linux/net/mac80211
Siddh Raman Pant 15bc8966b6 wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
When we are not connected to a channel, sending channel "switch"
announcement doesn't make any sense.

The BSS list is empty in that case. This causes the for loop in
cfg80211_get_bss() to be bypassed, so the function returns NULL
(check line 1424 of net/wireless/scan.c), causing the WARN_ON()
in ieee80211_ibss_csa_beacon() to get triggered (check line 500
of net/mac80211/ibss.c), which was consequently reported on the
syzkaller dashboard.

Thus, check if we have an existing connection before generating
the CSA beacon in ieee80211_ibss_finish_csa().

Cc: stable@vger.kernel.org
Fixes: cd7760e62c ("mac80211: add support for CSA in IBSS mode")
Link: https://syzkaller.appspot.com/bug?id=05603ef4ae8926761b678d2939a3b2ad28ab9ca6
Reported-by: syzbot+b6c9fe29aefe68e4ad34@syzkaller.appspotmail.com
Signed-off-by: Siddh Raman Pant <code@siddh.me>
Tested-by: syzbot+b6c9fe29aefe68e4ad34@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/20220814151512.9985-1-code@siddh.me
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2022-08-25 10:03:47 +02:00
..
aead_api.c mac80211: Check crypto_aead_encrypt for errors 2021-03-16 21:20:41 +01:00
aead_api.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_ccm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_cmac.c mac80211: aes_cmac: check crypto_shash_setkey() return value 2021-04-19 12:01:40 +02:00
aes_cmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_gcm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_gmac.c mac80211: Check crypto_aead_encrypt for errors 2021-03-16 21:20:41 +01:00
aes_gmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
agg-rx.c wifi: mac80211: fix multi-BSSID element parsing 2022-07-15 11:43:17 +02:00
agg-tx.c wifi: mac80211: expand ieee80211_mgmt_tx() for MLO 2022-07-22 14:28:35 +02:00
airtime.c wifi: mac80211: move some future per-link data to bss_conf 2022-06-20 12:55:01 +02:00
cfg.c wifi: mac80211: remove erroneous sband/link validation 2022-07-22 14:28:45 +02:00
chan.c wifi: mac80211: replace link_id with link_conf in switch/(un)assign_vif_chanctx() 2022-07-15 11:43:20 +02:00
debug.h wifi: mac80211: debug: omit link if non-MLO connection 2022-07-15 11:43:14 +02:00
debugfs_key.c wifi: mac80211: reorg some iface data structs for MLD 2022-06-20 12:55:06 +02:00
debugfs_key.h mac80211: Support BIGTK configuration for Beacon protection 2020-02-24 10:35:57 +01:00
debugfs_netdev.c wifi: mac80211: RCU-ify link/link_conf pointers 2022-07-15 11:43:14 +02:00
debugfs_netdev.h
debugfs_sta.c wifi: mac80211: make sta airtime deficit field s32 instead of s64 2022-07-01 10:51:48 +02:00
debugfs_sta.h
debugfs.c wifi: mac80211: optionally implement MLO multicast TX 2022-07-22 14:28:36 +02:00
debugfs.h
driver-ops.c wifi: mac80211: change QoS settings API to take link into account 2022-07-15 11:43:15 +02:00
driver-ops.h wifi: mac80211: remove link_id parameter from link_info_changed() 2022-07-15 11:43:20 +02:00
eht.c wifi: mac80211: RCU-ify link STA pointers 2022-06-20 12:57:08 +02:00
ethtool.c wifi: mac80211: ethtool: use deflink for now 2022-06-20 12:57:08 +02:00
fils_aead.c mac80211: fils: use cfg80211_find_ext_elem() 2021-10-21 17:01:16 +02:00
fils_aead.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
he.c wifi: mac80211: RCU-ify link STA pointers 2022-06-20 12:57:08 +02:00
ht.c wifi: mac80211: move ieee80211_request_smps_mgd_work 2022-07-15 11:43:15 +02:00
ibss.c wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected 2022-08-25 10:03:47 +02:00
ieee80211_i.h wifi: mac80211: rx: track link in RX data 2022-07-22 14:28:38 +02:00
iface.c wifi: mac80211: fix link data leak 2022-07-22 14:28:52 +02:00
Kconfig ath9k: fix build error with LEDS_CLASS=m 2021-01-28 09:29:34 +02:00
