Commit 046cc2ef authored by Jérôme Pouiller's avatar Jérôme Pouiller Committed by Greg Kroah-Hartman

staging: wfx: fix RCU usage in wfx_join_finalize()

Access to sta->ht_cap is protected by RCU. However,
hif_set_association_mode() may sleep, so it can't be called in RCU.

This patch fix this behavior by handling sta and its RCU directly from
function hif_set_association_mode().
Signed-off-by: default avatarJérôme Pouiller <jerome.pouiller@silabs.com>
Fixes: d0014901 ("staging: wfx: fix RCU usage")
Link: https://lore.kernel.org/r/20200310101356.182818-5-Jerome.Pouiller@silabs.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 4bbc6a3e
...@@ -191,10 +191,10 @@ static inline int hif_set_block_ack_policy(struct wfx_vif *wvif, ...@@ -191,10 +191,10 @@ static inline int hif_set_block_ack_policy(struct wfx_vif *wvif,
} }
static inline int hif_set_association_mode(struct wfx_vif *wvif, static inline int hif_set_association_mode(struct wfx_vif *wvif,
struct ieee80211_bss_conf *info, struct ieee80211_bss_conf *info)
struct ieee80211_sta_ht_cap *ht_cap)
{ {
int basic_rates = wfx_rate_mask_to_hw(wvif->wdev, info->basic_rates); int basic_rates = wfx_rate_mask_to_hw(wvif->wdev, info->basic_rates);
struct ieee80211_sta *sta = NULL;
struct hif_mib_set_association_mode val = { struct hif_mib_set_association_mode val = {
.preambtype_use = 1, .preambtype_use = 1,
.mode = 1, .mode = 1,
...@@ -204,12 +204,17 @@ static inline int hif_set_association_mode(struct wfx_vif *wvif, ...@@ -204,12 +204,17 @@ static inline int hif_set_association_mode(struct wfx_vif *wvif,
.basic_rate_set = cpu_to_le32(basic_rates) .basic_rate_set = cpu_to_le32(basic_rates)
}; };
rcu_read_lock(); // protect sta
if (info->bssid && !info->ibss_joined)
sta = ieee80211_find_sta(wvif->vif, info->bssid);
// FIXME: it is strange to not retrieve all information from bss_info // FIXME: it is strange to not retrieve all information from bss_info
if (ht_cap && ht_cap->ht_supported) { if (sta && sta->ht_cap.ht_supported) {
val.mpdu_start_spacing = ht_cap->ampdu_density; val.mpdu_start_spacing = sta->ht_cap.ampdu_density;
if (!(info->ht_operation_mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT)) if (!(info->ht_operation_mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT))
val.greenfield = !!(ht_cap->cap & IEEE80211_HT_CAP_GRN_FLD); val.greenfield = !!(sta->ht_cap.cap & IEEE80211_HT_CAP_GRN_FLD);
} }
rcu_read_unlock();
return hif_write_mib(wvif->wdev, wvif->id, return hif_write_mib(wvif->wdev, wvif->id,
HIF_MIB_ID_SET_ASSOCIATION_MODE, &val, sizeof(val)); HIF_MIB_ID_SET_ASSOCIATION_MODE, &val, sizeof(val));
......
...@@ -691,6 +691,7 @@ static void wfx_join_finalize(struct wfx_vif *wvif, ...@@ -691,6 +691,7 @@ static void wfx_join_finalize(struct wfx_vif *wvif,
wfx_rate_mask_to_hw(wvif->wdev, sta->supp_rates[wvif->channel->band]); wfx_rate_mask_to_hw(wvif->wdev, sta->supp_rates[wvif->channel->band]);
else else
wvif->bss_params.operational_rate_set = -1; wvif->bss_params.operational_rate_set = -1;
rcu_read_unlock();
if (sta && if (sta &&
info->ht_operation_mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT) info->ht_operation_mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT)
hif_dual_cts_protection(wvif, true); hif_dual_cts_protection(wvif, true);
...@@ -703,8 +704,7 @@ static void wfx_join_finalize(struct wfx_vif *wvif, ...@@ -703,8 +704,7 @@ static void wfx_join_finalize(struct wfx_vif *wvif,
wvif->bss_params.beacon_lost_count = 20; wvif->bss_params.beacon_lost_count = 20;
wvif->bss_params.aid = info->aid; wvif->bss_params.aid = info->aid;
hif_set_association_mode(wvif, info, sta ? &sta->ht_cap : NULL); hif_set_association_mode(wvif, info);
rcu_read_unlock();
if (!info->ibss_joined) { if (!info->ibss_joined) {
hif_keep_alive_period(wvif, 30 /* sec */); hif_keep_alive_period(wvif, 30 /* sec */);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment