From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 2/2] scan: check pending requests after regdom update
Date: Thu, 5 Sep 2024 06:43:15 -0700 [thread overview]
Message-ID: <20240905134315.374800-2-prestwoj@gmail.com> (raw)
In-Reply-To: <20240905134315.374800-1-prestwoj@gmail.com>
While there is proper handling for a regdom update during a
TRIGGER_SCAN scan, prior to NEW_SCAN_RESULTS there is no such
handling if the regdom update comes in during a GET_SCAN or
GET_SURVEY.
In both the 6ghz and non-6ghz code paths we have some issues:
- For non-6ghz devices, or regdom updates that did not enable
6ghz the wiphy state watch callback will automatically issues
another GET_SURVEY/GET_SCAN without checking if there was
already one pending. It does this using the current scan request
which gets freed by the prior GET_SCAN/GET_SURVEY calls when
they complete, causing invalid reads when the subsequent calls
finish.
- If 6ghz was enabled by the update we actually append another
trigger command to the list and potentially run it if its the
current request. This also will end up in the same situation as
the request is freed by the pending GET_SURVEY/GET_SCAN calls.
For the non-6ghz case there is little to no harm in ignoring the
regdom update because its very unlikely it changed the allowed
frequencies.
For the 6ghz case we could potentially handle the new trigger scan
within get_scan_done, but thats beyond the scope of this change
and is likely quite intrusive.
---
src/scan.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/scan.c b/src/scan.c
index 205365cd..ccd1e9e1 100644
--- a/src/scan.c
+++ b/src/scan.c
@@ -2120,6 +2120,22 @@ static void scan_wiphy_watch(struct wiphy *wiphy,
if (!sr)
return;
+ /*
+ * If the regdom update finished with GET_SCAN/GET_SURVEY in flight
+ * don't try and get the results again and allow those calls to finish.
+ * For the non-6ghz case this has no downside as the results should not
+ * differ.
+ *
+ * If 6ghz was enabled by this regdom update there is still not much we
+ * can do since the scan itself is already completed. Appending to the
+ * command list won't do anything.
+ *
+ * TODO: Handle the 6ghz case by checking for this case in get_scan_done
+ * and continuing to iterate the sr->cmds array.
+ */
+ if (sc->get_scan_cmd_id || sc->get_survey_cmd_id)
+ return;
+
/*
* This update did not allow 6GHz, or the original request was
* not expecting 6GHz. The periodic scan should now be ended.
--
2.34.1
next prev parent reply other threads:[~2024-09-05 13:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-05 13:43 [PATCH 1/2] scan: check scan request in get_survey_done before deref James Prestwood
2024-09-05 13:43 ` James Prestwood [this message]
2024-09-05 13:56 ` James Prestwood
2024-09-05 14:37 ` Denis Kenzior
2024-09-05 14:44 ` James Prestwood
2024-09-05 14:57 ` Denis Kenzior
2024-09-05 15:09 ` James Prestwood
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240905134315.374800-2-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=iwd@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox