redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net/wireless
History
Miaoqing Pan b501426cf8 nl80211: fix null pointer dereference 
If the interface is not in MESH mode, the command 'iw wlanx mpath del'
will cause kernel panic.

The root cause is null pointer access in mpp_flush_by_proxy(), as the
pointer 'sdata->u.mesh.mpp_paths' is NULL for non MESH interface.

Unable to handle kernel NULL pointer dereference at virtual address 00000068
[...]
PC is at _raw_spin_lock_bh+0x20/0x5c
LR is at mesh_path_del+0x1c/0x17c [mac80211]
[...]
Process iw (pid: 4537, stack limit = 0xd83e0238)
[...]
[<c021211c>] (_raw_spin_lock_bh) from [<bf8c7648>] (mesh_path_del+0x1c/0x17c [mac80211])
[<bf8c7648>] (mesh_path_del [mac80211]) from [<bf6cdb7c>] (extack_doit+0x20/0x68 [compat])
[<bf6cdb7c>] (extack_doit [compat]) from [<c05c309c>] (genl_rcv_msg+0x274/0x30c)
[<c05c309c>] (genl_rcv_msg) from [<c05c25d8>] (netlink_rcv_skb+0x58/0xac)
[<c05c25d8>] (netlink_rcv_skb) from [<c05c2e14>] (genl_rcv+0x20/0x34)
[<c05c2e14>] (genl_rcv) from [<c05c1f90>] (netlink_unicast+0x11c/0x204)
[<c05c1f90>] (netlink_unicast) from [<c05c2420>] (netlink_sendmsg+0x30c/0x370)
[<c05c2420>] (netlink_sendmsg) from [<c05886d0>] (sock_sendmsg+0x70/0x84)
[<c05886d0>] (sock_sendmsg) from [<c0589f4c>] (___sys_sendmsg.part.3+0x188/0x228)
[<c0589f4c>] (___sys_sendmsg.part.3) from [<c058add4>] (__sys_sendmsg+0x4c/0x70)
[<c058add4>] (__sys_sendmsg) from [<c0208c80>] (ret_fast_syscall+0x0/0x44)
Code: e2822c02 e2822001 e5832004 f590f000 (e1902f9f)
---[ end trace bbd717600f8f884d ]---

Signed-off-by: Miaoqing Pan <miaoqing@codeaurora.org>
Link: https://lore.kernel.org/r/1569485810-761-1-git-send-email-miaoqing@codeaurora.org
[trim useless data from commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
 		2019-10-01 17:56:19 +02:00
..
certs
.gitignore
Kconfig lib80211: use crypto API ccm(aes) transform for CCMP processing 2019-07-26 13:22:47 +02:00
Makefile
ap.c
chan.c nl80211: Add support for EDMG channels 2019-08-21 11:07:35 +02:00
core.c cfg80211: always shut down on HW rfkill 2019-09-11 09:13:26 +02:00
core.h cfg80211: always shut down on HW rfkill 2019-09-11 09:13:26 +02:00
debugfs.c
debugfs.h
ethtool.c
ibss.c cfg80211: ibss: use 11a mandatory rates for 6GHz band operation 2019-08-21 10:54:57 +02:00
lib80211.c
lib80211_crypt_ccmp.c lib80211: use crypto API ccm(aes) transform for CCMP processing 2019-07-26 13:22:47 +02:00
lib80211_crypt_tkip.c
lib80211_crypt_wep.c
mesh.c
mlme.c
nl80211.c nl80211: fix null pointer dereference 2019-10-01 17:56:19 +02:00
nl80211.h
ocb.c
of.c
pmsr.c
radiotap.c
rdev-ops.h
reg.c cfg80211: initialize on-stack chandefs 2019-10-01 17:56:18 +02:00
reg.h
scan.c cfg80211: validate SSID/MBSSID element ordering assumption 2019-10-01 17:56:18 +02:00
sme.c
sysfs.c
sysfs.h
trace.c
trace.h cfg80211: add 6GHz in code handling array with NUM_NL80211_BANDS entries 2019-08-21 10:54:12 +02:00
util.c We have a number of changes, but things are settling down: 2019-09-11 14:57:17 +01:00
wext-compat.c cfg80211: initialize on-stack chandefs 2019-10-01 17:56:18 +02:00
wext-compat.h
wext-core.c
wext-priv.c
wext-proc.c
wext-sme.c
wext-spy.c