From patchwork Wed Jun 6 08:47:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sven Eckelmann X-Patchwork-Id: 17402 X-Patchwork-Delegate: sw@simonwunderlich.de Return-Path: X-Original-To: patchwork@open-mesh.org Delivered-To: patchwork@open-mesh.org Received: from open-mesh.org (localhost [IPv6:::1]) by open-mesh.org (Postfix) with ESMTP id DB5F9828EF; Wed, 6 Jun 2018 10:47:29 +0200 (CEST) Authentication-Results: open-mesh.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=narfation.org header.i=@narfation.org header.b="amh06x15"; dkim-atps=neutral Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=79.140.41.39; helo=v3-1039.vlinux.de; envelope-from=sven@narfation.org; receiver= Received: from v3-1039.vlinux.de (narfation.org [79.140.41.39]) by open-mesh.org (Postfix) with ESMTPS id B169A80945 for ; Wed, 6 Jun 2018 10:47:27 +0200 (CEST) Received: from sven-desktop.home.narfation.org (p200300C593D4FFFE000000000000070D.dip0.t-ipconnect.de [IPv6:2003:c5:93d4:fffe::70d]) by v3-1039.vlinux.de (Postfix) with ESMTPSA id 375551100D5; Wed, 6 Jun 2018 10:47:27 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=narfation.org; s=20121; t=1528274847; bh=o+6P+K+EoJUjbnfDJveBXUurYylrbAuTANXBRTSKg3Y=; h=From:To:Cc:Subject:Date:From; b=amh06x15Qa9gw6g9QmBGeG0vB/xmsQemhlEZ81LtfysZg2W2Sl/ryAm62Gb9cjcDV 9nZd5GVCg7pdND7e3DBSokqMtQ8qXqCykBGTXBW/Ep/ci+qlTF4uTbxUu7DM0xGSPN BkmuYywUDrnJeQj0JrNnnASpE3sUOKK0szbbvsUc= From: Sven Eckelmann To: Johannes Berg Date: Wed, 6 Jun 2018 10:47:02 +0200 Message-Id: <20180606084702.19825-1-sven@narfation.org> X-Mailer: git-send-email 2.11.0 Subject: [B.A.T.M.A.N.] [PATCH] cfg80211: initialize sinfo.filled in cfg80211_get_station X-BeenThere: b.a.t.m.a.n@lists.open-mesh.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The list for a Better Approach To Mobile Ad-hoc Networking List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: The list for a Better Approach To Mobile Ad-hoc Networking Cc: linux-wireless@vger.kernel.org, b.a.t.m.a.n@lists.open-mesh.org, Antonio Quartulli , Thomas Lauer Errors-To: b.a.t.m.a.n-bounces@lists.open-mesh.org Sender: "B.A.T.M.A.N" Most of the implementations behind cfg80211_get_station will not initialize sinfo to zero before manipulating it. The member "filled", which indicates the filled in parts of this struct, is often only modified by enabling certain bits in the bitfield while keeping the remaining bits in their original state. A caller without a preinitialized sinfo.filled can then no longer decide which parts of sinfo were filled in by cfg80211_get_station (or actually the underlying implementations). cfg80211_get_station must therefore take care that sinfo.filled is initialized to zero. Otherwise, the caller may tries to read information which was not filled in and which must therefore also be considered uninitialized. In batadv_v_elp_get_throughput's case, an invalid "random" expected throughput may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may switch to non-optimal neighbors for certain destinations. Fixes: 7406353d43c8 ("cfg80211: implement cfg80211_get_station cfg80211 API") Reported-by: Thomas Lauer Reported-by: Marcel Schmidt Cc: b.a.t.m.a.n@lists.open-mesh.org Signed-off-by: Sven Eckelmann --- Matthias, you may want to take care that this is integrated in your firmware. --- net/wireless/util.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/wireless/util.c b/net/wireless/util.c index b5bb1c309914..cd6a695d1230 100644 --- a/net/wireless/util.c +++ b/net/wireless/util.c @@ -1746,6 +1746,8 @@ int cfg80211_get_station(struct net_device *dev, const u8 *mac_addr, if (!rdev->ops->get_station) return -EOPNOTSUPP; + sinfo->filled = 0; + return rdev_get_station(rdev, dev, mac_addr, sinfo); } EXPORT_SYMBOL(cfg80211_get_station);