git.baikalelectronics.ru Git - kernel.git/commit

author	Lior David <qca_liord@qca.qualcomm.com>
	Tue, 1 Mar 2016 17:18:14 +0000 (19:18 +0200)
committer	Kalle Valo <kvalo@qca.qualcomm.com>
	Mon, 7 Mar 2016 09:43:20 +0000 (11:43 +0200)
commit	39cad78f62d96436e61915b5d3e07ea2cc89a2bc
tree	b853e200d91f4acaab7d09b00aa2b628da86aaa2	tree \| snapshot
parent	f5cc477f2e0cf3e40c9aae8e7ce191fbd785d27b	commit \| diff

wil6210: fix race conditions in p2p listen and search

Fix 2 race conditions found during test runs of P2P discovery:
1. Because wil_p2p_cancel_listen was not protected, user space
could start a new P2P listen/search before wmi_stop_discovery
completed. This caused a crash in the firmware.
2. In P2P listen, when listen timer expires and user space calls
cancel_remain_on_channel at the same time, code could send the
cfg80211_remain_on_channel_expired notification twice.

Added protections with wil->mutex to several places that call
wmi_stop_discovery.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Signed-off-by: Maya Erez <qca_merez@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>

drivers/net/wireless/ath/wil6210/cfg80211.c		diff \| blob \| history
drivers/net/wireless/ath/wil6210/main.c		diff \| blob \| history
drivers/net/wireless/ath/wil6210/p2p.c		diff \| blob \| history
drivers/net/wireless/ath/wil6210/wil6210.h		diff \| blob \| history