From 9b0b4d8ae82cadd059d01ab93babcaa5e2054b93 Mon Sep 17 00:00:00 2001 From: Michael Buesch Date: Fri, 7 Apr 2006 01:42:55 +0200 Subject: [PATCH] [PATCH] softmac: fix spinlock recursion on reassoc This fixes a spinlock recursion on receiving a reassoc request. On reassoc, the softmac calls back into the driver. This results in a driver lock recursion. This schedules the assoc workqueue, instead of calling it directly. Probably, we should defer the _whole_ management frame processing to a tasklet or workqueue, because it does several callbacks into the driver. That is dangerous. This fix should go into linus's tree, before 2.6.17 is released, because it is remote exploitable (DoS by crash). Signed-off-by: John W. Linville --- net/ieee80211/softmac/ieee80211softmac_assoc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ieee80211/softmac/ieee80211softmac_assoc.c b/net/ieee80211/softmac/ieee80211softmac_assoc.c index be61de78dfa..cb9fca86c26 100644 --- a/net/ieee80211/softmac/ieee80211softmac_assoc.c +++ b/net/ieee80211/softmac/ieee80211softmac_assoc.c @@ -391,6 +391,7 @@ ieee80211softmac_handle_reassoc_req(struct net_device * dev, dprintkl(KERN_INFO PFX "reassoc request from unknown network\n"); return 0; } - ieee80211softmac_assoc(mac, network); + schedule_work(&mac->associnfo.work); + return 0; } -- 2.41.1