Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp714217ybv;
        Thu, 13 Feb 2020 08:12:35 -0800 (PST)
X-Google-Smtp-Source: APXvYqzYAwA7egHvGhtAE2lpSDEWrgZ/oobAWNB+3h81BADgn1CWL0xq39V6d8lRo11SX8jFTQwZ
X-Received: by 2002:a9d:4c06:: with SMTP id l6mr14317989otf.161.1581610355478;
        Thu, 13 Feb 2020 08:12:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1581610355; cv=none;
        d=google.com; s=arc-20160816;
        b=aB92XmT8QzoDonvoXImN6ZC+zMJ3bWs0Dh+QgbB8C2gI4E1PVQAlAQUTHzmUveV6eB
         WwEMWi92M51EyGH6woFAukf2zEbfeezOGkvCW7h3pl6WEQL3vXMeLuizuH5liiLka2YD
         4hxe4WnOMpO9ORQjE4wtjvEMbMfjHXpGEpVW+teBaAN60zGyG96SXdaHDo9o376K6BxI
         nm/dOm/LVNAlfNPk8yf1KG3+ADY+4zTXYAGB13RHMoOVtiFB5PM3dO1iQMaUnoLwxWvA
         ghPCerQur8rbPSFOQvsI44D6YCZaPSVTNEzrWfxsdcRwoDvimhogS+Chm8XBqKyO2kiS
         eJpQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=by361FgJckyUCjDdHcvgC81qKgARL2stn9m9QXEYNEg=;
        b=a+GtUmNH4382ACOduheF2YB3j/TQomuOsAEY3UF2//lhXzU+VGzCWpJb1UtaxL9DZL
         IGe7fWyVISdG/pB4o4qfLZQb1OZJj4VJy3CeTnOm449RjxpDWm1T2TS6Zj4iVfs9VeUn
         ConoJNvNiqbK4EiS+trFz1w0upNOj7Cd2BZvizx8k1Nm7B7XzAUmSN7hPNNPeXUutLus
         +LvjnwPOQz1QPeYaD3ENP5ts4PxXLzBW3zduQLonIS8fYpHFEbWSjW8IM4TqnOs3smgD
         J6vkKJr8Mvs5EZ1VNDMF8qaBzcDHCmG/Xni0gQHyfIdHCVyMLMpP/Dc0ew5m91cbg96P
         dy+w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=jicbUgSI;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u23si1422542otj.242.2020.02.13.08.12.19;
        Thu, 13 Feb 2020 08:12:35 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=jicbUgSI;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728103AbgBMQKw (ORCPT <rfc822;kernelgary@gmail.com>
        + 99 others); Thu, 13 Feb 2020 11:10:52 -0500
Received: from mail.kernel.org ([198.145.29.99]:60090 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727970AbgBMPWd (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Feb 2020 10:22:33 -0500
Received: from localhost (unknown [104.132.1.104])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id DDAD1246A3;
        Thu, 13 Feb 2020 15:22:31 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1581607352;
        bh=AfbUs+nud2va6Aa5pGROgC4szYilv6TYCfS4lF1pL+A=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=jicbUgSIKv3hTcagI5sIfYJLEjo0YbVn7JQGf7RwANOi3CxO+LhpbYUiwxMxQq0ic
         5PQq0kx/LqaVia4LLDRu/VpsFYg5RBCp4TtR8YCbT+GZqyIwESe6dH5gbRfR0sWtD6
         RI+17OV9CPGT6P8Eh3ooey+6qcWJyPiMC1Oz/Mf8=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, huangwen <huangwenabc@gmail.com>,
        Ganapathi Bhat <ganapathi.bhat@nxp.com>,
        Brian Norris <briannorris@chromium.org>,
        Kalle Valo <kvalo@codeaurora.org>
Subject: [PATCH 4.4 33/91] mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
Date:   Thu, 13 Feb 2020 07:19:50 -0800
Message-Id: <20200213151834.516337372@linuxfoundation.org>
X-Mailer: git-send-email 2.25.0
In-Reply-To: <20200213151821.384445454@linuxfoundation.org>
References: <20200213151821.384445454@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Brian Norris <briannorris@chromium.org>

commit 65b1aae0d9d5962faccc06bdb8e91a2a0b09451c upstream.

We called rcu_read_lock(), so we need to call rcu_read_unlock() before
we return.

Fixes: 3d94a4a8373b ("mwifiex: fix possible heap overflow in mwifiex_process_country_ie()")
Cc: stable@vger.kernel.org
Cc: huangwen <huangwenabc@gmail.com>
Cc: Ganapathi Bhat <ganapathi.bhat@nxp.com>
Signed-off-by: Brian Norris <briannorris@chromium.org>
Acked-by: Ganapathi Bhat <ganapathi.bhat@nxp.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/net/wireless/mwifiex/sta_ioctl.c |    1 +
 1 file changed, 1 insertion(+)

--- a/drivers/net/wireless/mwifiex/sta_ioctl.c
+++ b/drivers/net/wireless/mwifiex/sta_ioctl.c
@@ -232,6 +232,7 @@ static int mwifiex_process_country_ie(st
 
 	if (country_ie_len >
 	    (IEEE80211_COUNTRY_STRING_LEN + MWIFIEX_MAX_TRIPLET_802_11D)) {
+		rcu_read_unlock();
 		mwifiex_dbg(priv->adapter, ERROR,
 			    "11D: country_ie_len overflow!, deauth AP\n");
 		return -EINVAL;