Commit 7069ef75 authored by Lorenzo "Palinuro" Faletra's avatar Lorenzo "Palinuro" Faletra
Browse files

Import Debian changes 4.16.12-1parrot12

linux (4.16.12-1parrot12) testing; urgency=medium

  * Import new Debian release.
  * Import Parrot configs and patches.
parent 3c5af882
This diff is collapsed.
......@@ -5978,8 +5978,8 @@ CONFIG_MODULE_SIG_SHA256=y
##
## choice: Timer frequency
# CONFIG_HZ_100 is not set
CONFIG_HZ_250=y
# CONFIG_HZ_300 is not set
CONFIG_HZ_300=y
# CONFIG_HZ_250 is not set
# CONFIG_HZ_1000 is not set
## end choice
......
[abi]
abiname: 2
abiname: parrot12
ignore-changes:
__cpuhp_*
__xive_vm_h_*
......
......@@ -9,8 +9,10 @@ This is expected until we generate a signing key and update
wireless-regdb to be signed with it.
---
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
Index: linux-4.16.12/net/wireless/reg.c
===================================================================
--- linux-4.16.12.orig/net/wireless/reg.c
+++ linux-4.16.12/net/wireless/reg.c
@@ -475,6 +475,7 @@ static void reg_regdb_apply(struct work_
static DECLARE_WORK(reg_regdb_work, reg_regdb_apply);
......
From: Ben Hutchings <ben@decadent.org.uk>
Date: Thu, 05 Apr 2018 18:13:52 +0200
Subject: wireless: Disable regulatory.db direct loading
Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/892229
Don't complain about being unable to load regulatory.db directly.
This is expected until we generate a signing key and update
wireless-regdb to be signed with it.
---
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -475,6 +475,7 @@ static void reg_regdb_apply(struct work_
static DECLARE_WORK(reg_regdb_work, reg_regdb_apply);
+#if 0
static int reg_schedule_apply(const struct ieee80211_regdomain *regdom)
{
struct reg_regdb_apply_request *request;
@@ -494,6 +495,7 @@ static int reg_schedule_apply(const stru
schedule_work(&reg_regdb_work);
return 0;
}
+#endif
#ifdef CONFIG_CFG80211_CRDA_SUPPORT
/* Max number of consecutive attempts to communicate with CRDA */
@@ -573,6 +575,29 @@ static inline int call_crda(const char *
/* code to directly load a firmware database through request_firmware */
static const struct fwdb_header *regdb;
+#if 1
+
+static int load_builtin_regdb_keys(void)
+{
+ return 0;
+}
+
+static void free_regdb_keyring(void)
+{
+}
+
+static int query_regdb_file(const char *alpha2)
+{
+ return -ENOENT;
+}
+
+int reg_reload_regdb(void)
+{
+ return -ENOENT;
+}
+
+#else /* disabled until we update wireless-regdb */
+
struct fwdb_country {
u8 alpha2[2];
__be16 coll_ptr;
@@ -963,6 +988,8 @@ int reg_reload_regdb(void)
return err;
}
+#endif
+
static bool reg_query_database(struct regulatory_request *request)
{
if (query_regdb_file(request->alpha2) == 0)
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -580,7 +580,8 @@ static int ieee80211_set_monitor_channel
ret = ieee80211_vif_use_channel(sdata, chandef,
IEEE80211_CHANCTX_EXCLUSIVE);
}
- } else if (local->open_count == local->monitors) {
+ // Patch: Always allow channel change, even if a normal virtual interface is present
+ } else /*if (local->open_count == local->monitors)*/ {
local->_oper_chandef = *chandef;
ieee80211_hw_config(local, 0);
}
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -795,11 +795,19 @@ ieee80211_tx_h_sequence(struct ieee80211
/*
* Packet injection may want to control the sequence
- * number, if we have no matching interface then we
- * neither assign one ourselves nor ask the driver to.
+ * number, so if an injected packet is found, skip
+ * renumbering it. Also make the packet NO_ACK to avoid
+ * excessive retries (ACKing and retrying should be
+ * handled by the injecting application).
+ * FIXME This may break hostapd and some other injectors.
+ * This should be done using a radiotap flag.
