diff mbox series

mac80211: only send control port frames over nl80211 control port

Message ID 20200224121954.66739-1-markus.theil@tu-ilmenau.de
State New
Headers show
Series mac80211: only send control port frames over nl80211 control port | expand

Commit Message

Markus Theil Feb. 24, 2020, 12:19 p.m. UTC 
As Jouni recently pointed out, the nl80211 control should only transmit
and receive EAPOL frames. This patch removes forwarding of
preauthentication frames over the control port. They are handled as
ordinary data frames again.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
---
 net/mac80211/rx.c | 3 +--
 net/mac80211/tx.c | 4 +---
 2 files changed, 2 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 6bd24123456d..9f586a60e783 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2496,8 +2496,7 @@  static void ieee80211_deliver_skb_to_local_stack(struct sk_buff *skb,
 	struct ieee80211_sub_if_data *sdata = rx->sdata;
 	struct net_device *dev = sdata->dev;
 
-	if (unlikely((skb->protocol == sdata->control_port_protocol ||
-		      skb->protocol == cpu_to_be16(ETH_P_PREAUTH)) &&
+	if (unlikely(skb->protocol == sdata->control_port_protocol &&
 		     sdata->control_port_over_nl80211)) {
 		struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
 		bool noencrypt = !(status->flag & RX_FLAG_DECRYPTED);
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 83147385c200..571e7b08bac6 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -5317,10 +5317,8 @@  int ieee80211_tx_control_port(struct wiphy *wiphy, struct net_device *dev,
 	u32 flags;
 
 	/* Only accept CONTROL_PORT_PROTOCOL configured in CONNECT/ASSOCIATE
-	 * or Pre-Authentication
 	 */
-	if (proto != sdata->control_port_protocol &&
-	    proto != cpu_to_be16(ETH_P_PREAUTH))
+	if (proto != sdata->control_port_protocol)
 		return -EINVAL;
 
 	if (unencrypted)