projects / thirdparty / kernel / stable-queue.git / blame
| Commit | Line | Data |
|---|---|---|
| 85647c5c GKH |
1 | From 4856bfd230985e43e84c26473c91028ff0a533bd Mon Sep 17 00:00:00 2001 |
| 2 | From: Felix Fietkau <nbd@nbd.name> | |
| 3 | Date: Fri, 1 Mar 2019 14:48:37 +0100 | |
| 4 | Subject: mac80211: do not call driver wake_tx_queue op during reconfig | |
| 5 | ||
| 6 | From: Felix Fietkau <nbd@nbd.name> | |
| 7 | ||
| 8 | commit 4856bfd230985e43e84c26473c91028ff0a533bd upstream. | |
| 9 | ||
| 10 | There are several scenarios in which mac80211 can call drv_wake_tx_queue | |
| 11 | after ieee80211_restart_hw has been called and has not yet completed. | |
| 12 | Driver private structs are considered uninitialized until mac80211 has | |
| 13 | uploaded the vifs, stations and keys again, so using private tx queue | |
| 14 | data during that time is not safe. | |
| 15 | ||
| 16 | The driver can also not rely on drv_reconfig_complete to figure out when | |
| 17 | it is safe to accept drv_wake_tx_queue calls again, because it is only | |
| 18 | called after all tx queues are woken again. | |
| 19 | ||
| 20 | To fix this, bail out early in drv_wake_tx_queue if local->in_reconfig | |
| 21 | is set. | |
| 22 | ||
| 23 | Cc: stable@vger.kernel.org | |
| 24 | Signed-off-by: Felix Fietkau <nbd@nbd.name> | |
| 25 | Signed-off-by: Johannes Berg <johannes.berg@intel.com> | |
| 26 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
| 27 | ||
| 28 | --- | |
| 29 | net/mac80211/driver-ops.h | 3 +++ | |
| 30 | 1 file changed, 3 insertions(+) | |
| 31 | ||
| 32 | --- a/net/mac80211/driver-ops.h | |
| 33 | +++ b/net/mac80211/driver-ops.h | |
| 34 | @@ -1166,6 +1166,9 @@ static inline void drv_wake_tx_queue(str | |
| 35 | { | |
| 36 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(txq->txq.vif); | |
| 37 | ||
| 38 | + if (local->in_reconfig) | |
| 39 | + return; | |
| 40 | + | |
| 41 | if (!check_sdata_in_driver(sdata)) | |
| 42 | return; | |
| 43 |