--- /dev/null
+From: Hante Meuleman <hante.meuleman@broadcom.com>
+Date: Mon, 11 Apr 2016 11:35:24 +0200
+Subject: [PATCH] brcmfmac: fix p2p scan abort null pointer exception
+
+When p2p connection setup is performed without having ever done an
+escan a null pointer exception can occur. This is because the ifp
+to abort scanning is taken from escan struct while it was never
+initialized. Fix this by using the primary ifp for scan abort. The
+abort should still be performed and all scan related commands are
+performed on primary ifp.
+
+Reviewed-by: Arend Van Spriel <arend@broadcom.com>
+Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com>
+Signed-off-by: Hante Meuleman <hante.meuleman@broadcom.com>
+Signed-off-by: Arend van Spriel <arend@broadcom.com>
+Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
+---
+
+--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
+@@ -1266,7 +1266,7 @@ static void
+ brcmf_p2p_stop_wait_next_action_frame(struct brcmf_cfg80211_info *cfg)
+ {
+ struct brcmf_p2p_info *p2p = &cfg->p2p;
+- struct brcmf_if *ifp = cfg->escan_info.ifp;
++ struct brcmf_if *ifp = p2p->bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
+
+ if (test_bit(BRCMF_P2P_STATUS_SENDING_ACT_FRAME, &p2p->status) &&
+ (test_bit(BRCMF_P2P_STATUS_ACTION_TX_COMPLETED, &p2p->status) ||
projects / 15.05 / openwrt.git / blobdiff