leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8c49893558
linux/drivers/net/wireless/broadcom/brcm80211/brcmfmac
History
Rafał Miłecki 5bf8e6096c brcmfmac: add stub for monitor interface xmit 
According to the struct net_device_ops documentation .ndo_start_xmit is
"Required; cannot be NULL.". Missing it may crash kernel easily:

[  341.216709] Unable to handle kernel NULL pointer dereference at virtual address 00000000
[  341.224836] pgd = 26088755
[  341.227544] [00000000] *pgd=00000000
[  341.231135] Internal error: Oops: 80000007 [#1] SMP ARM
[  341.236367] Modules linked in: pppoe ppp_async iptable_nat brcmfmac xt_state xt_nat xt_conntrack xt_REDIRECT xt_MASQU
[  341.304689] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.4.24 #0
[  341.310621] Hardware name: BCM5301X
[  341.314116] PC is at 0x0
[  341.316664] LR is at dev_hard_start_xmit+0x8c/0x11c
[  341.321546] pc : [<00000000>]    lr : [<c0469fa8>]    psr: 60000113
[  341.327821] sp : c0801c30  ip : c610cf00  fp : c08048e4
[  341.333051] r10: c073a63a  r9 : c08044dc  r8 : c6c04e00
[  341.338283] r7 : 00000000  r6 : c60f5000  r5 : 00000000  r4 : c6a9c3c0
[  341.344820] r3 : 00000000  r2 : bf25a13c  r1 : c60f5000  r0 : c6a9c3c0
[  341.351358] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
[  341.358504] Control: 10c5387d  Table: 0611c04a  DAC: 00000051
[  341.364257] Process swapper/0 (pid: 0, stack limit = 0xc68ed0ca)
[  341.370271] Stack: (0xc0801c30 to 0xc0802000)
[  341.374633] 1c20:                                     c6e7d480 c0802d00 c60f5050 c0801c6c
[  341.382825] 1c40: c60f5000 c6a9c3c0 c6f90000 c6f9005c c6c04e00 c60f5000 00000000 c6f9005c
[  341.391015] 1c60: 00000000 c04a033c 00f90200 00000010 c6a9c3c0 c6a9c3c0 c6f90000 00000000
[  341.399205] 1c80: 00000000 00000000 00000000 c046a7ac c6f9005c 00000001 fffffff4 00000000
[  341.407395] 1ca0: c6f90200 00000000 c60f5000 c0479550 00000000 c6f90200 c6a9c3c0 16000000
[  341.415586] 1cc0: 0000001c 6f4ad52f c6197040 b6df9387 36000000 c0520404 c073a80c c6a9c3c0
[  341.423777] 1ce0: 00000000 c6d643c0 c6a9c3c0 c0800024 00000001 00000001 c6d643c8 c6a9c3c0
[  341.431967] 1d00: c081b9c0 c7abca80 c610c840 c081b9c0 0000001c 00400000 c6bc5e6c c0522fb4
[  341.440157] 1d20: c6d64400 00000004 c6bc5e0a 00000000 c60f5000 c7abca80 c081b9c0 c0522f54
[  341.448348] 1d40: c6a9c3c0 c7abca80 c0803e48 c0549c94 c610c828 0000000a c0801d74 00000003
[  341.456538] 1d60: c6ec8f0a 00000000 c60f5000 c7abca80 c081b9c0 c0548520 0000000a 00000000
[  341.464728] 1d80: 00000000 003a0000 00000000 00000000 00000000 00000000 00000000 00000000
[  341.472919] 1da0: 000002ff 00000000 00000000 16000000 00000000 00000000 00000000 00000000
[  341.481110] 1dc0: 00000000 0000008f 00000000 00000000 00000000 2d132a69 c6bc5e40 00000000
[  341.489300] 1de0: c6bc5e40 c6a9c3c0 00000000 c6ec8e50 00000001 c054b070 00000001 00000000
