2013-12-05 18:54:50

by Simon Wunderlich

Subject: [PATCH] mac80211: fix nested sdata lock for IBSS/CSA

This fixes a regression introduced by my patch "mac80211: don't cancel
csa finalize work within stop_ap", which added sdata locks to
ieee80211_csa_finalize_work() without removing the locking for
ieee80211_ibss_finish_csa(), which is called by the former, resulting
in a deadlock due to nested locking.

Signed-off-by: Simon Wunderlich <[email protected]>
---
net/mac80211/ibss.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 0f1fb5d..d09f662 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -534,7 +534,7 @@ int ieee80211_ibss_finish_csa(struct ieee80211_sub_if_data *sdata)
int err;
u16 capability;

- sdata_lock(sdata);
+ sdata_assert_lock(sdata);
/* update cfg80211 bss information with the new channel */
if (!is_zero_ether_addr(ifibss->bssid)) {
capability = WLAN_CAPABILITY_IBSS;
@@ -559,7 +559,6 @@ int ieee80211_ibss_finish_csa(struct ieee80211_sub_if_data *sdata)

/* generate the beacon */
err = ieee80211_ibss_csa_beacon(sdata, NULL);
- sdata_unlock(sdata);
if (err < 0)
return err;

--
1.7.10.4

2013-12-05 19:15:52

by Johannes Berg

Subject: Re: [PATCH] mac80211: fix nested sdata lock for IBSS/CSA

On Thu, 2013-12-05 at 19:54 +0100, Simon Wunderlich wrote:
> This fixes a regression introduced by my patch "mac80211: don't cancel
> csa finalize work within stop_ap", which added sdata locks to
> ieee80211_csa_finalize_work() without removing the locking for
> ieee80211_ibss_finish_csa(), which is called by the former, resulting
> in a deadlock due to nested locking.

Applied.

Maybe you can make a hwsim test for this too :)

johannes