Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp4421693rdh; Wed, 29 Nov 2023 00:33:43 -0800 (PST) X-Google-Smtp-Source: AGHT+IGuDxcAI7rxgMuPvRj8XaQqTTjmKvMQDqd1a+LnlXimtGsgbD5U139tnwQ4nQ1yuO4K3TKO X-Received: by 2002:a05:6a00:1496:b0:6cb:4d36:5d07 with SMTP id v22-20020a056a00149600b006cb4d365d07mr17180603pfu.10.1701246822860; Wed, 29 Nov 2023 00:33:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701246822; cv=none; d=google.com; s=arc-20160816; b=GVGGgEFa6SSipOaHGMI8fK614XIIkWPTtnGXoMwCAHTQJV9eBVuNPprTJG2PYSqnab 4EdF8Sd0uhlvGw3gSRv2psf7BSQl4AfLb9ygXfzhVr6rWeGhDnsplnCMvHfK/KksWvHc OiOFAddEck3dkEoAA2Yu/Yyx4+huO4Us4UINrdwvFYd0DmhxJuIjqnbFOAOVwsva8Rwh 6RN2cCJth4ET6gZcBb/RPLSvx2HyQgqRMCD/KZpO08/S6/cCx1S/BxjWR4QauxPJs1g9 MZAMkdghb9siVbdrXIHzahjktjjABoYraNOtyEyVjsRW+o/vEZauAK4jwQO4rWUWmjBn 8Asg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence :user-agent:content-transfer-encoding:references:in-reply-to:date:cc :to:from:subject:message-id:dkim-signature; bh=iL44Hr2Utbt8Rb40hYFfR3Yl3GOU2Y+nYu/SSloZ/X0=; fh=uo38ucHzoKor7/TCv9Kjgs/NHAhIrZXqoECGHQIVGvw=; b=hZ+wHHgQ5wyEdgZ/BFUFbyc00ovn43pwlPhVxo6CCLJSLqsiQijycTBXseR/sAhtxT 1nq5HgKMzWyTHEhZRPiavunYahC0wEA5GO5zoqLfFaI2G7qba7YOhKfImyyVrPl7pFN1 n/o0aaN+3adGuAUu0VWaKrMjZlfdurn1Y5avDmFNF5wTEjY7x2oliTeu77zAxT46Ewjb r2G/P883Cox6hHwdo5tY8S7E+yL/t620lRYdRJKgL/21SaMjdYbScBSQy4MKfDdmBLZz 9uEmo7bpBwkghQ7BpjQoYhxklM8RKGm7ESJzZI56AUPEtrjpMdD0mbB9CTF0tafLsQLh wNyg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sipsolutions.net header.s=mail header.b="B6n9/g6I"; spf=pass (google.com: domain of linux-wireless+bounces-196-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-wireless+bounces-196-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id s18-20020a635252000000b005bd043711cbsi14118544pgl.216.2023.11.29.00.33.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Nov 2023 00:33:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-wireless+bounces-196-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@sipsolutions.net header.s=mail header.b="B6n9/g6I"; spf=pass (google.com: domain of linux-wireless+bounces-196-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-wireless+bounces-196-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 50EF7B20F1C for ; Wed, 29 Nov 2023 08:33:39 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9CBDF79C3; Wed, 29 Nov 2023 08:33:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=sipsolutions.net header.i=@sipsolutions.net header.b="B6n9/g6I" X-Original-To: linux-wireless@vger.kernel.org Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:242:246e::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5102019B0; Wed, 29 Nov 2023 00:33:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=MIME-Version:Content-Transfer-Encoding: Content-Type:References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=iL44Hr2Utbt8Rb40hYFfR3Yl3GOU2Y+nYu/SSloZ/X0=; t=1701246814; x=1702456414; b=B6n9/g6ITd6f4HA4PHYrxMnsj2Jr5FKm/W9Cex+mkmirzZ6 uZl0WTaT89gHVqDfVVo/byLg2puPHaSGr793dffsGjLjYBakFj7KH9T93ptI1EH56KVrQgFlLK6wq wmGi3QAThBm5SngEVMB1HZ1+gVa5VnZKAQsWxZtj6MVwVLptm1c8nT9Qpd+v6cp3FL50UGl1rS7LH B7rYzsXfjXYt1ZuhCuIkebZxFf2+waQSSbCCFyQnVBEuVnVBTvH5v3d4vq1PP938eiU7Gji5/Jz1H sBrpKW0xu2EdKeeF+xzqe1jVYRgvFLV9T93FDiEfl9+a6aGUXB2WPi28w5ZyICAQ==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.97) (envelope-from ) id 1r8G0b-00000008abj-0RXH; Wed, 29 Nov 2023 09:33:25 +0100 Message-ID: <56d8b3b9099d3935a7b53e976fa998f06fbfd9a5.camel@sipsolutions.net> Subject: Re: [PATCH] wifi: mac80211: sband's null check should precede params From: Johannes Berg To: Edward Adam Davis Cc: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, llvm@lists.linux.dev, nathan@kernel.org, ndesaulniers@google.com, netdev@vger.kernel.org, pabeni@redhat.com, syzbot+62d7eef57b09bfebcd84@syzkaller.appspotmail.com, syzkaller-bugs@googlegroups.com, trix@redhat.com Date: Wed, 29 Nov 2023 09:33:23 +0100 In-Reply-To: References: <6c7765f13b715e67637438c6dffaa5a369758519.camel@sipsolutions.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.48.4 (3.48.4-1.fc38) Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-malware-bazaar: not-scanned On Wed, 2023-11-29 at 16:18 +0800, Edward Adam Davis wrote: > On Wed, 29 Nov 2023 07:57:07 +0100, Johannes Berg wrote: > > > [Analysis] > > > When ieee80211_get_link_sband() fails to find a valid sband and first= checks > > > for params in sta_link_apply_parameters(), it will return 0 due to ne= w_link > > > being 0, which will lead to an incorrect process after sta_apply_para= meters(). > > >=20 > > > [Fix] > > > First obtain sband and perform a non null check before checking the p= arams. > >=20 > > Not sure I can even disagree with that analysis, it seems right, but ..= . > >=20 > > > + if (!link || !link_sta) > > > + return -EINVAL; > > > + > > > + sband =3D ieee80211_get_link_sband(link); > > > + if (!sband) > > > + return -EINVAL; > > > + > > > /* > > > * If there are no changes, then accept a link that doesn't exist, > > > * unless it's a new link. > >=20 > > There's a comment here which is clearly not true after this change, > > since you've already returned for !link_sta? > No, after applying my patch, it will return due to !sband. >=20 Right, OK, but the way I read the comment (now) is that it wanted to accept it in that case? That said, I just threw the patch into our internal testing machinery quickly (probably has more MLO tests than upstream hostap for now), and it worked just fine ... Maybe we should just remove the comment? johannes