Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net/mac80211
History
Mohammed Shafi Shajakhan 8617b093d0 mac80211: zero initialize count field in ieee80211_tx_rate 
rate control algorithms concludes the rate as invalid
with rate[i].idx < -1 , while they do also check for rate[i].count is
non-zero. it would be safer to zero initialize the 'count' field.
recently we had a ath9k rate control crash where the ath9k rate control
in ath_tx_status assumed to check only for rate[i].count being non-zero
in one instance and ended up in using invalid rate index for
'connection monitoring NULL func frames' which eventually lead to the crash.
thanks to Pavel Roskin for fixing it and finding the root cause.
https://bugzilla.redhat.com/show_bug.cgi?id=768639

Cc: stable@vger.kernel.org
Cc: Pavel Roskin <proski@gnu.org>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-02-21 14:45:26 -05:00
..
aes_ccm.c
aes_ccm.h
aes_cmac.c
aes_cmac.h
agg-rx.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
agg-tx.c mac80211: split addba retries in time 2011-12-19 14:31:37 -05:00
cfg.c mac80211: fix no-op authorized transitions 2012-01-13 14:40:58 -05:00
cfg.h
chan.c
debugfs.c mac80211: remove debugfs noack test 2011-11-28 14:34:15 -05:00
debugfs.h
debugfs_key.c mac80211: fix debugfs key->station symlink 2012-01-18 14:38:05 -05:00
debugfs_key.h
debugfs_netdev.c mac80211: count authorized stations per BSS 2011-12-15 14:46:34 -05:00
debugfs_netdev.h
debugfs_sta.c mac80211: call rate control only after init 2012-02-15 13:56:06 -05:00
debugfs_sta.h
driver-ops.h mac80211: do not pass AP VLAN vif pointers to drivers 2011-11-28 14:43:52 -05:00
driver-trace.c
driver-trace.h mac80211: remove tracing config symbol 2011-11-28 14:44:09 -05:00
event.c
ht.c mac80211: Use appropriate TID for sending BAR, ADDBA and DELBA frames 2011-12-15 14:46:35 -05:00
ibss.c mac80211: update oper_channel on ibss join 2012-01-24 14:47:09 -05:00
ieee80211_i.h mac80211: remove dead code 2012-01-04 14:31:47 -05:00
iface.c mac80211: set bss_conf.idle when vif is connected 2012-01-24 14:47:09 -05:00
Kconfig mac80211: remove tracing config symbol 2011-11-28 14:44:09 -05:00
key.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux 2011-11-22 14:05:46 -05:00
key.h
led.c
led.h
main.c mac80211: Fix a rwlock bad magic bug 2012-02-09 15:16:04 -05:00
Makefile mac80211: remove tracing config symbol 2011-11-28 14:44:09 -05:00
mesh.c {nl,cfg,mac}80211: implement dot11MeshHWMPperrMinInterval 2011-11-28 14:44:06 -05:00
mesh.h mac80211: don't initiate path discovery when forwarding frame with unknown DA 2011-11-28 14:44:07 -05:00
mesh_hwmp.c mac80211: Use the right headroom size for mesh mgmt frames 2012-01-18 14:38:06 -05:00
mesh_pathtbl.c mac80211: don't initiate path discovery when forwarding frame with unknown DA 2011-11-28 14:44:07 -05:00
mesh_plink.c mac80211: Use the right headroom size for mesh mgmt frames 2012-01-18 14:38:06 -05:00
michael.c
michael.h
mlme.c mac80211: fix work removal on deauth request 2012-01-18 14:38:06 -05:00
offchannel.c mac80211: remove dead code 2012-01-04 14:31:47 -05:00
pm.c mac80211: verify virtual interfaces in driver API 2011-11-09 16:01:02 -05:00
rate.c mac80211: zero initialize count field in ieee80211_tx_rate 2012-02-21 14:45:26 -05:00
rate.h mac80211: do not call rate control .tx_status before .rate_init 2012-02-15 13:56:06 -05:00
rc80211_minstrel.c minstrel: Remove unused function parameter in calc_rate_durations() 2011-11-11 12:32:52 -05:00
rc80211_minstrel.h
rc80211_minstrel_debugfs.c
rc80211_minstrel_ht.c minstrel_ht: Remove unused function parameters 2011-11-17 15:43:58 -05:00
rc80211_minstrel_ht.h
rc80211_minstrel_ht_debugfs.c
rc80211_pid.h
rc80211_pid_algo.c net: fix assignment of 0/1 to bool variables. 2011-12-19 22:27:29 -05:00
rc80211_pid_debugfs.c
rx.c mac80211: timeout a single frame in the rx reorder buffer 2012-02-01 15:26:00 -05:00
scan.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2012-01-05 10:13:24 -05:00
spectmgmt.c
sta_info.c mac80211: Fix possible race between sta_unblock and network softirq 2012-01-17 10:12:27 -05:00
sta_info.h mac80211: call rate control only after init 2012-02-15 13:56:06 -05:00
status.c mac80211: Make use of ieee80211_is_* functions in tx status path 2011-12-13 15:30:46 -05:00
tkip.c
tkip.h
tx.c mac80211: fix tx->skb NULL pointer dereference 2012-01-16 15:01:16 -05:00
util.c mac80211: Call driver commands after drv_start in mac80211 restart code 2012-01-04 14:31:46 -05:00
wep.c mac80211: use skb list for fragments 2011-11-21 16:20:42 -05:00
wep.h
wme.c mac80211: fix forwarded mesh frame queue mapping 2011-11-28 14:44:05 -05:00
wme.h mac80211: fix forwarded mesh frame queue mapping 2011-11-28 14:44:05 -05:00
work.c mac80211: revert on-channel work optimisations 2011-11-30 15:08:31 -05:00
wpa.c mac80211: fix tx->skb NULL pointer dereference 2012-01-16 15:01:16 -05:00
wpa.h mac80211: fix tx->skb NULL pointer dereference 2012-01-16 15:01:16 -05:00