Author: avos
Date: Sun Feb 10 20:26:12 2019
New Revision: 343973
URL: https://svnweb.freebsd.org/changeset/base/343973
Log:
MFC r343837:
net80211(4): validate supplied roam:rate values from ifconfig(8)
Modified:
stable/10/sys/net80211/ieee80211_ioctl.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/sys/net80211/ieee80211_ioctl.c
==============================================================================
--- stable/10/sys/net80211/ieee80211_ioctl.c Sun Feb 10 20:25:45 2019
(r343972)
+++ stable/10/sys/net80211/ieee80211_ioctl.c Sun Feb 10 20:26:12 2019
(r343973)
@@ -2141,18 +2141,6 @@ ieee80211_ioctl_setregdomain(struct ieee80211vap *vap,
}
static int
-ieee80211_ioctl_setroam(struct ieee80211vap *vap,
- const struct ieee80211req *ireq)
-{
- if (ireq->i_len != sizeof(vap->iv_roamparms))
- return EINVAL;
- /* XXX validate params */
- /* XXX? ENETRESET to push to device? */
- return copyin(ireq->i_data, vap->iv_roamparms,
- sizeof(vap->iv_roamparms));
-}
-
-static int
checkrate(const struct ieee80211_rateset *rs, int rate)
{
int i;
@@ -2176,6 +2164,69 @@ checkmcs(int mcs)
}
static __noinline int
+ieee80211_ioctl_setroam(struct ieee80211vap *vap,
+ const struct ieee80211req *ireq)
+{
+ struct ieee80211com *ic = vap->iv_ic;
+ struct ieee80211_roamparams_req *parms;
+ struct ieee80211_roamparam *src, *dst;
+ const struct ieee80211_rateset *rs;
+ int changed, error, mode, is11n, nmodes;
+
+ if (ireq->i_len != sizeof(vap->iv_roamparms))
+ return EINVAL;
+
+ parms = malloc(sizeof(*parms), M_TEMP, M_NOWAIT | M_ZERO);
+ if (parms == NULL)
+ return ENOMEM;
+
+ error = copyin(ireq->i_data, parms, ireq->i_len);
+ if (error != 0)
+ goto fail;
+
+ changed = 0;
+ nmodes = IEEE80211_MODE_MAX;
+
+ /* validate parameters and check if anything changed */
+ for (mode = IEEE80211_MODE_11A; mode < nmodes; mode++) {
+ if (isclr(ic->ic_modecaps, mode))
+ continue;
+ src = &parms->params[mode];
+ dst = &vap->iv_roamparms[mode];
+ rs = &ic->ic_sup_rates[mode]; /* NB: 11n maps to legacy */
+ is11n = (mode == IEEE80211_MODE_11NA ||
+ mode == IEEE80211_MODE_11NG);
+ if (src->rate != dst->rate) {
+ if (!checkrate(rs, src->rate) &&
+ (!is11n || !checkmcs(src->rate))) {
+ error = EINVAL;
+ goto fail;
+ }
+ changed++;
+ }
+ if (src->rssi != dst->rssi)
+ changed++;
+ }
+ if (changed) {
+ /*
+ * Copy new parameters in place and notify the
+ * driver so it can push state to the device.
+ */
+ /* XXX locking? */
+ for (mode = IEEE80211_MODE_11A; mode < nmodes; mode++) {
+ if (isset(ic->ic_modecaps, mode))
+ vap->iv_roamparms[mode] = parms->params[mode];
+ }
+
+ if (vap->iv_roaming == IEEE80211_ROAMING_DEVICE)
+ error = ERESTART;
+ }
+
+fail: free(parms, M_TEMP);
+ return error;
+}
+
+static int
ieee80211_ioctl_settxparams(struct ieee80211vap *vap,
const struct ieee80211req *ireq)
{
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
