madwifi: fix a wds related race condition

SVN-Revision: 17578
owl
Felix Fietkau 2009-09-14 10:45:34 +00:00
parent 84c01891da
commit 36d7f7c017
12 changed files with 25 additions and 24 deletions

View File

@ -748,7 +748,7 @@
IEEE80211_NODE_STAT(ni, rx_data); IEEE80211_NODE_STAT(ni, rx_data);
IEEE80211_NODE_STAT_ADD(ni, rx_bytes, skb->len); IEEE80211_NODE_STAT_ADD(ni, rx_bytes, skb->len);
ic->ic_lastdata = jiffies; ic->ic_lastdata = jiffies;
@@ -1114,6 +1142,17 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1114,6 +1142,18 @@ ieee80211_deliver_data(struct ieee80211_
dev = vap->iv_xrvap->iv_dev; dev = vap->iv_xrvap->iv_dev;
#endif #endif
@ -757,6 +757,7 @@
+ if (ni->ni_subif && ((eh)->ether_type != __constant_htons(ETHERTYPE_PAE))) { + if (ni->ni_subif && ((eh)->ether_type != __constant_htons(ETHERTYPE_PAE))) {
+ if (ni->ni_vap == ni->ni_subif) { + if (ni->ni_vap == ni->ni_subif) {
+ ieee80211_dev_kfree_skb(&skb); + ieee80211_dev_kfree_skb(&skb);
+ return;
+ } else { + } else {
+ vap = ni->ni_subif; + vap = ni->ni_subif;
+ dev = vap->iv_dev; + dev = vap->iv_dev;
@ -766,7 +767,7 @@
/* perform as a bridge within the vap */ /* perform as a bridge within the vap */
/* XXX intra-vap bridging only */ /* XXX intra-vap bridging only */
if (vap->iv_opmode == IEEE80211_M_HOSTAP && if (vap->iv_opmode == IEEE80211_M_HOSTAP &&
@@ -1139,7 +1178,16 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1139,7 +1179,16 @@ ieee80211_deliver_data(struct ieee80211_
if (ni1 != NULL) { if (ni1 != NULL) {
if (ni1->ni_vap == vap && if (ni1->ni_vap == vap &&
ieee80211_node_is_authorized(ni1) && ieee80211_node_is_authorized(ni1) &&
@ -783,7 +784,7 @@
skb1 = skb; skb1 = skb;
skb = NULL; skb = NULL;
} }
@@ -3084,8 +3132,7 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3084,8 +3133,7 @@ ieee80211_recv_mgmt(struct ieee80211vap
(vap->iv_opmode == IEEE80211_M_STA && ni->ni_associd) || (vap->iv_opmode == IEEE80211_M_STA && ni->ni_associd) ||
(vap->iv_opmode == IEEE80211_M_IBSS) || (vap->iv_opmode == IEEE80211_M_IBSS) ||
((subtype == IEEE80211_FC0_SUBTYPE_BEACON) && ((subtype == IEEE80211_FC0_SUBTYPE_BEACON) &&
@ -793,7 +794,7 @@
vap->iv_stats.is_rx_mgtdiscard++; vap->iv_stats.is_rx_mgtdiscard++;
return; return;
} }
@@ -3471,13 +3518,54 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3471,13 +3519,54 @@ ieee80211_recv_mgmt(struct ieee80211vap
*/ */
if (ic->ic_flags & IEEE80211_F_SCAN) { if (ic->ic_flags & IEEE80211_F_SCAN) {
ieee80211_add_scan(vap, &scan, wh, subtype, rssi, rtsf); ieee80211_add_scan(vap, &scan, wh, subtype, rssi, rtsf);
@ -853,7 +854,7 @@
} else { } else {
/* /*
* Copy data from beacon to neighbor table. * Copy data from beacon to neighbor table.
@@ -3490,6 +3578,7 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3490,6 +3579,7 @@ ieee80211_recv_mgmt(struct ieee80211vap
IEEE80211_ADDR_COPY(ni->ni_bssid, wh->i_addr3); IEEE80211_ADDR_COPY(ni->ni_bssid, wh->i_addr3);
memcpy(ni->ni_tstamp.data, scan.tstamp, memcpy(ni->ni_tstamp.data, scan.tstamp,
sizeof(ni->ni_tstamp)); sizeof(ni->ni_tstamp));

View File

@ -1,6 +1,6 @@
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -1197,6 +1197,7 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1198,6 +1198,7 @@ ieee80211_deliver_data(struct ieee80211_
} }
if (skb1 != NULL) { if (skb1 != NULL) {
struct ieee80211_node *ni_tmp; struct ieee80211_node *ni_tmp;
@ -8,7 +8,7 @@
skb1->dev = dev; skb1->dev = dev;
skb_reset_mac_header(skb1); skb_reset_mac_header(skb1);
skb_set_network_header(skb1, sizeof(struct ether_header)); skb_set_network_header(skb1, sizeof(struct ether_header));
@@ -1204,7 +1205,12 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1205,7 +1206,12 @@ ieee80211_deliver_data(struct ieee80211_
skb1->protocol = __constant_htons(ETH_P_802_2); skb1->protocol = __constant_htons(ETH_P_802_2);
/* XXX insert vlan tag before queue it? */ /* XXX insert vlan tag before queue it? */
ni_tmp = SKB_CB(skb1)->ni; /* remember node so we can free it */ ni_tmp = SKB_CB(skb1)->ni; /* remember node so we can free it */

