mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2025-01-10 17:52:36 +01:00
eapol: Receive frames with the Preauthentication ethertype
Modify the packet filter to also accept frames with ethertype of 0x88c7 and pass the ethertype value to __eapol_rx_packet so it can filter out the frames where this value doesn't match the sm->preauth flag.
This commit is contained in:
parent
0a4bd616c2
commit
c0ae9e3577
20
src/eapol.c
20
src/eapol.c
@ -54,18 +54,19 @@ void *tx_user_data;
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* BPF filter to match skb->dev->type == 1 (ARPHRD_ETHER) and
|
* BPF filter to match skb->dev->type == 1 (ARPHRD_ETHER) and
|
||||||
* match skb->protocol == 0x888e (PAE).
|
* match skb->protocol == 0x888e (PAE) or 0x88c7 (preauthentication).
|
||||||
*/
|
*/
|
||||||
static struct sock_filter pae_filter[] = {
|
static struct sock_filter pae_filter[] = {
|
||||||
{ 0x28, 0, 0, 0xfffff01c }, /* ldh #hatype */
|
{ 0x28, 0, 0, 0xfffff01c }, /* ldh #hatype */
|
||||||
{ 0x15, 0, 3, 0x00000001 }, /* jne #1, drop */
|
{ 0x15, 0, 4, 0x00000001 }, /* jne #1, drop */
|
||||||
{ 0x28, 0, 0, 0xfffff000 }, /* ldh #proto */
|
{ 0x28, 0, 0, 0xfffff000 }, /* ldh #proto */
|
||||||
{ 0x15, 0, 1, 0x0000888e }, /* jne #0x888e, drop */
|
{ 0x15, 1, 0, 0x0000888e }, /* je #0x888e, keep */
|
||||||
{ 0x06, 0, 0, 0xffffffff }, /* ret #-1 */
|
{ 0x15, 0, 1, 0x000088c7 }, /* jne #0x88c7, drop */
|
||||||
|
{ 0x06, 0, 0, 0xffffffff }, /* keep: ret #-1 */
|
||||||
{ 0x06, 0, 0, 0000000000 }, /* drop: ret #0 */
|
{ 0x06, 0, 0, 0000000000 }, /* drop: ret #0 */
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct sock_fprog pae_fprog = { .len = 6, .filter = pae_filter };
|
static const struct sock_fprog pae_fprog = { .len = 7, .filter = pae_filter };
|
||||||
|
|
||||||
static struct l_io *pae_open(void)
|
static struct l_io *pae_open(void)
|
||||||
{
|
{
|
||||||
@ -110,7 +111,8 @@ static bool pae_read(struct l_io *io, void *user_data)
|
|||||||
if (sll.sll_halen != ETH_ALEN)
|
if (sll.sll_halen != ETH_ALEN)
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
__eapol_rx_packet(sll.sll_ifindex, sll.sll_addr, frame, bytes);
|
__eapol_rx_packet(sll.sll_ifindex, sll.sll_addr,
|
||||||
|
ntohs(sll.sll_protocol), frame, bytes);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -1578,7 +1580,7 @@ static void eapol_rx_packet(struct eapol_sm *sm,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void __eapol_rx_packet(uint32_t ifindex, const uint8_t *aa,
|
void __eapol_rx_packet(uint32_t ifindex, const uint8_t *aa, uint16_t proto,
|
||||||
const uint8_t *frame, size_t len)
|
const uint8_t *frame, size_t len)
|
||||||
{
|
{
|
||||||
struct eapol_sm *sm = eapol_find_sm(ifindex, aa);
|
struct eapol_sm *sm = eapol_find_sm(ifindex, aa);
|
||||||
@ -1586,6 +1588,10 @@ void __eapol_rx_packet(uint32_t ifindex, const uint8_t *aa,
|
|||||||
if (!sm)
|
if (!sm)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
if ((proto != ETH_P_PAE && !sm->preauth) ||
|
||||||
|
(proto != 0x88c7 && sm->preauth))
|
||||||
|
return;
|
||||||
|
|
||||||
eapol_rx_packet(sm, frame, len);
|
eapol_rx_packet(sm, frame, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -160,7 +160,7 @@ struct eapol_key *eapol_create_gtk_2_of_2(
|
|||||||
uint64_t key_replay_counter,
|
uint64_t key_replay_counter,
|
||||||
bool is_wpa, uint8_t wpa_key_id);
|
bool is_wpa, uint8_t wpa_key_id);
|
||||||
|
|
||||||
void __eapol_rx_packet(uint32_t ifindex, const uint8_t *aa,
|
void __eapol_rx_packet(uint32_t ifindex, const uint8_t *aa, uint16_t proto,
|
||||||
const uint8_t *frame, size_t len);
|
const uint8_t *frame, size_t len);
|
||||||
void __eapol_set_tx_packet_func(eapol_tx_packet_func_t func);
|
void __eapol_set_tx_packet_func(eapol_tx_packet_func_t func);
|
||||||
void __eapol_set_tx_user_data(void *user_data);
|
void __eapol_set_tx_user_data(void *user_data);
|
||||||
|
Loading…
Reference in New Issue
Block a user