| 1234567891011121314151617181920212223242526272829 |
- From: Hante Meuleman <hante.meuleman@broadcom.com>
- Date: Mon, 11 Apr 2016 11:35:24 +0200
- Subject: [PATCH] brcmfmac: fix p2p scan abort null pointer exception
- When p2p connection setup is performed without having ever done an
- escan a null pointer exception can occur. This is because the ifp
- to abort scanning is taken from escan struct while it was never
- initialized. Fix this by using the primary ifp for scan abort. The
- abort should still be performed and all scan related commands are
- performed on primary ifp.
- Reviewed-by: Arend Van Spriel <arend@broadcom.com>
- Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com>
- Signed-off-by: Hante Meuleman <hante.meuleman@broadcom.com>
- Signed-off-by: Arend van Spriel <arend@broadcom.com>
- Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
- ---
- --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
- +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
- @@ -1266,7 +1266,7 @@ static void
- brcmf_p2p_stop_wait_next_action_frame(struct brcmf_cfg80211_info *cfg)
- {
- struct brcmf_p2p_info *p2p = &cfg->p2p;
- - struct brcmf_if *ifp = cfg->escan_info.ifp;
- + struct brcmf_if *ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
-
- if (test_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status) &&
- (test_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status) ||
|
