Cc: [email protected]
Reported-by: Christophe Prévotaux <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
---
net/mac80211/sta_info.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 632d372..8b42f49 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -227,6 +227,7 @@ struct sta_info *sta_info_get_by_idx(struct ieee80211_sub_if_data *sdata,
*/
void sta_info_free(struct ieee80211_local *local, struct sta_info *sta)
{
+ struct ieee80211_sta_rates *rates;
int i;
if (sta->rate_ctrl)
@@ -238,6 +239,10 @@ void sta_info_free(struct ieee80211_local *local, struct sta_info *sta)
kfree(sta->tx_lat);
}
+ rates = rcu_dereference_protected(sta->sta.rates, true);
+ if (rates)
+ kfree(rates);
+
sta_dbg(sta->sdata, "Destroyed STA %pM\n", sta->sta.addr);
kfree(sta);
--
1.8.5.2 (Apple Git-48)
Hi Ben,
In terms of OpenWRT world, at least backfire, did not go further back in
checking. I suspect it is much older than this though :) But I did
put on my spelunking head lamp and I am afraid of the dark :)
Maybe Felix would know ?
Regards
Christophe
On 05/27/2014 06:34 PM, Ben Greear wrote:
> On 05/23/2014 10:29 AM, Felix Fietkau wrote:
>> Cc: [email protected]
>> Reported-by: Christophe Prévotaux <[email protected]>
>> Signed-off-by: Felix Fietkau <[email protected]>
>
> Any idea how far back this should be applied?
>
> Thanks,
> Ben
>
>> ---
>> net/mac80211/sta_info.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
>> index 632d372..8b42f49 100644
>> --- a/net/mac80211/sta_info.c
>> +++ b/net/mac80211/sta_info.c
>> @@ -227,6 +227,7 @@ struct sta_info *sta_info_get_by_idx(struct ieee80211_sub_if_data *sdata,
>> */
>> void sta_info_free(struct ieee80211_local *local, struct sta_info *sta)
>> {
>> + struct ieee80211_sta_rates *rates;
>> int i;
>>
>> if (sta->rate_ctrl)
>> @@ -238,6 +239,10 @@ void sta_info_free(struct ieee80211_local *local, struct sta_info *sta)
>> kfree(sta->tx_lat);
>> }
>>
>> + rates = rcu_dereference_protected(sta->sta.rates, true);
>> + if (rates)
>> + kfree(rates);
>> +
>> sta_dbg(sta->sdata, "Destroyed STA %pM\n", sta->sta.addr);
>>
>> kfree(sta);
>>
>
>
--
Christophe Prévotaux
[email protected] +1 416 425 6559 [ext 240]
Northern Light Technologies
33 Laird Drive
M4G 3S9, Toronto, ON
Canada
http://www.nltinc.com
On Fri, 2014-05-23 at 19:29 +0200, Felix Fietkau wrote:
> Cc: [email protected]
> Reported-by: Christophe Prévotaux <[email protected]>
> Signed-off-by: Felix Fietkau <[email protected]>
As Ben said, a Fixes: line would be good - probably also needs Cc
stable.
> + rates = rcu_dereference_protected(sta->sta.rates, true);
> + if (rates)
> + kfree(rates);
That seems like it should just be rcu_dereference_raw()? That's really
the same (it's a macro), but less verbose.
johannes
On 05/23/2014 10:29 AM, Felix Fietkau wrote:
> Cc: [email protected]
> Reported-by: Christophe Prévotaux <[email protected]>
> Signed-off-by: Felix Fietkau <[email protected]>
Any idea how far back this should be applied?
Thanks,
Ben
> ---
> net/mac80211/sta_info.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
> index 632d372..8b42f49 100644
> --- a/net/mac80211/sta_info.c
> +++ b/net/mac80211/sta_info.c
> @@ -227,6 +227,7 @@ struct sta_info *sta_info_get_by_idx(struct ieee80211_sub_if_data *sdata,
> */
> void sta_info_free(struct ieee80211_local *local, struct sta_info *sta)
> {
> + struct ieee80211_sta_rates *rates;
> int i;
>
> if (sta->rate_ctrl)
> @@ -238,6 +239,10 @@ void sta_info_free(struct ieee80211_local *local, struct sta_info *sta)
> kfree(sta->tx_lat);
> }
>
> + rates = rcu_dereference_protected(sta->sta.rates, true);
> + if (rates)
> + kfree(rates);
> +
> sta_dbg(sta->sdata, "Destroyed STA %pM\n", sta->sta.addr);
>
> kfree(sta);
>
--
Ben Greear <[email protected]>
Candela Technologies Inc http://www.candelatech.com
On 05/27/2014 09:40 AM, Christophe Prevotaux wrote:
> Hi Ben,
>
> In terms of OpenWRT world, at least backfire, did not go further back in checking. I suspect it is much older than this though :) But I did
> put on my spelunking head lamp and I am afraid of the dark :)
A quick look makes me think it is at least not relevant to 3.9 kernels,
but I could be wrong about that.
Thanks,
Ben
--
Ben Greear <[email protected]>
Candela Technologies Inc http://www.candelatech.com
On 2014-05-27 19:01, Ben Greear wrote:
> On 05/27/2014 09:40 AM, Christophe Prevotaux wrote:
>> Hi Ben,
>>
>> In terms of OpenWRT world, at least backfire, did not go further back in checking. I suspect it is much older than this though :) But I did
>> put on my spelunking head lamp and I am afraid of the dark :)
>
> A quick look makes me think it is at least not relevant to 3.9 kernels,
> but I could be wrong about that.
Right, it applies to 3.10 and above.
Will resend with Cc stable.
- Felix