www.infradead.org Git - users/jedix/linux-maple.git/commit

author	P Praneesh <praneesh.p@oss.qualcomm.com>
	Wed, 2 Apr 2025 17:57:14 +0000 (23:27 +0530)
committer	Jeff Johnson <jeff.johnson@oss.qualcomm.com>
	Mon, 7 Apr 2025 15:21:58 +0000 (08:21 -0700)
commit	6f8a27a584b23e9dedefd6cb110dd2587b84a6d4
tree	8624edbe9f1a41bf655c73f213c6180c3fc7d16c	tree
parent	75ec94db880b1e4b4f9182885d60db0db6e2ee56	commit \| diff

wifi: ath12k: Fix memory corruption during MLO multicast tx

The struct sk_buff's control buffer is shared by mac80211's struct
ieee80211_tx_info and ath12k's struct ath12k_skb_cb. When the driver wants
to transmit an skb, it caches all the mac80211-specific information from
struct ieee80211_tx_info, then performs a memset on the control buffer
before writing the ath12k-specific information using struct ath12k_skb_cb.
However, during multicast tx, the key is being filled into the driver data,
which overwrites some crucial members like link_id and flags in struct
ath12k_skb_cb. This causes invalid information retrieval when the driver
accesses these fields during ath12k_dp_tx(). Fix this issue by removing
the key filling logic during MLO multicast tx, as it is not used anywhere
in the tx path.

Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1
Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3

Fixes: 2f50de725677 ("wifi: ath12k: Add support for MLO Multicast handling in driver")
Signed-off-by: P Praneesh <praneesh.p@oss.qualcomm.com>
Link: https://patch.msgid.link/20250402175714.2667270-1-praneesh.p@oss.qualcomm.com
Signed-off-by: Jeff Johnson <jeff.johnson@oss.qualcomm.com>