kernel_optimize_test/net/wireless
Nguyen Dinh Phi 7b97b5776d cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
commit 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 upstream.

If the userspace tools switch from NL80211_IFTYPE_P2P_GO to
NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it
does not call the cleanup cfg80211_stop_ap(), this leads to the
initialization of in-use data. For example, this path re-init the
sdata->assigned_chanctx_list while it is still an element of
assigned_vifs list, and makes that linked list corrupt.

Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
Reported-by: syzbot+bbf402b783eeb6d908db@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/20211027173722.777287-1-phind.uet@gmail.com
Cc: stable@vger.kernel.org
Fixes: ac800140c2 ("cfg80211: .stop_ap when interface is going down")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-11-26 10:39:20 +01:00
..
certs
.gitignore
ap.c
chan.c cfg80211: only allow S1G channels on S1G band 2020-10-08 10:41:24 +02:00
core.c cfg80211: fix management registrations locking 2021-11-02 19:48:20 +01:00
core.h cfg80211: fix management registrations locking 2021-11-02 19:48:20 +01:00
debugfs.c
debugfs.h
ethtool.c
ibss.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
Kconfig cfg80211: select CONFIG_CRC32 2021-01-19 18:27:28 +01:00
lib80211_crypt_ccmp.c
lib80211_crypt_tkip.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
lib80211_crypt_wep.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
lib80211.c lib80211: Remove unused macro DRV_NAME 2020-09-18 11:53:00 +02:00
Makefile cfg80211: make certificate generation more robust 2021-06-23 14:42:53 +02:00
mesh.c
mlme.c cfg80211: fix management registrations locking 2021-11-02 19:48:20 +01:00
nl80211.c cfg80211: fix default HE tx bitrate mask in 2G band 2021-07-19 09:44:53 +02:00
nl80211.h
ocb.c
of.c
pmsr.c cfg80211: avoid double free of PMSR request 2021-06-23 14:42:53 +02:00
radiotap.c wireless: radiotap: fix some kernel-doc 2020-09-28 13:53:05 +02:00
rdev-ops.h
reg.c cfg80211: regulatory: Fix inconsistent format argument 2020-10-30 10:06:56 +01:00
reg.h
scan.c cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() 2021-11-02 19:48:20 +01:00
sme.c cfg80211: remove WARN_ON() in cfg80211_sme_connect 2021-04-14 08:42:13 +02:00
sysfs.c
sysfs.h
trace.c
trace.h
util.c cfg80211: call cfg80211_stop_ap when switch from P2P_GO type 2021-11-26 10:39:20 +01:00
wext-compat.c net: wireless: Convert to use the preferred fallthrough macro 2020-08-27 11:24:28 +02:00
wext-compat.h
wext-core.c wext: fix NULL-ptr-dereference with cfg80211's lack of commit() 2021-02-03 23:28:38 +01:00
wext-priv.c
wext-proc.c
wext-sme.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
wext-spy.c wireless: wext-spy: Fix out-of-bounds warning 2021-07-19 09:44:52 +02:00