Extensible Authentication Protocol over LAN (EAPoL) More...

#include <string.h>
#include <assert.h>
#include <errno.h>
#include <byteswap.h>
#include <ipxe/iobuf.h>
#include <ipxe/if_ether.h>
#include <ipxe/if_arp.h>
#include <ipxe/netdevice.h>
#include <ipxe/vlan.h>
#include <ipxe/retry.h>
#include <ipxe/eap.h>
#include <ipxe/eapol.h>

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)

	FILE_SECBOOT (PERMITTED)

static int	eapol_rx (struct io_buffer iobuf, struct net_device netdev, const void ll_dest __unused, const void ll_source, unsigned int flags __unused)
	Process EAPoL packet. More...

static int	eapol_eap_rx (struct eapol_supplicant supplicant, struct io_buffer iobuf, const void *ll_source __unused)
	Process EAPoL-encapsulated EAP packet. More...

static int	eapol_tx (struct eapol_supplicant supplicant, unsigned int type, const void data, size_t len)
	Transmit EAPoL packet. More...

static int	eapol_eap_tx (struct eap_supplicant eap, const void data, size_t len)
	Transmit EAPoL-encapsulated EAP packet. More...

static void	eapol_expired (struct retry_timer *timer, int fail __unused)
	(Re)transmit EAPoL-Start packet More...

static int	eapol_probe (struct net_device netdev, void priv)
	Create EAPoL supplicant. More...

static void	eapol_notify (struct net_device netdev, void priv)
	Handle EAPoL supplicant state change. More...

Variables
struct net_driver eapol_driver	__net_driver
	EAPoL driver. More...

static const uint8_t	eapol_mac [ETH_ALEN]
	EAPoL destination MAC address. More...

struct net_protocol eapol_protocol	__net_protocol
	EAPoL protocol. More...

struct eapol_handler eapol_eap	__eapol_handler
	EAPoL handler for EAP packets. More...

Detailed Description

Extensible Authentication Protocol over LAN (EAPoL)

Definition in file eapol.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ eapol_rx()

static int eapol_rx	(	struct io_buffer *	iobuf,
		struct net_device *	netdev,
		const void *ll_dest	__unused,
		const void *	ll_source,
		unsigned int flags	__unused
	)

static

Process EAPoL packet.

Parameters

iobuf	I/O buffer
netdev	Network device
ll_dest	Link-layer destination address
ll_source	Link-layer source address
flags	Packet flags

Return values

rc	Return status code

Definition at line 63 of file eapol.c.

                                                     {
         struct eapol_supplicant *supplicant;
         struct eapol_header *eapol;
         struct eapol_handler *handler;
         size_t remaining;
         size_t len;
         int rc;
 
         /* Find matching supplicant */
         supplicant = netdev_priv ( netdev, &eapol_driver );
 
         /* Ignore non-EAPoL devices */
         if ( ! supplicant->eap.netdev ) {
                 DBGC ( netdev, "EAPOL %s is not an EAPoL device\n",
                        netdev->name );
                 DBGC_HDA ( netdev, 0, iobuf->data, iob_len ( iobuf ) );
                 rc = -ENOTTY;
                 goto drop;
         }
 
         /* Sanity checks */
         if ( iob_len ( iobuf ) < sizeof ( *eapol ) ) {
                 DBGC ( netdev, "EAPOL %s underlength header:\n",
                        netdev->name );
                 DBGC_HDA ( netdev, 0, iobuf->data, iob_len ( iobuf ) );
                 rc = -EINVAL;
                 goto drop;
         }
         eapol = iobuf->data;
         remaining = ( iob_len ( iobuf ) - sizeof ( *eapol ) );
         len = ntohs ( eapol->len );
         if ( len > remaining ) {
                 DBGC ( netdev, "EAPOL %s v%d type %d len %zd underlength "
                        "payload:\n", netdev->name, eapol->version,
                        eapol->type, len );
                 DBGC_HDA ( netdev, 0, iobuf->data, iob_len ( iobuf ) );
                 rc = -EINVAL;
                 goto drop;
         }
 
         /* Strip any trailing padding */
         iob_unput ( iobuf, ( len - remaining ) );
 
