Suspected bad cade in prism2_ioctl_giwencodeext()

[Jean Tourrilhes]

	Hi Jouni,

	I suspect the following bit of code does not work.

-----------------------------------------------------
static int prism2_ioctl_giwencodeext(struct net_device *dev,
				     struct iw_request_info *info,
				     struct iw_point *erq, char *extra)
{
[...]
	struct iw_encode_ext *ext = (struct iw_encode_ext *) extra;
[...]
	addr = ext->addr.sa_data;
	if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff &&
	    addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) {
-----------------------------------------------------

	For the GET requests, only the 'struct iw_point' part of the
request is passed from user-space to kernel, on the other hand 'extra'
is never passed from user-space to kernel. So, in the code above, you
have garbage in extra at the start of the function, and therefore
garbage in 'addr'.
	Moreover, I don't know how it is supposed to work in user
space. If I want to list all the keys, I must do an exhaustive search
in all the possible MAC addresses ? Because I don't see a way for
userspace to 'guess' which MAC addresses are used or not.

	The reason why this all came up is that I've finally
implemented SIOCGIWENCODEEXT in the wireless tools (29-pre10, iwlist
wpakeys). While testing agains various drivers, I realised that I was
not getting any useful results.
	I checked in wpa_supplicant, and it does not seem to implement
those functions.
	I believe we have an API definition issue. There could be
various way to deal with that, but, as you designed the API, I want to
get your feedback first.

	Have fun...

	Jean