aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/mac80211/debugfs_netdev.c9
-rw-r--r--net/mac80211/debugfs_sta.c3
-rw-r--r--net/mac80211/ieee80211.c3
-rw-r--r--net/mac80211/ieee80211_i.h9
-rw-r--r--net/mac80211/ieee80211_sta.c5
-rw-r--r--net/mac80211/rx.c8
-rw-r--r--net/mac80211/sta_info.h44
-rw-r--r--net/mac80211/tx.c8
8 files changed, 44 insertions, 45 deletions
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index 829872a3ae81..29f7b98ba1fb 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -91,7 +91,6 @@ static const struct file_operations name##_ops = { \
91/* common attributes */ 91/* common attributes */
92IEEE80211_IF_FILE(channel_use, channel_use, DEC); 92IEEE80211_IF_FILE(channel_use, channel_use, DEC);
93IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); 93IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
94IEEE80211_IF_FILE(ieee802_1x_pac, ieee802_1x_pac, DEC);
95 94
96/* STA/IBSS attributes */ 95/* STA/IBSS attributes */
97IEEE80211_IF_FILE(state, u.sta.state, DEC); 96IEEE80211_IF_FILE(state, u.sta.state, DEC);
@@ -148,7 +147,6 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
148{ 147{
149 DEBUGFS_ADD(channel_use, sta); 148 DEBUGFS_ADD(channel_use, sta);
150 DEBUGFS_ADD(drop_unencrypted, sta); 149 DEBUGFS_ADD(drop_unencrypted, sta);
151 DEBUGFS_ADD(ieee802_1x_pac, sta);
152 DEBUGFS_ADD(state, sta); 150 DEBUGFS_ADD(state, sta);
153 DEBUGFS_ADD(bssid, sta); 151 DEBUGFS_ADD(bssid, sta);
154 DEBUGFS_ADD(prev_bssid, sta); 152 DEBUGFS_ADD(prev_bssid, sta);
@@ -169,7 +167,6 @@ static void add_ap_files(struct ieee80211_sub_if_data *sdata)
169{ 167{
170 DEBUGFS_ADD(channel_use, ap); 168 DEBUGFS_ADD(channel_use, ap);
171 DEBUGFS_ADD(drop_unencrypted, ap); 169 DEBUGFS_ADD(drop_unencrypted, ap);
172 DEBUGFS_ADD(ieee802_1x_pac, ap);
173 DEBUGFS_ADD(num_sta_ps, ap); 170 DEBUGFS_ADD(num_sta_ps, ap);
174 DEBUGFS_ADD(dtim_count, ap); 171 DEBUGFS_ADD(dtim_count, ap);
175 DEBUGFS_ADD(num_beacons, ap); 172 DEBUGFS_ADD(num_beacons, ap);
@@ -182,7 +179,6 @@ static void add_wds_files(struct ieee80211_sub_if_data *sdata)
182{ 179{
183 DEBUGFS_ADD(channel_use, wds); 180 DEBUGFS_ADD(channel_use, wds);
184 DEBUGFS_ADD(drop_unencrypted, wds); 181 DEBUGFS_ADD(drop_unencrypted, wds);
185 DEBUGFS_ADD(ieee802_1x_pac, wds);
186 DEBUGFS_ADD(peer, wds); 182 DEBUGFS_ADD(peer, wds);
187} 183}
188 184
@@ -190,7 +186,6 @@ static void add_vlan_files(struct ieee80211_sub_if_data *sdata)
190{ 186{
191 DEBUGFS_ADD(channel_use, vlan); 187 DEBUGFS_ADD(channel_use, vlan);
192 DEBUGFS_ADD(drop_unencrypted, vlan); 188 DEBUGFS_ADD(drop_unencrypted, vlan);
193 DEBUGFS_ADD(ieee802_1x_pac, vlan);
194} 189}
195 190
196static void add_monitor_files(struct ieee80211_sub_if_data *sdata) 191static void add_monitor_files(struct ieee80211_sub_if_data *sdata)
@@ -234,7 +229,6 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
234{ 229{
235 DEBUGFS_DEL(channel_use, sta); 230 DEBUGFS_DEL(channel_use, sta);
236 DEBUGFS_DEL(drop_unencrypted, sta); 231 DEBUGFS_DEL(drop_unencrypted, sta);
237 DEBUGFS_DEL(ieee802_1x_pac, sta);
238 DEBUGFS_DEL(state, sta); 232 DEBUGFS_DEL(state, sta);
239 DEBUGFS_DEL(bssid, sta); 233 DEBUGFS_DEL(bssid, sta);
240 DEBUGFS_DEL(prev_bssid, sta); 234 DEBUGFS_DEL(prev_bssid, sta);
@@ -255,7 +249,6 @@ static void del_ap_files(struct ieee80211_sub_if_data *sdata)
255{ 249{
256 DEBUGFS_DEL(channel_use, ap); 250 DEBUGFS_DEL(channel_use, ap);
257 DEBUGFS_DEL(drop_unencrypted, ap); 251 DEBUGFS_DEL(drop_unencrypted, ap);
258 DEBUGFS_DEL(ieee802_1x_pac, ap);
259 DEBUGFS_DEL(num_sta_ps, ap); 252 DEBUGFS_DEL(num_sta_ps, ap);
260 DEBUGFS_DEL(dtim_count, ap); 253 DEBUGFS_DEL(dtim_count, ap);
261 DEBUGFS_DEL(num_beacons, ap); 254 DEBUGFS_DEL(num_beacons, ap);
@@ -268,7 +261,6 @@ static void del_wds_files(struct ieee80211_sub_if_data *sdata)
268{ 261{
269 DEBUGFS_DEL(channel_use, wds); 262 DEBUGFS_DEL(channel_use, wds);
270 DEBUGFS_DEL(drop_unencrypted, wds); 263 DEBUGFS_DEL(drop_unencrypted, wds);
271 DEBUGFS_DEL(ieee802_1x_pac, wds);
272 DEBUGFS_DEL(peer, wds); 264 DEBUGFS_DEL(peer, wds);
273} 265}
274 266
@@ -276,7 +268,6 @@ static void del_vlan_files(struct ieee80211_sub_if_data *sdata)
276{ 268{
277 DEBUGFS_DEL(channel_use, vlan); 269 DEBUGFS_DEL(channel_use, vlan);
278 DEBUGFS_DEL(drop_unencrypted, vlan); 270 DEBUGFS_DEL(drop_unencrypted, vlan);
279 DEBUGFS_DEL(ieee802_1x_pac, vlan);
280} 271}
281 272
282static void del_monitor_files(struct ieee80211_sub_if_data *sdata) 273static void del_monitor_files(struct ieee80211_sub_if_data *sdata)
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index 49660f4e845d..ac61353ae7ce 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -74,12 +74,11 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
74{ 74{
75 char buf[100]; 75 char buf[100];
76 struct sta_info *sta = file->private_data; 76 struct sta_info *sta = file->private_data;
77 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s%s", 77 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s",
78 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "", 78 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "",
79 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "", 79 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
80 sta->flags & WLAN_STA_PS ? "PS\n" : "", 80 sta->flags & WLAN_STA_PS ? "PS\n" : "",
81 sta->flags & WLAN_STA_TIM ? "TIM\n" : "", 81 sta->flags & WLAN_STA_TIM ? "TIM\n" : "",
82 sta->flags & WLAN_STA_PERM ? "PERM\n" : "",
83 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", 82 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
84 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", 83 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
85 sta->flags & WLAN_STA_WME ? "WME\n" : "", 84 sta->flags & WLAN_STA_WME ? "WME\n" : "",
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
index de894b61a23c..cb09931af86a 100644
--- a/net/mac80211/ieee80211.c
+++ b/net/mac80211/ieee80211.c
@@ -804,6 +804,9 @@ int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
804 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL); 804 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
805 if (!sta) 805 if (!sta)
806 return -ENOMEM; 806 return -ENOMEM;
807
808 sta->flags |= WLAN_STA_AUTHORIZED;
809
807 sta_info_put(sta); 810 sta_info_put(sta);
808 811
809 /* Remove STA entry for the old peer */ 812 /* Remove STA entry for the old peer */
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 54eea5f24474..ac802feb7655 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -305,11 +305,6 @@ struct ieee80211_sub_if_data {
305 unsigned int flags; 305 unsigned int flags;
306 306
307 int drop_unencrypted; 307 int drop_unencrypted;
308 /*
309 * IEEE 802.1X Port access control in effect,
310 * drop packets to/from unauthorized port
311 */
312 int ieee802_1x_pac;
313 308
314 /* 309 /*
315 * basic rates of this AP or the AP we're associated to 310 * basic rates of this AP or the AP we're associated to
@@ -352,7 +347,6 @@ struct ieee80211_sub_if_data {
352 struct { 347 struct {
353 struct dentry *channel_use; 348 struct dentry *channel_use;
354 struct dentry *drop_unencrypted; 349 struct dentry *drop_unencrypted;
355 struct dentry *ieee802_1x_pac;
356 struct dentry *state; 350 struct dentry *state;
