Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 44bcd1c1 authored by Varsha Mishra's avatar Varsha Mishra Committed by Gerrit - the friendly Code Review server
Browse files

qcacmn: Drop non-eapol packets for unauthorized peer

Until peer is authorized, drop non-eapol frames in
rx error path.

Change-Id: I339b9248b8ae63e4b6ab0268c4ed28130404ba33
parent 174fa507
Loading
Loading
Loading
Loading
+18 −3
Original line number Diff line number Diff line
@@ -1140,6 +1140,7 @@ dp_rx_null_q_desc_handle(struct dp_soc *soc, qdf_nbuf_t nbuf,
	qdf_ether_header_t *eh;
	struct hal_rx_msdu_metadata msdu_metadata;
	uint16_t sa_idx = 0;
	bool is_eapol;

	qdf_nbuf_set_rx_chfrag_start(nbuf,
				hal_rx_msdu_end_first_msdu_get(soc->hal_soc,
@@ -1294,6 +1295,22 @@ dp_rx_null_q_desc_handle(struct dp_soc *soc, qdf_nbuf_t nbuf,
			/* IEEE80211_SEQ_MAX indicates invalid start_seq */
	}

	eh = (qdf_ether_header_t *)qdf_nbuf_data(nbuf);

	if (!peer->authorize) {
		is_eapol = qdf_nbuf_is_ipv4_eapol_pkt(nbuf) ||
			   qdf_nbuf_is_ipv4_wapi_pkt(nbuf);

		if (is_eapol) {
			if (qdf_mem_cmp(eh->ether_dhost,
					&vdev->mac_addr.raw[0],
					QDF_MAC_ADDR_SIZE))
				goto drop_nbuf;
		} else {
			goto drop_nbuf;
		}
	}

	/*
	 * Drop packets in this path if cce_match is found. Packets will come
	 * in following path depending on whether tidQ is setup.
@@ -1307,8 +1324,7 @@ dp_rx_null_q_desc_handle(struct dp_soc *soc, qdf_nbuf_t nbuf,
	 *    to stack.
	 */
	if (qdf_unlikely(dp_rx_err_cce_drop(soc, vdev, nbuf, rx_tlv_hdr))) {
		qdf_nbuf_free(nbuf);
		return QDF_STATUS_E_FAILURE;
		goto drop_nbuf;
	}

	if (qdf_unlikely(vdev->rx_decap_type == htt_cmn_pkt_type_raw)) {
@@ -1335,7 +1351,6 @@ dp_rx_null_q_desc_handle(struct dp_soc *soc, qdf_nbuf_t nbuf,
				 soc->hal_soc, rx_tlv_hdr) &&
				 (vdev->rx_decap_type ==
				  htt_cmn_pkt_type_ethernet))) {
			eh = (qdf_ether_header_t *)qdf_nbuf_data(nbuf);
			DP_STATS_INC_PKT(peer, rx.multicast, 1,
					 qdf_nbuf_len(nbuf));