[PATCH 3.12 09/82] mac80211: move roc cookie assignment earlier

From: Greg Kroah-Hartman
Date: Thu Feb 20 2014 - 19:37:31 EST

Next message: Greg Kroah-Hartman: "[PATCH 3.12 08/82] retrieving CIFS ACLs when mounted with SMB2 fails dropping session"
Previous message: Greg Kroah-Hartman: "[PATCH 3.12 27/82] hwmon: (ntc_thermistor) Avoid math overflow"
In reply to: Greg Kroah-Hartman: "[PATCH 3.12 27/82] hwmon: (ntc_thermistor) Avoid math overflow"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.12 08/82] retrieving CIFS ACLs when mounted with SMB2 fails dropping session"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.12-stable review patch. If anyone has any objections, please let me know.

------------------

From: Eliad Peller <eliad@xxxxxxxxxx>

commit 2f617435c3a6fe3f39efb9ae2baa77de2d6c97b8 upstream.

ieee80211_start_roc_work() might add a new roc
to existing roc, and tell cfg80211 it has already
started.

However, this might happen before the roc cookie
was set, resulting in REMAIN_ON_CHANNEL (started)
event with null cookie. Consequently, it can make
wpa_supplicant go out of sync.

Fix it by setting the roc cookie earlier.

Signed-off-by: Eliad Peller <eliad@xxxxxxxxxx>
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
net/mac80211/cfg.c | 36 ++++++++++++++++++------------------
1 file changed, 18 insertions(+), 18 deletions(-)

--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -2506,6 +2506,24 @@ static int ieee80211_start_roc_work(stru
INIT_DELAYED_WORK(&roc->work, ieee80211_sw_roc_work);
INIT_LIST_HEAD(&roc->dependents);

+ /*
+ * cookie is either the roc cookie (for normal roc)
+ * or the SKB (for mgmt TX)
+ */
+ if (!txskb) {
+ /* local->mtx protects this */
+ local->roc_cookie_counter++;
+ roc->cookie = local->roc_cookie_counter;
+ /* wow, you wrapped 64 bits ... more likely a bug */
+ if (WARN_ON(roc->cookie == 0)) {
+ roc->cookie = 1;
+ local->roc_cookie_counter++;
+ }
+ *cookie = roc->cookie;
+ } else {
+ *cookie = (unsigned long)txskb;
+ }
+
/* if there's one pending or we're scanning, queue this one */
if (!list_empty(&local->roc_list) ||
local->scanning || local->radar_detect_enabled)
@@ -2640,24 +2658,6 @@ static int ieee80211_start_roc_work(stru
if (!queued)
list_add_tail(&roc->list, &local->roc_list);

- /*
- * cookie is either the roc cookie (for normal roc)
- * or the SKB (for mgmt TX)
- */
- if (!txskb) {
- /* local->mtx protects this */
- local->roc_cookie_counter++;
- roc->cookie = local->roc_cookie_counter;
- /* wow, you wrapped 64 bits ... more likely a bug */
- if (WARN_ON(roc->cookie == 0)) {
- roc->cookie = 1;
- local->roc_cookie_counter++;
- }
- *cookie = roc->cookie;
- } else {
- *cookie = (unsigned long)txskb;
- }
-
return 0;
}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[PATCH 3.12 08/82] retrieving CIFS ACLs when mounted with SMB2 fails dropping session"
Previous message: Greg Kroah-Hartman: "[PATCH 3.12 27/82] hwmon: (ntc_thermistor) Avoid math overflow"
In reply to: Greg Kroah-Hartman: "[PATCH 3.12 27/82] hwmon: (ntc_thermistor) Avoid math overflow"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.12 08/82] retrieving CIFS ACLs when mounted with SMB2 fails dropping session"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]