wifi: mac80211: fix NULL pointer deref with non-MLD STA

If we have a non-MLD STA on an AP MLD, we crash while
adding the station. Fix that, in this case we need to
use the STA's address also on the link data structure.

Fixes: f36fe0a2df03 ("wifi: mac80211: fix up link station creation/insertion")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index fe6500b36953e2b3dbea3afe9a83c6c6327cfeac..b0fdfc61b2f9db8a436d9c666950c29b7fd7e42d 100644 (file)
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -1854,10 +1854,15 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
            !sdata->u.mgd.associated)
                return -EINVAL;
 
+       /*
+        * If we have a link ID, it can be a non-MLO station on an AP MLD,
+        * but we need to have a link_mac in that case as well, so use the
+        * STA's MAC address in that case.
+        */
        if (params->link_sta_params.link_id >= 0)
                sta = sta_info_alloc_with_link(sdata, mac,
                                               params->link_sta_params.link_id,
-                                              params->link_sta_params.link_mac,
+                                              params->link_sta_params.link_mac ?: mac,
                                               GFP_KERNEL);
        else
                sta = sta_info_alloc(sdata, mac, GFP_KERNEL);