* [PATCH] mac80211: only send control port frames over nl80211 control port
@ 2020-02-24 12:19 Markus Theil
2020-02-24 12:27 ` Johannes Berg
0 siblings, 1 reply; 3+ messages in thread
From: Markus Theil @ 2020-02-24 12:19 UTC (permalink / raw)
To: johannes; +Cc: linux-wireless, Markus Theil
As Jouni recently pointed out, the nl80211 control should only transmit
and receive EAPOL frames. This patch removes forwarding of
preauthentication frames over the control port. They are handled as
ordinary data frames again.
Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
---
net/mac80211/rx.c | 3 +--
net/mac80211/tx.c | 4 +---
2 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 6bd24123456d..9f586a60e783 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2496,8 +2496,7 @@ static void ieee80211_deliver_skb_to_local_stack(struct sk_buff *skb,
struct ieee80211_sub_if_data *sdata = rx->sdata;
struct net_device *dev = sdata->dev;
- if (unlikely((skb->protocol == sdata->control_port_protocol ||
- skb->protocol == cpu_to_be16(ETH_P_PREAUTH)) &&
+ if (unlikely(skb->protocol == sdata->control_port_protocol &&
sdata->control_port_over_nl80211)) {
struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
bool noencrypt = !(status->flag & RX_FLAG_DECRYPTED);
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 83147385c200..571e7b08bac6 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -5317,10 +5317,8 @@ int ieee80211_tx_control_port(struct wiphy *wiphy, struct net_device *dev,
u32 flags;
/* Only accept CONTROL_PORT_PROTOCOL configured in CONNECT/ASSOCIATE
- * or Pre-Authentication
*/
- if (proto != sdata->control_port_protocol &&
- proto != cpu_to_be16(ETH_P_PREAUTH))
+ if (proto != sdata->control_port_protocol)
return -EINVAL;
if (unencrypted)
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] mac80211: only send control port frames over nl80211 control port
2020-02-24 12:19 [PATCH] mac80211: only send control port frames over nl80211 control port Markus Theil
@ 2020-02-24 12:27 ` Johannes Berg
2020-02-24 12:39 ` Markus Theil
0 siblings, 1 reply; 3+ messages in thread
From: Johannes Berg @ 2020-02-24 12:27 UTC (permalink / raw)
To: Markus Theil; +Cc: linux-wireless
On Mon, 2020-02-24 at 13:19 +0100, Markus Theil wrote:
> As Jouni recently pointed out, the nl80211 control should only transmit
> and receive EAPOL frames. This patch removes forwarding of
> preauthentication frames over the control port. They are handled as
> ordinary data frames again.
Yeah, we need to do something like this, but this will break iwd as it
relies on this RX path when the feature flag is set.
johannes
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] mac80211: only send control port frames over nl80211 control port
2020-02-24 12:27 ` Johannes Berg
@ 2020-02-24 12:39 ` Markus Theil
0 siblings, 0 replies; 3+ messages in thread
From: Markus Theil @ 2020-02-24 12:39 UTC (permalink / raw)
To: Johannes Berg; +Cc: linux-wireless
On 2/24/20 1:27 PM, Johannes Berg wrote:
> On Mon, 2020-02-24 at 13:19 +0100, Markus Theil wrote:
>> As Jouni recently pointed out, the nl80211 control should only transmit
>> and receive EAPOL frames. This patch removes forwarding of
>> preauthentication frames over the control port. They are handled as
>> ordinary data frames again.
> Yeah, we need to do something like this, but this will break iwd as it
> relies on this RX path when the feature flag is set.
>
> johannes
>
Ok, thanks for pointing this out.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-02-24 12:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-24 12:19 [PATCH] mac80211: only send control port frames over nl80211 control port Markus Theil
2020-02-24 12:27 ` Johannes Berg
2020-02-24 12:39 ` Markus Theil
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).