Revision - 6c80c39 - iwlagn: fix dangling scan request - origin: https://github.com/torvalds/linux

visit type:

https://github.com/torvalds/linux

17 May 2024, 09:02:56 UTC

Revision 6c80c39d9a6986a566c30d797aae37bfb697eea3 authored by Johannes Berg on 22 September 2011, 21:59:04 UTC, committed by John W. Linville on 26 September 2011, 18:55:50 UTC

iwlagn: fix dangling scan request

If iwl_scan_initiate() fails for any reason,
priv->scan_request and priv->scan_vif are left
dangling. This can lead to a crash later when
iwl_bg_scan_completed() tries to run a pending
scan request.

In practice, this seems to be very rare due to
the STATUS_SCANNING check earlier. That check,
however, is wrong -- it should allow a scan to
be queued when a reset/roc scan is going on.
When a normal scan is already going on, a new
one can't be issued by mac80211, so that code
can be removed completely. I introduced this
bug when adding off-channel support in commit
266af4c745952e9bebf687dd68af58df553cb59d.

Cc: stable@kernel.org [3.0]
Reported-by: Peng Yan <peng.yan@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

1 parent 1b9ca02

Files
Changes

Permalinks

Tip revision: 6c80c39d9a6986a566c30d797aae37bfb697eea3 authored by Johannes Berg on 22 September 2011, 21:59:04 UTC
iwlagn: fix dangling scan request

Tip revision: 6c80c39

File	Mode	Size
Kconfig	-rw-r--r--	12.3 KB
Kconfig.debug	-rw-r--r--	908 bytes
Makefile	-rw-r--r--	1.8 KB
backing-dev.c	-rw-r--r--	21.4 KB
bootmem.c	-rw-r--r--	20.8 KB
bounce.c	-rw-r--r--	6.5 KB
cleancache.c	-rw-r--r--	6.9 KB
compaction.c	-rw-r--r--	20.0 KB
debug-pagealloc.c	-rw-r--r--	2.5 KB
dmapool.c	-rw-r--r--	13.0 KB
fadvise.c	-rw-r--r--	3.5 KB
failslab.c	-rw-r--r--	1.3 KB
filemap.c	-rw-r--r--	69.4 KB
filemap_xip.c	-rw-r--r--	11.0 KB
fremap.c	-rw-r--r--	6.7 KB
highmem.c	-rw-r--r--	10.3 KB
huge_memory.c	-rw-r--r--	61.5 KB
hugetlb.c	-rw-r--r--	76.3 KB
hwpoison-inject.c	-rw-r--r--	3.3 KB
init-mm.c	-rw-r--r--	619 bytes
internal.h	-rw-r--r--	7.2 KB
kmemcheck.c	-rw-r--r--	2.8 KB
kmemleak-test.c	-rw-r--r--	3.3 KB
kmemleak.c	-rw-r--r--	49.7 KB
ksm.c	-rw-r--r--	54.7 KB
maccess.c	-rw-r--r--	1.6 KB
madvise.c	-rw-r--r--	11.5 KB
memblock.c	-rw-r--r--	22.6 KB
memcontrol.c	-rw-r--r--	146.7 KB
memory-failure.c	-rw-r--r--	39.1 KB
memory.c	-rw-r--r--	107.2 KB
memory_hotplug.c	-rw-r--r--	23.9 KB
mempolicy.c	-rw-r--r--	64.3 KB
mempool.c	-rw-r--r--	8.9 KB
migrate.c	-rw-r--r--	31.6 KB
mincore.c	-rw-r--r--	7.7 KB
mlock.c	-rw-r--r--	15.5 KB
mm_init.c	-rw-r--r--	3.7 KB
mmap.c	-rw-r--r--	69.3 KB
mmu_context.c	-rw-r--r--	1.4 KB
mmu_notifier.c	-rw-r--r--	9.1 KB
mmzone.c	-rw-r--r--	1.8 KB
mprotect.c	-rw-r--r--	7.9 KB
mremap.c	-rw-r--r--	13.2 KB
msync.c	-rw-r--r--	2.4 KB
nobootmem.c	-rw-r--r--	10.5 KB
nommu.c	-rw-r--r--	50.7 KB
oom_kill.c	-rw-r--r--	21.6 KB
page-writeback.c	-rw-r--r--	45.7 KB
page_alloc.c	-rw-r--r--	159.5 KB
page_cgroup.c	-rw-r--r--	12.9 KB
page_io.c	-rw-r--r--	3.2 KB
page_isolation.c	-rw-r--r--	3.6 KB
pagewalk.c	-rw-r--r--	5.7 KB
percpu-km.c	-rw-r--r--	2.8 KB
percpu-vm.c	-rw-r--r--	13.0 KB
percpu.c	-rw-r--r--	55.5 KB
pgtable-generic.c	-rw-r--r--	3.3 KB
prio_tree.c	-rw-r--r--	6.3 KB
quicklist.c	-rw-r--r--	2.4 KB
readahead.c	-rw-r--r--	15.1 KB
rmap.c	-rw-r--r--	50.1 KB
shmem.c	-rw-r--r--	78.2 KB
slab.c	-rw-r--r--	117.6 KB
slob.c	-rw-r--r--	17.1 KB
slub.c	-rw-r--r--	117.5 KB
sparse-vmemmap.c	-rw-r--r--	5.9 KB
sparse.c	-rw-r--r--	20.5 KB
swap.c	-rw-r--r--	19.9 KB
swap_state.c	-rw-r--r--	10.4 KB
swapfile.c	-rw-r--r--	65.2 KB
thrash.c	-rw-r--r--	3.9 KB
truncate.c	-rw-r--r--	17.6 KB
util.c	-rw-r--r--	7.3 KB
vmalloc.c	-rw-r--r--	64.0 KB
vmscan.c	-rw-r--r--	97.8 KB
vmstat.c	-rw-r--r--	33.1 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...