On Thu, 2012-07-12 at 12:00 +0200, Johannes Berg wrote: > > Ok the bug is this -- if we remove a wdev (that doesn't have a netdev), > > this change is obviously needed: Better just handle the special case, I'm rolling this into the patch "cfg80211: use wireless_dev for interface management": --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -2030,6 +2030,16 @@ static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) if (!rdev->ops->del_virtual_intf) return -EOPNOTSUPP; + /* + * If we remove a wireless device without a netdev then clear + * user_ptr[1] so that nl80211_post_doit won't dereference it + * to check if it needs to do dev_put(). Otherwise it crashes + * since the wdev has been freed, unlike with a netdev where + * we need the dev_put() for the netdev to really be freed. + */ + if (!wdev->netdev) + info->user_ptr[1] = NULL; + return rdev->ops->del_virtual_intf(&rdev->wiphy, wdev); } johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
