]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d3aeb90) | patch
cfg80211: fix BSS struct IE access races
authorJohannes Berg <johannes.berg@intel.com>
Thu, 29 Nov 2012 00:25:20 +0000 (01:25 +0100)
committerJohannes Berg <johannes.berg@intel.com>
Fri, 30 Nov 2012 12:42:20 +0000 (13:42 +0100)
commitb6563f7e7199b03eb2b69ebe0c6c26e0fa72754e
treecb094a4a577f61421d1b402e16f0e68f151d5726tree | snapshot
parentd3aeb906e53a8b93b8aa7ab37834922e700c202fcommit | diff
cfg80211: fix BSS struct IE access races

When a BSS struct is updated, the IEs are currently
overwritten or freed. This can lead to races if some
other CPU is accessing the BSS struct and using the
IEs concurrently.

Fix this by always allocating the IEs in a new struct
that holds the data and length and protecting access
to this new struct with RCU.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
12 files changed:
drivers/net/wireless/libertas/cfg.c diff | blob | history
drivers/net/wireless/mwifiex/sta_ioctl.c diff | blob | history
include/net/cfg80211.h diff | blob | history
net/mac80211/mlme.c diff | blob | history
net/wireless/core.h diff | blob | history
net/wireless/nl80211.c diff | blob | history
net/wireless/reg.c diff | blob | history
net/wireless/reg.h diff | blob | history
net/wireless/scan.c diff | blob | history
net/wireless/sme.c diff | blob | history
net/wireless/util.c diff | blob | history
net/wireless/wext-sme.c diff | blob | history
Linux Kernel Source Tree.