357 struct dentry *bssid; 351 struct dentry *bssid;
358 struct dentry *prev_bssid; 352 struct dentry *prev_bssid;
@@ -371,7 +365,6 @@ struct ieee80211_sub_if_data {
371 struct { 365 struct {
372 struct dentry *channel_use; 366 struct dentry *channel_use;
373 struct dentry *drop_unencrypted; 367 struct dentry *drop_unencrypted;
374 struct dentry *ieee802_1x_pac;
375 struct dentry *num_sta_ps; 368 struct dentry *num_sta_ps;
376 struct dentry *dtim_count; 369 struct dentry *dtim_count;
377 struct dentry *num_beacons; 370 struct dentry *num_beacons;
@@ -382,13 +375,11 @@ struct ieee80211_sub_if_data {
382 struct { 375 struct {
383 struct dentry *channel_use; 376 struct dentry *channel_use;
384 struct dentry *drop_unencrypted; 377 struct dentry *drop_unencrypted;
385 struct dentry *ieee802_1x_pac;
386 struct dentry *peer; 378 struct dentry *peer;
387 } wds; 379 } wds;
388 struct { 380 struct {
389 struct dentry *channel_use; 381 struct dentry *channel_use;
390 struct dentry *drop_unencrypted; 382 struct dentry *drop_unencrypted;
391 struct dentry *ieee802_1x_pac;
392 } vlan; 383 } vlan;
393 struct { 384 struct {
394 struct dentry *mode; 385 struct dentry *mode;
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
index 0d5e3fee8e53..dac02d001ef0 100644
--- a/net/mac80211/ieee80211_sta.c
+++ b/net/mac80211/ieee80211_sta.c
@@ -1828,7 +1828,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1828 } 1828 }
1829 1829
1830 sta->dev = dev; 1830 sta->dev = dev;
1831 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP; 1831 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
1832 WLAN_STA_AUTHORIZED;
1832 1833
1833 rates = 0; 1834 rates = 0;
1834 basic_rates = 0; 1835 basic_rates = 0;
@@ -3791,6 +3792,8 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
3791 if (!sta) 3792 if (!sta)
3792 return NULL; 3793 return NULL;
3793 3794
3795 sta->flags |= WLAN_STA_AUTHORIZED;
3796
3794 sta->supp_rates[local->hw.conf.channel->band] = 3797 sta->supp_rates[local->hw.conf.channel->band] =
3795 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band]; 3798 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band];
3796 3799
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index c9ff98a93211..0989c212b7c2 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -987,11 +987,11 @@ ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx)
987static int 987static int
988ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx) 988ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx)
989{ 989{
990 if (unlikely(rx->sdata->ieee802_1x_pac && 990 if (unlikely(!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED))) {
991 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)))) {
992#ifdef CONFIG_MAC80211_DEBUG 991#ifdef CONFIG_MAC80211_DEBUG
993 printk(KERN_DEBUG "%s: dropped frame " 992 if (net_ratelimit())
994 "(unauthorized port)\n", rx->dev->name); 993 printk(KERN_DEBUG "%s: dropped frame "
994 "(unauthorized port)\n", rx->dev->name);
995#endif /* CONFIG_MAC80211_DEBUG */ 995#endif /* CONFIG_MAC80211_DEBUG */
996 return -EACCES; 996 return -EACCES;
997 } 997 }
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 3573743dfa59..19f3fb412940 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -15,21 +15,35 @@
15#include <linux/kref.h> 15#include <linux/kref.h>
16#include "ieee80211_key.h" 16#include "ieee80211_key.h"
17 17
18/* Stations flags (struct sta_info::flags) */ 18/**
19#define WLAN_STA_AUTH BIT(0) 19 * enum ieee80211_sta_info_flags - Stations flags
20#define WLAN_STA_ASSOC BIT(1) 20 *
21#define WLAN_STA_PS BIT(2) 21 * These flags are used with &struct sta_info's @flags member.
