wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"
authorHector Martin <marcan@marcan.st>
Sat, 11 Mar 2023 14:19:14 +0000 (23:19 +0900)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 13 Mar 2023 09:21:31 +0000 (10:21 +0100)
commit 79d1ed5ca7db67d48e870c979f0e0f6b0947944a upstream.

This reverts part of commit 015b8cc5e7c4 ("wifi: cfg80211: Fix use after
free for wext")

This commit broke WPA offload by unconditionally clearing the crypto
modes for non-WEP connections. Drop that part of the patch.

Signed-off-by: Hector Martin <marcan@marcan.st>
Reported-by: Ilya <me@0upti.me>
Reported-and-tested-by: Janne Grunau <j@jannau.net>
Reviewed-by: Eric Curtin <ecurtin@redhat.com>
Fixes: 015b8cc5e7c4 ("wifi: cfg80211: Fix use after free for wext")
Cc: stable@kernel.org
Link: https://lore.kernel.org/linux-wireless/ZAx0TWRBlGfv7pNl@kroah.com/T/#m11e6e0915ab8fa19ce8bc9695ab288c0fe018edf
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/wireless/sme.c

index 89fc568..6e87d2c 100644 (file)
@@ -1486,8 +1486,6 @@ int cfg80211_connect(struct cfg80211_registered_device *rdev,
                connect->key = NULL;
                connect->key_len = 0;
                connect->key_idx = 0;
-               connect->crypto.cipher_group = 0;
-               connect->crypto.n_ciphers_pairwise = 0;
        }
 
        wdev->connect_keys = connkeys;