aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorMichael Buesch <mb@bu3sch.de>2006-04-07 01:42:55 +0200
committerJohn W. Linville <linville@tuxdriver.com>2006-04-19 17:25:38 -0400
commit9b0b4d8ae82cadd059d01ab93babcaa5e2054b93 (patch)
tree065d53b0c271a49660e356e39c94fbda218e1149 /net
parentc1783454a31e05b94774951b0b5d1eb9075ebfb4 (diff)
downloadkernel_samsung_aries-9b0b4d8ae82cadd059d01ab93babcaa5e2054b93.zip
kernel_samsung_aries-9b0b4d8ae82cadd059d01ab93babcaa5e2054b93.tar.gz
kernel_samsung_aries-9b0b4d8ae82cadd059d01ab93babcaa5e2054b93.tar.bz2
[PATCH] softmac: fix spinlock recursion on reassoc
This fixes a spinlock recursion on receiving a reassoc request. On reassoc, the softmac calls back into the driver. This results in a driver lock recursion. This schedules the assoc workqueue, instead of calling it directly. Probably, we should defer the _whole_ management frame processing to a tasklet or workqueue, because it does several callbacks into the driver. That is dangerous. This fix should go into linus's tree, before 2.6.17 is released, because it is remote exploitable (DoS by crash). Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net')
-rw-r--r--net/ieee80211/softmac/ieee80211softmac_assoc.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ieee80211/softmac/ieee80211softmac_assoc.c b/net/ieee80211/softmac/ieee80211softmac_assoc.c
index be61de78..cb9fca8 100644
--- a/net/ieee80211/softmac/ieee80211softmac_assoc.c
+++ b/net/ieee80211/softmac/ieee80211softmac_assoc.c
@@ -391,6 +391,7 @@ ieee80211softmac_handle_reassoc_req(struct net_device * dev,
dprintkl(KERN_INFO PFX "reassoc request from unknown network\n");
return 0;
}
- ieee80211softmac_assoc(mac, network);
+ schedule_work(&mac->associnfo.work);
+
return 0;
}