diff options
author | Johannes Berg <johannes@sipsolutions.net> | 2009-05-24 16:42:30 +0200 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2009-06-03 14:05:10 -0400 |
commit | 51b50fbeb574f581c0b112e035541f42fa3e604a (patch) | |
tree | 2e2b75a4863b7d9d9b8bcdd3cf56be66414d83bb /net/mac80211 | |
parent | 6b347bff145f9a8a0972ca8fc3c44dd1f91b0f16 (diff) | |
download | kernel-crypto-51b50fbeb574f581c0b112e035541f42fa3e604a.tar.gz kernel-crypto-51b50fbeb574f581c0b112e035541f42fa3e604a.tar.xz kernel-crypto-51b50fbeb574f581c0b112e035541f42fa3e604a.zip |
cfg80211: validate AID of stations being added
We have some validation code in mac80211 but said code will
force an invalid AID to 0 which isn't a valid AID either;
instead require a valid AID (1-2007) to be passed in from
userspace in cfg80211 already. Also move the code before
the race comment since it can only be executed during STA
addition and thus is not racy.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net/mac80211')
-rw-r--r-- | net/mac80211/cfg.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index 77e9ff5ec4f..cdfdb2eaad9 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -664,18 +664,19 @@ static void sta_apply_parameters(struct ieee80211_local *local, spin_unlock_bh(&sta->lock); /* + * cfg80211 validates this (1-2007) and allows setting the AID + * only when creating a new station entry + */ + if (params->aid) + sta->sta.aid = params->aid; + + /* * FIXME: updating the following information is racy when this * function is called from ieee80211_change_station(). * However, all this information should be static so * maybe we should just reject attemps to change it. */ - if (params->aid) { - sta->sta.aid = params->aid; - if (sta->sta.aid > IEEE80211_MAX_AID) - sta->sta.aid = 0; /* XXX: should this be an error? */ - } - if (params->listen_interval >= 0) sta->listen_interval = params->listen_interval; |