Re: 'skb' buffer address information leakage

On Tue, 4 Jul 2017 13:12:18 +0800, Dison River wrote: > drivers/net/ethernet/netronome/nfp/nfp_net_debugfs.c:167 > seq_printf(file, " frag=%p", skb); FWIW that's actually not a skb pointer. The structure is defined like this: struct nfp_net_tx_buf { union {

'skb' buffer address information leakage

Hi all: I'd found several address leaks of "skb" buffer.When i have a arbitrary address write vulnerability in kernel(enabled kASLR),I can use skb's address find sk_destruct's address and overwrite it. And then,invoke close(sock_fd) function can trigger the shellcode(sk_destruct func). In kernel

Re: [PATCH v4 02/10] rtlwifi: Add BT_MP_INFO to c2h handler.

On 2-7-2017 20:12, Larry Finger wrote: > From: Ping-Ke Shih > > We use H2C to ask BT's status, and C2H will return the status. > > Signed-off-by: Ping-Ke Shih > Signed-off-by: Larry Finger > Cc: Yan-Hsuan Chuang

[PATCH 05/11] rtlwifi: Implement rtl_get_tx_hw_rate to yield correct hw_rate

From: Ping-Ke Shih Originally, we get legacy rate only, so we extend to get HT and VHT rate. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc: Birming Chiu

[PATCH 07/11] rtlwifi: Add TX/RX throughput statistics in period

From: Ping-Ke Shih The statistic variables use u64 to get higher precision. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc: Birming Chiu Cc: Shaofu

[PATCH 11/11] rtlwifi: Add module parameter ASPM

From: Ping-Ke Shih On some platforms, enable ASPM will cause AER error to be logged, thus we use a parameter to selectively turn on ASPM. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang

[PATCH 04/11] rtlwifi: rtl8192ee: Make driver support 64bits DMA.

From: Ping-Ke Shih 1. Both 32-bit and 64-bit use the same TX/RX buffer desc layout 2. Extend set_desc() and get_desc() to set and get 64-bit address 3. Remove directive DMA_IS_64BIT 4. Add module parameter to turn on 64-bit dma Signed-off-by: Ping-Ke Shih

[PATCH 08/11] rtlwifi: Add RSSI and RF type to wifi.h for phydm

From: Ping-Ke Shih These definition will be used by phydm later. Signed-off-by: Ping-Ke Shih --- drivers/net/wireless/realtek/rtlwifi/wifi.h | 6 ++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/wireless/realtek/rtlwifi/wifi.h

[PATCH 00/11] Set 4 of changes related to updates of btcoexist

To get maximum benefit of the recent changes in btcoexist, changes need to be made in the drivers for the NIC. This is set 3 of those changes. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc:

[PATCH 09/11] rtlwifi: Remove BAND_NUM and related fields

From: Ping-Ke Shih These fields are unused, and we will define them in phydm later. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc: Birming Chiu Cc:

[PATCH 10/11] rtlwifi: Add bw_update parameter for RA mask update.

From: Ping-Ke Shih - Add new parameter "is_bw_update" to control if current bandwidth setting is updated to FW RA. - After this commit, we keep the same setting as before. - Later, bandwidth update in watchdog is changed to false for 8822BE. Signed-off-by: Tsang-Shian Lin

[PATCH 06/11] rtlwifi: Add rtl_get_hal_edca_param() to generate register's format of EDCA.

From: Ping-Ke Shih Convert from the value of ieee80211_tx_queue_params to Realtek's register value. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc: Birming Chiu

[PATCH 02/11] rtlwifi: Fix MAX MPDU of VHT capability

From: Ping-Ke Shih We must choose only one of VHT_CAP among IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895, IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991 and IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger

[PATCH 03/11] rtlwifi: Remove redundant semicolon in wifi.h.

From: Ping-Ke Shih The semicolon can cause compiler error, if it exists in if...else statement. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc: Birming Chiu

[PATCH 01/11] rtlwifi: btcoex: Add power_on_setting routine

From: Ping-Ke Shih New btcoex uses it to setup antenna before wifi on. Signed-off-by: Ping-Ke Shih Signed-off-by: Larry Finger Cc: Yan-Hsuan Chuang Cc: Birming Chiu Cc: Shaofu

Re: Update regulatory rules for Kazakhstan (KZ) on 5GHz

On Mon, Jun 26, 2017 at 10:00:13AM +0600, Vasiliy Safronov wrote: > Please add support 5ghz for Kazakhstan. > In Kazakhstan there are no restrictions up to 100mW > country KZ: DFS-ETSI > (2402 - 2482 @ 40), (20) > (5170 - 5250 @ 80), (20), AUTO-BW > (5250 - 5330 @ 80), (20), DFS, AUTO-BW >

[PATCH] wcn36xx: check dma_mapping_error()

Fixes splat: wcn36xx a204000.wcnss:smd-edge:wcnss:wifi: DMA-API: device driver failed to check map error[device address=0xb45ba000] [size=3872 bytes] [mapped as single] [ cut here ] WARNING: CPU: 0 PID: 0 at ../lib/dma-debug.c:1167 check_unmap+0x474/0x8d0

Re: pull-request: wireless-drivers-next 2017-07-03

From: Kalle Valo Date: Mon, 03 Jul 2017 14:39:07 +0300 > here's the late pull request to net-next I mentioned about last week to > get some new iwlwifi hw support to 4.13. > > If this is too late just drop the request and let me know, I can then > resend it for 4.14 after

[PATCH] rtl8723bs: fix build when DEBUG_RTL871X is defined

Defining DEBUG_RTL871X in rtw_debug.h causes the following compile error: CC [M] drivers/staging/rtl8723bs/core/rtw_mlme.o In file included from drivers/staging/rtl8723bs/core/rtw_mlme.c:18:0: drivers/staging/rtl8723bs/core/rtw_mlme.c: In function ‘rtw_restruct_sec_ie’:

pull-request: wireless-drivers-next 2017-07-03

Hi Dave, here's the late pull request to net-next I mentioned about last week to get some new iwlwifi hw support to 4.13. If this is too late just drop the request and let me know, I can then resend it for 4.14 after the merge window. These patches were included in today's linux-next build and I

Re: [PATCH] wlcore: add missing nvs file name info for wilink8

"Reizer, Eyal" writes: > When working with wl18xx the nvs file is used for defining an alternate > mac address and override the default mac address that is stored inside > the wl18xx chip. > update the structure field with the same default nvs file name that has > been used in the

[PATCH] wlcore: add missing nvs file name info for wilink8

When working with wl18xx the nvs file is used for defining an alternate mac address and override the default mac address that is stored inside the wl18xx chip. update the structure field with the same default nvs file name that has been used in the past, otherwise userspace backward compatibility

Re: [v4,3/3] mwifiex: Enable WoWLAN for both sdio and pcie

Hi guys, with this patch, the pci device's irq might be override by this wakeup irq when not using msi: /** * of_irq_parse_pci - Resolve the interrupt for a PCI device * @pdev: the device whose interrupt is to be resolved * @out_irq:structure of_irq filled by this function * *

[PATCH] mwifiex: uninit wakeup info when failed to add card

We inited wakeup info at the beginning of mwifiex_add_card, so we need to uninit it in the error handling. It's much the same as what we did in: 36908c4 mwifiex: uninit wakeup info when removing device Signed-off-by: Jeffy Chen ---