cca_settings is used without zero initialization, which may
introduce random values and result in invalid nl80211
attributes.

Without this fix, BSS color switch may fail completely and
the feature becomes non-functional. Initialize the structure
before use.

Signed-off-by: Wei Zhang <[email protected]>
---
Changes in v2:
  - Add CC to layer maintainer and reviewer

 ...learing-up-settings-for-color-switch.patch | 34 +++++++++++++++++++
 .../hostapd/hostapd_2.11.bb                   |  1 +
 2 files changed, 35 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/hostapd/hostapd/0002-hostapd-Fix-clearing-up-settings-for-color-switch.patch

diff --git 
a/meta-oe/recipes-connectivity/hostapd/hostapd/0002-hostapd-Fix-clearing-up-settings-for-color-switch.patch
 
b/meta-oe/recipes-connectivity/hostapd/hostapd/0002-hostapd-Fix-clearing-up-settings-for-color-switch.patch
new file mode 100644
index 0000000000..5d6cce3f14
--- /dev/null
+++ 
b/meta-oe/recipes-connectivity/hostapd/hostapd/0002-hostapd-Fix-clearing-up-settings-for-color-switch.patch
@@ -0,0 +1,34 @@
+From 161327f91d956771996c96ea1b6e4e1cb8dc074c Mon Sep 17 00:00:00 2001
+From: Stone Zhang <[email protected]>
+Date: Mon, 14 Oct 2024 18:47:32 +0800
+Subject: [PATCH] hostapd: Fix clearing up settings for color switch
+
+Settings for color switch (struct cca_settings settings)
+is used without zero clearing, which causes the member
+settings->ubpr->unsol_bcast_probe_resp_intervalettings
+to be a random value. It is againsts the NLA policy of
+NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT and causes
+BSS color switch failure.
+
+Fixes: 654d2395dddf ("BSS coloring: Handling of collision events and 
triggering CCA")
+Signed-off-by: Stone Zhang <[email protected]>
+Upstream-Status: Backport 
[https://w1.fi/cgit/hostap.git/commit/?id=161327f91d956771996c96ea1b6e4e1cb8dc074c]
+---
+ src/ap/hostapd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
+index 5ba2cab2c..90e93b6dc 100644
+--- a/src/ap/hostapd.c
++++ b/src/ap/hostapd.c
+@@ -4768,6 +4768,7 @@ static void hostapd_switch_color_timeout_handler(void 
*eloop_data,
+               struct cca_settings settings;
+               int ret;
+ 
++              os_memset(&settings, 0, sizeof(settings));
+               hostapd_cleanup_cca_params(bss);
+               bss->cca_color = r;
+               bss->cca_count = 10;
+-- 
+2.45.2
+
diff --git a/meta-oe/recipes-connectivity/hostapd/hostapd_2.11.bb 
b/meta-oe/recipes-connectivity/hostapd/hostapd_2.11.bb
index a6f7122847..ce1c145fd7 100644
--- a/meta-oe/recipes-connectivity/hostapd/hostapd_2.11.bb
+++ b/meta-oe/recipes-connectivity/hostapd/hostapd_2.11.bb
@@ -9,6 +9,7 @@ DEPENDS = "libnl openssl"
 SRC_URI = " \
     http://w1.fi/releases/hostapd-${PV}.tar.gz \
     file://0001-Include-base64-for-hostapd-CONFIG_SAE_PK-builds.patch \
+    file://0002-hostapd-Fix-clearing-up-settings-for-color-switch.patch \
     file://defconfig \
     file://init \
     file://hostapd.service \
-- 
2.34.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127267): 
https://lists.openembedded.org/g/openembedded-devel/message/127267
Mute This Topic: https://lists.openembedded.org/mt/119512013/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to