Message ID | 20120706192034.GA1879@tuxdriver.com |
---|---|
State | Changes Requested, archived |
Delegated to: | David Miller |
Headers | show |
From: "John W. Linville" <linville@tuxdriver.com> Date: Fri, 6 Jul 2012 15:20:35 -0400 > Please let me know if there are problems! This indentation is not correct: commit 01f9cb073c827c60c43f769763b49a2026f1a897 Author: Thomas Huehn <thomas@net.t-labs.tu-berlin.de> Date: Thu Jun 28 14:39:51 2012 -0700 mwl8k: fix possible race condition in info->control.sta use ... + sta = ieee80211_find_sta_by_ifaddr(hw, wh->addr1, + wh->addr2); -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mon, Jul 09, 2012 at 12:31:55AM -0700, David Miller wrote: > From: "John W. Linville" <linville@tuxdriver.com> > Date: Fri, 6 Jul 2012 15:20:35 -0400 > > > Please let me know if there are problems! > > This indentation is not correct: > > commit 01f9cb073c827c60c43f769763b49a2026f1a897 > Author: Thomas Huehn <thomas@net.t-labs.tu-berlin.de> > Date: Thu Jun 28 14:39:51 2012 -0700 > > mwl8k: fix possible race condition in info->control.sta use > ... > + sta = ieee80211_find_sta_by_ifaddr(hw, wh->addr1, > + wh->addr2); OK, I'll drop this patch and send a new pull request with a couple more fixes as well. John
diff --git a/drivers/net/wireless/mwl8k.c b/drivers/net/wireless/mwl8k.c index cf7bdc6..1404373 100644 --- a/drivers/net/wireless/mwl8k.c +++ b/drivers/net/wireless/mwl8k.c @@ -1665,7 +1665,8 @@ mwl8k_txq_reclaim(struct ieee80211_hw *hw, int index, int limit, int force) info = IEEE80211_SKB_CB(skb); if (ieee80211_is_data(wh->frame_control)) { - sta = info->control.sta; + sta = ieee80211_find_sta_by_ifaddr(hw, wh->addr1, + wh->addr2); if (sta) { sta_info = MWL8K_STA(sta); BUG_ON(sta_info == NULL); diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index a4bb856..0db5d34 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -2174,15 +2174,13 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, sdata->name, mgmt->sa, status_code); ieee80211_destroy_assoc_data(sdata, false); } else { - printk(KERN_DEBUG "%s: associated\n", sdata->name); - if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { /* oops -- internal error -- send timeout for now */ - ieee80211_destroy_assoc_data(sdata, true); - sta_info_destroy_addr(sdata, mgmt->bssid); + ieee80211_destroy_assoc_data(sdata, false); cfg80211_put_bss(*bss); return RX_MGMT_CFG80211_ASSOC_TIMEOUT; } + printk(KERN_DEBUG "%s: associated\n", sdata->name); /* * destroy assoc_data afterwards, as otherwise an idle diff --git a/net/mac80211/rc80211_minstrel_ht.c b/net/mac80211/rc80211_minstrel_ht.c index 2d1acc6..f9e51ef 100644 --- a/net/mac80211/rc80211_minstrel_ht.c +++ b/net/mac80211/rc80211_minstrel_ht.c @@ -809,7 +809,7 @@ minstrel_ht_alloc_sta(void *priv, struct ieee80211_sta *sta, gfp_t gfp) max_rates = sband->n_bitrates; } - msp = kzalloc(sizeof(struct minstrel_ht_sta), gfp); + msp = kzalloc(sizeof(*msp), gfp); if (!msp) return NULL; diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c index 17a707d..e06d458 100644 --- a/net/nfc/llcp/sock.c +++ b/net/nfc/llcp/sock.c @@ -292,7 +292,7 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *addr, pr_debug("%p\n", sk); - if (llcp_sock == NULL) + if (llcp_sock == NULL || llcp_sock->dev == NULL) return -EBADFD; addr->sa_family = AF_NFC;