From b14e8ea1d212c29e66af874047b345fa5d5bc6ac Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 5 Feb 2019 20:30:08 +0200 Subject: [PATCH] nl80211: Request kernel to trim off payload of netlink requests from acks We do not need such payload in the acknowledgment, so adding it uses resources unnecessarily. Furthermore, the original request can include key material (e.g., NL80211_ATTR_PMK). libnl does not explicitly clear this received message buffer and it would be inconvenient for wpa_supplicant/hostapd to try to clear it with the current libnl design where a duplicated buffer is actually passed to the callback. This means that keys might be left unnecessarily in heap memory. Avoid this by requesting the kernel not to copy back the request payload. Signed-off-by: Jouni Malinen --- src/drivers/driver_nl80211.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index a24497ff9..a5f5078c0 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -40,6 +40,9 @@ #include "driver_nl80211.h" +#ifndef NETLINK_CAP_ACK +#define NETLINK_CAP_ACK 10 +#endif /* NETLINK_CAP_ACK */ /* support for extack if compilation headers are too old */ #ifndef NETLINK_EXT_ACK #define NETLINK_EXT_ACK 11 @@ -406,6 +409,11 @@ static int send_and_recv(struct nl80211_global *global, setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK, NETLINK_EXT_ACK, &opt, sizeof(opt)); + /* try to set NETLINK_CAP_ACK to 1, ignoring errors */ + opt = 1; + setsockopt(nl_socket_get_fd(nl_handle), SOL_NETLINK, + NETLINK_CAP_ACK, &opt, sizeof(opt)); + err = nl_send_auto_complete(nl_handle, msg); if (err < 0) goto out;