linux/net/wireless
Avraham Stern 0288e5e16a cfg80211: avoid double free of PMSR request
If cfg80211_pmsr_process_abort() moves all the PMSR requests that
need to be freed into a local list before aborting and freeing them.
As a result, it is possible that cfg80211_pmsr_complete() will run in
parallel and free the same PMSR request.

Fix it by freeing the request in cfg80211_pmsr_complete() only if it
is still in the original pmsr list.

Cc: stable@vger.kernel.org
Fixes: 9bb7e0f24e ("cfg80211: add peer measurement with FTM initiator API")
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Link: https://lore.kernel.org/r/iwlwifi.20210618133832.1fbef57e269a.I00294bebdb0680b892f8d1d5c871fd9dbe785a5e@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2021-06-18 13:25:24 +02:00
..
certs cfg80211: ship certificates as hex files 2017-12-19 09:28:01 +01:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
ap.c cfg80211: call disconnect_wk when AP stops 2019-02-01 11:12:50 +01:00
chan.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
core.c cfg80211: fix phy80211 symlink creation 2021-06-09 16:09:20 +02:00
core.h cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
debugfs.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
debugfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ethtool.c cfg80211: check wiphy driver existence for drvinfo report 2020-02-07 12:53:26 +01:00
ibss.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
Kconfig cfg80211: select CONFIG_CRC32 2021-01-05 15:50:36 -08:00
lib80211_crypt_ccmp.c lib80211: use crypto API ccm(aes) transform for CCMP processing 2019-07-26 13:22:47 +02:00
lib80211_crypt_tkip.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
lib80211_crypt_wep.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
lib80211.c lib80211: Remove unused macro DRV_NAME 2020-09-18 11:53:00 +02:00
Makefile cfg80211: make certificate generation more robust 2021-06-18 13:25:15 +02:00
mesh.c cfg80211/mac80211: add mesh_param "mesh_nolearn" to skip path discovery 2020-07-31 09:24:23 +02:00
mlme.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
nl80211.c Networking changes for 5.13. 2021-04-29 11:57:23 -07:00
nl80211.h cfg80211: support immediate reconnect request hint 2020-12-11 13:20:05 +01:00
ocb.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
of.c
pmsr.c cfg80211: avoid double free of PMSR request 2021-06-18 13:25:24 +02:00
radiotap.c wireless: radiotap: fix some kernel-doc 2020-09-28 13:53:05 +02:00
rdev-ops.h nl80211: add common API to configure SAR power limitations 2020-12-11 13:38:54 +01:00
reg.c cfg80211: regulatory: use DEFINE_SPINLOCK() for spinlock 2021-04-08 10:17:32 +02:00
reg.h cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
scan.c Another set of updates, all over the map: 2021-04-20 16:44:04 -07:00
sme.c cfg80211: remove WARN_ON() in cfg80211_sme_connect 2021-04-08 10:14:55 +02:00
sysfs.c cfg80211: shut down interfaces on failed resume 2021-06-09 16:09:20 +02:00
sysfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.c
trace.h nl80211: add common API to configure SAR power limitations 2020-12-11 13:38:54 +01:00
util.c cfg80211: call cfg80211_leave_ocb when switching away from OCB 2021-05-31 21:27:15 +02:00
wext-compat.c wext: call cfg80211_set_encryption() with wiphy lock held 2021-01-28 19:10:57 +01:00
wext-compat.h treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
wext-core.c wext: fix NULL-ptr-dereference with cfg80211's lack of commit() 2021-01-26 11:59:42 +01:00
wext-priv.c
wext-proc.c proc: introduce proc_create_net{,_data} 2018-05-16 07:24:30 +02:00
wext-sme.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
wext-spy.c