LLC secure data duplicate check update and EAPOL relay duplicate fix

Store Unicast Data sequency number and drop all duplicates in 5 second period.

EAPOL realay duplicate filtter use normal neighbour info when it available.

Author: Juha Heiskanen

source/6LoWPAN/ws/ws_eapol_pdu.c

@@ -310,7 +310,7 @@ static void ws_eapol_pdu_mpx_data_indication(const mpx_api_t *api, const struct
 
     ns_list_foreach(eapol_pdu_recv_cb_t, entry, &eapol_pdu_data->recv_cb_list) {
         if (entry->addr_check(eapol_pdu_data->interface_ptr, data->SrcAddr) >= 0) {
-            if (entry->filter_requsted && !ws_llc_eapol_relay_forward_filter(eapol_pdu_data->interface_ptr, data->SrcAddr, data->DSN)) {
+            if (entry->filter_requsted && !ws_llc_eapol_relay_forward_filter(eapol_pdu_data->interface_ptr, data->SrcAddr, data->DSN, data->timestamp)) {
                 tr_info("EAPOL relay filter drop");
                 return;
             }

source/6LoWPAN/ws/ws_llc.h

@@ -226,7 +226,7 @@ void ws_llc_hopping_schedule_config(struct protocol_interface_info_entry *interf
 
 void ws_llc_timer_seconds(struct protocol_interface_info_entry *interface, uint16_t seconds_update);
 
-bool ws_llc_eapol_relay_forward_filter(struct protocol_interface_info_entry *interface, const uint8_t *joiner_eui64, uint8_t mac_sequency);
+bool ws_llc_eapol_relay_forward_filter(struct protocol_interface_info_entry *interface, const uint8_t *joiner_eui64, uint8_t mac_sequency, uint32_t rx_timestamp);
 
 ws_neighbor_temp_class_t *ws_llc_get_multicast_temp_entry(struct protocol_interface_info_entry *interface, const uint8_t *mac64);
 

source/6LoWPAN/ws/ws_llc_data_service.c

@@ -648,6 +648,11 @@ static void ws_llc_data_indication_cb(const mac_api_t *api, const mcps_data_ind_
         }
     }
 
+    if (!multicast && !ws_neighbor_class_neighbor_duplicate_packet_check(neighbor_info.ws_neighbor, data->DSN, data->timestamp)) {
+        tr_info("Drop duplicate message");
+        return;
+    }
+
     ws_neighbor_class_neighbor_unicast_time_info_update(neighbor_info.ws_neighbor, &ws_utt, data->timestamp);
     if (us_ie_inline) {
         ws_neighbor_class_neighbor_unicast_schedule_set(neighbor_info.ws_neighbor, &us_ie);
@@ -1674,7 +1679,7 @@ void ws_llc_timer_seconds(struct protocol_interface_info_entry *interface, uint1
     }
 }
 
-bool ws_llc_eapol_relay_forward_filter(struct protocol_interface_info_entry *interface, const uint8_t *joiner_eui64, uint8_t mac_sequency)
+bool ws_llc_eapol_relay_forward_filter(struct protocol_interface_info_entry *interface, const uint8_t *joiner_eui64, uint8_t mac_sequency, uint32_t rx_timestamp)
 {
     llc_data_base_t *base = ws_llc_discover_by_interface(interface);
     if (!base) {
@@ -1683,7 +1688,12 @@ bool ws_llc_eapol_relay_forward_filter(struct protocol_interface_info_entry *int
 
     ws_neighbor_temp_class_t *neighbor = ws_llc_discover_eapol_temp_entry(base->temp_entries, joiner_eui64);
     if (!neighbor) {
-        return false;
+        llc_neighbour_req_t neighbor_info;
+        //Discover here Normal Neighbour
+        if (!base->ws_neighbor_info_request_cb(interface, joiner_eui64, &neighbor_info, false)) {
+            return false;
+        }
+        return ws_neighbor_class_neighbor_duplicate_packet_check(neighbor_info.ws_neighbor, mac_sequency, rx_timestamp);
     }
 
     if (neighbor->eapol_temp_info.eapol_rx_relay_filter && neighbor->eapol_temp_info.last_rx_mac_sequency == mac_sequency) {

source/6LoWPAN/ws/ws_neighbor_class.c

@@ -322,5 +322,32 @@ void ws_neighbor_class_rsl_out_calculate(ws_neighbor_class_entry_t *ws_neighbor,
     return;
 }
 
+
+bool ws_neighbor_class_neighbor_duplicate_packet_check(ws_neighbor_class_entry_t *ws_neighbor, uint8_t mac_dsn, uint32_t rx_timestamp)
+{
+    if (ws_neighbor->last_DSN != mac_dsn) {
+        // New packet allways accepted
+        ws_neighbor->last_DSN = mac_dsn;
+        return true;
+    }
+
+    if (!ws_neighbor->unicast_data_rx) {
+        // No unicast info stored always accepted
+        return true;
+    }
+
+    rx_timestamp -= ws_neighbor->fhss_data.uc_timing_info.utt_rx_timestamp;
+    rx_timestamp /= 1000000; //Convert to s
+
+    //Compare only when last rx timestamp is less than 5 seconds
+    if (rx_timestamp < 5) {
+        //Packet is sent too fast filter it out
+        return false;
+    }
+
+    return true;
+}
+
+
 #endif /* HAVE_WS */
 

source/6LoWPAN/ws/ws_neighbor_class.h

@@ -28,6 +28,7 @@ typedef struct ws_neighbor_class_entry {
     uint16_t rsl_in;                                       /*!< RSL EWMA heard from neighbour*/
     uint16_t rsl_out;                                      /*!< RSL EWMA heard by neighbour*/
     uint16_t routing_cost;                                 /*!< ETX to border Router. */
+    uint8_t last_DSN;
     bool candidate_parent: 1;
     bool broadcast_timing_info_stored: 1;
     bool broadcast_shedule_info_stored: 1;
@@ -181,4 +182,6 @@ void ws_neighbor_class_rsl_in_calculate(ws_neighbor_class_entry_t *ws_neighbor,
  */
 void ws_neighbor_class_rsl_out_calculate(ws_neighbor_class_entry_t *ws_neighbor, uint8_t rsl_reported);
 
+bool ws_neighbor_class_neighbor_duplicate_packet_check(ws_neighbor_class_entry_t *ws_neighbor, uint8_t mac_dsn, uint32_t rx_timestamp);
+
 #endif /* WS_NEIGHBOR_CLASS_H_ */

test/nanostack/unittest/stub/ws_neighbour_class_stub.c

@@ -110,3 +110,8 @@ void ws_neighbor_class_rsl_out_calculate(ws_neighbor_class_entry_t *ws_neighbor,
 
 }
 
+bool ws_neighbor_class_neighbor_duplicate_packet_check(ws_neighbor_class_entry_t *ws_neighbor, uint8_t mac_dsn, uint32_t rx_timestamp)
+{
+    return true;
+}
+