[PATCH] DPP: Add driver listen notifications for push button mode
Jouni Malinen
j at w1.fi
Sat Jan 31 02:14:29 PST 2026
On Fri, Jan 30, 2026 at 04:16:35PM +0100, Janusz Dziedzic wrote:
> Configure driver RX filtering correctly for broadcast
> public action frames.
> diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c
> @@ -4000,6 +4001,7 @@ void hostapd_dpp_push_button_stop(struct hostapd_data *hapd)
> if (!ifaces || !ifaces->dpp)
> return;
> eloop_cancel_timeout(hostapd_dpp_push_button_expire, hapd, NULL);
> + hostapd_drv_dpp_listen(hapd, false);
This seems to cause memory corruption. For example, sae_pk hwsim test
case fails due to hostapd segmentation fault. I did not go through all
details, but something is wrong with nl80211_dpp_listen() getting called
when bss->nl_mgmt is not in suitable state for ELOOP_SOCKET_INVALID
unmasking.
> if (hostapd_dpp_pb_active(hapd)) {
> wpa_printf(MSG_DEBUG, "DPP: Stop active push button mode");
Maybe that call should be within this conditional location instead? Or
alternatively, some additional checks are needed elsewhere to avoid the
driver interface operation in undesired state.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list