[PATCH 5.19 1150/1157] wifi: nl80211: acquire wdev mutex earlier in start_ap

From: Greg Kroah-Hartman
Date: Tue Aug 16 2022 - 00:57:20 EST

Next message: Greg Kroah-Hartman: "[PATCH 5.19 1120/1157] ext4: fix use-after-free in ext4_xattr_set_entry"
Previous message: Greg Kroah-Hartman: "[PATCH 5.19 1124/1157] Documentation: ext4: fix cell spacing of table heading on blockmap table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Johannes Berg <johannes.berg@xxxxxxxxx>

commit c2653990d5729a445296d6d04395be5dea8e282e upstream.

We need to hold the wdev mutex already in order to call
nl80211_parse_tx_bitrate_mask(), so acquire it earlier.

Fixes: 7b0a0e3c3a88 ("wifi: cfg80211: do some rework towards MLO link APIs")
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/wireless/nl80211.c | 25 +++++++++++++------------
1 file changed, 13 insertions(+), 12 deletions(-)

--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -5747,18 +5747,20 @@ static int nl80211_start_ap(struct sk_bu
goto out;
}

+ wdev_lock(wdev);
+
if (info->attrs[NL80211_ATTR_TX_RATES]) {
err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
NL80211_ATTR_TX_RATES,
&params->beacon_rate,
dev, false, link_id);
if (err)
- goto out;
+ goto out_unlock;

err = validate_beacon_tx_rate(rdev, params->chandef.chan->band,
&params->beacon_rate);
if (err)
- goto out;
+ goto out_unlock;
}

if (info->attrs[NL80211_ATTR_SMPS_MODE]) {
@@ -5771,19 +5773,19 @@ static int nl80211_start_ap(struct sk_bu
if (!(rdev->wiphy.features &
NL80211_FEATURE_STATIC_SMPS)) {
err = -EINVAL;
- goto out;
+ goto out_unlock;
}
break;
case NL80211_SMPS_DYNAMIC:
if (!(rdev->wiphy.features &
NL80211_FEATURE_DYNAMIC_SMPS)) {
err = -EINVAL;
- goto out;
+ goto out_unlock;
}
break;
default:
err = -EINVAL;
- goto out;
+ goto out_unlock;
}
} else {
params->smps_mode = NL80211_SMPS_OFF;
@@ -5792,7 +5794,7 @@ static int nl80211_start_ap(struct sk_bu
params->pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
if (params->pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
err = -EOPNOTSUPP;
- goto out;
+ goto out_unlock;
}

if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
@@ -5800,7 +5802,7 @@ static int nl80211_start_ap(struct sk_bu
if (IS_ERR(params->acl)) {
err = PTR_ERR(params->acl);
params->acl = NULL;
- goto out;
+ goto out_unlock;
}
}

@@ -5812,7 +5814,7 @@ static int nl80211_start_ap(struct sk_bu
info->attrs[NL80211_ATTR_HE_OBSS_PD],
&params->he_obss_pd);
if (err)
- goto out;
+ goto out_unlock;
}

if (info->attrs[NL80211_ATTR_FILS_DISCOVERY]) {
@@ -5820,7 +5822,7 @@ static int nl80211_start_ap(struct sk_bu
info->attrs[NL80211_ATTR_FILS_DISCOVERY],
params);
if (err)
- goto out;
+ goto out_unlock;
}

if (info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP]) {
@@ -5828,7 +5830,7 @@ static int nl80211_start_ap(struct sk_bu
rdev, info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP],
params);
if (err)
- goto out;
+ goto out_unlock;
}

if (info->attrs[NL80211_ATTR_MBSSID_CONFIG]) {
@@ -5839,7 +5841,7 @@ static int nl80211_start_ap(struct sk_bu
params->beacon.mbssid_ies->cnt :
0);
if (err)
- goto out;
+ goto out_unlock;
}

nl80211_calculate_ap_params(params);
@@ -5850,7 +5852,6 @@ static int nl80211_start_ap(struct sk_bu
else if (info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])
params->flags |= NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT;

- wdev_lock(wdev);
if (wdev->conn_owner_nlportid &&
info->attrs[NL80211_ATTR_SOCKET_OWNER] &&
wdev->conn_owner_nlportid != info->snd_portid) {

Next message: Greg Kroah-Hartman: "[PATCH 5.19 1120/1157] ext4: fix use-after-free in ext4_xattr_set_entry"
Previous message: Greg Kroah-Hartman: "[PATCH 5.19 1124/1157] Documentation: ext4: fix cell spacing of table heading on blockmap table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]