[PATCH] mac80211: verify info->control.vif is not NULL

public inbox for linux-wireless@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] mac80211: verify info->control.vif is not NULL
@ 2009-07-27  8:33 Johannes Berg
  0 siblings, 0 replies; only message in thread
From: Johannes Berg @ 2009-07-27  8:33 UTC (permalink / raw)
  To: John Linville; +Cc: Pavel Roskin, linux-wireless

When enqueuing packets on the internal packet queue, we
need to ensure that we have a valid vif pointer since
that is required since the net namespace work. Add some
assertions to verify this, but also don't crash is for
some reason we don't end up with a vif pointer -- warn
and drop the packet in all these cases.

Since this code touches a number of hotpaths, it is
intended to be temporary, or maybe configurable in the
future, at least the bit that is in the path that gets
hit for every packet, ieee80211_tx_pending().

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
---
 net/mac80211/tx.c   |    5 +++++
 net/mac80211/util.c |   13 +++++++++++++
 2 files changed, 18 insertions(+)

--- wireless-testing.orig/net/mac80211/util.c	2009-07-27 10:24:01.000000000 +0200
+++ wireless-testing/net/mac80211/util.c	2009-07-27 10:25:14.000000000 +0200
@@ -336,6 +336,12 @@ void ieee80211_add_pending_skb(struct ie
 	struct ieee80211_hw *hw = &local->hw;
 	unsigned long flags;
 	int queue = skb_get_queue_mapping(skb);
+	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
+
+	if (WARN_ON(!info->control.vif)) {
+		kfree(skb);
+		return;
+	}
 
 	spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
 	__ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
@@ -358,6 +364,13 @@ int ieee80211_add_pending_skbs(struct ie
 			IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
 
 	while ((skb = skb_dequeue(skbs))) {
+		struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
+
+		if (WARN_ON(!info->control.vif)) {
+			kfree(skb);
+			continue;
+		}
+
 		ret++;
 		queue = skb_get_queue_mapping(skb);
 		__skb_queue_tail(&local->pending[queue], skb);
--- wireless-testing.orig/net/mac80211/tx.c	2009-07-27 10:23:12.000000000 +0200
+++ wireless-testing/net/mac80211/tx.c	2009-07-27 10:26:55.000000000 +0200
@@ -1889,6 +1889,11 @@ void ieee80211_tx_pending(unsigned long 
 			struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 			struct ieee80211_sub_if_data *sdata;
 
+			if (WARN_ON(!info->control.vif)) {
+				kfree_skb(skb);
+				continue;
+			}
+
 			sdata = vif_to_sdata(info->control.vif);
 			dev_hold(sdata->dev);
 			spin_unlock_irqrestore(&local->queue_stop_reason_lock,



^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2009-07-27  8:33 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-07-27  8:33 [PATCH] mac80211: verify info->control.vif is not NULL Johannes Berg

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox