linux/net/mac80211
Bob Copeland 1d6741d864 mac80211: mesh: fix premature update of rc stats
The mesh_neighbour_update() function, queued via beacon rx, can race with
userspace creating the same station.  If the station already exists by the
time mesh_neighbour_update() is called, the function wrongly assumes rate
control has been initialized and calls rate_control_rate_update(), which
in turn calls into the driver.

Updating the rate control before it has been initialized can cause a
crash in some drivers, for example this firmware crash in ath10k due
to sta->rx_nss being 0:

[ 3078.088247] mesh0: Inserted STA 5c:e2:8c:f1:ab:ba
[ 3078.258407] ath10k_pci 0000:0d:00.0: firmware crashed! (uuid d6ed5961-93cc-4d61-803f-5eda55bb8643)
[ 3078.258421] ath10k_pci 0000:0d:00.0: qca988x hw2.0 target 0x4100016c chip_id 0x043202ff sub 0000:0000
[ 3078.258426] ath10k_pci 0000:0d:00.0: kconfig debug 1 debugfs 1 tracing 1 dfs 0 testmode 0
[ 3078.258608] ath10k_pci 0000:0d:00.0: firmware ver 10.2.4.70.59-2 api 5 features no-p2p,raw-mode,mfp crc32 4159f498
[ 3078.258613] ath10k_pci 0000:0d:00.0: board_file api 1 bmi_id N/A crc32 bebc7c08
[ 3078.258617] ath10k_pci 0000:0d:00.0: htt-ver 2.1 wmi-op 5 htt-op 2 cal otp max-sta 128 raw 0 hwcrypto 1
[ 3078.260627] ath10k_pci 0000:0d:00.0: firmware register dump:
[ 3078.260640] ath10k_pci 0000:0d:00.0: [00]: 0x4100016C 0x000015B3 0x009A31BB 0x00955B31
[ 3078.260647] ath10k_pci 0000:0d:00.0: [04]: 0x009A31BB 0x00060130 0x00000008 0x00000007
[ 3078.260652] ath10k_pci 0000:0d:00.0: [08]: 0x00000000 0x00955B31 0x00000000 0x0040F89E
[ 3078.260656] ath10k_pci 0000:0d:00.0: [12]: 0x00000009 0xFFFFFFFF 0x009580F5 0x00958117
[ 3078.260660] ath10k_pci 0000:0d:00.0: [16]: 0x00958080 0x0094085D 0x00000000 0x00000000
[ 3078.260664] ath10k_pci 0000:0d:00.0: [20]: 0x409A31BB 0x0040AA84 0x00000002 0x00000001
[ 3078.260669] ath10k_pci 0000:0d:00.0: [24]: 0x809A2B8D 0x0040AAE4 0x00000088 0xC09A31BB
[ 3078.260673] ath10k_pci 0000:0d:00.0: [28]: 0x809898C8 0x0040AB04 0x0043F91C 0x009C6458
[ 3078.260677] ath10k_pci 0000:0d:00.0: [32]: 0x809B66AC 0x0040AB34 0x009C6458 0x0043F91C
[ 3078.260686] ath10k_pci 0000:0d:00.0: [36]: 0x809B2824 0x0040ADA4 0x00400000 0x00416EB4
[ 3078.260692] ath10k_pci 0000:0d:00.0: [40]: 0x809C07D9 0x0040ADE4 0x0040AE08 0x00412028
[ 3078.260696] ath10k_pci 0000:0d:00.0: [44]: 0x809486FA 0x0040AE04 0x00000001 0x00000000
[ 3078.260700] ath10k_pci 0000:0d:00.0: [48]: 0x80948E2C 0x0040AEA4 0x0041F4F0 0x00412634
[ 3078.260704] ath10k_pci 0000:0d:00.0: [52]: 0x809BFC39 0x0040AEC4 0x0041F4F0 0x00000001
[ 3078.260709] ath10k_pci 0000:0d:00.0: [56]: 0x80940F18 0x0040AF14 0x00000010 0x00403AC0
[ 3078.284130] ath10k_pci 0000:0d:00.0: failed to to request monitor vdev 1 stop: -108

Fix this by checking whether the sta has already initialized rate control
using the flag for that purpose.  We can also drop the unnecessary insert
parameter here.

