This is a note to let you know that I've just added the patch titled
wifi: nl80211: fix deadlock in nl80211_set_cqm_rssi (6.6.x)
to the 6.6-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
wifi-nl80211-fix-deadlock-in-nl80211_set_cqm_rssi-6.6.x.patch
and it can be found in the queue-6.6 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From stable+bounces-6868-greg=kroah.com@xxxxxxxxxxxxxxx Sat Dec 16 06:57:02 2023
From: "Léo Lam" <leo@xxxxxxxxx>
Date: Sat, 16 Dec 2023 05:47:17 +0000
Subject: wifi: nl80211: fix deadlock in nl80211_set_cqm_rssi (6.6.x)
To: stable@xxxxxxxxxxxxxxx
Cc: "Léo Lam" <leo@xxxxxxxxx>, "Philip Müller" <philm@xxxxxxxxxxx>, "Johannes Berg" <johannes.berg@xxxxxxxxx>
Message-ID: <20231216054715.7729-4-leo@xxxxxxxxx>
From: "Léo Lam" <leo@xxxxxxxxx>
Commit 008afb9f3d57 ("wifi: cfg80211: fix CQM for non-range use"
backported to 6.6.x) causes nl80211_set_cqm_rssi not to release the
wdev lock in some of the error paths.
Of course, the ensuing deadlock causes userland network managers to
break pretty badly, and on typical systems this also causes lockups on
on suspend, poweroff and reboot. See [1], [2], [3] for example reports.
The upstream commit 7e7efdda6adb ("wifi: cfg80211: fix CQM for non-range
use"), committed in November 2023, is completely fine because there was
another commit in August 2023 that removed the wdev lock:
see commit 076fc8775daf ("wifi: cfg80211: remove wdev mutex").
The reason things broke in 6.6.5 is that commit 4338058f6009 was applied
without also applying 076fc8775daf.
Commit 076fc8775daf ("wifi: cfg80211: remove wdev mutex") is a rather
large commit; adjusting the error handling (which is what this commit does)
yields a much simpler patch and was tested to work properly.
Fix the deadlock by releasing the lock before returning.
[1] https://bugzilla.kernel.org/show_bug.cgi?id=218247
[2] https://bbs.archlinux.org/viewtopic.php?id=290976
[3] https://lore.kernel.org/all/87sf4belmm.fsf@xxxxxxxxxxxxx/
Link: https://lore.kernel.org/stable/e374bb16-5b13-44cc-b11a-2f4eefb1ecf5@xxxxxxxxxxx/
Fixes: 008afb9f3d57 ("wifi: cfg80211: fix CQM for non-range use")
Tested-by: "Léo Lam" <leo@xxxxxxxxx>
Tested-by: Philip Müller <philm@xxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Cc: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: "Léo Lam" <leo@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/wireless/nl80211.c | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -12906,17 +12906,23 @@ static int nl80211_set_cqm_rssi(struct g
lockdep_is_held(&wdev->mtx));
/* if already disabled just succeed */
- if (!n_thresholds && !old)
- return 0;
+ if (!n_thresholds && !old) {
+ err = 0;
+ goto unlock;
+ }
if (n_thresholds > 1) {
if (!wiphy_ext_feature_isset(&rdev->wiphy,
NL80211_EXT_FEATURE_CQM_RSSI_LIST) ||
- !rdev->ops->set_cqm_rssi_range_config)
- return -EOPNOTSUPP;
+ !rdev->ops->set_cqm_rssi_range_config) {
+ err = -EOPNOTSUPP;
+ goto unlock;
+ }
} else {
- if (!rdev->ops->set_cqm_rssi_config)
- return -EOPNOTSUPP;
+ if (!rdev->ops->set_cqm_rssi_config) {
+ err = -EOPNOTSUPP;
+ goto unlock;
+ }
}
if (n_thresholds) {
Patches currently in stable-queue which might be from kroah.com@xxxxxxxxxxxxxxx are
queue-6.6/wifi-nl80211-fix-deadlock-in-nl80211_set_cqm_rssi-6.6.x.patch
