Re: [PATCH] net: mac80211: cfg: enforce sanity checks for key_index in ieee80211_del_key()

From: Johannes Berg
Date: Tue Dec 01 2020 - 07:57:04 EST

Next message: Brendan Jackman: "Re: [PATCH v2 bpf-next 12/13] bpf: Add tests for new BPF atomic operations"
Previous message: Peter Zijlstra: "Re: [PATCH v5 07/16] completion: drop init_completion define"
In reply to: Anant Thazhemadam: "Re: [PATCH] net: mac80211: cfg: enforce sanity checks for key_index in ieee80211_del_key()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2020-12-01 at 18:15 +0530, Anant Thazhemadam wrote:
>
> cfg80211_supported_cipher_suite(&rdev->wiphy, params->cipher) returned
> false, and thus it worked for the syzbot reproducer.
> Would it be a safer idea to enforce the conditions that I initially put (in
> ieee80211_del_key()) directly in cfg80211_validate_key_settings() itself - by
> updating max_key_index, and checking accordingly?

Yes, I think so. But similarly to cfg80211_validate_key_settings() it
should look at the device capabilities (beacon protection, etc.)

Thanks!
johannes

Next message: Brendan Jackman: "Re: [PATCH v2 bpf-next 12/13] bpf: Add tests for new BPF atomic operations"
Previous message: Peter Zijlstra: "Re: [PATCH v5 07/16] completion: drop init_completion define"
In reply to: Anant Thazhemadam: "Re: [PATCH] net: mac80211: cfg: enforce sanity checks for key_index in ieee80211_del_key()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]