lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 11 Mar 2024 10:04:50 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Philipp Hortmann <philipp.g.hortmann@...il.com>,
	Lee Jones <lee@...nel.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org,
	Larry.Finger@...inger.net, johannes@...solutions.net,
	kvalo@...nel.org, arnd@...db.de
Subject: Re: [RFC] staging: wlan-ng: Driver broken since kernel 5.15

On Sat, Mar 09, 2024 at 11:09:24PM +0100, Philipp Hortmann wrote:
> Hi,
> 
> I would remove the driver from the mainline kernel. What are your thoughts?
> 
> I bought two WLAN devices (DUT: D-Link DWL-122 and T-Sinus 111 data) that
> are supported by wlan-ng driver. Issue is that the driver is not working
> anymore.
> 
> The error picture is that the device does not receive any packets.
> The dmesg says:
> [  123.695917] prism2_usb 2-1.6:1.0 wlan0: Unknown mgmt request message
> 0x0e4f9800
> [  127.508211] prism2_usb 2-1.6:1.0 wlan0: Unknown mgmt request message
> 0x04f0d000
> ...
> 
> A working commit 8fc4fb1728855a22f9149079ba51877f5ee61fc9 (HEAD) Date: Mon
> Jul 5 11:16:28 2021 -0700
> A failing commit  d980cc0620ae77ab2572235a1300bf22519f2e86 (HEAD) Date:  Fri
> Jul 16 19:08:09 2021 -0700

Those dates are 11 days apart during the v5.14 merge window.  You're
saying 5.15 is broken but the broken commit is in 5.14-rc2 so it really
was broken earlier.

There were only 3 patches to wlan-ng between v5.13 and v5.14.

$ git log --oneline v5.13..v5.14 drivers/staging/wlan-ng/
b1e9109aeff3 staging: wlan-ng: silence incorrect type in argument 1 (different address spaces)
ad843f392035 staging: wlan-ng: remove redundant initialization of variable txresult
ea82ff749587 staging: wlan-ng: cfg80211: Move large struct onto the heap

Obviously I'm going to suspect the largest patch.  Reviewing that patch
now, I see we removed a memset() from the loop.  That seems like a bug.

-               memset(&msg2, 0, sizeof(msg2));
-               msg2.msgcode = DIDMSG_DOT11REQ_SCAN_RESULTS;
-               msg2.bssindex.data = i;
+               msg2->msgcode = DIDMSG_DOT11REQ_SCAN_RESULTS;
+               msg2->bssindex.data = i;

That's the only interesting change so I suspect it's the issue...
Could you test this patch?  I feel like if you're the first person to
complain since Aug 29 2021 then probably we should just remove the
driver.  Greg is on vacation so lets hold off on removing it until he
comes back.

regards,
dan carpenter


diff --git a/drivers/staging/wlan-ng/cfg80211.c b/drivers/staging/wlan-ng/cfg80211.c
index 471bb310176f..0c270ed8ce67 100644
--- a/drivers/staging/wlan-ng/cfg80211.c
+++ b/drivers/staging/wlan-ng/cfg80211.c
@@ -347,6 +347,7 @@ static int prism2_scan(struct wiphy *wiphy,
 	for (i = 0; i < numbss; i++) {
 		int freq;
 
+		memset(msg2, 0, sizeof(*msg2));
 		msg2->msgcode = DIDMSG_DOT11REQ_SCAN_RESULTS;
 		msg2->bssindex.data = i;
 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