View File

@ -1,6 +1,6 @@
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -3528,6 +3528,11 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3529,6 +3529,11 @@ ieee80211_recv_mgmt(struct ieee80211vap
if (ic->ic_flags & IEEE80211_F_SCAN) { if (ic->ic_flags & IEEE80211_F_SCAN) {
ieee80211_add_scan(vap, &scan, wh, subtype, rssi, rtsf); ieee80211_add_scan(vap, &scan, wh, subtype, rssi, rtsf);
} }

View File

@ -56,7 +56,7 @@
/* /*
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -4017,7 +4017,26 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -4018,7 +4018,26 @@ ieee80211_recv_mgmt(struct ieee80211vap
vap->iv_stats.is_rx_assoc_norate++; vap->iv_stats.is_rx_assoc_norate++;
return; return;
} }

View File

@ -1,6 +1,6 @@
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -4440,7 +4440,9 @@ ath_eth_type_trans(struct sk_buff *skb, @@ -4441,7 +4441,9 @@ ath_eth_type_trans(struct sk_buff *skb,
if (memcmp(eth->h_dest, dev->dev_addr, ETH_ALEN)) if (memcmp(eth->h_dest, dev->dev_addr, ETH_ALEN))
skb->pkt_type = PACKET_OTHERHOST; skb->pkt_type = PACKET_OTHERHOST;

View File

@ -1,6 +1,6 @@
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -1374,7 +1374,7 @@ ieee80211_auth_open(struct ieee80211_nod @@ -1375,7 +1375,7 @@ ieee80211_auth_open(struct ieee80211_nod
vap->iv_stats.is_rx_bad_auth++; /* XXX maybe a unique error? */ vap->iv_stats.is_rx_bad_auth++; /* XXX maybe a unique error? */
if (vap->iv_opmode == IEEE80211_M_HOSTAP) { if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
if (ni == vap->iv_bss) { if (ni == vap->iv_bss) {
@ -9,7 +9,7 @@
if (ni == NULL) if (ni == NULL)
return; return;
tmpnode = 1; tmpnode = 1;
@@ -1762,6 +1762,8 @@ ieee80211_ssid_mismatch(struct ieee80211 @@ -1763,6 +1763,8 @@ ieee80211_ssid_mismatch(struct ieee80211
} }
#define IEEE80211_VERIFY_SSID(_ni, _ssid) do { \ #define IEEE80211_VERIFY_SSID(_ni, _ssid) do { \
@ -18,7 +18,7 @@
if ((_ssid)[1] != 0 && \ if ((_ssid)[1] != 0 && \
((_ssid)[1] != (_ni)->ni_esslen || \ ((_ssid)[1] != (_ni)->ni_esslen || \
memcmp((_ssid) + 2, (_ni)->ni_essid, (_ssid)[1]) != 0)) { \ memcmp((_ssid) + 2, (_ni)->ni_essid, (_ssid)[1]) != 0)) { \
@@ -1776,6 +1778,8 @@ ieee80211_ssid_mismatch(struct ieee80211 @@ -1777,6 +1779,8 @@ ieee80211_ssid_mismatch(struct ieee80211
} while (0) } while (0)
#else /* !IEEE80211_DEBUG */ #else /* !IEEE80211_DEBUG */
#define IEEE80211_VERIFY_SSID(_ni, _ssid) do { \ #define IEEE80211_VERIFY_SSID(_ni, _ssid) do { \

View File

@ -305,7 +305,7 @@
if (skb != NULL) /* no vaps, reclaim skb */ if (skb != NULL) /* no vaps, reclaim skb */
ieee80211_dev_kfree_skb(&skb); ieee80211_dev_kfree_skb(&skb);
return type; return type;
@@ -1146,11 +1157,9 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1147,11 +1158,9 @@ ieee80211_deliver_data(struct ieee80211_
* sending it will not work; just let it be * sending it will not work; just let it be
* delivered normally. * delivered normally.
*/ */
@ -319,7 +319,7 @@
!ni1->ni_subif && !ni1->ni_subif &&
ni1 != vap->iv_bss) { ni1 != vap->iv_bss) {
@@ -3519,6 +3528,7 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3520,6 +3529,7 @@ ieee80211_recv_mgmt(struct ieee80211vap
(vap->iv_opmode == IEEE80211_M_WDS)) && (vap->iv_opmode == IEEE80211_M_WDS)) &&
(scan.capinfo & IEEE80211_CAPINFO_ESS))) { (scan.capinfo & IEEE80211_CAPINFO_ESS))) {
struct ieee80211vap *avp = NULL; struct ieee80211vap *avp = NULL;
@ -327,7 +327,7 @@
int found = 0; int found = 0;
IEEE80211_LOCK_IRQ(vap->iv_ic); IEEE80211_LOCK_IRQ(vap->iv_ic);
@@ -3550,10 +3560,12 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3551,10 +3561,12 @@ ieee80211_recv_mgmt(struct ieee80211vap
ni->ni_associd |= 0xc000; ni->ni_associd |= 0xc000;
avp->iv_wdsnode = ieee80211_ref_node(ni); avp->iv_wdsnode = ieee80211_ref_node(ni);
IEEE80211_UNLOCK_IRQ(ic); IEEE80211_UNLOCK_IRQ(ic);
@ -341,7 +341,7 @@
} else { } else {
/* /*
* Copy data from beacon to neighbor table. * Copy data from beacon to neighbor table.
@@ -3592,6 +3604,8 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3593,6 +3605,8 @@ ieee80211_recv_mgmt(struct ieee80211vap
ni->ni_rssi = rssi; ni->ni_rssi = rssi;
ni->ni_rtsf = rtsf; ni->ni_rtsf = rtsf;
ni->ni_last_rx = jiffies; ni->ni_last_rx = jiffies;

