* Re: [PATCH wireless] wifi: mac80211: clear frame buffer to never leak stack
2025-06-30 13:32 [PATCH wireless] wifi: mac80211: clear frame buffer to never leak stack Johannes Berg
@ 2025-06-30 19:37 ` kernel test robot
2025-06-30 20:53 ` kernel test robot
1 sibling, 0 replies; 3+ messages in thread
From: kernel test robot @ 2025-06-30 19:37 UTC (permalink / raw)
To: Johannes Berg, linux-wireless
Cc: llvm, oe-kbuild-all, Johannes Berg, Zhongqiu Han
Hi Johannes,
kernel test robot noticed the following build errors:
[auto build test ERROR on wireless-next/main]
[also build test ERROR on wireless/main linus/master v6.16-rc4 next-20250630]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Johannes-Berg/wifi-mac80211-clear-frame-buffer-to-never-leak-stack/20250630-213453
base: https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next.git main
patch link: https://lore.kernel.org/r/20250630153227.4c5640a33305.I7ab6b75e486b98435151d06ffe0d0c2acb2f41c3%40changeid
patch subject: [PATCH wireless] wifi: mac80211: clear frame buffer to never leak stack
config: x86_64-buildonly-randconfig-002-20250630 (https://download.01.org/0day-ci/archive/20250701/202507010330.Il99RKPP-lkp@intel.com/config)
compiler: clang version 20.1.7 (https://github.com/llvm/llvm-project 6146a88f60492b520a36f8f8f3231e15f3cc6082)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250701/202507010330.Il99RKPP-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202507010330.Il99RKPP-lkp@intel.com/
All errors (new ones prefixed by >>):
>> net/mac80211/mlme.c:3938:24: error: incompatible pointer to integer conversion passing 'void (struct ieee80211_sub_if_data *, u16, u16, bool, u8 *)' (aka 'void (struct ieee80211_sub_if_data *, unsigned short, unsigned short, _Bool, unsigned char *)') to parameter of type 'unsigned long' [-Wint-conversion]
3938 | memset(frame_buf, 0, ieee80211_set_disassoc);
| ^~~~~~~~~~~~~~~~~~~~~~
arch/x86/include/asm/string_64.h:22:37: note: passing argument to parameter 'n' here
22 | void *memset(void *s, int c, size_t n);
| ^
1 error generated.
vim +3938 net/mac80211/mlme.c
3919
3920 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
3921 u16 stype, u16 reason, bool tx,
3922 u8 *frame_buf)
3923 {
3924 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3925 struct ieee80211_local *local = sdata->local;
3926 struct sta_info *ap_sta = sta_info_get(sdata, sdata->vif.cfg.ap_addr);
3927 unsigned int link_id;
3928 u64 changed = 0;
3929 struct ieee80211_prep_tx_info info = {
3930 .subtype = stype,
3931 .was_assoc = true,
3932 .link_id = ffs(sdata->vif.active_links) - 1,
3933 };
3934
3935 lockdep_assert_wiphy(local->hw.wiphy);
3936
3937 if (frame_buf)
> 3938 memset(frame_buf, 0, ieee80211_set_disassoc);
3939
3940 if (WARN_ON(!ap_sta))
3941 return;
3942
3943 if (WARN_ON_ONCE(tx && !frame_buf))
3944 return;
3945
3946 if (WARN_ON(!ifmgd->associated))
3947 return;
3948
3949 ieee80211_stop_poll(sdata);
3950
3951 ifmgd->associated = false;
3952
3953 if (tx) {
3954 bool tx_link_found = false;
3955
3956 for (link_id = 0;
3957 link_id < ARRAY_SIZE(sdata->link);
3958 link_id++) {
3959 struct ieee80211_link_data *link;
3960
3961 if (!ieee80211_vif_link_active(&sdata->vif, link_id))
3962 continue;
3963
3964 link = sdata_dereference(sdata->link[link_id], sdata);
3965 if (WARN_ON_ONCE(!link))
3966 continue;
3967
3968 if (link->u.mgd.csa.blocked_tx)
3969 continue;
3970
3971 tx_link_found = true;
3972 break;
3973 }
3974
3975 tx = tx_link_found;
3976 }
3977
3978 /* other links will be destroyed */
3979 sdata->deflink.conf->bss = NULL;
3980 sdata->deflink.conf->epcs_support = false;
3981 sdata->deflink.smps_mode = IEEE80211_SMPS_OFF;
3982
3983 netif_carrier_off(sdata->dev);
3984
3985 /*
3986 * if we want to get out of ps before disassoc (why?) we have
3987 * to do it before sending disassoc, as otherwise the null-packet
3988 * won't be valid.
