--- /dev/null
+From davis@mosenkovs.lv Thu Jul 15 13:54:04 2021
+From: Davis Mosenkovs <davis@mosenkovs.lv>
+Date: Sat, 10 Jul 2021 21:37:10 +0300
+Subject: mac80211: fix memory corruption in EAPOL handling
+To: johannes@sipsolutions.net
+Cc: linux-wireless@vger.kernel.org, stable@vger.kernel.org, Davis Mosenkovs <davis@mosenkovs.lv>
+Message-ID: <20210710183710.5687-1-davis@mosenkovs.lv>
+
+From: Davis Mosenkovs <davis@mosenkovs.lv>
+
+Commit e3d4030498c3 ("mac80211: do not accept/forward invalid EAPOL
+frames") uses skb_mac_header() before eth_type_trans() is called
+leading to incorrect pointer, the pointer gets written to. This issue
+has appeared during backporting to 4.4, 4.9 and 4.14.
+
+Fixes: e3d4030498c3 ("mac80211: do not accept/forward invalid EAPOL frames")
+Link: https://lore.kernel.org/r/CAHQn7pKcyC_jYmGyTcPCdk9xxATwW5QPNph=bsZV8d-HPwNsyA@mail.gmail.com
+Cc: <stable@vger.kernel.org> # 4.4.x
+Signed-off-by: Davis Mosenkovs <davis@mosenkovs.lv>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/mac80211/rx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/mac80211/rx.c
++++ b/net/mac80211/rx.c
+@@ -2404,7 +2404,7 @@ ieee80211_deliver_skb(struct ieee80211_r
+ #endif
+
+ if (skb) {
+- struct ethhdr *ehdr = (void *)skb_mac_header(skb);
++ struct ethhdr *ehdr = (struct ethhdr *)skb->data;
+
+ /* deliver to local stack */
+ skb->protocol = eth_type_trans(skb, dev);
--- /dev/null
+From 015d98149b326e0f1f02e44413112ca8b4330543 Mon Sep 17 00:00:00 2001
+From: Nathan Chancellor <nathan@kernel.org>
+Date: Fri, 28 May 2021 11:27:52 -0700
+Subject: powerpc/barrier: Avoid collision with clang's __lwsync macro
+
+From: Nathan Chancellor <nathan@kernel.org>
+
+commit 015d98149b326e0f1f02e44413112ca8b4330543 upstream.
+
+A change in clang 13 results in the __lwsync macro being defined as
+__builtin_ppc_lwsync, which emits 'lwsync' or 'msync' depending on what
+the target supports. This breaks the build because of -Werror in
+arch/powerpc, along with thousands of warnings:
+
+ In file included from arch/powerpc/kernel/pmc.c:12:
+ In file included from include/linux/bug.h:5:
+ In file included from arch/powerpc/include/asm/bug.h:109:
+ In file included from include/asm-generic/bug.h:20:
+ In file included from include/linux/kernel.h:12:
+ In file included from include/linux/bitops.h:32:
+ In file included from arch/powerpc/include/asm/bitops.h:62:
+ arch/powerpc/include/asm/barrier.h:49:9: error: '__lwsync' macro redefined [-Werror,-Wmacro-redefined]
+ #define __lwsync() __asm__ __volatile__ (stringify_in_c(LWSYNC) : : :"memory")
+ ^
+ <built-in>:308:9: note: previous definition is here
+ #define __lwsync __builtin_ppc_lwsync
+ ^
+ 1 error generated.
+
+Undefine this macro so that the runtime patching introduced by
+commit 2d1b2027626d ("powerpc: Fixup lwsync at runtime") continues to
+work properly with clang and the build no longer breaks.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Nathan Chancellor <nathan@kernel.org>
+Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Link: https://github.com/ClangBuiltLinux/linux/issues/1386
+Link: https://github.com/llvm/llvm-project/commit/62b5df7fe2b3fda1772befeda15598fbef96a614
+Link: https://lore.kernel.org/r/20210528182752.1852002-1-nathan@kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/powerpc/include/asm/barrier.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/powerpc/include/asm/barrier.h
++++ b/arch/powerpc/include/asm/barrier.h
+@@ -42,6 +42,8 @@
+ # define SMPWMB eieio
+ #endif
+
++/* clang defines this macro for a builtin, which will not work with runtime patching */
++#undef __lwsync
+ #define __lwsync() __asm__ __volatile__ (stringify_in_c(LWSYNC) : : :"memory")
+ #define dma_rmb() __lwsync()
+ #define dma_wmb() __asm__ __volatile__ (stringify_in_c(SMPWMB) : : :"memory")
projects / thirdparty / kernel / stable-queue.git / commitdiff
