From: Greg Kroah-Hartman Date: Wed, 2 Oct 2024 12:55:26 +0000 (+0200) Subject: 6.1-stable patches X-Git-Tag: v6.6.54~10 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e467a33efb298159bef264d3ca115dc5f87f985c;p=thirdparty%2Fkernel%2Fstable-queue.git 6.1-stable patches added patches: wifi-mt76-do-not-run-mt76_unregister_device-on-unregistered-hw.patch --- diff --git a/queue-6.1/series b/queue-6.1/series index 58400f2a3aa..96ea6b138f2 100644 --- a/queue-6.1/series +++ b/queue-6.1/series @@ -387,3 +387,4 @@ libbpf-ensure-undefined-bpf_attr-field-stays-0.patch powerpc-allow-config_ppc64_big_endian_elf_abi_v2-with-ld.lld-15.patch pci-pm-mark-devices-disconnected-if-upstream-pcie-link-is-down-on-resume.patch x86-tdx-fix-in-kernel-mmio-check.patch +wifi-mt76-do-not-run-mt76_unregister_device-on-unregistered-hw.patch diff --git a/queue-6.1/wifi-mt76-do-not-run-mt76_unregister_device-on-unregistered-hw.patch b/queue-6.1/wifi-mt76-do-not-run-mt76_unregister_device-on-unregistered-hw.patch new file mode 100644 index 00000000000..73087d6ded5 --- /dev/null +++ b/queue-6.1/wifi-mt76-do-not-run-mt76_unregister_device-on-unregistered-hw.patch @@ -0,0 +1,79 @@ +From 41130c32f3a18fcc930316da17f3a5f3bc326aa1 Mon Sep 17 00:00:00 2001 +From: Lorenzo Bianconi +Date: Thu, 23 Feb 2023 00:10:25 +0100 +Subject: wifi: mt76: do not run mt76_unregister_device() on unregistered hw + +From: Lorenzo Bianconi + +commit 41130c32f3a18fcc930316da17f3a5f3bc326aa1 upstream. + +Trying to probe a mt7921e pci card without firmware results in a +successful probe where ieee80211_register_hw hasn't been called. When +removing the driver, ieee802111_unregister_hw is called unconditionally +leading to a kernel NULL pointer dereference. +Fix the issue running mt76_unregister_device routine just for registered +hw. + +Link: https://bugs.debian.org/1029116 +Link: https://bugs.kali.org/view.php?id=8140 +Reported-by: Stuart Hayhurst +Fixes: 1c71e03afe4b ("mt76: mt7921: move mt7921_init_hw in a dedicated work") +Tested-by: Helmut Grohne +Signed-off-by: Lorenzo Bianconi +Signed-off-by: Kalle Valo +Link: https://lore.kernel.org/r/be3457d82f4e44bb71a22b2b5db27b644a37b1e1.1677107277.git.lorenzo@kernel.org +Signed-off-by: Georg Müller +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/wireless/mediatek/mt76/mac80211.c | 8 ++++++++ + drivers/net/wireless/mediatek/mt76/mt76.h | 1 + + 2 files changed, 9 insertions(+) + +--- a/drivers/net/wireless/mediatek/mt76/mac80211.c ++++ b/drivers/net/wireless/mediatek/mt76/mac80211.c +@@ -522,6 +522,7 @@ int mt76_register_phy(struct mt76_phy *p + if (ret) + return ret; + ++ set_bit(MT76_STATE_REGISTERED, &phy->state); + phy->dev->phys[phy->band_idx] = phy; + + return 0; +@@ -532,6 +533,9 @@ void mt76_unregister_phy(struct mt76_phy + { + struct mt76_dev *dev = phy->dev; + ++ if (!test_bit(MT76_STATE_REGISTERED, &phy->state)) ++ return; ++ + mt76_tx_status_check(dev, true); + ieee80211_unregister_hw(phy->hw); + dev->phys[phy->band_idx] = NULL; +@@ -654,6 +658,7 @@ int mt76_register_device(struct mt76_dev + return ret; + + WARN_ON(mt76_worker_setup(hw, &dev->tx_worker, NULL, "tx")); ++ set_bit(MT76_STATE_REGISTERED, &phy->state); + sched_set_fifo_low(dev->tx_worker.task); + + return 0; +@@ -664,6 +669,9 @@ void mt76_unregister_device(struct mt76_ + { + struct ieee80211_hw *hw = dev->hw; + ++ if (!test_bit(MT76_STATE_REGISTERED, &dev->phy.state)) ++ return; ++ + if (IS_ENABLED(CONFIG_MT76_LEDS)) + mt76_led_cleanup(dev); + mt76_tx_status_check(dev, true); +--- a/drivers/net/wireless/mediatek/mt76/mt76.h ++++ b/drivers/net/wireless/mediatek/mt76/mt76.h +@@ -388,6 +388,7 @@ struct mt76_tx_cb { + + enum { + MT76_STATE_INITIALIZED, ++ MT76_STATE_REGISTERED, + MT76_STATE_RUNNING, + MT76_STATE_MCU_RUNNING, + MT76_SCANNING,