3989 */
3990 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
3991 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
3992 ieee80211_hw_config(local, -1, IEEE80211_CONF_CHANGE_PS);
3993 }
3994 local->ps_sdata = NULL;
3995
3996 /* disable per-vif ps */
3997 ieee80211_recalc_ps_vif(sdata);
3998
3999 /* make sure ongoing transmission finishes */
4000 synchronize_net();
4001
4002 /*
4003 * drop any frame before deauth/disassoc, this can be data or
4004 * management frame. Since we are disconnecting, we should not
4005 * insist sending these frames which can take time and delay
4006 * the disconnection and possible the roaming.
4007 */
4008 ieee80211_flush_queues(local, sdata, true);
4009
4010 if (tx) {
4011 drv_mgd_prepare_tx(sdata->local, sdata, &info);
4012
4013 ieee80211_send_deauth_disassoc(sdata, sdata->vif.cfg.ap_addr,
4014 sdata->vif.cfg.ap_addr, stype,
4015 reason, true, frame_buf);
4016
4017 /* flush out frame - make sure the deauth was actually sent */
4018 ieee80211_flush_queues(local, sdata, false);
4019
4020 drv_mgd_complete_tx(sdata->local, sdata, &info);
4021 } else if (frame_buf) {
4022 ieee80211_send_deauth_disassoc(sdata, sdata->vif.cfg.ap_addr,
4023 sdata->vif.cfg.ap_addr, stype,
4024 reason, false, frame_buf);
4025 }
4026
4027 /* clear AP addr only after building the needed mgmt frames */
4028 eth_zero_addr(sdata->deflink.u.mgd.bssid);
4029 eth_zero_addr(sdata->vif.cfg.ap_addr);
4030
4031 sdata->vif.cfg.ssid_len = 0;
4032
4033 /* Remove TDLS peers */
4034 __sta_info_flush(sdata, false, -1, ap_sta);
4035
4036 if (sdata->vif.driver_flags & IEEE80211_VIF_REMOVE_AP_AFTER_DISASSOC) {
4037 /* Only move the AP state */
4038 sta_info_move_state(ap_sta, IEEE80211_STA_NONE);
4039 } else {
4040 /* Remove AP peer */
4041 sta_info_flush(sdata, -1);
4042 }
4043
4044 /* finally reset all BSS / config parameters */
4045 if (!ieee80211_vif_is_mld(&sdata->vif))
4046 changed |= ieee80211_reset_erp_info(sdata);
4047
4048 ieee80211_led_assoc(local, 0);
4049 changed |= BSS_CHANGED_ASSOC;
4050 sdata->vif.cfg.assoc = false;
4051
4052 sdata->deflink.u.mgd.p2p_noa_index = -1;
4053 memset(&sdata->vif.bss_conf.p2p_noa_attr, 0,
4054 sizeof(sdata->vif.bss_conf.p2p_noa_attr));
4055
4056 /* on the next assoc, re-program HT/VHT parameters */
4057 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa));
4058 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask));
4059 memset(&ifmgd->vht_capa, 0, sizeof(ifmgd->vht_capa));
4060 memset(&ifmgd->vht_capa_mask, 0, sizeof(ifmgd->vht_capa_mask));
4061
4062 /*
4063 * reset MU-MIMO ownership and group data in default link,
4064 * if used, other links are destroyed
4065 */
4066 memset(sdata->vif.bss_conf.mu_group.membership, 0,
4067 sizeof(sdata->vif.bss_conf.mu_group.membership));
4068 memset(sdata->vif.bss_conf.mu_group.position, 0,
4069 sizeof(sdata->vif.bss_conf.mu_group.position));
4070 if (!ieee80211_vif_is_mld(&sdata->vif))
4071 changed |= BSS_CHANGED_MU_GROUPS;
4072 sdata->vif.bss_conf.mu_mimo_owner = false;
4073
4074 sdata->deflink.ap_power_level = IEEE80211_UNSET_POWER_LEVEL;
4075
