wifi: iwlwifi: pcie: avoid a NULL pointer dereference

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

It possible that while the rx rb is being handled, the transport has
been stopped and re-started. In this case the tx queue pointer is not
yet initialized, which will lead to a NULL pointer dereference.
Fix it.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231207044813.cd0898cafd89.I0b84daae753ba9612092bf383f5c6f761446e964@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

authored by

Avraham Stern and committed by

Johannes Berg 2 years ago ce038edf 8c386b16

+1 -1

1 changed file

expand all

drivers

net

wireless

intel

iwlwifi

pcie

rx.c

+1 -1

drivers/net/wireless/intel/iwlwifi/pcie/rx.c

··· 1385 1385 * if it is true then one of the handlers took the page. 1386 1386 */ 1387 1387 1388 - if (reclaim) { 1388 + if (reclaim && txq) { 1389 1389 u16 sequence = le16_to_cpu(pkt->hdr.sequence); 1390 1390 int index = SEQ_TO_INDEX(sequence); 1391 1391 int cmd_index = iwl_txq_get_cmd_index(txq, index);