05 23:02:10 +02:00
core Merge branch 'akpm' (patches from Andrew) 2016-10-07 21:38:00 -07:00
dcb
dccp Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-07-29 17:38:46 -07:00
decnet net: fix decnet rtnexthop parsing 2016-07-05 14:08:47 -07:00
dns_resolver
dsa net: dsa: add port fast ageing 2016-09-23 08:38:50 -04:00
ethernet
hsr
ieee802154 ieee802154: 6lowpan: fix intra pan id check 2016-07-08 13:23:12 +02:00
ipv4 Merge branch 'akpm' (patches from Andrew) 2016-10-07 21:38:00 -07:00
ipv6 ipv6 addrconf: disallow rtr_solicits < -1 2016-10-07 23:43:56 -04:00
ipx
irda Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-09-23 06:46:57 -04:00
iucv Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-07-29 17:38:46 -07:00
kcm Merge branch 'work.splice_read' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-07 15:36:58 -07:00
key
l2tp l2tp: constify net_device_ops structures 2016-09-17 10:07:23 -04:00
l3mdev net: ipv6: Remove l3mdev_get_saddr6 2016-09-10 23:12:53 -07:00
lapb
llc llc: switch type to bool as the timeout is only tested versus 0 2016-09-17 10:05:05 -04:00
mac80211 mac80211: filter multicast data packets on AP / AP_VLAN 2016-10-12 11:33:29 +02:00
mac802154 mac802154: use rate limited warnings for malformed frames 2016-09-19 20:19:34 +02:00
mpls mpls: move mpls_hdr to a common location 2016-10-03 02:00:21 -04:00
ncsi net/ncsi: Introduce ncsi_stop_dev() 2016-10-04 02:11:51 -04:00
netfilter netfilter: Fix slab corruption. 2016-10-11 04:44:37 -04:00
netlabel netlabel: Implement CALIPSO config functions for SMACK. 2016-06-27 15:06:18 -04:00
netlink netlink: do not enter direct reclaim from netlink_dump() 2016-10-06 20:53:13 -04:00
netrom
nfc NFC: digital: Fix RTOX supervisor PDU handling 2016-07-11 02:02:03 +02:00
openvswitch openvswitch: use mpls_hdr 2016-10-03 02:00:22 -04:00
packet packet: call fanout_release, while UNREGISTERING a netdev 2016-10-06 20:50:18 -04:00
phonet
qrtr
rds IB/core: add support to create a unsafe global rkey to ib_create_pd 2016-09-23 13:47:44 -04:00
rfkill
rose rose: limit sk_filter trim to payload 2016-07-13 11:53:40 -07:00
rxrpc rxrpc: Don't request an ACK on the last DATA packet of a call's Tx phase 2016-10-06 08:11:51 +01:00
sched net/sched: act_vlan: Push skb->data to mac_header prior calling skb_vlan_*() functions 2016-10-03 21:40:50 -04:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-10-02 22:20:41 -04:00
strparser kcm: Remove TCP specific references from kcm and strparser 2016-08-28 23:32:41 -04:00
sunrpc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
switchdev switchdev: remove FIB offload infrastructure 2016-09-28 04:48:00 -04:00
tipc tipc: fix possible memory leak in tipc_udp_enable() 2016-09-13 11:28:32 -04:00
unix skb_splice_bits(): get rid of callback 2016-10-03 20:40:56 -04:00
vmw_vsock VSOCK: Don't dec ack backlog twice for rejected connections 2016-09-27 07:59:25 -04:00
wimax
wireless Merge remote-tracking branch 'net-next/master' into mac80211-next 2016-10-04 09:46:44 +02:00
x25 net: x25: remove null checks on arrays calling_ae and called_ae 2016-09-09 18:13:30 -07:00
xfrm proc: Reduce cache miss in xfrm_statistics_seq_show 2016-09-30 01:50:45 -04:00
compat.c
Kconfig strparser: Stream parser for messages 2016-08-17 19:36:23 -04:00
Makefile strparser: Stream parser for messages 2016-08-17 19:36:23 -04:00
socket.c vfs: Remove {get,set,remove}xattr inode operations 2016-10-07 21:48:36 -04:00
sysctl_net.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2016-10-06 09:52:23 -07:00