[Meego-kernel] [PATCH] ar6003 : fix target assertion in CFG80211 case
Chang, Samuel
samuelc at qca.qualcomm.com
Mon Jun 6 14:16:54 PDT 2011
Subject: fix target assertion in cfg80211 case
1. originally the key usage with “GROUP_USAGE | TX_USAGE” but it should be only GROUP_USAGE when group key is WPA*-PSK.
2. Use ATOMIC flag instead of GFP_KERNEL to avoid potentail memory corruption
3. this issue can be reproduced easily during WPS process
Signed-off-by: Samuel Chang <samuelc at qca.qualcomm.com>
diff -ruN kernel-2.6.37.6-11.5/drivers/staging/ar6003/os/linux/cfg80211.c kernel-2.6.37.6-11.5_cfg80211_target_assertion/drivers/staging/ar6003/os/linux/cfg80211.c
--- kernel-2.6.37.6-11.5/drivers/staging/ar6003/os/linux/cfg80211.c 2011-05-27 06:17:00.000000000 +0800
+++ kernel-2.6.37.6-11.5_cfg80211_target_assertion/drivers/staging/ar6003/os/linux/cfg80211.c 2011-06-07 05:03:47.041877851 +0800
@@ -245,6 +245,7 @@
AR_SOFTC_T *ar = arPriv->arSoftc;
AR_SOFTC_STA_T *arSta = &arPriv->arSta;
A_STATUS status;
+ A_UINT8 keyUsage = 0;
AR_DEBUG_PRINTF(ATH_DEBUG_INFO, ("%s: \n", __func__));
@@ -372,14 +373,19 @@
key->cipher = arPriv->arPairwiseCrypto;
arPriv->arDefTxKeyIndex = sme->key_idx;
- wmi_addKey_cmd(arPriv->arWmi, sme->key_idx,
- arPriv->arPairwiseCrypto,
- GROUP_USAGE | TX_USAGE,
- key->key_len,
- NULL,
- key->key, KEY_OP_INIT_VAL, NULL,
- NO_SYNC_WMIFLAG);
- }
+ if (arPriv->arAuthMode & (WPA_PSK_AUTH | WPA2_PSK_AUTH))
+ keyUsage = GROUP_USAGE;
+ else
+ keyUsage = GROUP_USAGE | TX_USAGE;
+
+ wmi_addKey_cmd(arPriv->arWmi, sme->key_idx,
+ arPriv->arPairwiseCrypto,
+ keyUsage,
+ key->key_len,
+ NULL,
+ key->key, KEY_OP_INIT_VAL, NULL,
+ NO_SYNC_WMIFLAG);
+ }
if (!arSta->arUserBssFilter) {
if (wmi_bssfilter_cmd(arPriv->arWmi, ALL_BSS_FILTER, 0) != A_OK) {
@@ -557,13 +563,13 @@
bss = cfg80211_inform_bss_frame(arPriv->wdev->wiphy,
ibss_channel, mgmt,
le16_to_cpu(size),
- signal, GFP_KERNEL);
+ signal, GFP_ATOMIC);
A_FREE(ieeemgmtbuf);
cfg80211_put_bss(bss);
}
if((ADHOC_NETWORK & networkType)) {
- cfg80211_ibss_joined(arPriv->arNetDev, bssid, GFP_KERNEL);
+ cfg80211_ibss_joined(arPriv->arNetDev, bssid, GFP_ATOMIC);
return;
}
@@ -572,13 +578,13 @@
cfg80211_connect_result(arPriv->arNetDev, bssid,
assocReqIe, assocReqLen,
assocRespIe, assocRespLen,
- WLAN_STATUS_SUCCESS, GFP_KERNEL);
+ WLAN_STATUS_SUCCESS, GFP_ATOMIC);
} else {
/* inform roam event to cfg80211 */
cfg80211_roamed(arPriv->arNetDev, bssid,
assocReqIe, assocReqLen,
assocRespIe, assocRespLen,
- GFP_KERNEL);
+ GFP_ATOMIC);
}
}
@@ -640,7 +646,7 @@
return;
}
A_MEMZERO(bssid, ETH_ALEN);
- cfg80211_ibss_joined(arPriv->arNetDev, bssid, GFP_KERNEL);
+ cfg80211_ibss_joined(arPriv->arNetDev, bssid, GFP_ATOMIC);
return;
}
@@ -659,11 +665,11 @@
NULL, 0,
NULL, 0,
WLAN_STATUS_UNSPECIFIED_FAILURE,
- GFP_KERNEL);
+ GFP_ATOMIC);
}
} else {
/* connection loss due to disconnect cmd or low rssi */
- cfg80211_disconnected(arPriv->arNetDev, reason, NULL, 0, GFP_KERNEL);
+ cfg80211_disconnected(arPriv->arNetDev, reason, NULL, 0, GFP_ATOMIC);
}
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ar6003_cfg80211_target_assertion.patch
Type: text/x-patch
Size: 3922 bytes
Desc: ar6003_cfg80211_target_assertion.patch
URL: <http://lists.meego.com/pipermail/meego-kernel/attachments/20110606/20a8001d/attachment.bin>
More information about the MeeGo-kernel
mailing list