git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Fedor Pchelkin <pchelkin@ispras.ru>
	Mon, 27 Oct 2025 11:18:40 +0000 (14:18 +0300)
committer	Felix Fietkau <nbd@nbd.name>
	Mon, 24 Nov 2025 13:37:55 +0000 (14:37 +0100)
commit	5ef6de7bad7255621f5f542d8d313b93662b7524
tree	8cba4862d1c282f00a351b294e898cc2fb098fe3	tree \| snapshot
parent	cdb2941a516cf06929293604e2e0f4c1d6f3541e	commit \| diff

wifi: mt76: adjust BSS conf pointer handling

Passing a BSS conf pointer to mt76_connac2_mac_tx_rate_val() currently has
two inconsistencies.

When called from mt76_connac2_mac_write_txwi(), BSS conf is got by
dereferencing a vif pointer.  A NULL vif isn't accounted for though the
function itself supposes it to be NULL and tries to handle this case in
previous checks.  This looks like a cosmetic change since the drivers
calling the function (namely, mt7915 and mt7921) set WANT_MONITOR_VIF flag
so judging by info->control.vif initialization inside ieee80211_tx_*()
routines it can't actually come as NULL here.

The same holds for the BSS conf pointer handling inside
mt76_connac2_mac_tx_rate_val().  It is dereferenced before being checked
for NULL.  The function supposes to handle the case so reorder the check
and dereference of the pointer.  Again, this looks like a syntax issue
only.

Found by Linux Verification Center (linuxtesting.org) with SVACE static
analysis tool.

Co-developed-by: Matvey Kovalev <matvey.kovalev@ispras.ru>
Signed-off-by: Matvey Kovalev <matvey.kovalev@ispras.ru>
Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru>
Link: https://patch.msgid.link/20251027111843.38975-2-pchelkin@ispras.ru
Signed-off-by: Felix Fietkau <nbd@nbd.name>