6.1-stable review patch. If anyone has any objections, please let me know.
------------------
From: Felix Fietkau <nbd@xxxxxxxx>
commit a16fc38315f2c69c520ee769976ecb9c706b8560 upstream.
rx->sta->amsdu_mesh_control is being passed to ieee80211_amsdu_to_8023s
without checking rx->sta. Since it doesn't make sense to accept A-MSDU
packets without a sta, simply add a check earlier.
Fixes: 6e4c0d0460bd ("wifi: mac80211: add a workaround for receiving non-standard mesh A-MSDU")
Signed-off-by: Felix Fietkau <nbd@xxxxxxxx>
Link: https://lore.kernel.org/r/20230330090001.60750-2-nbd@xxxxxxxx
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/mac80211/rx.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2938,7 +2938,7 @@ __ieee80211_rx_h_amsdu(struct ieee80211_
data_offset, true))
return RX_DROP_UNUSABLE;
- if (rx->sta && rx->sta->amsdu_mesh_control < 0) {
+ if (rx->sta->amsdu_mesh_control < 0) {
bool valid_std = ieee80211_is_valid_amsdu(skb, true);
bool valid_nonstd = ieee80211_is_valid_amsdu(skb, false);
@@ -3014,7 +3014,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx
}
}
- if (is_multicast_ether_addr(hdr->addr1))
+ if (is_multicast_ether_addr(hdr->addr1) || !rx->sta)
return RX_DROP_UNUSABLE;
if (rx->key) {
