Commit b16bd15c authored by Johannes Berg's avatar Johannes Berg Committed by John W. Linville

mac80211: fix spinlock recursion

When STAs are expired, we need to hold the sta_lock. Using
the same lock for keys too would then mean we'd need another
key free function, and that'll just lead to confusion, so just
use a new spinlock for all key lists.
Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 6b914c52
...@@ -600,8 +600,7 @@ struct ieee80211_local { ...@@ -600,8 +600,7 @@ struct ieee80211_local {
/* /*
* The lock only protects the list, hash, timer and counter * The lock only protects the list, hash, timer and counter
* against manipulation, reads are done in RCU. Additionally, * against manipulation, reads are done in RCU. Additionally,
* the lock protects each BSS's TIM bitmap, a few items in * the lock protects each BSS's TIM bitmap.
* STA info structures and various key pointers.
*/ */
spinlock_t sta_lock; spinlock_t sta_lock;
unsigned long num_sta; unsigned long num_sta;
...@@ -635,6 +634,13 @@ struct ieee80211_local { ...@@ -635,6 +634,13 @@ struct ieee80211_local {
struct list_head interfaces; struct list_head interfaces;
/*
* Key lock, protects sdata's key_list and sta_info's
* key pointers (write access, they're RCU.)
*/
spinlock_t key_lock;
bool sta_sw_scanning; bool sta_sw_scanning;
bool sta_hw_scanning; bool sta_hw_scanning;
int scan_channel_idx; int scan_channel_idx;
......
...@@ -210,9 +210,9 @@ void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx) ...@@ -210,9 +210,9 @@ void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx)
{ {
unsigned long flags; unsigned long flags;
spin_lock_irqsave(&sdata->local->sta_lock, flags); spin_lock_irqsave(&sdata->local->key_lock, flags);
__ieee80211_set_default_key(sdata, idx); __ieee80211_set_default_key(sdata, idx);
spin_unlock_irqrestore(&sdata->local->sta_lock, flags); spin_unlock_irqrestore(&sdata->local->key_lock, flags);
} }
...@@ -339,7 +339,7 @@ void ieee80211_key_link(struct ieee80211_key *key, ...@@ -339,7 +339,7 @@ void ieee80211_key_link(struct ieee80211_key *key,
} }
} }
spin_lock_irqsave(&sdata->local->sta_lock, flags); spin_lock_irqsave(&sdata->local->key_lock, flags);
if (sta) if (sta)
old_key = sta->key; old_key = sta->key;
...@@ -348,7 +348,7 @@ void ieee80211_key_link(struct ieee80211_key *key, ...@@ -348,7 +348,7 @@ void ieee80211_key_link(struct ieee80211_key *key,
__ieee80211_key_replace(sdata, sta, old_key, key); __ieee80211_key_replace(sdata, sta, old_key, key);
spin_unlock_irqrestore(&sdata->local->sta_lock, flags); spin_unlock_irqrestore(&sdata->local->key_lock, flags);
/* free old key later */ /* free old key later */
add_todo(old_key, KEY_FLAG_TODO_DELETE); add_todo(old_key, KEY_FLAG_TODO_DELETE);
...@@ -377,9 +377,9 @@ void ieee80211_key_free(struct ieee80211_key *key) ...@@ -377,9 +377,9 @@ void ieee80211_key_free(struct ieee80211_key *key)
if (!key) if (!key)
return; return;
spin_lock_irqsave(&key->sdata->local->sta_lock, flags); spin_lock_irqsave(&key->sdata->local->key_lock, flags);
__ieee80211_key_free(key); __ieee80211_key_free(key);
spin_unlock_irqrestore(&key->sdata->local->sta_lock, flags); spin_unlock_irqrestore(&key->sdata->local->key_lock, flags);
} }
/* /*
...@@ -397,10 +397,10 @@ static void ieee80211_todo_for_each_key(struct ieee80211_sub_if_data *sdata, ...@@ -397,10 +397,10 @@ static void ieee80211_todo_for_each_key(struct ieee80211_sub_if_data *sdata,
might_sleep(); might_sleep();
spin_lock_irqsave(&sdata->local->sta_lock, flags); spin_lock_irqsave(&sdata->local->key_lock, flags);
list_for_each_entry(key, &sdata->key_list, list) list_for_each_entry(key, &sdata->key_list, list)
add_todo(key, todo_flags); add_todo(key, todo_flags);
spin_unlock_irqrestore(&sdata->local->sta_lock, flags); spin_unlock_irqrestore(&sdata->local->key_lock, flags);
ieee80211_key_todo(); ieee80211_key_todo();
} }
...@@ -506,10 +506,10 @@ void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata) ...@@ -506,10 +506,10 @@ void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
ieee80211_debugfs_key_remove_default(sdata); ieee80211_debugfs_key_remove_default(sdata);
spin_lock_irqsave(&sdata->local->sta_lock, flags); spin_lock_irqsave(&sdata->local->key_lock, flags);
list_for_each_entry_safe(key, tmp, &sdata->key_list, list) list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
__ieee80211_key_free(key); __ieee80211_key_free(key);
spin_unlock_irqrestore(&sdata->local->sta_lock, flags); spin_unlock_irqrestore(&sdata->local->key_lock, flags);
__ieee80211_key_todo(); __ieee80211_key_todo();
......
...@@ -1587,6 +1587,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, ...@@ -1587,6 +1587,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
INIT_LIST_HEAD(&local->interfaces); INIT_LIST_HEAD(&local->interfaces);
spin_lock_init(&local->key_lock);
INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work); INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);
sta_info_init(local); sta_info_init(local);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment