From: Johannes Berg <johannes.berg@xxxxxxxxx>
This is needed since it calls into the driver, which must have the
same context as if we got to destroy an interface through nl80211.
Fix this, and add a direct lockdep assertion so we don't see it
pop up only when the driver calls back to cfg80211.
Fixes: a05829a7222e ("cfg80211: avoid holding the RTNL when calling the driver")
Reported-by: syzbot+4305e814f9b267131776@xxxxxxxxxxxxxxxxxxxxxxxxx
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
---
net/wireless/core.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/wireless/core.c b/net/wireless/core.c
index 200cd9f5fd5f..18f9a5c214b5 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -334,6 +334,7 @@ void cfg80211_destroy_ifaces(struct cfg80211_registered_device *rdev)
struct wireless_dev *wdev, *tmp;
ASSERT_RTNL();
+ lockdep_assert_wiphy(&rdev->wiphy);
list_for_each_entry_safe(wdev, tmp, &rdev->wiphy.wdev_list, list) {
if (wdev->nl_owner_dead)
@@ -349,7 +350,9 @@ static void cfg80211_destroy_iface_wk(struct work_struct *work)
destroy_work);
rtnl_lock();
+ wiphy_lock(&rdev->wiphy);
cfg80211_destroy_ifaces(rdev);
+ wiphy_unlock(&rdev->wiphy);
rtnl_unlock();
}
--
2.26.2
