mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection

This is needed since it might use (and pass out) pointers to
e.g. keys protected by RCU. Can't really happen here as the
frames aren't encrypted, but we need to still adhere to the
rules.

Fixes: cacfddf82b ("mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Link: https://lore.kernel.org/r/20220505230421.5f139f9de173.I77ae111a28f7c0e9fd1ebcee7f39dbec5c606770@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
Johannes Berg 2022-05-05 23:04:22 +02:00
Родитель a59d55568d
Коммит 9e2db50f1e
1 изменённых файлов: 3 добавлений и 0 удалений

Просмотреть файл

@ -2478,11 +2478,13 @@ static void hw_scan_work(struct work_struct *work)
if (req->ie_len) if (req->ie_len)
skb_put_data(probe, req->ie, req->ie_len); skb_put_data(probe, req->ie, req->ie_len);
rcu_read_lock();
if (!ieee80211_tx_prepare_skb(hwsim->hw, if (!ieee80211_tx_prepare_skb(hwsim->hw,
hwsim->hw_scan_vif, hwsim->hw_scan_vif,
probe, probe,
hwsim->tmp_chan->band, hwsim->tmp_chan->band,
NULL)) { NULL)) {
rcu_read_unlock();
kfree_skb(probe); kfree_skb(probe);
continue; continue;
} }
@ -2490,6 +2492,7 @@ static void hw_scan_work(struct work_struct *work)
local_bh_disable(); local_bh_disable();
mac80211_hwsim_tx_frame(hwsim->hw, probe, mac80211_hwsim_tx_frame(hwsim->hw, probe,
hwsim->tmp_chan); hwsim->tmp_chan);
rcu_read_unlock();
local_bh_enable(); local_bh_enable();
} }
} }