4076 timer_delete_sync(&local->dynamic_ps_timer);
4077 wiphy_work_cancel(local->hw.wiphy, &local->dynamic_ps_enable_work);
4078
4079 /* Disable ARP filtering */
4080 if (sdata->vif.cfg.arp_addr_cnt)
4081 changed |= BSS_CHANGED_ARP_FILTER;
4082
4083 sdata->vif.bss_conf.qos = false;
4084 if (!ieee80211_vif_is_mld(&sdata->vif)) {
4085 changed |= BSS_CHANGED_QOS;
4086 /* The BSSID (not really interesting) and HT changed */
4087 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT;
4088 ieee80211_bss_info_change_notify(sdata, changed);
4089 } else {
4090 ieee80211_vif_cfg_change_notify(sdata, changed);
4091 }
4092
4093 if (sdata->vif.driver_flags & IEEE80211_VIF_REMOVE_AP_AFTER_DISASSOC) {
4094 /*
4095 * After notifying the driver about the disassoc,
4096 * remove the ap sta.
4097 */
4098 sta_info_flush(sdata, -1);
4099 }
4100
4101 /* disassociated - set to defaults now */
4102 ieee80211_set_wmm_default(&sdata->deflink, false, false);
4103
4104 timer_delete_sync(&sdata->u.mgd.conn_mon_timer);
4105 timer_delete_sync(&sdata->u.mgd.bcn_mon_timer);
4106 timer_delete_sync(&sdata->u.mgd.timer);
4107
4108 sdata->vif.bss_conf.dtim_period = 0;
4109 sdata->vif.bss_conf.beacon_rate = NULL;
4110
4111 sdata->deflink.u.mgd.have_beacon = false;
4112 sdata->deflink.u.mgd.tracking_signal_avg = false;
4113 sdata->deflink.u.mgd.disable_wmm_tracking = false;
4114
4115 ifmgd->flags = 0;
4116
4117 for (link_id = 0; link_id < ARRAY_SIZE(sdata->link); link_id++) {
4118 struct ieee80211_link_data *link;
4119
4120 link = sdata_dereference(sdata->link[link_id], sdata);
4121 if (!link)
4122 continue;
4123 ieee80211_link_release_channel(link);
4124 }
4125
4126 sdata->vif.bss_conf.csa_active = false;
4127 sdata->deflink.u.mgd.csa.blocked_tx = false;
4128 sdata->deflink.u.mgd.csa.waiting_bcn = false;
4129 sdata->deflink.u.mgd.csa.ignored_same_chan = false;
4130 ieee80211_vif_unblock_queues_csa(sdata);
4131
4132 /* existing TX TSPEC sessions no longer exist */
4133 memset(ifmgd->tx_tspec, 0, sizeof(ifmgd->tx_tspec));
4134 wiphy_delayed_work_cancel(local->hw.wiphy, &ifmgd->tx_tspec_wk);
4135
4136 sdata->vif.bss_conf.power_type = IEEE80211_REG_UNSET_AP;
4137 sdata->vif.bss_conf.pwr_reduction = 0;
4138 ieee80211_clear_tpe(&sdata->vif.bss_conf.tpe);
4139
4140 sdata->vif.cfg.eml_cap = 0;
4141 sdata->vif.cfg.eml_med_sync_delay = 0;
4142 sdata->vif.cfg.mld_capa_op = 0;
4143
4144 memset(&sdata->u.mgd.ttlm_info, 0,
4145 sizeof(sdata->u.mgd.ttlm_info));
4146 wiphy_delayed_work_cancel(sdata->local->hw.wiphy, &ifmgd->ttlm_work);
4147
4148 memset(&sdata->vif.neg_ttlm, 0, sizeof(sdata->vif.neg_ttlm));
4149 wiphy_delayed_work_cancel(sdata->local->hw.wiphy,
4150 &ifmgd->neg_ttlm_timeout_work);
4151
4152 sdata->u.mgd.removed_links = 0;
4153 wiphy_delayed_work_cancel(sdata->local->hw.wiphy,
4154 &sdata->u.mgd.ml_reconf_work);
4155
4156 wiphy_work_cancel(sdata->local->hw.wiphy,
4157 &ifmgd->teardown_ttlm_work);
4158
4159 /* if disconnection happens in the middle of the ML reconfiguration
4160 * flow, cfg80211 must called to release the BSS references obtained
4161 * when the flow started.
