From nobody Sun May 24 23:29:00 2026 Received: from mail-qk1-f177.google.com (mail-qk1-f177.google.com [209.85.222.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 40A1D3E8C79 for ; Wed, 20 May 2026 14:16:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779286617; cv=none; b=RAeom8HeHeTJ6l1P0pOegInljl3JOMgBikldBYor5cghy5PHbtQxrXeNlAMEVUaqofv2Q6IEqDS3ekSw2bUPMVCYnXwpmsKkEWJcXuJQADzwbKM5Wg+Q0b3EQvbBii0N9anNmMo4J34tdFjeZKVba49cgTa1dfQX8lbDZUWV4Rc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779286617; c=relaxed/simple; bh=0brtW1b95iw24iU58TPlwkxsh9ivQXA9CUxrYavu3oI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=TbuPc65CVcg66UjYii8ShEUga3J0baGv6Zyh4H82qCklh9mLk79ztwJpkOapRtSz2drFBOIDjqViSCwC0YhwkS8plN4Vo8TX507JnY545O898PfnkX5zBSsV4ksDK/p0ttApu9nNggU1+ylspNUzTEsh/4Z/d4Oq4rarT9HpwdI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=dBn9GBjK; arc=none smtp.client-ip=209.85.222.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="dBn9GBjK" Received: by mail-qk1-f177.google.com with SMTP id af79cd13be357-90ea08cc5ceso829770285a.2 for ; Wed, 20 May 2026 07:16:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779286615; x=1779891415; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K5DoMls1QAAyY4rhECCtO93CkScQuRF+sIDiF9nKy1o=; b=dBn9GBjKI9agw7Zu2/r9sEQ13fv0qvbbsPfCjhlbV00v8pSxc1w/tPTYuOQqj/b1fc uWcvDrnMhAoannevMg9FhpL9N03CZ0JQN7gljnWGpEX9BC/R34OP120xYhGYMNeL0kY9 g11o2TATmtQWvZ2Xmwz+v4Czrx8Dp44ZTSIPJm/J5Q4+mhHLM1zKrJs53/6O0NNTwGSj Qvr/WBq7+wU5M1KoYwtFVPLcuKGlTce5GF3cBquUYYBN6g0HJh4taGrD9A9wpYX1Hvtj m01jY3ueUZFohKAOGnbPw4TBFS4rKA57uZDHovg2Od1glXISDnYZ/Uw9R6KJwA7GAUa7 YLIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779286615; x=1779891415; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=K5DoMls1QAAyY4rhECCtO93CkScQuRF+sIDiF9nKy1o=; b=igB3Jw5edpLVBHzwycuql/HHKo8n/Jw1abEAhpn4FaXrT63DvN27dDZatVogaHaL47 2JOJUZkucCv4YNPmyj1BVVpbnmWgXLFjthPMr46vyJMyFjR6GL70G6sA1ktJLpvm7UHN lNxqZGCZt7j86WijCsBGsqQ1lYmoKA7ik2tniCrBiHTaog7wSL/IAWxB462dXiHKkf30 F0PdDG5ZJunEW6unU5nHgmZWkVl355pl+7wxjF7TcTRxMb1/ccGlsKqF/xy9myVfp+l/ Czz/DE91KYjoHIu+4WzTPTLKVqSoGMCQMctGk/x7pwhFgaLb9K37M3VmK+RBLW2SfIuE xzsQ== X-Forwarded-Encrypted: i=1; AFNElJ8XBA6H8PnyPoO0IRIn1C0mjhODRdOcrOV+l5IFc1wntCEZxQfkoHLEZHyHsGXtOTMBhQ6qDIF23UtAgD4=@vger.kernel.org X-Gm-Message-State: AOJu0YzYFd5QJaNGOXUnv+T3OKYA9XzHGEXv1sksKZLZWrEi9Lq7dLUM lmy9zpAJ27qvdWfZgmR3NUqSUOud7eaMLElkcYY94MTzlRho6Z7q5JSA X-Gm-Gg: Acq92OHykEPyzqTUEdGR3ehfizM6zhIY/nK6wMDz7ipA9eHpiJgSSSsPlk2iWO2g+br BcD1gObAmp0qfUvBWS3YO0N5pwci67TwLXC/PgfgTH8H4sjBmOfpLcYzSqCG/kAnZ41PErHcGyi jUvxcMdBNjrdyI41rcVD/Zp7CZA5eYGMnnmOtlfrLPWl/jHx9TTSge1bGUChmd7z/a1RSH2qlf5 M6or6qR9Tmc0/sEQxrSFfLZioZWGtN4qO0hPq2FOb3X4Cr+8+1djvx5f98da0C7SE8dMd8nNftT HPcgIc3LtORtYKHRhQKavfC6waQFVkhahMs+guNUIxOssCvILv7Y0vfD9Sus5WEMKGvb73eD9/3 wpfiuqJMWRO4bhBEQu9UPqeNLve+r459LSI7N7mKzpisksqAbydGH+N8EkNpDwjqr9kmm+msYTj eZoE3tLAkSe0PRitijzjzwZv6+ZouwrcvgOI+7GCVRNP1OzNI5en2y4RH0xG6ryU8Qj91wPOHb8 07PtZtWvmw+YDJAHZrl X-Received: by 2002:a05:620a:298d:b0:909:b197:4692 with SMTP id af79cd13be357-911d1335796mr3440636085a.62.1779286615084; Wed, 20 May 2026 07:16:55 -0700 (PDT) Received: from server0 (c-68-48-65-54.hsd1.mi.comcast.net. [68.48.65.54]) by smtp.gmail.com with ESMTPSA id af79cd13be357-910ba463814sm2138952485a.5.2026.05.20.07.16.