madwifi: fix some really evil noderef issues (fixes #3999)

author Felix Fietkau <nbd@openwrt.org>

Fri, 26 Sep 2008 20:09:17 +0000 (20:09 +0000)

committer Felix Fietkau <nbd@openwrt.org>

Fri, 26 Sep 2008 20:09:17 +0000 (20:09 +0000)
author Felix Fietkau <nbd@openwrt.org>
Fri, 26 Sep 2008 20:09:17 +0000 (20:09 +0000)
committer Felix Fietkau <nbd@openwrt.org>
Fri, 26 Sep 2008 20:09:17 +0000 (20:09 +0000)
diff --git a/package/madwifi/patches/380-noderef_fix.patch b/package/madwifi/patches/380-noderef_fix.patch

new file mode 100644 (file)

index 0000000..e3a6b46
--- /dev/null
+++ b/package/madwifi/patches/380-noderef_fix.patch
@@ -0,0 +1,58 @@
+--- a/net80211/ieee80211_node.c
++++ b/net80211/ieee80211_node.c
+@@ -316,7 +316,7 @@
+        */
+       ni = ieee80211_find_node(&ic->ic_sta, vap->iv_myaddr);
+       if (ni == NULL) {
+-              ni = ieee80211_alloc_node_table(vap, vap->iv_myaddr);
++              ni = ieee80211_alloc_node(vap, vap->iv_myaddr);
+               IEEE80211_DPRINTF(vap, IEEE80211_MSG_ASSOC,
+                                 "%s: ni:%p allocated for " MAC_FMT "\n",
+                                 __func__, ni, MAC_ADDR(vap->iv_myaddr));
+@@ -421,14 +421,14 @@
+       /* XXX multi-bss wrong */
+       ieee80211_reset_erp(ic, ic->ic_curmode);
+ 
+-      ni = ieee80211_alloc_node_table(vap, vap->iv_myaddr);
++      ni = ieee80211_alloc_node(vap, vap->iv_myaddr);
+       IEEE80211_DPRINTF(vap, IEEE80211_MSG_ASSOC,
+                         "%s: ni:%p allocated for " MAC_FMT "\n",
+                         __func__, ni, MAC_ADDR(vap->iv_myaddr));
+       KASSERT(ni != NULL, ("unable to setup inital BSS node"));
+ 
+       vap->iv_bss = PASS_NODE(ni);
+-      KASSERT((atomic_read(&vap->iv_bss->ni_refcnt) == 2), 
++      KASSERT((atomic_read(&vap->iv_bss->ni_refcnt) == 1),
+               ("wrong refcount for new node."));
+ 
+       if (obss != NULL) {
+@@ -630,6 +630,7 @@
+               ieee80211_fix_rate(selbs, IEEE80211_F_DODEL);
+       }
+ 
++      IEEE80211_VAPS_LOCK_BH(ic);
+       /*
+        * Committed to selbs, setup state.
+        */
+@@ -642,8 +643,9 @@
+               (vap->iv_state == IEEE80211_S_RUN) && bssid_equal(obss, selbs)); */
+       vap->iv_bss = selbs;
+       IEEE80211_ADDR_COPY(vap->iv_bssid, selbs->ni_bssid);
+-      if (obss != NULL)
++      if ((obss != NULL) && (obss != selbs))
+               ieee80211_unref_node(&obss);
++      IEEE80211_VAPS_UNLOCK_BH(ic);
+       ic->ic_bsschan = selbs->ni_chan;
+       ic->ic_curchan = ic->ic_bsschan;
+       ic->ic_curmode = ieee80211_chan2mode(ic->ic_curchan);
+--- a/net80211/ieee80211_input.c
++++ b/net80211/ieee80211_input.c
+@@ -3110,7 +3110,7 @@
+       u_int8_t qosinfo;
+ 
+       if (ni_or_null == NULL)
+-              ni = vap->iv_bss;
++              ni = ieee80211_ref_node(vap->iv_bss);
+ 
+       wh = (struct ieee80211_frame *) skb->data;
+       frm = (u_int8_t *)&wh[1];
diff --git a/package/madwifi/patches/401-changeset_r3602.patch b/package/madwifi/patches/401-changeset_r3602.patch

index 64780da120ebb26f2eb6812e4be8987f0a50d46c..2693d7a3688195167818812d50104f846db651b2 100644 (file)
--- a/package/madwifi/patches/401-changeset_r3602.patch
+++ b/package/madwifi/patches/401-changeset_r3602.patch
@@ -1,6 +1,6 @@
  --- a/net80211/ieee80211_linux.h
  +++ b/net80211/ieee80211_linux.h
-@@ -353,6 +353,8 @@
+@@ -341,6 +341,8 @@
   /* __skb_append got a third parameter in 2.6.14 */
   #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,14)
   #define __skb_append(a,b,c)   __skb_append(a, b)
author	Felix Fietkau <nbd@openwrt.org>
	Fri, 26 Sep 2008 20:09:17 +0000 (20:09 +0000)
committer	Felix Fietkau <nbd@openwrt.org>
	Fri, 26 Sep 2008 20:09:17 +0000 (20:09 +0000)
package/madwifi/patches/380-noderef_fix.patch	[new file with mode: 0644]	patch \| blob
package/madwifi/patches/401-changeset_r3602.patch		patch \| blob \| history