4162 */
4163 ieee80211_ml_reconf_reset(sdata);
4164
4165 ieee80211_vif_set_links(sdata, 0, 0);
4166
4167 ifmgd->mcast_seq_last = IEEE80211_SN_MODULO;
4168
4169 ifmgd->epcs.enabled = false;
4170 ifmgd->epcs.dialog_token = 0;
4171
4172 memset(ifmgd->userspace_selectors, 0,
4173 sizeof(ifmgd->userspace_selectors));
4174 }
4175
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH wireless] wifi: mac80211: clear frame buffer to never leak stack
2025-06-30 13:32 [PATCH wireless] wifi: mac80211: clear frame buffer to never leak stack Johannes Berg
2025-06-30 19:37 ` kernel test robot
@ 2025-06-30 20:53 ` kernel test robot
1 sibling, 0 replies; 3+ messages in thread
From: kernel test robot @ 2025-06-30 20:53 UTC (permalink / raw)
To: Johannes Berg, linux-wireless; +Cc: oe-kbuild-all, Johannes Berg, Zhongqiu Han
Hi Johannes,
kernel test robot noticed the following build warnings:
[auto build test WARNING on wireless-next/main]
[also build test WARNING on wireless/main linus/master v6.16-rc4 next-20250630]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Johannes-Berg/wifi-mac80211-clear-frame-buffer-to-never-leak-stack/20250630-213453
base: https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next.git main
patch link: https://lore.kernel.org/r/20250630153227.4c5640a33305.I7ab6b75e486b98435151d06ffe0d0c2acb2f41c3%40changeid
patch subject: [PATCH wireless] wifi: mac80211: clear frame buffer to never leak stack
config: arc-randconfig-001-20250630 (https://download.01.org/0day-ci/archive/20250701/202507010307.MDwET7sT-lkp@intel.com/config)
compiler: arc-linux-gcc (GCC) 10.5.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250701/202507010307.MDwET7sT-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202507010307.MDwET7sT-lkp@intel.com/
All warnings (new ones prefixed by >>):
net/mac80211/mlme.c: In function 'ieee80211_set_disassoc':
>> net/mac80211/mlme.c:3938:24: warning: passing argument 3 of 'memset' makes integer from pointer without a cast [-Wint-conversion]
3938 | memset(frame_buf, 0, ieee80211_set_disassoc);
| ^~~~~~~~~~~~~~~~~~~~~~
| |
| void (*)(struct ieee80211_sub_if_data *, u16, u16, bool, u8 *) {aka void (*)(struct ieee80211_sub_if_data *, short unsigned int, short unsigned int, _Bool, unsigned char *)}
In file included from include/linux/string.h:65,
from include/linux/bitmap.h:13,
from include/linux/cpumask.h:12,
from include/linux/smp.h:13,
from include/linux/lockdep.h:14,
from include/linux/spinlock.h:63,
from include/linux/sched.h:2209,
from include/linux/delay.h:13,
from net/mac80211/mlme.c:14:
