From e8b4018f3bb33774e6a34de9db49bf84ff9947e1 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 16 Mar 2020 14:55:30 +0100 Subject: [PATCH] 4.4-stable patches added patches: netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch nl80211-add-missing-attribute-validation-for-channel-switch.patch nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch --- ...ng-attribute-validation-for-cthelper.patch | 32 ++++++++++++++++++ ...ribute-validation-for-channel-switch.patch | 32 ++++++++++++++++++ ...ion-for-critical-protocol-indication.patch | 33 +++++++++++++++++++ queue-4.4/series | 3 ++ 4 files changed, 100 insertions(+) create mode 100644 queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch create mode 100644 queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch create mode 100644 queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch diff --git a/queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch b/queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch new file mode 100644 index 00000000000..03becc8837b --- /dev/null +++ b/queue-4.4/netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch @@ -0,0 +1,32 @@ +From c049b3450072b8e3998053490e025839fecfef31 Mon Sep 17 00:00:00 2001 +From: Jakub Kicinski +Date: Mon, 2 Mar 2020 21:08:31 -0800 +Subject: netfilter: cthelper: add missing attribute validation for cthelper + +From: Jakub Kicinski + +commit c049b3450072b8e3998053490e025839fecfef31 upstream. + +Add missing attribute validation for cthelper +to the netlink policy. + +Fixes: 12f7a505331e ("netfilter: add user-space connection tracking helper infrastructure") +Signed-off-by: Jakub Kicinski +Signed-off-by: Pablo Neira Ayuso +Signed-off-by: Greg Kroah-Hartman + +--- + net/netfilter/nfnetlink_cthelper.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/net/netfilter/nfnetlink_cthelper.c ++++ b/net/netfilter/nfnetlink_cthelper.c +@@ -711,6 +711,8 @@ static const struct nla_policy nfnl_cthe + [NFCTH_NAME] = { .type = NLA_NUL_STRING, + .len = NF_CT_HELPER_NAME_LEN-1 }, + [NFCTH_QUEUE_NUM] = { .type = NLA_U32, }, ++ [NFCTH_PRIV_DATA_LEN] = { .type = NLA_U32, }, ++ [NFCTH_STATUS] = { .type = NLA_U32, }, + }; + + static const struct nfnl_callback nfnl_cthelper_cb[NFNL_MSG_CTHELPER_MAX] = { diff --git a/queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch b/queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch new file mode 100644 index 00000000000..623e29bd16e --- /dev/null +++ b/queue-4.4/nl80211-add-missing-attribute-validation-for-channel-switch.patch @@ -0,0 +1,32 @@ +From 5cde05c61cbe13cbb3fa66d52b9ae84f7975e5e6 Mon Sep 17 00:00:00 2001 +From: Jakub Kicinski +Date: Mon, 2 Mar 2020 21:10:58 -0800 +Subject: nl80211: add missing attribute validation for channel switch + +From: Jakub Kicinski + +commit 5cde05c61cbe13cbb3fa66d52b9ae84f7975e5e6 upstream. + +Add missing attribute validation for NL80211_ATTR_OPER_CLASS +to the netlink policy. + +Fixes: 1057d35ede5d ("cfg80211: introduce TDLS channel switch commands") +Signed-off-by: Jakub Kicinski +Link: https://lore.kernel.org/r/20200303051058.4089398-4-kuba@kernel.org +Signed-off-by: Johannes Berg +Signed-off-by: Greg Kroah-Hartman + +--- + net/wireless/nl80211.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/net/wireless/nl80211.c ++++ b/net/wireless/nl80211.c +@@ -431,6 +431,7 @@ static const struct nla_policy nl80211_p + [NL80211_ATTR_USER_PRIO] = { .type = NLA_U8 }, + [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 }, + [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 }, ++ [NL80211_ATTR_OPER_CLASS] = { .type = NLA_U8 }, + [NL80211_ATTR_MAC_MASK] = { .len = ETH_ALEN }, + [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG }, + [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 }, diff --git a/queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch b/queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch new file mode 100644 index 00000000000..6ed5574dccf --- /dev/null +++ b/queue-4.4/nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch @@ -0,0 +1,33 @@ +From 0e1a1d853ecedc99da9d27f9f5c376935547a0e2 Mon Sep 17 00:00:00 2001 +From: Jakub Kicinski +Date: Mon, 2 Mar 2020 21:10:56 -0800 +Subject: nl80211: add missing attribute validation for critical protocol indication + +From: Jakub Kicinski + +commit 0e1a1d853ecedc99da9d27f9f5c376935547a0e2 upstream. + +Add missing attribute validation for critical protocol fields +to the netlink policy. + +Fixes: 5de17984898c ("cfg80211: introduce critical protocol indication from user-space") +Signed-off-by: Jakub Kicinski +Link: https://lore.kernel.org/r/20200303051058.4089398-2-kuba@kernel.org +Signed-off-by: Johannes Berg +Signed-off-by: Greg Kroah-Hartman + +--- + net/wireless/nl80211.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/net/wireless/nl80211.c ++++ b/net/wireless/nl80211.c +@@ -404,6 +404,8 @@ static const struct nla_policy nl80211_p + [NL80211_ATTR_MDID] = { .type = NLA_U16 }, + [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY, + .len = IEEE80211_MAX_DATA_LEN }, ++ [NL80211_ATTR_CRIT_PROT_ID] = { .type = NLA_U16 }, ++ [NL80211_ATTR_MAX_CRIT_PROT_DURATION] = { .type = NLA_U16 }, + [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 }, + [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 }, + [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG }, diff --git a/queue-4.4/series b/queue-4.4/series index 3ba1fb2816e..63c3a5fe47a 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -27,3 +27,6 @@ arc-define-__align_str-and-__align-symbols-for-arc.patch efi-fix-a-race-and-a-buffer-overflow-while-reading-efivars-via-sysfs.patch iommu-vt-d-dmar-replace-warn_taint-with-pr_warn-add_taint.patch iommu-vt-d-fix-a-bug-in-intel_iommu_iova_to_phys-for-huge-page.patch +nl80211-add-missing-attribute-validation-for-critical-protocol-indication.patch +nl80211-add-missing-attribute-validation-for-channel-switch.patch +netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch -- 2.47.3