projects / cascardo / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1f0d54c) | patch
mac80211: fix racy usage of chanctx->refcount
authorMichal Kazior <michal.kazior@tieto.com>
Wed, 9 Apr 2014 13:29:32 +0000 (15:29 +0200)
committerJohannes Berg <johannes.berg@intel.com>
Fri, 25 Apr 2014 15:08:30 +0000 (17:08 +0200)
commit2b32713d72c093889fe20642f6a8bc42083267d2
treed5773d77a88b306fe4d8c48cc2173c1a49483dcbtree | snapshot
parent1f0d54cdcf822894cebebaa6cdc4e838c32bfb08commit | diff
mac80211: fix racy usage of chanctx->refcount

Channel context refcount is protected by
chanctx_mtx. Accessing the value without holding
the mutex is racy. RCU section didn't guarantee
anything here.

Theoretically ieee80211_channel_switch() could
fail to see refcount change and read "1" instead
of, e.g. "2". This means mac80211 could accept CSA
even though it shouldn't have.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
net/mac80211/cfg.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.