From: Luis R. Rodriguez <lrodriguez@atheros.com>
Date: Sun, 31 May 2009 22:24:34 +0000 (-0400)
Subject: cfg80211: fix for duplicate userspace replies
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=729e9c7663190d71fe5e29831634df80f38199c1;p=GitHub%2Fexynos8895%2Fandroid_kernel_samsung_universal8895.git

cfg80211: fix for duplicate userspace replies

This fixes an incorrect assumption (BUG_ON) made in
cfg80211 when handling country IE regulatory requests.
The assumption was that we won't try to call_crda()
twice for the same event and therefore we will not
recieve two replies through nl80211 for the regulatory
request. As it turns out it is true we don't call_crda()
twice for the same event, however, kobject_uevent_env()
*might* send the udev event twice and/or userspace can
simply process the udev event twice. We remove the BUG_ON()
and simply ignore the duplicate request.

For details refer to this thread:

http://marc.info/?l=linux-wireless&m=124149987921337&w=2

Cc: stable@kernel.org
Reported-by: Maxim Levitsky <maximlevitsky@gmail.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
---

diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index f87ac1df2df5..ea4c299fbe3b 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -2171,7 +2171,13 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
 	 * the country IE rd with what CRDA believes that country should have
 	 */
 
-	BUG_ON(!country_ie_regdomain);
+	/*
+	 * Userspace could have sent two replies with only
+	 * one kernel request. By the second reply we would have
+	 * already processed and consumed the country_ie_regdomain.
+	 */
+	if (!country_ie_regdomain)
+		return -EALREADY;
 	BUG_ON(rd == country_ie_regdomain);
 
 	/*