Commit 206c8c06 authored by Johannes Berg's avatar Johannes Berg

wifi: mac80211: fix NULL pointer deref with non-MLD STA

If we have a non-MLD STA on an AP MLD, we crash while
adding the station. Fix that, in this case we need to
use the STA's address also on the link data structure.

Fixes: f36fe0a2 ("wifi: mac80211: fix up link station creation/insertion")
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 553a282c
...@@ -1854,10 +1854,15 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev, ...@@ -1854,10 +1854,15 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
!sdata->u.mgd.associated) !sdata->u.mgd.associated)
return -EINVAL; return -EINVAL;
/*
* If we have a link ID, it can be a non-MLO station on an AP MLD,
* but we need to have a link_mac in that case as well, so use the
* STA's MAC address in that case.
*/
if (params->link_sta_params.link_id >= 0) if (params->link_sta_params.link_id >= 0)
sta = sta_info_alloc_with_link(sdata, mac, sta = sta_info_alloc_with_link(sdata, mac,
params->link_sta_params.link_id, params->link_sta_params.link_id,
params->link_sta_params.link_mac, params->link_sta_params.link_mac ?: mac,
GFP_KERNEL); GFP_KERNEL);
else else
sta = sta_info_alloc(sdata, mac, GFP_KERNEL); sta = sta_info_alloc(sdata, mac, GFP_KERNEL);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment