original_kernel/net/mac80211
Dmitry Antipov 92ecbb3ac6 wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan()
When testing the previous patch with CONFIG_UBSAN_BOUNDS, I've
noticed the following:

UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:372:4
index 0 is out of range for type 'struct ieee80211_channel *[]'
CPU: 0 PID: 1435 Comm: wpa_supplicant Not tainted 6.9.0+ #1
Hardware name: LENOVO 20UN005QRT/20UN005QRT <...BIOS details...>
Call Trace:
 <TASK>
 dump_stack_lvl+0x2d/0x90
 __ubsan_handle_out_of_bounds+0xe7/0x140
 ? timerqueue_add+0x98/0xb0
 ieee80211_prep_hw_scan+0x2db/0x480 [mac80211]
 ? __kmalloc+0xe1/0x470
 __ieee80211_start_scan+0x541/0x760 [mac80211]
 rdev_scan+0x1f/0xe0 [cfg80211]
 nl80211_trigger_scan+0x9b6/0xae0 [cfg80211]
 ...<the rest is not too useful...>

Since '__ieee80211_start_scan()' leaves 'hw_scan_req->req.n_channels'
uninitialized, actual boundaries of 'hw_scan_req->req.channels' can't
be checked in 'ieee80211_prep_hw_scan()'. Although an initialization
of 'hw_scan_req->req.n_channels' introduces some confusion around
allocated vs. used VLA members, this shouldn't be a problem since
everything is correctly adjusted soon in 'ieee80211_prep_hw_scan()'.

Cleanup 'kmalloc()' math in '__ieee80211_start_scan()' by using the
convenient 'struct_size()' as well.

Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
Link: https://msgid.link/20240517153332.18271-2-dmantipov@yandex.ru
[improve (imho) indentation a bit]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2024-05-29 15:58:54 +02:00
..
tests wifi: mac80211: hide element parsing internals 2024-03-04 14:33:03 +01:00
Kconfig wifi: cfg80211/mac80211: remove dependency on non-existing option 2024-01-18 14:50:01 +01:00
Makefile wifi: mac80211: move element parsing to a new file 2024-02-08 15:00:43 +01:00
aead_api.c
aead_api.h
aes_ccm.h
aes_cmac.c
aes_cmac.h
aes_gcm.h
aes_gmac.c
aes_gmac.h
agg-rx.c wifi: mac80211: remove ampdu_mlme.mtx 2023-09-11 11:27:22 +02:00
agg-tx.c wifi: mac80211: introduce 'channel request' 2024-02-08 13:07:34 +01:00
airtime.c wifi: mac80211: Sanity check tx bitrate if not provided by driver 2023-09-13 16:24:05 +02:00
cfg.c wifi: mac80211: pass proper link id for channel switch started notification 2024-05-29 15:25:36 +02:00
chan.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-25 12:41:37 -07:00
debug.h wifi: mac80211: fix mlme_link_id_dbg() 2024-03-25 15:22:53 +01:00
debugfs.c wifi: mac80211: add flag to disallow puncturing in 5 GHz 2024-03-25 15:38:13 +01:00
debugfs.h
debugfs_key.c wifi: mac80211: remove key_mtx 2023-09-11 11:27:22 +02:00
debugfs_key.h
debugfs_netdev.c wifi: mac80211: fix driver debugfs for vif type change 2024-02-02 13:09:55 +01:00
debugfs_netdev.h wifi: mac80211: fix driver debugfs for vif type change 2024-02-02 13:09:55 +01:00
debugfs_sta.c wifi: mac80211: fix spelling typo in comment 2024-01-03 15:34:56 +01:00
debugfs_sta.h wifi: mac80211: add API to show the link STAs in debugfs 2022-10-07 15:23:41 +02:00
driver-ops.c wifi: mac80211: add ieee80211_vif_link_active() helper 2024-03-04 14:32:53 +01:00
driver-ops.h wifi: mac80211: pass link conf to abort_channel_switch 2024-03-04 14:33:56 +01:00
drop.h wifi: mac80211: improve drop for action frame return 2024-03-25 15:39:28 +01:00
eht.c wifi: mac80211: add helpers to access sband iftype data 2023-06-14 11:57:29 +02:00
ethtool.c wifi: mac80211: ethtool: always hold wiphy mutex 2023-09-25 09:00:39 +02:00
fils_aead.c wifi: mac80211: Do not include crypto/algapi.h 2023-08-24 08:42:36 +02:00
fils_aead.h
he.c wifi: mac80211: correctly parse Spatial Reuse Parameter Set element 2024-05-29 15:35:12 +02:00
ht.c wifi: mac80211: clarify IEEE80211_STATUS_SUBDATA_MASK 2024-03-25 15:39:28 +01:00
ibss.c wifi: mac80211: flush only stations using requests links 2024-02-12 21:13:57 +01:00
ieee80211_i.h wifi: mac80211: handle tasklet frames before stopping 2024-05-29 15:25:10 +02:00
iface.c wifi: mac80211: defer link switch work in reconfig 2024-04-19 10:14:29 +02:00
key.c wifi: mac80211: add link id to ieee80211_gtk_rekey_add() 2024-03-04 14:31:28 +01:00
key.h wifi: mac80211: remove key_mtx 2023-09-11 11:27:22 +02:00
led.c leds: Change led_trigger_blink[_oneshot]() delay parameters to pass-by-value 2023-05-25 12:16:27 +01:00
led.h leds: Change led_trigger_blink[_oneshot]() delay parameters to pass-by-value 2023-05-25 12:16:27 +01:00
link.c wifi: mac80211: keep mac80211 consistent on link activation failure 2024-04-19 10:19:37 +02:00
main.c wifi: mac80211: handle tasklet frames before stopping 2024-05-29 15:25:10 +02:00
mesh.c wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata 2024-05-29 15:19:45 +02:00
mesh.h wifi: mac80211: split mesh fast tx cache into local/proxied/forwarded 2024-04-17 09:21:32 +02:00
mesh_hwmp.c wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP 2023-12-12 10:37:01 +01:00
mesh_pathtbl.c wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects 2024-05-29 15:17:03 +02:00
mesh_plink.c wifi: mac80211: simplify adding supported rates 2024-02-08 15:00:43 +01:00
mesh_ps.c wifi: mac80211: mesh: fix some kdoc warnings 2023-10-23 11:43:27 +02:00
mesh_sync.c wifi: mac80211: mesh: fix some kdoc warnings 2023-10-23 11:43:27 +02:00
michael.c
michael.h
mlme.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-25 12:41:37 -07:00
ocb.c wifi: mac80211: flush only stations using requests links 2024-02-12 21:13:57 +01:00
offchannel.c wifi: mac80211: handle link ID during management Tx 2024-04-19 10:54:58 +02:00
parse.c wifi: mac80211: fix Spatial Reuse element size check 2024-05-29 15:34:46 +02:00
pm.c wifi: mac80211: remove sta_mtx 2023-09-11 11:27:22 +02:00
rate.c wifi: mac80211: don't use rate mask for scanning 2024-04-08 20:11:34 +02:00
rate.h wifi: mac80211: make ieee80211_check_rate_mask() link-aware 2022-07-15 11:43:21 +02:00
rc80211_minstrel_ht.c wifi: mac80211: remove shifted rate support 2023-09-13 11:22:16 +02:00
rc80211_minstrel_ht.h wifi: mac80211: minstrel_ht: remove unused has_mrr member from struct minstrel_priv 2022-10-07 15:25:05 +02:00
rc80211_minstrel_ht_debugfs.c
rx.c wifi: mac80211: handle color change per link 2024-05-03 10:18:19 +02:00
s1g.c wifi: mac80211: remove sta_mtx 2023-09-11 11:27:22 +02:00
scan.c wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() 2024-05-29 15:58:54 +02:00
spectmgmt.c wifi: mac80211: spectmgmt: simplify 6 GHz HE/EHT handling 2024-03-25 15:36:36 +01:00
sta_info.c wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() 2024-05-29 15:19:55 +02:00
sta_info.h wifi: mac80211: add return docs for sta_info_flush() 2024-04-19 10:27:21 +02:00
status.c wifi: mac80211: add support for tearing down negotiated TTLM 2024-03-25 15:38:15 +01:00
tdls.c wifi: mac80211: remove TDLS peers only on affected link 2024-03-04 14:34:03 +01:00
tkip.c
tkip.h
trace.c
trace.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
trace_msg.h wifi: mac80211: remove unused MAX_MSG_LEN define 2024-02-08 12:50:09 +01:00
tx.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-25 12:41:37 -07:00
util.c wifi: mac80211: handle tasklet frames before stopping 2024-05-29 15:25:10 +02:00
vht.c wifi: mac80211: track capability/opmode NSS separately 2024-03-04 14:25:27 +01:00
wbrf.c wifi: mac80211: Drop WBRF debugging statements 2024-01-26 10:43:33 +01:00
wep.c wifi: mac80211: remove RX_DROP_UNUSABLE 2023-09-26 09:16:42 +02:00
wep.h
wme.c wifi: mac80211: fix qos on mesh interfaces 2023-03-22 13:46:38 +01:00
wme.h wifi: mac80211: Drop support for TX push path 2022-10-10 11:06:14 +02:00
wpa.c wifi: mac80211: extend IEEE80211_KEY_FLAG_GENERATE_MMIE to other ciphers 2024-04-08 20:52:28 +02:00
wpa.h