github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-10 07:32:29 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
59be003dc4
linux/net
History
Johannes Berg 131e3afd38 wireless: regulatory: fix channel disabling race condition 
commit 990de49f74 upstream.

When a full scan 2.4 and 5 GHz scan is scheduled, but then the 2.4 GHz
part of the scan disables a 5.2 GHz channel due to, e.g. receiving
country or frequency information, that 5.2 GHz channel might already
be in the list of channels to scan next. Then, when the driver checks
if it should do a passive scan, that will return false and attempt an
active scan. This is not only wrong but can also lead to the iwlwifi
device firmware crashing since it checks regulatory as well.

Fix this by not setting the channel flags to just disabled but rather
OR'ing in the disabled flag. That way, even if the race happens, the
channel will be scanned passively which is still (mostly) correct.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-05-07 19:51:56 -07:00
..
9p 9p: BUG before corrupting memory 2012-06-22 11:37:15 -07:00
802 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-02 17:53:39 -07:00
8021q 8021q: fix a potential use-after-free 2013-04-05 10:04:38 -07:00
appletalk
atm atm: update msg_namelen in vcc_recvmsg() 2013-05-01 09:41:04 -07:00
ax25 ax25: fix info leak via msg_name in ax25_recvmsg() 2013-05-01 09:41:04 -07:00
batman-adv batman-adv: fix random jitter calculation 2013-01-11 09:07:03 -08:00
bluetooth Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() 2013-05-01 09:41:04 -07:00
bridge bridge: set priority of STP packets 2013-02-28 06:59:05 -08:00
caif caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg() 2013-05-01 09:41:04 -07:00
can can: gw: use kmem_cache_free() instead of kfree() 2013-04-12 09:38:47 -07:00
ceph rbd: remove linger unconditionally 2013-01-17 08:51:20 -08:00
core net: fix incorrect credentials passing 2013-05-01 09:41:16 -07:00
dcb dcbnl: fix various netlink info leaks 2013-03-20 13:05:02 -07:00
dccp inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock 2013-01-11 09:07:14 -08:00
decnet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
dns_resolver KEYS: Allow special keyrings to be cleared 2012-01-19 14:38:51 +11:00
dsa
econet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ethernet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ieee802154 6lowpan: Fix endianness issue in is_addr_link_local(). 2013-03-20 13:05:02 -07:00
ipv4 net: drop dst before queueing fragments 2013-05-01 09:41:20 -07:00
ipv6 net: drop dst before queueing fragments 2013-05-01 09:41:20 -07:00
ipx
irda irda: Fix missing msg_namelen update in irda_recvmsg_dgram() 2013-05-01 09:41:05 -07:00
iucv iucv: Fix missing msg_namelen update in iucv_sock_recvmsg() 2013-05-01 09:41:05 -07:00
key net/key/af_key.c: add missing kfree_skb 2012-04-13 11:01:44 -04:00
l2tp l2tp: Restore socket refcount when sendmsg succeeds 2013-03-20 13:05:01 -07:00
lapb Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
llc llc: Fix missing msg_namelen update in llc_ui_recvmsg() 2013-05-01 09:41:05 -07:00
mac80211 mac80211: synchronize scan off/on-channel and PS states 2013-02-03 18:24:42 -06:00
netfilter netfilter: Mark SYN/ACK packets as invalid from original direction 2012-11-26 11:37:48 -08:00
netlabel netlabel: correctly list all the static label mappings 2013-03-20 13:05:01 -07:00
netlink thermal: shorten too long mcast group name 2013-04-05 10:04:38 -07:00
netrom netrom: fix invalid use of sizeof in nr_recvmsg() 2013-05-01 09:41:06 -07:00
nfc NFC: llcp: fix info leaks via msg_name in llcp_sock_recvmsg() 2013-05-01 09:41:05 -07:00
openvswitch openvswitch: Reset upper layer protocol info on internal devices. 2012-10-02 10:29:50 -07:00
packet packet: fix leakage of tx_ring memory 2013-02-14 10:49:05 -08:00
phonet phonet: Sort out initiailziation and cleanup code. 2012-04-13 11:01:43 -04:00
rds rds: limit the size allocated by rds_message_alloc() 2013-03-20 13:05:01 -07:00
rfkill device.h: cleanup users outside of linux/include (C files) 2012-03-11 14:27:37 -04:00
rose rose: fix info leak via msg_name in rose_recvmsg() 2013-05-01 09:41:05 -07:00
rxrpc RxRPC: Fix kcalloc parameters swapped 2012-02-14 14:41:55 -05:00
sched cbq: incorrect processing of high limits 2013-05-01 09:41:06 -07:00
sctp net: sctp: sctp_auth_key_put: use kzfree instead of kfree 2013-05-01 09:41:08 -07:00
sunrpc SUNRPC: Add barriers to ensure read ordering in rpc_wake_up_task_queue_locked 2013-04-05 10:04:14 -07:00
tipc tipc: fix info leaks via msg_name in recv_msg/recv_stream 2013-05-01 09:41:05 -07:00
unix af_unix: If we don't care about credentials coallesce all messages 2013-05-01 09:41:07 -07:00
wanrouter wanmain: comparing array with NULL 2012-08-09 08:31:51 -07:00
wimax
wireless wireless: regulatory: fix channel disabling race condition 2013-05-07 19:51:56 -07:00
x25 net:x25: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xfrm xfrm_user: ensure user supplied esn replay window is valid 2012-10-13 05:38:41 +09:00
compat.c net: Fix references to out-of-scope variables in put_cmsg_compat() 2012-08-09 08:31:42 -07:00
Kconfig
Makefile
nonet.c
socket.c net: fix info leak in compat dev_ifconf() 2012-10-02 10:29:37 -07:00
sysctl_net.c sysctl: Modify __register_sysctl_paths to take a set instead of a root and an nsproxy 2012-01-24 16:40:30 -08:00