diff options
| author |   Miaoqing Pan <miaoqing@codeaurora.org> | 2019-09-27 10:03:16 +0800 |
|---|---|---|
| committer |   Johannes Berg <johannes.berg@intel.com> | 2019-10-01 17:56:19 +0200 |
| commit | 8ed31a264065ae92058ce54aa3cc8da8d81dc6d7 (patch) | |
| tree | 8d17032a53ed019628036ce5e016ecf5fcaae19d /net/mac80211/util.c | |
| parent | nl80211: fix null pointer dereference (diff) | |
| download | linux-dev-8ed31a264065ae92058ce54aa3cc8da8d81dc6d7.tar.xz linux-dev-8ed31a264065ae92058ce54aa3cc8da8d81dc6d7.zip | |
mac80211: fix txq null pointer dereference
If the interface type is P2P_DEVICE or NAN, read the file of
'/sys/kernel/debug/ieee80211/phyx/netdev:wlanx/aqm' will get a
NULL pointer dereference. As for those interface type, the
pointer sdata->vif.txq is NULL.
Unable to handle kernel NULL pointer dereference at virtual address 00000011
CPU: 1 PID: 30936 Comm: cat Not tainted 4.14.104 #1
task: ffffffc0337e4880 task.stack: ffffff800cd20000
PC is at ieee80211_if_fmt_aqm+0x34/0xa0 [mac80211]
LR is at ieee80211_if_fmt_aqm+0x34/0xa0 [mac80211]
[...]
Process cat (pid: 30936, stack limit = 0xffffff800cd20000)
[...]
[<ffffff8000b7cd00>] ieee80211_if_fmt_aqm+0x34/0xa0 [mac80211]
[<ffffff8000b7c414>] ieee80211_if_read+0x60/0xbc [mac80211]
[<ffffff8000b7ccc4>] ieee80211_if_read_aqm+0x28/0x30 [mac80211]
[<ffffff80082eff94>] full_proxy_read+0x2c/0x48
[<ffffff80081eef00>] __vfs_read+0x2c/0xd4
[<ffffff80081ef084>] vfs_read+0x8c/0x108
[<ffffff80081ef494>] SyS_read+0x40/0x7c
Signed-off-by: Miaoqing Pan <miaoqing@codeaurora.org>
Acked-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/1569549796-8223-1-git-send-email-miaoqing@codeaurora.org
[trim useless data from commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/mac80211/util.c')
0 files changed, 0 insertions, 0 deletions