From: Johannes Berg <[email protected]>
Using ieee80211_find_sta() needs to be under
RCU read lock, which iwlwifi currently misses,
so fix it.
Cc: [email protected]
Reported-by: Miles Lane <[email protected]>
Signed-off-by: Johannes Berg <[email protected]>
---
drivers/net/wireless/iwlwifi/iwl-agn-tx.c | 2 ++
1 file changed, 2 insertions(+)
--- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-agn-tx.c 2010-06-07 21:17:56.000000000 +0200
+++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-agn-tx.c 2010-06-07 21:18:04.000000000 +0200
@@ -1146,6 +1146,7 @@ static void iwlagn_tx_status(struct iwl_
struct ieee80211_sta *sta;
struct iwl_station_priv *sta_priv;
+ rcu_read_lock();
sta = ieee80211_find_sta(priv->vif, hdr->addr1);
if (sta) {
sta_priv = (void *)sta->drv_priv;
@@ -1154,6 +1155,7 @@ static void iwlagn_tx_status(struct iwl_
atomic_dec_return(&sta_priv->pending_frames) == 0)
ieee80211_sta_block_awake(priv->hw, sta, false);
}
+ rcu_read_unlock();
ieee80211_tx_status_irqsafe(priv->hw, skb);
}
On Mon, 2010-06-07 at 12:20 -0700, Johannes Berg wrote:
> From: Johannes Berg <[email protected]>
>
> Using ieee80211_find_sta() needs to be under
> RCU read lock, which iwlwifi currently misses,
> so fix it.
>
> Cc: [email protected]
> Reported-by: Miles Lane <[email protected]>
> Signed-off-by: Johannes Berg <[email protected]>
Acked-by: Reinette Chatre <[email protected]>
Reinette
On Mon, Jun 7, 2010 at 3:20 PM, Johannes Berg <[email protected]> wrote:
> From: Johannes Berg <[email protected]>
>
> Using ieee80211_find_sta() needs to be under
> RCU read lock, which iwlwifi currently misses,
> so fix it.
>
> Cc: [email protected]
> Reported-by: Miles Lane <[email protected]>
> Signed-off-by: Johannes Berg <[email protected]>
> ---
> ?drivers/net/wireless/iwlwifi/iwl-agn-tx.c | ? ?2 ++
> ?1 file changed, 2 insertions(+)
>
> --- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-agn-tx.c ? ? 2010-06-07 21:17:56.000000000 +0200
> +++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-agn-tx.c ?2010-06-07 21:18:04.000000000 +0200
> @@ -1146,6 +1146,7 @@ static void iwlagn_tx_status(struct iwl_
> ? ? ? ?struct ieee80211_sta *sta;
> ? ? ? ?struct iwl_station_priv *sta_priv;
>
> + ? ? ? rcu_read_lock();
> ? ? ? ?sta = ieee80211_find_sta(priv->vif, hdr->addr1);
> ? ? ? ?if (sta) {
> ? ? ? ? ? ? ? ?sta_priv = (void *)sta->drv_priv;
> @@ -1154,6 +1155,7 @@ static void iwlagn_tx_status(struct iwl_
> ? ? ? ? ? ? ? ? ? ?atomic_dec_return(&sta_priv->pending_frames) == 0)
> ? ? ? ? ? ? ? ? ? ? ? ?ieee80211_sta_block_awake(priv->hw, sta, false);
> ? ? ? ?}
> + ? ? ? rcu_read_unlock();
>
> ? ? ? ?ieee80211_tx_status_irqsafe(priv->hw, skb);
> ?}
>
>
>
Unclean patch application - is this to be expected?
patching file drivers/net/wireless/iwlwifi/iwl-agn-tx.c
Hunk #1 succeeded at 1125 (offset -21 lines).
Hunk #2 succeeded at 1134 (offset -21 lines).
On Mon, 2010-06-07 at 17:31 -0400, Miles Lane wrote:
> > --- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-agn-tx.c 2010-06-07 21:17:56.000000000 +0200
> > +++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-agn-tx.c 2010-06-07 21:18:04.000000000 +0200
> > @@ -1146,6 +1146,7 @@ static void iwlagn_tx_status(struct iwl_
> > struct ieee80211_sta *sta;
> > struct iwl_station_priv *sta_priv;
> >
> > + rcu_read_lock();
> > sta = ieee80211_find_sta(priv->vif, hdr->addr1);
> > if (sta) {
> > sta_priv = (void *)sta->drv_priv;
> > @@ -1154,6 +1155,7 @@ static void iwlagn_tx_status(struct iwl_
> > atomic_dec_return(&sta_priv->pending_frames) == 0)
> > ieee80211_sta_block_awake(priv->hw, sta, false);
> > }
> > + rcu_read_unlock();
> >
> > ieee80211_tx_status_irqsafe(priv->hw, skb);
> > }
> >
> >
> >
>
> Unclean patch application - is this to be expected?
>
> patching file drivers/net/wireless/iwlwifi/iwl-agn-tx.c
> Hunk #1 succeeded at 1125 (offset -21 lines).
> Hunk #2 succeeded at 1134 (offset -21 lines).
Didn't pay much attention what tree I generated it against since I knew
this code hasn't changed in a while ... so the offset looks perfectly
fine. Fuzz I'd have been surprised about :)
johannes
Tested. Looks good.
On Mon, Jun 7, 2010 at 5:34 PM, reinette chatre
<[email protected]> wrote:
> On Mon, 2010-06-07 at 12:20 -0700, Johannes Berg wrote:
>> From: Johannes Berg <[email protected]>
>>
>> Using ieee80211_find_sta() needs to be under
>> RCU read lock, which iwlwifi currently misses,
>> so fix it.
>>
>> Cc: [email protected]
>> Reported-by: Miles Lane <[email protected]>
>> Signed-off-by: Johannes Berg <[email protected]>
>
> Acked-by: Reinette Chatre <[email protected]>
>
> Reinette
>
>
>