From: John W. Linville Date: Thu, 6 Dec 2012 19:58:41 +0000 (-0500) Subject: Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac802... X-Git-Tag: firefly_0821_release~3680^2~1480^2~17^2~79 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=403e16731ffddc097eae89f53f9a7b0f0c9769c4;p=firefly-linux-kernel-4.4.55.git Merge branch 'for-john' of git://git./linux/kernel/git/jberg/mac80211-next Conflicts: drivers/net/wireless/mwifiex/sta_ioctl.c net/mac80211/scan.c --- 403e16731ffddc097eae89f53f9a7b0f0c9769c4 diff --cc drivers/net/wireless/mwifiex/sta_ioctl.c index 95e3ab531c93,5d7b83e2dc4d..cb682561c438 --- a/drivers/net/wireless/mwifiex/sta_ioctl.c +++ b/drivers/net/wireless/mwifiex/sta_ioctl.c @@@ -158,13 -158,22 +158,23 @@@ int mwifiex_fill_new_bss_desc(struct mw struct cfg80211_bss *bss, struct mwifiex_bssdescriptor *bss_desc) { - int ret, beacon_ie_len; + int ret; u8 *beacon_ie; ++ size_t beacon_ie_len; struct mwifiex_bss_priv *bss_priv = (void *)bss->priv; - size_t beacon_ie_len = bss->len_information_elements; + const struct cfg80211_bss_ies *ies; + + rcu_read_lock(); + ies = rcu_dereference(bss->ies); + if (WARN_ON(!ies)) { + /* should never happen */ + rcu_read_unlock(); + return -EINVAL; + } + beacon_ie = kmemdup(ies->data, ies->len, GFP_ATOMIC); + beacon_ie_len = ies->len; + rcu_read_unlock(); - beacon_ie = kmemdup(bss->information_elements, beacon_ie_len, - GFP_KERNEL); if (!beacon_ie) { dev_err(priv->adapter->dev, " failed to alloc beacon_ie\n"); return -ENOMEM; diff --cc net/mac80211/scan.c index f3340279aba3,d7c190b80670..f7176ac5a535 --- a/net/mac80211/scan.c +++ b/net/mac80211/scan.c @@@ -927,8 -930,11 +930,11 @@@ int ieee80211_request_sched_scan_start( struct cfg80211_sched_scan_request *req) { struct ieee80211_local *local = sdata->local; - struct ieee80211_sched_scan_ies sched_scan_ies; + struct ieee80211_sched_scan_ies sched_scan_ies = {}; - int ret, i; + int ret, i, iebufsz; + + iebufsz = 2 + IEEE80211_MAX_SSID_LEN + + local->scan_ies_len + req->ie_len; mutex_lock(&local->mtx);