[  341.497490] 1e00: c0807200 c6bc5e00 00000000 ffffe000 00000100 c054aea4 00000000 00000000
[  341.505681] 1e20: 00000122 00400000 c0802d00 c0172e80 6f56a70e ffffffff 6f56a70e c7eb9cc0
[  341.513871] 1e40: c7eb82c0 00000000 c0801e60 c017309c 00000000 00000000 07780000 c07382c0
[  341.522061] 1e60: 00000000 c7eb9cc0 c0739cc0 c0803f74 c0801e70 c0801e70 c0801ea4 c013d380
[  341.530253] 1e80: 00000000 000000a0 00000001 c0802084 c0802080 40000001 ffffe000 00000100
[  341.538443] 1ea0: c0802080 c01021e8 c8803100 10c5387d 00000000 c07341f0 c0739880 0000000a
[  341.546633] 1ec0: c0734180 00001017 c0802d00 c062aa98 00200002 c062aa60 c8803100 c073984c
[  341.554823] 1ee0: 00000000 00000001 00000000 c7810000 c8803100 10c5387d 00000000 c011c188
[  341.563014] 1f00: c073984c c015f0f8 c0804244 c0815ae4 c880210c c8802100 c0801f40 c037c584
[  341.571204] 1f20: c01035f8 60000013 ffffffff c0801f74 c080afd4 c0800000 10c5387d c0101a8c
[  341.579395] 1f40: 00000000 004ac9dc c7eba4b4 c010ee60 ffffe000 c0803e68 c0803ea8 00000001
[  341.587587] 1f60: c080afd4 c062ca20 10c5387d 00000000 00000000 c0801f90 c01035f4 c01035f8
[  341.595776] 1f80: 60000013 ffffffff 00000051 00000000 ffffe000 c013ff50 000000ce c0803e40
[  341.603967] 1fa0: c082216c 00000000 00000001 c072ba38 10c5387d c0140214 c0822184 c0700df8
[  341.612157] 1fc0: ffffffff ffffffff 00000000 c070058c c072ba38 2d162e71 00000000 c0700330
[  341.620348] 1fe0: 00000051 10c0387d 000000ff 00a521d0 413fc090 00000000 00000000 00000000
[  341.628558] [<c0469fa8>] (dev_hard_start_xmit) from [<c04a033c>] (sch_direct_xmit+0xe4/0x2bc)
[  341.637106] [<c04a033c>] (sch_direct_xmit) from [<c046a7ac>] (__dev_queue_xmit+0x6a4/0x72c)
[  341.645481] [<c046a7ac>] (__dev_queue_xmit) from [<c0520404>] (ip6_finish_output2+0x18c/0x434)
[  341.654112] [<c0520404>] (ip6_finish_output2) from [<c0522fb4>] (ip6_output+0x5c/0xd0)
[  341.662053] [<c0522fb4>] (ip6_output) from [<c0549c94>] (mld_sendpack+0x1a0/0x1a8)
[  341.669640] [<c0549c94>] (mld_sendpack) from [<c054b070>] (mld_ifc_timer_expire+0x1cc/0x2e4)
[  341.678111] [<c054b070>] (mld_ifc_timer_expire) from [<c0172e80>] (call_timer_fn.constprop.3+0x24/0x98)
[  341.687527] [<c0172e80>] (call_timer_fn.constprop.3) from [<c017309c>] (run_timer_softirq+0x1a8/0x1e4)
[  341.696860] [<c017309c>] (run_timer_softirq) from [<c01021e8>] (__do_softirq+0x120/0x2b0)
[  341.705066] [<c01021e8>] (__do_softirq) from [<c011c188>] (irq_exit+0x78/0x84)
[  341.712317] [<c011c188>] (irq_exit) from [<c015f0f8>] (__handle_domain_irq+0x60/0xb4)
[  341.720179] [<c015f0f8>] (__handle_domain_irq) from [<c037c584>] (gic_handle_irq+0x4c/0x90)
[  341.728549] [<c037c584>] (gic_handle_irq) from [<c0101a8c>] (__irq_svc+0x6c/0x90)

Fixes: 20f2c5fa3a ("brcmfmac: add initial support for monitor mode")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20200327130307.26477-1-zajec5@gmail.com
2020-04-06 17:07:44 +03:00
..
bcdc.c Revert "brcmfmac: fix NULL pointer derefence during USB disconnect" 2019-07-24 14:51:21 +03:00
bcdc.h Revert "brcmfmac: fix NULL pointer derefence during USB disconnect" 2019-07-24 14:51:21 +03:00
bcmsdh.c brcmfmac: Keep OOB wake-interrupt disabled when it shouldn't be enabled 2019-12-18 21:09:02 +02:00
btcoex.c
btcoex.h
bus.h brcmfmac: split brcmf_attach() and brcmf_detach() functions 2019-09-13 16:42:33 +03:00
cfg80211.c brcmfmac: fix the incorrect return value in brcmf_inform_single_bss(). 2020-03-26 11:44:01 +02:00
cfg80211.h brcmfmac: add support for SAE authentication offload 2019-10-04 16:45:51 +03:00
chip.c brcmfmac: add the BRCM 4364 found in MacBook Pro 15,2 2020-02-12 18:12:51 +02:00
chip.h brcmfmac: reset two D11 cores if chip has two D11 cores 2019-12-18 21:07:38 +02:00
common.c brcmfmac: remove unnecessary strlcpy() upon obtaining "ver" iovar 2019-07-24 14:51:26 +03:00
common.h
commonring.c
commonring.h
core.c brcmfmac: add stub for monitor interface xmit 2020-04-06 17:07:44 +03:00
core.h brcmfmac: add initial support for monitor mode 2020-01-26 17:41:50 +02:00
debug.c
debug.h brcmfmac: add stub version of brcmf_debugfs_get_devdir() 2019-09-06 17:08:56 +03:00
dmi.c
feature.c brcmfmac: add initial support for monitor mode 2020-01-26 17:41:50 +02:00
feature.h brcmfmac: add initial support for monitor mode 2020-01-26 17:41:50 +02:00
firmware.c
firmware.h brcmfmac: Replace zero-length array with flexible-array member 2020-03-23 19:12:12 +02:00
flowring.c
flowring.h
fweh.c brcmfmac: Replace zero-length array with flexible-array member 2020-03-23 19:12:12 +02:00
fweh.h
fwil_types.h brcmfmac: add support for SAE authentication offload 2019-10-04 16:45:51 +03:00
fwil.c brcmfmac: fix typos in code comments 2019-05-28 15:25:03 +03:00
fwil.h brcmfmac: add initial support for monitor mode 2020-01-26 17:41:50 +02:00
fwsignal.c brcmfmac: increase max hanger slots from 1K to 3K in fws layer 2020-03-26 11:44:09 +02:00
fwsignal.h Revert "brcmfmac: fix NULL pointer derefence during USB disconnect" 2019-07-24 14:51:21 +03:00
Kconfig brcmfmac: use separate Kconfig file for brcmfmac 2019-05-28 15:24:13 +03:00
Makefile
msgbuf.c brcmfmac: Remove always false 'idx < 0' statement 2020-01-26 17:43:28 +02:00
msgbuf.h
of.c
of.h
p2p.c brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev() 2019-12-18 20:20:49 +02:00
p2p.h
pcie.c brcmfmac: add the BRCM 4364 found in MacBook Pro 15,2 2020-02-12 18:12:51 +02:00
pcie.h
pno.c brcmfmac: don't WARN when there are no requests 2019-10-01 12:14:20 +03:00
pno.h
proto.c Revert "brcmfmac: fix NULL pointer derefence during USB disconnect" 2019-07-24 14:51:21 +03:00
proto.h Revert "brcmfmac: fix NULL pointer derefence during USB disconnect" 2019-07-24 14:51:21 +03:00
sdio.c brcmfmac: abort and release host after error 2020-02-12 18:17:38 +02:00
sdio.h brcmfmac: Keep OOB wake-interrupt disabled when it shouldn't be enabled 2019-12-18 21:09:02 +02:00
tracepoint.c
tracepoint.h
usb.c brcmfmac: add USB autosuspend feature support 2020-03-26 11:44:18 +02:00
usb.h
vendor.c wireless: fix nl80211 vendor commands 2019-07-20 21:37:26 +02:00
vendor.h