wok-current diff broadcom-wl/stuff/005-debian-fix-kernel-warnings.patch @ rev 25725
Patch openssh CVE-2024-6387
author | Stanislas Leduc <shann@slitaz.org> |
---|---|
date | Mon Jul 01 15:09:44 2024 +0000 (4 weeks ago) |
parents | |
children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/broadcom-wl/stuff/005-debian-fix-kernel-warnings.patch Mon Jul 01 15:09:44 2024 +0000 1.3 @@ -0,0 +1,161 @@ 1.4 +--- a/src/wl/sys/wl_cfg80211_hybrid.c 1.5 ++++ b/src/wl/sys/wl_cfg80211_hybrid.c 1.6 +@@ -1968,7 +1968,7 @@ 1.7 + 1.8 + if (dtoh32(bi->length) > WL_BSS_INFO_MAX) { 1.9 + WL_DBG(("Beacon is larger than buffer. Discarding\n")); 1.10 +- return err; 1.11 ++ return -E2BIG; 1.12 + } 1.13 + notif_bss_info = kzalloc(sizeof(*notif_bss_info) + sizeof(*mgmt) - sizeof(u8) + 1.14 + WL_BSS_INFO_MAX, GFP_KERNEL); 1.15 +@@ -1992,9 +1992,15 @@ 1.16 + beacon_proberesp->capab_info = cpu_to_le16(bi->capability); 1.17 + wl_rst_ie(wl); 1.18 + 1.19 +- wl_mrg_ie(wl, ((u8 *) bi) + bi->ie_offset, bi->ie_length); 1.20 +- wl_cp_ie(wl, beacon_proberesp->variable, WL_BSS_INFO_MAX - 1.21 ++ err = wl_mrg_ie(wl, ((u8 *) bi) + bi->ie_offset, bi->ie_length); 1.22 ++ if (err) 1.23 ++ goto inform_single_bss_out; 1.24 ++ 1.25 ++ err = wl_cp_ie(wl, beacon_proberesp->variable, WL_BSS_INFO_MAX - 1.26 + offsetof(struct wl_cfg80211_bss_info, frame_buf)); 1.27 ++ if (err) 1.28 ++ goto inform_single_bss_out; 1.29 ++ 1.30 + notif_bss_info->frame_len = offsetof(struct ieee80211_mgmt, u.beacon.variable) + 1.31 + wl_get_ielen(wl); 1.32 + #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 39) 1.33 +@@ -2006,14 +2012,14 @@ 1.34 + #endif 1.35 + if (freq == 0) { 1.36 + WL_ERR(("Invalid channel, fail to chcnage channel to freq\n")); 1.37 +- kfree(notif_bss_info); 1.38 +- return -EINVAL; 1.39 ++ err = -EINVAL; 1.40 ++ goto inform_single_bss_out; 1.41 + } 1.42 + channel = ieee80211_get_channel(wiphy, freq); 1.43 + if (unlikely(!channel)) { 1.44 + WL_ERR(("ieee80211_get_channel error\n")); 1.45 +- kfree(notif_bss_info); 1.46 +- return -EINVAL; 1.47 ++ err = -EINVAL; 1.48 ++ goto inform_single_bss_out; 1.49 + } 1.50 + 1.51 + WL_DBG(("SSID : \"%s\", rssi %d, channel %d, capability : 0x04%x, bssid %pM\n", 1.52 +@@ -2021,28 +2027,37 @@ 1.53 + mgmt->u.beacon.capab_info, &bi->BSSID)); 1.54 + 1.55 + signal = notif_bss_info->rssi * 100; 1.56 +- cbss = cfg80211_inform_bss_frame(wiphy, channel, mgmt, 1.57 +- le16_to_cpu(notif_bss_info->frame_len), signal, GFP_KERNEL); 1.58 +- if (unlikely(!cbss)) { 1.59 +- WL_ERR(("cfg80211_inform_bss_frame error\n")); 1.60 +- kfree(notif_bss_info); 1.61 +- return -EINVAL; 1.62 +- } 1.63 + 1.64 +- notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); 1.65 +- notify_ielen = le32_to_cpu(bi->ie_length); 1.66 ++ if (!wl->scan_request) { 1.67 ++ cbss = cfg80211_inform_bss_frame(wiphy, channel, mgmt, 1.68 ++ le16_to_cpu(notif_bss_info->frame_len), signal, GFP_KERNEL); 1.69 ++ if (unlikely(!cbss)) { 1.70 ++ WL_ERR(("cfg80211_inform_bss_frame error\n")); 1.71 ++ err = -ENOMEM; 1.72 ++ goto inform_single_bss_out; 1.73 ++ } 1.74 ++ } else { 1.75 ++ notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); 1.76 ++ notify_ielen = le32_to_cpu(bi->ie_length); 1.77 + #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0) 1.78 +- cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet), 1.79 +- 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, 1.80 +- (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); 1.81 ++ cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet), 1.82 ++ 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, 1.83 ++ (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); 1.84 + #else 1.85 +- cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN, (const u8 *)(bi->BSSID.octet), 1.86 +- 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, 1.87 +- (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); 1.88 ++ cbss = cfg80211_inform_bss(wiphy, channel, 1.89 ++ wl->active_scan ? 1.90 ++ CFG80211_BSS_FTYPE_PRESP : CFG80211_BSS_FTYPE_BEACON, 1.91 ++ (const u8 *)(bi->BSSID.octet), 0, 1.92 ++ beacon_proberesp->capab_info, 1.93 ++ beacon_proberesp->beacon_int, 1.94 ++ (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); 1.95 + #endif 1.96 +- 1.97 +- if (unlikely(!cbss)) 1.98 +- return -ENOMEM; 1.99 ++ if (unlikely(!cbss)) { 1.100 ++ WL_ERR(("cfg80211_inform_bss error\n")); 1.101 ++ err = -ENOMEM; 1.102 ++ goto inform_single_bss_out; 1.103 ++ } 1.104 ++ } 1.105 + 1.106 + #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 9, 0) 1.107 + cfg80211_put_bss(wiphy, cbss); 1.108 +@@ -2050,6 +2065,7 @@ 1.109 + cfg80211_put_bss(cbss); 1.110 + #endif 1.111 + 1.112 ++inform_single_bss_out: 1.113 + kfree(notif_bss_info); 1.114 + 1.115 + return err; 1.116 +@@ -2316,6 +2332,9 @@ 1.117 + if (err) 1.118 + goto update_bss_info_out; 1.119 + 1.120 ++ bss = cfg80211_get_bss(wl_to_wiphy(wl), NULL, (s8 *)&wl->bssid, 1.121 ++ ssid->SSID, ssid->SSID_len, WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); 1.122 ++ 1.123 + ie = ((u8 *)bi) + bi->ie_offset; 1.124 + ie_len = bi->ie_length; 1.125 + } else { 1.126 +@@ -2328,11 +2347,18 @@ 1.127 + ie_len = bss->len_information_elements; 1.128 + #endif 1.129 + wl->conf->channel = *bss->channel; 1.130 ++ } 1.131 ++ 1.132 ++ if (bss) { 1.133 + #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 9, 0) 1.134 + cfg80211_put_bss(wiphy, bss); 1.135 + #else 1.136 + cfg80211_put_bss(bss); 1.137 + #endif 1.138 ++ } else { 1.139 ++ WL_DBG(("Could not update BSS\n")); 1.140 ++ err = -EINVAL; 1.141 ++ goto update_bss_info_out; 1.142 + } 1.143 + 1.144 + tim = bcm_parse_tlvs(ie, ie_len, WLAN_EID_TIM); 1.145 +@@ -2360,10 +2386,17 @@ 1.146 + struct wl_cfg80211_connect_info *conn_info = wl_to_conn(wl); 1.147 + s32 err = 0; 1.148 + 1.149 +- wl_get_assoc_ies(wl); 1.150 ++ err = wl_get_assoc_ies(wl); 1.151 ++ if (err) 1.152 ++ return err; 1.153 ++ 1.154 + memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN); 1.155 + memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN); 1.156 +- wl_update_bss_info(wl); 1.157 ++ 1.158 ++ err = wl_update_bss_info(wl); 1.159 ++ if (err) 1.160 ++ return err; 1.161 ++ 1.162 + cfg80211_roamed(ndev, 1.163 + #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 39) 1.164 + &wl->conf->channel,