evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net/wireless
History
Dmitry Ivanov 56b8eaa38b nl80211: check netlink protocol in socket release notification 
commit 8f815cdde3e550e10c2736990d791f60c2ce43eb upstream.

A non-privileged user can create a netlink socket with the same port_id as
used by an existing open nl80211 netlink socket (e.g. as used by a hostapd
process) with a different protocol number.

Closing this socket will then lead to the notification going to nl80211's
socket release notification handler, and possibly cause an action such as
removing a virtual interface.

Fix this issue by checking that the netlink protocol is NETLINK_GENERIC.
Since generic netlink has no notifier chain of its own, we can't fix the
problem more generically.

Fixes: 026331c4d9 ("cfg80211/mac80211: allow registering for and sending action frames")
Signed-off-by: Dmitry Ivanov <dima@ubnt.com>
[rewrite commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-05-04 14:48:45 -07:00
..
.gitignore
ap.c
chan.c cfg80211: use RTNL locked reg_can_beacon for IR-relaxation 2015-07-17 15:02:02 +02:00
core.c cfg80211/wext: fix message ordering 2016-03-16 08:42:59 -07:00
core.h nl80211: allow BSS data to include CLOCK_BOOTTIME timestamp 2015-10-13 10:32:17 +02:00
db.txt
debugfs.c
debugfs.h
ethtool.c
genregdb.awk wireless: fixup genregdb.awk for remove of antenna gain from wireless-regd 2014-07-21 12:24:20 +02:00
ibss.c Lots of updates for net-next; along with the usual flurry 2015-03-31 16:39:04 -04:00
Kconfig cfg80211: reg: make CRDA support optional 2015-10-16 09:15:39 +02:00
lib80211.c lib80211: remove unused print_ssid() 2014-10-14 02:18:27 +02:00
lib80211_crypt_ccmp.c
lib80211_crypt_tkip.c
lib80211_crypt_wep.c
Makefile cfg80211: 802.11p OCB mode handling 2014-11-04 13:18:17 +01:00
mesh.c
mlme.c cfg80211: allow mgmt_frame_register callback to sleep 2015-07-17 15:38:26 +02:00
nl80211.c nl80211: check netlink protocol in socket release notification 2016-05-04 14:48:45 -07:00
nl80211.h cfg80211: allow wiphy specific regdomain management 2014-12-17 11:49:55 +01:00
ocb.c cfg80211: 802.11p OCB mode handling 2014-11-04 13:18:17 +01:00
radiotap.c
rdev-ops.h cfg80211: allow mgmt_frame_register callback to sleep 2015-07-17 15:38:26 +02:00
reg.c nl80211: fix a few memory leaks in reg.c 2015-12-15 13:08:02 +01:00
reg.h cfg80211: Stop calling crda if it is not responsive 2015-04-01 11:22:38 +02:00
regdb.h
scan.c cfg80211: Add multiple scan plans for scheduled scan 2015-10-13 10:35:26 +02:00
sme.c cfg80211: properly send NL80211_ATTR_DISCONNECTED_BY_AP in disconnect 2015-05-26 15:21:27 +02:00
sysfs.c cfg80211: Switch to PM ops 2015-05-20 15:00:12 +02:00
sysfs.h
trace.c
trace.h nl80211: allow BSS data to include CLOCK_BOOTTIME timestamp 2015-10-13 10:32:17 +02:00
util.c cfg80211: ignore netif running state when changing iftype 2015-05-29 13:05:40 +02:00
wext-compat.c cfg80211: wext: clear sinfo struct before calling driver 2015-06-09 13:54:58 -07:00
wext-compat.h cfg80211-wext: export symbols only when needed 2015-02-28 21:31:09 +01:00
wext-core.c cfg80211/wext: fix message ordering 2016-03-16 08:42:59 -07:00
wext-priv.c
wext-proc.c
wext-sme.c wireless: Use eth_<foo>_addr instead of memset 2015-03-03 17:01:38 -05:00
wext-spy.c