From patchwork Wed Jul 13 09:44:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Johannes Berg X-Patchwork-Id: 590798 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AF4ECCCA479 for ; Wed, 13 Jul 2022 09:46:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234717AbiGMJql (ORCPT ); Wed, 13 Jul 2022 05:46:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36714 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236029AbiGMJph (ORCPT ); Wed, 13 Jul 2022 05:45:37 -0400 Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:191:4433::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 71EE7F788A for ; Wed, 13 Jul 2022 02:45:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=Content-Transfer-Encoding:MIME-Version: References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Content-Type:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=gXqTGi2IeP86rpocotb869fVQKLe3fgrQDvRIYonHxs=; t=1657705527; x=1658915127; b=uLEAZGUtmX/H2MB1cGstKFQQ0NXb80G9qXj4IvV+cdpkXwc hRhRmnwKYUdhqnJlfzlkZ4Lg6nQ6AjfwC3ndZ9Wp3GfiWy3PlGrlh3pSYQI39P66IgucGn+julytC qgk6W3axIY5KnGN5S/FRXBHe5DxK1tGFv4VuHqtkDEmGTYPy6wfZpCmdk/E/Lvl7fG6j2wCxPwESa 18FbFeapt5jICFp2EWVc81fqDSCk0APudGtBQKBtHXA3psVQZy+Wea1stZ3F8IebK6W8lImz6rL+p xnXb52ptlRSG4QImTlndM6G1MbBxrJcUb6xge51lf/VapiTbeS3F2mvWq8dAFh8Q==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.95) (envelope-from ) id 1oBYvt-00EgvB-Cz; Wed, 13 Jul 2022 11:45:25 +0200 From: Johannes Berg To: linux-wireless@vger.kernel.org Cc: Johannes Berg Subject: [PATCH 59/76] wifi: mac80211: fix link manipulation Date: Wed, 13 Jul 2022 11:44:45 +0200 Message-Id: <20220713114426.d26055298480.Id13d50b4dd1ea6298282e4414611822996bba284@changeid> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220713094502.163926-1-johannes@sipsolutions.net> References: <20220713094502.163926-1-johannes@sipsolutions.net> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org From: Johannes Berg When we add non-deflink pointers, we need to remove the link[0] pointer to deflink in case link[0] is not valid afterwards. Also, we need to add that back when there are no more valid links. Reorg the code to fix that. Signed-off-by: Johannes Berg --- net/mac80211/iface.c | 44 ++++++++++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c index fc5869f40279..271fc81a5ea4 100644 --- a/net/mac80211/iface.c +++ b/net/mac80211/iface.c @@ -463,6 +463,10 @@ static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata, if (old_links == new_links) return 0; + /* if there were no old links, need to clear the pointers to deflink */ + if (!old_links) + rem |= BIT(0); + /* allocate new link structures first */ for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { link = kzalloc(sizeof(*link), GFP_KERNEL); @@ -480,6 +484,22 @@ static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata, BUILD_BUG_ON(sizeof(old_data) != sizeof(sdata->link)); memcpy(old_data, sdata->link, sizeof(old_data)); + /* grab old links to free later */ + for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { + RCU_INIT_POINTER(sdata->link[link_id], NULL); + RCU_INIT_POINTER(sdata->vif.link_conf[link_id], NULL); + + if (rcu_access_pointer(sdata->link[link_id]) == &sdata->deflink) + continue; + /* + * we must have allocated the data through this path so + * we know we can free both at the same time + */ + to_free[link_id] = container_of(rcu_access_pointer(sdata->link[link_id]), + typeof(*links[link_id]), + data); + } + /* link them into data structures */ for_each_set_bit(link_id, &add, IEEE80211_MLD_MAX_NUM_LINKS) { WARN_ON(!use_deflink && @@ -490,10 +510,9 @@ static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata, ieee80211_link_setup(&link->data); } - for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { - RCU_INIT_POINTER(sdata->link[link_id], NULL); - RCU_INIT_POINTER(sdata->vif.link_conf[link_id], NULL); - } + if (new_links == 0) + ieee80211_link_init(sdata, -1, &sdata->deflink, + &sdata->vif.bss_conf); sdata->vif.valid_links = new_links; @@ -506,25 +525,14 @@ static int ieee80211_vif_update_links(struct ieee80211_sub_if_data *sdata, memcpy(sdata->link, old_data, sizeof(old_data)); memcpy(sdata->vif.link_conf, old, sizeof(old)); sdata->vif.valid_links = old_links; - /* and free the newly allocated links */ - goto deinit; + /* and free (only) the newly allocated links */ + memset(to_free, 0, sizeof(links)); + goto free; } /* use deflink/bss_conf again if and only if there are no more links */ use_deflink = new_links == 0; - for_each_set_bit(link_id, &rem, IEEE80211_MLD_MAX_NUM_LINKS) { - if (rcu_access_pointer(sdata->link[link_id]) == &sdata->deflink) - continue; - /* - * we must have allocated the data through this path so - * we know we can free both at the same time - */ - to_free[link_id] = container_of(rcu_access_pointer(sdata->link[link_id]), - typeof(*links[link_id]), - data); - } - goto deinit; free: /* if we failed during allocation, only free all */