Oops. Now that the patch is in the tree I took another, closer, look...
I think you should add an item to the nl80211 policy for
NL80211_ATTR_KEY_SEQ now, and restrict it to be exactly 6 bytes there
rather than silently ignoring it if it was a different length.
> --- uml.orig/net/wireless/nl80211.c 2009-05-11 21:39:26.000000000 +0300
> +++ uml/net/wireless/nl80211.c 2009-05-11 21:39:27.000000000 +0300
> @@ -1115,6 +1115,11 @@ static int nl80211_new_key(struct sk_buf
> params.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
> }
>
> + if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
> + params.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
> + params.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
> + }
Maybe it should also check the key type? At least you haven't
implemented using it with WEP.
> + if (seq && seq_len == 6) {
> + if (seq && seq_len == CCMP_PN_LEN) {
> + if (seq && seq_len == 6)
In any case then you could get rid of those == 6 checks.
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
