| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 09 May 2012 06:52:57 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc: torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
alan@...rguk.ukuu.org.uk, Stanislaw Gruszka <sgruszka@...hat.com>,
Wey-Yi Guy <wey-yi.w.guy@...el.com>,
"John W. Linville" <linville@...driver.com>
Subject: [ 148/167] [PATCH] iwlwifi: do not nulify ctx->vif on reset
3.2-stable review patch. If anyone has any objections, please let me know.
------------------
From: Stanislaw Gruszka <sgruszka@...hat.com>
commit 8db4c7e25d153fb049e81715d72fa3be3a0c3b69 upstream.
ctx->vif is dereferenced in different part of iwlwifi code, so do not
nullify it.
This should address at least one of the possible reasons of WARNING at
iwlagn_mac_remove_interface, and perhaps some random crashes when
firmware reset is performed.
Signed-off-by: Stanislaw Gruszka <sgruszka@...hat.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@...el.com>
Signed-off-by: John W. Linville <linville@...driver.com>
[bwh: Backported to 3.2:
- Change filename iwl-mac80211.c to iwl-core.c
- Change context in iwlagn_prepare_restart()]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
drivers/net/wireless/iwlwifi/iwl-agn.c | 3 ---
drivers/net/wireless/iwlwifi/iwl-mac80211.c | 10 +++++++++-
2 files changed, 9 insertions(+), 4 deletions(-)
--- linux.orig/drivers/net/wireless/iwlwifi/iwl-agn.c
+++ linux/drivers/net/wireless/iwlwifi/iwl-agn.c
@@ -1504,7 +1504,6 @@
static void iwlagn_prepare_restart(struct iwl_priv *priv)
{
- struct iwl_rxon_context *ctx;
bool bt_full_concurrent;
u8 bt_ci_compliance;
u8 bt_load;
@@ -1513,8 +1512,6 @@
lockdep_assert_held(&priv->shrd->mutex);
- for_each_context(priv, ctx)
- ctx->vif = NULL;
priv->is_open = 0;
/*
--- linux.orig/drivers/net/wireless/iwlwifi/iwl-core.c
+++ linux/drivers/net/wireless/iwlwifi/iwl-core.c
@@ -1228,6 +1228,7 @@
struct iwl_rxon_context *tmp, *ctx = NULL;
int err;
enum nl80211_iftype viftype = ieee80211_vif_type_p2p(vif);
+ bool reset = false;
IWL_DEBUG_MAC80211(priv, "enter: type %d, addr %pM\n",
viftype, vif->addr);
@@ -1249,6 +1250,13 @@
tmp->interface_modes | tmp->exclusive_interface_modes;
if (tmp->vif) {
+ /* On reset we need to add the same interface again */
+ if (tmp->vif == vif) {
+ reset = true;
+ ctx = tmp;
+ break;
+ }
+
/* check if this busy context is exclusive */
if (tmp->exclusive_interface_modes &
BIT(tmp->vif->type)) {
@@ -1275,7 +1283,7 @@
ctx->vif = vif;
err = iwl_setup_interface(priv, ctx);
- if (!err)
+ if (!err || reset)
goto out;
ctx->vif = NULL;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists