Search Linux Wireless

Re: [RFC 2/5] mac80211: handle TDLS high-level commands and frames

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2011-09-22 at 10:34 +0300, Arik Nemtsov wrote:

> > Also accessing u.mgd.associated as a bool like this is fine, but
> > obviously racy. How do we deal with that? Do we even tear down links
> > when disassociating, and do we even need to beyond just killing the
> > station entries?
> 
> We don't tear down links just before disassociating (there are too
> many corner cases here). We just disable the links post-factum.
> Killing the station entries won't help for packets meant to be sent
> over the AP. I guess we can take the mutex for a little extra safely
> (but it won't do much).
> 
> The race is even worse - from queuing until the actual Tx, we could
> have disconnected from this AP and connected do a totally different
> one. But this shouldn't happen in reality (and we can add some guards
> to wpa_supplicant to make sure).
> Do you see this as a security threat?

I don't really know :-) I just saw the possible race here. If you remove
the TDLS station entries when disassociating then it shouldn't be an
issue, right? Since you require a station entry pretty early on anyway.

johannes

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux