kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   e29bba71fdbec3dcf0c3a1d3fb45eccec0c713f0
  2.   patches.kernel.org
  3.   6.2.11-018-wifi-mac80211-fix-invalid-drv_sta_pre_rcu_remo.patch
Blob Blame History Raw 
From: Felix Fietkau <nbd@nbd.name>
Date: Fri, 24 Mar 2023 13:09:24 +0100
Subject: [PATCH] wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for
 non-uploaded sta
References: bsc#1012628
Patch-mainline: 6.2.11
Git-commit: 12b220a6171faf10638ab683a975cadcf1a352d6

[ Upstream commit 12b220a6171faf10638ab683a975cadcf1a352d6 ]

Avoid potential data corruption issues caused by uninitialized driver
private data structures.

Reported-by: Brian Coverstone <brian@mainsequence.net>
Fixes: 6a9d1b91f34d ("mac80211: add pre-RCU-sync sta removal driver operation")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Link: https://lore.kernel.org/r/20230324120924.38412-3-nbd@nbd.name
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
---
 net/mac80211/sta_info.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 34cb833d..39731ef5 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -1261,7 +1261,8 @@ static int __must_check __sta_info_destroy_part1(struct sta_info *sta)
 	list_del_rcu(&sta->list);
 	sta->removed = true;
 
-	drv_sta_pre_rcu_remove(local, sta->sdata, sta);
+	if (sta->uploaded)
+		drv_sta_pre_rcu_remove(local, sta->sdata, sta);
 
 	if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN &&
 	    rcu_access_pointer(sdata->u.vlan.sta) == sta)
-- 
2.35.3
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.