arch/arc/include/asm/string.h:25:37: note: expected '__kernel_size_t' {aka 'unsigned int'} but argument is of type 'void (*)(struct ieee80211_sub_if_data *, u16, u16, bool, u8 *)' {aka 'void (*)(struct ieee80211_sub_if_data *, short unsigned int, short unsigned int, _Bool, unsigned char *)'}
25 | extern void *memset(void *ptr, int, __kernel_size_t);
| ^~~~~~~~~~~~~~~
vim +/memset +3938 net/mac80211/mlme.c
3919
3920 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
3921 u16 stype, u16 reason, bool tx,
3922 u8 *frame_buf)
3923 {
3924 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3925 struct ieee80211_local *local = sdata->local;
3926 struct sta_info *ap_sta = sta_info_get(sdata, sdata->vif.cfg.ap_addr);
3927 unsigned int link_id;
3928 u64 changed = 0;
3929 struct ieee80211_prep_tx_info info = {
3930 .subtype = stype,
3931 .was_assoc = true,
3932 .link_id = ffs(sdata->vif.active_links) - 1,
3933 };
3934
3935 lockdep_assert_wiphy(local->hw.wiphy);
3936
3937 if (frame_buf)
> 3938 memset(frame_buf, 0, ieee80211_set_disassoc);
3939
3940 if (WARN_ON(!ap_sta))
3941 return;
3942
3943 if (WARN_ON_ONCE(tx && !frame_buf))
3944 return;
3945
3946 if (WARN_ON(!ifmgd->associated))
3947 return;
3948
3949 ieee80211_stop_poll(sdata);
3950
3951 ifmgd->associated = false;
3952
3953 if (tx) {
3954 bool tx_link_found = false;
3955
3956 for (link_id = 0;
3957 link_id < ARRAY_SIZE(sdata->link);
3958 link_id++) {
3959 struct ieee80211_link_data *link;
3960
3961 if (!ieee80211_vif_link_active(&sdata->vif, link_id))
3962 continue;
3963
3964 link = sdata_dereference(sdata->link[link_id], sdata);
3965 if (WARN_ON_ONCE(!link))
3966 continue;
3967
3968 if (link->u.mgd.csa.blocked_tx)
3969 continue;
3970
3971 tx_link_found = true;
3972 break;
3973 }
3974
3975 tx = tx_link_found;
3976 }
3977
3978 /* other links will be destroyed */
3979 sdata->deflink.conf->bss = NULL;
3980 sdata->deflink.conf->epcs_support = false;
3981 sdata->deflink.smps_mode = IEEE80211_SMPS_OFF;
3982
3983 netif_carrier_off(sdata->dev);
3984
3985 /*
3986 * if we want to get out of ps before disassoc (why?) we have
3987 * to do it before sending disassoc, as otherwise the null-packet
3988 * won't be valid.
3989 */
3990 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
3991 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
3992 ieee80211_hw_config(local, -1, IEEE80211_CONF_CHANGE_PS);
3993 }
3994 local->ps_sdata = NULL;
3995
3996 /* disable per-vif ps */
3997 ieee80211_recalc_ps_vif(sdata);
3998
3999 /* make sure ongoing transmission finishes */
4000 synchronize_net();
4001
4002 /*
4003 * drop any frame before deauth/disassoc, this can be data or
4004 * management frame. Since we are disconnecting, we should not
4005 * insist sending these frames which can take time and delay
4006 * the disconnection and possible the roaming.
4007 */
4008 ieee80211_flush_queues(local, sdata, true);
4009
4010 if (tx) {
4011 drv_mgd_prepare_tx(sdata->local, sdata, &info);
4012
4013 ieee80211_send_deauth_disassoc(sdata, sdata->vif.cfg.ap_addr,
4014 sdata->vif.cfg.ap_addr, stype,
4015 reason, true, frame_buf);
4016
4017 /* flush out frame - make sure the deauth was actually sent */
4018 ieee80211_flush_queues(local, sdata, false);
4019
4020 drv_mgd_complete_tx(sdata->local, sdata, &info);
4021 } else if (frame_buf) {
4022 ieee80211_send_deauth_disassoc(sdata, sdata->vif.cfg.ap_addr,
4023 sdata->vif.cfg.ap_addr, stype,
4024 reason, false, frame_buf);
4025 }
4026
4027 /* clear AP addr only after building the needed mgmt frames */
4028 eth_zero_addr(sdata->deflink.u.mgd.bssid);
4029 eth_zero_addr(sdata->vif.cfg.ap_addr);
4030
4031 sdata->vif.cfg.ssid_len = 0;
4032
4033 /* Remove TDLS peers */
4034 __sta_info_flush(sdata, false, -1, ap_sta);
4035
4036 if (sdata->vif.driver_flags & IEEE80211_VIF_REMOVE_AP_AFTER_DISASSOC) {
4037 /* Only move the AP state */
4038 sta_info_move_state(ap_sta, IEEE80211_STA_NONE);
4039 } else {
4040 /* Remove AP peer */
4041 sta_info_flush(sdata, -1);
4042 }
4043
4044 /* finally reset all BSS / config parameters */
4045 if (!ieee80211_vif_is_mld(&sdata->vif))
4046 changed |= ieee80211_reset_erp_info(sdata);
4047
4048 ieee80211_led_assoc(local, 0);
4049 changed |= BSS_CHANGED_ASSOC;
4050 sdata->vif.cfg.assoc = false;
4051
4052 sdata->deflink.u.mgd.p2p_noa_index = -1;
4053 memset(&sdata->vif.bss_conf.p2p_noa_attr, 0,
4054 sizeof(sdata->vif.bss_conf.p2p_noa_attr));
4055
4056 /* on the next assoc, re-program HT/VHT parameters */
4057 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa));
4058 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask));
4059 memset(&ifmgd->vht_capa, 0, sizeof(ifmgd->vht_capa));
4060 memset(&ifmgd->vht_capa_mask, 0, sizeof(ifmgd->vht_capa_mask));
4061
4062 /*
4063 * reset MU-MIMO ownership and group data in default link,
4064 * if used, other links are destroyed
4065 */
4066 memset(sdata->vif.bss_conf.mu_group.membership, 0,
4067 sizeof(sdata->vif.bss_conf.mu_group.membership));
4068 memset(sdata->vif.bss_conf.mu_group.position, 0,
4069 sizeof(sdata->vif.bss_conf.mu_group.position));
4070 if (!ieee80211_vif_is_mld(&sdata->vif))
4071 changed |= BSS_CHANGED_MU_GROUPS;
4072 sdata->vif.bss_conf.mu_mimo_owner = false;
4073
4074 sdata->deflink.ap_power_level = IEEE80211_UNSET_POWER_LEVEL;
4075
4076 timer_delete_sync(&local->dynamic_ps_timer);
4077 wiphy_work_cancel(local->hw.wiphy, &local->dynamic_ps_enable_work);
4078
4079 /* Disable ARP filtering */
4080 if (sdata->vif.cfg.arp_addr_cnt)
4081 changed |= BSS_CHANGED_ARP_FILTER;
4082
4083 sdata->vif.bss_conf.qos = false;
4084 if (!ieee80211_vif_is_mld(&sdata->vif)) {
4085 changed |= BSS_CHANGED_QOS;
4086 /* The BSSID (not really interesting) and HT changed */
4087 changed |= BSS_CHANGED_BSSID | BSS_CHANGED_HT;
4088 ieee80211_bss_info_change_notify(sdata, changed);
4089 } else {
4090 ieee80211_vif_cfg_change_notify(sdata, changed);
4091 }
4092
4093 if (sdata->vif.driver_flags & IEEE80211_VIF_REMOVE_AP_AFTER_DISASSOC) {
4094 /*
4095 * After notifying the driver about the disassoc,
4096 * remove the ap sta.
