From: Johannes Berg Date: Tue, 6 Sep 2011 10:47:39 +0000 (+0200) Subject: mac80211: fix missing sta_lock in __sta_info_destroy X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=4bae7d976976fa52d345805ba686934cd548343e;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git mac80211: fix missing sta_lock in __sta_info_destroy Since my commit 34e895075e21be3e21e71d6317440d1ee7969ad0 ("mac80211: allow station add/remove to sleep") there is a race in mac80211 when it clears the TIM bit because a sleeping station disconnected, the spinlock isn't held around the relevant code any more. Use the right API to acquire the spinlock correctly. Cc: stable@kernel.org [2.6.34+] Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c index 3db78b696c5c..21070e9bc8d0 100644 --- a/net/mac80211/sta_info.c +++ b/net/mac80211/sta_info.c @@ -665,7 +665,7 @@ static int __must_check __sta_info_destroy(struct sta_info *sta) BUG_ON(!sdata->bss); atomic_dec(&sdata->bss->num_sta_ps); - __sta_info_clear_tim_bit(sdata->bss, sta); + sta_info_clear_tim_bit(sta); } local->num_sta--;