| developer | 05f3b2b | 2024-08-19 19:17:34 +0800 | [diff] [blame] | 1 | From 65092f531e1319ed6ddb25e982393eddccb781b5 Mon Sep 17 00:00:00 2001 |
| developer | 1a17367 | 2023-12-21 14:49:33 +0800 | [diff] [blame] | 2 | From: Peter Chiu <chui-hao.chiu@mediatek.com> |
| developer | 753619c | 2024-02-22 13:42:45 +0800 | [diff] [blame] | 3 | Date: Mon, 29 Jan 2024 15:33:24 +0800 |
| developer | a20cdc2 | 2024-05-31 18:57:31 +0800 | [diff] [blame] | 4 | Subject: [PATCH 12/21] wifi: mt76: add sanity check to prevent kernel crash |
| developer | 1a17367 | 2023-12-21 14:49:33 +0800 | [diff] [blame] | 5 | |
| 6 | wcid may not be initialized when mac80211 calls mt76.tx and it would lead to |
| 7 | kernel crash. |
| 8 | |
| 9 | Signed-off-by: Peter Chiu <chui-hao.chiu@mediatek.com> |
| 10 | --- |
| 11 | tx.c | 8 ++++++++ |
| 12 | 1 file changed, 8 insertions(+) |
| 13 | |
| 14 | diff --git a/tx.c b/tx.c |
| developer | 05f3b2b | 2024-08-19 19:17:34 +0800 | [diff] [blame] | 15 | index 5cf6edee..ab42f69b 100644 |
| developer | 1a17367 | 2023-12-21 14:49:33 +0800 | [diff] [blame] | 16 | --- a/tx.c |
| 17 | +++ b/tx.c |
| 18 | @@ -345,6 +345,14 @@ mt76_tx(struct mt76_phy *phy, struct ieee80211_sta *sta, |
| 19 | |
| 20 | info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->band_idx); |
| 21 | |
| 22 | + if (!wcid->tx_pending.prev || !wcid->tx_pending.next) { |
| 23 | + dev_warn(phy->dev->dev, "Un-initialized STA %pM wcid %d in mt76_tx\n", |
| 24 | + sta->addr, wcid->idx); |
| 25 | + |
| 26 | + ieee80211_free_txskb(phy->hw, skb); |
| 27 | + return; |
| 28 | + } |
| 29 | + |
| 30 | spin_lock_bh(&wcid->tx_pending.lock); |
| 31 | __skb_queue_tail(&wcid->tx_pending, skb); |
| 32 | spin_unlock_bh(&wcid->tx_pending.lock); |
| 33 | -- |
| 34 | 2.18.0 |
| 35 | |