;michal.kaz...@tieto.com>
Patch applied to ath-next branch of ath.git, thanks.
0a744d927406 ath10k: prevent sta pointer rcu violation
--
https://patchwork.kernel.org/patch/9513391/
Documentation about submitting wireless patches and checking status
from patchwork
On 13 January 2017 at 08:24, Johannes Berg wrote:
>
>> Unless you then continue to use that sta pointer after you release
>> data_lock.
>
> Ouch, ok. That's rather strangely hidden though.
>
>> Consider this:
>>
>> > CPU0 CPU1
>> > 1
> Unless you then continue to use that sta pointer after you release
> data_lock.
Ouch, ok. That's rather strangely hidden though.
> Consider this:
>
> > CPU0 CPU1
> > 1 synchronize_net()
> > 2drv_sta_state()
> > 3 htt_fetch_ind(pid,tid) called
>
Station pointers are RCU protected so driver must
be extra careful if it tries to store them
internally for later use outside of the RCU
section it obtained it in.
It was possible for station teardown to race with
some htt events. The possible outcome could be a
use-after-free and a crash.
Only