wok-current diff broadcom-wl/stuff/005-debian-fix-kernel-warnings.patch @ rev 25725

Patch openssh CVE-2024-6387
author Stanislas Leduc <shann@slitaz.org>
date Mon Jul 01 15:09:44 2024 +0000 (4 weeks ago)
parents
children
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/broadcom-wl/stuff/005-debian-fix-kernel-warnings.patch	Mon Jul 01 15:09:44 2024 +0000
     1.3 @@ -0,0 +1,161 @@
     1.4 +--- a/src/wl/sys/wl_cfg80211_hybrid.c
     1.5 ++++ b/src/wl/sys/wl_cfg80211_hybrid.c
     1.6 +@@ -1968,7 +1968,7 @@
     1.7 + 
     1.8 + 	if (dtoh32(bi->length) > WL_BSS_INFO_MAX) {
     1.9 + 		WL_DBG(("Beacon is larger than buffer. Discarding\n"));
    1.10 +-		return err;
    1.11 ++		return -E2BIG;
    1.12 + 	}
    1.13 + 	notif_bss_info = kzalloc(sizeof(*notif_bss_info) + sizeof(*mgmt) - sizeof(u8) +
    1.14 + 	                         WL_BSS_INFO_MAX, GFP_KERNEL);
    1.15 +@@ -1992,9 +1992,15 @@
    1.16 + 	beacon_proberesp->capab_info = cpu_to_le16(bi->capability);
    1.17 + 	wl_rst_ie(wl);
    1.18 + 
    1.19 +-	wl_mrg_ie(wl, ((u8 *) bi) + bi->ie_offset, bi->ie_length);
    1.20 +-	wl_cp_ie(wl, beacon_proberesp->variable, WL_BSS_INFO_MAX -
    1.21 ++	err = wl_mrg_ie(wl, ((u8 *) bi) + bi->ie_offset, bi->ie_length);
    1.22 ++	if (err)
    1.23 ++		goto inform_single_bss_out;
    1.24 ++
    1.25 ++	err = wl_cp_ie(wl, beacon_proberesp->variable, WL_BSS_INFO_MAX -
    1.26 + 	         offsetof(struct wl_cfg80211_bss_info, frame_buf));
    1.27 ++	if (err)
    1.28 ++		goto inform_single_bss_out;
    1.29 ++
    1.30 + 	notif_bss_info->frame_len = offsetof(struct ieee80211_mgmt, u.beacon.variable) +
    1.31 + 	                            wl_get_ielen(wl);
    1.32 + #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 39)
    1.33 +@@ -2006,14 +2012,14 @@
    1.34 + #endif
    1.35 + 	if (freq == 0) {
    1.36 + 		WL_ERR(("Invalid channel, fail to chcnage channel to freq\n"));
    1.37 +-		kfree(notif_bss_info);
    1.38 +-		return -EINVAL;
    1.39 ++		err = -EINVAL;
    1.40 ++		goto inform_single_bss_out;
    1.41 + 	}
    1.42 + 	channel = ieee80211_get_channel(wiphy, freq);
    1.43 + 	if (unlikely(!channel)) {
    1.44 + 		WL_ERR(("ieee80211_get_channel error\n"));
    1.45 +-		kfree(notif_bss_info);
    1.46 +-		return -EINVAL;
    1.47 ++		err = -EINVAL;
    1.48 ++		goto inform_single_bss_out;
    1.49 + 	}
    1.50 + 
    1.51 + 	WL_DBG(("SSID : \"%s\", rssi %d, channel %d, capability : 0x04%x, bssid %pM\n",
    1.52 +@@ -2021,28 +2027,37 @@
    1.53 + 		mgmt->u.beacon.capab_info, &bi->BSSID));
    1.54 + 
    1.55 + 	signal = notif_bss_info->rssi * 100;
    1.56 +-	cbss = cfg80211_inform_bss_frame(wiphy, channel, mgmt,
    1.57 +-	    le16_to_cpu(notif_bss_info->frame_len), signal, GFP_KERNEL);
    1.58 +-	if (unlikely(!cbss)) {
    1.59 +-		WL_ERR(("cfg80211_inform_bss_frame error\n"));
    1.60 +-		kfree(notif_bss_info);
    1.61 +-		return -EINVAL;
    1.62 +-	}
    1.63 + 
    1.64 +-	notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
    1.65 +-	notify_ielen = le32_to_cpu(bi->ie_length);
    1.66 ++	if (!wl->scan_request) {
    1.67 ++		cbss = cfg80211_inform_bss_frame(wiphy, channel, mgmt,
    1.68 ++			le16_to_cpu(notif_bss_info->frame_len), signal, GFP_KERNEL);
    1.69 ++		if (unlikely(!cbss)) {
    1.70 ++			WL_ERR(("cfg80211_inform_bss_frame error\n"));
    1.71 ++			err = -ENOMEM;
    1.72 ++			goto inform_single_bss_out;
    1.73 ++		}
    1.74 ++	} else {
    1.75 ++		notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
    1.76 ++		notify_ielen = le32_to_cpu(bi->ie_length);
    1.77 + #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0)
    1.78 +-	cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet),
    1.79 +-		0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int,
    1.80 +-		(const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
    1.81 ++		cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet),
    1.82 ++			0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int,
    1.83 ++			(const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
    1.84 + #else
    1.85 +-	cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN, (const u8 *)(bi->BSSID.octet),
    1.86 +-		0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int,
    1.87 +-		(const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
    1.88 ++		cbss = cfg80211_inform_bss(wiphy, channel,
    1.89 ++				wl->active_scan ?
