Currently, when sending a NULL frame to probe a station, the band
information is derived from the chanctx_conf in the mac80211 vif's
bss_conf. However, for AP MLD, chanctx_conf is not assigned to the
vif's bss_conf; instead it is assigned on a per-link basis. As a result,
for AP MLD, sending a NULL packet to probe will trigger a warning.
WARNING: net/mac80211/cfg.c:4635 at ieee80211_probe_client+0x1a8/0x1d8 [mac80211], CPU#2: hostapd/244
Call trace:
ieee80211_probe_client+0x1a8/0x1d8 [mac80211] (P)
nl80211_probe_client+0xac/0x170 [cfg80211]
genl_family_rcv_msg_doit+0xc8/0x134
genl_rcv_msg+0x200/0x280
netlink_rcv_skb+0x38/0xf0
genl_rcv+0x34/0x48
netlink_unicast+0x314/0x3a0
netlink_sendmsg+0x150/0x390
____sys_sendmsg+0x1f4/0x21c
___sys_sendmsg+0x98/0xc0
__sys_sendmsg+0x74/0xcc
__arm64_sys_sendmsg+0x20/0x34
invoke_syscall.constprop.0+0x4c/0xd0
do_el0_svc+0x3c/0xd0
el0_svc+0x28/0xc0
el0t_64_sync_handler+0x98/0xdc
el0t_64_sync+0x154/0x158
---[ end trace
0000000000000000 ]---
For NULL packets sent to probe stations, set the band information only
for non-MLD, since MLD transmissions does not rely on band.
Signed-off-by: Suraj P Kizhakkethil <suraj.kizhakkethil@oss.qualcomm.com>
Link: https://patch.msgid.link/20260213100126.1414398-2-suraj.kizhakkethil@oss.qualcomm.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
qos = sta->sta.wme;
- chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf);
- if (WARN_ON(!chanctx_conf)) {
- ret = -EINVAL;
- goto unlock;
+ if (ieee80211_vif_is_mld(&sdata->vif)) {
+ /* MLD transmissions must not rely on the band */
+ band = 0;
+ } else {
+ chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf);
+ if (WARN_ON(!chanctx_conf)) {
+ ret = -EINVAL;
+ goto unlock;
+ }
+ band = chanctx_conf->def.chan->band;
}
- band = chanctx_conf->def.chan->band;
if (qos) {
fc = cpu_to_le16(IEEE80211_FTYPE_DATA |
projects / thirdparty / linux.git / commitdiff
