skyfall/rtl8188eu
1
0
Fork 0
mirror of https://github.com/lwfinger/rtl8188eu.git synced 2025-07-05 21:06:02 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

rtl8188eu: Change some locking around rtw_get_sec_ie()

Browse source 
Routine rtw_get_sec_ie() appears to suffer from a bug triggered under
unusual circumstances. This bug is exposed by first sending a deauthentication
frame and at the same time sending a much larger frame. After doing some debugging
the cause of the lockup of the CPU was that while rtw_get_sec_ie() attempts to
read the beacon frame sent by the router/AP, the size of the beacon is changed
since it is a reference and not a copy. By having a "rogue" beacon frame being
very large which isn't normal and not considered in the design, the computer
was stuck in an endless CPU lockup.

Routine translate_scan(), which calls rtw_get_sec_ie() is protected by a
spinlock. Add that spinlock around other calls of the routine.

Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
This commit is contained in:
Larry Finger 2022-07-20 15:20:33 -05:00
parent 5f636ea7dd
commit 24b960c5c0
4 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
core/rtw_xmit.c
View file

@ -218,7 +218,6 @@ s32 _rtw_init_xmit_priv(struct xmit_priv *pxmitpriv, struct adapter *padapter)
pxmitpriv->ack_tx = false;
_rtw_mutex_init(&pxmitpriv->ack_tx_mutex);
rtw_sctx_init(&pxmitpriv->ack_tx_ops, 0);
rtw_hal_init_xmit_priv(padapter);
exit: