lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <cef03d6c-7be8-4527-b38b-eadca2789f9b@unstable.cc>
Date: Tue, 21 May 2024 09:43:56 +0200
From: Antonio Quartulli <a@...table.cc>
To: Remi Pommarel <repk@...plefau.lt>,
 Johannes Berg <johannes@...solutions.net>
Cc: linux-wireless@...r.kernel.org, b.a.t.m.a.n@...ts.open-mesh.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH] wifi: cfg80211: Lock wiphy in cfg80211_get_station

Hi,

On 18/05/2024 17:50, Remi Pommarel wrote:
> Wiphy should be locked before calling rdev_get_station() (see lockdep
> assert in ieee80211_get_station()).

Adding the lock is fine as nowadays it is taken in pre_doit and released 
in post_doit (with some exceptions). Therefore when invoking 
get_station from a side path the lock should be taken too.

It was actually a05829a7222e9d10c416dd2dbbf3929fe6646b89 that introduced 
this requirement AFAICS.

> 
> This fixes the following kernel NULL dereference:

As already said by Johannes, I am not sure it truly fixes this NULL 
dereference though.

Have you checked where in ath10k_sta_statistics this is exactly 
happening? Do you think some sta was partly released and thus fields 
were NULLified?

Regards,


-- 
Antonio Quartulli

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