OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net
History
Johannes Berg d1d7f2310a cfg80211: wext: clear sinfo struct before calling driver 
commit 9c5a18a31b upstream.

Until recently, mac80211 overwrote all the statistics it could
provide when getting called, but it now relies on the struct
having been zeroed by the caller. This was always the case in
nl80211, but wext used a static struct which could even cause
values from one device leak to another.

Using a static struct is OK (as even documented in a comment)
since the whole usage of this function and its return value is
always locked under RTNL. Not clearing the struct for calling
the driver has always been wrong though, since drivers were
free to only fill values they could report, so calling this
for one device and then for another would always have leaked
values from one to the other.

Fix this by initializing the structure in question before the
driver method call.

This fixes https://bugzilla.kernel.org/show_bug.cgi?id=99691

Reported-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Reported-by: Alexander Kaltsas <alexkaltsas@gmail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2015-06-22 17:01:23 -07:00
..
9p 9p/trans_virtio.c: Fix broken zero-copy on vmalloc() buffers 2014-02-10 17:48:54 -08:00
802 neigh: use NEIGH_VAR_INIT in ndo_neigh_setup functions. 2014-01-16 11:31:58 -08:00
8021q net: Always untag vlan-tagged traffic on input. 2014-10-15 08:36:40 +02:00
appletalk appletalk: Fix socket referencing in skb 2014-07-28 08:06:00 -07:00
atm net: Fix some fallout from the etner_addr_copy() changes. 2014-01-21 18:57:26 -08:00
ax25 net: add build-time checks for msg->msg_name size 2014-01-18 23:04:16 -08:00
batman-adv batman-adv: avoid NULL dereferences and fix if check 2015-01-27 08:18:53 -08:00
bluetooth Bluetooth: Fix incorrect LE CoC PDU length restriction based on HCI MTU 2014-10-30 09:38:23 -07:00
bridge bridge: disable softirqs around br_fdb_update to avoid lockup 2015-06-22 17:01:18 -07:00
caif unix/caif: sk_socket can disappear when state is unlocked 2015-06-22 17:01:18 -07:00
can can: add missing initialisations in CAN related skbuffs 2015-03-26 15:06:54 +01:00
ceph crush: ensuring at most num-rep osds are selected 2015-06-22 17:01:15 -07:00
core net: core: Correct an over-stringent device loop detection. 2015-06-22 17:01:16 -07:00
dcb net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-06-26 15:15:38 -04:00
dccp dccp: re-enable debug macro 2014-02-16 23:45:00 -05:00
decnet net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-06-26 15:15:38 -04:00
dns_resolver dns_resolver: Null-terminate the right string 2014-07-28 08:06:01 -07:00
dsa dsa: Use ether_addr_copy 2014-01-21 18:13:05 -08:00
ethernet net: eth_type_trans() should use skb_header_pointer() 2014-01-16 15:30:31 -08:00
hsr hsr: off by one sanity check in hsr_register_frame_in() 2014-03-03 15:29:42 -05:00
ieee802154 6lowpan: fix lockdep splats 2014-02-10 17:51:29 -08:00
ipv4 ipv4/udp: Verify multicast group is ours in upd_v4_early_demux() 2015-06-22 17:01:18 -07:00
ipv6 udp: fix behavior of wrong checksums 2015-06-22 17:01:18 -07:00
ipx ipx: fix locking regression in ipx_sendmsg and ipx_recvmsg 2014-12-06 15:55:34 -08:00
irda net: irda: fix wait_until_sent poll timeout 2015-03-18 13:31:29 +01:00
iucv af_iucv: wrong mapping of sent and confirmed skbs 2014-06-30 20:11:51 -07:00
key selinux: add gfp argument to security_xfrm_policy_alloc and fix callers 2014-03-10 08:30:02 +01:00
l2tp l2tp: fix race while getting PMTU on PPP pseudo-wire 2014-10-15 08:36:41 +02:00
lapb net/lapb: re-send packets on timeout 2013-09-23 16:52:45 -04:00
llc net: llc: use correct size for sysctl timeout entries 2015-04-19 10:11:09 +02:00
mac80211 mac80211: move WEP tailroom size check 2015-06-06 08:19:37 -07:00
mac802154 mac802154: fix following checkpath.pl warning Prefer pr_warn(... to pr_warning(... 2013-12-22 18:53:08 -05:00
mpls ipip: add GSO/TSO support 2013-10-19 19:36:19 -04:00
netfilter netfilter: conntrack: disable generic tracking for known protocols 2015-04-29 10:31:53 +02:00
netlabel netlabel: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
netlink net: fix crash in build_skb() 2015-05-06 21:59:07 +02:00
netrom net: add build-time checks for msg->msg_name size 2014-01-18 23:04:16 -08:00
nfc NFC: NCI: Fix NULL pointer dereference 2014-02-23 23:14:45 +01:00
openvswitch openvswitch: fix panic with multiple vlan headers 2014-10-15 08:36:41 +02:00
packet packet: handle too big packets for PACKET_V3 2014-10-15 08:36:40 +02:00
phonet net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-06-26 15:15:38 -04:00
rds net: rds: use correct size for max unacked packets and bytes 2015-04-19 10:11:09 +02:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-01-25 11:17:34 -08:00
rose net: add build-time checks for msg->msg_name size 2014-01-18 23:04:16 -08:00
rxrpc rxrpc: bogus MSG_PEEK test in rxrpc_recvmsg() 2015-03-26 15:06:50 +01:00
sched net_sched: invoke ->attach() after setting dev->qdisc 2015-06-22 17:01:18 -07:00
sctp net: sctp: fix passing wrong parameter header to param_type2af in sctp_process_param 2015-02-26 17:50:12 -08:00
sunrpc svcrpc: fix potential GSSX_ACCEPT_SEC_CONTEXT decoding failures 2015-06-06 08:19:38 -07:00
tipc tipc: clear 'next'-pointer of message fragments before reassembly 2014-07-28 08:06:01 -07:00
unix unix/caif: sk_socket can disappear when state is unlocked 2015-06-22 17:01:18 -07:00
vmw_vsock vsock: Make transport the proto owner 2014-05-31 13:20:36 -07:00
wimax wimax: remove dead code 2013-11-21 13:09:42 -05:00
wireless cfg80211: wext: clear sinfo struct before calling driver 2015-06-22 17:01:23 -07:00
x25 net: add build-time checks for msg->msg_name size 2014-01-18 23:04:16 -08:00
xfrm xfrm: Generate queueing routes only from route lookup functions 2014-10-15 08:36:42 +02:00
Kconfig net: netprio: rename config to be more consistent with cgroup configs 2014-01-03 23:41:42 +01:00
Makefile net: move 6lowpan compression code to separate module 2014-01-15 15:36:38 -08:00
compat.c net: compat: Update get_compat_msghdr() to match copy_msghdr_from_user() behaviour 2015-03-26 15:06:51 +01:00
nonet.c
socket.c net: socket: Fix the wrong returns for recvmsg and sendmsg 2015-06-06 08:19:31 -07:00
sysctl_net.c net: Update the sysctl permissions handler to test effective uid/gid 2013-10-07 15:57:56 -04:00