[PATCH] P2P: Prevent p2p connect misuse

Arend van Spriel arend
Tue Dec 2 08:13:25 PST 2014 

On 12/02/14 12:29, Michal Kazior wrote:
> It was possible to request p2p_connect (and possibly other callers like
> p2p_prov_disc, and nfc-related stuff) on a different wpa_s context than
> its subsequent related events were processed in causing failures.
>
> For example with dedicated p2pdev wpa_s->create_p2p_iface could be set
> on, e.g. wlan1 but later wpas_go_neg_completed() was called for
> p2p-dev-wlan1 whose create_p2p_iface was 0. This ended up with wpa_s
> trying to use p2p-dev-wlan1 to associate (which isn't even a netdev).
>
> Steps to reproduce:
>
>   1. use driver with p2pdev
>   2. start wpa_s, let wlan0 connect
>   3. wpa_cli -i wlan0 p2p_find
>   4. wpa_cli -i wlan0 p2p_connect ..
>   5. p2p-dev-wlan0 tries to associate despite it's not even a netdev
>
> Obviously using p2p commands on non-main/p2p interface seems wrong and
> steps (3) and (4) should be using p2p-dev-wlan0 instead. Nevertheless it
> makes sense to prevent this misuse and warn the user in a sane way
> instead of performing a cascade of strange failures.

I thought steps (3) and (4) are global commands and would be forwarded 
to the (dedicated) p2p management interface.

Regards,
Arend

> Signed-off-by: Michal Kazior<michal.kazior at tieto.com>
> ---
>   wpa_supplicant/p2p_supplicant.c | 17 +++++++++++++++++
>   1 file changed, 17 insertions(+)
>
> diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
> index aac3a10..ad79d8a 100644
> --- a/wpa_supplicant/p2p_supplicant.c
> +++ b/wpa_supplicant/p2p_supplicant.c
> @@ -16,6 +16,7 @@
>   #include "common/wpa_ctrl.h"
>   #include "wps/wps_i.h"
>   #include "p2p/p2p.h"
> +#include "p2p/p2p_i.h"
>   #include "ap/hostapd.h"
>   #include "ap/ap_config.h"
>   #include "ap/sta_info.h"
> @@ -4927,6 +4928,7 @@ int wpas_p2p_connect(struct wpa_supplicant *wpa_s, const u8 *peer_addr,
>   		     int go_intent, int freq, int persistent_id, int pd,
>   		     int ht40, int vht)
>   {
> +	struct wpa_supplicant *p2p_wpa_s;
>   	int force_freq = 0, pref_freq = 0;
>   	int ret = 0, res;
>   	enum wpa_driver_if_type iftype;
> @@ -4936,6 +4938,21 @@ int wpas_p2p_connect(struct wpa_supplicant *wpa_s, const u8 *peer_addr,
>   	if (wpa_s->global->p2p_disabled || wpa_s->global->p2p == NULL)
>   		return -1;
>
> +	/*
> +	 * If P2P callbacks have different context than the trigger command
> +	 * they may behave incorrectly. Prevent that by issuing a warning and
> +	 * refusing to continue.
> +	 */
> +	p2p_wpa_s = wpa_s->global->p2p->cfg->cb_ctx;
> +	if (p2p_wpa_s == NULL)
> +		return -1; /* should not happen? */
> +
> +	if (p2p_wpa_s != wpa_s) {
> +		wpa_printf(MSG_WARNING, "P2P: Cannot connect via %s. Use %s instead",
> +			   wpa_s->ifname, p2p_wpa_s->ifname);
> +		return -1;
> +	}
> +
>   	if (persistent_id>= 0) {
>   		ssid = wpa_config_get_network(wpa_s->conf, persistent_id);
>   		if (ssid == NULL || ssid->disabled != 2 ||

More information about the Hostap mailing list