wifi: cfg80211: free beacon_ies when overridden from hidden BSS

[ Upstream commit 32af9a9e1069e55bc02741fb00ac9d0ca1a2eaef ]

This is a more of a cosmetic fix. The branch will only be taken if
proberesp_ies is set, which implies that beacon_ies is not set unless we
are connected to an AP that just did a channel switch. And, in that case
we should have found the BSS in the internal storage to begin with.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://msgid.link/20231220133549.b898e22dadff.Id8c4c10aedd176ef2e18a4cad747b299f150f9df@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index bd4dd75..04ef7cd 100644 (file)
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -1829,8 +1829,12 @@ __cfg80211_bss_update(struct cfg80211_registered_device *rdev,
                                list_add(&new->hidden_list,
                                         &hidden->hidden_list);
                                hidden->refcount++;
+
+                               ies = (void *)rcu_dereference(new->pub.beacon_ies);
                                rcu_assign_pointer(new->pub.beacon_ies,
                                                   hidden->pub.beacon_ies);
+                               if (ies)
+                                       kfree_rcu(ies, rcu_head);
                        }
                } else {
                        /*