Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp316596ybt; Wed, 17 Jun 2020 01:30:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzwZ3MUNRb01Nd4hG7oT2anafF5G9pPMGwW7pshRYtvjETMbp4mS0CbgfBE4UtEq09IoHPe X-Received: by 2002:a50:c219:: with SMTP id n25mr6298564edf.306.1592382636173; Wed, 17 Jun 2020 01:30:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592382636; cv=none; d=google.com; s=arc-20160816; b=ANRy2YOKZw3kV5D7rA7kY8TIm1tHg4gu+1U/6KejswmjOzXz7y8mKU4NcUvAI2Gl0J aLDm/Rx0kuE5HKoZj9LajXnduOWgagRxKQkGh/1QIJtAcIl6DaMxEAmtv1PCs0dByLaR v9Q5GpEubgM13xo7buGaOav9YBevyxHYLJrDcLOkeqanwX/AY3I7nG61b2iQDxrZPxoU v8qqZvTqcOiTgXQVg62cAzYLk4D41kO4U2oFTP8CeXxQGd5fV1TbHTpQSD5uGKg3k7g7 X5baqzhOiOqFF+vuJYQMY4weIcJg6ctevzQSRKF0yfdVfdPn/MBSzhljjCZqAnuXNZxm i8rQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=v7DUPypLid7ZesFvL7gK6KnsKlMpvEj3eFvSUBmn+lU=; b=u9onG7Sgo+kmFJjOjxSqXqibp1WvnOXPbm1WZ4rzTcIaPBVG8/sP/M5+ks8Aq25lZo 6F/wjrMFSdqj6daSQFVpg7QfVeC4qarftHOUiNteBmkdcJ0UxZT6zuc2uhDP8eVYCJXK BNT2kv9a3YeBFbjnBVEpHce5lpMXCcWKOCJNN5COg6ZiQhM3705xCeNWy8WEHZJD0mK7 attWlZhfly1BMkwLztDE6AvcipTOMKYynSVHTJs1uiifP5YRemxIIzcnsnd43YLvaKbx cvs6ljKIbWhJUA0fuoomHyujS/KXHNB77GrYTadJ7zaS2uViEmpVs8/4hxnramjLE6Cr 3uVg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i21si12469546edv.162.2020.06.17.01.30.12; Wed, 17 Jun 2020 01:30:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726600AbgFQI1F (ORCPT + 99 others); Wed, 17 Jun 2020 04:27:05 -0400 Received: from smail.rz.tu-ilmenau.de ([141.24.186.67]:49902 "EHLO smail.rz.tu-ilmenau.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726597AbgFQI1F (ORCPT ); Wed, 17 Jun 2020 04:27:05 -0400 Received: from legolas.fritz.box (unknown [87.147.49.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smail.rz.tu-ilmenau.de (Postfix) with ESMTPSA id 066DC58006C; Wed, 17 Jun 2020 10:27:02 +0200 (CEST) From: Markus Theil To: johannes@sipsolutions.net Cc: linux-wireless@vger.kernel.org, Markus Theil Subject: [PATCH v3 0/2] Fixes for 802.1X in mesh mode Date: Wed, 17 Jun 2020 10:26:35 +0200 Message-Id: <20200617082637.22670-1-markus.theil@tu-ilmenau.de> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org In order to support 802.1X in mesh mode, userspace should be able to rx and tx eapol frames, after an initial MPM, before a second AMPE. Some checks regarding mesh forwarding were conflicting with this. Therefore this little series adds some checks for control port frames and disables mesh path lookups on the tx side or drop of unencrypted frames on the rx side. v3: continue with previous drop check, if eapol check fails v2: fixes for rx path with packet sockets Markus Theil (2): mac80211: skip mpath lookup also for control port tx mac80211: allow rx of mesh eapol frames with default rx key net/mac80211/rx.c | 26 ++++++++++++++++++++++++++ net/mac80211/tx.c | 13 ++++++++++--- 2 files changed, 36 insertions(+), 3 deletions(-) -- 2.27.0