rt2x00: Fix for race condition while update beacon The patch "Implement set_tim callback for all drivers" can cause kernel oops in rt73usb_write_beacon. The oops is caused by one of the following race conditions: * In case of two near calls to set_tim: rt2x00lib_beacondone_iter is cleaning the beacon skb, whereas rt73usb_write_beacon is still using it. * In case of two near updates of beacon: first as the result of set_tim and second as the result of a call from an application (e.g. hostapd). This patch fixes the race condition by rearranging the update logic and guarding rt2x00_intf->beacon->skb with a mutex. Signed-off-by: Igor Perminov <igor.perminov@inbox.ru> Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>

commit: 17512dc3b7fc9ff1a60d3748ce87c323df507c3d [log] [tgz]
author: Igor Perminov <igor.perminov@inbox.ru> Sat Aug 08 23:55:18 2009 +0200
committer: John W. Linville <linville@tuxdriver.com> Fri Aug 14 09:13:53 2009 -0400
tree: 1ad4c98c3c653571552156116ce639c6e0aa2789
parent: 66679a65efffffb62dc2650960b3aff758d575f9 [diff] [blame]
diff --git a/drivers/net/wireless/rt2x00/rt2x00.h b/drivers/net/wireless/rt2x00/rt2x00.h
index e6e73be..7c74c4e 100644
--- a/drivers/net/wireless/rt2x00/rt2x00.h
+++ b/drivers/net/wireless/rt2x00/rt2x00.h

@@ -334,6 +334,11 @@
 	u8 bssid[ETH_ALEN];
 
 	/*
+	 * beacon->skb must be protected with the mutex.
+	 */
+	struct mutex beacon_skb_mutex;
+
+	/*
 	 * Entry in the beacon queue which belongs to
 	 * this interface. Each interface has its own
 	 * dedicated beacon entry.
commit	17512dc3b7fc9ff1a60d3748ce87c323df507c3d	[log] [tgz]
author	Igor Perminov <igor.perminov@inbox.ru>	Sat Aug 08 23:55:18 2009 +0200
committer	John W. Linville <linville@tuxdriver.com>	Fri Aug 14 09:13:53 2009 -0400
tree	1ad4c98c3c653571552156116ce639c6e0aa2789
parent	66679a65efffffb62dc2650960b3aff758d575f9 [diff] [blame]