Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 883a649b authored by Stanislaw Gruszka's avatar Stanislaw Gruszka Committed by John W. Linville
Browse files

iwlegacy: do not nulify il->vif on reset 



This il->vif is dereferenced in different part of iwlegacy code, so do
not nullify it. This should fix random crashes observed in companion
with microcode errors i.e. crash in il3945_config_ap().

Additionally this should address also
WARNING: at drivers/net/wireless/iwlegacy/common.c:4656 il_mac_remove_interface
at least one of the possible reasons of that warning.

Cc: stable@vger.kernel.org
Signed-off-by: default avatarStanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 8a783354

drivers/net/wireless/iwlegacy/3945-mac.c

+0 −2
Original line number Diff line number Diff line
@@ -2673,8 +2673,6 @@ il3945_bg_restart(struct work_struct *data) 


	if (test_and_clear_bit(S_FW_ERROR, &il->status)) {

		mutex_lock(&il->mutex);

		/* FIXME: vif can be dereferenced */

		il->vif = NULL;

		il->is_open = 0;

		mutex_unlock(&il->mutex);

		il3945_down(il);

drivers/net/wireless/iwlegacy/4965-mac.c

+0 −2
Original line number Diff line number Diff line
@@ -5651,8 +5651,6 @@ il4965_bg_restart(struct work_struct *data) 


	if (test_and_clear_bit(S_FW_ERROR, &il->status)) {

		mutex_lock(&il->mutex);

		/* FIXME: do we dereference vif without mutex locked ? */

		il->vif = NULL;

		il->is_open = 0;



		__il4965_down(il);

drivers/net/wireless/iwlegacy/common.c

+12 −3
Original line number Diff line number Diff line
@@ -4508,6 +4508,7 @@ il_mac_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif) 
{

	struct il_priv *il = hw->priv;

	int err;

	bool reset;



	mutex_lock(&il->mutex);

	D_MAC80211("enter: type %d, addr %pM\n", vif->type, vif->addr);
@@ -4518,7 +4519,12 @@ il_mac_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif) 
		goto out;

	}



	if (il->vif) {

	/*

	 * We do not support multiple virtual interfaces, but on hardware reset

	 * we have to add the same interface again.

	 */

	reset = (il->vif == vif);

	if (il->vif && !reset) {

		err = -EOPNOTSUPP;

		goto out;

	}
@@ -4528,9 +4534,12 @@ il_mac_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif) 


	err = il_set_mode(il);

	if (err) {

		IL_WARN("Fail to set mode %d\n", vif->type);

		if (!reset) {

			il->vif = NULL;

			il->iw_mode = NL80211_IFTYPE_STATION;

		}

	}



out:

	D_MAC80211("leave err %d\n", err);