On 22-11-2016 11:22, Arend van Spriel wrote: > When user-space does not provide scheduled scan plans, ie. uses the > old scheduled scan API containing NL80211_ATTR_SCHED_SCAN_INTERVAL. > The interval value passed by user-space is validated against > struct wiphy::max_sched_scan_plan_interval and if it is exceeding > it the interval is set to struct wiphy::max_sched_scan_plan_interval. > However, when the driver does not set this limit the interval the > interval in the request will always be zero. Hence add a check to > see whether the driver set struct wiphy::max_sched_scan_plan_interval. > > For the new API, ie. for scheduled scan plans, the interval validation > has been simalarly adjusted to assure the limit is non-zero. Actually turns out that max_sched_scan_plan_interval is always set in wiphy_new_nm() which is used by all drivers so please drop this patch. Regards, Arend > Signed-off-by: Arend van Spriel <arend.vanspriel@xxxxxxxxxxxx> > --- > net/wireless/nl80211.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c > index 24ab199..e621554 100644 > --- a/net/wireless/nl80211.c > +++ b/net/wireless/nl80211.c > @@ -6777,7 +6777,8 @@ static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info) > if (!request->scan_plans[0].interval) > return -EINVAL; > > - if (request->scan_plans[0].interval > > + if (wiphy->max_sched_scan_plan_interval && > + request->scan_plans[0].interval > > wiphy->max_sched_scan_plan_interval) > request->scan_plans[0].interval = > wiphy->max_sched_scan_plan_interval; > @@ -6801,7 +6802,10 @@ static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info) > > request->scan_plans[i].interval = > nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]); > - if (!request->scan_plans[i].interval || > + if (!request->scan_plans[i].interval) > + return -EINVAL; > + > + if (wiphy->max_sched_scan_plan_interval && > request->scan_plans[i].interval > > wiphy->max_sched_scan_plan_interval) > return -EINVAL; >