         /* Handle according to type */
         for_each_table_entry ( handler, EAPOL_HANDLERS ) {
                 if ( handler->type == eapol->type ) {
                         return handler->rx ( supplicant, iob_disown ( iobuf ),
                                              ll_source );
                 }
         }
         rc = -ENOTSUP;
         DBGC ( netdev, "EAPOL %s v%d type %d unsupported\n",
                netdev->name, eapol->version, eapol->type );
         DBGC_HDA ( netdev, 0, iobuf->data, iob_len ( iobuf ) );
 
  drop:
         free_iob ( iobuf );
         return rc;
 }

References io_buffer::data, DBGC, DBGC_HDA, eapol_supplicant::eap, EAPOL_HANDLERS, EINVAL, ENOTSUP, ENOTTY, for_each_table_entry, free_iob(), iob_disown, iob_len(), iob_unput, eapol_header::len, len, net_device::name, netdev, eap_supplicant::netdev, netdev_priv(), ntohs, rc, eapol_handler::rx, eapol_header::type, eapol_handler::type, and eapol_header::version.

◆ eapol_eap_rx()

static int eapol_eap_rx	(	struct eapol_supplicant *	supplicant,
		struct io_buffer *	iobuf,
		const void *ll_source	__unused
	)

static

Process EAPoL-encapsulated EAP packet.

Parameters

supplicant	EAPoL supplicant
ll_source	Link-layer source address

Return values

rc	Return status code

Definition at line 139 of file eapol.c.

                                                            {
         struct net_device *netdev = supplicant->eap.netdev;
         struct eapol_header *eapol;
         int rc;
 
         /* Sanity check */
         assert ( iob_len ( iobuf ) >= sizeof ( *eapol ) );
 
         /* Strip EAPoL header */
         eapol = iob_pull ( iobuf, sizeof ( *eapol ) );
 
         /* Process EAP packet */
         if ( ( rc = eap_rx ( &supplicant->eap, iobuf->data,
                              iob_len ( iobuf ) ) ) != 0 ) {
                 DBGC ( netdev, "EAPOL %s v%d EAP failed: %s\n",
                        netdev->name, eapol->version, strerror ( rc ) );
                 goto drop;
         }
 
         /* Update EAPoL-Start transmission timer */
         if ( supplicant->eap.flags & EAP_FL_PASSIVE ) {
                 /* Stop sending EAPoL-Start */
                 if ( timer_running ( &supplicant->timer ) ) {
                         DBGC ( netdev, "EAPOL %s becoming passive\n",
                                netdev->name );
                 }
                 stop_timer ( &supplicant->timer );
         } else if ( supplicant->eap.flags & EAP_FL_ONGOING ) {
                 /* Delay EAPoL-Start until after next expected packet */
                 DBGC ( netdev, "EAPOL %s deferring Start\n", netdev->name );
                 start_timer_fixed ( &supplicant->timer, EAP_WAIT_TIMEOUT );
                 supplicant->count = 0;
         }
 
  drop:
         free_iob ( iobuf );
         return rc;
 }

References assert(), eapol_supplicant::count, io_buffer::data, DBGC, eapol_supplicant::eap, EAP_FL_ONGOING, EAP_FL_PASSIVE, eap_rx(), EAP_WAIT_TIMEOUT, eap_supplicant::flags, free_iob(), iob_len(), iob_pull, net_device::name, netdev, eap_supplicant::netdev, rc, start_timer_fixed(), stop_timer(), strerror(), eapol_supplicant::timer, and eapol_header::version.

◆ eapol_tx()

static int eapol_tx	(	struct eapol_supplicant *	supplicant,
		unsigned int	type,
		const void *	data,
		size_t	len
	)

static

Transmit EAPoL packet.

Parameters

supplicant	EAPoL supplicant
type	Packet type
data	Packet body
len	Length of packet body

Return values

rc	Return status code

Definition at line 195 of file eapol.c.

