Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / d0709a65181beb787ef3f58cfe45536a2bb254c8^! / . / net / mac80211 / mesh.h
commitd0709a65181beb787ef3f58cfe45536a2bb254c8[log] [tgz]
authorJohannes Berg <johannes@sipsolutions.net>Mon Feb 25 16:27:46 2008 +0100
committerJohn W. Linville <linville@tuxdriver.com>Thu Mar 06 15:30:46 2008 -0500
tree29e5f36583b0e0a3f11b291347e57672eab41dad
parent5cf121c3cdb955583bf0c5d28c992b7968a4aa1a [diff] [blame]
mac80211: RCU-ify STA info structure access

This makes access to the STA hash table/list use RCU to protect
against freeing of items. However, it's not a true RCU, the
copy step is missing: whenever somebody changes a STA item it
is simply updated. This is an existing race condition that is
now somewhat understandable.

This patch also fixes the race key freeing vs. STA destruction
by making sure that sta_info_destroy() is always called under
RTNL and frees the key.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index d565b3f..576eee8 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h

@@ -65,9 +65,10 @@
  * @state_lock: mesh pat state lock
  *
  *
- * The combination of dst and dev is unique in the mesh path table. A reference
- * to the next_hop sta will be kept and in case this sta is removed, the
- * mesh_path structure must be also removed or substitued in a rcu safe way
+ * The combination of dst and dev is unique in the mesh path table. Since the
+ * next_hop STA is only protected by RCU as well, deleting the STA must also
+ * remove/substitute the mesh_path structure and wait until that is no longer
+ * reachable before destroying the STA completely.
  */
 struct mesh_path {
 	u8 dst[ETH_ALEN];
@@ -230,8 +231,9 @@
 		bool add);
 bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie,
 			      struct net_device *dev);
-void mesh_accept_plinks_update(struct net_device *dev);
-struct sta_info *mesh_plink_add(u8 *hw_addr, u64 rates, struct net_device *dev);
+void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata);
+struct sta_info *mesh_plink_add(u8 *hw_addr, u64 rates,
+				struct ieee80211_sub_if_data *sdata);
 void mesh_plink_broken(struct sta_info *sta);
 void mesh_plink_deactivate(struct sta_info *sta);
 int mesh_plink_open(struct sta_info *sta);
@@ -254,7 +256,7 @@
 void mesh_path_tx_pending(struct mesh_path *mpath);
 int mesh_pathtbl_init(void);
 void mesh_pathtbl_unregister(void);
-int mesh_path_del(u8 *addr, struct net_device *dev);
+int mesh_path_del(u8 *addr, struct net_device *dev, bool force);
 void mesh_path_timer(unsigned long data);
 void mesh_path_flush_by_nexthop(struct sta_info *sta);
 void mesh_path_discard_frame(struct sk_buff *skb, struct net_device *dev);
@@ -270,7 +272,7 @@
 
 static inline bool mesh_plink_availables(struct ieee80211_sub_if_data *sdata)
 {
-	return (min(mesh_plink_free_count(sdata),
+	return (min_t(long, mesh_plink_free_count(sdata),
 		   MESH_MAX_PLINKS - sdata->local->num_sta)) > 0;
 }