On Fri, May 22, 2015 at 05:43:51PM +0200, Alexander Aring wrote:
> This patch fixes an issue to set address configuration with ioctl.
> Accessing the mib requires rtnl lock and the ndo_do_ioctl doesn't hold
> the rtnl lock while this callback is called. This patch do that
> manually.
>
> Signed-off-by: Alexander Aring <alex.aring@xxxxxxxxx>
> Reported-by: Matteo Petracca <matteo.petracca@xxxxxxxx>
> Reviewed-by: Stefan Schmidt <stefan@xxxxxxxxxxxxxxx>
> ---
> net/mac802154/iface.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/net/mac802154/iface.c b/net/mac802154/iface.c
> index 91b75ab..2a58788 100644
> --- a/net/mac802154/iface.c
> +++ b/net/mac802154/iface.c
> @@ -62,8 +62,7 @@ mac802154_wpan_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
> (struct sockaddr_ieee802154 *)&ifr->ifr_addr;
> int err = -ENOIOCTLCMD;
>
> - ASSERT_RTNL();
> -
> + rtnl_lock();
> spin_lock_bh(&sdata->mib_lock);
>
> switch (cmd) {
> @@ -90,6 +89,7 @@ mac802154_wpan_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
> case SIOCSIFADDR:
> if (netif_running(dev)) {
> spin_unlock_bh(&sdata->mib_lock);
> + rtnl_unlock();
> return -EBUSY;
> }
>
> @@ -112,6 +112,7 @@ mac802154_wpan_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
> }
>
> spin_unlock_bh(&sdata->mib_lock);
> + rtnl_unlock();
> return err;
> }
This patch is causing rtnl recursion and deadlocks on my system.
A daemon running on my system (NetworkManager) tries calling
various wext ioctls on newly registered network interfaces,
including 802.15.4 interfaces, which are dispatched from dev_ioctl()
in net/core/dev_ioctl.c via wext_handle_ioctl() in
net/wireless/wext-core.c to wireless_process_ioctl() to
ioctl_standard_call() to ioctl_standard_iw_point() to
mac802154_wpan_ioctl(), and wext_ioctl_dispatch() does:
static int wext_ioctl_dispatch(struct net *net, struct ifreq *ifr,
unsigned int cmd, struct iw_request_info *info,
wext_ioctl_func standard,
wext_ioctl_func private)
{
int ret = wext_permission_check(cmd);
if (ret)
return ret;
dev_load(net, ifr->ifr_name);
rtnl_lock();
ret = wireless_process_ioctl(net, ifr, cmd, info, standard, private);
rtnl_unlock();
return ret;
}
leading to a double rtnl lock in mac802154_wpan_ioctl().
The easy fix would be to have mac802154_wpan_ioctl() check the ioctl
cmd before taking the rtnl -- I'm not too happy about the rtnl being
held or not held upon entry to a device ioctl depending on the ioctl
cmd and/or on who the caller is, but we might not be easily able to
change this...
--
To unsubscribe from this list: send the line "unsubscribe linux-wpan" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