                                                      {
         struct net_device *netdev = supplicant->eap.netdev;
         struct io_buffer *iobuf;
         struct eapol_header *eapol;
         int rc;
 
         /* Allocate I/O buffer */
         iobuf = alloc_iob ( MAX_LL_HEADER_LEN + sizeof ( *eapol ) + len );
         if ( ! iobuf )
                 return -ENOMEM;
         iob_reserve ( iobuf, MAX_LL_HEADER_LEN );
 
         /* Construct EAPoL header */
         eapol = iob_put ( iobuf, sizeof ( *eapol ) );
         eapol->version = EAPOL_VERSION_2001;
         eapol->type = type;
         eapol->len = htons ( len );
 
         /* Append packet body */
         memcpy ( iob_put ( iobuf, len ), data, len );
 
         /* Transmit packet */
         if ( ( rc = net_tx ( iob_disown ( iobuf ), netdev, &eapol_protocol,
                              &eapol_mac, netdev->ll_addr ) ) != 0 ) {
                 DBGC ( netdev, "EAPOL %s could not transmit type %d: %s\n",
                        netdev->name, type, strerror ( rc ) );
                 DBGC_HDA ( netdev, 0, data, len );
                 return rc;
         }
 
         return 0;
 }

References alloc_iob(), data, DBGC, DBGC_HDA, eapol_supplicant::eap, eapol_mac, EAPOL_VERSION_2001, ENOMEM, htons, iob_disown, iob_put, iob_reserve, eapol_header::len, len, net_device::ll_addr, MAX_LL_HEADER_LEN, memcpy(), net_device::name, net_tx(), netdev, eap_supplicant::netdev, rc, strerror(), type, eapol_header::type, and eapol_header::version.

Referenced by eapol_eap_tx(), and eapol_expired().

◆ eapol_eap_tx()

static int eapol_eap_tx	(	struct eap_supplicant *	eap,
		const void *	data,
		size_t	len
	)

static

Transmit EAPoL-encapsulated EAP packet.

Parameters

supplicant	EAPoL supplicant
ll_source	Link-layer source address

Return values

rc	Return status code

Definition at line 236 of file eapol.c.

                                        {
         struct eapol_supplicant *supplicant =
                 container_of ( eap, struct eapol_supplicant, eap );
 
         /* Transmit encapsulated packet */
         return eapol_tx ( supplicant, EAPOL_TYPE_EAP, data, len );
 }

References container_of, data, eapol_supplicant::eap, eapol_tx(), EAPOL_TYPE_EAP, and len.

Referenced by eapol_probe().

◆ eapol_expired()

static void eapol_expired	(	struct retry_timer *	timer,
		int fail	__unused
	)

static

(Re)transmit EAPoL-Start packet

Parameters

timer	EAPoL-Start timer
expired	Failure indicator

Definition at line 251 of file eapol.c.

                                                                            {
         struct eapol_supplicant *supplicant =
                 container_of ( timer, struct eapol_supplicant, timer );
         struct net_device *netdev = supplicant->eap.netdev;
 
         /* Stop transmitting after maximum number of attempts */
         if ( supplicant->count++ >= EAPOL_START_COUNT ) {
                 DBGC ( netdev, "EAPOL %s giving up\n", netdev->name );
                 return;
         }
 
         /* Schedule next transmission */
         start_timer_fixed ( timer, EAPOL_START_INTERVAL );
 
         /* Transmit EAPoL-Start, ignoring errors */
         DBGC2 ( netdev, "EAPOL %s transmitting Start\n", netdev->name );
         eapol_tx ( supplicant, EAPOL_TYPE_START, NULL, 0 );
 }

References container_of, eapol_supplicant::count, DBGC, DBGC2, eapol_supplicant::eap, EAPOL_START_COUNT, EAPOL_START_INTERVAL, eapol_tx(), EAPOL_TYPE_START, net_device::name, netdev, eap_supplicant::netdev, NULL, and start_timer_fixed().

Referenced by eapol_probe().

◆ eapol_probe()

static int eapol_probe	(	struct net_device *	netdev,
		void *	priv
	)

static

Create EAPoL supplicant.

Parameters

netdev	Network device
priv	Private data

Return values

rc	Return status code

Definition at line 277 of file eapol.c.

