| Message ID | 1314649389-7115-2-git-send-email-javier@cozybit.com (mailing list archive) |
|---|---|
| State | Not Applicable, archived |
| Headers | show |
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c index 3c2bcb2..c92fd70 100644 --- a/net/mac80211/mesh_pathtbl.c +++ b/net/mac80211/mesh_pathtbl.c @@ -991,9 +991,14 @@ void mesh_path_discard_frame(struct sk_buff *skb, da = hdr->addr3; ra = hdr->addr1; + rcu_read_lock(); mpath = mesh_path_lookup(da, sdata); - if (mpath) + if (mpath) { + spin_lock_bh(&mpath->state_lock); sn = ++mpath->sn; + spin_unlock_bh(&mpath->state_lock); + } + rcu_read_unlock(); mesh_path_error_tx(sdata->u.mesh.mshcfg.element_ttl, skb->data, cpu_to_le32(sn), reason, ra, sdata); }
Reported by Pedro Larbig (ASPj) Signed-off-by: Javier Cardona <javier@cozybit.com> --- v2: - Extend the rcu_read_lock section to protect mpath (Johannes) - Take state lock when increasing mpath serial number (Johannes) net/mac80211/mesh_pathtbl.c | 7 ++++++- 1 files changed, 6 insertions(+), 1 deletions(-)