On Fri, Mar 06, 2020 at 10:47:44AM +0100, Stefan Sperling wrote:
> 802.11 frame sequence numbers are in the range 0x0 - 0xfff.
>
> Don't let internal representations of sequence numbers grow beyond 0xfff.
>
> ok?
>
> diff 582540bcd55abf4efa3abe8c23ebc7f3c247245d
> ba499e0f519999b139f9ad6d4b4ea18cbf56bd93
> blob - 808b6e1f46b777ea408561c0fbf511e79d477c54
> blob + 6c8057426973640ab03af4ec061adfa1d3c695bf
> --- sys/net80211/ieee80211_output.c
> +++ sys/net80211/ieee80211_output.c
> @@ -190,7 +190,7 @@ ieee80211_mgmt_output(struct ifnet *ifp, struct ieee80
> *(u_int16_t *)&wh->i_dur[0] = 0;
> *(u_int16_t *)&wh->i_seq[0] =
> htole16(ni->ni_txseq << IEEE80211_SEQ_SEQ_SHIFT);
> - ni->ni_txseq++;
> + ni->ni_txseq = (ni->ni_txseq + 1) & 0xfff;
> IEEE80211_ADDR_COPY(wh->i_addr1, ni->ni_macaddr);
> IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr);
> IEEE80211_ADDR_COPY(wh->i_addr3, ni->ni_bssid);
> @@ -623,11 +623,11 @@ ieee80211_encap(struct ifnet *ifp, struct mbuf *m, str
> *(u_int16_t *)qwh->i_qos = htole16(qos);
> *(u_int16_t *)qwh->i_seq =
> htole16(ni->ni_qos_txseqs[tid] << IEEE80211_SEQ_SEQ_SHIFT);
> - ni->ni_qos_txseqs[tid]++;
> + ni->ni_qos_txseqs[tid] = (ni->ni_qos_txseqs[tid] + 1) & 0xfff;
> } else {
> *(u_int16_t *)&wh->i_seq[0] =
> htole16(ni->ni_txseq << IEEE80211_SEQ_SEQ_SHIFT);
> - ni->ni_txseq++;
> + ni->ni_txseq = (ni->ni_txseq + 1) & 0xfff;
> }
> switch (ic->ic_opmode) {
> case IEEE80211_M_STA:
>
Makes sense. ok tobhe@