22#define WLAN_STA_TIM BIT(3) /* TIM bit is on for PS stations */ 22 *
23#define WLAN_STA_PERM BIT(4) /* permanent; do not remove entry on expiration */ 23 * @WLAN_STA_AUTH: Station is authenticated.
24#define WLAN_STA_AUTHORIZED BIT(5) /* If 802.1X is used, this flag is 24 * @WLAN_STA_ASSOC: Station is associated.
25 * controlling whether STA is authorized to 25 * @WLAN_STA_PS: Station is in power-save mode
26 * send and receive non-IEEE 802.1X frames 26 * @WLAN_STA_TIM: TIM bit is on for this PS station (traffic buffered)
27 */ 27 * @WLAN_STA_AUTHORIZED: Station is authorized to send/receive traffic.
28#define WLAN_STA_SHORT_PREAMBLE BIT(7) 28 * This bit is always checked so needs to be enabled for all stations
29/* whether this is an AP that we are associated with as a client */ 29 * when virtual port control is not in use.
30#define WLAN_STA_ASSOC_AP BIT(8) 30 * @WLAN_STA_SHORT_PREAMBLE: Station is capable of receiving short-preamble
31#define WLAN_STA_WME BIT(9) 31 * frames.
32#define WLAN_STA_WDS BIT(27) 32 * @WLAN_STA_ASSOC_AP: We're associated to that station, it is an AP.
33 * @WLAN_STA_WME: Station is a QoS-STA.
34 * @WLAN_STA_WDS: Station is one of our WDS peers.
35 */
36enum ieee80211_sta_info_flags {
37 WLAN_STA_AUTH = 1<<0,
38 WLAN_STA_ASSOC = 1<<1,
39 WLAN_STA_PS = 1<<2,
40 WLAN_STA_TIM = 1<<3,
41 WLAN_STA_AUTHORIZED = 1<<4,
42 WLAN_STA_SHORT_PREAMBLE = 1<<5,
43 WLAN_STA_ASSOC_AP = 1<<6,
44 WLAN_STA_WME = 1<<7,
45 WLAN_STA_WDS = 1<<8,
46};
33 47
34#define STA_TID_NUM 16 48#define STA_TID_NUM 16
35#define ADDBA_RESP_INTERVAL HZ 49#define ADDBA_RESP_INTERVAL HZ
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 9e5359991985..2b4746441232 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -1471,12 +1471,10 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1471 } 1471 }
1472 1472
1473 /* 1473 /*
1474 * If port access control is enabled, drop unicast frames to 1474 * Drop unicast frames to unauthorised stations unless they are
1475 * unauthorised stations unless they are EAPOL frames from the 1475 * EAPOL frames from the local station.
1476 * local station.
1477 */ 1476 */
1478 if (unlikely(sdata->ieee802_1x_pac && 1477 if (unlikely(!is_multicast_ether_addr(hdr.addr1) &&
1479 !is_multicast_ether_addr(hdr.addr1) &&
1480 !(sta_flags & WLAN_STA_AUTHORIZED) && 1478 !(sta_flags & WLAN_STA_AUTHORIZED) &&
1481 !(ethertype == ETH_P_PAE && 1479 !(ethertype == ETH_P_PAE &&
1482 compare_ether_addr(dev->dev_addr, 1480 compare_ether_addr(dev->dev_addr,