Re: [PATCH] wifi: nl80211: require admin perm on SET_PMK / DEL_PMK

Next message: Thorsten Leemhuis: "Re: [Patch] PCI/MSI: Handle lack of irqdomain gracefully"
Previous message: Tung Quang Nguyen: "RE: [PATCH v2 1/1] tipc: fix double-free in tipc_buf_append()"
In reply to: Johannes Berg: "Re: [PATCH] wifi: nl80211: require admin perm on SET_PMK / DEL_PMK"
Next in thread: Arend van Spriel: "Re: [PATCH] wifi: nl80211: require admin perm on SET_PMK / DEL_PMK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Arend van Spriel

Date: Wed Apr 22 2026 - 04:49:20 EST

On 22/04/2026 08:23, Johannes Berg wrote:

On Tue, 2026-04-21 at 18:45 -0400, Michael Bommarito wrote:

Both ops were introduced without a .flags gate, so the generic
netlink layer dispatches them to an unprivileged caller instead
of rejecting with -EPERM at the permission check. Every other
connection-state op in the adjacent block (CONNECT, ASSOCIATE,
AUTHENTICATE, SET_KEY, ...) carries GENL_UNS_ADMIN_PERM; SET_PMK
/ DEL_PMK were introduced without the flag in 2017 and left
unchanged by later refactors. Johannes checked the original
Intel submission history and confirmed there is no admin check
in any prior revision either, so this seems likely to be a
simple oversight rather than an intentional carve-out.

FWIW, this submission did originally come from Avi, but we no longer
have a driver using it (it was never upstream anyway), so that now the
only affected driver is brcmfmac, AFAICT (other non-upstream drivers I
wouldn't know, of course.)

Arend, it does seem like the right thing to do here, but I wanted to
confirm with you and thus asked Michael to CC you, what do you think?

I agree. I saw the patch earlier this morning and acked the patch just now.

Regards,
Arend