From: Ramya Gnanasekar ramya.gnanasekar@oss.qualcomm.com
[ Upstream commit e53f8b12a21c2974b66fa8c706090182da06fff3 ]
Currently, when adding the 6 GHz Band Capabilities element, the channel list of the wiphy is checked to determine if 6 GHz is supported for a given virtual interface. However, in a multi-radio wiphy (e.g., one that has both lower bands and 6 GHz combined), the wiphy advertises support for all bands. As a result, the 6 GHz Band Capabilities element is incorrectly included in mesh beacon and station's association request frames of interfaces operating in lower bands, without verifying whether the interface is actually operating in a 6 GHz channel.
Fix this by verifying if the interface operates on 6 GHz channel before adding the element. Note that this check cannot be placed directly in ieee80211_put_he_6ghz_cap() as the same function is used to add probe request elements while initiating scan in which case the interface may not be operating in any band's channel.
Signed-off-by: Ramya Gnanasekar ramya.gnanasekar@oss.qualcomm.com Signed-off-by: Rameshkumar Sundaram rameshkumar.sundaram@oss.qualcomm.com Link: https://patch.msgid.link/20250606104436.326654-1-rameshkumar.sundaram@oss.qu... Signed-off-by: Johannes Berg johannes.berg@intel.com Signed-off-by: Sasha Levin sashal@kernel.org ---
LLM Generated explanations, may be completely bogus:
YES
- What it fixes: On multi-radio wiphys, mac80211 could incorrectly include the HE 6 GHz Band Capabilities element in frames while the interface operates on 2.4/5 GHz. This misadvertises capabilities and can cause interop issues (e.g., peers misinterpreting the association or mesh beacon content).
- Station assoc request gating (mlme.c): The call to add the HE 6 GHz Band Capabilities IE is now correctly gated to only when the association channel is 6 GHz. This uses the per-link association channel to derive `sband` and checks the band before adding the IE: - `sband` selection tied to the AP’s channel: net/mac80211/mlme.c:1768 - Gate before adding the IE: net/mac80211/mlme.c:1862 - Only add if 6 GHz: net/mac80211/mlme.c:1863
- Mesh beacon gating (mesh.c): The mesh beacon builder now adds the HE 6 GHz Band Capabilities element only when the mesh interface operates on a 6 GHz channel, not merely if the wiphy supports 6 GHz: - Get current sband, error if missing: net/mac80211/mesh.c:623 - Early return if not 6 GHz: net/mac80211/mesh.c:627 - Only then add the IE: net/mac80211/mesh.c:636 - This function is used when composing the mesh beacon tail: net/mac80211/mesh.c:1119
- Why not move the check into ieee80211_put_he_6ghz_cap(): That helper is intentionally band-agnostic and is also used in probe requests during scan, where the interface may not be operating on a specific band. Probe requests still (correctly) include the 6 GHz capability if the device supports it: - Probe request builder unconditionally uses the helper: net/mac80211/util.c:1368 - The helper itself checks 6 GHz device/wiphy support, not current operating band: net/mac80211/util.c:2585, net/mac80211/util.c:2590
- Risk and scope: The change is small, local, and surgical. It only adds band checks at the two call sites that build management frames tied to a specific operating channel (association requests and mesh beacons). No data structures or driver interfaces change. On 6 GHz operation the behavior is unchanged; on lower bands the incorrect element is no longer advertised. This reduces interop failures and aligns with 802.11 requirements.
- Stable suitability: This is a correctness/interop bugfix, not a feature; it is minimal and contained to mac80211 management IE composition. It follows stable backport guidelines (important bug fix, low regression risk, no architectural changes).
net/mac80211/mesh.c | 3 +++ net/mac80211/mlme.c | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c index a4a715f6f1c32..f37068a533f4e 100644 --- a/net/mac80211/mesh.c +++ b/net/mac80211/mesh.c @@ -624,6 +624,9 @@ int mesh_add_he_6ghz_cap_ie(struct ieee80211_sub_if_data *sdata, if (!sband) return -EINVAL;
+ if (sband->band != NL80211_BAND_6GHZ) + return 0; + iftd = ieee80211_get_sband_iftype_data(sband, NL80211_IFTYPE_MESH_POINT); /* The device doesn't support HE in mesh mode or at all */ diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index b0575604ce71c..0f2d2fec05426 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -1850,7 +1850,8 @@ ieee80211_add_link_elems(struct ieee80211_sub_if_data *sdata, ieee80211_put_he_cap(skb, sdata, sband, &assoc_data->link[link_id].conn); ADD_PRESENT_EXT_ELEM(WLAN_EID_EXT_HE_CAPABILITY); - ieee80211_put_he_6ghz_cap(skb, sdata, smps_mode); + if (sband->band == NL80211_BAND_6GHZ) + ieee80211_put_he_6ghz_cap(skb, sdata, smps_mode); }
/*