View File

@ -1,6 +1,6 @@
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -3618,6 +3618,8 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3619,6 +3619,8 @@ ieee80211_recv_mgmt(struct ieee80211vap
vap->iv_stats.is_rx_mgtdiscard++; vap->iv_stats.is_rx_mgtdiscard++;
return; return;
} }

View File

@ -45,7 +45,7 @@
local_irq_restore(flags); local_irq_restore(flags);
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -1205,6 +1205,7 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1206,6 +1206,7 @@ ieee80211_deliver_data(struct ieee80211_
} }
} }

View File

@ -183,7 +183,7 @@
ieee80211_stop(vap->iv_dev); ieee80211_stop(vap->iv_dev);
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -2774,6 +2774,7 @@ static void @@ -2775,6 +2775,7 @@ static void
ieee80211_doth_switch_channel(struct ieee80211vap *vap) ieee80211_doth_switch_channel(struct ieee80211vap *vap)
{ {
struct ieee80211com *ic = vap->iv_ic; struct ieee80211com *ic = vap->iv_ic;
@ -191,7 +191,7 @@
IEEE80211_DPRINTF(vap, IEEE80211_MSG_DOTH, IEEE80211_DPRINTF(vap, IEEE80211_MSG_DOTH,
"%s: Channel switch to %3d (%4d MHz) NOW!\n", "%s: Channel switch to %3d (%4d MHz) NOW!\n",
@@ -2796,6 +2797,9 @@ ieee80211_doth_switch_channel(struct iee @@ -2797,6 +2798,9 @@ ieee80211_doth_switch_channel(struct iee
ic->ic_curchan = ic->ic_bsschan = vap->iv_csa_chan; ic->ic_curchan = ic->ic_bsschan = vap->iv_csa_chan;
ic->ic_set_channel(ic); ic->ic_set_channel(ic);

View File

@ -170,7 +170,7 @@ http://madwifi-project.org/changeset/4005
#endif #endif
--- a/net80211/ieee80211_input.c --- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c +++ b/net80211/ieee80211_input.c
@@ -1187,7 +1187,11 @@ ieee80211_deliver_data(struct ieee80211_ @@ -1188,7 +1188,11 @@ ieee80211_deliver_data(struct ieee80211_
skb1->protocol = __constant_htons(ETH_P_802_2); skb1->protocol = __constant_htons(ETH_P_802_2);
/* XXX insert vlan tag before queue it? */ /* XXX insert vlan tag before queue it? */
ni_tmp = SKB_CB(skb1)->ni; /* remember node so we can free it */ ni_tmp = SKB_CB(skb1)->ni; /* remember node so we can free it */

View File

@ -44,7 +44,7 @@
if (dir != IEEE80211_FC1_DIR_NODS) { if (dir != IEEE80211_FC1_DIR_NODS) {
IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY, IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
wh, "data", "invalid dir 0x%x", dir); wh, "data", "invalid dir 0x%x", dir);
@@ -3555,6 +3560,11 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3556,6 +3561,11 @@ ieee80211_recv_mgmt(struct ieee80211vap
} else if (vap->iv_opmode == IEEE80211_M_WDS) { } else if (vap->iv_opmode == IEEE80211_M_WDS) {
found = 1; found = 1;
ni = ni_or_null = vap->iv_wdsnode; ni = ni_or_null = vap->iv_wdsnode;
@ -56,7 +56,7 @@
} }
IEEE80211_UNLOCK_IRQ(vap->iv_ic); IEEE80211_UNLOCK_IRQ(vap->iv_ic);
@@ -3683,19 +3693,8 @@ ieee80211_recv_mgmt(struct ieee80211vap @@ -3684,19 +3694,8 @@ ieee80211_recv_mgmt(struct ieee80211vap
vap->iv_stats.is_rx_ssidmismatch++; /*XXX*/ vap->iv_stats.is_rx_ssidmismatch++; /*XXX*/
return; return;
} }