| 123456789101112131415161718192021222324252627 |
- From: Michal Kazior <michal.kazior@tieto.com>
- Date: Thu, 21 Jan 2016 14:23:07 +0100
- Subject: [PATCH] mac80211: fix txq queue related crashes
- The driver can access the queue simultanously
- while mac80211 tears down the interface. Without
- spinlock protection this could lead to corrupting
- sk_buff_head and subsequently to an invalid
- pointer dereference.
- Fixes: ba8c3d6f16a1 ("mac80211: add an intermediate software queue implementation")
- Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
- ---
- --- a/net/mac80211/iface.c
- +++ b/net/mac80211/iface.c
- @@ -977,7 +977,10 @@ static void ieee80211_do_stop(struct iee
- if (sdata->vif.txq) {
- struct txq_info *txqi = to_txq_info(sdata->vif.txq);
-
- + spin_lock_bh(&txqi->queue.lock);
- ieee80211_purge_tx_queue(&local->hw, &txqi->queue);
- + spin_unlock_bh(&txqi->queue.lock);
- +
- atomic_set(&sdata->txqs_len[txqi->txq.ac], 0);
- }
-
|