    1.90 ++				CFG80211_BSS_FTYPE_PRESP : CFG80211_BSS_FTYPE_BEACON,
    1.91 ++				(const u8 *)(bi->BSSID.octet), 0,
    1.92 ++				beacon_proberesp->capab_info,
    1.93 ++				beacon_proberesp->beacon_int,
    1.94 ++				(const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
    1.95 + #endif
    1.96 +-
    1.97 +-	if (unlikely(!cbss))
    1.98 +-		return -ENOMEM;
    1.99 ++		if (unlikely(!cbss)) {
   1.100 ++			WL_ERR(("cfg80211_inform_bss error\n"));
   1.101 ++			err = -ENOMEM;
   1.102 ++			goto inform_single_bss_out;
   1.103 ++		}
   1.104 ++	}
   1.105 + 
   1.106 + #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 9, 0)
   1.107 + 	cfg80211_put_bss(wiphy, cbss);
   1.108 +@@ -2050,6 +2065,7 @@
   1.109 + 	cfg80211_put_bss(cbss);
   1.110 + #endif
   1.111 + 
   1.112 ++inform_single_bss_out:
   1.113 + 	kfree(notif_bss_info);
   1.114 + 
   1.115 + 	return err;
   1.116 +@@ -2316,6 +2332,9 @@
   1.117 + 		if (err)
   1.118 + 			goto update_bss_info_out;
   1.119 + 
   1.120 ++		bss = cfg80211_get_bss(wl_to_wiphy(wl), NULL, (s8 *)&wl->bssid,
   1.121 ++		      ssid->SSID, ssid->SSID_len, WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
   1.122 ++
   1.123 + 		ie = ((u8 *)bi) + bi->ie_offset;
   1.124 + 		ie_len = bi->ie_length;
   1.125 + 	} else {
   1.126 +@@ -2328,11 +2347,18 @@
   1.127 + 		ie_len = bss->len_information_elements;
   1.128 + #endif
   1.129 + 		wl->conf->channel = *bss->channel;
   1.130 ++	}
   1.131 ++
   1.132 ++	if (bss) {
   1.133 + #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 9, 0)
   1.134 + 		cfg80211_put_bss(wiphy, bss);
   1.135 + #else
   1.136 + 		cfg80211_put_bss(bss);
   1.137 + #endif
   1.138 ++	} else {
   1.139 ++		WL_DBG(("Could not update BSS\n"));
   1.140 ++		err = -EINVAL;
   1.141 ++		goto update_bss_info_out;
   1.142 + 	}
   1.143 + 
   1.144 + 	tim = bcm_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
   1.145 +@@ -2360,10 +2386,17 @@
   1.146 + 	struct wl_cfg80211_connect_info *conn_info = wl_to_conn(wl);
   1.147 + 	s32 err = 0;
   1.148 + 
   1.149 +-	wl_get_assoc_ies(wl);
   1.150 ++	err = wl_get_assoc_ies(wl);
   1.151 ++	if (err)
   1.152 ++		return err;
   1.153 ++
   1.154 + 	memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
   1.155 + 	memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
   1.156 +-	wl_update_bss_info(wl);
   1.157 ++
   1.158 ++	err = wl_update_bss_info(wl);
   1.159 ++	if (err)
   1.160 ++		return err;
   1.161 ++
   1.162 + 	cfg80211_roamed(ndev,
   1.163 + #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 39)
   1.164 + 			&wl->conf->channel,