summaryrefslogtreecommitdiffstats
path: root/net/mac80211/mlme.c
diff options
context:
space:
mode:
authorRafael Mendonca <rafaelmendsr@gmail.com>2022-09-24 20:40:41 +0200
committerJohannes Berg <johannes.berg@intel.com>2022-09-27 10:33:51 +0200
commit883b8dc1a8766464d5bde4d97e1d7c795d990d31 (patch)
tree38e85cd1180ede7584b82ff36531ce5419731d24 /net/mac80211/mlme.c
parentwifi: mac80211: fix memory corruption in minstrel_ht_update_rates() (diff)
downloadlinux-883b8dc1a8766464d5bde4d97e1d7c795d990d31.tar.xz
linux-883b8dc1a8766464d5bde4d97e1d7c795d990d31.zip
wifi: mac80211: mlme: Fix missing unlock on beacon RX
Commit 98b0b467466c ("wifi: mac80211: mlme: use correct link_sta") switched to link station instead of deflink and added some checks to do that, which are done with the 'sta_mtx' mutex held. However, the error path of these checks does not unlock 'sta_mtx' before returning. Fixes: 98b0b467466c ("wifi: mac80211: mlme: use correct link_sta") Signed-off-by: Rafael Mendonca <rafaelmendsr@gmail.com> Link: https://lore.kernel.org/r/20220924184042.778676-1-rafaelmendsr@gmail.com Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to '')
-rw-r--r--net/mac80211/mlme.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 5265d2b6db12..c0fbffd9b153 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -5589,12 +5589,16 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_link_data *link,
mutex_lock(&local->sta_mtx);
sta = sta_info_get(sdata, sdata->vif.cfg.ap_addr);
- if (WARN_ON(!sta))
+ if (WARN_ON(!sta)) {
+ mutex_unlock(&local->sta_mtx);
goto free;
+ }
link_sta = rcu_dereference_protected(sta->link[link->link_id],
lockdep_is_held(&local->sta_mtx));
- if (WARN_ON(!link_sta))
+ if (WARN_ON(!link_sta)) {
+ mutex_unlock(&local->sta_mtx);
goto free;
+ }
changed |= ieee80211_recalc_twt_req(link, link_sta, elems);