[PATCH] P2P: Prevent p2p connect misuse

Michal Kazior michal.kazior
Tue Dec 2 03:29:50 PST 2014 

It was possible to request p2p_connect (and possibly other callers like
p2p_prov_disc, and nfc-related stuff) on a different wpa_s context than
its subsequent related events were processed in causing failures.

For example with dedicated p2pdev wpa_s->create_p2p_iface could be set
on, e.g. wlan1 but later wpas_go_neg_completed() was called for
p2p-dev-wlan1 whose create_p2p_iface was 0. This ended up with wpa_s
trying to use p2p-dev-wlan1 to associate (which isn't even a netdev).

Steps to reproduce:

 1. use driver with p2pdev
 2. start wpa_s, let wlan0 connect
 3. wpa_cli -i wlan0 p2p_find
 4. wpa_cli -i wlan0 p2p_connect ..
 5. p2p-dev-wlan0 tries to associate despite it's not even a netdev

Obviously using p2p commands on non-main/p2p interface seems wrong and
steps (3) and (4) should be using p2p-dev-wlan0 instead. Nevertheless it
makes sense to prevent this misuse and warn the user in a sane way
instead of performing a cascade of strange failures.

Signed-off-by: Michal Kazior <michal.kazior at tieto.com>
---
 wpa_supplicant/p2p_supplicant.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index aac3a10..ad79d8a 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -16,6 +16,7 @@
 #include "common/wpa_ctrl.h"
 #include "wps/wps_i.h"
 #include "p2p/p2p.h"
+#include "p2p/p2p_i.h"
 #include "ap/hostapd.h"
 #include "ap/ap_config.h"
 #include "ap/sta_info.h"
@@ -4927,6 +4928,7 @@ int wpas_p2p_connect(struct wpa_supplicant *wpa_s, const u8 *peer_addr,
 		     int go_intent, int freq, int persistent_id, int pd,
 		     int ht40, int vht)
 {
+	struct wpa_supplicant *p2p_wpa_s;
 	int force_freq = 0, pref_freq = 0;
 	int ret = 0, res;
 	enum wpa_driver_if_type iftype;
@@ -4936,6 +4938,21 @@ int wpas_p2p_connect(struct wpa_supplicant *wpa_s, const u8 *peer_addr,
 	if (wpa_s->global->p2p_disabled || wpa_s->global->p2p == NULL)
 		return -1;
 
+	/*
+	 * If P2P callbacks have different context than the trigger command
+	 * they may behave incorrectly. Prevent that by issuing a warning and
+	 * refusing to continue.
+	 */
+	p2p_wpa_s = wpa_s->global->p2p->cfg->cb_ctx;
+	if (p2p_wpa_s == NULL)
+		return -1; /* should not happen? */
+
+	if (p2p_wpa_s != wpa_s) {
+		wpa_printf(MSG_WARNING, "P2P: Cannot connect via %s. Use %s instead",
+			   wpa_s->ifname, p2p_wpa_s->ifname);
+		return -1;
+	}
+
 	if (persistent_id >= 0) {
 		ssid = wpa_config_get_network(wpa_s->conf, persistent_id);
 		if (ssid == NULL || ssid->disabled != 2 ||
-- 
1.8.5.3

More information about the Hostap mailing list