aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Buesch <mb@bu3sch.de>2006-04-06 19:42:55 -0400
committerJohn W. Linville <linville@tuxdriver.com>2006-04-19 17:25:38 -0400
commit9b0b4d8ae82cadd059d01ab93babcaa5e2054b93 (patch)
tree065d53b0c271a49660e356e39c94fbda218e1149
parentc1783454a31e05b94774951b0b5d1eb9075ebfb4 (diff)
[PATCH] softmac: fix spinlock recursion on reassoc
This fixes a spinlock recursion on receiving a reassoc request. On reassoc, the softmac calls back into the driver. This results in a driver lock recursion. This schedules the assoc workqueue, instead of calling it directly. Probably, we should defer the _whole_ management frame processing to a tasklet or workqueue, because it does several callbacks into the driver. That is dangerous. This fix should go into linus's tree, before 2.6.17 is released, because it is remote exploitable (DoS by crash). Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r--net/ieee80211/softmac/ieee80211softmac_assoc.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ieee80211/softmac/ieee80211softmac_assoc.c b/net/ieee80211/softmac/ieee80211softmac_assoc.c
index be61de78dfa4..cb9fca86c26b 100644
--- a/net/ieee80211/softmac/ieee80211softmac_assoc.c
+++ b/net/ieee80211/softmac/ieee80211softmac_assoc.c
@@ -391,6 +391,7 @@ ieee80211softmac_handle_reassoc_req(struct net_device * dev,
391 dprintkl(KERN_INFO PFX "reassoc request from unknown network\n"); 391 dprintkl(KERN_INFO PFX "reassoc request from unknown network\n");
392 return 0; 392 return 0;
393 } 393 }
394 ieee80211softmac_assoc(mac, network); 394 schedule_work(&mac->associnfo.work);
395
395 return 0; 396 return 0;
396} 397}