When user-space does not provide scheduled scan plans, ie. uses the
old scheduled scan API containing NL80211_ATTR_SCHED_SCAN_INTERVAL.
The interval value passed by user-space is validated against
struct wiphy::max_sched_scan_plan_interval and if it is exceeding
it the interval is set to struct wiphy::max_sched_scan_plan_interval.
However, when the driver does not set this limit the interval the
interval in the request will always be zero. Hence add a check to
see whether the driver set struct wiphy::max_sched_scan_plan_interval.
For the new API, ie. for scheduled scan plans, the interval validation
has been simalarly adjusted to assure the limit is non-zero.
Signed-off-by: Arend van Spriel <[email protected]>
---
net/wireless/nl80211.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 24ab199..e621554 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -6777,7 +6777,8 @@ static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
if (!request->scan_plans[0].interval)
return -EINVAL;
- if (request->scan_plans[0].interval >
+ if (wiphy->max_sched_scan_plan_interval &&
+ request->scan_plans[0].interval >
wiphy->max_sched_scan_plan_interval)
request->scan_plans[0].interval =
wiphy->max_sched_scan_plan_interval;
@@ -6801,7 +6802,10 @@ static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
request->scan_plans[i].interval =
nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]);
- if (!request->scan_plans[i].interval ||
+ if (!request->scan_plans[i].interval)
+ return -EINVAL;
+
+ if (wiphy->max_sched_scan_plan_interval &&
request->scan_plans[i].interval >
wiphy->max_sched_scan_plan_interval)
return -EINVAL;
--
1.9.1
On 22-11-2016 11:22, Arend van Spriel wrote:
> When user-space does not provide scheduled scan plans, ie. uses the
> old scheduled scan API containing NL80211_ATTR_SCHED_SCAN_INTERVAL.
> The interval value passed by user-space is validated against
> struct wiphy::max_sched_scan_plan_interval and if it is exceeding
> it the interval is set to struct wiphy::max_sched_scan_plan_interval.
> However, when the driver does not set this limit the interval the
> interval in the request will always be zero. Hence add a check to
> see whether the driver set struct wiphy::max_sched_scan_plan_interval.
>
> For the new API, ie. for scheduled scan plans, the interval validation
> has been simalarly adjusted to assure the limit is non-zero.
Actually turns out that max_sched_scan_plan_interval is always set in
wiphy_new_nm() which is used by all drivers so please drop this patch.
Regards,
Arend
> Signed-off-by: Arend van Spriel <[email protected]>
> ---
> net/wireless/nl80211.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index 24ab199..e621554 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -6777,7 +6777,8 @@ static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
> if (!request->scan_plans[0].interval)
> return -EINVAL;
>
> - if (request->scan_plans[0].interval >
> + if (wiphy->max_sched_scan_plan_interval &&
> + request->scan_plans[0].interval >
> wiphy->max_sched_scan_plan_interval)
> request->scan_plans[0].interval =
> wiphy->max_sched_scan_plan_interval;
> @@ -6801,7 +6802,10 @@ static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
>
> request->scan_plans[i].interval =
> nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]);
> - if (!request->scan_plans[i].interval ||
> + if (!request->scan_plans[i].interval)
> + return -EINVAL;
> +
> + if (wiphy->max_sched_scan_plan_interval &&
> request->scan_plans[i].interval >
> wiphy->max_sched_scan_plan_interval)
> return -EINVAL;
>
On Tue, 2016-11-22 at 14:12 +0100, Arend Van Spriel wrote:
> On 22-11-2016 11:22, Arend van Spriel wrote:
> > When user-space does not provide scheduled scan plans, ie. uses the
> > old scheduled scan API containing NL80211_ATTR_SCHED_SCAN_INTERVAL.
> > The interval value passed by user-space is validated against
> > struct wiphy::max_sched_scan_plan_interval and if it is exceeding
> > it the interval is set to struct wiphy::max_sched_scan_plan_interval.
> > However, when the driver does not set this limit the interval the
> > interval in the request will always be zero. Hence add a check to
> > see whether the driver set struct wiphy::max_sched_scan_plan_interval.
> >
> > For the new API, ie. for scheduled scan plans, the interval validation
> > has been simalarly adjusted to assure the limit is non-zero.
>
> Actually turns out that max_sched_scan_plan_interval is always set in
> wiphy_new_nm() which is used by all drivers so please drop this patch.
Right, I mixed mac80211 into the picture and got confused.
--
Luca.