From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: JaeMan Park <jaeman@google.com>,
Johannes Berg <johannes.berg@intel.com>,
Sasha Levin <sashal@kernel.org>,
johannes@sipsolutions.net, kvalo@kernel.org, davem@davemloft.net,
kuba@kernel.org, linux-wireless@vger.kernel.org,
netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 5.16 03/30] mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
Date: Tue, 22 Feb 2022 21:27:52 -0500 [thread overview]
Message-ID: <20220223022820.240649-3-sashal@kernel.org> (raw)
In-Reply-To: <20220223022820.240649-1-sashal@kernel.org>
From: JaeMan Park <jaeman@google.com>
[ Upstream commit cacfddf82baf1470e5741edeecb187260868f195 ]
In mac80211_hwsim, the probe_req frame is created and sent while
scanning. It is sent with ieee80211_tx_info which is not initialized.
Uninitialized ieee80211_tx_info can cause problems when using
mac80211_hwsim with wmediumd. wmediumd checks the tx_rates field of
ieee80211_tx_info and doesn't relay probe_req frame to other clients
even if it is a broadcasting message.
Call ieee80211_tx_prepare_skb() to initialize ieee80211_tx_info for
the probe_req that is created by hw_scan_work in mac80211_hwsim.
Signed-off-by: JaeMan Park <jaeman@google.com>
Link: https://lore.kernel.org/r/20220113060235.546107-1-jaeman@google.com
[fix memory leak]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/wireless/mac80211_hwsim.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c
index 20fae2df848fb..f7cfda9192de2 100644
--- a/drivers/net/wireless/mac80211_hwsim.c
+++ b/drivers/net/wireless/mac80211_hwsim.c
@@ -2336,6 +2336,15 @@ static void hw_scan_work(struct work_struct *work)
if (req->ie_len)
skb_put_data(probe, req->ie, req->ie_len);
+ if (!ieee80211_tx_prepare_skb(hwsim->hw,
+ hwsim->hw_scan_vif,
+ probe,
+ hwsim->tmp_chan->band,
+ NULL)) {
+ kfree_skb(probe);
+ continue;
+ }
+
local_bh_disable();
mac80211_hwsim_tx_frame(hwsim->hw, probe,
hwsim->tmp_chan);
--
2.34.1
next prev parent reply other threads:[~2022-02-23 2:28 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-23 2:27 [PATCH AUTOSEL 5.16 01/30] HID: apple: Set the tilde quirk flag on the Wellspring 5 and later Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 02/30] mac80211_hwsim: report NOACK frames in tx_status Sasha Levin
2022-02-23 2:27 ` Sasha Levin [this message]
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 04/30] i2c: bcm2835: Avoid clock stretching timeouts Sasha Levin
2022-02-23 2:27 ` Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 05/30] ASoC: rt5682s: do not block workqueue if card is unbound Sasha Levin
2022-02-23 2:27 ` Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 06/30] ASoC: rt5668: " Sasha Levin
2022-02-23 2:27 ` Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 07/30] ASoC: rt5682: " Sasha Levin
2022-02-23 2:27 ` Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 08/30] regulator: core: fix false positive in regulator_late_cleanup() Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 09/30] Input: clear BTN_RIGHT/MIDDLE on buttonpads Sasha Levin
2022-02-23 2:27 ` [PATCH AUTOSEL 5.16 10/30] btrfs: get rid of warning on transaction commit when using flushoncommit Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 11/30] KVM: arm64: vgic: Read HW interrupt pending state from the HW Sasha Levin
2022-02-23 2:28 ` Sasha Levin
2022-02-23 2:28 ` Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 12/30] block: loop:use kstatfs.f_bsize of backing file to set discard granularity Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 13/30] tipc: fix a bit overflow in tipc_crypto_key_rcv() Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 14/30] cifs: do not use uninitialized data in the owner/group sid Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 15/30] cifs: fix double free race when mount fails in cifs_get_root() Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 16/30] USB: zaurus: support another broken Zaurus Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 17/30] HID: amd_sfh: Handle amd_sfh work buffer in PM ops Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 18/30] HID: amd_sfh: Add functionality to clear interrupts Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 19/30] HID: amd_sfh: Add interrupt handler to process interrupts Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 20/30] cifs: modefromsids must add an ACE for authenticated users Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 21/30] selftests/seccomp: Fix seccomp failure by adding missing headers Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 22/30] drm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby Sasha Levin
2022-02-23 2:28 ` Sasha Levin
2022-02-23 2:28 ` Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 23/30] selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 24/30] dmaengine: shdma: Fix runtime PM imbalance on error Sasha Levin
2022-02-24 22:39 ` Pavel Machek
2022-02-25 6:25 ` 刘永志
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 25/30] i2c: cadence: allow COMPILE_TEST Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 26/30] i2c: imx: " Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 27/30] i2c: qup: " Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 28/30] CDC-NCM: avoid overflow in sanity checking Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 29/30] net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 Sasha Levin
2022-02-23 2:28 ` [PATCH AUTOSEL 5.16 30/30] block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220223022820.240649-3-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=davem@davemloft.net \
--cc=jaeman@google.com \
--cc=johannes.berg@intel.com \
--cc=johannes@sipsolutions.net \
--cc=kuba@kernel.org \
--cc=kvalo@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.