*/
- if (unlikely(info->control.vif->type == NL80211_IFTYPE_MONITOR))
+ if (unlikely((info->flags & IEEE80211_TX_CTL_INJECTED) &&
+ !(tx->sdata->u.mntr.flags & MONITOR_FLAG_COOK_FRAMES))) {
+ if (!ieee80211_has_morefrags(hdr->frame_control))
+ info->flags |= IEEE80211_TX_CTL_NO_ACK;
return TX_CONTINUE;
+ }
if (unlikely(ieee80211_is_ctl(hdr->frame_control)))
return TX_CONTINUE;
@@ -1659,7 +1667,10 @@ void ieee80211_xmit(struct ieee80211_sub
}
}
- ieee80211_set_qos_hdr(sdata, skb);
+ // Don't overwrite QoS header in monitor mode
+ if (likely(info->control.vif->type != NL80211_IFTYPE_MONITOR)) {
+ ieee80211_set_qos_hdr(sdata, skb);
+ }
ieee80211_tx(sdata, sta, skb, false);
}
--- a/net/wireless/chan.c
+++ b/net/wireless/chan.c
@@ -857,8 +857,10 @@ int cfg80211_set_monitor_channel(struct
{
if (!rdev->ops->set_monitor_channel)
return -EOPNOTSUPP;
- if (!cfg80211_has_monitors_only(rdev))
- return -EBUSY;
+ // Always allow user to change channel, even if there is another normal
+ // virtual interface using the device.
+ //if (!cfg80211_has_monitors_only(rdev))
+ // return -EBUSY;
return rdev_set_monitor_channel(rdev, chandef);
}
--- a/drivers/net/wireless/zydas/zd1211rw/zd_mac.c
+++ b/drivers/net/wireless/zydas/zd1211rw/zd_mac.c
@@ -242,14 +242,19 @@ void zd_mac_clear(struct zd_mac *mac)
static int set_rx_filter(struct zd_mac *mac)
{
unsigned long flags;
- u32 filter = STA_RX_FILTER;
+ struct zd_ioreq32 ioreqs[] = {
+ {CR_RX_FILTER, STA_RX_FILTER},
+ { CR_SNIFFER_ON, 0U },
+ };
spin_lock_irqsave(&mac->lock, flags);
- if (mac->pass_ctrl)
- filter |= RX_FILTER_CTRL;
+ if (mac->pass_ctrl) {
+ ioreqs[0].value |= 0xFFFFFFFF;
+ ioreqs[1].value = 0x1;
+ }
spin_unlock_irqrestore(&mac->lock, flags);
- return zd_iowrite32(&mac->chip, CR_RX_FILTER, filter);
+ return zd_iowrite32a(&mac->chip, ioreqs, ARRAY_SIZE(ioreqs));
}
static int set_mac_and_bssid(struct zd_mac *mac)
@@ -1057,7 +1062,8 @@ int zd_mac_rx(struct ieee80211_hw *hw, c
/* Caller has to ensure that length >= sizeof(struct rx_status). */
status = (struct rx_status *)
(buffer + (length - sizeof(struct rx_status)));
- if (status->frame_status & ZD_RX_ERROR) {
+ if ((status->frame_status & ZD_RX_ERROR) ||
+ (status->frame_status & ~0x21)) {
if (mac->pass_failed_fcs &&
(status->frame_status & ZD_RX_CRC32_ERROR)) {
stats.flag |= RX_FLAG_FAILED_FCS_CRC;
@@ -1400,7 +1406,7 @@ struct ieee80211_hw *zd_mac_alloc_hw(str
ieee80211_hw_set(hw, MFP_CAPABLE);
ieee80211_hw_set(hw, HOST_BROADCAST_PS_BUFFERING);
ieee80211_hw_set(hw, RX_INCLUDES_FCS);
- ieee80211_hw_set(hw, SIGNAL_UNSPEC);
+ ieee80211_hw_set(hw, SIGNAL_DBM);
hw->wiphy->interface_modes =
BIT(NL80211_IFTYPE_MESH_POINT) |
--- a/drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c
+++ b/drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c
@@ -251,8 +251,17 @@ static void rtl8187_tx(struct ieee80211_
flags |= RTL818X_TX_DESC_FLAG_NO_ENC;
flags |= ieee80211_get_tx_rate(dev, info)->hw_value << 24;
+
+ // When this flag is set the firmware waits untill ALL fragments have
+ // reached the USB device. Then it sends the first fragment and waits
+ // for ACKS's. Of course in monitor mode it won't detect these ACK's.
if (ieee80211_has_morefrags(tx_hdr->frame_control))
- flags |= RTL818X_TX_DESC_FLAG_MOREFRAG;
+ {
+ // If info->control.vif is NULL it's most likely in monitor mode
+ if (likely(info->control.vif != NULL && info->control.vif->type != NL80211_IFTYPE_MONITOR)) {
+ flags |= RTL818X_TX_DESC_FLAG_MOREFRAG;
+ }
+ }
/* HW will perform RTS-CTS when only RTS flags is set.
