From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D8A55CE79CF for ; Wed, 20 Sep 2023 11:46:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234572AbjITLq0 (ORCPT ); Wed, 20 Sep 2023 07:46:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54824 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234487AbjITLq0 (ORCPT ); Wed, 20 Sep 2023 07:46:26 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 664F7E0 for ; Wed, 20 Sep 2023 04:46:20 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 82D30C433C7; Wed, 20 Sep 2023 11:46:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1695210379; bh=xzWKQ4OHDm9zJaSwKzL0GlQ2pbfhf7p3J2xy4I8VYs4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gzWApEFUvJgziAv3Cv84v31ZbKzPQPYeAX9QYDAN/f1x1cfu6OeFIe8jjG6yfMUIr u/5NCIVCFPBHtomIYrwS1dgos6RyGueb73PM9ZHTw2gwPvCdhrlgLgOUCcVEbY4SPu IiDVyJBy/up2fQVLys9l8JN+bbZx2pO9izkhWha0= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, syzbot+999fac712d84878a7379@syzkaller.appspotmail.com, Johannes Berg , Sasha Levin Subject: [PATCH 6.5 055/211] wifi: mac80211: check for station first in client probe Date: Wed, 20 Sep 2023 13:28:19 +0200 Message-ID: <20230920112847.483396079@linuxfoundation.org> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20230920112845.859868994@linuxfoundation.org> References: <20230920112845.859868994@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org 6.5-stable review patch. If anyone has any objections, please let me know. ------------------ From: Johannes Berg [ Upstream commit 67dfa589aa8806c7959cbca2f4613b8d41c75a06 ] When probing a client, first check if we have it, and then check for the channel context, otherwise you can trigger the warning there easily by probing when the AP isn't even started yet. Since a client existing means the AP is also operating, we can then keep the warning. Also simplify the moved code a bit. Reported-by: syzbot+999fac712d84878a7379@syzkaller.appspotmail.com Signed-off-by: Johannes Berg Signed-off-by: Sasha Levin --- net/mac80211/cfg.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index d354b32a20f8f..45e7a5d9c7d94 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -4133,19 +4133,20 @@ static int ieee80211_probe_client(struct wiphy *wiphy, struct net_device *dev, mutex_lock(&local->mtx); rcu_read_lock(); + sta = sta_info_get_bss(sdata, peer); + if (!sta) { + ret = -ENOLINK; + goto unlock; + } + + qos = sta->sta.wme; + chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf); if (WARN_ON(!chanctx_conf)) { ret = -EINVAL; goto unlock; } band = chanctx_conf->def.chan->band; - sta = sta_info_get_bss(sdata, peer); - if (sta) { - qos = sta->sta.wme; - } else { - ret = -ENOLINK; - goto unlock; - } if (qos) { fc = cpu_to_le16(IEEE80211_FTYPE_DATA | -- 2.40.1