linux_dsm_epyc7002/net/mac80211
Johannes Berg 14f46c1e51 mac80211: fix use of skb payload instead of header
When ieee80211_skb_resize() is called from ieee80211_build_hdr()
the skb has no 802.11 header yet, in fact it consist only of the
payload as the ethernet frame is removed. As such, we're using
the payload data for ieee80211_is_mgmt(), which is of course
completely wrong. This didn't really hurt us because these are
always data frames, so we could only have added more tailroom
than we needed if we determined it was a management frame and
sdata->crypto_tx_tailroom_needed_cnt was false.

However, syzbot found that of course there need not be any payload,
so we're using at best uninitialized memory for the check.

Fix this to pass explicitly the kind of frame that we have instead
of checking there, by replacing the "bool may_encrypt" argument
with an argument that can carry the three possible states - it's
not going to be encrypted, it's a management frame, or it's a data
frame (and then we check sdata->crypto_tx_tailroom_needed_cnt).

Reported-by: syzbot+32fd1a1bfe355e93f1e2@syzkaller.appspotmail.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Link: https://lore.kernel.org/r/20201009132538.e1fd7f802947.I799b288466ea2815f9d4c84349fae697dca2f189@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-10-30 10:03:48 +01:00
..
aead_api.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
aead_api.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_ccm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_cmac.c mac80211: Update BIP to support Beacon frames 2020-02-24 10:36:03 +01:00
aes_cmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_gcm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_gmac.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
aes_gmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
agg-rx.c net: mac80211: agg-rx.c: fix duplicated words 2020-08-27 11:23:08 +02:00
agg-tx.c mac80211: accept aggregation sessions on 6 GHz 2020-05-31 11:27:16 +02:00
airtime.c mac80211: add AQL support for VHT160 tx rates 2020-09-18 11:36:03 +02:00
cfg.c mac80211: copy configured beacon tx rate to driver 2020-10-08 12:26:35 +02:00
chan.c mac80211: get correct default channel width for S1G 2020-09-28 13:53:05 +02:00
debug.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_key.c mac80211: Support BIGTK configuration for Beacon protection 2020-02-24 10:35:57 +01:00
debugfs_key.h mac80211: Support BIGTK configuration for Beacon protection 2020-02-24 10:35:57 +01:00
debugfs_netdev.c cfg80211/mac80211: add connected to auth server to meshconf 2020-07-31 09:24:24 +02:00
debugfs_netdev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_sta.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2020-03-29 21:25:29 -07:00
debugfs_sta.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs.c mac80211: rework tx encapsulation offload API 2020-09-18 12:02:57 +02:00
debugfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
driver-ops.c mac80211: don't warn about CW params when not using them 2019-07-20 21:40:32 +02:00
driver-ops.h mac80211: notify the driver when a sta uses 4-address mode 2020-09-18 12:16:16 +02:00
ethtool.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 432 2019-06-05 17:37:16 +02:00
fils_aead.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
fils_aead.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
he.c mac80211: use HE 6 GHz band capability and pass it to the driver 2020-05-31 11:27:03 +02:00
ht.c mac80211: Use fallthrough pseudo-keyword 2020-07-31 09:24:23 +02:00
ibss.c mac80211: support S1G association 2020-09-28 14:09:07 +02:00
ieee80211_i.h mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
iface.c mac80211: use new function dev_fetch_sw_netstats 2020-10-13 17:33:49 -07:00
Kconfig treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
key.c mac80211: rework tx encapsulation offload API 2020-09-18 12:02:57 +02:00
key.h mac80211: Support BIGTK configuration for Beacon protection 2020-02-24 10:35:57 +01:00
led.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
led.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
main.c mac80211: rename csa counters to countdown counters 2020-08-27 14:12:15 +02:00
Makefile mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
mesh_hwmp.c mac80211: swap NEED_TXPROCESSING and HW_80211_ENCAP tx flags 2020-09-18 12:13:06 +02:00
mesh_pathtbl.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-08-02 01:02:12 -07:00
mesh_plink.c mac80211: fix some more kernel-doc in mesh 2020-09-28 14:36:53 +02:00
mesh_ps.c mac80211: fix some more kernel-doc in mesh 2020-09-28 14:36:53 +02:00
mesh_sync.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
mesh.c mac80211: rename csa counters to countdown counters 2020-08-27 14:12:15 +02:00
mesh.h mac80211: add HE 6 GHz Band Capability element 2020-05-31 11:26:39 +02:00
michael.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
michael.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
mlme.c mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
ocb.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
offchannel.c mac80211: Inform AP when returning operating channel 2020-09-28 13:18:53 +02:00
pm.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rate.c mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
rate.h mac80211: populate debugfs only after cfg80211 init 2020-04-24 11:30:13 +02:00
rc80211_minstrel_debugfs.c mac80211: minstrel_ht: rename prob_ewma to prob_avg, use it for the new average 2019-10-11 10:31:45 +02:00
rc80211_minstrel_ht_debugfs.c mac80211: minstrel_ht: rename prob_ewma to prob_avg, use it for the new average 2019-10-11 10:31:45 +02:00
rc80211_minstrel_ht.c One batch of changes, containing: 2020-05-26 20:17:35 -07:00
rc80211_minstrel_ht.h mac80211: minstrel_ht: rename prob_ewma to prob_avg, use it for the new average 2019-10-11 10:31:45 +02:00
rc80211_minstrel.c mac80211: minstrel_ht: rename prob_ewma to prob_avg, use it for the new average 2019-10-11 10:31:45 +02:00
rc80211_minstrel.h mac80211: minstrel_ht: rename prob_ewma to prob_avg, use it for the new average 2019-10-11 10:31:45 +02:00
rx.c mac80211: receive and process S1G beacons 2020-09-28 14:01:00 +02:00
s1g.c mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
scan.c mac80211: convert S1G beacon to scan results 2020-09-28 13:53:25 +02:00
spectmgmt.c mac80211: avoid using ext NSS high BW if not supported 2020-05-31 11:26:50 +02:00
sta_info.c mac80211: handle lack of sband->bitrates in rates 2020-10-08 10:33:54 +02:00
sta_info.h mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
status.c mac80211: fix regression in sta connection monitor 2020-09-28 14:19:55 +02:00
tdls.c mac80211: Use fallthrough pseudo-keyword 2020-07-31 09:24:23 +02:00
tkip.c mac80211: Fix TKIP replay protection immediately after key setup 2020-01-15 09:52:12 +01:00
tkip.h Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
trace_msg.h mac80211: Increase MAX_MSG_LEN 2019-03-29 11:20:36 +01:00
trace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.h mac80211: notify the driver when a sta uses 4-address mode 2020-09-18 12:16:16 +02:00
tx.c mac80211: fix use of skb payload instead of header 2020-10-30 10:03:48 +01:00
util.c mac80211: Support not iterating over not-sdata-in-driver ifaces 2020-09-28 15:05:53 +02:00
vht.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-09-22 16:45:34 -07:00
wep.c mac80211: make ieee80211_wep_init() return void 2020-02-07 12:40:34 +01:00
wep.h mac80211: make ieee80211_wep_init() return void 2020-02-07 12:40:34 +01:00
wme.c mac80211: Use fallthrough pseudo-keyword 2020-07-31 09:24:23 +02:00
wme.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
wpa.c mac80211: add IEEE80211_KEY_FLAG_GENERATE_MMIE to ieee80211_key_flags 2019-07-26 16:14:12 +02:00
wpa.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00