iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta() - linux

diff options

author	Andrei Otcheretianski <andrei.otcheretianski@intel.com>	2020-01-31 14:45:28 +0100
committer	Kalle Valo <kvalo@codeaurora.org>	2020-02-03 19:09:12 +0100
commit	12d47f0ea5e0aa63f19ba618da55a7c67850ca10 (patch)
tree	4c6a24195619729ffe8a6ec6b49f0e2d7e4554fa /ipc/msgutil.c
parent	iwlwifi: mvm: avoid use after free for pmsr request (diff)
download	linux-12d47f0ea5e0aa63f19ba618da55a7c67850ca10.tar.xz linux-12d47f0ea5e0aa63f19ba618da55a7c67850ca10.zip

iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta()

Fix a kernel panic by checking that the sta is not NULL. This could happen during a reconfig flow, as mac80211 moves the sta between all the states without really checking if the previous state was successfully set. So, if for some reason we failed to add back the station, subsequent calls to sta_state() callback will be done when the station is NULL. This would result in a following panic: BUG: unable to handle kernel NULL pointer dereference at 0000000000000040 IP: iwl_mvm_cfg_he_sta+0xfc/0x690 [iwlmvm] [..] Call Trace: iwl_mvm_mac_sta_state+0x629/0x6f0 [iwlmvm] drv_sta_state+0xf4/0x950 [mac80211] ieee80211_reconfig+0xa12/0x2180 [mac80211] ieee80211_restart_work+0xbb/0xe0 [mac80211] process_one_work+0x1e2/0x610 worker_thread+0x4d/0x3e0 [..] Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com> Signed-off-by: Luca Coelho <luciano.coelho@intel.com> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>

Diffstat (limited to 'ipc/msgutil.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: