| Message ID | 20210404045712.50954-1-ducheng2@gmail.com (mailing list archive) |
|---|---|
| State | Rejected |
| Headers | show |
| Series | net:mac802154: add init of .sec and .sec_mtx for sdata in ieee802154_setup_sdata | expand |
Hi, On Sun, 4 Apr 2021 at 00:57, Du Cheng <ducheng2@gmail.com> wrote: > > add mutex_init(&sdata->sec_mtx) and mac802154_llsec_init(&sdata->sec) for > NL802154_IFTYPE_MONITOR inside ieee802154_setup_sdata. As the unintiated > mutex and sec data structure were used in ieee802154_get_llsec_params > which would cause a kernel crash. BUG reported by syzkaller. this patch will fix it in a way that the user is allowed to set llsec parameters for monitors but they will never use them because it's not supported. I resend my patch series which should forbid monitors to set any llsec parameters for now and the user will be aware that this feature isn't supported right now. Thanks. - Alex
Le Sun, Apr 04, 2021 at 08:33:48PM -0400, Alexander Aring a écrit : > Hi, > > On Sun, 4 Apr 2021 at 00:57, Du Cheng <ducheng2@gmail.com> wrote: > > > > add mutex_init(&sdata->sec_mtx) and mac802154_llsec_init(&sdata->sec) for > > NL802154_IFTYPE_MONITOR inside ieee802154_setup_sdata. As the unintiated > > mutex and sec data structure were used in ieee802154_get_llsec_params > > which would cause a kernel crash. BUG reported by syzkaller. > > this patch will fix it in a way that the user is allowed to set llsec > parameters for monitors but they will never use them because it's not > supported. I resend my patch series which should forbid monitors to > set any llsec parameters for now and the user will be aware that this > feature isn't supported right now. > > Thanks. > > - Alex Hi Alex, Noted. Please CC me when you send your patch series. Thanks! Regards, Du Cheng
diff --git a/net/mac802154/iface.c b/net/mac802154/iface.c index 1cf5ac09edcb..bec903e98db0 100644 --- a/net/mac802154/iface.c +++ b/net/mac802154/iface.c @@ -602,6 +602,9 @@ ieee802154_setup_sdata(struct ieee802154_sub_if_data *sdata, sdata->dev->needs_free_netdev = true; sdata->dev->netdev_ops = &mac802154_monitor_ops; wpan_dev->promiscuous_mode = true; + + mutex_init(&sdata->sec_mtx); + mac802154_llsec_init(&sdata->sec); break; default: BUG();
add mutex_init(&sdata->sec_mtx) and mac802154_llsec_init(&sdata->sec) for NL802154_IFTYPE_MONITOR inside ieee802154_setup_sdata. As the unintiated mutex and sec data structure were used in ieee802154_get_llsec_params which would cause a kernel crash. BUG reported by syzkaller. Reported-by: syzbot+cde43a581a8e5f317bc2@syzkaller.appspotmail.com Signed-off-by: Du Cheng <ducheng2@gmail.com> --- link to syzkaller bug: https://syzkaller.appspot.com/bug?id=a9cc0c65e7bb15be7143107d4215ebc8ef047528 This patch has passed syzbot testing. net/mac802154/iface.c | 3 +++ 1 file changed, 3 insertions(+)