4097 */
4098 sta_info_flush(sdata, -1);
4099 }
4100
4101 /* disassociated - set to defaults now */
4102 ieee80211_set_wmm_default(&sdata->deflink, false, false);
4103
4104 timer_delete_sync(&sdata->u.mgd.conn_mon_timer);
4105 timer_delete_sync(&sdata->u.mgd.bcn_mon_timer);
4106 timer_delete_sync(&sdata->u.mgd.timer);
4107
4108 sdata->vif.bss_conf.dtim_period = 0;
4109 sdata->vif.bss_conf.beacon_rate = NULL;
4110
4111 sdata->deflink.u.mgd.have_beacon = false;
4112 sdata->deflink.u.mgd.tracking_signal_avg = false;
4113 sdata->deflink.u.mgd.disable_wmm_tracking = false;
4114
4115 ifmgd->flags = 0;
4116
4117 for (link_id = 0; link_id < ARRAY_SIZE(sdata->link); link_id++) {
4118 struct ieee80211_link_data *link;
4119
4120 link = sdata_dereference(sdata->link[link_id], sdata);
4121 if (!link)
4122 continue;
4123 ieee80211_link_release_channel(link);
4124 }
4125
4126 sdata->vif.bss_conf.csa_active = false;
4127 sdata->deflink.u.mgd.csa.blocked_tx = false;
4128 sdata->deflink.u.mgd.csa.waiting_bcn = false;
4129 sdata->deflink.u.mgd.csa.ignored_same_chan = false;
4130 ieee80211_vif_unblock_queues_csa(sdata);
4131
4132 /* existing TX TSPEC sessions no longer exist */
4133 memset(ifmgd->tx_tspec, 0, sizeof(ifmgd->tx_tspec));
4134 wiphy_delayed_work_cancel(local->hw.wiphy, &ifmgd->tx_tspec_wk);
4135
4136 sdata->vif.bss_conf.power_type = IEEE80211_REG_UNSET_AP;
4137 sdata->vif.bss_conf.pwr_reduction = 0;
4138 ieee80211_clear_tpe(&sdata->vif.bss_conf.tpe);
4139
4140 sdata->vif.cfg.eml_cap = 0;
4141 sdata->vif.cfg.eml_med_sync_delay = 0;
4142 sdata->vif.cfg.mld_capa_op = 0;
4143
4144 memset(&sdata->u.mgd.ttlm_info, 0,
4145 sizeof(sdata->u.mgd.ttlm_info));
4146 wiphy_delayed_work_cancel(sdata->local->hw.wiphy, &ifmgd->ttlm_work);
4147
4148 memset(&sdata->vif.neg_ttlm, 0, sizeof(sdata->vif.neg_ttlm));
4149 wiphy_delayed_work_cancel(sdata->local->hw.wiphy,
4150 &ifmgd->neg_ttlm_timeout_work);
4151
4152 sdata->u.mgd.removed_links = 0;
4153 wiphy_delayed_work_cancel(sdata->local->hw.wiphy,
4154 &sdata->u.mgd.ml_reconf_work);
4155
4156 wiphy_work_cancel(sdata->local->hw.wiphy,
4157 &ifmgd->teardown_ttlm_work);
4158
4159 /* if disconnection happens in the middle of the ML reconfiguration
4160 * flow, cfg80211 must called to release the BSS references obtained
4161 * when the flow started.
4162 */
4163 ieee80211_ml_reconf_reset(sdata);
4164
4165 ieee80211_vif_set_links(sdata, 0, 0);
4166
4167 ifmgd->mcast_seq_last = IEEE80211_SN_MODULO;
4168
4169 ifmgd->epcs.enabled = false;
4170 ifmgd->epcs.dialog_token = 0;
4171
4172 memset(ifmgd->userspace_selectors, 0,
4173 sizeof(ifmgd->userspace_selectors));
4174 }
4175
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 3+ messages in thread