Both nl80211_new_interface and cfg80211_netdev_notifier_call hold the
same wiphy_lock, then cause deadlock.
The main call stack as bellow:
nl80211_new_interface() takes wiphy_lock
-> _nl80211_new_interface:
-> rdev_add_virtual_intf
-> rdev->ops->add_virtual_intf
-> register_netdevice
-> call_netdevice_notifiers(NETDEV_REGISTER, dev);
-> call_netdevice_notifiers_extack
-> call_netdevice_notifiers_info
-> raw_notifier_call_chain
-> cfg80211_netdev_notifier_call
-> wiphy_lock(&rdev->wiphy), cfg80211_register_wdev
Fixes: ea6b2098dd02 ("cfg80211: fix locking in netlink owner interface destruction")
Signed-off-by: Aran Dalton <arda@xxxxxxxxxxxxxxxxx>
---
net/wireless/nl80211.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 2705e3ee8fc4..bdacddc3ffa3 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -4260,9 +4260,7 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
/* to avoid failing a new interface creation due to pending removal */
cfg80211_destroy_ifaces(rdev);
- wiphy_lock(&rdev->wiphy);
ret = _nl80211_new_interface(skb, info);
- wiphy_unlock(&rdev->wiphy);
return ret;
}
--
2.29.0
