[kernel] Add mac80211 deauth fix pointed out by Stanislaw Gruszka Add arch guards in files section for kernel

Josh Boyer jwboyer at fedoraproject.org
Mon Jan 23 13:32:53 UTC 2012 

commit 6ec053a7ad907d708b16b79b3de4145c8042b1f5
Author: Josh Boyer <jwboyer at redhat.com>
Date:   Mon Jan 23 08:32:36 2012 -0500

    Add mac80211 deauth fix pointed out by Stanislaw Gruszka
    Add arch guards in files section for kernel-tools subpackage

 block-stray-block-put-after-teardown.patch        |   11 --
 kernel.spec                                       |   14 ++-
 mac80211-fix-work-removal-on-deauth-request.patch |  154 +++++++++++++++++++++
 3 files changed, 164 insertions(+), 15 deletions(-)
---
diff --git a/kernel.spec b/kernel.spec
index abffee2..2fe4e4e 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -719,8 +719,6 @@ Patch1101: linux-3.1-keys-remove-special-keyring.patch
 # patches headed upstream
 Patch12016: disable-i8042-check-on-apple-mac.patch
 
-#atch12026: block-stray-block-put-after-teardown.patch
-
 Patch12303: dmar-disable-when-ricoh-multifunction.patch
 
 Patch13002: revert-efi-rtclock.patch
@@ -742,6 +740,8 @@ Patch21090: bcma-brcmsmac-compat.patch
 
 Patch21091: kmemleak.patch
 
+Patch21092: mac80211-fix-work-removal-on-deauth-request.patch
+
 # compat-wireless patches
 Patch50000: compat-wireless-config-fixups.patch
 Patch50001: compat-wireless-pr_fmt-warning-avoidance.patch
@@ -1414,8 +1414,6 @@ ApplyOptionalPatch linux-2.6-v4l-dvb-experimental.patch
 # Patches headed upstream
 ApplyPatch disable-i8042-check-on-apple-mac.patch
 
-#pplyPatch block-stray-block-put-after-teardown.patch
-
 # rhbz#605888
 ApplyPatch dmar-disable-when-ricoh-multifunction.patch
 
@@ -1437,6 +1435,8 @@ ApplyPatch KVM-x86-extend-struct-x86_emulate_ops-with-get_cpuid.patch
 ApplyPatch KVM-x86-fix-missing-checks-in-syscall-emulation.patch
 
 ApplyPatch kmemleak.patch
+ApplyPatch mac80211-fix-work-removal-on-deauth-request.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -2183,8 +2183,10 @@ fi
 %defattr(-,root,root)
 %ifarch %{cpupowerarchs}
 %{_bindir}/cpupower
+%ifarch %{ix86} x86_64
 %{_bindir}/centrino-decode
 %{_bindir}/powernow-k8-decode
+%endif
 %{_libdir}/libcpupower.so.0
 %{_libdir}/libcpupower.so.0.0.0
 %{_unitdir}/cpupower.service
@@ -2274,6 +2276,10 @@ fi
 #                 ||----w |
 #                 ||     ||
 %changelog
+* Mon Jan 23 2012 Josh Boyer <jwboyer at redhat.com>
+- Add mac80211 deauth fix pointed out by Stanislaw Gruszka
+- Add arch guards in files section for kernel-tools subpackage
+
 * Sun Jan 22 2012 Josh Boyer <jwboyer at redhat.com> - 3.3.0-0.rc1.git0.3
 - Disable NVME as it doesn't build on 32-bit
 
