[PATCH] mac80211: fix EAPoL rekey fail in 802.3 rx path
Johannes Berg
johannes at sipsolutions.net
Sat Feb 12 11:13:07 PST 2022
On Sun, 2022-02-13 at 00:20 +0800, Deren Wu wrote:
> From: Deren Wu <deren.wu at mediatek.com>
>
> mac80211 set capability NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211
> to upper layer by default. That means we should pass EAPoL packets through
> nl80211 path only, and should not send the EAPoL skb to netdevice diretly.
> At the meanwhile, wpa_supplicant would not regist sock to listen EAPoL skb
> on the netdevice.
>
> However, there is no contorl_port_protocol handler in mac80211 for 802.3 RX
> packets, mac80211 driver would pass up the EAPoL rekey frame to netdevice
> and wpa_supplicant would be never interactive with this kind of packets,
> if SUPPORTS_RX_DECAP_OFFLOAD is enabled. This causes STA always rekey fail
> if EAPoL frame go through 802.3 path.
>
> To avoid this problem, align the same process as 802.11 type to handle
> this frame before put it into network stack.
>
> Fixes: 80a915ec4427 ("mac80211: add rx decapsulation offload support")
> Signed-off-by: Deren Wu <deren.wu at mediatek.com>
> ---
> net/mac80211/rx.c | 7 +------
> 1 file changed, 1 insertion(+), 6 deletions(-)
>
> diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
> index 0544563ede52..57f5d5500282 100644
> --- a/net/mac80211/rx.c
> +++ b/net/mac80211/rx.c
> @@ -4509,12 +4509,7 @@ static void ieee80211_rx_8023(struct ieee80211_rx_data *rx,
>
> /* deliver to local stack */
> skb->protocol = eth_type_trans(skb, fast_rx->dev);
> - memset(skb->cb, 0, sizeof(skb->cb));
> - if (rx->list)
> - list_add_tail(&skb->list, rx->list);
> - else
> - netif_receive_skb(skb);
> -
> + ieee80211_deliver_skb_to_local_stack(skb, rx);
> }
This looks like a really good idea even for the security fix in
ieee80211_deliver_skb_to_local_stack() ... :)
johannes
More information about the Linux-mediatek
mailing list