add mutex_init(&sdata->sec_mtx) and mac802154_llsec_init(&sdata->sec) for NL802154_IFTYPE_MONITOR inside ieee802154_setup_sdata. As the unintiated mutex and sec data structure were used in ieee802154_get_llsec_params which would cause a kernel crash. BUG reported by syzkaller. Reported-by: syzbot+cde43a581a8e5f317bc2@xxxxxxxxxxxxxxxxxxxxxxxxx Signed-off-by: Du Cheng <ducheng2@xxxxxxxxx> --- link to syzkaller bug: https://syzkaller.appspot.com/bug?id=a9cc0c65e7bb15be7143107d4215ebc8ef047528 This patch has passed syzbot testing. net/mac802154/iface.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/mac802154/iface.c b/net/mac802154/iface.c index 1cf5ac09edcb..bec903e98db0 100644 --- a/net/mac802154/iface.c +++ b/net/mac802154/iface.c @@ -602,6 +602,9 @@ ieee802154_setup_sdata(struct ieee802154_sub_if_data *sdata, sdata->dev->needs_free_netdev = true; sdata->dev->netdev_ops = &mac802154_monitor_ops; wpan_dev->promiscuous_mode = true; + + mutex_init(&sdata->sec_mtx); + mac802154_llsec_init(&sdata->sec); break; default: BUG(); -- 2.30.2