Signed-off-by: Bob Copeland <bobcopeland@fb.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-05-18 10:02:28 +02:00
..
aead_api.c mac80211: use crypto_aead_authsize() 2017-10-11 15:46:45 +02:00
aead_api.h mac80211: aead api to reduce redundancy 2017-10-11 09:37:35 +02:00
aes_ccm.h mac80211: aead api to reduce redundancy 2017-10-11 09:37:35 +02:00
aes_cmac.c
aes_cmac.h
aes_gcm.h mac80211: aead api to reduce redundancy 2017-10-11 09:37:35 +02:00
aes_gmac.c
aes_gmac.h
agg-rx.c mac80211: agg-rx: Accept ADDBA request update if timeout did not change 2018-02-27 11:06:04 +01:00
agg-tx.c mac80211: use timeout from the AddBA response instead of the request 2018-05-07 20:35:15 +02:00
cfg.c mac80211: Send control port frames over nl80211 2018-03-29 14:08:30 +02:00
chan.c
debug.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_key.c
debugfs_key.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_netdev.c networking: convert many more places to skb_put_zero() 2017-06-16 11:48:35 -04:00
debugfs_netdev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs_sta.c mac80211: Add txq flags to debugfs 2018-01-31 12:57:24 +01:00
debugfs_sta.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-03-23 11:31:58 -04:00
debugfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
driver-ops.c
driver-ops.h mac80211: Fix setting TX power on monitor interfaces 2018-01-04 15:27:48 +01:00
ethtool.c
fils_aead.c
fils_aead.h
ht.c mac80211: Use proper smps_mode enum in sta opmode event 2018-03-29 10:19:55 +02:00
ibss.c mac80211: Send control port frames over nl80211 2018-03-29 14:08:30 +02:00
ieee80211_i.h mac80211: Send control port frames over nl80211 2018-03-29 14:08:30 +02:00
iface.c mac80211: Send control port frames over nl80211 2018-03-29 14:08:30 +02:00
Kconfig
key.c mac80211: allow AP_VLAN operation on crypto controlled devices 2018-03-29 11:35:22 +02:00
key.h
led.c mac80211: Convert timers to use timer_setup() 2017-11-20 16:55:11 +01:00
led.h
main.c mac80211: Send control port frames over nl80211 2018-03-29 14:08:30 +02:00
Makefile Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
mesh_hwmp.c mac80211: mark expected switch fall-throughs 2017-12-11 12:16:04 +01:00
mesh_pathtbl.c rhashtable: Change rhashtable_walk_start to return void 2017-12-11 09:58:38 -05:00
mesh_plink.c mac80211: mesh: fix premature update of rc stats 2018-05-18 10:02:28 +02:00
mesh_ps.c networking: make skb_put & friends return void pointers 2017-06-16 11:48:39 -04:00
mesh_sync.c
mesh.c mac80211: notify driver for change in multicast rates 2018-03-23 13:23:17 +01:00
mesh.h mac80211: Convert timers to use timer_setup() 2017-11-20 16:55:11 +01:00
michael.c mac80211: add get TID helper 2018-02-22 21:13:03 +01:00
michael.h
mlme.c mac80211: Adjust SAE authentication timeout 2018-05-07 16:04:02 +02:00
ocb.c mac80211: Convert timers to use timer_setup() 2017-11-20 16:55:11 +01:00
offchannel.c mac80211: mark expected switch fall-throughs 2017-12-11 12:16:04 +01:00
pm.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rate.c mac80211: Dynamically set CoDel parameters per station 2017-05-17 16:03:40 +02:00
rate.h mac80211: make rate control tx status API more extensible 2017-04-28 10:57:33 +02:00
rc80211_minstrel_debugfs.c net: Use octal not symbolic permissions 2018-03-26 12:07:48 -04:00
rc80211_minstrel_ht_debugfs.c net: Use octal not symbolic permissions 2018-03-26 12:07:48 -04:00
rc80211_minstrel_ht.c mac80211: add get TID helper 2018-02-22 21:13:03 +01:00
rc80211_minstrel_ht.h
rc80211_minstrel.c net: Use octal not symbolic permissions 2018-03-26 12:07:48 -04:00
rc80211_minstrel.h
rx.c mac80211: Send control port frames over nl80211 2018-03-29 14:08:30 +02:00
scan.c mac80211: inform wireless layer when frame RSSI is invalid 2018-03-21 11:27:11 +01:00
spectmgmt.c mac80211: Do not disconnect on invalid operating class 2018-02-19 14:53:14 +01:00
sta_info.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-02-24 00:04:20 -05:00
sta_info.h mac80211: Add tx ack signal support in sta info 2018-02-19 13:22:28 +01:00
status.c mac80211: Add tx ack signal support in sta info 2018-02-19 13:22:28 +01:00
tdls.c mac80211: enable TDLS peer buffer STA feature 2017-12-11 12:16:05 +01:00
tkip.c
tkip.h
trace_msg.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.h Revert "mac80211: Add TXQ scheduling API" 2017-12-19 10:12:48 +01:00
tx.c mac80211: use timeout from the AddBA response instead of the request 2018-05-07 20:35:15 +02:00
util.c mac80211: limit wmm params to comply with ETSI requirements 2018-03-29 11:11:50 +02:00
vht.c mac80211: Use proper chan_width enum in sta opmode event 2018-03-29 10:19:59 +02:00
wep.c
wep.h
wme.c mac80211: mark expected switch fall-throughs 2017-12-11 12:16:04 +01:00
wme.h
wpa.c mac80211: add get TID helper 2018-02-22 21:13:03 +01:00
wpa.h