wil6210: AP: prevent connecting to already connected station

wmi_evt_connect doesn't check if the connect event is received for
an already connected station.
This can lead to memory leak as a new vring is allocated without
freeing the previously allocated vring and to unexpected behavior
of nl80211 layer due to unexpected notification of a new station.

Add a check in wmi_evt_connect in AP mode to verify that the requested
CID is not associated to an already connected station.

Signed-off-by: Maya Erez <qca_merez@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>

diff --git a/drivers/net/wireless/ath/wil6210/wmi.c b/drivers/net/wireless/ath/wil6210/wmi.c
index 493e721c4fa715ba23ac86e153fe4626d389e9fb..fb090350df6d59e7455085a327aa11580e876e5f 100644 (file)
--- a/drivers/net/wireless/ath/wil6210/wmi.c
+++ b/drivers/net/wireless/ath/wil6210/wmi.c
@@ -487,6 +487,14 @@ static void wmi_evt_connect(struct wil6210_priv *wil, int id, void *d, int len)
                        return;
                }
                del_timer_sync(&wil->connect_timer);
+       } else if ((wdev->iftype == NL80211_IFTYPE_AP) ||
+                  (wdev->iftype == NL80211_IFTYPE_P2P_GO)) {
+               if (wil->sta[evt->cid].status != wil_sta_unused) {
+                       wil_err(wil, "%s: AP: Invalid status %d for CID %d\n",
+                               __func__, wil->sta[evt->cid].status, evt->cid);
+                       mutex_unlock(&wil->mutex);
+                       return;
+               }
        }
 
        /* FIXME FW can transmit only ucast frames to peer */