Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 52512072 authored by andrea merello's avatar andrea merello Committed by Johannes Berg
Browse files

mac80211: add check on hw->max_signal value on ieee80211_register_hw 



When IEEE80211_HW_SIGNAL_UNSPEC is set, mac80211 will perform a
division by max_signal in ieee80211_bss_info_update. If max_signal
is not properly set by the driver (for example it is zero) this
leads to a divide error and crash.
Thanks to Larry Finger, who pointed me to this.
This patch adds in ieee80211_register_hw one more check to detect
this condition and eventually returns -EINVAL, as already done for
other checks already performed there.

Signed-off-by: default avatarandrea merello <andrea.merello@gmail.com>
[move to an already existing SIGNAL_UNSPEC check]
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 30ef7ef9

net/mac80211/main.c

+7 −2
Original line number Original line Diff line number Diff line
@@ -893,10 +893,15 @@ int ieee80211_register_hw(struct ieee80211_hw *hw) 
	/* mac80211 supports control port protocol changing */

	/* mac80211 supports control port protocol changing */

	local->hw.wiphy->flags |= WIPHY_FLAG_CONTROL_PORT_PROTOCOL;

	local->hw.wiphy->flags |= WIPHY_FLAG_CONTROL_PORT_PROTOCOL;





	if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)

	if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {

		local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;

		local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;

	else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)

	} else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) {

		local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;

		local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;

		if (hw->max_signal <= 0) {

			result = -EINVAL;

			goto fail_wiphy_register;

		}

	}





	WARN((local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)

	WARN((local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)

	     && (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK),

	     && (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK),