diff options
author | Johannes Berg <johannes@sipsolutions.net> | 2008-01-28 11:19:37 -0500 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2008-02-29 15:19:33 -0500 |
commit | 238814fd9a9624e3076c47ef0c003101927c7818 (patch) | |
tree | 634070fcdd922cc8992ecb52147d0efc3e3cf574 /net | |
parent | 69d464d5938ca0f4fb3447b3e32872e0ca79efc1 (diff) |
mac80211: remove port control enable switch, clean up sta flags
This patch removes the 802.1X port acess control enable flag
since it is not required. Instead, set the authorized flag for
each station that we normally communicate with (WDS peers, IBSS
peers and APs we're associated to) and require hostapd to set
the authorized flag for all stations when port control is not
enabled.
Also, since I was working in that area, this documents station
flags and removes the unused "permanent" one.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/mac80211/debugfs_netdev.c | 9 | ||||
-rw-r--r-- | net/mac80211/debugfs_sta.c | 3 | ||||
-rw-r--r-- | net/mac80211/ieee80211.c | 3 | ||||
-rw-r--r-- | net/mac80211/ieee80211_i.h | 9 | ||||
-rw-r--r-- | net/mac80211/ieee80211_sta.c | 5 | ||||
-rw-r--r-- | net/mac80211/rx.c | 8 | ||||
-rw-r--r-- | net/mac80211/sta_info.h | 44 | ||||
-rw-r--r-- | net/mac80211/tx.c | 8 |
8 files changed, 44 insertions, 45 deletions
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c index 829872a3ae81..29f7b98ba1fb 100644 --- a/net/mac80211/debugfs_netdev.c +++ b/net/mac80211/debugfs_netdev.c | |||
@@ -91,7 +91,6 @@ static const struct file_operations name##_ops = { \ | |||
91 | /* common attributes */ | 91 | /* common attributes */ |
92 | IEEE80211_IF_FILE(channel_use, channel_use, DEC); | 92 | IEEE80211_IF_FILE(channel_use, channel_use, DEC); |
93 | IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); | 93 | IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); |
94 | IEEE80211_IF_FILE(ieee802_1x_pac, ieee802_1x_pac, DEC); | ||
95 | 94 | ||
96 | /* STA/IBSS attributes */ | 95 | /* STA/IBSS attributes */ |
97 | IEEE80211_IF_FILE(state, u.sta.state, DEC); | 96 | IEEE80211_IF_FILE(state, u.sta.state, DEC); |
@@ -148,7 +147,6 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata) | |||
148 | { | 147 | { |
149 | DEBUGFS_ADD(channel_use, sta); | 148 | DEBUGFS_ADD(channel_use, sta); |
150 | DEBUGFS_ADD(drop_unencrypted, sta); | 149 | DEBUGFS_ADD(drop_unencrypted, sta); |
151 | DEBUGFS_ADD(ieee802_1x_pac, sta); | ||
152 | DEBUGFS_ADD(state, sta); | 150 | DEBUGFS_ADD(state, sta); |
153 | DEBUGFS_ADD(bssid, sta); | 151 | DEBUGFS_ADD(bssid, sta); |
154 | DEBUGFS_ADD(prev_bssid, sta); | 152 | DEBUGFS_ADD(prev_bssid, sta); |
@@ -169,7 +167,6 @@ static void add_ap_files(struct ieee80211_sub_if_data *sdata) | |||
169 | { | 167 | { |
170 | DEBUGFS_ADD(channel_use, ap); | 168 | DEBUGFS_ADD(channel_use, ap); |
171 | DEBUGFS_ADD(drop_unencrypted, ap); | 169 | DEBUGFS_ADD(drop_unencrypted, ap); |
172 | DEBUGFS_ADD(ieee802_1x_pac, ap); | ||
173 | DEBUGFS_ADD(num_sta_ps, ap); | 170 | DEBUGFS_ADD(num_sta_ps, ap); |
174 | DEBUGFS_ADD(dtim_count, ap); | 171 | DEBUGFS_ADD(dtim_count, ap); |
175 | DEBUGFS_ADD(num_beacons, ap); | 172 | DEBUGFS_ADD(num_beacons, ap); |
@@ -182,7 +179,6 @@ static void add_wds_files(struct ieee80211_sub_if_data *sdata) | |||
182 | { | 179 | { |
183 | DEBUGFS_ADD(channel_use, wds); | 180 | DEBUGFS_ADD(channel_use, wds); |
184 | DEBUGFS_ADD(drop_unencrypted, wds); | 181 | DEBUGFS_ADD(drop_unencrypted, wds); |
185 | DEBUGFS_ADD(ieee802_1x_pac, wds); | ||
186 | DEBUGFS_ADD(peer, wds); | 182 | DEBUGFS_ADD(peer, wds); |
187 | } | 183 | } |
188 | 184 | ||
@@ -190,7 +186,6 @@ static void add_vlan_files(struct ieee80211_sub_if_data *sdata) | |||
190 | { | 186 | { |
191 | DEBUGFS_ADD(channel_use, vlan); | 187 | DEBUGFS_ADD(channel_use, vlan); |
192 | DEBUGFS_ADD(drop_unencrypted, vlan); | 188 | DEBUGFS_ADD(drop_unencrypted, vlan); |
193 | DEBUGFS_ADD(ieee802_1x_pac, vlan); | ||
194 | } | 189 | } |
195 | 190 | ||
196 | static void add_monitor_files(struct ieee80211_sub_if_data *sdata) | 191 | static void add_monitor_files(struct ieee80211_sub_if_data *sdata) |
@@ -234,7 +229,6 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata) | |||
234 | { | 229 | { |
235 | DEBUGFS_DEL(channel_use, sta); | 230 | DEBUGFS_DEL(channel_use, sta); |
236 | DEBUGFS_DEL(drop_unencrypted, sta); | 231 | DEBUGFS_DEL(drop_unencrypted, sta); |
237 | DEBUGFS_DEL(ieee802_1x_pac, sta); | ||
238 | DEBUGFS_DEL(state, sta); | 232 | DEBUGFS_DEL(state, sta); |
239 | DEBUGFS_DEL(bssid, sta); | 233 | DEBUGFS_DEL(bssid, sta); |
240 | DEBUGFS_DEL(prev_bssid, sta); | 234 | DEBUGFS_DEL(prev_bssid, sta); |
@@ -255,7 +249,6 @@ static void del_ap_files(struct ieee80211_sub_if_data *sdata) | |||
255 | { | 249 | { |
256 | DEBUGFS_DEL(channel_use, ap); | 250 | DEBUGFS_DEL(channel_use, ap); |
257 | DEBUGFS_DEL(drop_unencrypted, ap); | 251 | DEBUGFS_DEL(drop_unencrypted, ap); |
258 | DEBUGFS_DEL(ieee802_1x_pac, ap); | ||
259 | DEBUGFS_DEL(num_sta_ps, ap); | 252 | DEBUGFS_DEL(num_sta_ps, ap); |
260 | DEBUGFS_DEL(dtim_count, ap); | 253 | DEBUGFS_DEL(dtim_count, ap); |
261 | DEBUGFS_DEL(num_beacons, ap); | 254 | DEBUGFS_DEL(num_beacons, ap); |
@@ -268,7 +261,6 @@ static void del_wds_files(struct ieee80211_sub_if_data *sdata) | |||
268 | { | 261 | { |
269 | DEBUGFS_DEL(channel_use, wds); | 262 | DEBUGFS_DEL(channel_use, wds); |
270 | DEBUGFS_DEL(drop_unencrypted, wds); | 263 | DEBUGFS_DEL(drop_unencrypted, wds); |
271 | DEBUGFS_DEL(ieee802_1x_pac, wds); | ||
272 | DEBUGFS_DEL(peer, wds); | 264 | DEBUGFS_DEL(peer, wds); |
273 | } | 265 | } |
274 | 266 | ||
@@ -276,7 +268,6 @@ static void del_vlan_files(struct ieee80211_sub_if_data *sdata) | |||
276 | { | 268 | { |
277 | DEBUGFS_DEL(channel_use, vlan); | 269 | DEBUGFS_DEL(channel_use, vlan); |
278 | DEBUGFS_DEL(drop_unencrypted, vlan); | 270 | DEBUGFS_DEL(drop_unencrypted, vlan); |
279 | DEBUGFS_DEL(ieee802_1x_pac, vlan); | ||
280 | } | 271 | } |
281 | 272 | ||
282 | static void del_monitor_files(struct ieee80211_sub_if_data *sdata) | 273 | static void del_monitor_files(struct ieee80211_sub_if_data *sdata) |
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c index 49660f4e845d..ac61353ae7ce 100644 --- a/net/mac80211/debugfs_sta.c +++ b/net/mac80211/debugfs_sta.c | |||
@@ -74,12 +74,11 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf, | |||
74 | { | 74 | { |
75 | char buf[100]; | 75 | char buf[100]; |
76 | struct sta_info *sta = file->private_data; | 76 | struct sta_info *sta = file->private_data; |
