Provide information about the encryption status of received EAPOL frames

This information was already available from the nl80211 control port RX path, but it was not provided to upper layers within wpa_supplicant and hostapd. It can be helpful, so parse the information from the driver event. Signed-off-by: Jouni Malinen <j@w1.fi>
2022-05-07 00:38:35 +03:00 · 2022-05-07 00:38:35 +03:00 · 18c0ac8901
commit 18c0ac8901
parent 7ee814201b
27 changed files with 117 additions and 49 deletions
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@ -5847,6 +5847,7 @@ union wpa_event_data {
 		const u8 *src;
 		const u8 *data;
 		size_t data_len;
+		enum frame_encryption encrypted;
 	} eapol_rx;

 	/**
@ -6185,6 +6186,20 @@ static inline void drv_event_eapol_rx(void *ctx, const u8 *src, const u8 *data,
 	event.eapol_rx.src = src;
 	event.eapol_rx.data = data;
 	event.eapol_rx.data_len = data_len;
+	event.eapol_rx.encrypted = FRAME_ENCRYPTION_UNKNOWN;
+	wpa_supplicant_event(ctx, EVENT_EAPOL_RX, &event);
+}
+
+static inline void drv_event_eapol_rx2(void *ctx, const u8 *src, const u8 *data,
+				      size_t data_len,
+				       enum frame_encryption encrypted)
+{
+	union wpa_event_data event;
+	os_memset(&event, 0, sizeof(event));
+	event.eapol_rx.src = src;
+	event.eapol_rx.data = data;
+	event.eapol_rx.data_len = data_len;
+	event.eapol_rx.encrypted = encrypted;
 	wpa_supplicant_event(ctx, EVENT_EAPOL_RX, &event);
 }

--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
@ -2810,6 +2810,7 @@ static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv,
 {
 	u8 *src_addr;
 	u16 ethertype;
+	enum frame_encryption encrypted;

 	if (!tb[NL80211_ATTR_MAC] ||
 	    !tb[NL80211_ATTR_FRAME] ||
@ -2818,6 +2819,8 @@ static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv,

 	src_addr = nla_data(tb[NL80211_ATTR_MAC]);
 	ethertype = nla_get_u16(tb[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
+	encrypted = nla_get_flag(tb[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) ?
+		FRAME_NOT_ENCRYPTED : FRAME_ENCRYPTED;

 	switch (ethertype) {
 	case ETH_P_RSN_PREAUTH:
@ -2826,9 +2829,10 @@ static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv,
 			   MAC2STR(src_addr));
 		break;
 	case ETH_P_PAE:
-		drv_event_eapol_rx(drv->ctx, src_addr,
-				   nla_data(tb[NL80211_ATTR_FRAME]),
-				   nla_len(tb[NL80211_ATTR_FRAME]));
+		drv_event_eapol_rx2(drv->ctx, src_addr,
+				    nla_data(tb[NL80211_ATTR_FRAME]),
+				    nla_len(tb[NL80211_ATTR_FRAME]),
+				    encrypted);
 		break;
 	default:
 		wpa_printf(MSG_INFO,