From e76daf224c9a56b2878565dfff77bcce280fdcc4 Mon Sep 17 00:00:00 2001
From: Denis Kenzior <denkenz@gmail.com>
Date: Thu, 23 Jun 2016 17:34:29 -0500
Subject: [PATCH] netdev: Implement interface filtering

---
 src/main.c   |  2 +-
 src/netdev.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++++-
 src/netdev.h |  3 ++-
 3 files changed, 51 insertions(+), 3 deletions(-)

diff --git a/src/main.c b/src/main.c
index 8c4cbbdc..bc591db2 100644
--- a/src/main.c
+++ b/src/main.c
@@ -107,7 +107,7 @@ static void nl80211_appeared(void *user_data)
 	if (!wiphy_init(nl80211))
 		l_error("Unable to init wiphy functionality");
 
-	if (!netdev_init(nl80211))
+	if (!netdev_init(nl80211, interfaces, nointerfaces))
 		l_error("Unable to init netdev functionality");
 
 	if (!scan_init(nl80211))
diff --git a/src/netdev.c b/src/netdev.c
index e44ac3b0..247c7041 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -32,6 +32,7 @@
 #include <linux/if_ether.h>
 #include <sys/socket.h>
 #include <errno.h>
+#include <fnmatch.h>
 
 #include <ell/ell.h>
 
@@ -82,6 +83,8 @@ struct netdev_watch {
 static struct l_netlink *rtnl = NULL;
 static struct l_genl_family *nl80211;
 static struct l_queue *netdev_list;
+static char **whitelist_filter;
+static char **blacklist_filter;
 
 static void do_debug(const char *str, void *user_data)
 {
@@ -1175,6 +1178,38 @@ static void netdev_getlink_cb(int error, uint16_t type, const void *data,
 	netdev_newlink_notify(ifi, bytes);
 }
 
+static bool netdev_is_managed(const char *ifname)
+{
+	char *pattern;
+	unsigned int i;
+
+	if (!whitelist_filter)
+		goto check_blacklist;
+
+	for (i = 0; (pattern = whitelist_filter[i]); i++) {
+		if (fnmatch(pattern, ifname, 0) != 0)
+			continue;
+
+		goto check_blacklist;
+	}
+
+	l_debug("whitelist filtered ifname: %s", ifname);
+	return false;
+
+check_blacklist:
+	if (!blacklist_filter)
+		return true;
+
+	for (i = 0; (pattern = blacklist_filter[i]); i++) {
+		if (fnmatch(pattern, ifname, 0) == 0) {
+			l_debug("blacklist filtered ifname: %s", ifname);
+			return false;
+		}
+	}
+
+	return true;
+}
+
 static void netdev_get_interface_callback(struct l_genl_msg *msg,
 								void *user_data)
 {
@@ -1258,6 +1293,11 @@ static void netdev_get_interface_callback(struct l_genl_msg *msg,
 		return;
 	}
 
+	if (!netdev_is_managed(ifname)) {
+		l_debug("interface %s filtered out", ifname);
+		return;
+	}
+
 	netdev = l_new(struct netdev, 1);
 	netdev->index = *ifindex;
 	netdev->type = *iftype;
@@ -1410,7 +1450,8 @@ bool netdev_watch_remove(struct netdev *netdev, uint32_t id)
 	return true;
 }
 
-bool netdev_init(struct l_genl_family *in)
+bool netdev_init(struct l_genl_family *in,
+				const char *whitelist, const char *blacklist)
 {
 	struct l_genl_msg *msg;
 
@@ -1457,6 +1498,12 @@ bool netdev_init(struct l_genl_family *in)
 	__eapol_set_deauthenticate_func(netdev_handshake_failed);
 	__eapol_set_rekey_offload_func(netdev_set_rekey_offload);
 
+	if (whitelist)
+		whitelist_filter = l_strsplit(whitelist, ',');
+
+	if (blacklist)
+		blacklist_filter = l_strsplit(blacklist, ',');
+
 	return true;
 }
 
diff --git a/src/netdev.h b/src/netdev.h
index 2b9e5d83..aeb3003f 100644
--- a/src/netdev.h
+++ b/src/netdev.h
@@ -74,5 +74,6 @@ uint32_t netdev_watch_add(struct netdev *netdev, netdev_watch_func_t func,
 				void *user_data);
 bool netdev_watch_remove(struct netdev *netdev, uint32_t id);
 
-bool netdev_init(struct l_genl_family *in);
+bool netdev_init(struct l_genl_family *in,
+				const char *whitelist, const char *blacklist);
 bool netdev_exit(void);