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 May 2026 07:16:54 -0700 (PDT) From: Michael Bommarito To: Alexander Aring , Stefan Schmidt , Miquel Raynal Cc: "David S . Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Phoebe Buckheister , linux-wpan@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH net 1/2] ieee802154: admin-gate legacy LLSEC dump operations Date: Wed, 20 May 2026 10:16:39 -0400 Message-ID: <20260520141640.1149513-2-michael.bommarito@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260520141640.1149513-1-michael.bommarito@gmail.com> References: <20260520141640.1149513-1-michael.bommarito@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In net/ieee802154/netlink.c, the legacy IEEE802154_NL family ops table builds the LLSEC dump entries (LLSEC_LIST_KEY, LLSEC_LIST_DEV, LLSEC_LIST_DEVKEY, LLSEC_LIST_SECLEVEL) with IEEE802154_DUMP() which sets no .flags, so generic netlink runs them ungated. The modern nl802154 family admin-gates the equivalent reads via NL802154_CMD_GET_SEC_KEY and friends with .flags =3D GENL_ADMIN_PERM. Any local uid that can open AF_NETLINK / NETLINK_GENERIC can resolve the "802.15.4 MAC" family and dump LLSEC_LIST_KEY on any wpan netdev that has an LLSEC key installed; the dump handler writes the raw 16-byte AES-128 key bytes (IEEE802154_ATTR_LLSEC_KEY_BYTES, copied verbatim from struct ieee802154_llsec_key.key) into the reply. Recovering the AES key compromises 802.15.4 LLSEC link confidentiality and authenticity, since LLSEC uses CCM* and the same key authenticates and encrypts frames. Impact: any local uid with no capabilities can read the raw 16-byte AES-128 LLSEC key from the kernel keytable on any wpan netdev that has an administrator-installed LLSEC key, by issuing an LLSEC_LIST_KEY dump on the legacy IEEE802154_NL generic-netlink family. Introduce IEEE802154_DUMP_PRIV() mirroring IEEE802154_DUMP() but setting .flags =3D GENL_ADMIN_PERM, and use it for the four LLSEC dump entries. LIST_PHY and LIST_IFACE retain IEEE802154_DUMP() because the modern nl802154 family exposes their equivalents to unprivileged readers by design (NL802154_CMD_GET_WPAN_PHY and NL802154_CMD_GET_INTERFACE carry "can be retrieved by unprivileged users" annotations). Fixes: 3e9c156e2c21 ("ieee802154: add netlink interfaces for llsec") Cc: stable@vger.kernel.org Assisted-by: Claude:claude-opus-4-7 Signed-off-by: Michael Bommarito --- net/ieee802154/ieee802154.h | 8 ++++++++ net/ieee802154/netlink.c | 16 ++++++++-------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/net/ieee802154/ieee802154.h b/net/ieee802154/ieee802154.h index c5d91f78301ad..fd9778f705503 100644 --- a/net/ieee802154/ieee802154.h +++ b/net/ieee802154/ieee802154.h @@ -23,6 +23,14 @@ void ieee802154_nl_exit(void); .dumpit =3D _dump, \ } =20 +#define IEEE802154_DUMP_PRIV(_cmd, _func, _dump) \ + { \ + .cmd =3D _cmd, \ + .doit =3D _func, \ + .dumpit =3D _dump, \ + .flags =3D GENL_ADMIN_PERM, \ + } + struct genl_info; =20 struct sk_buff *ieee802154_nl_create(int flags, u8 req); diff --git a/net/ieee802154/netlink.c b/net/ieee802154/netlink.c index 7d2de4ee6992b..9c9fd14d0ca8b 100644 --- a/net/ieee802154/netlink.c +++ b/net/ieee802154/netlink.c @@ -98,20 +98,20 @@ static const struct genl_small_ops ieee802154_ops[] =3D= { IEEE802154_OP(IEEE802154_SET_MACPARAMS, ieee802154_set_macparams), IEEE802154_OP(IEEE802154_LLSEC_GETPARAMS, ieee802154_llsec_getparams), IEEE802154_OP(IEEE802154_LLSEC_SETPARAMS, ieee802154_llsec_setparams), - IEEE802154_DUMP(IEEE802154_LLSEC_LIST_KEY, NULL, - ieee802154_llsec_dump_keys), + IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_KEY, NULL, + ieee802154_llsec_dump_keys), IEEE802154_OP(IEEE802154_LLSEC_ADD_KEY, ieee802154_llsec_add_key), IEEE802154_OP(IEEE802154_LLSEC_DEL_KEY, ieee802154_llsec_del_key), - IEEE802154_DUMP(IEEE802154_LLSEC_LIST_DEV, NULL, - ieee802154_llsec_dump_devs), + IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_DEV, NULL, + ieee802154_llsec_dump_devs), IEEE802154_OP(IEEE802154_LLSEC_ADD_DEV, ieee802154_llsec_add_dev), IEEE802154_OP(IEEE802154_LLSEC_DEL_DEV, ieee802154_llsec_del_dev), - IEEE802154_DUMP(IEEE802154_LLSEC_LIST_DEVKEY, NULL, - ieee802154_llsec_dump_devkeys), + IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_DEVKEY, NULL, + ieee802154_llsec_dump_devkeys), IEEE802154_OP(IEEE802154_LLSEC_ADD_DEVKEY, ieee802154_llsec_add_devkey), IEEE802154_OP(IEEE802154_LLSEC_DEL_DEVKEY, ieee802154_llsec_del_devkey), - IEEE802154_DUMP(IEEE802154_LLSEC_LIST_SECLEVEL, NULL, - ieee802154_llsec_dump_seclevels), + IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_SECLEVEL, NULL, + ieee802154_llsec_dump_seclevels), IEEE802154_OP(IEEE802154_LLSEC_ADD_SECLEVEL, ieee802154_llsec_add_seclevel), IEEE802154_OP(IEEE802154_LLSEC_DEL_SECLEVEL, --=20 2.53.0 From nobody Sun May 24 23:29:00 2026 Received: from mail-vs1-f53.google.com (mail-vs1-f53.google.com [209.85.217.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7FB303E8337 for ; Wed, 20 May 2026 14:16:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.217.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779286620; cv=none; b=dZEgD9MMZmWxMNgMjzcLOzwFaHmU/FpzvyGw8B2Xp+XnILT46yJwWigrWCiIE8o1IJTSfPgN2rGLpfuLCkjzvxC6vGR1GOJPyQpuI73ag7v7wc68ICjRaD6dxyq/a/1X9ZLD7nIFghUVzACe0Ix0o0YA4N9hpO4EagENwVr6b1w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779286620; c=relaxed/simple; bh=WjKqJkiCTtmvejCIJSk2+o8+CaSQCH4dCt3cUySSNT4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Opw8NV7o8lHnP3T1rM/OIMWeRMbYR3s5WZi6Bb+FxxGeRrrt7uVOyNH2PdP/qjqQaqo69nAs4DVls80iWJMXAbKRZOhZkOfV4vD4q3TjZ+2txD4yRbDrt/KaWVLYDXFhhm6TCqONZZ7t9m9NNovSdI3K7hTxPwT/dRg6W6cXWwU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=WVQyWPAT; arc=none smtp.client-ip=209.85.217.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WVQyWPAT" Received: by mail-vs1-f53.google.com with SMTP id ada2fe7eead31-6314cff521aso1594501137.2 for ; Wed, 20 May 2026 07:16:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779286616; x=1779891416; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rx7r4Y10liUqwimwJdlvRGNK/vx0KHWn1LAYPWA617s=; b=WVQyWPATep/Iwv/N0fjKzeadrtnVzQp0seoFvJBZam/ptuvhzMcGrSIdjsdAHi5gAi 6NRIkIE7zMI06DbifRdAjjhcs8G4cQteNNB791/qKH5GPtekoTgyY+r20//OeqFWz9Mp HNEudbUCzaVJ9nFQfkiIkYb8uKR4Ec9n/cJco+NypUUaztJeK9cqJrDahlPR5aKW598d q6qAcDEokJE1vtPhBit+iPRgkcOOgCHqE+TDocLUPPUi3ezk7t+xnavEDVi1gg7lbMyH FXm52GznWG9hTdzSnGWxUYwAUuCCGdU+Ln4nzYhyT0EVEg00A9AIjdjXyIWU2EFfiWbT ObYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779286616; x=1779891416; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=rx7r4Y10liUqwimwJdlvRGNK/vx0KHWn1LAYPWA617s=; b=jOny2Jza/p76uKn+nUhVT3oc6bQ6Jaja5Gqn4oq7X2vmKRz+kLAMRPuTgU/2StwKBG lGhieUgwt1q+8u+bX8phXle2iO5K6TmwjO6wqenRpjHt3NKd6+8CIwOPQXIT+tO+rEP0 RULePeqklXWsak8BnEZdCTHYUV5yks5oUeR2nYEvXOyv6tWuUqHTLWpeFyaJKAiuok8q oMQmnKg0+Fxx0xY7bXkuHjTUKS/PHkPi6rWfRIbfuSA1slDWqmf7aladk2+hDTjmUH9h aDGSdFQnhGRskQ70JtaqxWToctAdbR14Pp3Yjv1reKxQ/23jEVbDtVCT4jJWF0y1bUHw NvZA== X-Forwarded-Encrypted: i=1; AFNElJ+ZxW13jw95D9lXeHDBvZisiXULrpztukqjrCeV7uOCcaLgcYJip+a6/3gfF7wDExhBUB58SErDytjj3xc=@vger.kernel.org X-Gm-Message-State: AOJu0Yzd38VYN3zjOOBTUbIEvJgO8rPJPqhXLXTm+tNi9W+CrHpOfVcL x30vpAXM+nYy2M0nlFl/c3fb2XaixfFG1YuPSiZaId7TAAHXMzNRkdWSvkk8fg67 X-Gm-Gg: Acq92OGhuQ1gDIVmHFg3RAxXniR0HKXTFwAfSGibE01ORnK+P/7NmCDghKJSE1FmVbG jhoD9YqmN8zWs6aTvBAaHlHZBG3RhjSPnDHDFD2pUzflXirxiNPWGG0gbBv9CNZMz/Z8/bTN3Nm 0K9kZ+bBXbG1w4qrAij1bmDgIkj9FUpgy9PffqSIMQijh/eK9KceQ8FjjEJoNQLhBmoD1iZQme5 fY0HsYrtKrmZN1oKNfey1Aw7oAId1j2dva4g2BhcSEeluV3T3SDBBaVgukPTOKtnEbY38OsRnSW XIUXAQC3U7cvGx4vmKM0Pba2hB1qWI/eZCnioc49H+lkCyqjUycUHLQXhgayXIFUKxqirGqk5m8 WwVbH3NFLIxIETmRhu7eGdnv0tmG05fnd2mtR6eyMOc98uEHsQxEPS/TLqyUDFzXLQjCZ397xJf TATDhVFMNAHl3NmAMrGK77Nd+xiggy+gJWD23tscvJ2i6RZtQQioi7kK2FkpgiQQSROg/+jvFke K5gutDlRnWMDKXzjh4hT+wj7gOcfII= X-Received: by 2002:a67:e105:0:b0:611:61d3:819c with SMTP id ada2fe7eead31-63a3cf120a2mr11450388137.10.1779286616271; Wed, 20 May 2026 07:16:56 -0700 (PDT) Received: from server0 (c-68-48-65-54.hsd1.mi.comcast.net. [68.48.65.54]) by smtp.gmail.com with ESMTPSA id af79cd13be357-910ba463814sm2138952485a.5.2026.05.20.07.16.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 May 2026 07:16:55 -0700 (PDT) From: Michael Bommarito To: Alexander Aring , Stefan Schmidt , Miquel Raynal Cc: "David S . Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Phoebe Buckheister , linux-wpan@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH net 2/2] ieee802154: allow legacy LLSEC ADD/DEL ops to pass strict validation Date: Wed, 20 May 2026 10:16:40 -0400 Message-ID: <20260520141640.1149513-3-michael.bommarito@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260520141640.1149513-1-michael.bommarito@gmail.com> References: <20260520141640.1149513-1-michael.bommarito@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The LLSEC ADD/DEL doit handlers under the legacy IEEE802154_NL family consume IEEE802154_ATTR_LLSEC_KEY_BYTES and IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS, both declared in net/ieee802154/nl_policy.c as bare length entries with no .type (defaulting to NLA_UNSPEC). Generic netlink strict validation rejects all NLA_UNSPEC attributes via validate_nla(), so every LLSEC_ADD_KEY, LLSEC_DEL_KEY, LLSEC_ADD_DEV, LLSEC_DEL_DEV, LLSEC_ADD_DEVKEY, LLSEC_DEL_DEVKEY, LLSEC_ADD_SECLEVEL, and LLSEC_DEL_SECLEVEL request fails at the dispatcher with "Unsupported attribute" before reaching the handler. The doit path has been silently dead since strict validation became the default for genl families that do not opt out. The dump path is unaffected because dump requests carry no LLSEC attributes to validate, which is