diff --git a/mac80211-fix-work-removal-on-deauth-request.patch b/mac80211-fix-work-removal-on-deauth-request.patch
new file mode 100644
index 0000000..60b91d3
--- /dev/null
+++ b/mac80211-fix-work-removal-on-deauth-request.patch
@@ -0,0 +1,154 @@
+Path: news.gmane.org!not-for-mail
+From: Johannes Berg <johannes-cdvu00un1VgdHxzADdlk8Q at public.gmane.org>
+Newsgroups: gmane.linux.kernel.wireless.general
+Subject: [PATCH 3.3] mac80211: fix work removal on deauth request
+Date: Wed, 18 Jan 2012 14:10:25 +0100
+Lines: 107
+Approved: news at gmane.org
+Message-ID: <1326892225.4778.5.camel at jlt3.sipsolutions.net>
+NNTP-Posting-Host: lo.gmane.org
+Mime-Version: 1.0
+Content-Type: text/plain; charset="UTF-8"
+Content-Transfer-Encoding: 7bit
+X-Trace: dough.gmane.org 1326892249 18013 80.91.229.12 (18 Jan 2012 13:10:49 GMT)
+X-Complaints-To: usenet at dough.gmane.org
+NNTP-Posting-Date: Wed, 18 Jan 2012 13:10:49 +0000 (UTC)
+Cc: linux-wireless <linux-wireless-u79uwXL29TY76Z2rM5mHXA at public.gmane.org>,
+	Pontus Fuchs <pontus.fuchs-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
+To: John Linville <linville-2XuSBdqkA4R54TAoqtyWWQ at public.gmane.org>
+Original-X-From: linux-wireless-owner-u79uwXL29TY76Z2rM5mHXA at public.gmane.org Wed Jan 18 14:10:44 2012
+Return-path: <linux-wireless-owner-u79uwXL29TY76Z2rM5mHXA at public.gmane.org>
+Envelope-to: glkwg-linux-wireless-1dZseelyfdZg9hUCZPvPmw at public.gmane.org
+Original-Received: from vger.kernel.org ([209.132.180.67])
+	by lo.gmane.org with esmtp (Exim 4.69)
+	(envelope-from <linux-wireless-owner-u79uwXL29TY76Z2rM5mHXA at public.gmane.org>)
+	id 1RnVHo-00044l-Aq
+	for glkwg-linux-wireless-1dZseelyfdZg9hUCZPvPmw at public.gmane.org; Wed, 18 Jan 2012 14:10:44 +0100
+Original-Received: (majordomo-u79uwXL29TY76Z2rM5mHXA at public.gmane.org) by vger.kernel.org via listexpand
+	id S1757410Ab2ARNK3 (ORCPT
+	<rfc822;glkwg-linux-wireless at m.gmane.org>);
+	Wed, 18 Jan 2012 08:10:29 -0500
+Original-Received: from he.sipsolutions.net ([78.46.109.217]:45023 "EHLO
+	sipsolutions.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
+	with ESMTP id S1754365Ab2ARNK2 (ORCPT
+	<rfc822;linux-wireless-u79uwXL29TY76Z2rM5mHXA at public.gmane.org>);
+	Wed, 18 Jan 2012 08:10:28 -0500
+Original-Received: by sipsolutions.net with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32)
+	(Exim 4.77)
+	(envelope-from <johannes-cdvu00un1VgdHxzADdlk8Q at public.gmane.org>)
+	id 1RnVHW-0004hf-Lx; Wed, 18 Jan 2012 14:10:26 +0100
+X-Mailer: Evolution 2.30.3 
+Original-Sender: linux-wireless-owner-u79uwXL29TY76Z2rM5mHXA at public.gmane.org
+Precedence: bulk
+List-ID: <linux-wireless.vger.kernel.org>
+X-Mailing-List: linux-wireless-u79uwXL29TY76Z2rM5mHXA at public.gmane.org
+Xref: news.gmane.org gmane.linux.kernel.wireless.general:84095
+Archived-At: <http://permalink.gmane.org/gmane.linux.kernel.wireless.general/84095>
+
+From: Johannes Berg <johannes.berg-ral2JQCrhuEAvxtiuMwx3w at public.gmane.org>
+
+When deauth is requested while an auth or assoc
+work item is in progress, we currently delete it
+without regard for any state it might need to
+clean up. Fix it by cleaning up for those items.
+
+In the case Pontus found, the problem manifested
+itself as such:
+
+authenticate with 00:23:69:aa:dd:7b (try 1)
+authenticated
+failed to insert Dummy STA entry for the AP (error -17)
+deauthenticating from 00:23:69:aa:dd:7b by local choice (reason=2)
+
+It could also happen differently if the driver
+uses the tx_sync callback.
+
+We can't just call the ->done() method of the work
+items because that will lock up due to the locking
+in cfg80211. This fix isn't very clean, but that
+seems acceptable since I have patches pending to
+remove this code completely.
+
+Cc: stable-u79uwXL29TY76Z2rM5mHXA at public.gmane.org
+Reported-by: Pontus Fuchs <pontus.fuchs-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
+Tested-by: Pontus Fuchs <pontus.fuchs-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
+Signed-off-by: Johannes Berg <johannes.berg-ral2JQCrhuEAvxtiuMwx3w at public.gmane.org>
+---
+ net/mac80211/mlme.c |   38 +++++++++++++++++++++++++++-----------
+ 1 file changed, 27 insertions(+), 11 deletions(-)
+
+--- a/net/mac80211/mlme.c	2012-01-18 14:04:33.000000000 +0100
++++ b/net/mac80211/mlme.c	2012-01-18 14:04:34.000000000 +0100
+@@ -2750,7 +2750,6 @@ int ieee80211_mgd_deauth(struct ieee8021
+ {
+ 	struct ieee80211_local *local = sdata->local;
+ 	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+-	struct ieee80211_work *wk;
+ 	u8 bssid[ETH_ALEN];
+ 	bool assoc_bss = false;
+ 
+@@ -2763,30 +2762,47 @@ int ieee80211_mgd_deauth(struct ieee8021
+ 		assoc_bss = true;
+ 	} else {
+ 		bool not_auth_yet = false;
++		struct ieee80211_work *tmp, *wk = NULL;
+ 
+ 		mutex_unlock(&ifmgd->mtx);
+ 
+ 		mutex_lock(&local->mtx);
+-		list_for_each_entry(wk, &local->work_list, list) {
+-			if (wk->sdata != sdata)
++		list_for_each_entry(tmp, &local->work_list, list) {
++			if (tmp->sdata != sdata)
+ 				continue;
+ 
+-			if (wk->type != IEEE80211_WORK_DIRECT_PROBE &&
+-			    wk->type != IEEE80211_WORK_AUTH &&
+-			    wk->type != IEEE80211_WORK_ASSOC &&
+-			    wk->type != IEEE80211_WORK_ASSOC_BEACON_WAIT)
++			if (tmp->type != IEEE80211_WORK_DIRECT_PROBE &&
++			    tmp->type != IEEE80211_WORK_AUTH &&
++			    tmp->type != IEEE80211_WORK_ASSOC &&
++			    tmp->type != IEEE80211_WORK_ASSOC_BEACON_WAIT)
+ 				continue;
+ 
+-			if (memcmp(req->bss->bssid, wk->filter_ta, ETH_ALEN))
++			if (memcmp(req->bss->bssid, tmp->filter_ta, ETH_ALEN))
+ 				continue;
+ 
+-			not_auth_yet = wk->type == IEEE80211_WORK_DIRECT_PROBE;
+-			list_del_rcu(&wk->list);
+-			free_work(wk);
++			not_auth_yet = tmp->type == IEEE80211_WORK_DIRECT_PROBE;
++			list_del_rcu(&tmp->list);
++			synchronize_rcu();
++			wk = tmp;
+ 			break;
+ 		}
+ 		mutex_unlock(&local->mtx);
+ 
++		if (wk && wk->type == IEEE80211_WORK_ASSOC) {
++			/* clean up dummy sta & TX sync */
++			sta_info_destroy_addr(wk->sdata, wk->filter_ta);
++			if (wk->assoc.synced)
++				drv_finish_tx_sync(local, wk->sdata,
++						   wk->filter_ta,
++						   IEEE80211_TX_SYNC_ASSOC);
++		} else if (wk && wk->type == IEEE80211_WORK_AUTH) {
++			if (wk->probe_auth.synced)
++				drv_finish_tx_sync(local, wk->sdata,
++						   wk->filter_ta,
++						   IEEE80211_TX_SYNC_AUTH);
++		}
++		kfree(wk);
++
+ 		/*
+ 		 * If somebody requests authentication and we haven't
+ 		 * sent out an auth frame yet there's no need to send
+
+
+--
+To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
+the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA at public.gmane.org
+More majordomo info at  http://vger.kernel.org/majordomo-info.html
+

More information about the scm-commits mailing list