mac80211: fix a crash on getting the channel in WDS AP mode (#18400)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43367

diff --git a/package/kernel/mac80211/patches/323-mac80211-copy-chandef-from-AP-vif-to-VLANs.patch b/package/kernel/mac80211/patches/323-mac80211-copy-chandef-from-AP-vif-to-VLANs.patch
new file mode 100644 (file)
index 0000000..fca0c16
--- /dev/null
+++ b/package/kernel/mac80211/patches/323-mac80211-copy-chandef-from-AP-vif-to-VLANs.patch
@@ -0,0 +1,82 @@
+From: Felix Fietkau <nbd@openwrt.org>
+Date: Mon, 24 Nov 2014 18:09:03 +0100
+Subject: [PATCH] mac80211: copy chandef from AP vif to VLANs
+
+Fixes a crash in nl80211_send_chandef, introduced in
+
+commit c12bc4885f4b3bab0ed779c69d5d7e3223fa5003
+"mac80211: return the vif's chandef in ieee80211_cfg_get_channel()"
+
+Signed-off-by: Felix Fietkau <nbd@openwrt.org>
+---
+
+--- a/net/mac80211/chan.c
++++ b/net/mac80211/chan.c
+@@ -932,6 +932,21 @@ ieee80211_vif_chanctx_reservation_comple
+       }
+ }
+ 
++static void
++ieee80211_vif_update_chandef(struct ieee80211_sub_if_data *sdata,
++                           const struct cfg80211_chan_def *chandef)
++{
++      struct ieee80211_sub_if_data *vlan;
++
++      sdata->vif.bss_conf.chandef = *chandef;
++
++      if (sdata->vif.type != NL80211_IFTYPE_AP)
++              return;
++
++      list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
++              vlan->vif.bss_conf.chandef = *chandef;
++}
++
+ static int
+ ieee80211_vif_use_reserved_reassign(struct ieee80211_sub_if_data *sdata)
+ {
+@@ -994,7 +1009,7 @@ ieee80211_vif_use_reserved_reassign(stru
+       if (sdata->vif.bss_conf.chandef.width != sdata->reserved_chandef.width)
+               changed = BSS_CHANGED_BANDWIDTH;
+ 
+-      sdata->vif.bss_conf.chandef = sdata->reserved_chandef;
++      ieee80211_vif_update_chandef(sdata, &sdata->reserved_chandef);
+ 
+       if (changed)
+               ieee80211_bss_info_change_notify(sdata, changed);
+@@ -1336,7 +1351,7 @@ static int ieee80211_vif_use_reserved_sw
+                           sdata->reserved_chandef.width)
+                               changed = BSS_CHANGED_BANDWIDTH;
+ 
+-                      sdata->vif.bss_conf.chandef = sdata->reserved_chandef;
++                      ieee80211_vif_update_chandef(sdata, &sdata->reserved_chandef);
+                       if (changed)
+                               ieee80211_bss_info_change_notify(sdata,
+                                                                changed);
+@@ -1507,7 +1522,7 @@ int ieee80211_vif_use_channel(struct iee
+               goto out;
+       }
+ 
+-      sdata->vif.bss_conf.chandef = *chandef;
++      ieee80211_vif_update_chandef(sdata, chandef);
+ 
+       ret = ieee80211_assign_vif_chanctx(sdata, ctx);
+       if (ret) {
+@@ -1649,7 +1664,7 @@ int ieee80211_vif_change_bandwidth(struc
+               break;
+       }
+ 
+-      sdata->vif.bss_conf.chandef = *chandef;
++      ieee80211_vif_update_chandef(sdata, chandef);
+ 
+       ieee80211_recalc_chanctx_chantype(local, ctx);
+ 
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -520,6 +520,7 @@ int ieee80211_do_open(struct wireless_de
+               sdata->vif.cab_queue = master->vif.cab_queue;
+               memcpy(sdata->vif.hw_queue, master->vif.hw_queue,
+                      sizeof(sdata->vif.hw_queue));
++              sdata->vif.bss_conf.chandef = master->vif.bss_conf.chandef;
+               break;
+               }
+       case NL80211_IFTYPE_AP: