linux/net/wireless
Avraham Stern 0288e5e16a cfg80211: avoid double free of PMSR request
If cfg80211_pmsr_process_abort() moves all the PMSR requests that
need to be freed into a local list before aborting and freeing them.
As a result, it is possible that cfg80211_pmsr_complete() will run in
parallel and free the same PMSR request.

Fix it by freeing the request in cfg80211_pmsr_complete() only if it
is still in the original pmsr list.

Cc: stable@vger.kernel.org
Fixes: 9bb7e0f24e ("cfg80211: add peer measurement with FTM initiator API")
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Link: https://lore.kernel.org/r/iwlwifi.20210618133832.1fbef57e269a.I00294bebdb0680b892f8d1d5c871fd9dbe785a5e@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2021-06-18 13:25:24 +02:00
..
certs
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
ap.c
chan.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
core.c cfg80211: fix phy80211 symlink creation 2021-06-09 16:09:20 +02:00
core.h cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
debugfs.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
debugfs.h
ethtool.c cfg80211: check wiphy driver existence for drvinfo report 2020-02-07 12:53:26 +01:00
ibss.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
Kconfig cfg80211: select CONFIG_CRC32 2021-01-05 15:50:36 -08:00
lib80211_crypt_ccmp.c
lib80211_crypt_tkip.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
lib80211_crypt_wep.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
lib80211.c lib80211: Remove unused macro DRV_NAME 2020-09-18 11:53:00 +02:00
Makefile cfg80211: make certificate generation more robust 2021-06-18 13:25:15 +02:00
mesh.c cfg80211/mac80211: add mesh_param "mesh_nolearn" to skip path discovery 2020-07-31 09:24:23 +02:00
mlme.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
nl80211.c Networking changes for 5.13. 2021-04-29 11:57:23 -07:00
nl80211.h cfg80211: support immediate reconnect request hint 2020-12-11 13:20:05 +01:00
ocb.c
of.c
pmsr.c cfg80211: avoid double free of PMSR request 2021-06-18 13:25:24 +02:00
radiotap.c wireless: radiotap: fix some kernel-doc 2020-09-28 13:53:05 +02:00
rdev-ops.h nl80211: add common API to configure SAR power limitations 2020-12-11 13:38:54 +01:00
reg.c cfg80211: regulatory: use DEFINE_SPINLOCK() for spinlock 2021-04-08 10:17:32 +02:00
reg.h cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
scan.c Another set of updates, all over the map: 2021-04-20 16:44:04 -07:00
sme.c cfg80211: remove WARN_ON() in cfg80211_sme_connect 2021-04-08 10:14:55 +02:00
sysfs.c cfg80211: shut down interfaces on failed resume 2021-06-09 16:09:20 +02:00
sysfs.h
trace.c
trace.h nl80211: add common API to configure SAR power limitations 2020-12-11 13:38:54 +01:00
util.c cfg80211: call cfg80211_leave_ocb when switching away from OCB 2021-05-31 21:27:15 +02:00
wext-compat.c wext: call cfg80211_set_encryption() with wiphy lock held 2021-01-28 19:10:57 +01:00
wext-compat.h
wext-core.c wext: fix NULL-ptr-dereference with cfg80211's lack of commit() 2021-01-26 11:59:42 +01:00
wext-priv.c
wext-proc.c
wext-sme.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
wext-spy.c