why the LLSEC_LIST_KEY read remained reachable (patch 1/2). Introduce IEEE802154_OP_RELAXED() mirroring IEEE802154_OP() but with .validate =3D GENL_DONT_VALIDATE_STRICT, and use it for the eight legacy LLSEC mutate ops so admin-driven LLSEC configuration via the legacy interface works again. Fixes: 3e9c156e2c21 ("ieee802154: add netlink interfaces for llsec") Cc: stable@vger.kernel.org Assisted-by: Claude:claude-opus-4-7 Signed-off-by: Michael Bommarito --- net/ieee802154/ieee802154.h | 9 +++++++++ net/ieee802154/netlink.c | 20 ++++++++++---------- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/net/ieee802154/ieee802154.h b/net/ieee802154/ieee802154.h index fd9778f705503..e765adc4b88f2 100644 --- a/net/ieee802154/ieee802154.h +++ b/net/ieee802154/ieee802154.h @@ -16,6 +16,15 @@ void ieee802154_nl_exit(void); .flags =3D GENL_ADMIN_PERM, \ } =20 +#define IEEE802154_OP_RELAXED(_cmd, _func) \ + { \ + .cmd =3D _cmd, \ + .doit =3D _func, \ + .dumpit =3D NULL, \ + .flags =3D GENL_ADMIN_PERM, \ + .validate =3D GENL_DONT_VALIDATE_STRICT,\ + } + #define IEEE802154_DUMP(_cmd, _func, _dump) \ { \ .cmd =3D _cmd, \ diff --git a/net/ieee802154/netlink.c b/net/ieee802154/netlink.c index 9c9fd14d0ca8b..cacad21347eca 100644 --- a/net/ieee802154/netlink.c +++ b/net/ieee802154/netlink.c @@ -100,22 +100,22 @@ static const struct genl_small_ops ieee802154_ops[] = =3D { IEEE802154_OP(IEEE802154_LLSEC_SETPARAMS, ieee802154_llsec_setparams), IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_KEY, NULL, ieee802154_llsec_dump_keys), - IEEE802154_OP(IEEE802154_LLSEC_ADD_KEY, ieee802154_llsec_add_key), - IEEE802154_OP(IEEE802154_LLSEC_DEL_KEY, ieee802154_llsec_del_key), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_ADD_KEY, ieee802154_llsec_add_key), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_DEL_KEY, ieee802154_llsec_del_key), IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_DEV, NULL, ieee802154_llsec_dump_devs), - IEEE802154_OP(IEEE802154_LLSEC_ADD_DEV, ieee802154_llsec_add_dev), - IEEE802154_OP(IEEE802154_LLSEC_DEL_DEV, ieee802154_llsec_del_dev), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_ADD_DEV, ieee802154_llsec_add_dev), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_DEL_DEV, ieee802154_llsec_del_dev), IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_DEVKEY, NULL, ieee802154_llsec_dump_devkeys), - IEEE802154_OP(IEEE802154_LLSEC_ADD_DEVKEY, ieee802154_llsec_add_devkey), - IEEE802154_OP(IEEE802154_LLSEC_DEL_DEVKEY, ieee802154_llsec_del_devkey), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_ADD_DEVKEY, ieee802154_llsec_add_d= evkey), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_DEL_DEVKEY, ieee802154_llsec_del_d= evkey), IEEE802154_DUMP_PRIV(IEEE802154_LLSEC_LIST_SECLEVEL, NULL, ieee802154_llsec_dump_seclevels), - IEEE802154_OP(IEEE802154_LLSEC_ADD_SECLEVEL, - ieee802154_llsec_add_seclevel), - IEEE802154_OP(IEEE802154_LLSEC_DEL_SECLEVEL, - ieee802154_llsec_del_seclevel), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_ADD_SECLEVEL, + ieee802154_llsec_add_seclevel), + IEEE802154_OP_RELAXED(IEEE802154_LLSEC_DEL_SECLEVEL, + ieee802154_llsec_del_seclevel), }; =20 static const struct genl_multicast_group ieee802154_mcgrps[] =3D { --=20 2.53.0