wifi: ath11k: fix double free of peer rx_tid during reo cmd failure - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Harshitha Prem <quic_hprem@quicinc.com>	2023-04-17 13:35:00 +0300
committer	Kalle Valo <quic_kvalo@quicinc.com>	2023-04-19 17:22:47 +0300
commit	93a91f40c25c3d0e61f8540a7accf105090f9995 (patch)
tree	3a703b11608627883e0341e3131d3065240c82c5 /tools/perf/scripts/python/export-to-postgresql.py
parent	ed09c61eb19d9889780c791cb316ac76468f5186 (diff)
download	linux-93a91f40c25c3d0e61f8540a7accf105090f9995.tar.xz

wifi: ath11k: fix double free of peer rx_tid during reo cmd failure

Peer rx_tid is locally copied thrice during peer_rx_tid_cleanup to send REO_CMD_UPDATE_RX_QUEUE followed by REO_CMD_FLUSH_CACHE to flush all aged REO descriptors from HW cache. When sending REO_CMD_FLUSH_CACHE fails, we do dma unmap of already mapped rx_tid->vaddr and free it. This is not checked during reo_cmd_list_cleanup() and dp_reo_cmd_free() before trying to free and unmap again. Fix this by setting rx_tid->vaddr NULL in rx tid delete and also wherever freeing it to check in reo_cmd_list_cleanup() and reo_cmd_free() before trying to free again. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1 Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1 Signed-off-by: Sathishkumar Muruganandam <quic_murugana@quicinc.com> Signed-off-by: Harshitha Prem <quic_hprem@quicinc.com> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Link: https://lore.kernel.org/r/20230403182420.23375-2-quic_hprem@quicinc.com

Diffstat (limited to 'tools/perf/scripts/python/export-to-postgresql.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: