wok-current view broadcom-wl64/stuff/005-debian-fix-kernel-warnings.patch @ rev 25695
Up linux 5.10.214, Patch xorg-server (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083)
author | Stanislas Leduc <shann@slitaz.org> |
---|---|
date | Thu Apr 04 08:53:51 2024 +0000 (7 months ago) |
parents | |
children |
line source
1 --- a/src/wl/sys/wl_cfg80211_hybrid.c
2 +++ b/src/wl/sys/wl_cfg80211_hybrid.c
3 @@ -1968,7 +1968,7 @@
5 if (dtoh32(bi->length) > WL_BSS_INFO_MAX) {
6 WL_DBG(("Beacon is larger than buffer. Discarding\n"));
7 - return err;
8 + return -E2BIG;
9 }
10 notif_bss_info = kzalloc(sizeof(*notif_bss_info) + sizeof(*mgmt) - sizeof(u8) +
11 WL_BSS_INFO_MAX, GFP_KERNEL);
12 @@ -1992,9 +1992,15 @@
13 beacon_proberesp->capab_info = cpu_to_le16(bi->capability);
14 wl_rst_ie(wl);
16 - wl_mrg_ie(wl, ((u8 *) bi) + bi->ie_offset, bi->ie_length);
17 - wl_cp_ie(wl, beacon_proberesp->variable, WL_BSS_INFO_MAX -
18 + err = wl_mrg_ie(wl, ((u8 *) bi) + bi->ie_offset, bi->ie_length);
19 + if (err)
20 + goto inform_single_bss_out;
21 +
22 + err = wl_cp_ie(wl, beacon_proberesp->variable, WL_BSS_INFO_MAX -
23 offsetof(struct wl_cfg80211_bss_info, frame_buf));
24 + if (err)
25 + goto inform_single_bss_out;
26 +
27 notif_bss_info->frame_len = offsetof(struct ieee80211_mgmt, u.beacon.variable) +
28 wl_get_ielen(wl);
29 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 39)
30 @@ -2006,14 +2012,14 @@
31 #endif
32 if (freq == 0) {
33 WL_ERR(("Invalid channel, fail to chcnage channel to freq\n"));
34 - kfree(notif_bss_info);
35 - return -EINVAL;
36 + err = -EINVAL;
37 + goto inform_single_bss_out;
38 }
39 channel = ieee80211_get_channel(wiphy, freq);
40 if (unlikely(!channel)) {
41 WL_ERR(("ieee80211_get_channel error\n"));
42 - kfree(notif_bss_info);
43 - return -EINVAL;
44 + err = -EINVAL;
45 + goto inform_single_bss_out;
46 }
48 WL_DBG(("SSID : \"%s\", rssi %d, channel %d, capability : 0x04%x, bssid %pM\n",
49 @@ -2021,28 +2027,37 @@
50 mgmt->u.beacon.capab_info, &bi->BSSID));
52 signal = notif_bss_info->rssi * 100;
53 - cbss = cfg80211_inform_bss_frame(wiphy, channel, mgmt,
54 - le16_to_cpu(notif_bss_info->frame_len), signal, GFP_KERNEL);
55 - if (unlikely(!cbss)) {
56 - WL_ERR(("cfg80211_inform_bss_frame error\n"));
57 - kfree(notif_bss_info);
58 - return -EINVAL;
59 - }
61 - notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
62 - notify_ielen = le32_to_cpu(bi->ie_length);
63 + if (!wl->scan_request) {
64 + cbss = cfg80211_inform_bss_frame(wiphy, channel, mgmt,
65 + le16_to_cpu(notif_bss_info->frame_len), signal, GFP_KERNEL);
66 + if (unlikely(!cbss)) {
67 + WL_ERR(("cfg80211_inform_bss_frame error\n"));
68 + err = -ENOMEM;
69 + goto inform_single_bss_out;
70 + }
71 + } else {
72 + notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
73 + notify_ielen = le32_to_cpu(bi->ie_length);
74 #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0)
75 - cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet),
76 - 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int,
77 - (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
78 + cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet),
79 + 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int,
80 + (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
81 #else
82 - cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN, (const u8 *)(bi->BSSID.octet),
83 - 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int,
84 - (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
85 + cbss = cfg80211_inform_bss(wiphy, channel,
86 + wl->active_scan ?
87 + CFG80211_BSS_FTYPE_PRESP : CFG80211_BSS_FTYPE_BEACON,
88 + (const u8 *)(bi->BSSID.octet), 0,
89 + beacon_proberesp->capab_info,
90 + beacon_proberesp->beacon_int,
91 + (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL);
92 #endif
93 -
94 - if (unlikely(!cbss))
95 - return -ENOMEM;
96 + if (unlikely(!cbss)) {
97 + WL_ERR(("cfg80211_inform_bss error\n"));
98 + err = -ENOMEM;
99 + goto inform_single_bss_out;
100 + }
101 + }
103 #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 9, 0)
104 cfg80211_put_bss(wiphy, cbss);
105 @@ -2050,6 +2065,7 @@
106 cfg80211_put_bss(cbss);
107 #endif
109 +inform_single_bss_out:
110 kfree(notif_bss_info);
112 return err;
113 @@ -2316,6 +2332,9 @@
114 if (err)
115 goto update_bss_info_out;
117 + bss = cfg80211_get_bss(wl_to_wiphy(wl), NULL, (s8 *)&wl->bssid,
118 + ssid->SSID, ssid->SSID_len, WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
119 +
120 ie = ((u8 *)bi) + bi->ie_offset;
121 ie_len = bi->ie_length;
122 } else {
123 @@ -2328,11 +2347,18 @@
124 ie_len = bss->len_information_elements;
125 #endif
126 wl->conf->channel = *bss->channel;
127 + }
128 +
129 + if (bss) {
130 #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 9, 0)
131 cfg80211_put_bss(wiphy, bss);
132 #else
133 cfg80211_put_bss(bss);
134 #endif
135 + } else {
136 + WL_DBG(("Could not update BSS\n"));
137 + err = -EINVAL;
138 + goto update_bss_info_out;
139 }
141 tim = bcm_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
142 @@ -2360,10 +2386,17 @@
143 struct wl_cfg80211_connect_info *conn_info = wl_to_conn(wl);
144 s32 err = 0;
146 - wl_get_assoc_ies(wl);
147 + err = wl_get_assoc_ies(wl);
148 + if (err)
149 + return err;
150 +
151 memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
152 memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
153 - wl_update_bss_info(wl);
154 +
155 + err = wl_update_bss_info(wl);
156 + if (err)
157 + return err;
158 +
159 cfg80211_roamed(ndev,
160 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 39)
161 &wl->conf->channel,