4.4-stable patches

added patches:
	netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch
	nl80211-add-missing-attribute-validation-for-channel-switch.patch
	nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch

diff --git a/queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch b/queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch
new file mode 100644 (file)
index 0000000..03becc8
--- /dev/null
+++ b/queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch
@@ -0,0 +1,32 @@
+From c049b3450072b8e3998053490e025839fecfef31 Mon Sep 17 00:00:00 2001
+From: Jakub Kicinski <kuba@kernel.org>
+Date: Mon, 2 Mar 2020 21:08:31 -0800
+Subject: netfilter: cthelper: add missing attribute validation for cthelper
+
+From: Jakub Kicinski <kuba@kernel.org>
+
+commit c049b3450072b8e3998053490e025839fecfef31 upstream.
+
+Add missing attribute validation for cthelper
+to the netlink policy.
+
+Fixes: 12f7a505331e ("netfilter: add user-space connection tracking helper infrastructure")
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/netfilter/nfnetlink_cthelper.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/netfilter/nfnetlink_cthelper.c
++++ b/net/netfilter/nfnetlink_cthelper.c
+@@ -711,6 +711,8 @@ static const struct nla_policy nfnl_cthe
+       [NFCTH_NAME] = { .type = NLA_NUL_STRING,
+                        .len = NF_CT_HELPER_NAME_LEN-1 },
+       [NFCTH_QUEUE_NUM] = { .type = NLA_U32, },
++      [NFCTH_PRIV_DATA_LEN] = { .type = NLA_U32, },
++      [NFCTH_STATUS] = { .type = NLA_U32, },
+ };
+ 
+ static const struct nfnl_callback nfnl_cthelper_cb[NFNL_MSG_CTHELPER_MAX] = {

diff --git a/queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch b/queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch
new file mode 100644 (file)
index 0000000..623e29b
--- /dev/null
+++ b/queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch
@@ -0,0 +1,32 @@
+From 5cde05c61cbe13cbb3fa66d52b9ae84f7975e5e6 Mon Sep 17 00:00:00 2001
+From: Jakub Kicinski <kuba@kernel.org>
+Date: Mon, 2 Mar 2020 21:10:58 -0800
+Subject: nl80211: add missing attribute validation for channel switch
+
+From: Jakub Kicinski <kuba@kernel.org>
+
+commit 5cde05c61cbe13cbb3fa66d52b9ae84f7975e5e6 upstream.
+
+Add missing attribute validation for NL80211_ATTR_OPER_CLASS
+to the netlink policy.
+
+Fixes: 1057d35ede5d ("cfg80211: introduce TDLS channel switch commands")
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Link: https://lore.kernel.org/r/20200303051058.4089398-4-kuba@kernel.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/wireless/nl80211.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -431,6 +431,7 @@ static const struct nla_policy nl80211_p
+       [NL80211_ATTR_USER_PRIO] = { .type = NLA_U8 },
+       [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 },
+       [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
++      [NL80211_ATTR_OPER_CLASS] = { .type = NLA_U8 },
+       [NL80211_ATTR_MAC_MASK] = { .len = ETH_ALEN },
+       [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
+       [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },

diff --git a/queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch b/queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch
new file mode 100644 (file)
index 0000000..6ed5574
--- /dev/null
+++ b/queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch
@@ -0,0 +1,33 @@
+From 0e1a1d853ecedc99da9d27f9f5c376935547a0e2 Mon Sep 17 00:00:00 2001
+From: Jakub Kicinski <kuba@kernel.org>
+Date: Mon, 2 Mar 2020 21:10:56 -0800
+Subject: nl80211: add missing attribute validation for critical protocol indication
+
+From: Jakub Kicinski <kuba@kernel.org>
+
+commit 0e1a1d853ecedc99da9d27f9f5c376935547a0e2 upstream.
+
+Add missing attribute validation for critical protocol fields
+to the netlink policy.
+
+Fixes: 5de17984898c ("cfg80211: introduce critical protocol indication from user-space")
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Link: https://lore.kernel.org/r/20200303051058.4089398-2-kuba@kernel.org
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/wireless/nl80211.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -404,6 +404,8 @@ static const struct nla_policy nl80211_p
+       [NL80211_ATTR_MDID] = { .type = NLA_U16 },
+       [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
+                                 .len = IEEE80211_MAX_DATA_LEN },
++      [NL80211_ATTR_CRIT_PROT_ID] = { .type = NLA_U16 },
++      [NL80211_ATTR_MAX_CRIT_PROT_DURATION] = { .type = NLA_U16 },
+       [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 },
+       [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
+       [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },

diff --git a/queue-4.4/series b/queue-4.4/series
index 3ba1fb2816e2fbd1c78293f69acdcffc479b261c..63c3a5fe47a41f964003b2d3db041cb6c6adceed 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -27,3 +27,6 @@ arc-define-__align_str-and-__align-symbols-for-arc.patch
 efi-fix-a-race-and-a-buffer-overflow-while-reading-efivars-via-sysfs.patch
 iommu-vt-d-dmar-replace-warn_taint-with-pr_warn-add_taint.patch
 iommu-vt-d-fix-a-bug-in-intel_iommu_iova_to_phys-for-huge-page.patch
+nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch
+nl80211-add-missing-attribute-validation-for-channel-switch.patch
+netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch