diff options
Diffstat (limited to 'package/kernel/mac80211/patches/349-0004-brcmfmac-fix-p2p-scan-abort-null-pointer-exception.patch')
-rw-r--r-- | package/kernel/mac80211/patches/349-0004-brcmfmac-fix-p2p-scan-abort-null-pointer-exception.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/package/kernel/mac80211/patches/349-0004-brcmfmac-fix-p2p-scan-abort-null-pointer-exception.patch b/package/kernel/mac80211/patches/349-0004-brcmfmac-fix-p2p-scan-abort-null-pointer-exception.patch new file mode 100644 index 0000000..ed0c83f --- /dev/null +++ b/package/kernel/mac80211/patches/349-0004-brcmfmac-fix-p2p-scan-abort-null-pointer-exception.patch @@ -0,0 +1,29 @@ +From: Hante Meuleman <hante.meuleman@broadcom.com> +Date: Mon, 11 Apr 2016 11:35:24 +0200 +Subject: [PATCH] brcmfmac: fix p2p scan abort null pointer exception + +When p2p connection setup is performed without having ever done an +escan a null pointer exception can occur. This is because the ifp +to abort scanning is taken from escan struct while it was never +initialized. Fix this by using the primary ifp for scan abort. The +abort should still be performed and all scan related commands are +performed on primary ifp. + +Reviewed-by: Arend Van Spriel <arend@broadcom.com> +Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com> +Signed-off-by: Hante Meuleman <hante.meuleman@broadcom.com> +Signed-off-by: Arend van Spriel <arend@broadcom.com> +Signed-off-by: Kalle Valo <kvalo@codeaurora.org> +--- + +--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c ++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c +@@ -1266,7 +1266,7 @@ static void + brcmf_p2p_stop_wait_next_action_frame(struct brcmf_cfg80211_info *cfg) + { + struct brcmf_p2p_info *p2p = &cfg->p2p; +- struct brcmf_if *ifp = cfg->escan_info.ifp; ++ struct brcmf_if *ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp; + + if (test_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status) && + (test_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status) || |