ath9k: fix beacon slot/buffer leak

When cleaning up beacon buffers and slots, ath9k currently checks if
sc->ah->opmode is set to a beacon related mode before cleaning up
buffers.
An unfortunate ordering of interface up/down commands can lead to
sc->ah->opmode being set to monitor mode, while there are AP interfaces
present on the same wiphy.
Always cleaning up beacon buffers if present fixes this issue.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: stable@kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>

diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c
index 996eb90..643bea3 100644 (file)
--- a/drivers/net/wireless/ath/ath9k/main.c
+++ b/drivers/net/wireless/ath/ath9k/main.c
@@ -2655,10 +2655,10 @@ static void ath9k_remove_interface(struct ieee80211_hw *hw,
            (sc->sc_ah->opmode == NL80211_IFTYPE_MESH_POINT)) {
                ath9k_ps_wakeup(sc);
                ath9k_hw_stoptxdma(sc->sc_ah, sc->beacon.beaconq);
-               ath_beacon_return(sc, avp);
                ath9k_ps_restore(sc);
        }
 
+       ath_beacon_return(sc, avp);
        sc->sc_flags &= ~SC_OP_BEACONS;
 
        for (i = 0; i < ARRAY_SIZE(sc->beacon.bslot); i++) {