On Thu, 2008-05-08 at 14:30 -0700, Eric W. Biederman wrote:
quoted text > device_rename only performs useful and race free validity
> checking at the optional sysfs level so depending on it
> for all of the validity checking in cfg80211_dev_rename
> is racy.
>=20
> Instead implement all of the needed validity checking
> and locking in cfg80211_dev_rename.
Makes sense, thanks, I didn't really think about it not being compiled
in.
quoted text > Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
quoted text > ---
> net/wireless/core.c | 33 ++++++++++++++++++++++++++++-----
> 1 files changed, 28 insertions(+), 5 deletions(-)
>=20
> diff --git a/net/wireless/core.c b/net/wireless/core.c
> index 80afacd..f1da0b9 100644
> --- a/net/wireless/core.c
> +++ b/net/wireless/core.c
> @@ -143,8 +143,11 @@ void cfg80211_put_dev(struct cfg80211_registered_dev=
ice *drv)
quoted text > int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
> char *newname)
> {
> + struct cfg80211_registered_device *drv;
> int idx, taken =3D -1, result, digits;
> =20
> + mutex_lock(&cfg80211_drv_mutex);
> +
> /* prohibit calling the thing phy%d when %d is not its number */
> sscanf(newname, PHY_NAME "%d%n", &idx, &taken);
> if (taken =3D=3D strlen(newname) && idx !=3D rdev->idx) {
> @@ -156,14 +159,30 @@ int cfg80211_dev_rename(struct cfg80211_registered_=
device *rdev,
quoted text > * deny the name if it is phy<idx> where <idx> is printed
> * without leading zeroes. taken =3D=3D strlen(newname) here
> */
> + result =3D -EINVAL;
> if (taken =3D=3D strlen(PHY_NAME) + digits)
> - return -EINVAL;
> + goto out_unlock;
> + }
> +
> +
> + /* Ignore nop renames */
> + result =3D 0;
> + if (strcmp(newname, dev_name(&rdev->wiphy.dev)) =3D=3D 0)
> + goto out_unlock;
> +
> + /* Ensure another device does not already have this name. */
> + list_for_each_entry(drv, &cfg80211_drv_list, list) {
> + result =3D -EINVAL;
> + if (strcmp(newname, dev_name(&drv->wiphy.dev)) =3D=3D 0)
> + goto out_unlock;
> }
> =20
> - /* this will check for collisions */
> + /* this will only check for collisions in sysfs
> + * which is not even always compiled in.
> + */
> result =3D device_rename(&rdev->wiphy.dev, newname);
> if (result)
> - return result;
> + goto out_unlock;
> =20
> if (!debugfs_rename(rdev->wiphy.debugfsdir->d_parent,
> rdev->wiphy.debugfsdir,
> @@ -172,9 +191,13 @@ int cfg80211_dev_rename(struct cfg80211_registered_d=
evice *rdev,
quoted text > printk(KERN_ERR "cfg80211: failed to rename debugfs dir to %s!\n",
> newname);
> =20
> - nl80211_notify_dev_rename(rdev);
> + result =3D 0;
> +out_unlock:
> + mutex_unlock(&cfg80211_drv_mutex);
> + if (result =3D=3D 0)
> + nl80211_notify_dev_rename(rdev);
> =20
> - return 0;
> + return result;
> }
> =20
> /* exported functions */