* HW will perform CTS-to-self when both RTS and CTS flags are set.
From c46a994dd78befbe94e66771db41c18351be2aae Mon Sep 17 00:00:00 2001
From: Steve deRosier <derosier@cal-sierra.com>
Date: Fri, 29 Sep 2017 10:48:19 -0700
Subject: [PATCH] wireless: carl9170: Enable sniffer mode promisc flag to fix
injection
The removal of the AR9170_MAC_SNIFFER_ENABLE_PROMISC flag to fix an issue
many years ago caused the AR9170 to not be able to pass probe response
packets with different MAC addresses back up to the driver. In general
operation, this doesn't matter, but in the case of packet injection with
aireplay-ng it is important. aireplay-ng specifically injects packets with
spoofed MAC addresses on the probe requests and looks for probe responses
back to those addresses. No other combination of filter flags seem to fix
this issue and so AR9170_MAC_SNIFFER_ENABLE is required to get these packets.
This was originally caused by commit e0509d3bdd7365d06c9bf570bf9f11 which
removed this flag in order to avoid spurious ack noise from the hardware.
In testing for this issue, keeping this flag but not restoring the
AR9170_MAC_RX_CTRL_ACK_IN_SNIFFER flag on the rc_ctrl seems to solve this
issue, at least with the most current firmware v1.9.9.
Signed-off-by: Steve deRosier <derosier@cal-sierra.com>
---
drivers/net/wireless/ath/carl9170/mac.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/net/wireless/ath/carl9170/mac.c b/drivers/net/wireless/ath/carl9170/mac.c
index 7d4a72dc98db..c617e883f47a 100644
--- a/drivers/net/wireless/ath/carl9170/mac.c
+++ b/drivers/net/wireless/ath/carl9170/mac.c
@@ -309,6 +309,7 @@ int carl9170_set_operating_mode(struct ar9170 *ar)
u32 rx_ctrl = AR9170_MAC_RX_CTRL_DEAGG |
AR9170_MAC_RX_CTRL_SHORT_FILTER;
u32 sniffer = AR9170_MAC_SNIFFER_DEFAULTS;
+ u32 mac_ftf = AR9170_MAC_FTF_DEFAULTS;
int err = 0;
rcu_read_lock();
@@ -373,6 +374,9 @@ int carl9170_set_operating_mode(struct ar9170 *ar)
if (ar->sniffer_enabled) {
enc_mode |= AR9170_MAC_ENCRYPTION_RX_SOFTWARE;
+ mac_ftf = AR9170_MAC_FTF_MONITOR;
+ sniffer |= AR9170_MAC_SNIFFER_ENABLE_PROMISC;
+ mac_addr = NULL;
}
err = carl9170_set_mac_reg(ar, AR9170_MAC_REG_MAC_ADDR_L, mac_addr);
@@ -384,6 +388,7 @@ int carl9170_set_operating_mode(struct ar9170 *ar)
return err;
carl9170_regwrite_begin(ar);
+ carl9170_regwrite(AR9170_MAC_REG_FRAMETYPE_FILTER, mac_ftf);
carl9170_regwrite(AR9170_MAC_REG_SNIFFER, sniffer);
carl9170_regwrite(AR9170_MAC_REG_CAM_MODE, cam_mode);
carl9170_regwrite(AR9170_MAC_REG_ENCRYPTION, enc_mode);
--
2.14.1
......@@ -29,6 +29,10 @@ features/all/aufs4/aufs4-base.patch
features/all/aufs4/aufs4-mmap.patch
features/all/aufs4/aufs4-standalone.patch
# Parrot changes
features/all/wifi-injection.patch
features/all/wireless-carl9170-Enable-sniffer-mode-promisc-flag-t.patch
# Change some defaults for security reasons
debian/af_802154-Disable-auto-loading-as-mitigation-against.patch
debian/rds-Disable-auto-loading-as-mitigation-against-local.patch
......
Section: kernel
Priority: optional
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Uploaders: Bastian Blank <waldi@debian.org>, maximilian attems <maks@debian.org>, Ben Hutchings <ben@decadent.org.uk>, Salvatore Bonaccorso <carnil@debian.org>
Maintainer: Parrot Dev Team <team@parrotsec.org>
Uploaders: Lorenzo "Palinuro" Faletra <palinuro@parrotsec.org>
Standards-Version: 4.1.1
Build-Depends:
debhelper (>= 10.1~), dh-exec,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment