Duoming Zhou <duoming@xxxxxxxxxx> wrote:
> The kzalloc() in brcmf_pcie_download_fw_nvram() will return null
> if the physical memory has run out. As a result, if we use
> get_random_bytes() to generate random bytes in the randbuf, the
> null pointer dereference bug will happen.
>
> In order to prevent allocation failure, this patch adds a separate
> function using buffer on kernel stack to generate random bytes in
> the randbuf, which could prevent the kernel stack from overflow.
>
> Fixes: 91918ce88d9f ("wifi: brcmfmac: pcie: Provide a buffer of random bytes to the device")
> Suggested-by: Arnd Bergmann <arnd@xxxxxxxx>
> Signed-off-by: Duoming Zhou <duoming@xxxxxxxxxx>
Patch applied to wireless-next.git, thanks.
316f790ebcf9 wifi: brcmfmac: pcie: handle randbuf allocation failure
--
https://patchwork.kernel.org/project/linux-wireless/patch/20240306140437.18177-1-duoming@xxxxxxxxxx/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
