LinuxLists.cc - [PATCH v3 1/2] wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd

2024-01-11 16:36:43

Subject: [PATCH v3 1/2] wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

The workqueue might still be running, when the driver is stopped. To
avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().

Fixes: e542e66b7c2e ("rtl8xxxu: add bluetooth co-existence support for single antenna")
Signed-off-by: Martin Kaistra <[email protected]>
---
drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c b/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c
index aac5940936290..757ebd46452eb 100644
--- a/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c
+++ b/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c
@@ -7480,6 +7480,7 @@ static void rtl8xxxu_stop(struct ieee80211_hw *hw)
if (priv->usb_interrupts)
rtl8xxxu_write32(priv, REG_USB_HIMR, 0);

+ cancel_work_sync(&priv->c2hcmd_work);
cancel_delayed_work_sync(&priv->ra_watchdog);

rtl8xxxu_free_rx_resources(priv);
--
2.39.2

2024-01-12 00:16:04

by Ping-Ke Shih

[permalink] [raw]

Subject: RE: [PATCH v3 1/2] wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

> -----Original Message-----
> From: Martin Kaistra <[email protected]>
> Sent: Friday, January 12, 2024 12:36 AM
> To: [email protected]
> Cc: Jes Sorensen <[email protected]>; Kalle Valo <[email protected]>; Ping-Ke Shih
> <[email protected]>; Bitterblue Smith <[email protected]>; Sebastian Andrzej Siewior
> <[email protected]>
> Subject: [PATCH v3 1/2] wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
>
> The workqueue might still be running, when the driver is stopped. To
> avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().
>
> Fixes: e542e66b7c2e ("rtl8xxxu: add bluetooth co-existence support for single antenna")
> Signed-off-by: Martin Kaistra <[email protected]>

Reviewed-by: Ping-Ke Shih <[email protected]>

2024-01-14 19:10:09

by Kalle Valo

[permalink] [raw]

Subject: Re: [PATCH v3 1/2] wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

Martin Kaistra <[email protected]> wrote:

> The workqueue might still be running, when the driver is stopped. To
> avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().
>
> Fixes: e542e66b7c2e ("rtl8xxxu: add bluetooth co-existence support for single antenna")
> Signed-off-by: Martin Kaistra <[email protected]>
> Reviewed-by: Ping-Ke Shih <[email protected]>

2 patches applied to wireless-next.git, thanks.

1213acb478a7 wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
ece90a862232 wifi: rtl8xxxu: enable channel switch support

--
https://patchwork.kernel.org/project/linux-wireless/patch/[email protected]/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches