Commit 7ca133bc authored by Simon Wunderlich's avatar Simon Wunderlich Committed by Johannes Berg

mac80211: modify beacon using sdata/wdev-lock, not rtnl lock

The csa finalize worker needs to change the beacon information (for
different modes). These are normally protected under rtnl lock, but the
csa finalize worker is called by drivers and should not acquire the RTNL
lock. Therefore change access protection for beacons to sdata/wdev lock.
Reported-by: default avatarJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: default avatarSimon Wunderlich <sw@simonwunderlich.de>
[fix sdata_dereference]
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent c56589ed
...@@ -857,7 +857,7 @@ static int ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata, ...@@ -857,7 +857,7 @@ static int ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata,
if (!resp || !resp_len) if (!resp || !resp_len)
return 1; return 1;
old = rtnl_dereference(sdata->u.ap.probe_resp); old = sdata_dereference(sdata->u.ap.probe_resp, sdata);
new = kzalloc(sizeof(struct probe_resp) + resp_len, GFP_KERNEL); new = kzalloc(sizeof(struct probe_resp) + resp_len, GFP_KERNEL);
if (!new) if (!new)
...@@ -881,7 +881,8 @@ int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata, ...@@ -881,7 +881,8 @@ int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
int size, err; int size, err;
u32 changed = BSS_CHANGED_BEACON; u32 changed = BSS_CHANGED_BEACON;
old = rtnl_dereference(sdata->u.ap.beacon); old = sdata_dereference(sdata->u.ap.beacon, sdata);
/* Need to have a beacon head if we don't have one yet */ /* Need to have a beacon head if we don't have one yet */
if (!params->head && !old) if (!params->head && !old)
...@@ -958,7 +959,7 @@ static int ieee80211_start_ap(struct wiphy *wiphy, struct net_device *dev, ...@@ -958,7 +959,7 @@ static int ieee80211_start_ap(struct wiphy *wiphy, struct net_device *dev,
BSS_CHANGED_P2P_PS; BSS_CHANGED_P2P_PS;
int err; int err;
old = rtnl_dereference(sdata->u.ap.beacon); old = sdata_dereference(sdata->u.ap.beacon, sdata);
if (old) if (old)
return -EALREADY; return -EALREADY;
...@@ -1020,7 +1021,8 @@ static int ieee80211_start_ap(struct wiphy *wiphy, struct net_device *dev, ...@@ -1020,7 +1021,8 @@ static int ieee80211_start_ap(struct wiphy *wiphy, struct net_device *dev,
err = drv_start_ap(sdata->local, sdata); err = drv_start_ap(sdata->local, sdata);
if (err) { if (err) {
old = rtnl_dereference(sdata->u.ap.beacon); old = sdata_dereference(sdata->u.ap.beacon, sdata);
if (old) if (old)
kfree_rcu(old, rcu_head); kfree_rcu(old, rcu_head);
RCU_INIT_POINTER(sdata->u.ap.beacon, NULL); RCU_INIT_POINTER(sdata->u.ap.beacon, NULL);
...@@ -1051,7 +1053,7 @@ static int ieee80211_change_beacon(struct wiphy *wiphy, struct net_device *dev, ...@@ -1051,7 +1053,7 @@ static int ieee80211_change_beacon(struct wiphy *wiphy, struct net_device *dev,
if (sdata->vif.csa_active) if (sdata->vif.csa_active)
return -EBUSY; return -EBUSY;
old = rtnl_dereference(sdata->u.ap.beacon); old = sdata_dereference(sdata->u.ap.beacon, sdata);
if (!old) if (!old)
return -ENOENT; return -ENOENT;
...@@ -1071,10 +1073,10 @@ static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev) ...@@ -1071,10 +1073,10 @@ static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
struct probe_resp *old_probe_resp; struct probe_resp *old_probe_resp;
struct cfg80211_chan_def chandef; struct cfg80211_chan_def chandef;
old_beacon = rtnl_dereference(sdata->u.ap.beacon); old_beacon = sdata_dereference(sdata->u.ap.beacon, sdata);
if (!old_beacon) if (!old_beacon)
return -ENOENT; return -ENOENT;
old_probe_resp = rtnl_dereference(sdata->u.ap.probe_resp); old_probe_resp = sdata_dereference(sdata->u.ap.probe_resp, sdata);
/* abort any running channel switch */ /* abort any running channel switch */
sdata->vif.csa_active = false; sdata->vif.csa_active = false;
...@@ -1975,7 +1977,7 @@ static int ieee80211_change_bss(struct wiphy *wiphy, ...@@ -1975,7 +1977,7 @@ static int ieee80211_change_bss(struct wiphy *wiphy,
enum ieee80211_band band; enum ieee80211_band band;
u32 changed = 0; u32 changed = 0;
if (!rtnl_dereference(sdata->u.ap.beacon)) if (!sdata_dereference(sdata->u.ap.beacon, sdata))
return -ENOENT; return -ENOENT;
band = ieee80211_get_sdata_band(sdata); band = ieee80211_get_sdata_band(sdata);
...@@ -3045,6 +3047,8 @@ static int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev, ...@@ -3045,6 +3047,8 @@ static int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
struct ieee80211_if_mesh __maybe_unused *ifmsh; struct ieee80211_if_mesh __maybe_unused *ifmsh;
int err, num_chanctx; int err, num_chanctx;
lockdep_assert_held(&sdata->wdev.mtx);
if (!list_empty(&local->roc_list) || local->scanning) if (!list_empty(&local->roc_list) || local->scanning)
return -EBUSY; return -EBUSY;
......
...@@ -813,6 +813,9 @@ static inline void sdata_unlock(struct ieee80211_sub_if_data *sdata) ...@@ -813,6 +813,9 @@ static inline void sdata_unlock(struct ieee80211_sub_if_data *sdata)
__release(&sdata->wdev.mtx); __release(&sdata->wdev.mtx);
} }
#define sdata_dereference(p, sdata) \
rcu_dereference_protected(p, lockdep_is_held(&sdata->wdev.mtx))
static inline void static inline void
sdata_assert_lock(struct ieee80211_sub_if_data *sdata) sdata_assert_lock(struct ieee80211_sub_if_data *sdata)
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment