wifi: cfg80211: Fix an error handling path in nl80211_start_ap()

All error handling paths go to "out", except this one. Before the
commit in Fixes, error in the previous code would also end to "out",
freeing the memory.

Move the code up to avoid the leak.

Fixes: 62262dd00c31 ("wifi: cfg80211: disallow SMPS in AP mode")
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Link: https://patch.msgid.link/eae54ce066d541914f272b10cab7b263c08eced3.1729956868.git.christophe.jaillet@wanadoo.fr
[move code, update commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index d281568..b8cdd84 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -6123,6 +6123,10 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
            !info->attrs[NL80211_ATTR_BEACON_HEAD])
                return -EINVAL;
 
+       if (info->attrs[NL80211_ATTR_SMPS_MODE] &&
+           nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]) != NL80211_SMPS_OFF)
+               return -EOPNOTSUPP;
+
        params = kzalloc(sizeof(*params), GFP_KERNEL);
        if (!params)
                return -ENOMEM;
@@ -6272,10 +6276,6 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
                        goto out;
        }
 
-       if (info->attrs[NL80211_ATTR_SMPS_MODE] &&
-           nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]) != NL80211_SMPS_OFF)
-               return -EOPNOTSUPP;
-
        params->pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
        if (params->pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
                err = -EOPNOTSUPP;