From patchwork Mon Jun 20 05:56:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinayak Yadawad X-Patchwork-Id: 1645230 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=CvPjRxDV; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=broadcom.com header.i=@broadcom.com header.a=rsa-sha256 header.s=google header.b=OFYkeBGt; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LRJpv5HvKz9s2R for ; Mon, 20 Jun 2022 15:58:15 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Cc: To:Subject:Message-ID:Date:From:MIME-Version:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=w3D/4TsqyxHOu1Ek1AdtmG9FGzKrlLmnBdOOW4j2RPU=; b=CvP jRxDVkIS2l72XzYT+b+6T77dCOcO1R4jp09Ai1uNChlK9U5wB1o+aE37XDaEMfhjW9XeV+MzrKjZO yFZy6Lgv1YiIJ36Kn+00ZtLim5lWybhhONz+/C6qAiWADwVGbmr4A7+xibFcKc9hjn8leAszPzKDr Cvhzyy7+xSfHNiHLFkmSQ6LAJKOqUSls6S4OLSoxeKO7YwZNXMylNZACdYqCnz+fvP0Q4seviYJcD 88nrC7u0a7fObzOQKTYQ8ANhAU7C0I+LgjgnM356r9y5miKDSIEpZCjJByX1/zp+vimIIUedzJ2K7 7PENEWuNSJqxPxKOLPmN/eGh4ou12hA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1o3APC-00GMP1-Jb; Mon, 20 Jun 2022 05:56:58 +0000 Received: from mail-oi1-x232.google.com ([2607:f8b0:4864:20::232]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1o3AP7-00GMMD-99 for hostap@lists.infradead.org; Mon, 20 Jun 2022 05:56:54 +0000 Received: by mail-oi1-x232.google.com with SMTP id w16so12454948oie.5 for ; Sun, 19 Jun 2022 22:56:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=mime-version:from:date:message-id:subject:to:cc; bh=JMJ+Di0oCrMizyFXzySkswdpnK9FpiYtirkhDJ7dWjc=; b=OFYkeBGtComYpkcrVYHuc/C6zVbzcQLehGS4/w0Zw79oSZpnv42wWIlqTm3lTPaLJ2 bfy1Lh4uUxnJYT2h03BBYxdaKjRMv8n7b3ZdgdeQzETwQ4JPS0NKxvSPQBn4/MxZRty4 A1gU+GRcCT21IqaR8jQOTiDABir6M3qpqNL88= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=JMJ+Di0oCrMizyFXzySkswdpnK9FpiYtirkhDJ7dWjc=; b=iYtF08M2l56CSvgPpzhNBTSuf0mXodqHKQrVONokC6wYAU9EHbhbxTamT2rVdfLTAF g/U4lLW739MPqbOARh/erDAfjHnFh3twXXIVkih6kK6N/ezznKnM4XQs1m4XIHvQPc89 AwZK59E8A7m3O+b5gDoq6Oqep2pkJBnkZw2FTYNHYGrAbTVX3UuAdo0Im3kqZllBCRDO f0XkY29WVdkx8AnKqlr7a1hdSAcGlV91fccveF/XBhz9g9Pi7kPolR0FBdJApCkPM0mf 63qM5n2no3gFHi4SyyKvmkeV7Ru2G/NH/crRUKfNsJWWrkqeiOC9p9SpVsig1H8mbw5U Nm1w== X-Gm-Message-State: AJIora9eeUhqoajOwcbf6PUSK9iGgyel1tU/81yKIaxuwJaEKoSlUNtc h7KUhhSMnArhOKrFDU32DkAbfUSVRgfvieJoO4Zp0cpoC+eO2PoVu+OHGLiMO4Iz+e/7aYp7NLh scQljFHdyAX8RDsaSqMFF9J53LySOE1ToFZtM X-Google-Smtp-Source: AGRyM1u6gusPOh5t4BdyYu34MFNs1Zo7z5N8Q2qA3Ir4APaPApONXasgxIh1Uc+BhjuY/t+lnoRA4BPRnMiw90G56sE= X-Received: by 2002:a05:6808:181e:b0:331:426c:d95f with SMTP id bh30-20020a056808181e00b00331426cd95fmr9017644oib.277.1655704610199; Sun, 19 Jun 2022 22:56:50 -0700 (PDT) MIME-Version: 1.0 From: Vinayak Yadawad Date: Mon, 20 Jun 2022 11:26:39 +0530 Message-ID: Subject: Subject: [PATCH 1/1] STA_ASSOC: Mark Port authorization and State Completion based on authorized state in connect event To: hostap@lists.infradead.org Cc: Jithu Jance X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220619_225653_447281_B345640B X-CRM114-Status: GOOD ( 15.71 ) X-Spam-Score: -0.4 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In case of drivers supporting 4way handshake offload, mark port authorized and state completion only if driver advertizes authorized state in the connect event. Otherwise there are fair chances of dri [...] Content analysis details: (-0.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:232 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In case of drivers supporting 4way handshake offload, mark port authorized and state completion only if driver advertizes authorized state in the connect event. Otherwise there are fair chances of driver port authorization api gets called while 4-way handshake is in progress at the lower layer. In order to avoid this possible race condition always update port authorization and supplicant state WPA_COMPLETED setting from EVENT_PORT_AUTHORIZED context when driver is done with 4way handshake. Signed-off-by: Vinayak Yadawad --- wpa_supplicant/events.c | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) /* diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index ec56cfdc0..f20e1c87b 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -3478,14 +3478,23 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, eapol_sm_notify_eap_success(wpa_s->eapol, true); } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { - /* - * We are done; the driver will take care of RSN 4-way - * handshake. - */ - wpa_supplicant_cancel_auth_timeout(wpa_s); - wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); - eapol_sm_notify_portValid(wpa_s->eapol, true); - eapol_sm_notify_eap_success(wpa_s->eapol, true); + if (already_authorized) { + /* + * We are done; the driver will take care of RSN 4-way + * handshake. + */ + wpa_supplicant_cancel_auth_timeout(wpa_s); + wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); + eapol_sm_notify_portValid(wpa_s->eapol, true); + eapol_sm_notify_eap_success(wpa_s->eapol, true); + } else { + /* Update port, WPA_COMPLETED state from + * EVENT_PORT_AUTHORIZED context when driver is done + * with 4way handshake. + */ + wpa_msg(wpa_s, MSG_INFO, "ASSOC INFO: wait for driver port " + "authorized indication"); + } } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {