summaryrefslogtreecommitdiffstats
path: root/net/wireless/nl80211.c
diff options
context:
space:
mode:
authorJohannes Berg <johannes.berg@intel.com>2013-06-11 16:51:03 +0200
committerJohannes Berg <johannes.berg@intel.com>2013-06-11 16:52:39 +0200
commit940d0ac9dbe3fb9d4806e96f006286c2e476deed (patch)
tree3fea9c0940ebc98eb60e1459ed80ae48440d241b /net/wireless/nl80211.c
parentea141b75ae29636b5c9e9d2e2e77b3dd1ab4c934 (diff)
cfg80211: fix rtnl leak in wiphy dump error cases
In two wiphy dump error cases, most often when the dump allocation must be increased, the RTNL is leaked. This quickly results in a complete system lockup. Release the RTNL correctly. Reported-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/wireless/nl80211.c')
-rw-r--r--net/wireless/nl80211.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 398ce2c5968..e4028197b75 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -1541,8 +1541,10 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
netdev = dev_get_by_index(sock_net(skb->sk), ifidx);
- if (!netdev)
+ if (!netdev) {
+ rtnl_unlock();
return -ENODEV;
+ }
if (netdev->ieee80211_ptr) {
dev = wiphy_to_dev(
netdev->ieee80211_ptr->wiphy);
@@ -1586,6 +1588,7 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
!skb->len &&
cb->min_dump_alloc < 4096) {
cb->min_dump_alloc = 4096;
+ rtnl_unlock();
return 1;
}
idx--;