| Message ID | 20190822073305.37840-2-nbd@nbd.name (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Felix Fietkau |
| Headers | show |
| Series | [1/2] mt76: dma: reset q->rx_head on rx reset | expand |
diff --git a/drivers/net/wireless/mediatek/mt76/mac80211.c b/drivers/net/wireless/mediatek/mt76/mac80211.c index aeb535204c4d..32ddbf088817 100644 --- a/drivers/net/wireless/mediatek/mt76/mac80211.c +++ b/drivers/net/wireless/mediatek/mt76/mac80211.c @@ -708,6 +708,9 @@ void __mt76_sta_remove(struct mt76_dev *dev, struct ieee80211_vif *vif, rcu_assign_pointer(dev->wcid[idx], NULL); synchronize_rcu(); + for (i = 0; i < ARRAY_SIZE(wcid->aggr); i++) + mt76_rx_aggr_stop(dev, wcid, i); + if (dev->drv->sta_remove) dev->drv->sta_remove(dev, vif, sta);
Fixes use-after-free issues on forced station removal during hardware restart on MT76x02 Fixes: aee5b8cf2477 ("mt76: implement A-MPDU rx reordering in the driver code") Signed-off-by: Felix Fietkau <nbd@nbd.name> --- drivers/net/wireless/mediatek/mt76/mac80211.c | 3 +++ 1 file changed, 3 insertions(+)