From 380a942b9177dcae1429fdd0f3639f92d9ab139d Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Fri, 4 Apr 2008 23:40:35 +0200 Subject: [PATCH] mac80211: fix ieee80211_ioctl_giwrate The ieee80211_ioctl_giwrate() ioctl handler doesn't rcu_read_lock() its access to the sta table, fix it. Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- net/mac80211/ieee80211_ioctl.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c index b047eebb6330..41130b303170 100644 --- a/net/mac80211/ieee80211_ioctl.c +++ b/net/mac80211/ieee80211_ioctl.c @@ -586,19 +586,25 @@ static int ieee80211_ioctl_giwrate(struct net_device *dev, sdata = IEEE80211_DEV_TO_SUB_IF(dev); - if (sdata->vif.type == IEEE80211_IF_TYPE_STA) - sta = sta_info_get(local, sdata->u.sta.bssid); - else + if (sdata->vif.type != IEEE80211_IF_TYPE_STA) return -EOPNOTSUPP; - if (!sta) - return -ENODEV; sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; - if (sta->txrate_idx < sband->n_bitrates) + rcu_read_lock(); + + sta = sta_info_get(local, sdata->u.sta.bssid); + + if (sta && sta->txrate_idx < sband->n_bitrates) rate->value = sband->bitrates[sta->txrate_idx].bitrate; else rate->value = 0; + + rcu_read_unlock(); + + if (!sta) + return -ENODEV; + rate->value *= 100000; return 0; -- 2.30.2