linux-stable/net/mac80211
Kees Cook 8c89f7b3d3 mac80211: Use flex-array for radiotap header bitmap
In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memcpy(), memmove(), and memset(), avoid
intentionally writing across neighboring fields.

The it_present member of struct ieee80211_radiotap_header is treated as a
flexible array (multiple u32s can be conditionally present). In order for
memcpy() to reason (or really, not reason) about the size of operations
against this struct, use of bytes beyond it_present need to be treated
as part of the flexible array. Add a trailing flexible array and
initialize its initial index via pointer arithmetic.

Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210806215305.2875621-1-keescook@chromium.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2021-08-13 09:58:25 +02:00
..
aead_api.c mac80211: Check crypto_aead_encrypt for errors 2021-03-16 21:20:41 +01:00
aead_api.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_ccm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_cmac.c mac80211: aes_cmac: check crypto_shash_setkey() return value 2021-04-19 12:01:40 +02:00
aes_cmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_gcm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
aes_gmac.c mac80211: Check crypto_aead_encrypt for errors 2021-03-16 21:20:41 +01:00
aes_gmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
agg-rx.c mac80211: use bitfield helpers for BA session action frames 2020-12-11 13:20:05 +01:00
agg-tx.c mac80211: use bitfield helpers for BA session action frames 2020-12-11 13:20:05 +01:00
airtime.c mac80211: add AQL support for VHT160 tx rates 2020-09-18 11:36:03 +02:00
cfg.c mac80211: fix enabling 4-address mode on a sta vif after assoc 2021-07-23 10:34:13 +02:00
chan.c mac80211: handle rate control (RC) racing with chanctx definition 2021-06-23 11:29:14 +02:00
debug.h
debugfs.c mac80211: Switch to a virtual time-based airtime scheduler 2021-06-23 18:12:00 +02:00
debugfs.h
debugfs_key.c mac80211: remove trailing semicolon in macro definitions 2020-12-11 12:51:55 +01:00
debugfs_key.h mac80211: Support BIGTK configuration for Beacon protection 2020-02-24 10:35:57 +01:00
debugfs_netdev.c mac80211: Switch to a virtual time-based airtime scheduler 2021-06-23 18:12:00 +02:00
debugfs_netdev.h
debugfs_sta.c mac80211: Switch to a virtual time-based airtime scheduler 2021-06-23 18:12:00 +02:00
debugfs_sta.h
driver-ops.c mac80211: fix station rate table updates on assoc 2021-02-01 15:07:09 +01:00
driver-ops.h mac80211: notify driver on mgd TX completion 2021-06-23 13:10:46 +02:00
ethtool.c
fils_aead.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
fils_aead.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
he.c mac80211: fix NULL ptr dereference during mesh peer connection for non HE devices 2021-06-23 18:06:44 +02:00
ht.c mac80211: allow SMPS requests only in client mode 2021-06-23 11:29:13 +02:00
ibss.c mac80211: Remove unnecessary variable and label 2021-08-13 09:58:25 +02:00
ieee80211_i.h mac80211: include <linux/rbtree.h> 2021-08-13 09:58:23 +02:00
iface.c mac80211: Fix monitor MTU limit so that A-MSDUs get through 2021-08-13 09:51:14 +02:00
Kconfig ath9k: fix build error with LEDS_CLASS=m 2021-01-28 09:29:34 +02:00
key.c mac80211: prevent mixed key and fragment cache attacks 2021-05-11 20:12:51 +02:00
key.h mac80211: prevent mixed key and fragment cache attacks 2021-05-11 20:12:51 +02:00
led.c mac80211: don't open-code LED manipulations 2021-06-23 11:29:12 +02:00
led.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
main.c mac80211: remove unnecessary NULL check in ieee80211_register_hw() 2021-08-13 09:51:03 +02:00
Makefile mac80211: remove legacy minstrel rate control 2021-01-22 09:11:37 +01:00
mesh.c mac80211: save HE oper info in BSS config for mesh 2020-11-06 10:03:21 +01:00
mesh.h mac80211: fix some spelling mistakes 2021-06-23 12:36:32 +02:00
mesh_hwmp.c mac80211: fix some spelling mistakes 2021-06-23 12:36:32 +02:00
mesh_pathtbl.c mac80211: fix some spelling mistakes 2021-06-23 12:36:32 +02:00
mesh_plink.c mac80211: fix some spelling mistakes 2021-06-23 12:36:32 +02:00
mesh_ps.c mac80211: fix some more kernel-doc in mesh 2020-09-28 14:36:53 +02:00
mesh_sync.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
michael.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
michael.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
mlme.c mac80211: fix enabling 4-address mode on a sta vif after assoc 2021-07-23 10:34:13 +02:00
ocb.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
offchannel.c mac80211: Inform AP when returning operating channel 2020-09-28 13:18:53 +02:00
pm.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
rate.c mac80211: add rate control support for encap offload 2021-06-23 11:29:13 +02:00
rate.h mac80211: populate debugfs only after cfg80211 init 2020-04-24 11:30:13 +02:00
rc80211_minstrel_ht.c mac80211: fix some spelling mistakes 2021-06-23 12:36:32 +02:00
rc80211_minstrel_ht.h mac80211: minstrel_ht: remove sample rate switching code for constrained devices 2021-02-12 08:58:22 +01:00
rc80211_minstrel_ht_debugfs.c mac80211: minstrel_ht: show sampling rates in debugfs 2021-02-12 08:58:11 +01:00
rx.c mac80211: Use flex-array for radiotap header bitmap 2021-08-13 09:58:25 +02:00
s1g.c mac80211: initialize last_rate for S1G STAs 2020-10-08 10:40:57 +02:00
scan.c mac80211: fix skb length check in ieee80211_scan_rx() 2021-05-31 21:39:10 +02:00
spectmgmt.c mac80211: 160MHz with extended NSS BW in CSA 2021-01-21 13:39:11 +01:00
sta_info.c mac80211: Reject zero MAC address in sta_info_insert_check() 2021-08-13 09:50:43 +02:00
sta_info.h mac80211: Switch to a virtual time-based airtime scheduler 2021-06-23 18:12:00 +02:00
status.c mac80211: radiotap: Use BIT() instead of shifts 2021-08-13 09:58:25 +02:00
tdls.c mac80211: use sdata->skb_queue for TDLS 2021-06-23 11:00:17 +02:00
tkip.c mac80211: Fix TKIP replay protection immediately after key setup 2020-01-15 09:52:12 +01:00
tkip.h Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
trace.c
trace.h mac80211: notify driver on mgd TX completion 2021-06-23 13:10:46 +02:00
trace_msg.h
tx.c mac80211: fix starting aggregation sessions on mesh interfaces 2021-07-23 10:34:00 +02:00
util.c mac80211: add HE 6 GHz capability only if supported 2021-06-23 13:10:47 +02:00
vht.c mac80211: remove NSS number of 160MHz if not support 160MHz for HE 2021-01-21 13:45:13 +01:00
wep.c mac80211: make ieee80211_wep_init() return void 2020-02-07 12:40:34 +01:00
wep.h mac80211: make ieee80211_wep_init() return void 2020-02-07 12:40:34 +01:00
wme.c mac80211: remove WDS-related code 2020-11-11 08:39:13 +01:00
wme.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
wpa.c mac80211: check defrag PN against current frame 2021-05-11 20:13:45 +02:00
wpa.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00