[RFC,v4] cfg80211: Android P2P-Device workaround

Message ID	CAFuUQkgTbf0959=xCUCA1AR-Vxv7Cj90GC4Ae7+BQUqme70ksQ@mail.gmail.com (mailing list archive)
State	Not Applicable, archived
Headers	show Return-Path: <linux-wireless-owner@vger.kernel.org> MIME-Version: 1.0 In-Reply-To: <1367922058.8328.2.camel@jlt4.sipsolutions.net> References: <1367238384-26722-1-git-send-email-johannes@sipsolutions.net> <51823A0E.8020005@broadcom.com> <1367489163.8298.2.camel@jlt4.sipsolutions.net> <5182BBD4.9010701@broadcom.com> <1367922058.8328.2.camel@jlt4.sipsolutions.net> Date: Thu, 23 May 2013 11:18:05 +0800 Message-ID: <CAFuUQkgTbf0959=xCUCA1AR-Vxv7Cj90GC4Ae7+BQUqme70ksQ@mail.gmail.com> Subject: Re: [RFC v4] cfg80211: Android P2P-Device workaround From: YanBo <dreamfly281@gmail.com> To: Johannes Berg <johannes@sipsolutions.net> Cc: Arend van Spriel <arend@broadcom.com>, linux-wireless <linux-wireless@vger.kernel.org> Content-Type: text/plain; charset=UTF-8 Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk

Message ID

CAFuUQkgTbf0959=xCUCA1AR-Vxv7Cj90GC4Ae7+BQUqme70ksQ@mail.gmail.com (mailing list archive)

State

Not Applicable, archived

Headers

MIME-Version: 1.0
In-Reply-To: <1367922058.8328.2.camel@jlt4.sipsolutions.net>
References: <1367238384-26722-1-git-send-email-johannes@sipsolutions.net>
	<51823A0E.8020005@broadcom.com>
	<1367489163.8298.2.camel@jlt4.sipsolutions.net>
	<5182BBD4.9010701@broadcom.com>
	<1367922058.8328.2.camel@jlt4.sipsolutions.net>
Date: Thu, 23 May 2013 11:18:05 +0800
Message-ID: <CAFuUQkgTbf0959=xCUCA1AR-Vxv7Cj90GC4Ae7+BQUqme70ksQ@mail.gmail.com>
Subject: Re: [RFC v4] cfg80211: Android P2P-Device workaround
From: YanBo <dreamfly281@gmail.com>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: Arend van Spriel <arend@broadcom.com>,
	linux-wireless <linux-wireless@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-wireless-owner@vger.kernel.org
Precedence: bulk

Commit Message

YanBo May 23, 2013, 3:18 a.m. UTC

After create the p2p0  wireless device. When call the
cfg80211_conn_work, it will crash cause this function will use
wdev->netdev which is invalid, below patch will skip the further
operation  when get the info if the wireless
device is P2P device. please review, thanks.

BR /Yanbo

From: Yanbo Li <dreamfly281@gmail.com>
Date: Thu, 23 May 2013 11:05:20 +0800
Subject: [PATCH] Add the P2P device condition at cfg80211_conn_work to avoid
 crash

Signed-off-by: Yanbo Li <dreamfly281@gmail.com>
---
 net/wireless/sme.c               |    6 ++++++
 1 files changed, 6 insertions(+)

--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Johannes Berg May 23, 2013, 9:40 a.m. UTC | #1

On Thu, 2013-05-23 at 11:18 +0800, YanBo wrote:
> After create the p2p0  wireless device. When call the
> cfg80211_conn_work

How is that getting called in the first place? I'm not saying there's no
bug, but your suggested fix is completely pointless, we shouldn't get
there.

johannes

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

YanBo May 23, 2013, 2:40 p.m. UTC | #2

It do make crash in my test. and the crash point to this sentence,
after apply this patch, the crash gone.

Step in my test to reproduce this crash (on one android phone )

1: Create the p2p devices
2: Wake up both p2p0 and wlan0.
3: iw wlan0 scan to get the scan AP
4: iw wlan0 connect SSID freq macaddress to connect a open AP
normally the crash will happened after step 4

BR /Yanbo

On Thu, May 23, 2013 at 5:40 PM, Johannes Berg
<johannes@sipsolutions.net> wrote:
> On Thu, 2013-05-23 at 11:18 +0800, YanBo wrote:
>> After create the p2p0  wireless device. When call the
>> cfg80211_conn_work
>
> How is that getting called in the first place? I'm not saying there's no
> bug, but your suggested fix is completely pointless, we shouldn't get
> there.
>
> johannes
>
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Johannes Berg May 23, 2013, 4:08 p.m. UTC | #3

On Thu, 2013-05-23 at 22:40 +0800, YanBo wrote:
> It do make crash in my test. and the crash point to this sentence,
> after apply this patch, the crash gone.
> 
> Step in my test to reproduce this crash (on one android phone )
> 
> 1: Create the p2p devices
> 2: Wake up both p2p0 and wlan0.
> 3: iw wlan0 scan to get the scan AP
> 4: iw wlan0 connect SSID freq macaddress to connect a open AP
> normally the crash will happened after step 4

Ok yeah I can reproduce this, it's entirely unrelated to this particular
patch but even upstream -- the function is missing a check
"wdev->netdev". I'll send a patch.

johannes

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 8019b39..232194c 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -232,6 +232,12 @@  void cfg80211_conn_work(struct work_struct *work)

     list_for_each_entry(wdev, &rdev->wdev_list, list) {
         wdev_lock(wdev);
+#ifdef CONFIG_CFG80211_ANDROID_P2P_HACK
+        if (wdev->iftype == NL80211_IFTYPE_P2P_DEVICE) {
+            wdev_unlock(wdev);
+            continue;
+        }
+#endif
         if (!netif_running(wdev->netdev)) {
             wdev_unlock(wdev);
             continue;

[RFC,v4] cfg80211: Android P2P-Device workaround

Commit Message

Comments

Patch