| From 8fb1feae687645a1c48070f2eebc44fcb7db080d Mon Sep 17 00:00:00 2001 |
| From: Peter Chiu <chui-hao.chiu@mediatek.com> |
| Date: Mon, 30 Oct 2023 11:06:19 +0800 |
| Subject: [PATCH 010/223] mtk: mt76: add sanity check to prevent kernel crash |
| |
| wcid may not be initialized when mac80211 calls mt76.tx and it would lead to |
| kernel crash. |
| |
| Change-Id: I90004271c6e91620c6991195dd332780ce28380e |
| Signed-off-by: Peter Chiu <chui-hao.chiu@mediatek.com> |
| --- |
| tx.c | 10 +++++++++- |
| 1 file changed, 9 insertions(+), 1 deletion(-) |
| |
| diff --git a/tx.c b/tx.c |
| index 7521e739..2634c5bc 100644 |
| --- a/tx.c |
| +++ b/tx.c |
| @@ -352,8 +352,16 @@ mt76_tx(struct mt76_phy *phy, struct ieee80211_sta *sta, |
| if ((info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) || |
| (info->control.flags & IEEE80211_TX_CTRL_SCAN_TX)) |
| head = &wcid->tx_offchannel; |
| - else |
| + else { |
| + if (!wcid->tx_pending.prev || !wcid->tx_pending.next) { |
| + dev_warn(phy->dev->dev, "Un-initialized STA %pM wcid %d in mt76_tx\n", |
| + sta->addr, wcid->idx); |
| + |
| + ieee80211_free_txskb(phy->hw, skb); |
| + return; |
| + } |
| head = &wcid->tx_pending; |
| + } |
| |
| spin_lock_bh(&head->lock); |
| __skb_queue_tail(head, skb); |
| -- |
| 2.45.2 |
| |