From b0a011d8f4aff5c24736eb1213e667aaad113c6a Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Thu, 3 Oct 2024 05:58:17 -0700 Subject: [PATCH] netdev: fix crash in the RSSI polling fallback workaround Prior to adding the polling fallback this code path was only used for signal level list notifications and netdev_rssi_polling_update() was structured as such, where if the RSSI list feature existed there was nothing to be done as the kernel handled the notifications. For certain mediatek cards this is broken, hence why the fallback was added. But netdev_rssi_polling_update() was never changed to take this into account which bypassed the timer cleanup on disconnections resulting in a crash when the timer fired after IWD was disconnected: iwd: ++++++++ backtrace ++++++++ iwd: #0 0x7b5459642520 in /lib/x86_64-linux-gnu/libc.so.6 iwd: #1 0x7b54597aedf4 in /lib/x86_64-linux-gnu/libc.so.6 iwd: #2 0x49f82d in l_netlink_message_append() at ome/jprestwood/iwd/ell/netlink.c:825 iwd: #3 0x4a0c12 in l_genl_msg_append_attr() at ome/jprestwood/iwd/ell/genl.c:1522 iwd: #4 0x405c61 in netdev_rssi_poll() at ome/jprestwood/iwd/src/netdev.c:764 iwd: #5 0x49cce4 in timeout_callback() at ome/jprestwood/iwd/ell/timeout.c:70 iwd: #6 0x49c2ed in l_main_iterate() at ome/jprestwood/iwd/ell/main.c:455 (discriminator 2) iwd: #7 0x49c3bc in l_main_run() at ome/jprestwood/iwd/ell/main.c:504 iwd: #8 0x49c5f0 in l_main_run_with_signal() at ome/jprestwood/iwd/ell/main.c:632 iwd: #9 0x4049ed in main() at ome/jprestwood/iwd/src/main.c:614 iwd: #10 0x7b5459629d90 in /lib/x86_64-linux-gnu/libc.so.6 iwd: #11 0x7b5459629e40 in /lib/x86_64-linux-gnu/libc.so.6 iwd: +++++++++++++++++++++++++++ To fix this we need to add checks for the cqm_poll_fallback flag in netdev_rssi_polling_update(). --- src/netdev.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index d298977a..8379a598 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -769,11 +769,12 @@ static void netdev_rssi_poll(struct l_timeout *timeout, void *user_data) /* To be called whenever operational or rssi_levels_num are updated */ static void netdev_rssi_polling_update(struct netdev *netdev) { - if (wiphy_has_ext_feature(netdev->wiphy, + if (!netdev->cqm_poll_fallback && wiphy_has_ext_feature(netdev->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST)) return; - if (netdev->operational && netdev->rssi_levels_num > 0) { + if (netdev->operational && (netdev->rssi_levels_num > 0 || + netdev->cqm_poll_fallback)) { if (netdev->rssi_poll_timeout) return;