cfg80211: fix locking for SIWFREQ
Johannes Berg [Sat, 8 Aug 2009 09:03:58 +0000 (11:03 +0200)]
"cfg80211: validate channel settings across interfaces"
contained a locking bug -- in the managed-mode SIWFREQ
call it would end up running into a lock recursion.

This fixes it by not checking that particular interface
for a channel that it needs to stay on, which is as it
should be as that's the interface we're setting the
channel for.

Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Reported-by: Kalle Valo <kalle.valo@iki.fi>
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Tested-by: Kalle Valo <kalle.valo@iki.fi>
Tested-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

net/wireless/chan.c
net/wireless/core.h
net/wireless/nl80211.c
net/wireless/wext-compat.c
net/wireless/wext-sme.c

index bc00c9a..a46ac6c 100644 (file)
@@ -42,13 +42,14 @@ rdev_fixed_channel(struct cfg80211_registered_device *rdev,
 }
 
 int rdev_set_freq(struct cfg80211_registered_device *rdev,
+                 struct wireless_dev *for_wdev,
                  int freq, enum nl80211_channel_type channel_type)
 {
        struct ieee80211_channel *chan;
        struct ieee80211_sta_ht_cap *ht_cap;
        int result;
 
-       if (rdev_fixed_channel(rdev, NULL))
+       if (rdev_fixed_channel(rdev, for_wdev))
                return -EBUSY;
 
        if (!rdev->ops->set_channel)
index 639db52..f7be3a9 100644 (file)
@@ -374,6 +374,7 @@ struct ieee80211_channel *
 rdev_fixed_channel(struct cfg80211_registered_device *rdev,
                   struct wireless_dev *for_wdev);
 int rdev_set_freq(struct cfg80211_registered_device *rdev,
+                 struct wireless_dev *for_wdev,
                  int freq, enum nl80211_channel_type channel_type);
 
 #endif /* __NET_WIRELESS_CORE_H */
index 667a87d..a8aaade 100644 (file)
@@ -721,7 +721,7 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
                freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
 
                mutex_lock(&rdev->devlist_mtx);
-               result = rdev_set_freq(rdev, freq, channel_type);
+               result = rdev_set_freq(rdev, NULL, freq, channel_type);
                mutex_unlock(&rdev->devlist_mtx);
                if (result)
                        goto bad_res;
index 17648dc..c449174 100644 (file)
@@ -766,7 +766,7 @@ int cfg80211_wext_siwfreq(struct net_device *dev,
                if (freq == 0)
                        return -EINVAL;
                mutex_lock(&rdev->devlist_mtx);
-               err = rdev_set_freq(rdev, freq, NL80211_CHAN_NO_HT);
+               err = rdev_set_freq(rdev, NULL, freq, NL80211_CHAN_NO_HT);
                mutex_unlock(&rdev->devlist_mtx);
                return err;
        }
index 9074700..d16cd9e 100644 (file)
@@ -106,7 +106,7 @@ int cfg80211_mgd_wext_siwfreq(struct net_device *dev,
 
        /* SSID is not set, we just want to switch channel */
        if (chan && !wdev->wext.connect.ssid_len) {
-               err = rdev_set_freq(rdev, freq, NL80211_CHAN_NO_HT);
+               err = rdev_set_freq(rdev, wdev, freq, NL80211_CHAN_NO_HT);
                goto out;
        }