nl80211: use element finding functions

The element finding functions are safer, so use them
instead of the "find_ie" functions.

Link: https://lore.kernel.org/r/20210930131130.b838f139cc8e.I2b641262d3fc6e0d498719bf343fdc1c0833b845@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 3f37e4d..e72efe1 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -5338,21 +5338,21 @@ nl80211_parse_unsol_bcast_probe_resp(struct cfg80211_registered_device *rdev,
 }
 
 static void nl80211_check_ap_rate_selectors(struct cfg80211_ap_settings *params,
-                                           const u8 *rates)
+                                           const struct element *rates)
 {
        int i;
 
        if (!rates)
                return;
 
-       for (i = 0; i < rates[1]; i++) {
-               if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
+       for (i = 0; i < rates->datalen; i++) {
+               if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
                        params->ht_required = true;
-               if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY)
+               if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY)
                        params->vht_required = true;
-               if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_HE_PHY)
+               if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HE_PHY)
                        params->he_required = true;
-               if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_SAE_H2E)
+               if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_SAE_H2E)
                        params->sae_h2e_required = true;
        }
 }
@@ -5367,27 +5367,27 @@ static void nl80211_calculate_ap_params(struct cfg80211_ap_settings *params)
        const struct cfg80211_beacon_data *bcn = &params->beacon;
        size_t ies_len = bcn->tail_len;
        const u8 *ies = bcn->tail;
-       const u8 *rates;
-       const u8 *cap;
+       const struct element *rates;
+       const struct element *cap;
 
-       rates = cfg80211_find_ie(WLAN_EID_SUPP_RATES, ies, ies_len);
+       rates = cfg80211_find_elem(WLAN_EID_SUPP_RATES, ies, ies_len);
        nl80211_check_ap_rate_selectors(params, rates);
 
-       rates = cfg80211_find_ie(WLAN_EID_EXT_SUPP_RATES, ies, ies_len);
+       rates = cfg80211_find_elem(WLAN_EID_EXT_SUPP_RATES, ies, ies_len);
        nl80211_check_ap_rate_selectors(params, rates);
 
-       cap = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, ies, ies_len);
-       if (cap && cap[1] >= sizeof(*params->ht_cap))
-               params->ht_cap = (void *)(cap + 2);
-       cap = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, ies, ies_len);
-       if (cap && cap[1] >= sizeof(*params->vht_cap))
-               params->vht_cap = (void *)(cap + 2);
-       cap = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len);
-       if (cap && cap[1] >= sizeof(*params->he_cap) + 1)
-               params->he_cap = (void *)(cap + 3);
-       cap = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_OPERATION, ies, ies_len);
-       if (cap && cap[1] >= sizeof(*params->he_oper) + 1)
-               params->he_oper = (void *)(cap + 3);
+       cap = cfg80211_find_elem(WLAN_EID_HT_CAPABILITY, ies, ies_len);
+       if (cap && cap->datalen >= sizeof(*params->ht_cap))
+               params->ht_cap = (void *)cap->data;
+       cap = cfg80211_find_elem(WLAN_EID_VHT_CAPABILITY, ies, ies_len);
+       if (cap && cap->datalen >= sizeof(*params->vht_cap))
+               params->vht_cap = (void *)cap->data;
+       cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len);
+       if (cap && cap->datalen >= sizeof(*params->he_cap) + 1)
+               params->he_cap = (void *)(cap->data + 1);
+       cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_OPERATION, ies, ies_len);
+       if (cap && cap->datalen >= sizeof(*params->he_oper) + 1)
+               params->he_oper = (void *)(cap->data + 1);
 }
 
 static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev,