cfg80211: validate remain-on-channel time better
The remain-on-channel time validation shouldn't depend on the value of HZ, as it does now with the check against jiffies, since then you might use a value that works on one system but not on another. Fix it by checking against a minimum that's fixed. Also add validation of the wait duration for a management frame TX since this also translates into remain-on-channel internally. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
This commit is contained in:
Johannes Berg
John W. Linville
Родитель
ccaf8c32d5
Коммит
ebf348fcd0
|
|
@ -1522,6 +1522,8 @@ enum nl80211_attrs {
|
|||
#define NL80211_MAX_NR_CIPHER_SUITES 5
|
||||
#define NL80211_MAX_NR_AKM_SUITES 2
|
||||
|
||||
#define NL80211_MIN_REMAIN_ON_CHANNEL_TIME 10
|
||||
|
||||
/**
|
||||
* enum nl80211_iftype - (virtual) interface types
|
||||
*
|
||||
|
|
|
|||
|
|
@ -5545,18 +5545,18 @@ static int nl80211_remain_on_channel(struct sk_buff *skb,
|
|||
|
||||
duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
|
||||
|
||||
/*
|
||||
* We should be on that channel for at least one jiffie,
|
||||
* and more than 5 seconds seems excessive.
|
||||
*/
|
||||
if (!duration || !msecs_to_jiffies(duration) ||
|
||||
duration > rdev->wiphy.max_remain_on_channel_duration)
|
||||
return -EINVAL;
|
||||
|
||||
if (!rdev->ops->remain_on_channel ||
|
||||
!(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
/*
|
||||
* We should be on that channel for at least a minimum amount of
|
||||
* time (10ms) but no longer than the driver supports.
|
||||
*/
|
||||
if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
|
||||
duration > rdev->wiphy.max_remain_on_channel_duration)
|
||||
return -EINVAL;
|
||||
|
||||
if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE] &&
|
||||
!nl80211_valid_channel_type(info, &channel_type))
|
||||
return -EINVAL;
|
||||
|
|
@ -5827,6 +5827,15 @@ static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
|
|||
if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
|
||||
return -EINVAL;
|
||||
wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
|
||||
|
||||
/*
|
||||
* We should wait on the channel for at least a minimum amount
|
||||
* of time (10ms) but no longer than the driver supports.
|
||||
*/
|
||||
if (wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
|
||||
wait > rdev->wiphy.max_remain_on_channel_duration)
|
||||
return -EINVAL;
|
||||
|
||||
}
|
||||
|
||||
if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче