[PATCH] ath5k: disable beacon interrupt when interface is down

[PATCH] ath5k: disable beacon interrupt when interface is down

[Bob Copeland]

When we remove the active interface, there's no need to continue
sending beacons; doing so would cause a null pointer deref in
ieee80211_beacon_get().  Disable the interrupt in remove_interface
and add a WARN_ON(!vif) in case there are other instances lurking.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
---
 drivers/net/wireless/ath/ath5k/base.c |   17 ++++++++++++++++-
 1 files changed, 16 insertions(+), 1 deletions(-)

diff --git a/drivers/net/wireless/ath/ath5k/base.c b/drivers/net/wireless/ath/ath5k/base.c
index ab2048b..85a00db 100644
--- a/drivers/net/wireless/ath/ath5k/base.c
+++ b/drivers/net/wireless/ath/ath5k/base.c
@@ -2070,6 +2070,13 @@ err_unmap:
 	return ret;
 }
 
+static void ath5k_beacon_disable(struct ath5k_softc *sc)
+{
+	sc->imask &= ~(AR5K_INT_BMISS | AR5K_INT_SWBA);
+	ath5k_hw_set_imr(sc->ah, sc->imask);
+	ath5k_hw_stop_tx_dma(sc->ah, sc->bhalq);
+}
+
 /*
  * Transmit a beacon frame at SWBA.  Dynamic updates to the
  * frame contents are done as needed and the slot time is
@@ -2757,6 +2764,7 @@ ath5k_remove_interface(struct ieee80211_hw *hw,
 		goto end;
 
 	ath5k_hw_set_lladdr(sc->ah, mac);
+	ath5k_beacon_disable(sc);
 	sc->vif = NULL;
 end:
 	mutex_unlock(&sc->lock);
@@ -3060,7 +3068,14 @@ ath5k_beacon_update(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
 {
 	int ret;
 	struct ath5k_softc *sc = hw->priv;
-	struct sk_buff *skb = ieee80211_beacon_get(hw, vif);
+	struct sk_buff *skb;
+
+	if (WARN_ON(!vif)) {
+		ret = -EINVAL;
+		goto out;
+	}
+
+	skb = ieee80211_beacon_get(hw, vif);
 
 	if (!skb) {
 		ret = -ENOMEM;
-- 
1.6.0.6

Re: [PATCH] ath5k: disable beacon interrupt when interface is down

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 1884 bytes --]

On Tue, 2009-06-02 at 23:03 -0400, Bob Copeland wrote:
> When we remove the active interface, there's no need to continue
> sending beacons; doing so would cause a null pointer deref in
> ieee80211_beacon_get().  Disable the interrupt in remove_interface
> and add a WARN_ON(!vif) in case there are other instances lurking.

There's a beacon_enabled setting passed in from mac80211, you should
just use that?

johannes

> Signed-off-by: Bob Copeland <me@bobcopeland.com>
> ---
>  drivers/net/wireless/ath/ath5k/base.c |   17 ++++++++++++++++-
>  1 files changed, 16 insertions(+), 1 deletions(-)
> 
> diff --git a/drivers/net/wireless/ath/ath5k/base.c b/drivers/net/wireless/ath/ath5k/base.c
> index ab2048b..85a00db 100644
> --- a/drivers/net/wireless/ath/ath5k/base.c
> +++ b/drivers/net/wireless/ath/ath5k/base.c
> @@ -2070,6 +2070,13 @@ err_unmap:
>  	return ret;
>  }
>  
> +static void ath5k_beacon_disable(struct ath5k_softc *sc)
> +{
> +	sc->imask &= ~(AR5K_INT_BMISS | AR5K_INT_SWBA);
> +	ath5k_hw_set_imr(sc->ah, sc->imask);
> +	ath5k_hw_stop_tx_dma(sc->ah, sc->bhalq);
> +}
> +
>  /*
>   * Transmit a beacon frame at SWBA.  Dynamic updates to the
>   * frame contents are done as needed and the slot time is
> @@ -2757,6 +2764,7 @@ ath5k_remove_interface(struct ieee80211_hw *hw,
>  		goto end;
>  
>  	ath5k_hw_set_lladdr(sc->ah, mac);
> +	ath5k_beacon_disable(sc);
>  	sc->vif = NULL;
>  end:
>  	mutex_unlock(&sc->lock);
> @@ -3060,7 +3068,14 @@ ath5k_beacon_update(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
>  {
>  	int ret;
>  	struct ath5k_softc *sc = hw->priv;
> -	struct sk_buff *skb = ieee80211_beacon_get(hw, vif);
> +	struct sk_buff *skb;
> +
> +	if (WARN_ON(!vif)) {
> +		ret = -EINVAL;
> +		goto out;
> +	}
> +
> +	skb = ieee80211_beacon_get(hw, vif);
>  
>  	if (!skb) {
>  		ret = -ENOMEM;

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: [PATCH] ath5k: disable beacon interrupt when interface is down

[Bob Copeland]

On Wed, Jun 03, 2009 at 09:09:04AM +0200, Johannes Berg wrote:
> On Tue, 2009-06-02 at 23:03 -0400, Bob Copeland wrote:
> > When we remove the active interface, there's no need to continue
> > sending beacons; doing so would cause a null pointer deref in
> > ieee80211_beacon_get().  Disable the interrupt in remove_interface
> > and add a WARN_ON(!vif) in case there are other instances lurking.
> 
> There's a beacon_enabled setting passed in from mac80211, you should
> just use that?

Hmm, yeah, I didn't know that.  I'll check it out.

-- 
Bob Copeland %% www.bobcopeland.com

Re: [PATCH] ath5k: disable beacon interrupt when interface is down

[John W. Linville]

On Wed, Jun 03, 2009 at 08:22:51AM -0400, Bob Copeland wrote:
> On Wed, Jun 03, 2009 at 09:09:04AM +0200, Johannes Berg wrote:
> > On Tue, 2009-06-02 at 23:03 -0400, Bob Copeland wrote:
> > > When we remove the active interface, there's no need to continue
> > > sending beacons; doing so would cause a null pointer deref in
> > > ieee80211_beacon_get().  Disable the interrupt in remove_interface
> > > and add a WARN_ON(!vif) in case there are other instances lurking.
> > 
> > There's a beacon_enabled setting passed in from mac80211, you should
> > just use that?
> 
> Hmm, yeah, I didn't know that.  I'll check it out.

I'll take this one for now, and you can send a better one on top when
you're ready.

Thanks,

John
-- 
John W. Linville		Someday the world will need a hero, and you
linville@tuxdriver.com			might be all we have.  Be ready.