www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Manikanta Pubbisetty <quic_mpubbise@quicinc.com>
	Mon, 26 Aug 2024 05:33:26 +0000 (11:03 +0530)
committer	Kalle Valo <quic_kvalo@quicinc.com>
	Sat, 28 Sep 2024 09:14:25 +0000 (12:14 +0300)
commit	5094204ff5ae7e32ec56632cf0dd7208df621a9f
tree	5ea1b8326815e4ec057f8d24fddc4119d029b901	tree
parent	acf8304b58e86931822f2c9af1b5d7751b2d3028	commit \| diff

wifi: ath11k: Fix double free issue during SRNG deinit

Currently struct ath11k_hal::srng_config pointer is not assigned
to NULL after freeing the memory in ath11k_hal_srng_deinit().
This could lead to double free issue in a scenario where
ath11k_hal_srng_deinit() is invoked back to back.

In the current code, although the chances are very low, the above
said scenario could happen when hardware recovery has failed and
then there is another FW assert where ath11k_hal_srng_deinit() is
invoked once again as part of recovery.

Fix this by assigning the struct ath11k_hal::srng_config pointer
to NULL after freeing the memory.

Tested-on: WCN6750 hw1.0 AHB WLAN.MSL.1.0.1-00887-QCAMSLSWPLZ-1
Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.16
Tested-on: IPQ5018 hw1.0 AHB WLAN.HK.2.6.0.1-00861-QCAHKSWPL_SILICONZ-1
Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1

Signed-off-by: Manikanta Pubbisetty <quic_mpubbise@quicinc.com>
Signed-off-by: Balaji Pothunoori <quic_bpothuno@quicinc.com>
Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com>
Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com>
Link: https://patch.msgid.link/20240826053326.8878-1-quic_bpothuno@quicinc.com