diff options
| author | Johannes Berg <johannes.berg@intel.com> | 2019-05-28 10:56:03 +0200 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2019-06-14 14:12:01 +0200 |
| commit | 901bb9891855164fdcfcfdd9c3d25bcc800d3f5b (patch) | |
| tree | 74e0821a522ebb1f5bee4cb8df8705dd1a4442f3 /include | |
| parent | d7edf40c15e85b44c4bef146819b664089b827b1 (diff) | |
nl80211: require and validate vendor command policy
Require that each vendor command give a policy of its sub-attributes
in NL80211_ATTR_VENDOR_DATA, and then (stricly) check the contents,
including the NLA_F_NESTED flag that we couldn't check on the outer
layer because there we don't know yet.
It is possible to use VENDOR_CMD_RAW_DATA for raw data, but then no
nested data can be given (NLA_F_NESTED flag must be clear) and the
data is just passed as is to the command.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/net/cfg80211.h | 8 | ||||
| -rw-r--r-- | include/net/netlink.h | 9 |
2 files changed, 17 insertions, 0 deletions
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 20613b35afcd..7c4aa868e7a5 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -4170,6 +4170,8 @@ struct sta_opmode_info { u8 rx_nss; }; +#define VENDOR_CMD_RAW_DATA ((const struct nla_policy *)ERR_PTR(-ENODATA)) + /** * struct wiphy_vendor_command - vendor command definition * @info: vendor command identifying information, as used in nl80211 @@ -4180,6 +4182,10 @@ struct sta_opmode_info { * @dumpit: dump callback, for transferring bigger/multiple items. The * @storage points to cb->args[5], ie. is preserved over the multiple * dumpit calls. + * @policy: policy pointer for attributes within %NL80211_ATTR_VENDOR_DATA. + * Set this to %VENDOR_CMD_RAW_DATA if no policy can be given and the + * attribute is just raw data (e.g. a firmware command). + * @maxattr: highest attribute number in policy * It's recommended to not have the same sub command with both @doit and * @dumpit, so that userspace can assume certain ones are get and others * are used with dump requests. @@ -4192,6 +4198,8 @@ struct wiphy_vendor_command { int (*dumpit)(struct wiphy *wiphy, struct wireless_dev *wdev, struct sk_buff *skb, const void *data, int data_len, unsigned long *storage); + const struct nla_policy *policy; + unsigned int maxattr; }; /** diff --git a/include/net/netlink.h b/include/net/netlink.h index 395b4406f4b0..28ece67f5312 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h @@ -1755,6 +1755,15 @@ static inline int __nla_validate_nested(const struct nlattr *start, int maxtype, } static inline int +nl80211_validate_nested(const struct nlattr *start, int maxtype, + const struct nla_policy *policy, + struct netlink_ext_ack *extack) +{ + return __nla_validate_nested(start, maxtype, policy, + NL_VALIDATE_STRICT, extack); +} + +static inline int nla_validate_nested_deprecated(const struct nlattr *start, int maxtype, const struct nla_policy *policy, struct netlink_ext_ack *extack) |