Hi all, Today's linux-next merge of the wireless-next tree got a conflict in: net/mac80211/key.c between commits: 31db78a4923e ("wifi: mac80211: fix potential key use-after-free") d097ae01ebd4 ("wifi: mac80211: fix potential key leak") from the wireless tree and commit: 2a8b665e6bcc ("wifi: mac80211: remove key_mtx") from the wireless-next tree. I fixed it up (I think - see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. -- Cheers, Stephen Rothwell diff --cc net/mac80211/key.c index 0665ff5e456e,ac410f6632b5..000000000000 --- a/net/mac80211/key.c +++ b/net/mac80211/key.c @@@ -881,21 -875,20 +880,22 @@@ int ieee80211_key_link(struct ieee80211 if (link_id >= 0) { link_sta = rcu_dereference_protected(sta->link[link_id], - lockdep_is_held(&sta->local->sta_mtx)); + lockdep_is_held(&sta->local->hw.wiphy->mtx)); - if (!link_sta) - return -ENOLINK; + if (!link_sta) { + ret = -ENOLINK; + goto out; + } } - old_key = key_mtx_dereference(sdata->local, link_sta->gtk[idx]); + old_key = wiphy_dereference(sdata->local->hw.wiphy, + link_sta->gtk[idx]); } else { if (idx < NUM_DEFAULT_KEYS) - old_key = key_mtx_dereference(sdata->local, - sdata->keys[idx]); + old_key = wiphy_dereference(sdata->local->hw.wiphy, + sdata->keys[idx]); if (!old_key) - old_key = key_mtx_dereference(sdata->local, - link->gtk[idx]); + old_key = wiphy_dereference(sdata->local->hw.wiphy, + link->gtk[idx]); } /* Non-pairwise keys must also not switch the cipher on rekey */ @@@ -910,10 -901,10 +910,8 @@@ * Silently accept key re-installation without really installing the * new version of the key to avoid nonce reuse or replay issues. */ -- if (ieee80211_key_identical(sdata, old_key, key)) { - ret = -EALREADY; - goto unlock; - ieee80211_key_free_unused(key); - return 0; -- } ++ if (ieee80211_key_identical(sdata, old_key, key)) ++ return -EALREADY; key->local = sdata->local; key->sdata = sdata; @@@ -936,13 -927,6 +934,10 @@@ ieee80211_key_free(key, delay_tailroom); } + key = NULL; + + out: + ieee80211_key_free_unused(key); - unlock: - mutex_unlock(&sdata->local->key_mtx); - return ret; }
Attachment:
pgpCqRqFkayy6.pgp
Description: OpenPGP digital signature