Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b16bd15c authored by Johannes Berg's avatar Johannes Berg Committed by John W. Linville
Browse files

mac80211: fix spinlock recursion 



When STAs are expired, we need to hold the sta_lock. Using
the same lock for keys too would then mean we'd need another
key free function, and that'll just lead to confusion, so just
use a new spinlock for all key lists.

Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 6b914c52

net/mac80211/ieee80211_i.h

+8 −2
Original line number Diff line number Diff line
@@ -600,8 +600,7 @@ struct ieee80211_local { 
	/*

	 * The lock only protects the list, hash, timer and counter

	 * against manipulation, reads are done in RCU. Additionally,

	 * the lock protects each BSS's TIM bitmap, a few items in

	 * STA info structures and various key pointers.

	 * the lock protects each BSS's TIM bitmap.

	 */

	spinlock_t sta_lock;

	unsigned long num_sta;
@@ -635,6 +634,13 @@ struct ieee80211_local { 


	struct list_head interfaces;



	/*

	 * Key lock, protects sdata's key_list and sta_info's

	 * key pointers (write access, they're RCU.)

	 */

	spinlock_t key_lock;





	bool sta_sw_scanning;

	bool sta_hw_scanning;

	int scan_channel_idx;

net/mac80211/key.c

+10 −10
Original line number Diff line number Diff line
@@ -210,9 +210,9 @@ void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx) 
{

	unsigned long flags;



	spin_lock_irqsave(&sdata->local->sta_lock, flags);

	spin_lock_irqsave(&sdata->local->key_lock, flags);

	__ieee80211_set_default_key(sdata, idx);

	spin_unlock_irqrestore(&sdata->local->sta_lock, flags);

	spin_unlock_irqrestore(&sdata->local->key_lock, flags);

}
@@ -339,7 +339,7 @@ void ieee80211_key_link(struct ieee80211_key *key, 
		}

	}



	spin_lock_irqsave(&sdata->local->sta_lock, flags);

	spin_lock_irqsave(&sdata->local->key_lock, flags);



	if (sta)

		old_key = sta->key;
@@ -348,7 +348,7 @@ void ieee80211_key_link(struct ieee80211_key *key, 


	__ieee80211_key_replace(sdata, sta, old_key, key);



	spin_unlock_irqrestore(&sdata->local->sta_lock, flags);

	spin_unlock_irqrestore(&sdata->local->key_lock, flags);



	/* free old key later */

	add_todo(old_key, KEY_FLAG_TODO_DELETE);
@@ -377,9 +377,9 @@ void ieee80211_key_free(struct ieee80211_key *key) 
	if (!key)

		return;



	spin_lock_irqsave(&key->sdata->local->sta_lock, flags);

	spin_lock_irqsave(&key->sdata->local->key_lock, flags);

	__ieee80211_key_free(key);

	spin_unlock_irqrestore(&key->sdata->local->sta_lock, flags);

	spin_unlock_irqrestore(&key->sdata->local->key_lock, flags);

}



/*
@@ -397,10 +397,10 @@ static void ieee80211_todo_for_each_key(struct ieee80211_sub_if_data *sdata, 


	might_sleep();



	spin_lock_irqsave(&sdata->local->sta_lock, flags);

	spin_lock_irqsave(&sdata->local->key_lock, flags);

	list_for_each_entry(key, &sdata->key_list, list)

		add_todo(key, todo_flags);

	spin_unlock_irqrestore(&sdata->local->sta_lock, flags);

	spin_unlock_irqrestore(&sdata->local->key_lock, flags);



	ieee80211_key_todo();

}
@@ -506,10 +506,10 @@ void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata) 


	ieee80211_debugfs_key_remove_default(sdata);



	spin_lock_irqsave(&sdata->local->sta_lock, flags);

	spin_lock_irqsave(&sdata->local->key_lock, flags);

	list_for_each_entry_safe(key, tmp, &sdata->key_list, list)

		__ieee80211_key_free(key);

	spin_unlock_irqrestore(&sdata->local->sta_lock, flags);

	spin_unlock_irqrestore(&sdata->local->key_lock, flags);



	__ieee80211_key_todo();

net/mac80211/main.c

+2 −0
Original line number Diff line number Diff line
@@ -1587,6 +1587,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, 


	INIT_LIST_HEAD(&local->interfaces);



	spin_lock_init(&local->key_lock);



	INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);



	sta_info_init(local);