77 | int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s%s", | 77 | int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s", |
78 | sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "", | 78 | sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "", |
79 | sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "", | 79 | sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "", |
80 | sta->flags & WLAN_STA_PS ? "PS\n" : "", | 80 | sta->flags & WLAN_STA_PS ? "PS\n" : "", |
81 | sta->flags & WLAN_STA_TIM ? "TIM\n" : "", | 81 | sta->flags & WLAN_STA_TIM ? "TIM\n" : "", |
82 | sta->flags & WLAN_STA_PERM ? "PERM\n" : "", | ||
83 | sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", | 82 | sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", |
84 | sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", | 83 | sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", |
85 | sta->flags & WLAN_STA_WME ? "WME\n" : "", | 84 | sta->flags & WLAN_STA_WME ? "WME\n" : "", |
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c index de894b61a23c..cb09931af86a 100644 --- a/net/mac80211/ieee80211.c +++ b/net/mac80211/ieee80211.c | |||
@@ -804,6 +804,9 @@ int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr) | |||
804 | sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL); | 804 | sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL); |
805 | if (!sta) | 805 | if (!sta) |
806 | return -ENOMEM; | 806 | return -ENOMEM; |
807 | |||
808 | sta->flags |= WLAN_STA_AUTHORIZED; | ||
809 | |||
807 | sta_info_put(sta); | 810 | sta_info_put(sta); |
808 | 811 | ||
809 | /* Remove STA entry for the old peer */ | 812 | /* Remove STA entry for the old peer */ |
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 54eea5f24474..ac802feb7655 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h | |||
@@ -305,11 +305,6 @@ struct ieee80211_sub_if_data { | |||
305 | unsigned int flags; | 305 | unsigned int flags; |
306 | 306 | ||
307 | int drop_unencrypted; | 307 | int drop_unencrypted; |
308 | /* | ||
309 | * IEEE 802.1X Port access control in effect, | ||
310 | * drop packets to/from unauthorized port | ||
311 | */ | ||
312 | int ieee802_1x_pac; | ||
313 | 308 | ||
314 | /* | 309 | /* |
315 | * basic rates of this AP or the AP we're associated to | 310 | * basic rates of this AP or the AP we're associated to |
@@ -352,7 +347,6 @@ struct ieee80211_sub_if_data { | |||
352 | struct { | 347 | struct { |
353 | struct dentry *channel_use; | 348 | struct dentry *channel_use; |
354 | struct dentry *drop_unencrypted; | 349 | struct dentry *drop_unencrypted; |
355 | struct dentry *ieee802_1x_pac; | ||
356 | struct dentry *state; | 350 | struct dentry *state; |
357 | struct dentry *bssid; | 351 | struct dentry *bssid; |
358 | struct dentry *prev_bssid; | 352 | struct dentry *prev_bssid; |
@@ -371,7 +365,6 @@ struct ieee80211_sub_if_data { | |||
371 | struct { | 365 | struct { |
372 | struct dentry *channel_use; | 366 | struct dentry *channel_use; |
373 | struct dentry *drop_unencrypted; | 367 | struct dentry *drop_unencrypted; |
374 | struct dentry *ieee802_1x_pac; | ||
375 | struct dentry *num_sta_ps; | 368 | struct dentry *num_sta_ps; |
376 | struct dentry *dtim_count; | 369 | struct dentry *dtim_count; |
377 | struct dentry *num_beacons; | 370 | struct dentry *num_beacons; |
@@ -382,13 +375,11 @@ struct ieee80211_sub_if_data { | |||
382 | struct { | 375 | struct { |
383 | struct dentry *channel_use; | 376 | struct dentry *channel_use; |
384 | struct dentry *drop_unencrypted; | 377 | struct dentry *drop_unencrypted; |
385 | struct dentry *ieee802_1x_pac; | ||
386 | struct dentry *peer; | 378 | struct dentry *peer; |
387 | } wds; | 379 | } wds; |
388 | struct { | 380 | struct { |
389 | struct dentry *channel_use; | 381 | struct dentry *channel_use; |
390 | struct dentry *drop_unencrypted; | 382 | struct dentry *drop_unencrypted; |
391 | struct dentry *ieee802_1x_pac; | ||
392 | } vlan; | 383 | } vlan; |
393 | struct { | 384 | struct { |
394 | struct dentry *mode; | 385 | struct dentry *mode; |
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c index 0d5e3fee8e53..dac02d001ef0 100644 --- a/net/mac80211/ieee80211_sta.c +++ b/net/mac80211/ieee80211_sta.c | |||
@@ -1828,7 +1828,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, | |||
1828 | } | 1828 | } |
1829 | 1829 | ||
1830 | sta->dev = dev; | 1830 | sta->dev = dev; |
1831 | sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP; | 1831 | sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP | |
1832 | WLAN_STA_AUTHORIZED; | ||
1832 | 1833 | ||
1833 | rates = 0; | 1834 | rates = 0; |
1834 | basic_rates = 0; | 1835 | basic_rates = 0; |
@@ -3791,6 +3792,8 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev, | |||
3791 | if (!sta) | 3792 | if (!sta) |
3792 | return NULL; | 3793 | return NULL; |
3793 | 3794 | ||
3795 | sta->flags |= WLAN_STA_AUTHORIZED; | ||
3796 | |||
3794 | sta->supp_rates[local->hw.conf.channel->band] = | 3797 | sta->supp_rates[local->hw.conf.channel->band] = |
3795 | sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band]; | 3798 | sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band]; |
3796 | 3799 | ||
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index c9ff98a93211..0989c212b7c2 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c | |||
@@ -987,11 +987,11 @@ ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx) | |||
987 | static int | 987 | static int |
988 | ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx) | 988 | ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx) |
989 | { | 989 | { |
990 | if (unlikely(rx->sdata->ieee802_1x_pac && | 990 | if (unlikely(!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED))) { |
991 | (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)))) { | ||
992 | #ifdef CONFIG_MAC80211_DEBUG | 991 | #ifdef CONFIG_MAC80211_DEBUG |
993 | printk(KERN_DEBUG "%s: dropped frame " | 992 | if (net_ratelimit()) |
994 | "(unauthorized port)\n", rx->dev->name); | 993 | printk(KERN_DEBUG "%s: dropped frame " |
994 | "(unauthorized port)\n", rx->dev->name); | ||
995 | #endif /* CONFIG_MAC80211_DEBUG */ | 995 | #endif /* CONFIG_MAC80211_DEBUG */ |
996 | return -EACCES; | 996 | return -EACCES; |
997 | } | 997 | } |
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h index 3573743dfa59..19f3fb412940 100644 --- a/net/mac80211/sta_info.h +++ b/net/mac80211/sta_info.h | |||
@@ -15,21 +15,35 @@ | |||
15 | #include <linux/kref.h> | 15 | #include <linux/kref.h> |
16 | #include "ieee80211_key.h" | 16 | #include "ieee80211_key.h" |
17 | 17 | ||
18 | /* Stations flags (struct sta_info::flags) */ | 18 | /** |
19 | #define WLAN_STA_AUTH BIT(0) | 19 | * enum ieee80211_sta_info_flags - Stations flags |
20 | #define WLAN_STA_ASSOC BIT(1) | 20 | * |
21 | #define WLAN_STA_PS BIT(2) | 21 | * These flags are used with &struct sta_info's @flags member. |
22 | #define WLAN_STA_TIM BIT(3) /* TIM bit is on for PS stations */ | 22 | * |
23 | #define WLAN_STA_PERM BIT(4) /* permanent; do not remove entry on expiration */ | 23 | * @WLAN_STA_AUTH: Station is authenticated. |
24 | #define WLAN_STA_AUTHORIZED BIT(5) /* If 802.1X is used, this flag is | 24 | * @WLAN_STA_ASSOC: Station is associated. |
25 | * controlling whether STA is authorized to | 25 | * @WLAN_STA_PS: Station is in power-save mode |
26 | * send and receive non-IEEE 802.1X frames | 26 | * @WLAN_STA_TIM: TIM bit is on for this PS station (traffic buffered) |
27 | */ | 27 | * @WLAN_STA_AUTHORIZED: Station is authorized to send/receive traffic. |
28 | #define WLAN_STA_SHORT_PREAMBLE BIT(7) | 28 | * This bit is always checked so needs to be enabled for all stations |
29 | /* whether this is an AP that we are associated with as a client */ | 29 | * when virtual port control is not in use. |
30 | #define WLAN_STA_ASSOC_AP BIT(8) | 30 | * @WLAN_STA_SHORT_PREAMBLE: Station is capable of receiving short-preamble |
31 | #define WLAN_STA_WME BIT(9) | 31 | * frames. |
32 | #define WLAN_STA_WDS BIT(27) | 32 | * @WLAN_STA_ASSOC_AP: We're associated to that station, it is an AP. |
33 | * @WLAN_STA_WME: Station is a QoS-STA. | ||
34 | * @WLAN_STA_WDS: Station is one of our WDS peers. | ||
35 | */ | ||
36 | enum ieee80211_sta_info_flags { | ||
37 | WLAN_STA_AUTH = 1<<0, | ||
38 | WLAN_STA_ASSOC = 1<<1, | ||
39 | WLAN_STA_PS = 1<<2, | ||
40 | WLAN_STA_TIM = 1<<3, | ||
41 | WLAN_STA_AUTHORIZED = 1<<4, | ||
42 | WLAN_STA_SHORT_PREAMBLE = 1<<5, | ||
43 | WLAN_STA_ASSOC_AP = 1<<6, | ||
44 | WLAN_STA_WME = 1<<7, | ||
45 | WLAN_STA_WDS = 1<<8, | ||
46 | }; | ||
33 | 47 | ||
34 | #define STA_TID_NUM 16 | 48 | #define STA_TID_NUM 16 |
35 | #define ADDBA_RESP_INTERVAL HZ | 49 | #define ADDBA_RESP_INTERVAL HZ |
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index 9e5359991985..2b4746441232 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c | |||
@@ -1471,12 +1471,10 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb, | |||
1471 | } | 1471 | } |
1472 | 1472 | ||
1473 | /* | 1473 | /* |
1474 | * If port access control is enabled, drop unicast frames to | 1474 | * Drop unicast frames to unauthorised stations unless they are |
1475 | * unauthorised stations unless they are EAPOL frames from the | 1475 | * EAPOL frames from the local station. |
1476 | * local station. | ||
1477 | */ | 1476 | */ |
1478 | if (unlikely(sdata->ieee802_1x_pac && | 1477 | if (unlikely(!is_multicast_ether_addr(hdr.addr1) && |
1479 | !is_multicast_ether_addr(hdr.addr1) && | ||
1480 | !(sta_flags & WLAN_STA_AUTHORIZED) && | 1478 | !(sta_flags & WLAN_STA_AUTHORIZED) && |
1481 | !(ethertype == ETH_P_PAE && | 1479 | !(ethertype == ETH_P_PAE && |
1482 | compare_ether_addr(dev->dev_addr, | 1480 | compare_ether_addr(dev->dev_addr, |