evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net
History
Brian Norris af9fbec19c mac80211: don't WARN on short WMM parameters from AP 
commit 05aaa5c97dce4c10a9e7eae2f1569a684e0c5ced upstream.

In a very similar spirit to commit c470bdc1aaf3 ("mac80211: don't WARN
on bad WMM parameters from buggy APs"), an AP may not transmit a
fully-formed WMM IE. For example, it may miss or repeat an Access
Category. The above loop won't catch that and will instead leave one of
the four ACs zeroed out. This triggers the following warning in
drv_conf_tx()

  wlan0: invalid CW_min/CW_max: 0/0

and it may leave one of the hardware queues unconfigured. If we detect
such a case, let's just print a warning and fall back to the defaults.

Tested with a hacked version of hostapd, intentionally corrupting the
IEs in hostapd_eid_wmm().

Cc: stable@vger.kernel.org
Signed-off-by: Brian Norris <briannorris@chromium.org>
Link: https://lore.kernel.org/r/20190726224758.210953-1-briannorris@chromium.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-08-25 10:52:53 +02:00
..
6lowpan 6lowpan: iphc: reset mac_header after decompress to fix panic 2018-10-10 08:52:04 +02:00
9p 9p/virtio: Add cleanup path in p9_virtio_init 2019-08-04 09:34:51 +02:00
802
8021q vlan: disable SIOCSHWTSTAMP in container 2019-05-16 19:45:17 +02:00
appletalk appletalk: Fix use-after-free in atalk_proc_exit 2019-04-27 09:33:59 +02:00
atm net: atm: Fix potential Spectre v1 vulnerabilities 2019-04-27 09:33:59 +02:00
ax25 ax25: fix inconsistent lock state in ax25_destroy_timer 2019-06-22 08:18:25 +02:00
batman-adv batman-adv: fix for leaked TVLV handler. 2019-08-04 09:34:39 +02:00
bluetooth Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug 2019-08-04 09:34:53 +02:00
bridge net: bridge: delete local fdb on device init failure 2019-08-11 12:20:44 +02:00
caif net: caif: Add a missing rcu_read_unlock() in caif_flow_cb 2018-09-05 09:18:34 +02:00
can can: purge socket error queue on sock destruct 2019-07-10 09:56:33 +02:00
ceph libceph: handle an empty authorize reply 2019-03-23 08:44:18 +01:00
core net: fix ifindex collision during namespace removal 2019-08-11 12:20:44 +02:00
dcb net: dcb: For wild-card lookups, use priority -1, not 0 2018-09-19 22:48:58 +02:00
dccp dccp: do not use ipv6 header for ipv4 flow 2019-04-03 06:23:25 +02:00
decnet
dns_resolver
dsa net: dsa: slave: Don't propagate flag changes on down slave interfaces 2019-02-20 10:13:15 +01:00
ethernet
hsr net/hsr: fix possible crash in add_timer() 2019-03-23 08:44:31 +01:00
ieee802154 inet: frags: fix ip6frag_low_thresh boundary 2019-02-08 11:25:32 +01:00
ipv4 tcp: be more careful in tcp_fragment() 2019-08-11 12:20:43 +02:00
ipv6 ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt 2019-08-04 09:35:01 +02:00
ipx
irda irda: Only insert new objects into the global database via setsockopt 2018-09-15 09:40:40 +02:00
iucv af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers 2018-11-10 07:41:35 -08:00
key af_key: fix leaks in key_pol_get_resp and dump_sp. 2019-08-04 09:34:42 +02:00
l2tp compat_ioctl: pppoe: fix PPPOEIOCSFWD handling 2019-08-11 12:20:46 +02:00
l3mdev
lapb lapb: fixed leak of control-blocks. 2019-06-22 08:18:25 +02:00
llc llc: fix skb leak in llc_build_and_send_ui_pkt() 2019-06-11 12:24:06 +02:00
mac80211 mac80211: don't WARN on short WMM parameters from AP 2019-08-25 10:52:53 +02:00
mac802154 net: mac802154: tx: expand tailroom if necessary 2018-09-09 20:04:32 +02:00
mpls
netfilter netfilter: nfnetlink: avoid deadlock due to synchronous request_module 2019-08-25 10:52:46 +02:00
netlabel netlabel: check for IPV4MASK in addrinfo_get 2018-10-20 09:52:36 +02:00
netlink netlink: Don't shift on 64 for ngroups 2018-08-09 12:19:28 +02:00
netrom netrom: hold sock when setting skb->destructor 2019-08-04 09:34:54 +02:00
nfc nfc: fix potential illegal memory access 2019-08-04 09:34:54 +02:00
openvswitch openvswitch: fix flow actions reallocation 2019-04-27 09:33:54 +02:00
packet packet: Fix error path in packet_init 2019-05-16 19:45:17 +02:00
phonet phonet: fix building with clang 2019-03-23 08:44:34 +01:00
rds net: rds: fix memory leak in rds_ib_flush_mr_pool 2019-06-11 12:24:12 +02:00
rfkill
rose net: rose: fix a possible stack overflow 2019-04-03 06:23:25 +02:00
rxrpc
sched net: sched: Fix a possible null-pointer dereference in dequeue_func() 2019-08-11 12:20:45 +02:00
sctp sctp: change to hold sk after auth shkey is created successfully 2019-07-10 09:56:36 +02:00
sunrpc sunrpc: don't mark uninitialised items as VALID. 2019-05-16 19:44:44 +02:00
switchdev
tipc tipc: compat: allow tipc commands without arguments 2019-08-11 12:20:45 +02:00
unix missing barriers in some of unix_sock ->addr and ->path accesses 2019-03-23 08:44:31 +01:00
vmw_vsock vsock: cope with memory allocation failure at socket creation time 2019-02-23 09:05:13 +01:00
wimax
wireless cfg80211: fix memory leak of wiphy device name 2019-07-10 09:56:34 +02:00
x25 net/x25: fix a race in x25_bind() 2019-03-23 08:44:30 +01:00
xfrm xfrm: fix sa selector validation 2019-08-04 09:34:46 +02:00
compat.c sock: Make sock->sk_stamp thread-safe 2019-01-13 10:05:28 +01:00
Kconfig
Makefile
socket.c sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names 2019-03-23 08:44:21 +01:00
sysctl_net.c