cfg80211: fix in nl80211_set_reg()
There is a race on access to last_request and its alpha2 through reg_is_valid_request() and us possibly processing first another regulatory request on another CPU. We avoid this improbably race by locking with the cfg80211_mutex as we should have done in the first place. While at it add the assert on locking on reg_is_valid_request(). Cc: stable@kernel.org Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
This commit is contained in:
parent
d0e18f833d
commit
61405e9778
|
@ -2570,6 +2570,8 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
|
|||
return -EINVAL;
|
||||
}
|
||||
|
||||
mutex_lock(&cfg80211_mutex);
|
||||
|
||||
if (!reg_is_valid_request(alpha2)) {
|
||||
r = -EINVAL;
|
||||
goto bad_reg;
|
||||
|
@ -2607,13 +2609,14 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
|
|||
|
||||
BUG_ON(rule_idx != num_rules);
|
||||
|
||||
mutex_lock(&cfg80211_mutex);
|
||||
r = set_regdom(rd);
|
||||
|
||||
mutex_unlock(&cfg80211_mutex);
|
||||
|
||||
return r;
|
||||
|
||||
bad_reg:
|
||||
mutex_unlock(&cfg80211_mutex);
|
||||
kfree(rd);
|
||||
return r;
|
||||
}
|
||||
|
|
|
@ -382,6 +382,8 @@ static int call_crda(const char *alpha2)
|
|||
/* Used by nl80211 before kmalloc'ing our regulatory domain */
|
||||
bool reg_is_valid_request(const char *alpha2)
|
||||
{
|
||||
assert_cfg80211_lock();
|
||||
|
||||
if (!last_request)
|
||||
return false;
|
||||
|
||||
|
|
Loading…
Reference in New Issue