                                                                  {
         struct eapol_supplicant *supplicant = priv;
         struct ll_protocol *ll_protocol = netdev->ll_protocol;
 
         /* Ignore non-EAPoL devices */
         if ( ll_protocol->ll_proto != htons ( ARPHRD_ETHER ) )
                 return 0;
         if ( vlan_tag ( netdev ) )
                 return 0;
 
         /* Initialise structure */
         supplicant->eap.netdev = netdev;
         supplicant->eap.tx = eapol_eap_tx;
         timer_init ( &supplicant->timer, eapol_expired, &netdev->refcnt );
 
         return 0;
 }

References ARPHRD_ETHER, eapol_supplicant::eap, eapol_eap_tx(), eapol_expired(), htons, ll_protocol::ll_proto, net_device::ll_protocol, netdev, eap_supplicant::netdev, priv, net_device::refcnt, eapol_supplicant::timer, eap_supplicant::tx, and vlan_tag().

◆ eapol_notify()

static void eapol_notify	(	struct net_device *	netdev,
		void *	priv
	)

static

Handle EAPoL supplicant state change.

Parameters

netdev	Network device
priv	Private data

Definition at line 301 of file eapol.c.

                                                                    {
         struct eapol_supplicant *supplicant = priv;
 
         /* Ignore non-EAPoL devices */
         if ( ! supplicant->eap.netdev )
                 return;
 
         /* Terminate and reset EAP when link goes down */
         if ( ! ( netdev_is_open ( netdev ) && netdev_link_ok ( netdev ) ) ) {
                 if ( timer_running ( &supplicant->timer ) ) {
                         DBGC ( netdev, "EAPOL %s shutting down\n",
                                netdev->name );
                 }
                 supplicant->eap.flags = 0;
                 stop_timer ( &supplicant->timer );
                 return;
         }
 
         /* Do nothing if EAP is already in progress */
         if ( timer_running ( &supplicant->timer ) )
                 return;
 
         /* Do nothing if EAP has already finished transmitting */
         if ( supplicant->eap.flags & EAP_FL_PASSIVE )
                 return;
 
         /* Otherwise, start sending EAPoL-Start */
         start_timer_nodelay ( &supplicant->timer );
         supplicant->count = 0;
         DBGC ( netdev, "EAPOL %s starting up\n", netdev->name );
 }

References eapol_supplicant::count, DBGC, eapol_supplicant::eap, EAP_FL_PASSIVE, eap_supplicant::flags, net_device::name, netdev, eap_supplicant::netdev, netdev_is_open(), netdev_link_ok(), priv, start_timer_nodelay(), stop_timer(), and eapol_supplicant::timer.

Variable Documentation

◆ __net_driver

struct net_driver eapol_driver __net_driver

Initial value:

= {
        .name = "EAPoL",
        .priv_len = sizeof ( struct eapol_supplicant ),
        .probe = eapol_probe,
        .notify = eapol_notify,
}

EAPoL driver.

Definition at line 46 of file eapol.c.

◆ eapol_mac

const uint8_t eapol_mac[ETH_ALEN]

static

Initial value:

= {
        0x01, 0x80, 0xc2, 0x00, 0x00, 0x03
}

EAPoL destination MAC address.

Definition at line 49 of file eapol.c.

Referenced by eapol_tx().

◆ __net_protocol

struct net_protocol eapol_protocol __net_protocol

Initial value:

= {
        .name = "EAPOL",
        .net_proto = htons ( ETH_P_EAPOL ),
        .rx = eapol_rx,
}

EAPoL protocol.

AoE protocol.

Definition at line 126 of file eapol.c.

◆ __eapol_handler

struct eapol_handler eapol_eap __eapol_handler

Initial value:

= {
        .type = EAPOL_TYPE_EAP,
        .rx = eapol_eap_rx,
}

EAPoL handler for EAP packets.

Definition at line 181 of file eapol.c.

Functions

Variables

Detailed Description

Function Documentation

◆ FILE_LICENCE()

◆ FILE_SECBOOT()

◆ eapol_rx()

◆ eapol_eap_rx()

◆ eapol_tx()

◆ eapol_eap_tx()

◆ eapol_expired()

◆ eapol_probe()

◆ eapol_notify()

Variable Documentation

◆ __net_driver

◆ eapol_mac

◆ __net_protocol

◆ __eapol_handler