AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-07 19:05:14 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
aed0fd4acd
linux_dsm_epyc7002/drivers/net/wireless/iwlwifi
History
Johannes Berg aed0fd4acd iwlagn: fix NULL ptr deref when reprogramming sta w/o LQ 
Reinette reports a crash in iwl_reprogram_ap_sta(). The
debugging shows:

  b1 16    mov    $0x16,%cl
 *f3 a5    rep movsl %ds     <-- trapping instruction:(%rsi),%es:(%rdi)

which is a memcpy of 22 (0x16) words (movsl). this points
to "priv->stations[sta_id].lq" being NULL since that is
the memcpy() of that size here.

The only way I see for this to happen is if we try to
do some RXON reprogramming while connecting to an AP,
after tx_sync() but before full setup, but that seems
like something that might very well happen.

Fix this by checking if the LQ is present and only then
reprogramming it.

Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-11 12:32:52 -05:00
..
iwl-1000.c iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-2000.c iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-5000.c iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-6000.c iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-agn-calib.c iwlagn: simplify chain_noise_num_beacons indirection 2011-09-19 15:58:29 -04:00
iwl-agn-calib.h
iwl-agn-hw.h iwlagn: remove 6000 hw header 2011-10-14 14:48:13 -04:00
iwl-agn-lib.c iwlagn: check for SMPS mode 2011-11-11 12:32:52 -05:00
iwl-agn-rs.c iwlagn: merge station management functions 2011-10-14 14:48:13 -04:00
iwl-agn-rs.h iwlagn: add missing include to iwl-agn-rs.h 2011-10-14 14:48:14 -04:00
iwl-agn-rx.c iwlagn: add P2P NoA to probe responses 2011-11-11 12:32:52 -05:00
iwl-agn-rxon.c iwlagn: check for SMPS mode 2011-11-11 12:32:52 -05:00
iwl-agn-sta.c iwlagn: fix NULL ptr deref when reprogramming sta w/o LQ 2011-11-11 12:32:52 -05:00
iwl-agn-tt.c iwlagn: remove Kelvin support 2011-09-27 14:34:08 -04:00
iwl-agn-tt.h iwlagn: clean up of transport layer 2011-09-14 13:56:37 -04:00
iwl-agn-tx.c iwlagn: add P2P NoA to probe responses 2011-11-11 12:32:52 -05:00
iwl-agn-ucode.c iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-agn.c iwlagn: add P2P NoA to probe responses 2011-11-11 12:32:52 -05:00
iwl-agn.h iwlagn: merge station management functions 2011-10-14 14:48:13 -04:00
iwl-bus.h iwlagn: remove drvdata support from bus layer 2011-09-19 16:10:10 -04:00
iwl-cfg.h iwlagn: Add "_d" sku to 105 series of devices 2011-10-14 14:48:11 -04:00
iwl-commands.h iwlagn: update wowlan API 2011-11-08 15:53:53 -05:00
iwl-core.c iwlwifi: don't perform "echo test" when cmd queue stuck 2011-11-02 15:23:13 -04:00
iwl-core.h iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-csr.h iwlwifi: HW rev for 105 and 135 series 2011-11-08 15:53:54 -05:00
iwl-debug.h iwlwifi: Suppress noisy syslog messages when RF_KILL switch engaged 2011-11-11 12:32:52 -05:00
iwl-debugfs.c iwlagn: kill hw_params.max_stations 2011-10-14 14:48:10 -04:00
iwl-dev.h iwlagn: add P2P NoA to probe responses 2011-11-11 12:32:52 -05:00
iwl-devtrace.c iwlagn: remove unnecessary type for tracing operations 2011-11-08 15:53:54 -05:00
iwl-devtrace.h iwlagn: remove unnecessary type for tracing operations 2011-11-08 15:53:54 -05:00
iwl-eeprom.c iwlagn: use kcalloc when possible for array allocation 2011-09-27 14:34:07 -04:00
iwl-eeprom.h iwlagn: use iwl_eeprom_calib_hdr structure 2011-09-19 16:10:10 -04:00
iwl-fh.h
iwl-io.c
iwl-io.h
iwl-led.c iwlagn: eliminate bus pointer from iwl_priv structure 2011-10-14 14:48:10 -04:00
iwl-led.h
iwl-pci.c iwlwifi: two more SKUs for 6x05 series 2011-11-11 12:32:52 -05:00
iwl-power.c iwlagn: eliminate bus pointer from iwl_priv structure 2011-10-14 14:48:10 -04:00
iwl-power.h
iwl-prph.h
iwl-scan.c iwlagn: use 6 Mbps rate for no-CCK scans 2011-11-08 15:53:56 -05:00
iwl-shared.h iwlagn: kill hw_params.max_stations 2011-10-14 14:48:10 -04:00
iwl-sv-open.c iwlagn: rename all the mac80211 callback functions 2011-10-14 14:48:12 -04:00
iwl-testmode.h
iwl-trans-pcie-int.h iwlagn: remove uneeded declaration 2011-09-21 16:19:43 -04:00
iwl-trans-pcie-rx.c iwlagn: move iwl_enable_rfkill_int and kill iwl-helpers.h 2011-10-14 14:48:13 -04:00
iwl-trans-pcie-tx.c iwlwifi: Suppress noisy syslog messages when RF_KILL switch engaged 2011-11-11 12:32:52 -05:00
iwl-trans-pcie.c iwlagn: fix the race in the unmapping of the HCMD 2011-11-02 15:23:10 -04:00
iwl-trans.c iwlagn: generically provide iwl_trans_send_cmd_pdu 2011-09-19 16:08:07 -04:00
iwl-trans.h iwlagn: simplify the iwl_device_cmd layout 2011-09-21 16:19:43 -04:00
Kconfig iwlwifi: update comments on how to enable debug flag 2011-10-14 14:48:12 -04:00
Makefile iwlagn: rename iwl-rx.c to iwl-agn-rx.c 2011-10-14 14:48:13 -04:00