aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211/sta_info.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211/sta_info.c')
-rw-r--r--net/mac80211/sta_info.c33
1 files changed, 25 insertions, 8 deletions
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 42414b4..909fa38 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -31,13 +31,12 @@
* for faster lookup and a list for iteration. They are managed using
* RCU, i.e. access to the list and hash table is protected by RCU.
*
- * Upon allocating a STA info structure with sta_info_alloc() or
- * mesh_plink_alloc(), the caller owns that structure. It must then either
- * destroy it using sta_info_destroy() (which is pretty useless) or insert
- * it into the hash table using sta_info_insert() which demotes the reference
- * from ownership to a regular RCU-protected reference; if the function
- * is called without protection by an RCU critical section the reference
- * is instantly invalidated.
+ * Upon allocating a STA info structure with sta_info_alloc(), the caller owns
+ * that structure. It must then either destroy it using sta_info_destroy()
+ * (which is pretty useless) or insert it into the hash table using
+ * sta_info_insert() which demotes the reference from ownership to a regular
+ * RCU-protected reference; if the function is called without protection by an
+ * RCU critical section the reference is instantly invalidated.
*
* Because there are debugfs entries for each station, and adding those
* must be able to sleep, it is also possible to "pin" a station entry,
@@ -248,6 +247,12 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
+#ifdef CONFIG_MAC80211_MESH
+ sta->plink_state = LISTEN;
+ spin_lock_init(&sta->plink_lock);
+ init_timer(&sta->plink_timer);
+#endif
+
return sta;
}
@@ -258,7 +263,19 @@ int sta_info_insert(struct sta_info *sta)
unsigned long flags;
DECLARE_MAC_BUF(mac);
- WARN_ON(!netif_running(sdata->dev));
+ /*
+ * Can't be a WARN_ON because it can be triggered through a race:
+ * something inserts a STA (on one CPU) without holding the RTNL
+ * and another CPU turns off the net device.
+ */
+ if (unlikely(!netif_running(sdata->dev)))
+ return -ENETDOWN;
+
+ if (WARN_ON(compare_ether_addr(sta->addr, sdata->dev->dev_addr) == 0))
+ return -EINVAL;
+
+ if (WARN_ON(is_multicast_ether_addr(sta->addr)))
+ return -EINVAL;
spin_lock_irqsave(&local->sta_lock, flags);
/* check if STA exists already */