Re: Patch "wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change" has been added to the 6.6-stable tree

Am Sonntag, dem 08.09.2024 um 09:37 -0400 schrieb Sasha Levin:

This is a note to let you know that I've just added the patch titled

wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change

to the 6.6-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...

The filename of the patch is: wifi-mt76-mt7921-fix-null-pointer-access-in-mt7921_i.patch and it can be found in the queue-6.6 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.

commit 857d7854c40324bfc70a6d32c9eb0792bc7c0b56 Author: Bert Karwatzki spasswolf@web.de Date: Mon Aug 12 12:45:41 2024 +0200

wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change

[ Upstream commit 479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3 ]

When disabling wifi mt7921_ipv6_addr_change() is called as a notifier.
At this point mvif->phy is already NULL so we cannot use it here.

Signed-off-by: Bert Karwatzki <spasswolf@web.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Kalle Valo <kvalo@kernel.org>
Link: https://patch.msgid.link/20240812104542.80760-1-spasswolf@web.de
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/main.c b/drivers/net/wireless/mediatek/mt76/mt7921/main.c index 6a5c2cae087d..6dec54431312 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/main.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/main.c @@ -1095,7 +1095,7 @@ static void mt7921_ipv6_addr_change(struct ieee80211_hw *hw, struct inet6_dev *idev) { struct mt792x_vif *mvif = (struct mt792x_vif *)vif->drv_priv;

• struct mt792x_dev *dev = mvif->phy->dev;

• struct mt792x_dev *dev = mt792x_hw_dev(hw); struct inet6_ifaddr *ifa; struct in6_addr ns_addrs[IEEE80211_BSS_ARP_ADDR_LIST_LEN]; struct sk_buff *skb;

The patch is only fixes a NULL pointer if the tree also contains this commit:

commit 574e609c4e6a0843a9ed53de79e00da8fb3e7437 Author: Felix Fietkau nbd@nbd.name Date: Thu Jul 4 15:09:47 2024 +0200

wifi: mac80211: clear vif drv_priv after remove_interface when stopping

Avoid reusing stale driver data when an interface is brought down and up again. In order to avoid having to duplicate the memset in every single driver, do it here.

Signed-off-by: Felix Fietkau nbd@nbd.name Link: https://patch.msgid.link/20240704130947.48609-1-nbd@nbd.name Signed-off-by: Johannes Berg johannes.berg@intel.com

In trees which do not contain this the patch is not necessary.

Bert Karwatzki