wifi: mac80211: fix unassigned variable access

In ieee80211_latest_active_link_conn_timeout() we loop over all
sta->links in order to compute the timeout expiring last across
all links.

Such timeout is stored in `latest_timeout` which is used in the
time_after() comparison before having been initialized.

Fix this behaviour by initializing the variable to `jiffies` and
adapt surrouding conditions accordingly.

Note that the caller assumed latest_timeout to be 0 if no active
link was found. This is not appropriate because jiffies=0 is a
valid (and recurrent, although not often) point in time.
By using `jiffies` as default value for latest_timeout, we can
fix the caller as well.

Address-Coverity-ID: 1647986 ("Uninitialized variables (UNINIT)")
Fixes: 1bc892d76a6f ("wifi: mac80211: extend connection monitoring for MLO")
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Link: https://patch.msgid.link/20250722120634.3501-1-antonio@mandelbit.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index b4b7ea52c65e04cb841cde3d9f175e94b3c4a7dd..1008eb8e9b13beb269e423f011b3356a0c28651c 100644 (file)
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -8521,7 +8521,7 @@ static void ieee80211_sta_bcn_mon_timer(struct timer_list *t)
 static unsigned long
 ieee80211_latest_active_link_conn_timeout(struct ieee80211_sub_if_data *sdata)
 {
-       unsigned long latest_timeout;
+       unsigned long latest_timeout = jiffies;
        unsigned int link_id;
        struct sta_info *sta;
 
@@ -8554,8 +8554,7 @@ ieee80211_latest_active_link_conn_timeout(struct ieee80211_sub_if_data *sdata)
                 * is still active, and it is scheduled to fire at
                 * the latest possible timeout.
                 */
-               if (time_is_after_jiffies(timeout) &&
-                   time_after(timeout, latest_timeout))
+               if (time_after(timeout, latest_timeout))
                        latest_timeout = timeout;
        }
 
@@ -8579,7 +8578,7 @@ static void ieee80211_sta_conn_mon_timer(struct timer_list *t)
         * If latest timeout is after now, then update timer to fire at
         * the later date, but do not actually probe at this time.
         */
-       if (latest_timeout) {
+       if (time_is_after_jiffies(latest_timeout)) {
                mod_timer(&ifmgd->conn_mon_timer,
                          round_jiffies_up(latest_timeout));
                return;