From: Miri Korenblit miriam.rachel.korenblit@intel.com
To: johannes@sipsolutions.net
Cc: linux-wireless@vger.kernel.org,
Avraham Stern <avraham.stern@intel.com>,
Miri Korenblit <miriam.rachel.korenblit@intel.com>
Subject: [PATCH 12/13] wifi: iwlwifi: avoid a NULL pointer dereference
Date: Thu, 7 Dec 2023 04:50:17 +0200 [thread overview]
Message-ID: <20231207044813.cd0898cafd89.I0b84daae753ba9612092bf383f5c6f761446e964@changeid> (raw)
In-Reply-To: <20231207025018.1022929-1-miriam.rachel.korenblit@intel.com>
From: Avraham Stern <avraham.stern@intel.com>
It possible that while the rx rb is being handled, the transport has
been stopped and re-started. In this case the tx queue pointer is not
yet initialized, which will lead to a NULL pointer dereference.
Fix it.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
---
drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/rx.c b/drivers/net/wireless/intel/iwlwifi/pcie/rx.c
index ab0c72c55b2d..0f405ded1a7a 100644
--- a/drivers/net/wireless/intel/iwlwifi/pcie/rx.c
+++ b/drivers/net/wireless/intel/iwlwifi/pcie/rx.c
@@ -1384,7 +1384,7 @@ static void iwl_pcie_rx_handle_rb(struct iwl_trans *trans,
* if it is true then one of the handlers took the page.
*/
- if (reclaim) {
+ if (reclaim && txq) {
u16 sequence = le16_to_cpu(pkt->hdr.sequence);
int index = SEQ_TO_INDEX(sequence);
int cmd_index = iwl_txq_get_cmd_index(txq, index);
--
2.34.1
next prev parent reply other threads:[~2023-12-06 8:50 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-07 2:50 [PATCH 00/13] wifi: iwlwifi: updates - 2023-12-06 Miri
2023-12-07 2:50 ` [PATCH 01/13] wifi: iwlwifi: mvm: Use the link ID provided in scan request Miri
2023-12-07 2:50 ` [PATCH 02/13] wifi: iwlwifi: mvm: Correctly report TSF data in scan complete Miri
2023-12-07 2:50 ` [PATCH 03/13] wifi: iwlwifi: don't support triggered EHT CQI feedback Miri
2023-12-07 2:50 ` [PATCH 04/13] wifi: iwlwifi: refactor RX tracing Miri
2023-12-07 2:50 ` [PATCH 05/13] wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data Miri
2023-12-07 2:50 ` [PATCH 06/13] wifi: iwlwifi: pcie: clean up device removal work Miri
2023-12-07 2:50 ` [PATCH 07/13] wifi: iwlwifi: pcie: dump CSRs before removal Miri
2023-12-07 2:50 ` [PATCH 08/13] wifi: iwlwifi: pcie: get_crf_id() can be void Miri
2023-12-07 2:50 ` [PATCH 09/13] wifi: iwlwifi: fw: file: don't use [0] for variable arrays Miri
2023-12-07 2:50 ` [PATCH 10/13] wifi: iwlwifi: remove async command callback Miri
2023-12-07 2:50 ` [PATCH 11/13] wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware Miri
2023-12-07 2:50 ` Miri [this message]
2023-12-07 2:50 ` [PATCH 13/13] iwlwifi: pcie: add another missing bh-disable for rxq->lock Miri
2023-12-07 13:37 ` Kalle Valo
2023-12-07 13:36 ` [PATCH 00/13] wifi: iwlwifi: updates - 2023-12-06 Kalle Valo
2023-12-07 13:37 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231207044813.cd0898cafd89.I0b84daae753ba9612092bf383f5c6f761446e964@changeid \
--to=johannes@sipsolutions.net \
--cc=avraham.stern@intel.com \
--cc=linux-wireless@vger.kernel.org \
--cc=miriam.rachel.korenblit@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.