[PATCH] wifi: ath11k: Fix double free issue during SRNG deinit
Kalle Valo
kvalo at kernel.org
Sat Sep 28 02:14:32 PDT 2024
Balaji Pothunoori <quic_bpothuno at quicinc.com> wrote:
> Currently struct ath11k_hal::srng_config pointer is not assigned
> to NULL after freeing the memory in ath11k_hal_srng_deinit().
> This could lead to double free issue in a scenario where
> ath11k_hal_srng_deinit() is invoked back to back.
>
> In the current code, although the chances are very low, the above
> said scenario could happen when hardware recovery has failed and
> then there is another FW assert where ath11k_hal_srng_deinit() is
> invoked once again as part of recovery.
>
> Fix this by assigning the struct ath11k_hal::srng_config pointer
> to NULL after freeing the memory.
>
> Tested-on: WCN6750 hw1.0 AHB WLAN.MSL.1.0.1-00887-QCAMSLSWPLZ-1
> Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.16
> Tested-on: IPQ5018 hw1.0 AHB WLAN.HK.2.6.0.1-00861-QCAHKSWPL_SILICONZ-1
> Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
>
> Signed-off-by: Manikanta Pubbisetty <quic_mpubbise at quicinc.com>
> Signed-off-by: Balaji Pothunoori <quic_bpothuno at quicinc.com>
> Acked-by: Jeff Johnson <quic_jjohnson at quicinc.com>
> Signed-off-by: Kalle Valo <quic_kvalo at quicinc.com>
Patch applied to ath-next branch of ath.git, thanks.
5094204ff5ae wifi: ath11k: Fix double free issue during SRNG deinit
--
https://patchwork.kernel.org/project/linux-wireless/patch/20240826053326.8878-1-quic_bpothuno@quicinc.com/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
https://docs.kernel.org/process/submitting-patches.html
More information about the ath11k
mailing list