sta_info_cleanup locks the sta_list using rcu_read_lock however
the delete operation isn't rcu safe. A race between sta_info_cleanup
timer being called and a STA being removed can occur which leads
to a panic while traversing sta_list. Fix this by switching to the
RCU-safe versions.
Cc: stable@vge
On Sun, 2012-06-03 at 23:32 +0300, Arik Nemtsov wrote:
> sta_info_cleanup locks the sta_list using rcu_read_lock however
> the delete operation isn't rcu safe. A race between sta_info_cleanup
> timer being called and a STA being removed can occur which leads
> to a panic while traversing sta_list.
This is a note to let you know that I've just added the patch titled
mac80211: fix non RCU-safe sta_list manipulation
to the 3.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mac8021