key.c wifi: mac80211: reorg some iface data structs for MLD 2022-06-20 12:55:06 +02:00
key.h wifi: mac80211: refactor some key code 2022-06-10 16:12:57 +02:00
led.c mac80211: don't open-code LED manipulations 2021-06-23 11:29:12 +02:00
led.h mac80211: fix throughput LED trigger 2021-11-15 10:56:57 +01:00
main.c wifi: mac80211: prohibit DEAUTH_NEED_MGD_TX_PREP in MLO 2022-07-15 11:43:21 +02:00
Makefile mac80211: Handle station association response with EHT 2022-02-16 15:44:09 +01:00
mesh_hwmp.c wifi: mac80211: fix multi-BSSID element parsing 2022-07-15 11:43:17 +02:00
mesh_pathtbl.c mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh 2022-01-04 15:11:49 +01:00
mesh_plink.c wifi: mac80211: fix up link station creation/insertion 2022-07-15 11:43:23 +02:00
mesh_ps.c mac80211: mesh: fix potentially unaligned access 2021-09-23 13:25:09 +02:00
mesh_sync.c mac80211: mesh: clean up rx_bcn_presp API 2021-09-23 16:26:33 +02:00
mesh.c wifi: mac80211: fix multi-BSSID element parsing 2022-07-15 11:43:17 +02:00
mesh.h mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh 2022-01-04 15:11:49 +01:00
michael.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
michael.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
mlme.c wifi: mac80211: mlme: fix disassoc with MLO 2022-07-22 14:28:50 +02:00
ocb.c wifi: mac80211: fix up link station creation/insertion 2022-07-15 11:43:23 +02:00
offchannel.c wifi: mac80211: expand ieee80211_mgmt_tx() for MLO 2022-07-22 14:28:35 +02:00
pm.c mac80211: Prevent AP probing during suspend 2021-10-21 17:27:51 +02:00
rate.c wifi: mac80211: make ieee80211_check_rate_mask() link-aware 2022-07-15 11:43:21 +02:00
rate.h wifi: mac80211: make ieee80211_check_rate_mask() link-aware 2022-07-15 11:43:21 +02:00
rc80211_minstrel_ht_debugfs.c mac80211: minstrel_ht: show sampling rates in debugfs 2021-02-12 08:58:11 +01:00
rc80211_minstrel_ht.c mac80211: minstrel_ht: support ieee80211_rate_status 2022-05-16 10:07:58 +02:00
rc80211_minstrel_ht.h mac80211: minstrel_ht: support ieee80211_rate_status 2022-05-16 10:07:58 +02:00
rx.c wifi: mac80211: rx: track link in RX data 2022-07-22 14:28:38 +02:00
s1g.c mac80211: prepare sta handling for MLO support 2022-04-11 16:42:03 +02:00
scan.c wifi: mac80211: Fix UAF in ieee80211_scan_rx() 2022-08-25 10:00:21 +02:00
spectmgmt.c wifi: mac80211: separate out connection downgrade flags 2022-07-15 11:43:14 +02:00
sta_info.c wifi: mac80211: always free sta in __sta_info_alloc in case of error 2022-08-25 10:01:16 +02:00
sta_info.h wifi: mac80211: fix up link station creation/insertion 2022-07-15 11:43:23 +02:00
status.c wifi: mac80211: add hardware timestamps for RX and TX 2022-07-22 14:28:29 +02:00
tdls.c wifi: mac80211: optionally implement MLO multicast TX 2022-07-22 14:28:36 +02:00
tkip.c mac80211: Fix TKIP replay protection immediately after key setup 2020-01-15 09:52:12 +01:00
tkip.h Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
trace_msg.h mac80211: tracing: Use the new __vstring() helper 2022-07-24 19:11:17 -04:00
trace.c
trace.h wifi: mac80211: remove link_id parameter from link_info_changed() 2022-07-15 11:43:20 +02:00
tx.c wifi: mac80211: fix possible leak in ieee80211_tx_control_port() 2022-08-25 10:02:57 +02:00
util.c wifi: mac80211: add API to parse multi-link element 2022-07-15 11:43:24 +02:00
vht.c wifi: mac80211: Support multi link in ieee80211_recalc_min_chandef() 2022-07-15 11:43:20 +02:00
wep.c mac80211: make ieee80211_wep_init() return void 2020-02-07 12:40:34 +01:00
wep.h mac80211: make ieee80211_wep_init() return void 2020-02-07 12:40:34 +01:00
wme.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-14 15:27:35 -07:00
wme.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
wpa.c wifi: mac80211: remove cipher scheme support 2022-06-10 15:35:53 +02:00
wpa.h wifi: mac80211: remove cipher scheme support 2022-06-10 15:35:53 +02:00