2.6.38-stable review patch. If anyone has any objections, please let us know.
------------------ From: Johannes Berg <[email protected]> commit a2b76b3b31568da9d281a393845f17689594ccdf upstream. If change_interface gets invoked during a firmware restart, it may crash; prevent that from happening by checking if ctx->vif is assigned. Additionally, in my initial commit I forgot to set the vif->p2p variable correctly, so fix that too. Signed-off-by: Johannes Berg <[email protected]> Signed-off-by: Wey-Yi Guy <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]> --- drivers/net/wireless/iwlwifi/iwl-core.c | 10 ++++++++++ 1 file changed, 10 insertions(+) --- a/drivers/net/wireless/iwlwifi/iwl-core.c +++ b/drivers/net/wireless/iwlwifi/iwl-core.c @@ -1879,6 +1879,15 @@ int iwl_mac_change_interface(struct ieee mutex_lock(&priv->mutex); + if (!ctx->vif || !iwl_is_ready_rf(priv)) { + /* + * Huh? But wait ... this can maybe happen when + * we're in the middle of a firmware restart! + */ + err = -EBUSY; + goto out; + } + interface_modes = ctx->interface_modes | ctx->exclusive_interface_modes; if (!(interface_modes & BIT(newtype))) { @@ -1906,6 +1915,7 @@ int iwl_mac_change_interface(struct ieee /* success */ iwl_teardown_interface(priv, vif, true); vif->type = newtype; + vif->p2p = newp2p; err = iwl_setup_interface(priv, ctx); WARN_ON(err); /* _______________________________________________ stable mailing list [email protected] http://linux.kernel.org/mailman/listinfo/stable
