netdev: Implement interface filtering

2024-11-22 14:49:24 +01:00 · 2016-06-23 17:34:29 -05:00 · 2016-06-23 17:34:29 -05:00 · e76daf224c
commit e76daf224c
parent 0eee94a264
3 changed files with 51 additions and 3 deletions
--- a/src/main.c
+++ b/src/main.c
@ -107,7 +107,7 @@ static void nl80211_appeared(void *user_data)
 	if (!wiphy_init(nl80211))
 		l_error("Unable to init wiphy functionality");

-	if (!netdev_init(nl80211))
+	if (!netdev_init(nl80211, interfaces, nointerfaces))
 		l_error("Unable to init netdev functionality");

 	if (!scan_init(nl80211))
--- a/src/netdev.c
+++ b/src/netdev.c
@ -32,6 +32,7 @@
 #include <linux/if_ether.h>
 #include <sys/socket.h>
 #include <errno.h>
+#include <fnmatch.h>

 #include <ell/ell.h>

@ -82,6 +83,8 @@ struct netdev_watch {
 static struct l_netlink *rtnl = NULL;
 static struct l_genl_family *nl80211;
 static struct l_queue *netdev_list;
+static char **whitelist_filter;
+static char **blacklist_filter;

 static void do_debug(const char *str, void *user_data)
 {
@ -1175,6 +1178,38 @@ static void netdev_getlink_cb(int error, uint16_t type, const void *data,
 	netdev_newlink_notify(ifi, bytes);
 }

+static bool netdev_is_managed(const char *ifname)
+{
+	char *pattern;
+	unsigned int i;
+
+	if (!whitelist_filter)
+		goto check_blacklist;
+
+	for (i = 0; (pattern = whitelist_filter[i]); i++) {
+		if (fnmatch(pattern, ifname, 0) != 0)
+			continue;
+
+		goto check_blacklist;
+	}
+
+	l_debug("whitelist filtered ifname: %s", ifname);
+	return false;
+
+check_blacklist:
+	if (!blacklist_filter)
+		return true;
+
+	for (i = 0; (pattern = blacklist_filter[i]); i++) {
+		if (fnmatch(pattern, ifname, 0) == 0) {
+			l_debug("blacklist filtered ifname: %s", ifname);
+			return false;
+		}
+	}
+
+	return true;
+}
+
 static void netdev_get_interface_callback(struct l_genl_msg *msg,
 								void *user_data)
 {
@ -1258,6 +1293,11 @@ static void netdev_get_interface_callback(struct l_genl_msg *msg,
 		return;
 	}

+	if (!netdev_is_managed(ifname)) {
+		l_debug("interface %s filtered out", ifname);
+		return;
+	}
+
 	netdev = l_new(struct netdev, 1);
 	netdev->index = *ifindex;
 	netdev->type = *iftype;
@ -1410,7 +1450,8 @@ bool netdev_watch_remove(struct netdev *netdev, uint32_t id)
 	return true;
 }

-bool netdev_init(struct l_genl_family *in)
+bool netdev_init(struct l_genl_family *in,
+				const char *whitelist, const char *blacklist)
 {
 	struct l_genl_msg *msg;

@ -1457,6 +1498,12 @@ bool netdev_init(struct l_genl_family *in)
 	__eapol_set_deauthenticate_func(netdev_handshake_failed);
 	__eapol_set_rekey_offload_func(netdev_set_rekey_offload);

+	if (whitelist)
+		whitelist_filter = l_strsplit(whitelist, ',');
+
+	if (blacklist)
+		blacklist_filter = l_strsplit(blacklist, ',');
+
 	return true;
 }

--- a/src/netdev.h
+++ b/src/netdev.h
@ -74,5 +74,6 @@ uint32_t netdev_watch_add(struct netdev *netdev, netdev_watch_func_t func,
 				void *user_data);
 bool netdev_watch_remove(struct netdev *netdev, uint32_t id);

-bool netdev_init(struct l_genl_family *in);
+bool netdev_init(struct l_genl_family *in,
+				const char *whitelist, const char *blacklist);
 bool netdev_exit(void);