From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, Michal Kazior <michal@plume.com>,
Johannes Berg <johannes.berg@intel.com>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.19 14/52] wifi: cfg80211: fix missing interfaces when dumping
Date: Tue, 27 Feb 2024 14:26:01 +0100 [thread overview]
Message-ID: <20240227131549.001355032@linuxfoundation.org> (raw)
In-Reply-To: <20240227131548.514622258@linuxfoundation.org>
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Michal Kazior <michal@plume.com>
[ Upstream commit a6e4f85d3820d00694ed10f581f4c650445dbcda ]
The nl80211_dump_interface() supports resumption
in case nl80211_send_iface() doesn't have the
resources to complete its work.
The logic would store the progress as iteration
offsets for rdev and wdev loops.
However the logic did not properly handle
resumption for non-last rdev. Assuming a system
with 2 rdevs, with 2 wdevs each, this could
happen:
dump(cb=[0, 0]):
if_start=cb[1] (=0)
send rdev0.wdev0 -> ok
send rdev0.wdev1 -> yield
cb[1] = 1
dump(cb=[0, 1]):
if_start=cb[1] (=1)
send rdev0.wdev1 -> ok
// since if_start=1 the rdev0.wdev0 got skipped
// through if_idx < if_start
send rdev1.wdev1 -> ok
The if_start needs to be reset back to 0 upon wdev
loop end.
The problem is actually hard to hit on a desktop,
and even on most routers. The prerequisites for
this manifesting was:
- more than 1 wiphy
- a few handful of interfaces
- dump without rdev or wdev filter
I was seeing this with 4 wiphys 9 interfaces each.
It'd miss 6 interfaces from the last wiphy
reported to userspace.
Signed-off-by: Michal Kazior <michal@plume.com>
Link: https://msgid.link/20240116142340.89678-1-kazikcz@gmail.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/wireless/nl80211.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index e33c1175b1582..f79700e5d801a 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -2994,6 +2994,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *
if_idx++;
}
+ if_start = 0;
wp_idx++;
}
out:
--
2.43.0
next prev parent reply other threads:[~2024-02-27 13:44 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-27 13:25 [PATCH 4.19 00/52] 4.19.308-rc1 review Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 01/52] net/sched: Retire CBQ qdisc Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 02/52] net/sched: Retire ATM qdisc Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 03/52] net/sched: Retire dsmark qdisc Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 04/52] stmmac: no need to check return value of debugfs_create functions Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 05/52] net: stmmac: fix notifier registration Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 06/52] memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 07/52] nilfs2: replace WARN_ONs for invalid DAT metadata block requests Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 08/52] userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 09/52] sched/rt: Fix sysctl_sched_rr_timeslice intial value Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 10/52] sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 11/52] sched/rt: Disallow writing invalid values to sched_rt_period_us Greg Kroah-Hartman
2024-02-27 13:25 ` [PATCH 4.19 12/52] scsi: target: core: Add TMF to tmr_list handling Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 13/52] dmaengine: shdma: increase size of dev_id Greg Kroah-Hartman
2024-02-27 13:26 ` Greg Kroah-Hartman [this message]
2024-02-27 13:26 ` [PATCH 4.19 15/52] wifi: mac80211: fix race condition on enabling fast-xmit Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 16/52] fbdev: savage: Error out if pixclock equals zero Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 17/52] fbdev: sis: " Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 18/52] ahci: asm1166: correct count of reported ports Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 19/52] ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 20/52] ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 21/52] regulator: pwm-regulator: Add validity checks in continuous .get_voltage Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 22/52] hwmon: (coretemp) Enlarge per package core count limit Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 23/52] firewire: core: send bus reset promptly on gap count error Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 24/52] virtio-blk: Ensure no requests in virtqueues before deleting vqs Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 25/52] s390/qeth: Fix potential loss of L3-IP@ in case of network issues Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 26/52] pmdomain: renesas: r8a77980-sysc: CR7 must be always on Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 27/52] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 28/52] mm: memcontrol: switch to rcu protection in drain_all_stock() Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 29/52] dm-crypt: dont modify the data when using authenticated encryption Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 30/52] gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 31/52] l2tp: pass correct message length to ip6_append_data Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 32/52] ARM: ep93xx: Add terminator to gpiod_lookup_table Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 33/52] usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 34/52] usb: roles: dont get/set_role() when usb_role_switch is unregistered Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 35/52] IB/hfi1: Fix a memleak in init_credit_return Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 36/52] RDMA/bnxt_re: Return error for SRQ resize Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 37/52] RDMA/srpt: Support specifying the srpt_service_guid parameter Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 38/52] RDMA/ulp: Use dev_name instead of ibdev->name Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 39/52] RDMA/srpt: Make debug output more detailed Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 40/52] RDMA/srpt: fix function pointer cast warnings Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 41/52] scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 42/52] bpf, scripts: Correct GPL license name Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 43/52] scsi: jazz_esp: Only build if SCSI core is builtin Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 44/52] nouveau: fix function cast warnings Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 45/52] ipv6: sr: fix possible use-after-free and null-ptr-deref Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 46/52] packet: move from strlcpy with unused retval to strscpy Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 47/52] s390: use the correct count for __iowrite64_copy() Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 48/52] PCI/MSI: Prevent MSI hardware interrupt number truncation Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 49/52] KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 50/52] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 51/52] fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio Greg Kroah-Hartman
2024-02-27 13:26 ` [PATCH 4.19 52/52] scripts/bpf: Fix xdp_md forward declaration typo Greg Kroah-Hartman
2024-02-27 18:31 ` [PATCH 4.19 00/52] 4.19.308-rc1 review Pavel Machek
2024-02-28 8:49 ` Naresh Kamboju
2024-02-28 13:39 ` Jon Hunter
2024-02-28 16:58 ` Shuah Khan
2024-02-28 18:16 ` Harshit Mogalapalli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240227131549.001355032@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=johannes.berg@intel.com \
--cc=michal@plume.com \
--cc=patches@lists.linux.dev \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).